| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
In the rare case of a TPM 2 failure, disable the platform hierarchy after
disabling the endorsement and owner hierarchies.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
Instead of just using sha1 for all PCR banks (and truncating
the value or zero-padding it) use the proper hash function for
each one of the banks. For unimplemented hashes, fill the buffer
with 0xff.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
Fix two details of the logs:
- Set the field 'SpecErrata' to 2 as required by specs.
- Write the separator into the log entry's event field.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
Add support for SHA3 type of algorithms that a TPM2 may support
some time in the future.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
The vendorInfoSize is a u8 rather than a u32.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Only write the logs for those PCRs that are in active PCR banks.
A PCR banks is assumed to be active if any of the BIOS relevant
PCRs 0 - 7 is enabled, thus pcrSelect[0] != 0.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
When querying a TPM 2.0 for its PCRs, make sure that we get enough bytes
from it in a response that did not indicate a failure. Basically we are
defending against a TPM 2.0 sending responses that are not compliant to
the specs.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
Implement a TPM 2.0 menu item that allows a user to toggle the activation
of PCR banks of the TPM 2.0. After successful activation we shut down the
TPM 2.0 and reset the machine.
Background:
A TPM 2.0 may have multiple PCR banks, such as for SHA1, SHA256, SHA384,
SHA512, and SM3-256. One or multiple of those banks may be active (by
factory for example) and modifying the set of active PCR banks is only
possible while in the firmware since it requires platform authorization.
Platform authorization is not possible for a user when in the OS since
the firmware generates a random password for the platform authorization
before booting the system and it throws that password away.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
Use a table to convert the hash to the buffer size it needs.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
Signed-off-by: Stephen Douthit <stephend@silicom-usa.com>
|
|
Add support for the TPM2 ACPI table. If we find it and its
of the appropriate size, we can get the log_area_start_address
and log_area_minimum_size from it.
The latest version of the spec can be found here:
https://trustedcomputinggroup.org/tcg-acpi-specification/
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Review-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The parameters for extending the PCRs of a TPM 2 are written in
big endian format when sent to the TPM. However, the log needs
to be written in little endian format, so we cannot just copy
the structure into the log as-is. To support the little endian
format in the log, we extend the function writing the TPM 2
digest structure with a parameter that allows us to choose the
endianess of a few parameters. We then rewrite the digest structure
in little endian format for the log.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Instead of passing an arbitrary buffer as a parameter to
tpm_build_and_send_cmd(), just support the simpler case of a parameter
that is only 0, 1, or 2 bytes in length. This allows the callers to
pass the parameter directly and not worry about the big-endian
encoding. Rename the function to tpm_simple_cmd().
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Instead call tpmhw_transmit() directly.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The find_fadt() and find_tcpa_by_rsdp() functions are very similar.
Create a new find_acpi_table() function and replace the two functions
with this new function.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
No code changes; just code movement.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
In the event of a failure in the low-level tpm12_get_capability()
code, just return an error code. The caller can shutdown the TPM if
needed - the only place where that is needed is during a failure in
tpm12_determine_timeouts().
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Modify the function that writes the TPM logs to take the same digest
passed to tpm_extend. Update the tpm2 acpi log header to describe the
digest format.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Extend the tpm20_extend function to support extending a hash to
multiple PCR banks. The sha1 hash that's being extended into the
sha256 bank for example, will be filled with zero-bytes to the
size of a sha256 hash.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Refactor the tpml_digest_values_sha1 structure so we can later cast it
to the more general tpml_digest_values structure. Move the count member
into this structure.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Restructure the tpm20_extend function to use a buffer for the
command to send to the TPM. The size of the buffer is calculated
from the size of tpm2_req_extend structure and the appended SHA1
hash.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Implement tpm20_get_capability and retrieve the PCR Bank configuration
from the TPM using this function.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Remove the unused array `PhysicalPresence_CMD_DISABLE` to fix GCC 6
warnings.
Signed-off-by: Paul Menzel <paulepanter@users.sourceforge.net>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Add support for the TPM 2 format of log messages.
Write the logs in the format that is appropriate for the version of
the host's TPM. For TPM 1.2 write it in the 'pcpes' structure's
format, for TPM 2 in the new TPM 2 format.
By using this method we can keep the API interface on systems with a
TPM 2 even though applications pass in the 'pcpes' structures
directly. The log will still be written in the appropriate format.
The TPM 2 log contains a TPM 1.2 type of entry of event type
EV_NO_ACTION and entry of type TCG_EfiSpeIdEventStruct as the first
entry. This is described in the EFI specification (section 5.3):
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Don't call tpm_fill_hash() or tpm_log_extend_event() from any internal
code (ie, tpm_add_measurement_to_log). The internal code does not
require the additional checks that these functions provide.
Unify the tpm_fill_hash() and tpm_log_extend_event() into a new
function hash_log_extend(), and use this function only in the 16bit
BIOS interface code. With the code now specific to the BIOS interface
it can more easily return a BIOS specific error return code.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Filter TPM commands in the passthrough API call by matching the
type of tag in the header with the version of the underlying TPM.
Return an error code if the tag indicates that the command is
for the wrong TPM version.
Fix a size check on the way.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Implement TPM 2's tpm_set_failure part.
