[Skiboot] [PATCH 14/15] Switchover to new implementation of PCR Read/Extend and Eventlog
Mauro S. M. Rodrigues
maurosr at linux.vnet.ibm.com
Sat Jan 25 11:15:09 AEDT 2020
The new implementation of PCR_Read, PCR_Extend and Eventlog uses the
recently introduced standard TSS library.
Old TSS implementation will be removed in the following commit.
Signed-off-by: Mauro S. M. Rodrigues <maurosr at linux.vnet.ibm.com>
---
libstb/Makefile.inc | 4 ++--
libstb/drivers/tpm_i2c_nuvoton.c | 9 --------
libstb/tpm_chip.c | 39 ++++++++++++++++----------------
libstb/tpm_chip.h | 22 ++++++++----------
libstb/trustedboot.c | 30 ++++++++++++------------
libstb/trustedboot.h | 21 +++++++++++++++++
libstb/tss2/Makefile.inc | 9 ++++----
7 files changed, 72 insertions(+), 62 deletions(-)
diff --git a/libstb/Makefile.inc b/libstb/Makefile.inc
index 0c1b6c023..68278cd22 100644
--- a/libstb/Makefile.inc
+++ b/libstb/Makefile.inc
@@ -10,14 +10,14 @@ LIBSTB = $(LIBSTB_DIR)/built-in.a
include $(SRC)/$(LIBSTB_DIR)/secvar/Makefile.inc
include $(SRC)/$(LIBSTB_DIR)/drivers/Makefile.inc
-include $(SRC)/$(LIBSTB_DIR)/tss/Makefile.inc
include $(SRC)/$(LIBSTB_DIR)/crypto/Makefile.inc
include $(SRC)/$(LIBSTB_DIR)/tss2/Makefile.inc
CPPFLAGS += -I$(SRC)/$(LIBSTB_DIR)/crypto/mbedtls/include
CPPFLAGS += -I$(SRC)/$(LIBSTB_DIR)/ibmtpm20tss/utils
+CFLAGS += -DTPM_NOSOCKET -DTPM_SKIBOOT
-$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(TSS) $(SECVAR) $(CRYPTO) $(TSS2)
+$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(SECVAR) $(CRYPTO) $(TSS2)
libstb/create-container: libstb/create-container.c libstb/container-utils.c
$(call Q, HOSTCC ,$(HOSTCC) $(HOSTCFLAGS) \
diff --git a/libstb/drivers/tpm_i2c_nuvoton.c b/libstb/drivers/tpm_i2c_nuvoton.c
index 44a61471f..9f703b108 100644
--- a/libstb/drivers/tpm_i2c_nuvoton.c
+++ b/libstb/drivers/tpm_i2c_nuvoton.c
@@ -17,15 +17,6 @@
#define DRIVER_NAME "i2c_tpm_nuvoton"
-/*
- * Timings between various states or transitions within the interface protocol
- * as defined in the TCG PC Client Platform TPM Profile specification, Revision
- * 00.43.
