summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChris Engel <cjengel@us.ibm.com>2017-04-05 09:38:19 -0500
committerDaniel M. Crowell <dcrowell@us.ibm.com>2017-04-23 11:22:58 -0400
commit9349e6ece944f284f59b1b9315f27a82df60d196 (patch)
tree5c89628f4fea6fe337c73a11d81cd46adc44396b
parent5865a928059b01c1a467003f8328debd3e63a452 (diff)
downloadtalos-hostboot-9349e6ece944f284f59b1b9315f27a82df60d196.tar.gz
talos-hostboot-9349e6ece944f284f59b1b9315f27a82df60d196.zip
Trustedboot support to log different event types
Change-Id: I811e9bd38c8c365acbcf204fa638ec0eb7302b7e Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/38879 Reviewed-by: Timothy R. Block <block@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat
-rw-r--r--src/include/usr/secureboot/trustedbootif.H27
-rw-r--r--src/usr/pnor/pnor_common.C4
-rw-r--r--src/usr/secureboot/ext/drtm.C6
-rw-r--r--src/usr/secureboot/trusted/base/trustedboot_base.C16
-rwxr-xr-xsrc/usr/secureboot/trusted/test/tpmLogMgrTest.H4
-rwxr-xr-xsrc/usr/secureboot/trusted/test/trustedbootTest.H1
-rw-r--r--src/usr/secureboot/trusted/tpmLogMgr.C5
-rw-r--r--src/usr/secureboot/trusted/tpmLogMgr.H4
-rw-r--r--src/usr/secureboot/trusted/trustedTypes.H10
-rw-r--r--src/usr/secureboot/trusted/trustedboot.C22
-rw-r--r--src/usr/secureboot/trusted/trustedboot.H1
11 files changed, 74 insertions, 26 deletions
diff --git a/src/include/usr/secureboot/trustedbootif.H b/src/include/usr/secureboot/trustedbootif.H
index 6b54cadeb..8f79756d9 100644
--- a/src/include/usr/secureboot/trustedbootif.H
+++ b/src/include/usr/secureboot/trustedbootif.H
@@ -81,6 +81,31 @@ namespace TRUSTEDBOOT
IMPLEMENTATION_PCR = 24, ///< The number of PCRs implemented by TPM
} TPM_Pcr;
+ /// TCG PC Client Platform Firmware Profile Spec Family "2.0" v00.50
+ typedef enum : uint8_t
+ {
+ EV_PREBOOT_CERT = 0x00,
+ EV_POST_CODE = 0x01,
+ EV_UNUSED = 0x02,
+ EV_NO_ACTION = 0x03,
+ EV_SEPARATOR = 0x04,
+ EV_ACTION = 0x05,
+ EV_EVENT_TAG = 0x06,
+ EV_S_CRTM_CONTENTS = 0x07,
+ EV_S_CRTM_VERSION = 0x08,
+ EV_CPU_MICROCODE = 0x09,
+ EV_PLATFORM_CONFIG_FLAGS = 0x0A,
+ EV_TABLE_OF_DEVICES = 0x0B,
+ EV_COMPACT_HASH = 0x0C,
+ EV_IPL = 0x0D, ///< Deprecated
+ EV_IPL_PARTITION_DATA = 0x0E, ///< Deprecated
+ EV_NONHOST_CODE = 0x0F,
+ EV_NONHOST_CONFIG = 0x10,
+ EV_NONHOST_INFO = 0x11,
+ EV_OMIT_BOOT_DEVICE_EVENTS = 0x12,
+ EV_INVALID ///< Used for error checking
+ } EventTypes;
+
/**
* @brief Initialize trusted boot/TPM components for the master TPM
@@ -95,6 +120,7 @@ namespace TRUSTEDBOOT
/**
* @brief Extend a measurement into the TPMs and log atomically
* @param[in] i_pcr PCR to write to
+ * @param[in] i_eventType Event type to log
* @param[in] i_digest Digest value to write to PCR
* @param[in] i_digestSize Byte size of i_digest data
