[SLOF] [PATCH v2 07/20] Perform some initial measurements

Fri Nov 20 03:28:11 AEDT 2015

On 11/19/2015 05:14 AM, Thomas Huth wrote:
> On 17/11/15 18:02, Stefan Berger wrote:
>> From: Stefan Berger <stefanb at linux.vnet.ibm.com>
>>
>> This patch puts an 'event' separator into the log that can
>> then be seen in Linux's /sys/kernel/security/tpm0/ascii_bios_measurements.
>> More low-level C functions are added for measuring and logging of disk
>> related data, along with their FORTH-level counterparts. These functions
>> will be called in subsequent patches.
>>
>> Logging follows the specifications found on the following page:
>>
>> http://www.trustedcomputinggroup.org/resources/pc_client_work_group_specific_implementation_specification_for_conventional_bios
>>
>> Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
>> ---
> [...]
>>   \ this CATCH is to ensure the code bellow always executes:  boot may ABORT!
>> diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c
>> index dbc77d7..6dd8077 100644
>> --- a/lib/libtpm/tcgbios.c
>> +++ b/lib/libtpm/tcgbios.c
> [...]
>> +
>> +/*
>> + * Add a measurement to the list of measurements
>> + * pcrindex   : PCR to be extended
>> + * event_type : type of event
>> + * string     : string describing the event; used if event_type is EV_ACTION
>> + */
>> +static uint32_t tpm_add_measurement(uint32_t pcrindex,
>> +				    uint16_t event_type,
>> +				    const char *string)
>> +{
>> +	uint32_t rc;
>> +	uint32_t len;
>> +
>> +	switch (event_type) {
>> +	case EV_SEPARATOR:
>> +		len = sizeof(evt_separator);
>> +		rc = tpm_add_measurement_to_log(pcrindex, event_type,
>> +			NULL, 0,
>> +			(uint8_t *)evt_separator, len);
>> +		break;
>> +
>> +	case EV_ACTION:
>> +		rc = tpm_add_measurement_to_log(pcrindex, event_type,
>> +			string, strlen(string),
>> +			(uint8_t *)string, strlen(string));
>> +		break;
>> +
>> +	default:
>> +		rc = TCGBIOS_INVALID_INPUT_PARA;
>> +	}
>> +
>> +	return rc;
>> +}
>> +
>> +/*
>> + * Add event separators for PCRs 0 to 7
>> + */
>> +uint32_t tpm_add_event_separators(void)
>> +{
>> +	uint32_t rc;
>> +	uint32_t pcrindex = 0;
>> +
>> +	if (!has_working_tpm())
>> +		return TCGBIOS_GENERAL_ERROR;
>> +
>> +	while (pcrindex <= 7) {
> Simply use a for-loop? That would be a little bit easier to read.
> Also what does this magic value "7" mean here?

I'll add a comment here that per a TCG spec. PCRs 0-7 get this event 
separator.

>
>> +		rc = tpm_add_measurement(pcrindex, EV_SEPARATOR, NULL);
>> +		if (rc)
>> +			break;
>> +		pcrindex ++;
>> +	}
>> +
>> +	return rc;
>> +}
>> +
>> +/*
>> + * Add a measurement regarding the boot device (CDRom, Floppy, HDD) to
>> + * the list of measurements.
>> + */
>> +static uint32_t tpm_measure_bootdevice(uint32_t bootcd, uint32_t bootdrv)
>> +{
>> +	const char *string;
>> +
>> +	dprintf("add bootdevice: bootcd = %d, bootdrv = 0x%x\n", bootcd, bootdrv);
>> +
>> +	if (!has_working_tpm())
>> +		return TCGBIOS_GENERAL_ERROR;
>> +
>> +	switch (bootcd) {
>> +	case 0:
>> +		switch (bootdrv) {
>> +		case BCV_DEVICE_FLOPPY:
>> +			string = "Booting BCV device 00h (Floppy)";
>> +			break;
>> +
>> +		case BCV_DEVICE_HDD:
>> +			string = "Booting BCV device 80h (HDD)";
>> +			break;
>> +
>> +		default:
>> +			string = "Booting unknown device";
>> +			break;
>> +		}
>> +		break;
>> +
>> +	default:
>> +		string = "Booting from CD ROM device";
>> +	}
>> +
>> +	return tpm_add_measurement_to_log(4, EV_ACTION,
>> +					  string, strlen(string),
>> +					  (uint8_t *)string, strlen(string));
>> +}
>> +
>> +/*
>> + * Add a measurement to the log. This function creates two log entries
>> + * of the Initial Program Load (IPL).
>> + *
>> + * Input parameter:
>> + *  bootcd : 0: MBR of hdd, 1: boot image, 2: boot catalog of El Torito
>> + *  addr   : address where the IP data are located
>> + *  length : IP data length in bytes
>> + */
>> +uint32_t tpm_measure_ipl(enum ipltype bootcd, const uint8_t *addr,
>> +			 uint32_t length)
>> +{
>> +	uint32_t rc;
>> +	const char *string;
>> +
>> +	dprintf("tpm_ipl: bootcd = %d, addr = %p, length = 0x%x\n",
>> +		bootcd, addr, length);
>> +
>> +	if (!has_working_tpm())
>> +		return TCGBIOS_GENERAL_ERROR;
>> +
>> +	switch (bootcd) {
>> +	case IPL_EL_TORITO_1:
>> +		/* specs: see section 'El Torito' */
>> +		string = "EL TORITO IPL";
>> +		rc = tpm_add_measurement_to_log(4, EV_IPL,
>> +						string, strlen(string),
>> +						addr, length);
>> +	break;
> Again, there is no "El Torito" boot on POWER - so I fail to see why you
> need this code here ?

The code is currently not being called. But booting from CDROM is 
supported for OS installed, isn't it?

     Stefan