Re: [PATCH v8 3/3] efi_loader: add PE/COFF image measurement
Hi Heinrich,
> > > + /*
> > > + * Size must be 8-byte aligned and the trailing bytes must be
> > > + * zero'ed. Otherwise hash value may be incorrect.
> > > + */
> > > + if (!IS_ALIGNED(*efi_size, 8)) {
> >
> > Why don't you unconditionally copy to a new buffer? Then the caller can
> > free the return value unconditionally.
I sent out v9 just now. I don't include unconditionally copy to a new buffer,
because new version increases the readability I think.
If you still prefer to copy, I will do so.
Thanks,
Masahisa Kojima
On Tue, 25 May 2021 at 22:47, Masahisa Kojima
wrote:
>
> On Tue, 25 May 2021 at 21:57, Heinrich Schuchardt wrote:
> >
> > On 14.05.21 02:53, Masahisa Kojima wrote:
> > > "TCG PC Client Platform Firmware Profile Specification"
> > > requires to measure every attempt to load and execute
> > > a OS Loader(a UEFI application) into PCR[4].
> > > This commit adds the PE/COFF image measurement, extends PCR,
> > > and appends measurement into Event Log.
> > >
> > > Acked-by: Ilias Apalodimas
> > > Tested-by: Ilias Apalodimas
> > > Signed-off-by: Masahisa Kojima
> > > ---
> > >
> > > (no changes since v7)
> > >
> > > Changes in v7:
> > > - include hash-checksum.h instead of rsa.h
> > > - select HASH_CALCULATE in Kconfig, not to update lib/Makefile
> > > - rebased the base code
> > >
> > > Changes in v6:
> > > - update lib/Makefile to add hash-checksum.c as a compilation target
> > >
> > > (no changes since v2)
> > >
> > > Changes in v2:
> > > - Remove duplicate include
> > > - Remove unnecessary __packed attribute
> > > - Add all EV_EFI_* event definition
> > > - Create common function to prepare 8-byte aligned image
> > > - Add measurement for EV_EFI_BOOT_SERVICES_DRIVER and
> > > EV_EFI_RUNTIME_SERVICES_DRIVER
> > > - Use efi_search_protocol() to get device_path
> > > - Add function comment
> > >
> > > include/efi_loader.h | 6 +
> > > include/efi_tcg2.h| 9 ++
> > > include/tpm-v2.h | 18 +++
> > > lib/efi_loader/Kconfig| 1 +
> > > lib/efi_loader/efi_image_loader.c | 59 +++--
> > > lib/efi_loader/efi_tcg2.c | 207 --
> > > 6 files changed, 276 insertions(+), 24 deletions(-)
> > >
> > > diff --git a/include/efi_loader.h b/include/efi_loader.h
> > > index de1a496a97..9f2854a255 100644
> > > --- a/include/efi_loader.h
> > > +++ b/include/efi_loader.h
> > > @@ -426,6 +426,10 @@ efi_status_t efi_disk_register(void);
> > > efi_status_t efi_rng_register(void);
> > > /* Called by efi_init_obj_list() to install EFI_TCG2_PROTOCOL */
> > > efi_status_t efi_tcg2_register(void);
> > > +/* measure the pe-coff image, extend PCR and add Event Log */
> > > +efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
> > > +struct efi_loaded_image_obj *handle,
> > > +struct efi_loaded_image
> > > *loaded_image_info);
> > > /* Create handles and protocols for the partitions of a block device */
> > > int efi_disk_create_partitions(efi_handle_t parent, struct blk_desc
> > > *desc,
> > > const char *if_typename, int diskid,
> > > @@ -847,6 +851,8 @@ bool efi_secure_boot_enabled(void);
> > >
> > > bool efi_capsule_auth_enabled(void);
> > >
> > > +void *efi_prepare_aligned_image(void *efi, u64 *efi_size, void