* @param[in] i_logMsg Null terminated log message, truncated at 128 chars
@@ -105,6 +131,7 @@ namespace TRUSTEDBOOT
* size being used
*/
errlHndl_t pcrExtend(TPM_Pcr i_pcr,
+ EventTypes i_eventType,
const uint8_t* i_digest,
size_t i_digestSize,
const char* i_logMsg,
diff --git a/src/usr/pnor/pnor_common.C b/src/usr/pnor/pnor_common.C
index bc5e2b173..e6e7bd2a1 100644
--- a/src/usr/pnor/pnor_common.C
+++ b/src/usr/pnor/pnor_common.C
@@ -359,7 +359,9 @@ errlHndl_t PNOR::extendHash(uint64_t i_addr, size_t i_size, const char* i_name)
SHA512_t l_hash = {0};
SECUREBOOT::hashBlob(l_buf, i_size, l_hash);
- l_errhdl = TRUSTEDBOOT::pcrExtend(TRUSTEDBOOT::PCR_0, l_hash,
+ l_errhdl = TRUSTEDBOOT::pcrExtend(TRUSTEDBOOT::PCR_0,
+ TRUSTEDBOOT::EV_S_CRTM_CONTENTS,
+ l_hash,
sizeof(SHA512_t), i_name);
delete[] l_buf;
diff --git a/src/usr/secureboot/ext/drtm.C b/src/usr/secureboot/ext/drtm.C
index 1497e35e3..68d59f27e 100644
--- a/src/usr/secureboot/ext/drtm.C
+++ b/src/usr/secureboot/ext/drtm.C
@@ -408,8 +408,10 @@ errlHndl_t validateDrtmPayload()
// Extend (arbitrary) measurement to PCR17
SHA512_t hash = {0};
memcpy(hash,DRTM_RIT_PAYLOAD,sizeof(DRTM_RIT_PAYLOAD));
- pError = TRUSTEDBOOT::pcrExtend(TRUSTEDBOOT::PCR_DRTM_17, hash,
- sizeof(SHA512_t),DRTM_RIT_LOG_TEXT);
+ pError = TRUSTEDBOOT::pcrExtend(TRUSTEDBOOT::PCR_DRTM_17,
+ TRUSTEDBOOT::EV_COMPACT_HASH,
+ hash,
+ sizeof(SHA512_t),DRTM_RIT_LOG_TEXT);
if(pError)
{
SB_ERR("validateDrtmPayload: Failed in pcrExtend() for PCR 17");
diff --git a/src/usr/secureboot/trusted/base/trustedboot_base.C b/src/usr/secureboot/trusted/base/trustedboot_base.C
index fe1784a17..4d2815862 100644
--- a/src/usr/secureboot/trusted/base/trustedboot_base.C
+++ b/src/usr/secureboot/trusted/base/trustedboot_base.C
@@ -190,6 +190,7 @@ errlHndl_t pcrExtendSeparator(bool i_sendAsync)
}
errlHndl_t pcrExtend(TPM_Pcr i_pcr,
+ EventTypes i_eventType,
const uint8_t* i_digest,
size_t i_digestSize,
const char* i_logMsg,
@@ -209,7 +210,7 @@ errlHndl_t pcrExtend(TPM_Pcr i_pcr,
memset(msgData, 0, sizeof(PcrExtendMsgData));
msgData->mPcrIndex = i_pcr;
msgData->mAlgId = TPM_ALG_SHA256;
- msgData->mEventType = EV_ACTION;
+ msgData->mEventType = i_eventType;
msgData->mDigestSize = (i_digestSize < sizeof(msgData->mDigest) ?
i_digestSize : sizeof(msgData->mDigest));
@@ -329,10 +330,12 @@ errlHndl_t extendPnorSectionHash(
strcat(swKeyMsg,FW_KEY_HASH_EXT);
TPM_Pcr pnorHashPcr = PCR_0;
+ EventTypes swKeyHashEventType = TRUSTEDBOOT::EV_PLATFORM_CONFIG_FLAGS;
// PAYLOAD is the only section that needs its hash extended to PCR_4
if (i_sec == PNOR::PAYLOAD)
{
pnorHashPcr = PCR_4;
+ swKeyHashEventType = TRUSTEDBOOT::EV_COMPACT_HASH;
}
// Extend swKeyHash to the next PCR after the hash extension PCR.