- */
-#define TPM_TIMEOUT_A 750
-#define TPM_TIMEOUT_B 2000
-#define TPM_TIMEOUT_D 30
-
/* I2C interface offsets */
#define TPM_STS 0x00
#define TPM_BURST_COUNT 0x01
diff --git a/libstb/tpm_chip.c b/libstb/tpm_chip.c
index 51ba1be19..da084387a 100644
--- a/libstb/tpm_chip.c
+++ b/libstb/tpm_chip.c
@@ -11,7 +11,7 @@
#include "container.h"
#include "tpm_chip.h"
#include "drivers/tpm_i2c_nuvoton.h"
-#include "tss/trustedbootCmds.H"
+#include <eventlog.h>
/* For debugging only */
//#define STB_DEBUG
@@ -19,15 +19,17 @@
static struct list_head tpm_list = LIST_HEAD_INIT(tpm_list);
#ifdef STB_DEBUG
-static void tpm_print_pcr(struct tpm_chip *tpm, TPM_Pcr pcr, TPM_Alg_Id alg,
- size_t size)
+static void tpm_print_pcr(TPMI_DH_PCR pcr, TPM_ALG_ID alg,
+ size_t size)
{
int rc;
uint8_t digest[TPM_ALG_SHA256_SIZE];
+ TPMI_ALG_HASH hashes[1] = { alg };
+
memset(digest, 0, size);
- rc = tpmCmdPcrRead(tpm, pcr, alg, digest, size);
+ rc = TSS_PCR_Read(pcr, hashes, 1);
if (rc) {
/**
* @fwts-label STBPCRReadFailed
@@ -120,8 +122,8 @@ int tpm_register_chip(struct dt_node *node, struct tpm_dev *dev,
* Initialize the event log manager by walking through the log to identify
* what is the next free position in the log
*/
- rc = TpmLogMgr_initializeUsingExistingLog(&tpm->logmgr,
- (uint8_t*) sml_base, sml_size);
+ rc = load_eventlog(&tpm->logmgr, (int8_t*) sml_base, sml_size);
+
if (rc) {
/**
@@ -198,13 +200,12 @@ static void tpm_disable(struct tpm_chip *tpm)
prlog(PR_NOTICE, "tpm%d disabled\n", tpm->id);
}
-int tpm_extendl(TPM_Pcr pcr,
- TPM_Alg_Id alg1, uint8_t* digest1, size_t size1,
- TPM_Alg_Id alg2, uint8_t* digest2, size_t size2,
- uint32_t event_type, const char* event_msg)
+int tpm_extendl(TPMI_DH_PCR pcr, TPMI_ALG_HASH *hashes, uint8_t hashes_len,
+ const char* digest, uint32_t event_type, const char* event_msg)
+
{
int rc, failed;
- TCG_PCR_EVENT2 event;
+ TCG_PCR_EVENT2 *event = calloc(1, sizeof(TCG_PCR_EVENT2));
struct tpm_chip *tpm = NULL;
failed = 0;
@@ -220,11 +221,13 @@ int tpm_extendl(TPM_Pcr pcr,
list_for_each(&tpm_list, tpm, link) {
if (!tpm->enabled)
continue;
- event = TpmLogMgr_genLogEventPcrExtend(pcr, alg1, digest1, size1,
- alg2, digest2, size2,
- event_type, event_msg);
- /* eventlog recording */
- rc = TpmLogMgr_addEvent(&tpm->logmgr, &event);
+ /* instantiate eventlog */
+ rc = build_event(event, pcr, hashes, hashes_len, digest,
+ event_type, event_msg);
+
+ if (rc == 0)
+ /* eventlog recording */
+ rc = add_to_eventlog(&tpm->logmgr, event);
if (rc) {
/**
* @fwts-label STBAddEventFailed
@@ -254,9 +257,7 @@ int tpm_extendl(TPM_Pcr pcr,
tpm_print_pcr(tpm, pcr, alg2, size2);
#endif
/* extend the pcr number in both sha1 and sha256 banks*/
- rc = tpmCmdPcrExtend2Hash(tpm, pcr,
- alg1, digest1, size1,
- alg2, digest2, size2);
+ rc = TSS_PCR_Extend(pcr, hashes, hashes_len, digest);
if (rc) {
/**
* @fwts-label STBPCRExtendFailed
diff --git a/libstb/tpm_chip.h b/libstb/tpm_chip.h
index 4c237e8a8..9d2ccfc33 100644
--- a/libstb/tpm_chip.h
+++ b/libstb/tpm_chip.h
@@ -6,8 +6,10 @@
#include <device.h>
-#include "tss/tpmLogMgr.H"
-#include "tss/trustedTypes.H"
+#include "tss2/eventlog.h"
+#include <eventlib.h>
+#include "tss2/tssskiboot.h"
+
#include <tpm2.h>
struct tpm_chip {
@@ -52,21 +54,17 @@ extern int tpm_register_chip(struct dt_node *node, struct tpm_dev *dev,
*
* @pcr: PCR number to be extended and recorded in the event log. The same PCR
* number is extende for both sha1 and sha256 banks.
