From patchwork Fri Mar 8 08:57:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 778939 Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 573AF5103F for ; Fri, 8 Mar 2024 08:58:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709888296; cv=none; b=a0CY9VcZQOqRuD3Jc1w5Tl67Rd7cJpEa/a329vl+iSZ4lcTR2cbWxr3de5M9rcd91LJ0ZPT+5+5ZJTUuF7prgZLnLyvTy7Sgb7hi7/uS0mI8dF919WOTn1HtzIiR4NrilsDigmeZxk9I4YILzFn9NgXEifImO1als8RJM7gXtu0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709888296; c=relaxed/simple; bh=b8ivDDjtF1p3LyYlCNRZWGf35Ky0K7fkV+0dsPl5AJc=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Q0POf6aef/QI118I3WJWh0D5eeYxaQ/booTcIpeS/XXzjRqbGDSdK8xaNW/RyzU3c9Kx8GOTAnFQ9313OGyN0XxORjfGEXxaD6rXw4G8BtybJIOojx48BH7luq7lZMbVUvSluWaNV52U1fRLcB8MwgeRLzcD6GtVpngqWq+IL7M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=IJS8NfJQ; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="IJS8NfJQ" Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-dc743cc50a6so2774280276.2 for ; Fri, 08 Mar 2024 00:58:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709888294; x=1710493094; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=A6z+zN9ImE4xwUb7/dRfou4mLormWnKZkZKNlSdeP+c=; b=IJS8NfJQI6WIdGxFqClvd9wGW2nN041H5pvaCT9Z66mgAdIP87Dai2ZG6hmmhydQv9 aO5GDX3eXjsnUzWhCd9snBFaYrfcl7RSDYCabdeXWyv9lWt/z14r4enuww7bVkVExI5A 4P9yDR8VfSpg8it/fo+Em5QX2mCFDi77TCrazterMhrXu/vHtkemI5QOZCRqOUTApVxe q8NXmojMtrha137YHLnMWcEPEIDUrZJAIF6ZtLulApThIiXdCZLfGAD6CQBxNn3yK2Ph qnSF/SeCtxiBmAqAcbSzOj5gOGw7PeA7Gpe6GnVPsyHqJHJgKQ1GtTyihHxugZt/WEVO 1deA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709888294; x=1710493094; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=A6z+zN9ImE4xwUb7/dRfou4mLormWnKZkZKNlSdeP+c=; b=HTGj32q9aEOgqVUJz3E3d5IYmaixn06nRqiZW0QRiO6rqaHvW3Ft8Atm1F5XVwaNIU g/6FiqJAtEh8cJMnXVITme5ft2EsxeQPfzUdAq9yT0OO/w5QnaZ69JmsztaHFJDEr0KP xHzLLl9Iqu8X4NuV9lTstLLXTpHEJ55LW+i3gqgZwzhBnvwA3axJX0UprTbY9PLxWOkH KFPU15AUcQnMwkJ9teI59PY1GhaPitJ6HL6DC+0UN7w/uBZwhnoH9IU/fLoJXglDnune So+nFAZzvSDA1J6uGUDnu7KJFs9u0m6vvFNJl66OUG730f0M5a6BtQWtfERC1ISogUgi PIIg== X-Gm-Message-State: AOJu0YwINhC+7QggkSdoySx+AVL6o8G8X1XneYZgXjBQgRCZdqcrQKxR rCq9kRL0vLDSProMDcEDY7p+JZPLnyS9xMZRvcNnS4LNS/+E4WW46f7rKe5DzULknqvBndXr1Iu m7C+boUJ3GwF/mvq/3R/5TD/q0fNBSDMn43GJ6G50AV4h2zeNM1kMuXYg9iH87G4DNTVcrCz4sL yLx91PBh42OsYjmRn8QIdtFeal5g== X-Google-Smtp-Source: AGHT+IH9WUFgRCwJEh32egOuauvZKhSy6ydz1UiCGIJYMPsHZHSZu6AjcwL8wxdFzKtlMNFWc7Rh69E9 X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a05:6902:1081:b0:dcc:41ad:fb3b with SMTP id v1-20020a056902108100b00dcc41adfb3bmr824921ybu.10.1709888294125; Fri, 08 Mar 2024 00:58:14 -0800 (PST) Date: Fri, 8 Mar 2024 09:57:56 +0100 In-Reply-To: <20240308085754.476197-7-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240308085754.476197-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=3906; i=ardb@kernel.org; h=from:subject; bh=2xlGpPZ2KXRAhQWGXtcuPOB2hLa2jwtfBLys2womY6Q=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIfXVZeFiecFl0TG+VxhKDAqKyy1mCE88YsHy5OzPrst8O 17+2PWoo5SFQYyDQVZMkUVg9t93O09PlKp1niULM4eVCWQIAxenAEwkdxrDXynftCPvhY7f7f7k knfr5QyNdXuTXJqn6u2tmSu8SX7ra25GhvM85458MXOtL+rR4imS4C0tDmjWnHn4ZERNxuyjf/Z MZAMA X-Mailer: git-send-email 2.44.0.278.ge034bb2e1d-goog Message-ID: <20240308085754.476197-8-ardb+git@google.com> Subject: [PATCH v3 1/5] efi/libstub: Use correct event size when measuring data into the TPM From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: Ard Biesheuvel , Kuppuswamy Sathyanarayanan , Ilias Apalodimas , stable@vger.kernel.org From: Ard Biesheuvel Our efi_tcg2_tagged_event is not defined in the EFI spec, but it is not a local invention either: it was taken from the TCG PC Client spec, where it is called TCG_PCClientTaggedEvent. This spec also contains some guidance on how to populate it, which is not being followed closely at the moment; the event size should cover the TCG_PCClientTaggedEvent and its payload only, but it currently covers the preceding efi_tcg2_event too, and this may result in trailing garbage being measured into the TPM. So rename the struct and document its provenance, and fix up the use so only the tagged event data is represented in the size field. Cc: Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/efi-stub-helper.c | 20 +++++++++++--------- drivers/firmware/efi/libstub/efistub.h | 12 ++++++------ 2 files changed, 17 insertions(+), 15 deletions(-) diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c index bfa30625f5d0..16843ab9b64d 100644 --- a/drivers/firmware/efi/libstub/efi-stub-helper.c +++ b/drivers/firmware/efi/libstub/efi-stub-helper.c @@ -11,6 +11,7 @@ #include #include +#include #include #include @@ -219,23 +220,24 @@ static const struct { }, }; +struct efistub_measured_event { + efi_tcg2_event_t event_data; + TCG_PCClientTaggedEvent tagged_event; +} __packed; + static efi_status_t efi_measure_tagged_event(unsigned long load_addr, unsigned long load_size, enum efistub_event event) { + struct efistub_measured_event *evt; + int size = struct_size(&evt->tagged_event, tagged_event_data, + events[event].event_data_len); efi_guid_t tcg2_guid = EFI_TCG2_PROTOCOL_GUID; efi_tcg2_protocol_t *tcg2 = NULL; efi_status_t status; efi_bs_call(locate_protocol, &tcg2_guid, NULL, (void **)&tcg2); if (tcg2) { - struct efi_measured_event { - efi_tcg2_event_t event_data; - efi_tcg2_tagged_event_t tagged_event; - u8 tagged_event_data[]; - } *evt; - int size = sizeof(*evt) + events[event].event_data_len; - status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size, (void **)&evt); if (status != EFI_SUCCESS) @@ -249,12 +251,12 @@ static efi_status_t efi_measure_tagged_event(unsigned long load_addr, .event_header.event_type = EV_EVENT_TAG, }; - evt->tagged_event = (struct efi_tcg2_tagged_event){ + evt->tagged_event = (TCG_PCClientTaggedEvent){ .tagged_event_id = events[event].event_id, .tagged_event_data_size = events[event].event_data_len, }; - memcpy(evt->tagged_event_data, events[event].event_data, + memcpy(evt->tagged_event.tagged_event_data, events[event].event_data, events[event].event_data_len); status = efi_call_proto(tcg2, hash_log_extend_event, 0, diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h index c04b82ea40f2..043a3ff435f3 100644 --- a/drivers/firmware/efi/libstub/efistub.h +++ b/drivers/firmware/efi/libstub/efistub.h @@ -843,14 +843,14 @@ struct efi_tcg2_event { /* u8[] event follows here */ } __packed; -struct efi_tcg2_tagged_event { - u32 tagged_event_id; - u32 tagged_event_data_size; - /* u8 tagged event data follows here */ -} __packed; +/* from TCG PC Client Platform Firmware Profile Specification */ +typedef struct tdTCG_PCClientTaggedEvent { + u32 tagged_event_id; + u32 tagged_event_data_size; + u8 tagged_event_data[]; +} TCG_PCClientTaggedEvent; typedef struct efi_tcg2_event efi_tcg2_event_t; -typedef struct efi_tcg2_tagged_event efi_tcg2_tagged_event_t; typedef union efi_tcg2_protocol efi_tcg2_protocol_t; union efi_tcg2_protocol { From patchwork Fri Mar 8 08:57:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 779229 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CDE82CA78 for ; Fri, 8 Mar 2024 08:58:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709888299; cv=none; b=aeKF96qHsbCQrc4sI2JSC1YIErjUZ7TK5nnuJ7MtvnN2RNHX4L/zTAcdmQR68/DqZogYBYeHUp+QBR01hkPq3Dvpqo/3oWQiYlQaWFXrbzj+yKtKr2XT+inm+aGOwtT8KIIMVwAQvTW0moMWNiuQ7/VkaKo4elJXrn9n7MUwbLM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709888299; c=relaxed/simple; bh=ZcucMX5mq2a6BwH0D/cusrLTxDOdKxlLW7MGJi8VLE0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=UTAgRKiO7312FjB/a1NJN0X/d+hb//fhxMJwMP3rDlX38pDzzZFsDp5tCN7g9jvdDrOzAj8h0D6rr0sb1+dcMLCY20xApV4gozRBWprzEZtb72m46omRjZMOPXWHbX2KnRcsmIHrk0HZ8vgDMo+92YuIIlv4DO5YKYdsuJQIH1c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=jNoKYZi0; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="jNoKYZi0" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-609ff5727f9so13195597b3.0 for ; Fri, 08 Mar 2024 00:58:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709888297; x=1710493097; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=hibYjnoTAQJKGkpG55AdXZoClPOELJdGWiFJyJon9Bc=; b=jNoKYZi0mnwN7UpHUfs8mXVyQNKB0c5cpSs1fX1mzx1JEDkQG0gkl//KDRhT1m0aXg mSLR6oG+5O4Lrf3SoGKMZRpKdsWGUMyWWzv/tW1QwFYhbXzLyLBlP5j036YPJUhEQYPO zbkdBbzj1aVavKa8RgvZfNNzCCF6EFJOW+O/dTCaaRisQmaLuyKoenPM/emvwDlUCcco dv/8z2WKSSCOiJ2NHSJbcnylX3SLuEpglyyYLD589OaIk0bRAE6/LFnQSE/MNHc4+2HE x7QalGPFGyp0j/ce4s6nQP4pgv2T/H3uzmeQXNcZKuEIO60DG3bXlt4I7QlrpBcIo8RL sVBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709888297; x=1710493097; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=hibYjnoTAQJKGkpG55AdXZoClPOELJdGWiFJyJon9Bc=; b=uxTc34wHh4H+ODb9Y4+f6umi/98FGN9STbestYrkjoPq5Ms62b3iiV3JlN7gUTyIcY ZVBA9FuqYH3NL1hWvQTl+A4mYjZ3ObxGH8aYJg/jXVdsKx7IzX+Xf08EATcvX24sWIiu oCXH0KQjDN328e3MRc2lDZz8vFlr21A1tJWjFI21k9/qM+yEp2SeN5Cu9Hr2TlZL9hey YRH8D0dr03KYYs7YlmsIo/F57FLd8F+GfAxLGpRM93LyMNrRlxtZe7A63VcjYtzfe+x6 Dzfayvkwypq/wADPm6Df4WiPbbUk5oraiTzu0ri+vOjRMVV5VI2+tvRrxCxru7WS9hZ6 9oXw== X-Gm-Message-State: AOJu0Yy8OCA3pxTkw4BVAWqvFZnCR+NPt4NcAeIiaSVOCof89XFsnoIF LQBd5AsAfUq/1xrc3pSWQapaWaZjVmgPwzQg91Ss4eBLzsql6+U3TENT+MzuK87VSwxCyUhPdn+ 0ayEr7OVhFT4I7konfcMrRtWYP5E3zQVXW/5OEiER4PKMBdpWdtsOrT+BFXbXF0gmv/P71V9lVG pYQilSLPv19E+mROf+YEvPkDwDCg== X-Google-Smtp-Source: AGHT+IFSpPUVDHYYrRWfbGe1qEKv/sD1EPkEAUVifru3htIcgLc87Y6H0g+a/irQq3LPRJOpY6QLN908 X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a81:49c8:0:b0:609:3a77:176d with SMTP id w191-20020a8149c8000000b006093a77176dmr848240ywa.0.1709888296702; Fri, 08 Mar 2024 00:58:16 -0800 (PST) Date: Fri, 8 Mar 2024 09:57:57 +0100 In-Reply-To: <20240308085754.476197-7-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240308085754.476197-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=4350; i=ardb@kernel.org; h=from:subject; bh=mvU60GL5Usdocug8kxtz1ucuM+i40QO6xkfjpRWgXd4=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIfXVZdE7q+saFDp8PZ9a3hB8vuczy4pckwp+ifqjSRoRa +b0/dfoKGVhEONgkBVTZBGY/ffdztMTpWqdZ8nCzGFlAhnCwMUpABPZdpnhr7CLdIt6b1HdNua2 B6/na6Rsyrl50WClYqbvjIkcRqLPfBj+e7xhaXJmc2T+tHRXge827Q0qN5f+qXFMc3p24fVSp/M bOAA= X-Mailer: git-send-email 2.44.0.278.ge034bb2e1d-goog Message-ID: <20240308085754.476197-9-ardb+git@google.com> Subject: [PATCH v3 2/5] efi/tpm: Use symbolic GUID name from spec for final events table From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: Ard Biesheuvel , Kuppuswamy Sathyanarayanan , Ilias Apalodimas From: Ard Biesheuvel The LINUX_EFI_ GUID identifiers are only intended to be used to refer to GUIDs that are part of the Linux implementation, and are not considered external ABI. (Famous last words). GUIDs that already have a symbolic name in the spec should use that name, to avoid confusion between firmware components. So use the official name EFI_TCG2_FINAL_EVENTS_TABLE_GUID for the TCG2 'final events' configuration table. Reviewed-by: Kuppuswamy Sathyanarayanan Reviewed-by: Ilias Apalodimas Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/efi.c | 2 +- drivers/firmware/efi/libstub/tpm.c | 2 +- include/linux/efi.