[3/3] efi_loader: add DeployedMode and AuditMode variable measurement

Message ID 20210915051546.500-4-masahisa.kojima@linaro.org
State Superseded
Headers show
Series
  • Enhance Measured Boot
Related show

Commit Message

Masahisa Kojima Sept. 15, 2021, 5:15 a.m.
This commit adds the DeployedMode and AuditMode variable
measurement required in TCG PC Client PFP Spec.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>

---
 lib/efi_loader/efi_tcg2.c | 47 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)

-- 
2.17.1

Comments

Heinrich Schuchardt Sept. 16, 2021, 6:57 a.m. | #1
On 9/15/21 7:15 AM, Masahisa Kojima wrote:
> This commit adds the DeployedMode and AuditMode variable

> measurement required in TCG PC Client PFP Spec.

>

> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>

> ---

>   lib/efi_loader/efi_tcg2.c | 47 +++++++++++++++++++++++++++++++++++++++

>   1 file changed, 47 insertions(+)

>

> diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c

> index 35810615ed..427d6e22b1 100644

> --- a/lib/efi_loader/efi_tcg2.c

> +++ b/lib/efi_loader/efi_tcg2.c

> @@ -12,6 +12,7 @@

>   #include <dm.h>

>   #include <efi_loader.h>

>   #include <efi_tcg2.h>

> +#include <efi_variable.h>

>   #include <log.h>

>   #include <malloc.h>

>   #include <smbios.h>

> @@ -1828,6 +1829,50 @@ out:

>   	return ret;

>   }

>

> +/**

> + * tcg2_measure_deployed_audit_mode() - measure deployedmode and auditmode

> + *

> + * @dev:	TPM device

> + *

> + * Return:	status code

> + */

> +static efi_status_t tcg2_measure_deployed_audit_mode(struct udevice *dev)

> +{

> +	u8 deployed_mode;

> +	u8 audit_mode;

> +	efi_uintn_t size;

> +	efi_status_t ret;

> +	u32 pcr_index;

> +

> +	size = sizeof(deployed_mode);

> +	ret = efi_get_variable_int(L"DeployedMode", &efi_global_variable_guid,

> +				   NULL, &size, &deployed_mode, NULL);

> +	if (ret != EFI_SUCCESS)

> +		return ret;


Why should AuditMode not be measured if DeployedMode does not exist?

Could we handle these variables in a loop over an array containing dbt
and dbr reduce code duplication?

Best regards

Heinrich

> +

> +	pcr_index = (deployed_mode ? 1 : 7);

> +

> +	ret = tcg2_measure_variable(dev, pcr_index,

> +				    EV_EFI_VARIABLE_DRIVER_CONFIG,

> +				    L"DeployedMode",

> +				    &efi_global_variable_guid,

> +				    size, &deployed_mode);

> +

> +	size = sizeof(audit_mode);

> +	ret = efi_get_variable_int(L"AuditMode", &efi_global_variable_guid,

> +				   NULL, &size, &audit_mode, NULL);

> +	if (ret != EFI_SUCCESS)

> +		return ret;

> +

> +	ret = tcg2_measure_variable(dev, pcr_index,

> +				    EV_EFI_VARIABLE_DRIVER_CONFIG,

> +				    L"AuditMode",

> +				    &efi_global_variable_guid,

> +				    size, &audit_mode);

> +

> +	return ret;

> +}

> +

>   /**

>    * tcg2_measure_secure_boot_variable() - measure secure boot variables

>    *

> @@ -1891,6 +1936,8 @@ static efi_status_t tcg2_measure_secure_boot_variable(struct udevice *dev)

>   		free(data);

>   	}

>

> +	ret = tcg2_measure_deployed_audit_mode(dev);

> +

>   error:

>   	return ret;

>   }

>
Masahisa Kojima Sept. 16, 2021, 7:31 a.m. | #2
Hi Heinrich,

On Thu, 16 Sept 2021 at 16:02, Heinrich Schuchardt <xypron.glpk@gmx.de> wrote:
>

>

>

> On 9/15/21 7:15 AM, Masahisa Kojima wrote:

> > This commit adds the DeployedMode and AuditMode variable

> > measurement required in TCG PC Client PFP Spec.

> >

> > Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>

> > ---

> >   lib/efi_loader/efi_tcg2.c | 47 +++++++++++++++++++++++++++++++++++++++

> >   1 file changed, 47 insertions(+)

> >

> > diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c

> > index 35810615ed..427d6e22b1 100644

> > --- a/lib/efi_loader/efi_tcg2.c

> > +++ b/lib/efi_loader/efi_tcg2.c

> > @@ -12,6 +12,7 @@

> >   #include <dm.h>

> >   #include <efi_loader.h>

> >   #include <efi_tcg2.h>

> > +#include <efi_variable.h>

> >   #include <log.h>

> >   #include <malloc.h>

> >   #include <smbios.h>

> > @@ -1828,6 +1829,50 @@ out:

> >       return ret;

> >   }

> >

> > +/**

> > + * tcg2_measure_deployed_audit_mode() - measure deployedmode and auditmode

> > + *

> > + * @dev:     TPM device

> > + *

> > + * Return:   status code

> > + */

> > +static efi_status_t tcg2_measure_deployed_audit_mode(struct udevice *dev)

> > +{

> > +     u8 deployed_mode;

> > +     u8 audit_mode;

> > +     efi_uintn_t size;

> > +     efi_status_t ret;

> > +     u32 pcr_index;

> > +

> > +     size = sizeof(deployed_mode);

> > +     ret = efi_get_variable_int(L"DeployedMode", &efi_global_variable_guid,

> > +                                NULL, &size, &deployed_mode, NULL);

> > +     if (ret != EFI_SUCCESS)

> > +             return ret;

>

> Why should AuditMode not be measured if DeployedMode does not exist?


