[Skiboot] [PATCH 14/15] Switchover to new implementation of PCR Read/Extend and Eventlog

Mauro S. M. Rodrigues maurosr at linux.vnet.ibm.com
Sat Jan 25 11:15:09 AEDT 2020


The new implementation of PCR_Read, PCR_Extend and Eventlog uses the
recently introduced standard TSS library.
Old TSS implementation will be removed in the following commit.

Signed-off-by: Mauro S. M. Rodrigues <maurosr at linux.vnet.ibm.com>
---
 libstb/Makefile.inc              |  4 ++--
 libstb/drivers/tpm_i2c_nuvoton.c |  9 --------
 libstb/tpm_chip.c                | 39 ++++++++++++++++----------------
 libstb/tpm_chip.h                | 22 ++++++++----------
 libstb/trustedboot.c             | 30 ++++++++++++------------
 libstb/trustedboot.h             | 21 +++++++++++++++++
 libstb/tss2/Makefile.inc         |  9 ++++----
 7 files changed, 72 insertions(+), 62 deletions(-)

diff --git a/libstb/Makefile.inc b/libstb/Makefile.inc
index 0c1b6c023..68278cd22 100644
--- a/libstb/Makefile.inc
+++ b/libstb/Makefile.inc
@@ -10,14 +10,14 @@ LIBSTB = $(LIBSTB_DIR)/built-in.a
 
 include $(SRC)/$(LIBSTB_DIR)/secvar/Makefile.inc
 include $(SRC)/$(LIBSTB_DIR)/drivers/Makefile.inc
-include $(SRC)/$(LIBSTB_DIR)/tss/Makefile.inc
 include $(SRC)/$(LIBSTB_DIR)/crypto/Makefile.inc
 include $(SRC)/$(LIBSTB_DIR)/tss2/Makefile.inc
 
 CPPFLAGS += -I$(SRC)/$(LIBSTB_DIR)/crypto/mbedtls/include
 CPPFLAGS += -I$(SRC)/$(LIBSTB_DIR)/ibmtpm20tss/utils
+CFLAGS += -DTPM_NOSOCKET -DTPM_SKIBOOT
 
-$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(TSS) $(SECVAR) $(CRYPTO) $(TSS2)
+$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(SECVAR) $(CRYPTO) $(TSS2)
 
 libstb/create-container: libstb/create-container.c libstb/container-utils.c
 	$(call Q, HOSTCC ,$(HOSTCC) $(HOSTCFLAGS) \
diff --git a/libstb/drivers/tpm_i2c_nuvoton.c b/libstb/drivers/tpm_i2c_nuvoton.c
index 44a61471f..9f703b108 100644
--- a/libstb/drivers/tpm_i2c_nuvoton.c
+++ b/libstb/drivers/tpm_i2c_nuvoton.c
@@ -17,15 +17,6 @@
 
 #define DRIVER_NAME "i2c_tpm_nuvoton"
 
-/*
- * Timings between various states or transitions within the interface protocol
- * as defined in the TCG PC Client Platform TPM Profile specification, Revision
- * 00.43.
- */
-#define TPM_TIMEOUT_A	750
-#define TPM_TIMEOUT_B	2000
-#define TPM_TIMEOUT_D	30
-
 /* I2C interface offsets */
 #define TPM_STS			0x00
 #define TPM_BURST_COUNT		0x01
diff --git a/libstb/tpm_chip.c b/libstb/tpm_chip.c
index 51ba1be19..da084387a 100644
--- a/libstb/tpm_chip.c
+++ b/libstb/tpm_chip.c
@@ -11,7 +11,7 @@
 #include "container.h"
 #include "tpm_chip.h"
 #include "drivers/tpm_i2c_nuvoton.h"
-#include "tss/trustedbootCmds.H"
+#include <eventlog.h>
 
 /* For debugging only */
 //#define STB_DEBUG
@@ -19,15 +19,17 @@
 static struct list_head tpm_list = LIST_HEAD_INIT(tpm_list);
 
 #ifdef STB_DEBUG
-static void tpm_print_pcr(struct tpm_chip *tpm, TPM_Pcr pcr, TPM_Alg_Id alg,
-			  size_t size)
+static void tpm_print_pcr(TPMI_DH_PCR pcr, TPM_ALG_ID alg,
+ 			  size_t size)
 {
 	int rc;
 	uint8_t digest[TPM_ALG_SHA256_SIZE];
+	TPMI_ALG_HASH hashes[1] = { alg };
+
 
 	memset(digest, 0, size);
 