> > > **new_efi);
> > > +
> > > bool efi_image_parse(void *efi, size_t len, struct efi_image_regions
> > > **regp,
> > >WIN_CERTIFICATE **auth, size_t *auth_len);
> > >
> > > diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
> > > index 40e241ce31..bcfb98168a 100644
> > > --- a/include/efi_tcg2.h
> > > +++ b/include/efi_tcg2.h
> > > @@ -9,6 +9,7 @@
> > > #if !defined _EFI_TCG2_PROTOCOL_H_
> > > #define _EFI_TCG2_PROTOCOL_H_
> > >
> > > +#include
> > > #include
> > >
> > > #define EFI_TCG2_PROTOCOL_GUID \
> > > @@ -53,6 +54,14 @@ struct efi_tcg2_event {
> > > u8 event[];
> > > } __packed;
> > >
> > > +struct uefi_image_load_event {
> > > + efi_physical_addr_t image_location_in_memory;
> > > + u64 image_length_in_memory;
> > > + u64 image_link_time_address;
> > > + u64 length_of_device_path;
> > > + struct efi_device_path device_path[];
> > > +};
> > > +
> > > struct efi_tcg2_boot_service_capability {
> > > u8 size;
> > > struct efi_tcg2_version structure_version;
> > > diff --git a/include/tpm-v2.h b/include/tpm-v2.h
> > > index 7de7d6a57d..247b386967 100644
> > > --- a/include/tpm-v2.h
> > > +++ b/include/tpm-v2.h
> > > @@ -70,6 +70,24 @@ struct udevice;
> > > #define EV_TABLE_OF_DEVICES ((u32)0x000B)
> > > #define EV_COMPACT_HASH ((u32)0x000C)
> > >
> > > +/*
> > > + * event types, cf.
> > > + * "TCG PC Client Platform Firmware Profile Specification", Family "2.0"
> > > + * rev 1.04, June 3, 2019
> > > + */
> > > +#define EV_EFI_EVENT_BASE((u
Re: [PATCH v8 3/3] efi_loader: add PE/COFF image measurement
On Tue, 25 May 2021 at 21:57, Heinrich Schuchardt wrote:
>
> On 14.05.21 02:53, Masahisa Kojima wrote:
> > "TCG PC Client Platform Firmware Profile Specification"
> > requires to measure every attempt to load and execute
> > a OS Loader(a UEFI application) into PCR[4].
> > This commit adds the PE/COFF image measurement, extends PCR,
> > and appends measurement into Event Log.
> >
> > Acked-by: Ilias Apalodimas
> > Tested-by: Ilias Apalodimas
> > Signed-off-by: Masahisa Kojima
> > ---
> >
> > (no changes since v7)
> >
> > Changes in v7:
> > - include hash-checksum.h instead of rsa.h
> > - select HASH_CALCULATE in Kconfig, not to update lib/Makefile
> > - rebased the base code
> >
> > Changes in v6:
> > - update lib/Makefile to add hash-checksum.c as a compilation target
> >
> > (no changes since v2)
> >
> > Changes in v2:
> > - Remove duplicate include
> > - Remove unnecessary __packed attribute
> > - Add all EV_EFI_* event definition
> > - Create common function to prepare 8-byte aligned image
> > - Add measurement for EV_EFI_BOOT_SERVICES_DRIVER and
> > EV_EFI_RUNTIME_SERVICES_DRIVER
> > - Use efi_search_protocol() to get device_path
> > - Add function comment
> >
> > include/efi_loader.h | 6 +
> > include/efi_tcg2.h| 9 ++
> > include/tpm-v2.h | 18 +++
> > lib/efi_loader/Kconfig| 1 +
> > lib/efi_loader/efi_image_loader.c | 59 +++--
> > lib/efi_loader/efi_tcg2.c | 207 --
> > 6 files changed, 276 insertions(+), 24 deletions(-)
> >
> > diff --git a/include/efi_loader.h b/include/efi_loader.h
> > index de1a496a97..9f2854a255 100644
> > --- a/include/efi_loader.h
> > +++ b/include/efi_loader.h