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index 4fcda50acfa4..f6cfd29308d9 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -597,7 +597,7 @@ static const efi_config_table_type_t common_tables[] __initconst = { {EFI_MEMORY_ATTRIBUTES_TABLE_GUID, &efi_mem_attr_table, "MEMATTR" }, {LINUX_EFI_RANDOM_SEED_TABLE_GUID, &efi_rng_seed, "RNG" }, {LINUX_EFI_TPM_EVENT_LOG_GUID, &efi.tpm_log, "TPMEventLog" }, - {LINUX_EFI_TPM_FINAL_LOG_GUID, &efi.tpm_final_log, "TPMFinalLog" }, + {EFI_TCG2_FINAL_EVENTS_TABLE_GUID, &efi.tpm_final_log, "TPMFinalLog" }, {LINUX_EFI_MEMRESERVE_TABLE_GUID, &mem_reserve, "MEMRESERVE" }, {LINUX_EFI_INITRD_MEDIA_GUID, &initrd, "INITRD" }, {EFI_RT_PROPERTIES_TABLE_GUID, &rt_prop, "RTPROP" }, diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c index 7acbac16eae0..a880f7374c27 100644 --- a/drivers/firmware/efi/libstub/tpm.c +++ b/drivers/firmware/efi/libstub/tpm.c @@ -128,7 +128,7 @@ void efi_retrieve_tpm2_eventlog(void) * final events structure, and if so how much space they take up */ if (version == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) - final_events_table = get_efi_config_table(LINUX_EFI_TPM_FINAL_LOG_GUID); + final_events_table = get_efi_config_table(EFI_TCG2_FINAL_EVENTS_TABLE_GUID); if (final_events_table && final_events_table->nr_events) { struct tcg_pcr_event2_head *header; int offset; diff --git a/include/linux/efi.h b/include/linux/efi.h index c74f47711f0b..464fe16411b8 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -386,6 +386,7 @@ void efi_native_runtime_setup(void); #define EFI_CONSOLE_OUT_DEVICE_GUID EFI_GUID(0xd3b36f2c, 0xd551, 0x11d4, 0x9a, 0x46, 0x00, 0x90, 0x27, 0x3f, 0xc1, 0x4d) #define APPLE_PROPERTIES_PROTOCOL_GUID EFI_GUID(0x91bd12fe, 0xf6c3, 0x44fb, 0xa5, 0xb7, 0x51, 0x22, 0xab, 0x30, 0x3a, 0xe0) #define EFI_TCG2_PROTOCOL_GUID EFI_GUID(0x607f766c, 0x7455, 0x42be, 0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f) +#define EFI_TCG2_FINAL_EVENTS_TABLE_GUID EFI_GUID(0x1e2ed096, 0x30e2, 0x4254, 0xbd, 0x89, 0x86, 0x3b, 0xbe, 0xf8, 0x23, 0x25) #define EFI_LOAD_FILE_PROTOCOL_GUID EFI_GUID(0x56ec3091, 0x954c, 0x11d2, 0x8e, 0x3f, 0x00, 0xa0, 0xc9, 0x69, 0x72, 0x3b) #define EFI_LOAD_FILE2_PROTOCOL_GUID EFI_GUID(0x4006c0c1, 0xfcb3, 0x403e, 0x99, 0x6d, 0x4a, 0x6c, 0x87, 0x24, 0xe0, 0x6d) #define EFI_RT_PROPERTIES_TABLE_GUID EFI_GUID(0xeb66918a, 0x7eef, 0x402a, 0x84, 0x2e, 0x93, 0x1d, 0x21, 0xc3, 0x8a, 0xe9) @@ -411,7 +412,6 @@ void efi_native_runtime_setup(void); #define LINUX_EFI_LOADER_ENTRY_GUID EFI_GUID(0x4a67b082, 0x0a4c, 0x41cf, 0xb6, 0xc7, 0x44, 0x0b, 0x29, 0xbb, 0x8c, 0x4f) #define LINUX_EFI_RANDOM_SEED_TABLE_GUID EFI_GUID(0x1ce1e5bc, 0x7ceb, 0x42f2, 0x81, 0xe5, 0x8a, 0xad, 0xf1, 0x80, 0xf5, 0x7b) #define LINUX_EFI_TPM_EVENT_LOG_GUID EFI_GUID(0xb7799cb0, 0xeca2, 0x4943, 0x96, 0x67, 0x1f, 0xae, 0x07, 0xb7, 0x47, 0xfa) -#define LINUX_EFI_TPM_FINAL_LOG_GUID EFI_GUID(0x1e2ed096, 0x30e2, 0x4254, 0xbd, 0x89, 0x86, 0x3b, 0xbe, 0xf8, 0x23, 0x25) #define LINUX_EFI_MEMRESERVE_TABLE_GUID EFI_GUID(0x888eb0c6, 0x8ede, 0x4ff5, 0xa8, 0xf0, 0x9a, 0xee, 0x5c, 0xb9, 0x77, 0xc2) #define LINUX_EFI_INITRD_MEDIA_GUID EFI_GUID(0x5568e427, 0x68fc, 0x4f3d, 0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68) #define LINUX_EFI_MOK_VARIABLE_TABLE_GUID EFI_GUID(0xc451ed2b, 0x9694, 0x45d3, 0xba, 0xba, 0xed, 0x9f, 0x89, 0x88, 0xa3, 0x89) From patchwork Fri Mar 8 08:57:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 778938 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ED443CA78 for ; Fri, 8 Mar 2024 08:58:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709888301; cv=none; b=KnaQ5yQY3jtBn3jVNBn3VktFetredEi6OKa+1EH9LDF+8nV0tKL8mXSzdY5T0aYfWQjhuaB/NBUkMkgQwlGcvrnra+9bPE3047vRftRXOrnNI+7Q+RzhsVpXZM2Ck2FvwiNpaZTh1N/5aJqlbIqtxeO6osxcvKZTb9g9Q+YRiMg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709888301; c=relaxed/simple; bh=qeUU3cLSOG8fi/kUWFl6N+cu1zCz63m/aRKgGG5DNnA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=OVor0tqz21lqBhLLq6lq8QQEFND6j2ojYiPUCOjx1FsB1gkWF3ARc4V0n/IhboLw7Q5SjHsAnu+2Zc24ZsUp4kPXSgS52h5VMSF3RbnWFW1WlSWEA7ESEia1r4SxJ0h3MR3n5V8VWq258ZpUNmGng3wPt0HuVNVKZzc2MdNgO00= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=xYDLiFEc; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="xYDLiFEc" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-60a0b282961so206047b3.3 for ; Fri, 08 Mar 2024 