Age | Commit message (Collapse) | Author | Files | Lines |
|
There are no longer any callers that use the response buffer.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Introduce helper function to call the TPM_ORD_GetCapability command.
Update all get capability callers to use this helper.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The TPM ACPI tables are only scanned once at startup and the code can
rely on that. Merge find_tcpa_table() into find_tcpa_by_rsdp(), merge
get_lasa_base_ptr() into reset_acpi_log(), and merge tpm_acpi_init()
into tpm_setup().
The tpm_state structure is now only used for TCPA tracking.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The 16bit BIOS interface should only shutdown on request from that
interface - errors from the tcp or acpi log setup should not shutdown
the interface. (Errors from those functions will cause the TPM to be
in a "not working" state which will cause all the 16bit interface
functions to fail.)
Centralize the checking for the interface shutdown condition in
tpm_interrupt_handler32().
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Move the hardware interface functions (tpmhw_probe, tpmhw_is_present,
tpmhw_transmit, and tpmhw_set_timeouts) to tpm_drivers.c code, and
only export those functions. This simplifies the hardware interface.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Perform the hardware probe once during setup instead of checking if
the probe has been completed on each measurement event.
Don't probe for hardware during BIOS interface detection. Just check
if the previous probe found the hardware.
Unify has_working_tpm() with similar tpm_is_working().
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Avoid macros and use regular struct definitions for the request and
response headers. This simplifies the header and reduces the need for
casts in the code.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
This patch adds an new menu entry to the main menu. This menu item enables
the user to enter a TPM control menu which allows control of those aspects
of the TPM's state that can only be controlled while in the firmware
and while physical presence can be asserted.
If the machine has a TPM, the boot menu will look as follows, with
the new menu item accessible by pressing the 't' key.
Select boot device:
1. ata0-1: QEMU HARDDISK ATA-7 Hard-Disk (6144 MiBytes)
2. Legacy option rom
3. iPXE (PCI 00:03.0)
t. TPM Menu
Upon pressing t the TPM submenu will be shown:
The Trusted Platform Module (TPM) is a hardware device in this machine.
It can help verify the integrity of system software.
The current state of the TPM is:
Enabled and active
Ownership has not been taken
A user can take ownership of the TPM
Available options are:
d. Disable the TPM
v. Deactivate the TPM
p. Prevent installation of an owner
If no change is desired or if this menu was reached by mistake, press ESC to
reboot the machine.
The TPM menu only shows those options that are currently accessible considering
the state of the TPM.
The patch adds several functions for sending those messages to the TPM
required for supporting those menu items.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Check the length parameter that indicates the length of the array
for whether it has a minimum value of 0x200.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Remove the check for a working TPM from the TPM interrupt handler. This then
allows the individual API calls to return information even if the TPM was not
working correctly. Some API calls will still run into the check.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Merge tpm_extend() into tpm_log_extend_event(). Also, the spec states
that a log entry should only be added if the extend succeeds, so
attempt the extend prior to adding to the log.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Merge tpm_extend_acpi_log() and tpm_log_event(). Move error checking
and handling to callers. Don't shutdown the TPM on a failure from the
16bit BIOS interface.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
There are no longer any callers to transmit() that use multiple
buffers. Simplify transmit() so that it takes a single request
buffer.
The pass_through_to_tpm() wrapper around transmit() is no longer
needed. Remove the function and have all callers use transmit()
directly.
Now that tpm_extend() function calls transmit directly, it can use
TPM_DURATION_TYPE_SHORT duration.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Setup the tpm hardware request in a linear area of memory.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The event_length field is already in pcpes->eventdatasize.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Instead of calculating the hash in hash_log_event(), create a new
function (tpm_fill_hash) that will create the hash, and update all
callers to use tpm_fill_hash() before calling hash_log_event(). This
reduce the number of parameters to hash_log_event().
