2020-04-02 23:48:53 +02:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0-only */
|
2018-02-27 19:40:52 +01:00
|
|
|
|
|
|
|
|
#ifndef TSPI_H_
|
|
|
|
|
#define TSPI_H_
|
|
|
|
|
|
|
|
|
|
#include <security/tpm/tss.h>
|
2017-12-14 15:49:32 +01:00
|
|
|
#include <commonlib/tcpa_log_serialized.h>
|
2018-10-23 07:40:08 +02:00
|
|
|
#include <commonlib/region.h>
|
2018-11-10 00:35:02 +01:00
|
|
|
#include <vb2_api.h>
|
2018-10-23 07:40:08 +02:00
|
|
|
|
2018-11-10 00:35:02 +01:00
|
|
|
#define TPM_PCR_MAX_LEN 64
|
|
|
|
|
#define HASH_DATA_CHUNK_SIZE 1024
|
|
|
|
|
|
security/vboot: Decouple measured boot from verified boot
Currently, those who want to use measured boot implemented within
vboot should enable verified boot first, along with sections such
as GBB and RW slots defined with manually written fmd files, even
if they do not actually want to verify anything.
As discussed in CB:34977, measured boot should be decoupled from
verified boot and make them two fully independent options. Crypto
routines necessary for measurement could be reused, and TPM and CRTM
init should be done somewhere other than vboot_logic_executed() if
verified boot is not enabled.
In this revision, only TCPA log is initialized during bootblock.
Before TPM gets set up, digests are not measured into tpm immediately,
but cached in TCPA log, and measured into determined PCRs right after
TPM is up.
This change allows those who do not want to use the verified boot
scheme implemented by vboot as well as its requirement of a more
complex partition scheme designed for chromeos to make use of the
measured boot functionality implemented within vboot library to
measure the boot process.
TODO: Measure MRC Cache somewhere, as MRC Cache has never resided in
CBFS any more, so it cannot be covered by tspi_measure_cbfs_hook().
Change-Id: I1fb376b4a8b98baffaee4d574937797bba1f8aee
Signed-off-by: Bill XIE <persmule@hardenedlinux.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35077
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2019-08-22 14:28:36 +02:00
|
|
|
/**
|
|
|
|
|
* Get the pointer to the single instance of global
|
|
|
|
|
* tcpa log data, and initialize it when necessary
|
|
|
|
|
*/
|
|
|
|
|
struct tcpa_table *tcpa_log_init(void);
|
|
|
|
|
|
2018-11-10 00:35:02 +01:00
|
|
|
/**
|
|
|
|
|
* Clears the pre-RAM tcpa log data and initializes
|
|
|
|
|
* any content with default values
|
|
|
|
|
*/
|
|
|
|
|
void tcpa_preram_log_clear(void);
|
2017-12-14 15:49:32 +01:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Add table entry for cbmem TCPA log.
|
2018-11-10 00:35:02 +01:00
|
|
|
* @param name Name of the hashed data
|
|
|
|
|
* @param pcr PCR used to extend hashed data
|
|
|
|
|
* @param diget_algo sets the digest algorithm
|
|
|
|
|
* @param digest sets the hash extended into the tpm
|
|
|
|
|
* @param digest_len the length of the digest
|
2017-12-14 15:49:32 +01:00
|
|
|
*/
|
2018-07-31 23:26:39 +02:00
|
|
|
void tcpa_log_add_table_entry(const char *name, const uint32_t pcr,
|
2018-11-10 00:35:02 +01:00
|
|
|
enum vb2_hash_algorithm digest_algo,
|
2018-07-31 23:26:39 +02:00
|
|
|
const uint8_t *digest,
|
2018-11-10 00:35:02 +01:00
|
|
|
const size_t digest_len);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Dump TCPA log entries on console
|
|
|
|
|
*/
|
|
|
|
|
void tcpa_log_dump(void *unused);
|
2018-02-27 19:40:52 +01:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Ask vboot for a digest and extend a TPM PCR with it.
|
|
|
|
|
* @param pcr sets the pcr index
|
2018-11-10 00:35:02 +01:00
|
|
|
* @param diget_algo sets the digest algorithm
|
2018-02-27 19:40:52 +01:00
|
|
|
* @param digest sets the hash to extend into the tpm
|
2018-07-30 01:27:47 +02:00
|
|
|
* @param digest_len the length of the digest
|
|
|
|
|
* @param name sets additional info where the digest comes from
|
2018-02-27 19:40:52 +01:00
|
|
|
* @return TPM_SUCCESS on success. If not a tpm error is returned
|
|
|
|
|
*/
|
2018-11-10 00:35:02 +01:00
|
|
|
uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
|
2021-08-12 03:19:23 +02:00
|
|
|
const uint8_t *digest, size_t digest_len,
|
2018-07-30 01:27:47 +02:00
|
|
|
const char *name);
|
2018-02-27 19:40:52 +01:00
|
|
|
|
|
|
|
|
/**
|
2021-10-01 22:37:30 +02:00
|
|
|
* Issue a TPM_Clear and re-enable/reactivate the TPM.
|
2018-02-27 19:40:52 +01:00
|
|
|
* @return TPM_SUCCESS on success. If not a tpm error is returned
|
|
|
|
|
*/
|
|
|
|
|
uint32_t tpm_clear_and_reenable(void);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Start the TPM and establish the root of trust.
|
|
|
|
|
* @param s3flag tells the tpm setup if we wake up from a s3 state on x86
|
|
|
|
|
* @return TPM_SUCCESS on success. If not a tpm error is returned
|
|
|
|
|
*/
|
|
|
|
|
uint32_t tpm_setup(int s3flag);
|
|
|
|
|
|
2018-10-23 07:40:08 +02:00
|
|
|
/**
|
|
|
|
|
* Measure a given region device and extend given PCR with the result.
|
|
|
|
|
* @param *rdev Pointer to the region device to measure
|
|
|
|
|
* @param pcr Index of the PCR which will be extended by this measure
|
|
|
|
|
* @param *rname Name of the region that is measured
|
|
|
|
|
* @return TPM error code in case of error otherwise TPM_SUCCESS
|
|
|
|
|
*/
|
|
|
|
|
uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr,
|
|
|
|
|
const char *rname);
|
|
|
|
|
|
2018-02-27 19:40:52 +01:00
|
|
|
#endif /* TSPI_H_ */
|