We follow this specification:
TCG PC Client Specific Platform Firmware Profile for TPM 2.0 Systems Revision 1.0 Version 21
It can be found on this page:
http://www.trustedcomputinggroup.org/resources/specifications_in_public_review
Make the TPM unavailable for OS-present applications following 6.2 item 2.d.i .
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
In the TPM 2 menu we currently only allow to run the TPM2_Clear operation.
For this we follow the TCG Physical Presence Interface Specification
to be found here:
http://www.trustedcomputinggroup.org/resources/tcg_physical_presence_interface_specification
Table 3 shows the 'Clear' operation and the sequence of commands to send.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Implement the tpm20_extend function. We use it with only SHA1.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Implement tpm20_preboot.
Here we set the platform password to a random password that prevents
higher layers (OS) to get this password. This avoids bad things like users
clearing the TPM, erasing EK (primary key) certificates, changing the
primary key etc.
The clearing of the TPM will still be possible through the TPM 2 menu.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
The TIS timeouts for TPM 2 are different than for TPM 1.2.
Also the timeouts indicating a failed TPM 2 command are different.
Further, the command durations and timeouts cannot be read from the device.
We take the command timeout values for short, medium, and long running
commands from table 15 of the following specification:
TCG PC Client Platform TPM Profile (PTP) Specification
http://www.trustedcomputinggroup.org/resources/pc_client_platform_tpm_profile_ptp_specification
The values should work for all physical TPMs.
The tricky thing with virtualized environments is that the values
may need to be longer for a system where a vTPM cannot get sufficient
cycles. So a future patch _may_ need to multiply those values here
with some factor.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Implement tpm20_startup and tpm20_s3_resume and their dependencies.
We follow this specification:
TCG PC Client Specific Platform Firmware Profile for TPM 2.0 Systems Revision 1.0 Version 21
It can be found on this page:
http://www.trustedcomputinggroup.org/resources/specifications_in_public_review
Power on: Figure 7 & 7.3.2 item 4.
S3: Figure 9 & 7.3.2 item 4.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
This patch prepares the tcgbios.c file for extension with TPM 2
specific code by:
o prefixing all TPM 1.2 specific functions with tpm12_
o where necessary, introduce switch statements in tpm_ - prefixed functions;
here we branch into TPM versions specific code
o introduce tpm_ - prefixed functions where necessary; mostly in those
cases where tpm12_ functions are too large and where the tpm_ function
then only holds the switch statement
o leave FIXMEs where we need to write TPM 2 specific code; subsequent patches
will replace those FIXMEs
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
In preparation for TPM 2 code support, factor out the TPM 1.2 specific
code from tpm_log_extend_event and put it into tpm_extend().
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Extend the probing of the interface with TPM 2 specifics.
Use the new interface ID register of the TIS to check whether
a TPM 1.2 or a TPM 2 is underneath.
We select the TIS if possible and lock it so we can issue commands
during S3 for example and prevent the OS from changing to CRB type
of interface.
The register is described in table 13 here:
http://www.trustedcomputinggroup.org/resources/pc_client_platform_tpm_profile_ptp_specification
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Since we may detect that HW physical presence is enabled but we do not detect
whether it is actually asserted, we may fail on the TPM menu commands that
require the assertion of physical presence. We therefore cannot set the TPM
into failure mode if we hit this case. Failure should never occur in these
cases if SW physical presence has been asserted.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Remove the usage of PhysicalPresence_CMD_ENABLE from all but
the assert_physical_presence function.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Rework the assertion of physical presence by calling assert_physical_presence
in tpm_setup. This call will assert physical presence if SW assertion is
possible or by checking whether HW physical presence is enabled.
The TPM menu will only be shown if physical presence is asserted or HW
physical presence is enabled after this call.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Extend assert_physical_presence with checks for hardware physical presence
support. If hardware physical presence is enabled, we return 0.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Move assert_physical_presence and dependencies in front of tpm_startup
so that the next patches can assert physical presence after TPM_ORD_Startup
ran.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Copy the digest into the response of a HashLogExtendEvent API call.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Don't use the return codes from the 16bit BIOS spec in the internal
menu functions. Only the 16bit BIOS interface code should need to
handle the details of that spec. For functions that need to return
the TIS command status, return those codes directly instead of via a
pointer parameter.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Don't use the return codes from the 16bit BIOS spec in the internal
tpmhw functions. Only the 16bit BIOS interface code should need to
handle the details of that spec.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Don't use the return codes from the 16bit BIOS spec in the internal
tpm_log_event() and tpm_log_extend_event() functions. Only the 16bit
BIOS interface code should need to handle the details of that spec.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Don't use the return codes from the 16bit BIOS spec in the internal
function build_and_send_cmd(). Instead, return the TIS command status
code of the command or -1 if there was a command transmission failure.
This eliminates the need for a returnCode pointer parameter.
Also, implement debugging dprintf() in build_and_send_cmd() instead of
in every caller. This replaces the command name with the integer
command id, but it does make the debugging more consistent.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The 16bit BIOS interface shouldn't be able to shutdown the TPM. Move
the check for tpm_is_working() and tpm_set_failure() to the only
caller of tpm_log_extend_event() that may shutdown the TPM.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The low-level measurement functions already handle error conditions,
there is no need to check for the errors in the high level measurement
functions.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The callers of the measurements don't care what happens, so no need to
return a status.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