Rename hash_log_event() and hash_log_extent_event() to tpm_log_event()
and tpm_log_extend_event() now that these functions no longer
implement the hashing.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The pcrindex is already in pcpes->pcrindex, so no need to pass it as a
parameter.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Now that entry_count is in a global variable there is no need to pass
it around as function parameters.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The event field can be of an arbitrary length.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The switch statement in tpm_add_bootdevice() corresponds with its call
sites - just perform the appropriate action in each caller.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Make the only caller of tpm_add_measurement() with EV_SEPARATOR
directly call tpm_add_measurement_to_log(). Rename to
tpm_add_action() and change all callers with EV_ACTION to use this
function.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The only three callers of tpm_ipl() exactly correlate with the three
switch branches in tpm_ipl(), so just move the appropriate code into
the callers.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Move tpm state checking and error handling from tpm_extend_acpi_log()
to its only caller hash_log_event(). This makes tpm_extend_acpi_log()
specific to just ACPI table handling.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Move like functions near each other. Reduce forward function
declarations. This is only code movement - no code changes.
This groups the code into six sections: TPM state tracking, TPM
hardware interface, ACPI TCPA table interface, Helper functions, Setup
and Measurements, BIOS interface.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Rename all remaining functions called directly by the BIOS interrupt
by adding the suffix '_int' to them.
Add the check for whether the preboot interface is shut down
where missing.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Refactor the signature of the pass_through_to_tpm function to take
individual pointers as parameters and introduce pass_through_to_tpm_int
as a function to be called with the parameters passed from the BIOS
interrupt.
Refactor existing callers that now do not have to build up the data
structure expected by the BIOS interface.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Move the tpm_state to RAM area and add all log related pointers
to it so they can be cached. Remove functions that previously
determined these pointers by searching for the TCPA ACPI table
and walking the log.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Fix the timeouts and durations -- they are provided in microseconds.
Adapt the TPM driver for it.
Get TPM specific timeout and duration values earlier from the device.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Drop the code that is using the TPM for sha1 calculations.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Tested-by: Stefan Berger <stefanb@us.ibm.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Refactor the signature of the hash_log_extend_event to take individual
pointers as parameters and introduce hash_log_extend_event_int as a
function to be called with the parameters passed from the BIOS interrupt.
Refactor existing callers to hash_log_extend_event that now do not
have to build up the data structure expected by the BIOS interface.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Refactor the signature of hash_log_event to take individual pointers
as parameters and introduce hash_log_event_int as an function to
be called with the parameters passed from the BIOS interrupt.
Refactor existing callers to hash_log_event that now do not
have to build up the data structures expected by the BIOS interface.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Refactor the parameters being passed to tpm_extend_acpi_log in such
a way that the header of the logged event is passed in separate
from the 'body'.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Refactor the function building TPM commands to get rid of one of
the buffers it uses for building a command. To do that, have it use
the iovec also for the 'append' array that's being passed to the
function.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Temporarily deactivate the TPM in case of failure of TPM commands
and failure to log measurements. Introduce the tpm_set_failure()
function replacing occurrences of 'tpm_state.tpm_working = 0' and
invoke it in error paths.
Temporarily deactivating the TPM means that it will be active again
upon reboot.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Rename tcg externally called functions to more closely match other
subsystems.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Clean up the parameters to the build_and_send_cmd function call.
Use the sizeof() on the preceding buffer parameter. If the buffer
is NULL, we pass 0.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Remove the array size from all arrays.
Replace the magic 12 with sizeof(GetCapability_Timeouts),
which represents the maximum number of bytes that need to be
reserved.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Introduce a #define for the TPM command tag 0x00c1.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
This patch adds invocations of functions that measure various parts of the
code and data through various parts of the BIOS code. It follows TCG
specifications on what needs to be measured. It also adds the implementation
of the called functions.