> > @@ -426,6 +426,10 @@ efi_status_t efi_disk_register(void);
> > efi_status_t efi_rng_register(void);
> > /* Called by efi_init_obj_list() to install EFI_TCG2_PROTOCOL */
> > efi_status_t efi_tcg2_register(void);
> > +/* measure the pe-coff image, extend PCR and add Event Log */
> > +efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
> > +struct efi_loaded_image_obj *handle,
> > +struct efi_loaded_image
> > *loaded_image_info);
> > /* Create handles and protocols for the partitions of a block device */
> > int efi_disk_create_partitions(efi_handle_t parent, struct blk_desc *desc,
> > const char *if_typename, int diskid,
> > @@ -847,6 +851,8 @@ bool efi_secure_boot_enabled(void);
> >
> > bool efi_capsule_auth_enabled(void);
> >
> > +void *efi_prepare_aligned_image(void *efi, u64 *efi_size, void **new_efi);
> > +
> > bool efi_image_parse(void *efi, size_t len, struct efi_image_regions
> > **regp,
> >WIN_CERTIFICATE **auth, size_t *auth_len);
> >
> > diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
> > index 40e241ce31..bcfb98168a 100644
> > --- a/include/efi_tcg2.h
> > +++ b/include/efi_tcg2.h
> > @@ -9,6 +9,7 @@
> > #if !defined _EFI_TCG2_PROTOCOL_H_
> > #define _EFI_TCG2_PROTOCOL_H_
> >
> > +#include
> > #include
> >
> > #define EFI_TCG2_PROTOCOL_GUID \
> > @@ -53,6 +54,14 @@ struct efi_tcg2_event {
> > u8 event[];
> > } __packed;
> >
> > +struct uefi_image_load_event {
> > + efi_physical_addr_t image_location_in_memory;
> > + u64 image_length_in_memory;
> > + u64 image_link_time_address;
> > + u64 length_of_device_path;
> > + struct efi_device_path device_path[];
> > +};
> > +
> > struct efi_tcg2_boot_service_capability {
> > u8 size;
> > struct efi_tcg2_version structure_version;
> > diff --git a/include/tpm-v2.h b/include/tpm-v2.h
> > index 7de7d6a57d..247b386967 100644
> > --- a/include/tpm-v2.h
> > +++ b/include/tpm-v2.h
> > @@ -70,6 +70,24 @@ struct udevice;
> > #define EV_TABLE_OF_DEVICES ((u32)0x000B)
> > #define EV_COMPACT_HASH ((u32)0x000C)
> >
> > +/*
> > + * event types, cf.
> > + * "TCG PC Client Platform Firmware Profile Specification", Family "2.0"
> > + * rev 1.04, June 3, 2019
> > + */
> > +#define EV_EFI_EVENT_BASE((u32)0x8000)
> > +#define EV_EFI_VARIABLE_DRIVER_CONFIG((u32)0x8001)
> > +#define EV_EFI_VARIABLE_BOOT ((u32)0x8002)
> > +#define EV_EFI_BOOT_SERVICES_APPLICATION ((u32)0x8003)
> > +#define EV_EFI_BOOT_SERVICES_DRIVER ((u32)0x8004)
> > +#define EV_EFI_RUNTIME_SERVICES_DRIVER ((u32)0x8005)
> > +#define EV_EFI_GPT_EVENT ((u32)0x8006)
> > +#define EV_EFI_ACTION((u32)0x8007)
> > +#define EV_EFI_PLATFORM_FIRMWARE_BLOB((u32)0x8008)
> > +#define EV_EFI_HANDOFF_TABLES((u32)0x8009)
> > +#define EV_EFI_HCRTM_EVENT ((u32)0x8010)
> > +#define EV_EFI_VARIABLE_AUTHORITY((u32)0x80E0)
> > +
> > /* TPMS_TAGGED_PROPERTY Structur
Re: [PATCH v8 3/3] efi_loader: add PE/COFF image measurement
On 14.05.21 02:53, Masahisa Kojima wrote:
> "TCG PC Client Platform Firmware Profile Specification"
> requires to measure every attempt to load and execute
> a OS Loader(a UEFI application) into PCR[4].
> This commit adds the PE/COFF image measurement, extends PCR,
> and appends measurement into Event Log.