TCG spec says that PCR index is different depending on the DeployedMode value.

--- PCR[1]
If the system supports UEFI 2.5 or later and DeployedMode is enabled,
the following additional variables MUST
be measured into PCR[1]:
a. The DeployedMode variable value. The Event Type SHALL be
EV_EFI_VARIABLE_DRIVER_CONFIG and
the Event value shall be the value of the UEFI_VARIABLE data structure.
b. The AuditMode variable value. The Event Type SHALL be
EV_EFI_VARIABLE_DRIVER_CONFIG and the
Event value shall be the value of the UEFI_VARIABLE data structure.
---

--- PCR[7]
If the system supports UEFI 2.5 or later and DeployedMode is NOT
enabled, the following additional
variables MUST be measured into PCR[7]:
a. The contents of the AuditMode variable
b. The contents of the DeployedMode variable
---

If DeployedMode does not exist, we can not decide which PCR to be extended.

Thanks,
Masahisa Kojima

>

> Could we handle these variables in a loop over an array containing dbt

> and dbr reduce code duplication?

>

> Best regards

>

> Heinrich

>

> > +

> > +     pcr_index = (deployed_mode ? 1 : 7);

> > +

> > +     ret = tcg2_measure_variable(dev, pcr_index,

> > +                                 EV_EFI_VARIABLE_DRIVER_CONFIG,

> > +                                 L"DeployedMode",

> > +                                 &efi_global_variable_guid,

> > +                                 size, &deployed_mode);

> > +

> > +     size = sizeof(audit_mode);

> > +     ret = efi_get_variable_int(L"AuditMode", &efi_global_variable_guid,

> > +                                NULL, &size, &audit_mode, NULL);

> > +     if (ret != EFI_SUCCESS)

> > +             return ret;

> > +

> > +     ret = tcg2_measure_variable(dev, pcr_index,

> > +                                 EV_EFI_VARIABLE_DRIVER_CONFIG,

> > +                                 L"AuditMode",

> > +                                 &efi_global_variable_guid,

> > +                                 size, &audit_mode);

> > +

> > +     return ret;

> > +}

> > +

> >   /**

> >    * tcg2_measure_secure_boot_variable() - measure secure boot variables

> >    *

> > @@ -1891,6 +1936,8 @@ static efi_status_t tcg2_measure_secure_boot_variable(struct udevice *dev)

> >               free(data);

> >       }

> >

> > +     ret = tcg2_measure_deployed_audit_mode(dev);

> > +

> >   error:

> >       return ret;

> >   }

> >

Patch

diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 35810615ed..427d6e22b1 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -12,6 +12,7 @@ 
 #include <dm.h>
 #include <efi_loader.h>
 #include <efi_tcg2.h>
+#include <efi_variable.h>
 #include <log.h>
 #include <malloc.h>
 #include <smbios.h>
@@ -1828,6 +1829,50 @@  out:
 	return ret;
 }
 
+/**
+ * tcg2_measure_deployed_audit_mode() - measure deployedmode and auditmode
+ *
+ * @dev:	TPM device
+ *
+ * Return:	status code
+ */
+static efi_status_t tcg2_measure_deployed_audit_mode(struct udevice *dev)
+{
+	u8 deployed_mode;
+	u8 audit_mode;
+	efi_uintn_t size;
+	efi_status_t ret;
+	u32 pcr_index;
+
+	size = sizeof(deployed_mode);
+	ret = efi_get_variable_int(L"DeployedMode", &efi_global_variable_guid,
+				   NULL, &size, &deployed_mode, NULL);
+	if (ret != EFI_SUCCESS)
+		return ret;
+
+	pcr_index = (deployed_mode ? 1 : 7);
+
+	ret = tcg2_measure_variable(dev, pcr_index,
+				    EV_EFI_VARIABLE_DRIVER_CONFIG,
+				    L"DeployedMode",
+				    &efi_global_variable_guid,
+				    size, &deployed_mode);
+
+	size = sizeof(audit_mode);
+	ret = efi_get_variable_int(L"AuditMode", &efi_global_variable_guid,
+				   NULL, &size, &audit_mode, NULL);
+	if (ret != EFI_SUCCESS)
+		return ret;
+
+	ret = tcg2_measure_variable(dev, pcr_index,
+				    EV_EFI_VARIABLE_DRIVER_CONFIG,
+				    L"AuditMode",
+				    &efi_global_variable_guid,
+				    size, &audit_mode);
+
+	return ret;
+}
+
 /**
  * tcg2_measure_secure_boot_variable() - measure secure boot variables
  *
@@ -1891,6 +1936,8 @@  static efi_status_t tcg2_measure_secure_boot_variable(struct udevice *dev)
 		free(data);
 	}
 
+	ret = tcg2_measure_deployed_audit_mode(dev);
+
 error:
 	return ret;
 }