-	rc = tpmCmdPcrRead(tpm, pcr, alg, digest, size);
+	rc = TSS_PCR_Read(pcr, hashes, 1);
 	if (rc) {
 		/**
 		 * @fwts-label STBPCRReadFailed
@@ -120,8 +122,8 @@ int tpm_register_chip(struct dt_node *node, struct tpm_dev *dev,
 	 * Initialize the event log manager by walking through the log to identify
 	 * what is the next free position in the log
 	 */
-	rc = TpmLogMgr_initializeUsingExistingLog(&tpm->logmgr,
-					 (uint8_t*) sml_base, sml_size);
+	rc = load_eventlog(&tpm->logmgr, (int8_t*) sml_base, sml_size);
+
 
 	if (rc) {
 		/**
@@ -198,13 +200,12 @@ static void tpm_disable(struct tpm_chip *tpm)
 	prlog(PR_NOTICE, "tpm%d disabled\n", tpm->id);
 }
 
-int tpm_extendl(TPM_Pcr pcr,
-		TPM_Alg_Id alg1, uint8_t* digest1, size_t size1,
-		TPM_Alg_Id alg2, uint8_t* digest2, size_t size2,
-		uint32_t event_type, const char* event_msg)
+int tpm_extendl(TPMI_DH_PCR pcr, TPMI_ALG_HASH *hashes, uint8_t hashes_len,
+		const char* digest, uint32_t event_type, const char* event_msg)
+
 {
 	int rc, failed;
-	TCG_PCR_EVENT2 event;
+	TCG_PCR_EVENT2 *event = calloc(1, sizeof(TCG_PCR_EVENT2));
 	struct tpm_chip *tpm = NULL;
 
 	failed = 0;
@@ -220,11 +221,13 @@ int tpm_extendl(TPM_Pcr pcr,
 	list_for_each(&tpm_list, tpm, link) {
 		if (!tpm->enabled)
 			continue;
-		event = TpmLogMgr_genLogEventPcrExtend(pcr, alg1, digest1, size1,
-						       alg2, digest2, size2,
-						       event_type, event_msg);
-		/* eventlog recording */
-		rc = TpmLogMgr_addEvent(&tpm->logmgr, &event);
+		/* instantiate eventlog */
+		rc = build_event(event, pcr, hashes, hashes_len, digest,
+				       event_type, event_msg);
+
+		if (rc == 0)
+			/* eventlog recording */
+			rc = add_to_eventlog(&tpm->logmgr, event);
 		if (rc) {
 			/**
 			 * @fwts-label STBAddEventFailed
@@ -254,9 +257,7 @@ int tpm_extendl(TPM_Pcr pcr,
 		tpm_print_pcr(tpm, pcr, alg2, size2);
 #endif
 		/* extend the pcr number in both sha1 and sha256 banks*/
-		rc = tpmCmdPcrExtend2Hash(tpm, pcr,
-					  alg1, digest1, size1,
-					  alg2, digest2, size2);
+		rc = TSS_PCR_Extend(pcr, hashes, hashes_len, digest);
 		if (rc) {
 			/**
 			 * @fwts-label STBPCRExtendFailed
diff --git a/libstb/tpm_chip.h b/libstb/tpm_chip.h
index 4c237e8a8..9d2ccfc33 100644
--- a/libstb/tpm_chip.h
+++ b/libstb/tpm_chip.h
@@ -6,8 +6,10 @@
 
 #include <device.h>
 
-#include "tss/tpmLogMgr.H"
-#include "tss/trustedTypes.H"
+#include "tss2/eventlog.h"
+#include <eventlib.h>
+#include "tss2/tssskiboot.h"
+
 #include <tpm2.h>
 