>
> Acked-by: Ilias Apalodimas
> Tested-by: Ilias Apalodimas
> Signed-off-by: Masahisa Kojima
> ---
>
> (no changes since v7)
>
> Changes in v7:
> - include hash-checksum.h instead of rsa.h
> - select HASH_CALCULATE in Kconfig, not to update lib/Makefile
> - rebased the base code
>
> Changes in v6:
> - update lib/Makefile to add hash-checksum.c as a compilation target
>
> (no changes since v2)
>
> Changes in v2:
> - Remove duplicate include
> - Remove unnecessary __packed attribute
> - Add all EV_EFI_* event definition
> - Create common function to prepare 8-byte aligned image
> - Add measurement for EV_EFI_BOOT_SERVICES_DRIVER and
> EV_EFI_RUNTIME_SERVICES_DRIVER
> - Use efi_search_protocol() to get device_path
> - Add function comment
>
> include/efi_loader.h | 6 +
> include/efi_tcg2.h| 9 ++
> include/tpm-v2.h | 18 +++
> lib/efi_loader/Kconfig| 1 +
> lib/efi_loader/efi_image_loader.c | 59 +++--
> lib/efi_loader/efi_tcg2.c | 207 --
> 6 files changed, 276 insertions(+), 24 deletions(-)
>
> diff --git a/include/efi_loader.h b/include/efi_loader.h
> index de1a496a97..9f2854a255 100644
> --- a/include/efi_loader.h
> +++ b/include/efi_loader.h
> @@ -426,6 +426,10 @@ efi_status_t efi_disk_register(void);
> efi_status_t efi_rng_register(void);
> /* Called by efi_init_obj_list() to install EFI_TCG2_PROTOCOL */
> efi_status_t efi_tcg2_register(void);
> +/* measure the pe-coff image, extend PCR and add Event Log */
> +efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
> +struct efi_loaded_image_obj *handle,
> +struct efi_loaded_image *loaded_image_info);
> /* Create handles and protocols for the partitions of a block device */
> int efi_disk_create_partitions(efi_handle_t parent, struct blk_desc *desc,
> const char *if_typename, int diskid,
> @@ -847,6 +851,8 @@ bool efi_secure_boot_enabled(void);
>
> bool efi_capsule_auth_enabled(void);
>
> +void *efi_prepare_aligned_image(void *efi, u64 *efi_size, void **new_efi);
> +
> bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp,
>WIN_CERTIFICATE **auth, size_t *auth_len);
>
> diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
> index 40e241ce31..bcfb98168a 100644
> --- a/include/efi_tcg2.h
> +++ b/include/efi_tcg2.h
> @@ -9,6 +9,7 @@
> #if !defined _EFI_TCG2_PROTOCOL_H_
> #define _EFI_TCG2_PROTOCOL_H_
>
> +#include
> #include
>
> #define EFI_TCG2_PROTOCOL_GUID \
> @@ -53,6 +54,14 @@ struct efi_tcg2_event {
> u8 event[];
> } __packed;
>
> +struct uefi_image_load_event {
> + efi_physical_addr_t image_location_in_memory;
> + u64 image_length_in_memory;
> + u64 image_link_time_address;
> + u64 length_of_device_path;
> + struct efi_device_path device_path[];
> +};
> +
> struct efi_tcg2_boot_service_capability {
> u8 size;
> struct efi_tcg2_version structure_version;
> diff --git a/include/tpm-v2.h b/include/tpm-v2.h
> index 7de7d6a57d..247b386967 100644
> --- a/include/tpm-v2.h
> +++ b/include/tpm-v2.h
> @@ -70,6 +70,24 @@ struct udevice;
> #define EV_TABLE_OF_DEVICES ((u32)0x000B)
> #define EV_COMPACT_HASH ((u32)0x000C)
>
> +/*
> + * event types, cf.