const TPM_Pcr swKeyHashPcr = static_cast<TPM_Pcr>(pnorHashPcr + 1);
@@ -340,7 +343,10 @@ errlHndl_t extendPnorSectionHash(
if (SECUREBOOT::enabled())
{
// If secureboot is enabled, use protected hash in header
+ /// @todo RTC 172332 Update log type based on what is being extended
+ /// EV_POST_CODE or EV_S_CRTM_CONTENTS or EV_COMPACT_HASH
pError = TRUSTEDBOOT::pcrExtend(pnorHashPcr,
+ TRUSTEDBOOT::EV_POST_CODE,
reinterpret_cast<const uint8_t*>(i_conHdr.payloadTextHash()),
sizeof(SHA512_t),
sectionInfo.name);
@@ -354,6 +360,7 @@ errlHndl_t extendPnorSectionHash(
// Extend SW public key hash
pError = TRUSTEDBOOT::pcrExtend(swKeyHashPcr,
+ swKeyHashEventType,
reinterpret_cast<const uint8_t*>(i_conHdr.swKeyHash()),
sizeof(SHA512_t),
swKeyMsg);
@@ -368,10 +375,13 @@ errlHndl_t extendPnorSectionHash(
else
{
// If secureboot is not enabled, measure protected section
+ /// @todo RTC 172332 Update log type based on what is being extended
+ /// EV_POST_CODE or EV_S_CRTM_CONTENTS or EV_COMPACT_HASH
SHA512_t hash = {0};
SECUREBOOT::hashBlob(i_vaddr, protectedSize, hash);
- pError = TRUSTEDBOOT::pcrExtend(pnorHashPcr, hash,
- sizeof(SHA512_t),
+ pError = TRUSTEDBOOT::pcrExtend(pnorHashPcr,
+ TRUSTEDBOOT::EV_POST_CODE,
+ hash, sizeof(SHA512_t),
sectionInfo.name);
if (pError)
{
diff --git a/src/usr/secureboot/trusted/test/tpmLogMgrTest.H b/src/usr/secureboot/trusted/test/tpmLogMgrTest.H
index 27ba7c2aa..988103928 100755
--- a/src/usr/secureboot/trusted/test/tpmLogMgrTest.H
+++ b/src/usr/secureboot/trusted/test/tpmLogMgrTest.H
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2015,2016 */
+/* Contributors Listed Below - COPYRIGHT 2015,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -212,7 +212,7 @@ class TPMLogMgrTest: public CxxTest::TestSuite
// Get a TCG_PCR_EVENT2
TCG_PCR_EVENT2 eventLog = TpmLogMgr_genLogEventPcrExtend(
- pcr, algId,
+ pcr, EV_NO_ACTION, algId,
digest, digestSize,
TPM_ALG_SHA1, digest,
digestSize, i_logMsg);
diff --git a/src/usr/secureboot/trusted/test/trustedbootTest.H b/src/usr/secureboot/trusted/test/trustedbootTest.H
index 04f17e0f0..c092675a4 100755
--- a/src/usr/secureboot/trusted/test/trustedbootTest.H
+++ b/src/usr/secureboot/trusted/test/trustedbootTest.H
@@ -794,6 +794,7 @@ class TrustedBootTest: public CxxTest::TestSuite
num_ops++;
pcrExtendSingleTpm(pTpm,
PCR_DEBUG,
+ EV_POST_CODE,
TPM_ALG_SHA256,
digest,
TPM_ALG_SHA256_SIZE,
diff --git a/src/usr/secureboot/trusted/tpmLogMgr.C b/src/usr/secureboot/trusted/tpmLogMgr.C
index cdc56f07e..fe773d5f3 100644
--- a/src/usr/secureboot/trusted/tpmLogMgr.C
+++ b/src/usr/secureboot/trusted/tpmLogMgr.C
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2015,2016 */
+/* Contributors Listed Below - COPYRIGHT 2015,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -458,6 +458,7 @@ namespace TRUSTEDBOOT
}
TCG_PCR_EVENT2 TpmLogMgr_genLogEventPcrExtend(TPM_Pcr i_pcr,
+ EventTypes i_eventType,
TPM_Alg_Id i_algId_1,
const uint8_t* i_digest_1,
size_t i_digestSize_1,
@@ -478,7 +479,7 @@ namespace TRUSTEDBOOT
memset(&eventLog, 0, sizeof(eventLog));
eventLog.pcrIndex = i_pcr;
- eventLog.eventType = EV_ACTION;
+ eventLog.eventType = i_eventType;