 struct tpm_chip {
@@ -52,21 +54,17 @@ extern int tpm_register_chip(struct dt_node *node, struct tpm_dev *dev,
  *
  * @pcr: PCR number to be extended and recorded in the event log. The same PCR
  * number is extende for both sha1 and sha256 banks.
- * @alg1: SHA algorithm of digest1. Either TPM_ALG_SHA1 or TPM_ALG_SHA256
- * @digest1: digest1 buffer
- * @size1: size of digest1. Either TPM_ALG_SHA1_SIZE or TPM_ALG_SHA256_SIZE
- * @alg2: SHA algorithm of digest2. Either TPM_ALG_SHA1 or TPM_ALG_SHA256
- * @digest2: digest2 buffer
- * @size2: size of digest2. Either TPM_ALG_SHA1_SIZE or TPM_ALG_SHA256_SIZE
+ * @hashes: vector containing the target hash banks, usually sha1 and sha256.
+ * @hashes_len: size of hashes vector, usually 2, as we usually use sha1 and
+ * sha256.
+ * @digest: digest buffer
  * @event_type: event type log. In skiboot, either EV_ACTION or EV_SEPARATOR.
  * @event_msg: event log message that describes the event
  *
  * Returns O for success or a negative number if it fails.
  */
-extern int tpm_extendl(TPM_Pcr pcr,
-		       TPM_Alg_Id alg1, uint8_t* digest1, size_t size1,
-		       TPM_Alg_Id alg2, uint8_t* digest2, size_t size2,
-		       uint32_t event_type, const char* event_msg);
+int tpm_extendl(TPMI_DH_PCR pcr, TPMI_ALG_HASH *hashes, uint8_t hashes_len,
+		const char* digest, uint32_t event_type, const char* event_msg);
 
 /* Add status property to the TPM devices */
 extern void tpm_add_status_property(void);
diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c
index 3f977de10..ac1758a99 100644
--- a/libstb/trustedboot.c
+++ b/libstb/trustedboot.c
@@ -12,7 +12,7 @@
 #include "secureboot.h"
 #include "trustedboot.h"
 #include "tpm_chip.h"
-#include "tss/trustedTypes.H"
+#include "ibmtss/TPM_Types.h"
 
 /* For debugging only */
 //#define STB_DEBUG
@@ -39,7 +39,7 @@ static bool boot_services_exited = false;
  */
 static struct {
 	enum resource_id id;
-	TPM_Pcr pcr;
+	TPMI_DH_PCR pcr;
 } resources[] = {
 	{ RESOURCE_ID_IMA_CATALOG,	PCR_4},
 	{ RESOURCE_ID_KERNEL,		PCR_4},
@@ -123,6 +123,7 @@ int trustedboot_exit_boot_services(void)
 	uint32_t pcr;
 	int rc = 0;
 	bool failed = false;
+	TPMI_ALG_HASH hashes[2] = {TPM_ALG_SHA256, TPM_ALG_SHA1};
 
 	boot_services_exited = true;
 
@@ -132,21 +133,19 @@ int trustedboot_exit_boot_services(void)
 #ifdef STB_DEBUG
 	prlog(PR_NOTICE, "ev_separator.event: %s\n", ev_separator.event);
 	prlog(PR_NOTICE, "ev_separator.sha1:\n");
-	stb_print_data((uint8_t*) ev_separator.sha1, TPM_ALG_SHA1_SIZE);
+	stb_print_data((uint8_t*) ev_separator.sha1, SHA1_DIGEST_SIZE);
 	prlog(PR_NOTICE, "ev_separator.sha256:\n");
-	stb_print_data((uint8_t*) ev_separator.sha256, TPM_ALG_SHA256_SIZE);
+	stb_print_data((uint8_t*) ev_separator.sha256, SHA256_DIGEST_SIZE);
+
 #endif
 	/*
 	 * Extend the digest of 0xFFFFFFFF to PCR[0-7] and record it as
 	 * EV_SEPARATOR
 	 */
 	for (pcr = 0; pcr < 8; pcr++) {
-		rc = tpm_extendl(pcr, TPM_ALG_SHA256,
-				(uint8_t*) ev_separator.sha256,
-				TPM_ALG_SHA256_SIZE, TPM_ALG_SHA1,
-				(uint8_t*) ev_separator.sha1,
-				TPM_ALG_SHA1_SIZE, EV_SEPARATOR,
-				ev_separator.event);
+		rc = tpm_extendl(pcr, hashes, 2, (uint8_t*) ev_separator.sha256,
+				 EV_SEPARATOR, ev_separator.event);
+
 		if (rc)
 			failed = true;
 	}
@@ -164,8 +163,9 @@ int trustedboot_measure(enum resource_id id, void *buf, size_t len)
 	void *buf_aux;
 	size_t len_aux;
 	const char *name;
-	TPM_Pcr pcr;
+	TPMI_DH_PCR pcr;
 	int rc = -1;
+	TPMI_ALG_HASH hashes[2] = {TPM_ALG_SHA256, TPM_ALG_SHA1};
 
 	if (!trusted_mode)
 		return 1;
@@ -239,15 +239,13 @@ int trustedboot_measure(enum resource_id id, void *buf, size_t len)
 	}
 