00:58:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709888299; x=1710493099; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=kIQ1lQ7HJ3wGUhnC48+LG1Rxwr4R8ALtSb8OzlOuk30=; b=xYDLiFEcHXtV0ZOR2uAmHfn5ohYrnwaThXUtsG2PqzxOvoigS/7Xk08Kr1YWgJtzRp MWc/IjMtm0OY4ebmTxb8bcknfbaDDQK6Zh2XFQG2SG672BouacNYja+Xpv9twOkvw6oz fWiVtanvmCXAK/Q50KNJU01+Xfhay8OgSdMDyS7MapHVt8Jew8IQqpa+Ib5sIZ/+WBod L18J2zXGtHBDMpAdNFUc7AWMkprnq22Xu3ardJbH4v59xdRzDo8wOeKjyCdALiTvL5zK RNhZFTUOVz8xRk4NhFpf/YxJVux2B924G0vv65oqQklZ2HZfasGoIQnm+TeHKrNWvBK+ UAnA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709888299; x=1710493099; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=kIQ1lQ7HJ3wGUhnC48+LG1Rxwr4R8ALtSb8OzlOuk30=; b=uuNo0sfwTkd7N6zp3JtTLjRkie+G0ITTGcWhKxoFb63K0kCbsVTuJZsB43V9BeA1Ht c2vVbCgUPOu+tYdYjG34IKwY9DzRqWC6z4bv/AzsRtU1ezDl+BoT+RmfkFWbkdOQ/wAt tCSjxPm6BT98F7Fq1fh1UBS59y5CV00Cma64Sfkt0cKjf05s9KMfvGUS/usuEOxhpueo x1o80dzFPk+w26lxAub5K+q5SimHJGG3LgFtDqh6u5gfIQTQsJ+cGpeOSzNCNI1KMUZ/ OqXU5/UplQgw1HajLv98HrvsskWynoCiqhjunvl0zkER3V0XI9mBQ0aV9MWyIBaw9dS3 Nvow== X-Gm-Message-State: AOJu0YxE7/kSYmRdSjZrxyaz3kyxHRk6OZUjR++A3epMpAJ7zZfXQhiv 16iSpypiar2NHtTb4G0DdZhJyzFHqZgO590d94Rcanfukw73u7m2Lxb1SarVE17fbUAy/rEMXac e9bctwYY4LA7ZWPCkItYxMPJxwB3Ss5aTm35e8W47875YIthOkAKCQmJnBm14WkhAgETnlq6nbQ jFrq5JTHn2NXfxxiogWBKzVcXyow== X-Google-Smtp-Source: AGHT+IGWd8msjy9M8sUnHaRMMd7Ey7RhyBzGBt9BzhDRr3tuD6IMtFG403wDF45nJidgPpyGw3Y24MMd X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a25:b10e:0:b0:dc6:d233:ffdd with SMTP id g14-20020a25b10e000000b00dc6d233ffddmr5471197ybj.0.1709888298935; Fri, 08 Mar 2024 00:58:18 -0800 (PST) Date: Fri, 8 Mar 2024 09:57:58 +0100 In-Reply-To: <20240308085754.476197-7-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240308085754.476197-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=3931; i=ardb@kernel.org; h=from:subject; bh=xs8je5+D1+AnoMgfr65iIYE4FVB1ZUgCYnKloAmK6KE=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIfXVZbHixZxbdKe4v7tX3nz2SuXx+ub/zEsZ3tUmVh1aI PLcUi+9o5SFQYyDQVZMkUVg9t93O09PlKp1niULM4eVCWQIAxenAEyETZzhr5C+ze+mrPxqEf/U BR/ebDVOKb2jF98Zn/+/Mrdi2uL+BEaG2W3d7ZzVpR8X9Gf3RMwOyvpzpIKTT/pRpJ/M/ezrDks ZAQ== X-Mailer: git-send-email 2.44.0.278.ge034bb2e1d-goog Message-ID: <20240308085754.476197-10-ardb+git@google.com> Subject: [PATCH v3 3/5] efi/libstub: Add Confidential Computing (CC) measurement typedefs From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: Ard Biesheuvel , Kuppuswamy Sathyanarayanan , Ilias Apalodimas From: Kuppuswamy Sathyanarayanan If the virtual firmware implements TPM support, TCG2 protocol will be used for kernel measurements and event logging support. But in CC environment, not all platforms support or enable the TPM feature. UEFI specification [1] exposes protocol and interfaces used for kernel measurements in CC platforms without TPM support. More details about the EFI CC measurements and logging can be found in [1]. Link: https://uefi.org/specs/UEFI/2.10/38_Confidential_Computing.html#efi-cc-measurement-protocol [1] Signed-off-by: Kuppuswamy Sathyanarayanan [ardb: Drop code changes, keep typedefs and #define's only] Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/efistub.h | 79 ++++++++++++++++++++ include/linux/efi.h | 1 + 2 files changed, 80 insertions(+) diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h index 043a3ff435f3..6b020aadcf94 100644 --- a/drivers/firmware/efi/libstub/efistub.h +++ b/drivers/firmware/efi/libstub/efistub.h @@ -882,6 +882,85 @@ union efi_tcg2_protocol { } mixed_mode; }; +typedef struct { + u8 major; + u8 minor; +} efi_cc_version_t; + +typedef struct { + u8 type; + u8 sub_type; +} efi_cc_type_t; + +/* EFI CC type/subtype defines */ +#define EFI_CC_TYPE_NONE 0 +#define EFI_CC_TYPE_AMD_SEV 1 +#define EFI_CC_TYPE_INTEL_TDX 2 + +typedef u32 efi_cc_mr_index_t; + +struct efi_cc_event { + u32 event_size; + struct { + u32 header_size; + u16 header_version; + u32 mr_index; + u32 event_type; + } __packed event_header; + /* u8[] event follows here */ +} __packed; + +typedef struct efi_cc_event efi_cc_event_t; + +typedef u32 efi_cc_event_log_bitmap_t; +typedef u32 efi_cc_event_log_format_t; +typedef u32 efi_cc_event_algorithm_bitmap_t; + +typedef struct { + u8 size; + efi_cc_version_t structure_version; + efi_cc_version_t protocol_version; + efi_cc_event_algorithm_bitmap_t hash_algorithm_bitmap; + efi_cc_event_log_bitmap_t supported_event_logs; + efi_cc_type_t cc_type; +} efi_cc_boot_service_cap_t; + +#define EFI_CC_EVENT_HEADER_VERSION 1 + +#define EFI_CC_BOOT_HASH_ALG_SHA384 0x00000004 + +typedef union efi_cc_protocol efi_cc_protocol_t; + +union efi_cc_protocol { + struct { + efi_status_t + (__efiapi *get_capability)(efi_cc_protocol_t *, + efi_cc_boot_service_cap_t *); + + efi_status_t + (__efiapi *get_event_log)(efi_cc_protocol_t *, + efi_cc_event_log_format_t, + efi_physical_addr_t *, + efi_physical_addr_t *, + efi_bool_t *); + + efi_status_t + (__efiapi *hash_log_extend_event)(efi_cc_protocol_t *, u64, + efi_physical_addr_t, u64, + const efi_cc_event_t *); + + efi_status_t + (__efiapi *map_pcr_to_mr_index)(efi_cc_protocol_t *, u32, + efi_cc_mr_index_t *); + }; + struct { + u32 get_capability; + u32 