// Update digest information
eventLog.digests.count = 1;
diff --git a/src/usr/secureboot/trusted/tpmLogMgr.H b/src/usr/secureboot/trusted/tpmLogMgr.H
index 5b248d35c..09adc2f63 100644
--- a/src/usr/secureboot/trusted/tpmLogMgr.H
+++ b/src/usr/secureboot/trusted/tpmLogMgr.H
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2015,2016 */
+/* Contributors Listed Below - COPYRIGHT 2015,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -206,6 +206,7 @@ namespace TRUSTEDBOOT
* @brief Get a TCG_PCR_EVENT2 populated with required data
*
* @param[in] i_pcr PCR to write to
+ * @param[in] i_eventType Log event type to use
* @param[in] i_algId_1 Algorithm to use
* @param[in] i_digest_1 Digest value to write to PCR
* @param[in] i_digestSize_1 Byte size of i_digest array
@@ -217,6 +218,7 @@ namespace TRUSTEDBOOT
* @return TCG_PCR_EVENT2 PCR event log
*/
TCG_PCR_EVENT2 TpmLogMgr_genLogEventPcrExtend(TPM_Pcr i_pcr,
+ EventTypes i_eventType,
TPM_Alg_Id i_algId_1,
const uint8_t* i_digest_1,
size_t i_digestSize_1,
diff --git a/src/usr/secureboot/trusted/trustedTypes.H b/src/usr/secureboot/trusted/trustedTypes.H
index 8a4cc434e..ee19a7200 100644
--- a/src/usr/secureboot/trusted/trustedTypes.H
+++ b/src/usr/secureboot/trusted/trustedTypes.H
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2015,2016 */
+/* Contributors Listed Below - COPYRIGHT 2015,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -77,14 +77,6 @@ namespace TRUSTEDBOOT
PCR_SELECT_MAX = (IMPLEMENTATION_PCR+7)/8, ///< PCR selection octet max
};
- typedef enum
- {
- EV_NO_ACTION = 0x3, ///< Event field contains info
- EV_SEPARATOR = 0x4, ///< Used to indicate an error
- EV_ACTION = 0x5, ///< Must extend a PCR
- EV_INVALID ///< Used for error checking
- } EventTypes;
-
/**
* @brief Get the digest size of the selected hash algorithm
* @param[in] i_algId Algorith ID to query
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C
index e92570224..45043b3e4 100644
--- a/src/usr/secureboot/trusted/trustedboot.C
+++ b/src/usr/secureboot/trusted/trustedboot.C
@@ -630,7 +630,8 @@ errlHndl_t tpmLogConfigEntries(TRUSTEDBOOT::TpmTarget* const i_pTpm)
l_securitySwitchValue);
// Extend to TPM - PCR_1
memcpy(l_digest, &l_securitySwitchValue, sizeof(l_securitySwitchValue));
- l_err = pcrExtend(PCR_1, l_digest, sizeof(l_securitySwitchValue),
+ l_err = pcrExtend(PCR_1, EV_PLATFORM_CONFIG_FLAGS,
+ l_digest, sizeof(l_securitySwitchValue),
"Security Switches");
if (l_err)
{
@@ -651,7 +652,8 @@ errlHndl_t tpmLogConfigEntries(TRUSTEDBOOT::TpmTarget* const i_pTpm)
TRACDCOMP(g_trac_trustedboot, "PVR of chip = 0x%08X", l_pvr);
// Extend to TPM - PCR_1
memcpy(l_digest, &l_pvr, sizeof(l_pvr));
- l_err = pcrExtend(PCR_1, l_digest, sizeof(l_pvr),"PVR of Chip");
+ l_err = pcrExtend(PCR_1, EV_PLATFORM_CONFIG_FLAGS,
+ l_digest, sizeof(l_pvr),"PVR of Chip");
if (l_err)
{
break;
@@ -672,7 +674,10 @@ errlHndl_t tpmLogConfigEntries(TRUSTEDBOOT::TpmTarget* const i_pTpm)
const TPM_Pcr l_pcrs[] = {PCR_1,PCR_4,PCR_5,PCR_6};
for (size_t i = 0; i < (sizeof(l_pcrs)/sizeof(TPM_Pcr)) ; ++i)
{
- l_err = pcrExtend(l_pcrs[i], l_digest, sizeof(l_nodeid),"Node id");
+ l_err = pcrExtend(l_pcrs[i],
+ (l_pcrs[i] == PCR_1 ?