> + * "TCG PC Client Platform Firmware Profile Specification", Family "2.0"
> + * rev 1.04, June 3, 2019
> + */
> +#define EV_EFI_EVENT_BASE((u32)0x8000)
> +#define EV_EFI_VARIABLE_DRIVER_CONFIG((u32)0x8001)
> +#define EV_EFI_VARIABLE_BOOT ((u32)0x8002)
> +#define EV_EFI_BOOT_SERVICES_APPLICATION ((u32)0x8003)
> +#define EV_EFI_BOOT_SERVICES_DRIVER ((u32)0x8004)
> +#define EV_EFI_RUNTIME_SERVICES_DRIVER ((u32)0x8005)
> +#define EV_EFI_GPT_EVENT ((u32)0x8006)
> +#define EV_EFI_ACTION((u32)0x8007)
> +#define EV_EFI_PLATFORM_FIRMWARE_BLOB((u32)0x8008)
> +#define EV_EFI_HANDOFF_TABLES((u32)0x8009)
> +#define EV_EFI_HCRTM_EVENT ((u32)0x8010)
> +#define EV_EFI_VARIABLE_AUTHORITY((u32)0x80E0)
> +
> /* TPMS_TAGGED_PROPERTY Structure */
> struct tpms_tagged_property {
> u32 property;
> diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
> index 98845b8ba3..0e6200fa25 100644
> --- a/lib/efi_loader/Kconfig
> +++ b/lib/efi_loader/Kconfig
> @@ -309,6 +309,7 @@ config EFI_TCG2_PROTOCOL
> select SHA512_ALGO
> selec
Re: [PATCH v8 3/3] efi_loader: add PE/COFF image measurement
On Mon, 24 May 2021 at 21:53, Ilias Apalodimas
wrote:
>
> new_efi);
> > +
> > bool efi_image_parse(void *efi, size_t len, struct efi_image_regions
> > **regp,
> >WIN_CERTIFICATE **auth, size_t *auth_len);
> >
> > diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
> > index 40e241ce31..bcfb98168a 100644
> > --- a/include/efi_tcg2.h
> > +++ b/include/efi_tcg2.h
> > @@ -9,6 +9,7 @@
> > #if !defined _EFI_TCG2_PROTOCOL_H_
> > #define _EFI_TCG2_PROTOCOL_H_
> >
> > +#include
> > #include
> >
> > #define EFI_TCG2_PROTOCOL_GUID \
> > @@ -53,6 +54,14 @@ struct efi_tcg2_event {
> > u8 event[];
> > } __packed;
> >
> > +struct uefi_image_load_event {
> > + efi_physical_addr_t image_location_in_memory;
> > + u64 image_length_in_memory;
> > + u64 image_link_time_address;
> > + u64 length_of_device_path;
> > + struct efi_device_path device_path[];
> > +};
> > +
> > struct efi_tcg2_boot_service_capability {
> > u8 size;
> > struct efi_tcg2_version structure_version;
> > diff --git a/include/tpm-v2.h b/include/tpm-v2.h
> > index 7de7d6a57d..247b386967 100644
> > --- a/include/tpm-v2.h
> > +++ b/include/tpm-v2.h
> > @@ -70,6 +70,24 @@ struct udevice;
> > #define EV_TABLE_OF_DEVICES ((u32)0x000B)
> > #define EV_COMPACT_HASH ((u32)0x000C)
> >
> > +/*
> > + * event types, cf.
> > + * "TCG PC Client Platform Firmware Profile Specification", Family "2.0"
> > + * rev 1.04, June 3, 2019
> > + */
> > +#define EV_EFI_EVENT_BASE((u32)0x8000)
> > +#define EV_EFI_VARIABLE_DRIVER_CONFIG((u32)0x8001)
> > +#define EV_EFI_VARIABLE_BOOT ((u32)0x8002)
> > +#define EV_EFI_BOOT_SERVICES_APPLICATION ((u32)0x8003)
> > +#define EV_EFI_BOOT_SERVICES_DRIVER ((u32)0x8004)
> > +#define EV_EFI_RUNTIME_SERVICES_DRIVER ((u32)0x8005)
> > +#define EV_EFI_GPT_EVENT ((u32)0x8006)
> > +#define EV_EFI_ACTION((u32)0x8007)
> > +#define EV_EFI_PLATFORM_FIRMWARE_BLOB((u32)0x8008)
> > +#define EV_EFI_HANDOFF_TABLES((u32)0x8009)
> > +#define EV_EFI_HCRTM_EVENT ((u32)0x8010)
> > +#define EV_EFI_VARIABLE_AUTHORITY((u32)0x80E0)
> > +
> > /* TPMS_TAGGED_PROPERTY Structure */
> > struct tpms_tagged_property {
> > u32 property;
> > diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
> > index 98845b8ba3..0e6200fa25 100644
> > --- a/lib/efi_loader/Kconfig
> > +++ b/lib/efi_loader/Kconfig
> > @@ -309,6 +309,7 @@ config EFI_TCG2_PROTOCOL
> > select SHA512_ALGO
> > select SHA384
> > select SHA512
> > + select HASH_CALCULATE
> > help
> > Provide a EFI_TCG2_PROTOCOL implementation using the TPM hardware
> > of the platform.