 #ifdef STB_DEBUG
-	stb_print_data(digest, TPM_ALG_SHA256_SIZE);
+	stb_print_data(digest, SHA256_DIGEST_SIZE);
+
 #endif
 	/*
 	 * Extend the given PCR number in both sha256 and sha1 banks with the
 	 * sha512 hash calculated. The hash is truncated accordingly to fit the
 	 * PCR.
 	 */
-	return tpm_extendl(pcr,
-			   TPM_ALG_SHA256, digest, TPM_ALG_SHA256_SIZE,
-			   TPM_ALG_SHA1,   digest, TPM_ALG_SHA1_SIZE,
-			   EV_COMPACT_HASH, name);
+	return tpm_extendl(pcr, hashes, 2, digest, EV_ACTION, name);
 }
diff --git a/libstb/trustedboot.h b/libstb/trustedboot.h
index 17478c153..d5df856e9 100644
--- a/libstb/trustedboot.h
+++ b/libstb/trustedboot.h
@@ -6,6 +6,27 @@
 
 #include <platform.h>
 
+typedef enum {
+    PCR_0 = 0,
+    PCR_1 = 1,
+    PCR_2 = 2,
+    PCR_3 = 3,
+    PCR_4 = 4,
+    PCR_5 = 5,
+    PCR_6 = 6,
+    PCR_7 = 7,
+        PCR_DEBUG = 16,
+        PCR_DRTM_17 = 17,
+        PCR_DRTM_18 = 18,
+        PCR_DRTM_19 = 19,
+        PCR_DRTM_20 = 20,
+        PCR_DRTM_21 = 21,
+        PCR_DRTM_22 = 22,
+        PLATFORM_PCR = 24, ///< The number of PCR required by the platform spec
+        IMPLEMENTATION_PCR = 24, ///< The number of PCRs implemented by TPM
+} TPM_Pcr;
+
+
 void trustedboot_init(void);
 
 /**
diff --git a/libstb/tss2/Makefile.inc b/libstb/tss2/Makefile.inc
index d85433d9c..1e8608ba5 100644
--- a/libstb/tss2/Makefile.inc
+++ b/libstb/tss2/Makefile.inc
@@ -9,14 +9,15 @@ CPPFLAGS += -I$(SRC)/$(TSS2_DIR)
 CPPFLAGS += -I$(SRC)/$(IBMTSS_DIR)
 
 TSS2LIB_SRCS = tss.c tss20.c tssauth.c tssauth20.c tssccattributes.c
-#TSS2LIB_SRCS += tsscryptoh.c
+TSS2LIB_SRCS += tsscryptoh.c
 TSS2LIB_SRCS += tssmarshal.c tssprint.c tssprintcmd.c tssproperties.c
 TSS2LIB_SRCS += tssresponsecode.c tsstransmit.c tssutils.c tssntc.c
 TSS2LIB_SRCS += Commands.c CommandAttributeData.c Unmarshal.c
-TSS2LIB_SRCS += tssdevskiboot.c
+TSS2LIB_SRCS += tssdevskiboot.c eventlib.c
 
-TSS2_SRCS = $(addprefix ibmtpm20tss/utils/,$(TSS2LIB_SRCS)) tpm2.c
-TSS2_SRCS += tpm2.c tssskiboot.c
+
+TSS2_SRCS = $(addprefix ibmtpm20tss/utils/,$(TSS2LIB_SRCS)) tssskiboot.c tpm2.c
+TSS2_SRCS += tssskiboot.c tpm2.c eventlog.c   tsscryptombed.c
 
 #tsscryptombed.c tsscryptouv.c tssdevuv.c tssuv.c
 #tssskiboot.c eventlog.c eventlib.c tpm_nv.c opalcreate.c
-- 
2.24.1



More information about the Skiboot mailing list