+ EV_PLATFORM_CONFIG_FLAGS : EV_COMPACT_HASH),
+ l_digest, sizeof(l_nodeid),"Node id");
if (l_err)
{
break;
@@ -687,7 +692,8 @@ errlHndl_t tpmLogConfigEntries(TRUSTEDBOOT::TpmTarget* const i_pTpm)
memset(l_digest, 0, sizeof(uint64_t));
bool l_tpmRequired = isTpmRequired();
l_digest[0] = static_cast<uint8_t>(l_tpmRequired);
- l_err = pcrExtend(PCR_1, l_digest, sizeof(l_tpmRequired),
+ l_err = pcrExtend(PCR_1, EV_PLATFORM_CONFIG_FLAGS,
+ l_digest, sizeof(l_tpmRequired),
"Tpm Required");
if (l_err)
{
@@ -697,7 +703,8 @@ errlHndl_t tpmLogConfigEntries(TRUSTEDBOOT::TpmTarget* const i_pTpm)
// HW Key Hash
sha2_hash_t l_hw_key_hash;
SECUREBOOT::getHwKeyHash(l_hw_key_hash);
- l_err = pcrExtend(PCR_1, l_hw_key_hash,
+ l_err = pcrExtend(PCR_1, EV_PLATFORM_CONFIG_FLAGS,
+ l_hw_key_hash,
sizeof(sha2_hash_t),"HW KEY HASH");
if (l_err)
{
@@ -711,6 +718,7 @@ errlHndl_t tpmLogConfigEntries(TRUSTEDBOOT::TpmTarget* const i_pTpm)
void pcrExtendSingleTpm(TpmTarget* const i_pTpm,
const TPM_Pcr i_pcr,
+ const EventTypes i_eventType,
TPM_Alg_Id i_algId,
const uint8_t* i_digest,
size_t i_digestSize,
@@ -758,7 +766,7 @@ void pcrExtendSingleTpm(TpmTarget* const i_pTpm,
hwasState.functional)
{
// Fill in TCG_PCR_EVENT2 and add to log
- eventLog = TpmLogMgr_genLogEventPcrExtend(pcr,
+ eventLog = TpmLogMgr_genLogEventPcrExtend(pcr, i_eventType,
i_algId, i_digest,
i_digestSize,
TPM_ALG_SHA1, i_digest,
@@ -870,6 +878,7 @@ void pcrExtendSeparator(TpmTarget* const i_pTpm)
{
// Fill in TCG_PCR_EVENT2 and add to log
eventLog = TpmLogMgr_genLogEventPcrExtend(pcr,
+ EV_SEPARATOR,
TPM_ALG_SHA1,
sha1_digest,
sizeof(sha1_digest),
@@ -1206,6 +1215,7 @@ void* tpmDaemon(void* unused)
TRUSTEDBOOT::pcrExtendSingleTpm(
tpm,
msgData->mPcrIndex,
+ msgData->mEventType,
msgData->mAlgId,
msgData->mDigest,
msgData->mDigestSize,
diff --git a/src/usr/secureboot/trusted/trustedboot.H b/src/usr/secureboot/trusted/trustedboot.H
index 933435c4c..64a3bd727 100644
--- a/src/usr/secureboot/trusted/trustedboot.H
+++ b/src/usr/secureboot/trusted/trustedboot.H
@@ -131,6 +131,7 @@ errlHndl_t tpmLogConfigEntries(TRUSTEDBOOT::TpmTarget* i_pTpm);
*/
void pcrExtendSingleTpm(TpmTarget* i_pTpm,
TPM_Pcr i_pcr,
+ const EventTypes i_eventType,
TPM_Alg_Id i_algId,
const uint8_t* i_digest,
size_t i_digestSize,
OpenPOWER on IntegriCloud