get_event_log; + u32 hash_log_extend_event; + u32 map_pcr_to_mr_index; + } mixed_mode; +}; + struct riscv_efi_boot_protocol { u64 revision; diff --git a/include/linux/efi.h b/include/linux/efi.h index 464fe16411b8..2493d3d4429b 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -401,6 +401,7 @@ void efi_native_runtime_setup(void); #define EFI_CERT_X509_GUID EFI_GUID(0xa5c059a1, 0x94e4, 0x4aa7, 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72) #define EFI_CERT_X509_SHA256_GUID EFI_GUID(0x3bd2a492, 0x96c0, 0x4079, 0xb4, 0x20, 0xfc, 0xf9, 0x8e, 0xf1, 0x03, 0xed) #define EFI_CC_BLOB_GUID EFI_GUID(0x067b1f5f, 0xcf26, 0x44c5, 0x85, 0x54, 0x93, 0xd7, 0x77, 0x91, 0x2d, 0x42) +#define EFI_CC_MEASUREMENT_PROTOCOL_GUID EFI_GUID(0x96751a3d, 0x72f4, 0x41a6, 0xa7, 0x94, 0xed, 0x5d, 0x0e, 0x67, 0xae, 0x6b) /* * This GUID is used to pass to the kernel proper the struct screen_info From patchwork Fri Mar 8 08:57:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 779228 Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 636B1524CC for ; Fri, 8 Mar 2024 08:58:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709888304; cv=none; b=U7Tl7IfT8EsUoR05dHvfSTKHdcRAmbk19lIa/5LCn2r7o7/zY1YSOQR2/YR35Oc1arCvd5vZJtcXIC5GJ71ijlwnMoVy1tQ3vifrYUIt0EaApvGUBvp5allcmbjmhQSkKSgzu9w1zrIaFVFSciznIhcgQbPXuCeeFj++RHxWyyo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709888304; c=relaxed/simple; bh=w5y43qPg8YnMMrJVBpbFejVMqsHD8dMGg5hdRZozaSA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=b5wQykJGtPJsxyle2XZStq0N+o6Xb37qBX396j0V/IfEi1JdZ1N5Lu4it3cpc0Lu4n+3wZhk9EqqbFKasBMdL0s8FDE07I+sqKFdBSVVW2y1ei19S1RVWpeWMMKdHmo3woIdYIxewDdyPJPlWEsJdK5fPQmlN+fMvWnDT+SUvlw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=H9PX41Mo; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="H9PX41Mo" Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-dc64b659a9cso3340410276.3 for ; Fri, 08 Mar 2024 00:58:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709888301; x=1710493101; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=iAON+hsrBCvAR5DHyDyw9512R5nsi91Nq+pxTAKDv+g=; b=H9PX41MosIkd9S6ZOdszdBaaZou+7ECzymyJIOouvqttno5v3qdqLzObLdaKOFVC+R BZ5p9kQki8Hd3wMD/6Rs+rBQPt7YyZn0G2N8MPl2LOXYsbCedNDTlLvPJ5yVzbMtOSmI gvePLpEyZOm43Ld4+DHYF51DxTBJ6f3/koLTLjCtkUPgTOgvs7ASRhGRsvDutdsEwDQA SKP3Kqrx7KdSRZ0DoPChUjVwhgT06bMVjzUSD1NjanOoaTXzx3/2nuHKTfbOQVZ2i+H0 xyqaDs5cnUQKWqKAk4ejiOBsi3G9F8PdmwO3yN1amPn/8ysl8JIWXt56z8685lJbn7ep Bxdw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709888301; x=1710493101; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=iAON+hsrBCvAR5DHyDyw9512R5nsi91Nq+pxTAKDv+g=; b=KkbAFXm86guxuxFAbDet7pLGrW0FyPz95JwgF6fmDiBj3E/aCOBRY0pMvWTRr13kGY 1mTQiP+8f3SVZLLwKz4icIWfSkq3k8/THkAm7mha5oTrjzc25+QOwhiIT5dmG6mjURUG 0zBHnn3ppcDCMkaptrN5nSrp8nFiRHkYGK0vXaS3WorsXUue2V6cHyuYTAE1RSfxFE+X 6l2hIUVYhDSkDtjEHR3QZih6fomSa62z4DET1mSwQbfZD1l7x770b8dYZw330xMKthPx zXOk0rVY+7w0OzQZtXZut7+/vbm/stPtR/AjdEWgY9unM2cDjkJ4B2U3oYwJmXeZRRRV fUZQ== X-Gm-Message-State: AOJu0Ywvhk6+xKndgkhbO7Simz4wl2zGHzzOnzYtQNRbuo9uNpFUvy7p tRtxn1nzYl/KPtVR56p+w4uIaPAeDrNpJB+QrS4ss6yCsmbc6mB4x/F+/S3GVi9yD6dvZZ6/nLe 0teper1lIJN8Pihp2P049kpSJXiEaDntMWDl6Ld5W45SqQ7Vx5R98bZx0wGoX1GSAnQ8lOR0/+i KgpZKunNRsJ5KH2aHKYJMoZwaQeQ== X-Google-Smtp-Source: AGHT+IFI6mcrAIKW+ad49FGRWgCf7jiIRHg2PfoqLIvcXLbTYSr+uwZdJuzJPH52ElNHO4nkrq2ts4b2 X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a25:2688:0:b0:dc6:eea0:1578 with SMTP id m130-20020a252688000000b00dc6eea01578mr5080852ybm.13.1709888301200; Fri, 08 Mar 2024 00:58:21 -0800 (PST) Date: Fri, 8 Mar 2024 09:57:59 +0100 In-Reply-To: <20240308085754.476197-7-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240308085754.476197-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=5132; i=ardb@kernel.org; h=from:subject; bh=DKRTY0+O5JJp1haoOHXDgu0pCOw0dcBoZV2QBt3Ss1g=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIfXVZfH65Q7Oj04V7NY0MReu51SeJcFQeHJiRU6kRIGKm f+vR70dpSwMYhwMsmKKLAKz/77beXqiVK3zLFmYOaxMIEMYuDgFYCLeOxn+exu2HLW/tuejkmn/ f2E/n+PNlm2CBh/yGzYaK+bZeHY8Y2RoFezglDG+qu/qcshv8r2/P+ymRlo6L6r07Q1L+DRz1wI mAA== X-Mailer: git-send-email 2.44.0.278.ge034bb2e1d-goog Message-ID: <20240308085754.476197-11-ardb+git@google.com> Subject: [PATCH v3 4/5] efi/libstub: Measure into CC protocol if TCG2 protocol is absent From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: Ard Biesheuvel , Kuppuswamy Sathyanarayanan , Ilias Apalodimas From: Ard Biesheuvel To accommodate confidential compute VMs that expose the simplified CC measurement protocol instead of the full-blown TCG2 one, fall back to the former if the latter does not exist. The CC protocol was designed to be used in this manner, which is why the types and prototypes have been kept the same where possible. So reuse the existing code, and only deviate from the TCG2 code path where needed. Reviewed-by: Kuppuswamy Sathyanarayanan Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/efi-stub-helper.c | 84 +++++++++++++++----- 1 file changed, 62 insertions(+), 22 deletions(-) diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c index 16843ab9b64d..4aa59088ba5f 100644 --- a/drivers/firmware/efi/libstub/efi-stub-helper.c +++ b/drivers/firmware/efi/libstub/efi-stub-helper.c @@ -194,7 +194,7 @@ void efi_apply_loadoptions_quirk(const void **load_options, u32 *load_options_si *load_options_size = load_option_unpacked.optional_data_size; } -enum efistub_event { +enum efistub_event_type { EFISTUB_EVT_INITRD, EFISTUB_EVT_LOAD_OPTIONS, EFISTUB_EVT_COUNT, @@ -220,55 +220,95 @@ static const struct { }, }; +static_assert(sizeof(efi_tcg2_event_t) == sizeof(efi_cc_event_t)); + +union efistub_event { + efi_tcg2_event_t tcg2_data; + efi_cc_event_t cc_data; +}; + struct efistub_measured_event { - efi_tcg2_event_t event_data; + union efistub_event event_data; TCG_PCClientTaggedEvent tagged_event; } __packed; static efi_status_t efi_measure_tagged_event(unsigned long load_addr, unsigned long load_size, - enum efistub_event event) + enum efistub_event_type event) { + union { + efi_status_t + (__efiapi *hash_log_extend_event)(void *, u64, efi_physical_addr_t, + u64, const union efistub_event *); + struct { u32 hash_log_extend_event; } mixed_mode; + } method; struct efistub_measured_event *evt; int size = struct_size(&evt->tagged_event, tagged_event_data, events[event].event_data_len); efi_guid_t tcg2_guid = EFI_TCG2_PROTOCOL_GUID; efi_tcg2_protocol_t *tcg2 = NULL; + union efistub_event ev; efi_status_t status; + void *protocol; efi_bs_call(locate_protocol, &tcg2_guid, NULL, (void **)&tcg2); if (tcg2) { - status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size, - (void **)&evt); - if (status != EFI_SUCCESS) - goto fail; - - evt->event_data = (struct efi_tcg2_event){ + ev.tcg2_data = (struct efi_tcg2_event){ .event_size = size, - .event_header.header_size = sizeof(evt->event_data.event_header), + .event_header.header_size = sizeof(ev.tcg2_data.event_header), .event_header.header_version = EFI_TCG2_EVENT_HEADER_VERSION, .event_header.pcr_index = events[event].pcr_index, .event_header.event_type = EV_EVENT_TAG, }; + protocol = tcg2; + method.hash_log_extend_event = + (void *)efi_table_attr(tcg2, hash_log_extend_event); + } else { + efi_guid_t cc_guid = EFI_CC_MEASUREMENT_PROTOCOL_GUID; + efi_cc_protocol_t *cc = NULL; - evt->tagged_event = (TCG_PCClientTaggedEvent){ - .tagged_event_id = events[event].event_id, - .tagged_event_data_size = events[event].event_data_len, - }; - - memcpy(evt->tagged_event.tagged_event_data, events[event].event_data, - events[event].event_data_len); + efi_bs_call(locate_protocol, &cc_guid, NULL, (void **)&cc); + if (!cc) + return EFI_UNSUPPORTED; - status = efi_call_proto(tcg2, hash_log_extend_event, 0, - load_addr, load_size, &evt->event_data); - efi_bs_call(free_pool, evt); + ev.cc_data = (struct efi_cc_event){ + .event_size = size, + .event_header.header_size = sizeof(ev.cc_data.event_header), + .event_header.header_version = EFI_CC_EVENT_HEADER_VERSION, + .event_header.event_type = EV_EVENT_TAG, + }; + status = efi_call_proto(cc, map_pcr_to_mr_index, + events[event].pcr_index, + &ev.cc_data.event_header.mr_index); if (status != EFI_SUCCESS) goto fail; - return EFI_SUCCESS; + + protocol = cc; + method.hash_log_extend_event = + (void *)efi_table_attr(cc, hash_log_extend_event); } - return EFI_UNSUPPORTED; + status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size, (void **)&evt); + if (status != EFI_SUCCESS) + goto fail; + + evt->event_data = ev; + evt->tagged_event = (TCG_PCClientTaggedEvent){ + .tagged_event_id = events[event].event_id, + .tagged_event_data_size = events[event].event_data_len, + }; + + memcpy(evt->tagged_event.tagged_event_data, events[event].event_data, + events[event].event_data_len); + + status = efi_fn_call(&method, hash_log_extend_event, protocol, 0, + load_addr, load_size, &evt->event_data); + efi_bs_call(free_pool, evt); + + if (status == EFI_SUCCESS) + return EFI_SUCCESS; + fail: efi_warn("Failed to measure data for event %d: 0x%lx\n", event, status); return status; From patchwork Fri Mar 8 08:58:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 778937 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 90C80524C3 for ; Fri, 8 Mar 2024 08:58:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709888306; cv=none; b=JqAleHN0dSTKK6BE0h/gDGOvUrTzY6M3BATqJGiC039CEYXibUK5eXmwrljIHDgsQ0RlwnpG7qtIGWrxteUbPrlfHwpPLBum0HNQf50IuC86LE3vU25Jbfm3eNOJ7feI6or3ZhBOT+2yXnH8YFAMiqM6ST3nl1SOjUGppqUSxkQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709888306; c=relaxed/simple; bh=dJtCpd6uVskQBjjCpwHRWCXd6smtR30/xK+CWT9cBl0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=rb/sokb9liBFhiLuau52maBDUuiy+PXGCqgkP5sYv3hOP6iBX93k+RuRS5vUWJj4BEfRnzW5sk4WniWt2R2JokmO+g5hRxA8aDaVyOOiDdygMdakXN9+WfBzBzjfGwpCFZgfWbtw2zSK5ftKi5D+CfCOdNwrCc5fXBIMDq++sbY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=4HWELjgo; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="4HWELjgo" Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-dbe9e13775aso3109015276.1 for ; Fri, 08 Mar 2024 00:58:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709888303; x=1710493103; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=4K1rxebdavLMf+olzI6vt7zaNJvQRPSsrXiT7sFk0+A=; b=4HWELjgosM/My/CO1AnG3TsPIzdAZjZucHhvtwhJHshsIgZlt5zfpzZVySZvkFwi7H sqZ4eh4Ika6YJbr7FekbvvN8oWtQasMh3+xf8wEreyaBSkpt24mGc2gJ2VB0v7dxnjMg