- * @alg1: SHA algorithm of digest1. Either TPM_ALG_SHA1 or TPM_ALG_SHA256
- * @digest1: digest1 buffer
- * @size1: size of digest1. Either TPM_ALG_SHA1_SIZE or TPM_ALG_SHA256_SIZE
- * @alg2: SHA algorithm of digest2. Either TPM_ALG_SHA1 or TPM_ALG_SHA256
- * @digest2: digest2 buffer
- * @size2: size of digest2. Either TPM_ALG_SHA1_SIZE or TPM_ALG_SHA256_SIZE
+ * @hashes: vector containing the target hash banks, usually sha1 and sha256.
+ * @hashes_len: size of hashes vector, usually 2, as we usually use sha1 and
+ * sha256.
+ * @digest: digest buffer
* @event_type: event type log. In skiboot, either EV_ACTION or EV_SEPARATOR.
* @event_msg: event log message that describes the event
*
* Returns O for success or a negative number if it fails.
*/
-extern int tpm_extendl(TPM_Pcr pcr,
- TPM_Alg_Id alg1, uint8_t* digest1, size_t size1,
- TPM_Alg_Id alg2, uint8_t* digest2, size_t size2,
- uint32_t event_type, const char* event_msg);
+int tpm_extendl(TPMI_DH_PCR pcr, TPMI_ALG_HASH *hashes, uint8_t hashes_len,
+ const char* digest, uint32_t event_type, const char* event_msg);
/* Add status property to the TPM devices */
extern void tpm_add_status_property(void);
diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c
index 3f977de10..ac1758a99 100644
--- a/libstb/trustedboot.c
+++ b/libstb/trustedboot.c
@@ -12,7 +12,7 @@
#include "secureboot.h"
#include "trustedboot.h"
#include "tpm_chip.h"
-#include "tss/trustedTypes.H"
+#include "ibmtss/TPM_Types.h"
/* For debugging only */
//#define STB_DEBUG
@@ -39,7 +39,7 @@ static bool boot_services_exited = false;
*/
static struct {
enum resource_id id;
- TPM_Pcr pcr;
+ TPMI_DH_PCR pcr;
} resources[] = {
{ RESOURCE_ID_IMA_CATALOG, PCR_4},
{ RESOURCE_ID_KERNEL, PCR_4},
@@ -123,6 +123,7 @@ int trustedboot_exit_boot_services(void)
uint32_t pcr;
int rc = 0;
bool failed = false;
+ TPMI_ALG_HASH hashes[2] = {TPM_ALG_SHA256, TPM_ALG_SHA1};
boot_services_exited = true;
@@ -132,21 +133,19 @@ int trustedboot_exit_boot_services(void)
#ifdef STB_DEBUG
prlog(PR_NOTICE, "ev_separator.event: %s\n", ev_separator.event);
prlog(PR_NOTICE, "ev_separator.sha1:\n");
- stb_print_data((uint8_t*) ev_separator.sha1, TPM_ALG_SHA1_SIZE);
+ stb_print_data((uint8_t*) ev_separator.sha1, SHA1_DIGEST_SIZE);
prlog(PR_NOTICE, "ev_separator.sha256:\n");
- stb_print_data((uint8_t*) ev_separator.sha256, TPM_ALG_SHA256_SIZE);
+ stb_print_data((uint8_t*) ev_separator.sha256, SHA256_DIGEST_SIZE);
+
#endif
/*
* Extend the digest of 0xFFFFFFFF to PCR[0-7] and record it as
* EV_SEPARATOR
*/
for (pcr = 0; pcr < 8; pcr++) {
- rc = tpm_extendl(pcr, TPM_ALG_SHA256,
- (uint8_t*) ev_separator.sha256,
- TPM_ALG_SHA256_SIZE, TPM_ALG_SHA1,
- (uint8_t*) ev_separator.sha1,
- TPM_ALG_SHA1_SIZE, EV_SEPARATOR,
- ev_separator.event);
+ rc = tpm_extendl(pcr, hashes, 2, (uint8_t*) ev_separator.sha256,
+ EV_SEPARATOR, ev_separator.event);
+
if (rc)
failed = true;
}
@@ -164,8 +163,9 @@ int trustedboot_measure(enum resource_id id, void *buf, size_t len)
void *buf_aux;
size_t len_aux;
const char *name;
- TPM_Pcr pcr;
+ TPMI_DH_PCR pcr;
int rc = -1;
+ TPMI_ALG_HASH hashes[2] = {TPM_ALG_SHA256, TPM_ALG_SHA1};
if (!trusted_mode)
return 1;
@@ -239,15 +239,13 @@ int trustedboot_measure(enum resource_id id, void *buf, size_t len)
}
#ifdef STB_DEBUG
- stb_print_data(digest, TPM_ALG_SHA256_SIZE);
+ stb_print_data(digest, SHA256_DIGEST_SIZE);
+
#endif
/*
* Extend the given PCR number in both sha256 and sha1 banks with the
* sha512 hash calculated. The hash is truncated accordingly to fit the
* PCR.