> > diff --git a/lib/efi_loader/efi_image_loader.c
> > b/lib/efi_loader/efi_image_loader.c
> > index fe1ee198e2..f37a85e56e 100644
> > --- a/lib/efi_loader/efi_image_loader.c
> > +++ b/lib/efi_loader/efi_image_loader.c
> > @@ -302,6 +302,40 @@ static int cmp_pe_section(const void *arg1, const void
> > *arg2)
> > return 1;
> > }
> >
> > +/**
> > + * efi_prepare_aligned_image() - prepare 8-byte aligned image
> > + * @efi: pointer to the EFI binary
> > + * @efi_size:size of @efi binary
> > + * @new_efi: pointer to the newly allocated image
> > + *
> > + * If @efi is not 8-byte aligned, this function newly allocates
> > + * the image buffer and updates @efi_size.
> > + *
> > + * Return: valid pointer to a image, return NULL if allocation fails.
> > + */
> > +void *efi_prepare_aligned_image(void *efi, u64 *efi_size, void **new_efi)
> > +{
> > + size_t new_efi_size;
> > + void *p;
> > +
> > + /*
> > + * Size must be 8-byte aligned and the trailing bytes must be
> > + * zero'ed. Otherwise hash value may be incorrect.
> > + */
> > + if (!IS_ALIGNED(*efi_size, 8)) {
> > + new_efi_size = ALIGN(*efi_size, 8);
> > + p = calloc(new_efi_size, 1);
> > + if (!p)
> > + return NULL;
> > + memcpy(p, efi, *efi_size);
> > + *efi_size = new_efi_size;
>
> Do we really need new_efi here? I might be missing some context for the
> original code, but since we return the new pointer, can't we just
> use that in the caller? If so the whole void **new_efi is not needed?
new_efi is required.
The caller uses returned pointer, it will be the pointer to the
original efi image or newly allocated buffer. Caller will need new_efi
to free the newly allocated buffer.
>
> > +
>
> [...]
>
> > + ret = __get_active_pcr_banks(&active);
> > + if (ret != EFI_SUCCESS) {
> > + ret = EFI_DEVICE_ERROR;
>
> __get_active_pcr_banks is supposed to return the correct efi_status_t code.
> I don't think we need EFI_
Re: [PATCH v8 3/3] efi_loader: add PE/COFF image measurement
new_efi);
> +
> bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp,
>WIN_CERTIFICATE **auth, size_t *auth_len);
>
> diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
> index 40e241ce31..bcfb98168a 100644
> --- a/include/efi_tcg2.h
> +++ b/include/efi_tcg2.h
> @@ -9,6 +9,7 @@
> #if !defined _EFI_TCG2_PROTOCOL_H_
> #define _EFI_TCG2_PROTOCOL_H_
>
> +#include
> #include
>
> #define EFI_TCG2_PROTOCOL_GUID \
> @@ -53,6 +54,14 @@ struct efi_tcg2_event {
> u8 event[];
> } __packed;
>
> +struct uefi_image_load_event {
> + efi_physical_addr_t image_location_in_memory;
> + u64 image_length_in_memory;
> + u64 image_link_time_address;
> + u64 length_of_device_path;
> + struct efi_device_path device_path[];
> +};
> +
> struct efi_tcg2_boot_service_capability {
> u8 size;
> struct efi_tcg2_version structure_version;
> diff --git a/include/tpm-v2.h b/include/tpm-v2.h
> index 7de7d6a57d..247b386967 100644
> --- a/include/tpm-v2.h
> +++ b/include/tpm-v2.h
> @@ -70,6 +70,24 @@ struct udevice;
> #define EV_TABLE_OF_DEVICES ((u32)0x000B)
> #define EV_COMPACT_HASH ((u32)0x000C)
>
> +/*
> + * event types, cf.