QkZYxWfIO/RkTy9LWBviujQwlg+J1ok7cEBk/ZOuxAEuQScbmgOoF/CT0SCvF6bkRIy7 vRlwHjxO+2GyLCVGygyD2+vA7aBtXwkCLy3nwXhaBUUmHbi5EeZvqt/Xju3t5y90aJkX yjYcoZv6RftpSEcYcOGkKD5lBfgq3ChHSPajKVUPxqJ5wwq7M8G/K2rIunBeGtQeqN4h GhJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709888303; x=1710493103; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=4K1rxebdavLMf+olzI6vt7zaNJvQRPSsrXiT7sFk0+A=; b=DspryhG/8Spvwds5DoOtTdNL732TmxCEhG+e78m30WNrT+AcUXf33iREdUtt9BDqw3 5ApyhOjQryGWQm8UocNoJvpO37HJ85l5KXZroAKwjfPagwJykZac8JAPeqPr1FJWo6SN Z3gMmi79iL6rrqqz6lTHBMbrjD37W7ymy4VQtrf3nC96/fi0AxX8XYGtUteAtWHMsbbH 80+ieObLgDOh0uaRrO/LeCD2E/UFT2aH8zArYPyVSmB1BvFLr/9b+/+AuT492ee9LewO 4kRCdshzDHIzXr8LaKDC+NJFPQWg/57H9rdkqf8MYVgihsB0kf2Auubo6pRZj1yd0J7y YEGA== X-Gm-Message-State: AOJu0Yznkq8UAT9iO6qBBLn1Jqkd4aJ27Bztlq4NJDSE5z77/VesVamu VsezhTsYx8yysm9uBScyd6gK8yhrFk/WIYe60peWCs+0PwvPhcdTna/N4kE9qyA4Xu2HXI9PJ87 UCZv19zV6Is2qCGwHeww8h2G1TuY09j1mKB/K3bA70apGaLZWU4h6RcVyXcN96YSMnGF+EQwplL LLuW1eWqnTcWloHeN/9oqTGNrTfg== X-Google-Smtp-Source: AGHT+IH4PmXp/75tGPKkeLYbAJ3CVK1Z7Y0nirJ6rAr35vYgPdIvAalkJTwpmvN4qWhb86rJZiXQUGFo X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a05:6902:1004:b0:dc7:42:ecd with SMTP id w4-20020a056902100400b00dc700420ecdmr5125054ybt.6.1709888303667; Fri, 08 Mar 2024 00:58:23 -0800 (PST) Date: Fri, 8 Mar 2024 09:58:00 +0100 In-Reply-To: <20240308085754.476197-7-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240308085754.476197-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=8763; i=ardb@kernel.org; h=from:subject; bh=l1rr6VehlGWug+Oo1IGH0MVFLA1acdmYGdPLFofuU1M=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIfXVZYkfkv9f2sa2zfBlfvhxbUGJ0t1NSTNV2tcu55FbW VZZO+1mRykLgxgHg6yYIovA7L/vdp6eKFXrPEsWZg4rE8gQBi5OAZiIwyFGhjbj85u3Tz9QnbhA 1v1uyZyIaQ22WmvOzd3x9OzGYxf4GtQZ/kc95b5ydGGE0fcHznHs6+PrmEV/n1nCHBSbaD+pv2L VOwYA X-Mailer: git-send-email 2.44.0.278.ge034bb2e1d-goog Message-ID: <20240308085754.476197-12-ardb+git@google.com> Subject: [PATCH v3 5/5] efi/libstub: Add get_event_log() support for CC platforms From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: Ard Biesheuvel , Kuppuswamy Sathyanarayanan , Ilias Apalodimas From: Kuppuswamy Sathyanarayanan To allow event log info access after boot, EFI boot stub extracts the event log information and installs it in an EFI configuration table. Currently, EFI boot stub only supports installation of event log only for TPM 1.2 and TPM 2.0 protocols. Extend the same support for CC protocol. Since CC platform also uses TCG2 format, reuse TPM2 support code as much as possible. Link: https://uefi.org/specs/UEFI/2.10/38_Confidential_Computing.html#efi-cc-measurement-protocol [1] Signed-off-by: Kuppuswamy Sathyanarayanan Link: https://lkml.kernel.org/r/0229a87e-fb19-4dad-99fc-4afd7ed4099a%40collabora.com [ardb: Split out final events table handling to avoid version confusion] Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/efi.c | 1 + drivers/firmware/efi/libstub/efi-stub.c | 2 +- drivers/firmware/efi/libstub/efistub.h | 4 +- drivers/firmware/efi/libstub/tpm.c | 82 +++++++++++++------- drivers/firmware/efi/libstub/x86-stub.c | 2 +- include/linux/efi.h | 1 + 6 files changed, 61 insertions(+), 31 deletions(-) diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index f6cfd29308d9..8859fb0b006d 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -598,6 +598,7 @@ static const efi_config_table_type_t common_tables[] __initconst = { {LINUX_EFI_RANDOM_SEED_TABLE_GUID, &efi_rng_seed, "RNG" }, {LINUX_EFI_TPM_EVENT_LOG_GUID, &efi.tpm_log, "TPMEventLog" }, {EFI_TCG2_FINAL_EVENTS_TABLE_GUID, &efi.tpm_final_log, "TPMFinalLog" }, + {EFI_CC_FINAL_EVENTS_TABLE_GUID, &efi.tpm_final_log, "CCFinalLog" }, {LINUX_EFI_MEMRESERVE_TABLE_GUID, &mem_reserve, "MEMRESERVE" }, {LINUX_EFI_INITRD_MEDIA_GUID, &initrd, "INITRD" }, {EFI_RT_PROPERTIES_TABLE_GUID, &rt_prop, "RTPROP" }, diff --git a/drivers/firmware/efi/libstub/efi-stub.c b/drivers/firmware/efi/libstub/efi-stub.c index f9c1e8a2bd1d..958a680e0660 100644 --- a/drivers/firmware/efi/libstub/efi-stub.c +++ b/drivers/firmware/efi/libstub/efi-stub.c @@ -167,7 +167,7 @@ efi_status_t efi_stub_common(efi_handle_t handle, si = setup_graphics(); - efi_retrieve_tpm2_eventlog(); + efi_retrieve_eventlog(); /* Ask the firmware to clear memory on unclean shutdown */ efi_enable_reset_attack_mitigation(); diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h index 6b020aadcf94..df174edfc228 100644 --- a/drivers/firmware/efi/libstub/efistub.h +++ b/drivers/firmware/efi/libstub/efistub.h @@ -929,6 +929,8 @@ typedef struct { #define EFI_CC_BOOT_HASH_ALG_SHA384 0x00000004 +#define EFI_CC_EVENT_LOG_FORMAT_TCG_2 0x00000002 + typedef union efi_cc_protocol efi_cc_protocol_t; union efi_cc_protocol { @@ -1140,7 +1142,7 @@ static inline void efi_enable_reset_attack_mitigation(void) { } #endif -void efi_retrieve_tpm2_eventlog(void); +void efi_retrieve_eventlog(void); struct screen_info *alloc_screen_info(void); struct screen_info *__alloc_screen_info(void); diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c index a880f7374c27..df3182f2e63a 100644 --- a/drivers/firmware/efi/libstub/tpm.c +++ b/drivers/firmware/efi/libstub/tpm.c @@ -47,39 +47,18 @@ void efi_enable_reset_attack_mitigation(void) #endif -void efi_retrieve_tpm2_eventlog(void) +static void efi_retrieve_tcg2_eventlog(int version, efi_physical_addr_t log_location, + efi_physical_addr_t log_last_entry, + efi_bool_t truncated, + struct efi_tcg2_final_events_table *final_events_table) { - efi_guid_t tcg2_guid = EFI_TCG2_PROTOCOL_GUID; efi_guid_t linux_eventlog_guid = LINUX_EFI_TPM_EVENT_LOG_GUID; efi_status_t status; - efi_physical_addr_t log_location = 0, log_last_entry = 0; struct linux_efi_tpm_eventlog *log_tbl = NULL; - struct efi_tcg2_final_events_table *final_events_table = NULL; unsigned long first_entry_addr, last_entry_addr; size_t log_size, last_entry_size; - efi_bool_t truncated; - int version = EFI_TCG2_EVENT_LOG_FORMAT_TCG_2; - efi_tcg2_protocol_t *tcg2_protocol = NULL; int final_events_size = 0; - status = efi_bs_call(locate_protocol, &tcg2_guid, NULL, - (void **)&tcg2_protocol); - if (status != EFI_SUCCESS) - return; - - status = efi_call_proto(tcg2_protocol, get_event_log, version, - &log_location, &log_last_entry, &truncated); - - if (status != EFI_SUCCESS || !log_location) { - version = EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2; - status = efi_call_proto(tcg2_protocol, get_event_log, version, - &log_location, &log_last_entry, - &truncated); - if (status != EFI_SUCCESS || !log_location) - return; - - } - first_entry_addr = (unsigned long) log_location; /* @@ -93,8 +72,10 @@ void efi_retrieve_tpm2_eventlog(void) * get_event_log only returns the address of the last entry. * We need to calculate its size to deduce the full size of * the logs. + * + * CC Event log also uses TCG2 format, handle it same as TPM2. */ - if (version == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) { + if (version > EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2) { /* * The TCG2 log format has variable length entries, * and the information to decode the hash algorithms @@ -127,8 +108,6 @@ void efi_retrieve_tpm2_eventlog(void) * Figure out whether any events have already been logged to the * final events structure, and if so how much space they take up */ - if (version == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) - final_events_table = get_efi_config_table(EFI_TCG2_FINAL_EVENTS_TABLE_GUID); if (final_events_table && final_events_table->nr_events) { struct tcg_pcr_event2_head *header; int offset; @@ -165,3 +144,50 @@ void efi_retrieve_tpm2_eventlog(void) err_free: efi_bs_call(free_pool, log_tbl); } + +void efi_retrieve_eventlog(void) +{ + struct efi_tcg2_final_events_table *final_events_table = NULL; + efi_physical_addr_t log_location = 0, log_last_entry = 0; + efi_guid_t tpm2_guid = EFI_TCG2_PROTOCOL_GUID; + int version = EFI_TCG2_EVENT_LOG_FORMAT_TCG_2; + efi_tcg2_protocol_t *tpm2 = NULL; + efi_bool_t truncated; + efi_status_t status; + + status = efi_bs_call(locate_protocol, &tpm2_guid, NULL, (void **)&tpm2); + if (status == EFI_SUCCESS) { + status = efi_call_proto(tpm2, get_event_log, version, &log_location, + &log_last_entry, &truncated); + + if (status != EFI_SUCCESS || !log_location) { + version = EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2; + status = efi_call_proto(tpm2, get_event_log, version, + &log_location, &log_last_entry, + &truncated); + } else { + final_events_table = + get_efi_config_table(EFI_TCG2_FINAL_EVENTS_TABLE_GUID); + } + } else { + efi_guid_t cc_guid = EFI_CC_MEASUREMENT_PROTOCOL_GUID; + efi_cc_protocol_t *cc = NULL; + + status = efi_bs_call(locate_protocol, &cc_guid, NULL, (void **)&cc); + if (status != EFI_SUCCESS) + return; + + version = EFI_CC_EVENT_LOG_FORMAT_TCG_2; + status = efi_call_proto(cc, get_event_log, version, &log_location, + &log_last_entry, &truncated); + + final_events_table = + get_efi_config_table(EFI_CC_FINAL_EVENTS_TABLE_GUID); + } + + if (status != EFI_SUCCESS || !log_location) + return; + + efi_retrieve_tcg2_eventlog(version, log_location, log_last_entry, + truncated, final_events_table); +} diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c index 99429bc4b0c7..d09aa13c7ff0 100644 --- a/drivers/firmware/efi/libstub/x86-stub.c +++ b/drivers/firmware/efi/libstub/x86-stub.c @@ -923,7 +923,7 @@ void __noreturn efi_stub_entry(efi_handle_t handle, efi_random_get_seed(); - efi_retrieve_tpm2_eventlog(); + efi_retrieve_eventlog(); setup_graphics(boot_params); diff --git a/include/linux/efi.h b/include/linux/efi.h index 2493d3d4429b..f0d56f106b60 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -402,6 +402,7 @@ void efi_native_runtime_setup(void); #define EFI_CERT_X509_SHA256_GUID EFI_GUID(0x3bd2a492, 0x96c0, 0x4079, 0xb4, 0x20, 0xfc, 0xf9, 0x8e, 0xf1, 0x03, 0xed) #define EFI_CC_BLOB_GUID EFI_GUID(0x067b1f5f, 0xcf26, 0x44c5, 0x85, 0x54, 0x93, 0xd7, 0x77, 0x91, 0x2d, 0x42) #define EFI_CC_MEASUREMENT_PROTOCOL_GUID EFI_GUID(0x96751a3d, 0x72f4, 0x41a6, 0xa7, 0x94, 0xed, 0x5d, 0x0e, 0x67, 0xae, 0x6b) +#define EFI_CC_FINAL_EVENTS_TABLE_GUID EFI_GUID(0xdd4a4648, 0x2de7, 0x4665, 0x96, 0x4d, 0x21, 0xd9, 0xef, 0x5f, 0xb4, 0x46) /* * This GUID is used to pass to the kernel proper the struct screen_info