*/
- return tpm_extendl(pcr,
- TPM_ALG_SHA256, digest, TPM_ALG_SHA256_SIZE,
- TPM_ALG_SHA1, digest, TPM_ALG_SHA1_SIZE,
- EV_COMPACT_HASH, name);
+ return tpm_extendl(pcr, hashes, 2, digest, EV_ACTION, name);
}
diff --git a/libstb/trustedboot.h b/libstb/trustedboot.h
index 17478c153..d5df856e9 100644
--- a/libstb/trustedboot.h
+++ b/libstb/trustedboot.h
@@ -6,6 +6,27 @@
#include <platform.h>
+typedef enum {
+ PCR_0 = 0,
+ PCR_1 = 1,
+ PCR_2 = 2,
+ PCR_3 = 3,
+ PCR_4 = 4,
+ PCR_5 = 5,
+ PCR_6 = 6,
+ PCR_7 = 7,
+ PCR_DEBUG = 16,
+ PCR_DRTM_17 = 17,
+ PCR_DRTM_18 = 18,
+ PCR_DRTM_19 = 19,
+ PCR_DRTM_20 = 20,
+ PCR_DRTM_21 = 21,
+ PCR_DRTM_22 = 22,
+ PLATFORM_PCR = 24, ///< The number of PCR required by the platform spec
+ IMPLEMENTATION_PCR = 24, ///< The number of PCRs implemented by TPM
+} TPM_Pcr;
+
+
void trustedboot_init(void);
/**
diff --git a/libstb/tss2/Makefile.inc b/libstb/tss2/Makefile.inc
index d85433d9c..1e8608ba5 100644
--- a/libstb/tss2/Makefile.inc
+++ b/libstb/tss2/Makefile.inc
@@ -9,14 +9,15 @@ CPPFLAGS += -I$(SRC)/$(TSS2_DIR)
CPPFLAGS += -I$(SRC)/$(IBMTSS_DIR)
TSS2LIB_SRCS = tss.c tss20.c tssauth.c tssauth20.c tssccattributes.c
-#TSS2LIB_SRCS += tsscryptoh.c
+TSS2LIB_SRCS += tsscryptoh.c
TSS2LIB_SRCS += tssmarshal.c tssprint.c tssprintcmd.c tssproperties.c
TSS2LIB_SRCS += tssresponsecode.c tsstransmit.c tssutils.c tssntc.c
TSS2LIB_SRCS += Commands.c CommandAttributeData.c Unmarshal.c
-TSS2LIB_SRCS += tssdevskiboot.c
+TSS2LIB_SRCS += tssdevskiboot.c eventlib.c
-TSS2_SRCS = $(addprefix ibmtpm20tss/utils/,$(TSS2LIB_SRCS)) tpm2.c
-TSS2_SRCS += tpm2.c tssskiboot.c
+
+TSS2_SRCS = $(addprefix ibmtpm20tss/utils/,$(TSS2LIB_SRCS)) tssskiboot.c tpm2.c
+TSS2_SRCS += tssskiboot.c tpm2.c eventlog.c tsscryptombed.c
#tsscryptombed.c tsscryptouv.c tssdevuv.c tssuv.c
#tssskiboot.c eventlog.c eventlib.c tpm_nv.c opalcreate.c
--
2.24.1
More information about the Skiboot
mailing list