> + * "TCG PC Client Platform Firmware Profile Specification", Family "2.0"
> + * rev 1.04, June 3, 2019
> + */
> +#define EV_EFI_EVENT_BASE((u32)0x8000)
> +#define EV_EFI_VARIABLE_DRIVER_CONFIG((u32)0x8001)
> +#define EV_EFI_VARIABLE_BOOT ((u32)0x8002)
> +#define EV_EFI_BOOT_SERVICES_APPLICATION ((u32)0x8003)
> +#define EV_EFI_BOOT_SERVICES_DRIVER ((u32)0x8004)
> +#define EV_EFI_RUNTIME_SERVICES_DRIVER ((u32)0x8005)
> +#define EV_EFI_GPT_EVENT ((u32)0x8006)
> +#define EV_EFI_ACTION((u32)0x8007)
> +#define EV_EFI_PLATFORM_FIRMWARE_BLOB((u32)0x8008)
> +#define EV_EFI_HANDOFF_TABLES((u32)0x8009)
> +#define EV_EFI_HCRTM_EVENT ((u32)0x8010)
> +#define EV_EFI_VARIABLE_AUTHORITY((u32)0x80E0)
> +
> /* TPMS_TAGGED_PROPERTY Structure */
> struct tpms_tagged_property {
> u32 property;
> diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
> index 98845b8ba3..0e6200fa25 100644
> --- a/lib/efi_loader/Kconfig
> +++ b/lib/efi_loader/Kconfig
> @@ -309,6 +309,7 @@ config EFI_TCG2_PROTOCOL
> select SHA512_ALGO
> select SHA384
> select SHA512
> + select HASH_CALCULATE
> help
> Provide a EFI_TCG2_PROTOCOL implementation using the TPM hardware
> of the platform.
> diff --git a/lib/efi_loader/efi_image_loader.c
> b/lib/efi_loader/efi_image_loader.c
> index fe1ee198e2..f37a85e56e 100644
> --- a/lib/efi_loader/efi_image_loader.c
> +++ b/lib/efi_loader/efi_image_loader.c
> @@ -302,6 +302,40 @@ static int cmp_pe_section(const void *arg1, const void
> *arg2)
> return 1;
> }
>
> +/**
> + * efi_prepare_aligned_image() - prepare 8-byte aligned image
> + * @efi: pointer to the EFI binary
> + * @efi_size:size of @efi binary
> + * @new_efi: pointer to the newly allocated image
> + *
> + * If @efi is not 8-byte aligned, this function newly allocates
> + * the image buffer and updates @efi_size.
> + *
> + * Return: valid pointer to a image, return NULL if allocation fails.
> + */
> +void *efi_prepare_aligned_image(void *efi, u64 *efi_size, void **new_efi)
> +{
> + size_t new_efi_size;
> + void *p;
> +
> + /*
> + * Size must be 8-byte aligned and the trailing bytes must be
> + * zero'ed. Otherwise hash value may be incorrect.
> + */
> + if (!IS_ALIGNED(*efi_size, 8)) {
> + new_efi_size = ALIGN(*efi_size, 8);
> + p = calloc(new_efi_size, 1);
> + if (!p)
> + return NULL;
> + memcpy(p, efi, *efi_size);
> + *efi_size = new_efi_size;
Do we really need new_efi here? I might be missing some context for the
original code, but since we return the new pointer, can't we just
use that in the caller? If so the whole void **new_efi is not needed?
> +
[...]
> + ret = __get_active_pcr_banks(&active);
> + if (ret != EFI_SUCCESS) {
> + ret = EFI_DEVICE_ERROR;
__get_active_pcr_banks is supposed to return the correct efi_status_t code.
I don't think we need EFI_DEVICE_ERROR here.
Thanks!
/Ilias
[PATCH v8 3/3] efi_loader: add PE/COFF image measurement
"TCG PC Client Platform Firmware Profile Specification"
requires to measure every attempt to load and execute
a OS Loader(a UEFI application) into PCR[4].
This commit adds the PE/COFF image measurement, extends PCR,
and appends measurement into Event Log.