Reference for what needs to be measured can be found in specs found here:
http://www.trustedcomputinggroup.org/resources/pc_client_work_group_specific_implementation_specification_for_conventional_bios
The first measurements are done once the ACPI tables have been initialized.
Once booted into Linux, the current measurements produce the following logs
which can be found in /sys/kernel/security/tpm0/ascii_bios_measurements.
The below log also shows measurements from trusted grub.
1 3fb240d2a04085a4e84f81e4398e070ed5a18163 06 [SMBIOS]
2 cc812353fc277c1fab99e0b721752a1392984566 06 [Option ROM]
2 9dbd87163112e5670378abe4510491259a61f411 05 [Start Option ROM Scan]
2 6f74e357331b8dee11bbad85f27bc66cb873106c 06 [Option ROM]
2 5626eb7ac05c7231e46d7461e7d3839b03ae9fad 06 [Option ROM]
4 c1e25c3f6b0dc78d57296aa2870ca6f782ccf80f 05 [Calling INT 19h]
0 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
1 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
2 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
3 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
4 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
5 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
6 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
7 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
4 8cf2fe6c87d4d0b2998a43da630292e6d85ee8b6 05 [Booting BCV device 80h (HDD)]
4 5dff94459a3e2d13a433ef94afdc306144565bf7 0d [IPL]
5 d1b33afde65ad47502332af957c60f20c84c1edc 0e [IPL Partition Data]
4 487ce764b527ccad17f1d04243d0136fa981e6c4 0d [IPL]
4 91d285e4dead566324c8938a3cc75803f462d9a1 0d [IPL]
4 8ba79ac98bb491524fef29defc724daaf6263d35 0d [IPL]
4 c591c15b82e4ff30e7383a4ff1ef3b41b38521ac 06 []
4 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 04 [Grub Event Separator]
5 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 04 [Grub Event Separator]
5 e8673b9e14b02dc12d8ccfd0176bca7a3de7fc3c 0e [IPL Partition Data]
5 0163e375a0af7525c5dac1a8e74b277359e40d1d 1105 []
8 4be30f67c3d48ab7f04d9c0fd07f06d4c68379be 1205 []
8 54c83965978de9708d026016ecb0e70660e04388 1305 []
5 2431ed60130faeaf3a045f21963f71cacd46a029 04 [OS Event Separator]
8 2431ed60130faeaf3a045f21963f71cacd46a029 04 [OS Event Separator]
8 f3973cae05d6e2055062119d6e6e1e077b7df876 1005 []
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Signed-off-by: Quan Xu <quan.xu@intel.com>
|
|
This patch implements the TCG BIOS interrupt handler 1ah. It is for
example used by trusted grub.
This patch adds an implementation of SHA1 (following NIST specs., IETF RFC 3147
and Wikipedia) for speeding up measurements of code. Trusted Grub for example
makes use of this interface and measures (calculates SHA1) of the Linux kernel
and initrd. Those files can be rather large and hunting their bytes through
the TIS interface as part of the int handler commands invoked by trusted grub
does take quite some time due to the many vmexits the interface is creating
(one per byte).
There is also a threshold for the size of data to hash (100k) below which
the TPM is used and above the internal faster SHA1 algorithm is used.
This patch for example enables trusted grub to interact with the TPM
and take additional measurements.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
This patch implements the main part of the TCG BIOS extensions. It provides
the following functionality:
- initialization of the TCPA ACPI table used for logging of measurements
- initialization of the TPM by sending a sequence of commands to it
- proper setup of the TPM before the BIOS hands over control to the bootloader
- support for S3 resume; BIOS sends TPM_Startup(ST_STATE) to TPM
- enable configuration of SeaBIOS to be built with TCGBIOS extensions
All TCG BIOS extensions are activated with CONFIG_TCGBIOS.
Structures that are needed in subsequent patches are also included in
tcgbios.h at this point.
The effect of this patch is that it initialized the TPM upon VM start
and S3 resume.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|