[SLOF] [PATCH 2/3] tcgbios: Implement tpm_hash_log_extend_event_file

Alexey Kardashevskiy aik at ozlabs.ru
Wed Apr 1 15:31:50 AEDT 2020 


On 27/03/2020 07:20, Stefan Berger wrote:
> From: Stefan Berger <stefanb at linux.ibm.com>
> 
> Implement tpm_hash_log_extend_event_file() that allows to measure
> the contents of a file into a given PCR and log it with the
> given event type and description. The caller may choose to have
> the size of the original ELF image detected so that only data
> from the ELF image are hashed.
> 
> Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
> ---
>  lib/libtpm/tcgbios.c | 35 +++++++++++++++++++++++++++++++++++
>  lib/libtpm/tcgbios.h |  4 ++++
>  lib/libtpm/tpm.code  | 19 +++++++++++++++++++
>  lib/libtpm/tpm.in    |  1 +
>  4 files changed, 59 insertions(+)
> 
> diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c
> index be6c3d1..fa2ab2b 100644
> --- a/lib/libtpm/tcgbios.c
> +++ b/lib/libtpm/tcgbios.c
> @@ -33,6 +33,7 @@
>  #include "helpers.h"
>  #include "version.h"
>  #include "OF.h"
> +#include "libelf.h"
>  
>  #undef TCGBIOS_DEBUG
>  //#define TCGBIOS_DEBUG
> @@ -852,6 +853,40 @@ static uint32_t tpm_add_measurement_to_log(uint32_t pcrindex,
>  	return tpm_log_event_long(&le.hdr, digest_len, info, infolen);
>  }
>  
> +/*
> + * Measure a file into the given PCR and log it with the given
> + * eventtype. If is_elf is true, try to determine the size of the
> + * ELF file and use its size rather than the much larger data buffer
> + * it is held in. In case of failure to detect the ELF file size,
> + * log an additional error.
> + */
> +uint32_t tpm_hash_log_extend_event_file(uint32_t pcrindex, uint32_t eventtype,
> +					const void *data, uint32_t datalen,
> +					const char *desc, uint32_t desclen,
> +					bool is_elf)


This @is_elf flag does not seem useful, it is always "true".


> +{
> +	long len;
> +	const char *string;
> +	uint32_t ret;
> +
> +	if (is_elf) {
> +		len = elf_get_file_size(data, datalen);
> +		if (len > 0) {
> +			datalen = len;
> +		} else {
> +			string = "BAD ELF FILE";
> +			ret = tpm_add_measurement_to_log(pcrindex, eventtype,
> +					  string, strlen(string),
> +					  (uint8_t *)string, strlen(string));
> +			if (ret)
> +				return ret;


You logged "BAD ELF FILE" here and you still want to add measurement below?


> +		}
> +	}
> +	return tpm_add_measurement_to_log(pcrindex, eventtype,
> +					  desc, desclen,
> +					  data, datalen);
> +}
> +
>  /*
>   * Add an EV_ACTION measurement to the list of measurements
>   */
> diff --git a/lib/libtpm/tcgbios.h b/lib/libtpm/tcgbios.h
> index 8174d86..1ef72e9 100644
> --- a/lib/libtpm/tcgbios.h
> +++ b/lib/libtpm/tcgbios.h
> @@ -32,5 +32,9 @@ void tpm20_menu(void);
>  void tpm_gpt_set_lba1(const uint8_t *addr, uint32_t length);
>  void tpm_gpt_add_entry(const uint8_t *addr, uint32_t length);
>  uint32_t tpm_measure_gpt(void);
> +uint32_t tpm_hash_log_extend_event_file(uint32_t pcrindex, uint32_t eventtype,
> +					const void *data, uint32_t datalen,
> +					const char *desc, uint32_t desclen,
> +					bool is_elf);


This one and tpm-hash-log-extend-event-file return a code which nobody
looks at.

>  
>  #endif /* TCGBIOS_H */
> diff --git a/lib/libtpm/tpm.code b/lib/libtpm/tpm.code
> index 205c608..598280d 100644
> --- a/lib/libtpm/tpm.code
> +++ b/lib/libtpm/tpm.code
> @@ -169,3 +169,22 @@ PRIM(tpm_X2d_measure_X2d_gpt)
>  	PUSH;
>  	TOS.n = tpm_measure_gpt();
>  MIRP
> +
> +/*****************************************************************************************************/
> +/* Firmware API                                                                                      */
> +/* SLOF:   tpm-hash-log-extend-event-raw ( pcr evt data-ptr data-len desc-ptr desclen is_elf -- rc ) */


it is tpm-hash-log-extend-event-file now, not ...-raw. Thanks,


> +/* LIBTPM: errcode = tpm-hash-log-extend-event-raw                                                   */
> +/*****************************************************************************************************/
> +PRIM(tpm_X2d_hash_X2d_log_X2d_extend_X2d_event_X2d_file)
> +	uint32_t is_elf  = TOS.u; POP;
> +	uint32_t desclen = TOS.u; POP;
> +	const char *desc = TOS.a; POP;
> +	uint32_t datalen = TOS.u; POP;
> +	const void *data = TOS.a; POP;
> +	uint32_t eventtype = TOS.u; POP;
> +	uint32_t pcrindex = TOS.u;
> +
> +	TOS.n = tpm_hash_log_extend_event_file(pcrindex, eventtype,
> +					       data, datalen,
> +					       desc, desclen, is_elf);
> +MIRP
> diff --git a/lib/libtpm/tpm.in b/lib/libtpm/tpm.in
> index bdbc47d..db8bea0 100644
> --- a/lib/libtpm/tpm.in
> +++ b/lib/libtpm/tpm.in
> @@ -28,3 +28,4 @@ cod(tpm20-menu)
>  cod(tpm-gpt-set-lba1)
>  cod(tpm-gpt-add-entry)
>  cod(tpm-measure-gpt)
> +cod(tpm-hash-log-extend-event-file)
> 

-- 
Alexey

More information about the SLOF mailing list