Acked-by: Ilias Apalodimas
Tested-by: Ilias Apalodimas
Signed-off-by: Masahisa Kojima
---
(no changes since v7)
Changes in v7:
- include hash-checksum.h instead of rsa.h
- select HASH_CALCULATE in Kconfig, not to update lib/Makefile
- rebased the base code
Changes in v6:
- update lib/Makefile to add hash-checksum.c as a compilation target
(no changes since v2)
Changes in v2:
- Remove duplicate include
- Remove unnecessary __packed attribute
- Add all EV_EFI_* event definition
- Create common function to prepare 8-byte aligned image
- Add measurement for EV_EFI_BOOT_SERVICES_DRIVER and
EV_EFI_RUNTIME_SERVICES_DRIVER
- Use efi_search_protocol() to get device_path
- Add function comment
include/efi_loader.h | 6 +
include/efi_tcg2.h| 9 ++
include/tpm-v2.h | 18 +++
lib/efi_loader/Kconfig| 1 +
lib/efi_loader/efi_image_loader.c | 59 +++--
lib/efi_loader/efi_tcg2.c | 207 --
6 files changed, 276 insertions(+), 24 deletions(-)
diff --git a/include/efi_loader.h b/include/efi_loader.h
index de1a496a97..9f2854a255 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -426,6 +426,10 @@ efi_status_t efi_disk_register(void);
efi_status_t efi_rng_register(void);
/* Called by efi_init_obj_list() to install EFI_TCG2_PROTOCOL */
efi_status_t efi_tcg2_register(void);
+/* measure the pe-coff image, extend PCR and add Event Log */
+efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
+ struct efi_loaded_image_obj *handle,
+ struct efi_loaded_image *loaded_image_info);
/* Create handles and protocols for the partitions of a block device */
int efi_disk_create_partitions(efi_handle_t parent, struct blk_desc *desc,
const char *if_typename, int diskid,
@@ -847,6 +851,8 @@ bool efi_secure_boot_enabled(void);
bool efi_capsule_auth_enabled(void);
+void *efi_prepare_aligned_image(void *efi, u64 *efi_size, void **new_efi);
+
bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp,
WIN_CERTIFICATE **auth, size_t *auth_len);
diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
index 40e241ce31..bcfb98168a 100644
--- a/include/efi_tcg2.h
+++ b/include/efi_tcg2.h
@@ -9,6 +9,7 @@
#if !defined _EFI_TCG2_PROTOCOL_H_
#define _EFI_TCG2_PROTOCOL_H_
+#include
#include
#define EFI_TCG2_PROTOCOL_GUID \
@@ -53,6 +54,14 @@ struct efi_tcg2_event {
u8 event[];
} __packed;
+struct uefi_image_load_event {
+ efi_physical_addr_t image_location_in_memory;
+ u64 image_length_in_memory;
+ u64 image_link_time_address;
+ u64 length_of_device_path;
+ struct efi_device_path device_path[];
+};
+
struct efi_tcg2_boot_service_capability {
u8 size;
struct efi_tcg2_version structure_version;
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index 7de7d6a57d..247b386967 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -70,6 +70,24 @@ struct udevice;
#define EV_TABLE_OF_DEVICES((u32)0x000B)
#define EV_COMPACT_HASH((u32)0x000C)
+/*
+ * event types, cf.
+ * "TCG PC Client Platform Firmware Profile Specification", Family "2.0"
+ * rev 1.04, June 3, 2019
+ */
+#define EV_EFI_EVENT_BASE ((u32)0x8000)
+#define EV_EFI_VARIABLE_DRIVER_CONFIG ((u32)0x8001)
+#define EV_EFI_VARIABLE_BOOT ((u32)0x8002)
+#define EV_EFI_BOOT_SERVICES_APPLICATION ((u32)0x8003)
+#define EV_EFI_BOOT_SERVICES_DRIVER((u32)0x8004)
+#define EV_EFI_RUNTIME_SERVICES_DRIVER ((u32)0x8005)
+#define EV_EFI_GPT_EVENT ((u32)0x8006)
+#define EV_EFI_ACTION ((u32)0x8007)
+#define EV_EFI_PLATFORM_FIRMWARE_BLOB ((u32)0x8008)
+#define EV_EFI_HANDOFF_TABLES ((u32)0x8009)
+#define EV_EFI_HCRTM_EVENT ((u32)0x8010)
+#define EV_EFI_VARIABLE_AUTHORITY ((u32)0x80E0)
+
/* TPMS_TAGGED_PROPERTY Structure */
struct tpms_tagged_property {
u32 property;
diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
index 98845b8ba3..0e6200fa25 100644
--- a/lib/efi_loader/Kconfig
+++ b/lib/efi_loader/Kconfig
@@ -309,6 +309,7 @@ config EFI_TCG2_PROTOCOL
select SHA512_ALGO
select SHA384
select SHA512
+ select HASH_CALCULATE
help
Provide a EFI_TCG2_PROTOCOL implementation using the TPM hardware
of the platform.
diff --git a/lib/efi_loader/efi_image_loader.c
b/lib/efi_loader/efi_image_loader
