diff --git a/src/drivers/intel/ptt/Kconfig b/src/drivers/intel/ptt/Kconfig index c013f42c43..fb70f9a02c 100644 --- a/src/drivers/intel/ptt/Kconfig +++ b/src/drivers/intel/ptt/Kconfig @@ -1,5 +1,6 @@ config HAVE_INTEL_PTT bool default n + select VBOOT_MOCK_SECDATA if VBOOT help Activate if your platform has Intel Platform Trust Technology like Intel iTPM and you want to use it. diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig index ea1f73889a..c5146c61e7 100644 --- a/src/security/vboot/Kconfig +++ b/src/security/vboot/Kconfig @@ -26,10 +26,13 @@ config VBOOT if VBOOT +comment "Anti-Rollback Protection disabled because mocking secdata is enabled." + depends on VBOOT_MOCK_SECDATA + config VBOOT_MEASURED_BOOT bool "Enable Measured Boot" default n - depends on !VBOOT_MOCK_SECDATA + depends on TPM1 || TPM2 depends on !VBOOT_RETURN_FROM_VERSTAGE help Enables measured boot mode in vboot (experimental) diff --git a/src/security/vboot/Makefile.inc b/src/security/vboot/Makefile.inc index 6d195292e2..d554f103d6 100644 --- a/src/security/vboot/Makefile.inc +++ b/src/security/vboot/Makefile.inc @@ -88,6 +88,11 @@ else verstage-y += secdata_tpm.c romstage-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += secdata_tpm.c endif + +ifneq ($(CONFIG_TPM1)$(CONFIG_TPM2),) +verstage-y += tpm_common.c +endif + romstage-y += vboot_logic.c romstage-y += common.c diff --git a/src/security/vboot/antirollback.h b/src/security/vboot/antirollback.h index 62d2e20f03..5af923600d 100644 --- a/src/security/vboot/antirollback.h +++ b/src/security/vboot/antirollback.h @@ -83,11 +83,4 @@ uint32_t antirollback_write_space_rec_hash(const uint8_t *data, uint32_t size); /* Lock down recovery hash space in TPM. */ uint32_t antirollback_lock_space_rec_hash(void); -/* Start of the root of trust */ -uint32_t vboot_setup_tpm(struct vb2_context *ctx); - -/* vboot_extend_pcr function for vb2 context */ -uint32_t vboot_extend_pcr(struct vb2_context *ctx, int pcr, - enum vb2_pcr_digest which_digest); - #endif /* ANTIROLLBACK_H_ */ diff --git a/src/security/vboot/secdata_mock.c b/src/security/vboot/secdata_mock.c index 3075d335f6..43206df6b9 100644 --- a/src/security/vboot/secdata_mock.c +++ b/src/security/vboot/secdata_mock.c @@ -43,12 +43,6 @@ int vb2ex_tpm_clear_owner(struct vb2_context *ctx) return VB2_SUCCESS; } -uint32_t vboot_extend_pcr(struct vb2_context *ctx, int pcr, - enum vb2_pcr_digest which_digest) -{ - return VB2_SUCCESS; -} - uint32_t antirollback_read_space_firmware(struct vb2_context *ctx) { vb2api_secdata_create(ctx); @@ -60,7 +54,7 @@ uint32_t antirollback_write_space_firmware(struct vb2_context *ctx) return VB2_SUCCESS; } -uint32_t antirollback_lock_space_firmware() +uint32_t antirollback_lock_space_firmware(void) { return VB2_SUCCESS; } diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index 39cd6141fd..09c7e72b9b 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -33,6 +33,7 @@ */ #include +#include #include #include #include @@ -65,31 +66,6 @@ static uint32_t safe_write(uint32_t index, const void *data, uint32_t length); -uint32_t vboot_extend_pcr(struct vb2_context *ctx, int pcr, - enum vb2_pcr_digest which_digest) -{ - uint8_t buffer[VB2_PCR_DIGEST_RECOMMENDED_SIZE]; - uint32_t size = sizeof(buffer); - int rv; - - rv = vb2api_get_pcr_digest(ctx, which_digest, buffer, &size); - if (rv != VB2_SUCCESS) - return rv; - if (size < TPM_PCR_MINIMUM_DIGEST_SIZE) - return VB2_ERROR_UNKNOWN; - - switch (which_digest) { - case BOOT_MODE_PCR: - return tpm_extend_pcr(pcr, VB2_HASH_SHA1, buffer, size, - TPM_PCR_GBB_FLAGS_NAME); - case HWID_DIGEST_PCR: - return tpm_extend_pcr(pcr, VB2_HASH_SHA256, buffer, - size, TPM_PCR_GBB_HWID_NAME); - default: - return VB2_ERROR_UNKNOWN; - } -} - static uint32_t read_space_firmware(struct vb2_context *ctx) { int attempts = 3; @@ -443,25 +419,10 @@ static uint32_t factory_initialize_tpm(struct vb2_context *ctx) return TPM_SUCCESS; } -uint32_t vboot_setup_tpm(struct vb2_context *ctx) -{ - uint32_t result; - - result = tpm_setup(ctx->flags & VB2_CONTEXT_S3_RESUME); - if (result == TPM_E_MUST_REBOOT) - ctx->flags |= VB2_CONTEXT_SECDATA_WANTS_REBOOT; - - return result; -} - uint32_t antirollback_read_space_firmware(struct vb2_context *ctx) { uint32_t rv; - rv = vboot_setup_tpm(ctx); - if (rv) - return rv; - /* Read the firmware space. */ rv = read_space_firmware(ctx); if (rv == TPM_E_BADINDEX) { diff --git a/src/security/vboot/tpm_common.c b/src/security/vboot/tpm_common.c new file mode 100644 index 0000000000..1a07ef6def --- /dev/null +++ b/src/security/vboot/tpm_common.c @@ -0,0 +1,58 @@ +/* + * This file is part of the coreboot project. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + + +#include +#include +#include + +#define TPM_PCR_BOOT_MODE "VBOOT: boot mode" +#define TPM_PCR_GBB_HWID_NAME "VBOOT: GBB HWID" + +uint32_t vboot_setup_tpm(struct vb2_context *ctx) +{ + uint32_t result; + + result = tpm_setup(ctx->flags & VB2_CONTEXT_S3_RESUME); + if (result == TPM_E_MUST_REBOOT) + ctx->flags |= VB2_CONTEXT_SECDATA_WANTS_REBOOT; + + return result; +} + +uint32_t vboot_extend_pcr(struct vb2_context *ctx, int pcr, + enum vb2_pcr_digest which_digest) +{ + uint8_t buffer[VB2_PCR_DIGEST_RECOMMENDED_SIZE]; + uint32_t size = sizeof(buffer); + int rv; + + rv = vb2api_get_pcr_digest(ctx, which_digest, buffer, &size); + if (rv != VB2_SUCCESS) + return rv; + if (size < TPM_PCR_MINIMUM_DIGEST_SIZE) + return VB2_ERROR_UNKNOWN; + + switch (which_digest) { + /* SHA1 of (devmode|recmode|keyblock) bits */ + case BOOT_MODE_PCR: + return tpm_extend_pcr(pcr, VB2_HASH_SHA1, buffer, size, + TPM_PCR_BOOT_MODE); + /* SHA256 of HWID */ + case HWID_DIGEST_PCR: + return tpm_extend_pcr(pcr, VB2_HASH_SHA256, buffer, + size, TPM_PCR_GBB_HWID_NAME); + default: + return VB2_ERROR_UNKNOWN; + } +} diff --git a/src/security/vboot/tpm_common.h b/src/security/vboot/tpm_common.h new file mode 100644 index 0000000000..6bb32bbf1d --- /dev/null +++ b/src/security/vboot/tpm_common.h @@ -0,0 +1,29 @@ +/* + * This file is part of the coreboot project. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#if CONFIG(TPM1) || CONFIG(TPM2) + +/* Start of the root of trust */ +uint32_t vboot_setup_tpm(struct vb2_context *ctx); + +/* vboot_extend_pcr function for vb2 context */ +uint32_t vboot_extend_pcr(struct vb2_context *ctx, int pcr, + enum vb2_pcr_digest which_digest); + +#else + +#define vboot_setup_tpm(ctx) 0 + +#define vboot_extend_pcr(ctx, pcr, which_digest) 0 + +#endif diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index 2468f5f19e..c61d6bec33 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -25,6 +25,7 @@ #include #include #include +#include #include "antirollback.h" @@ -334,7 +335,9 @@ void verstage_main(void) * check the return value here because vb2api_fw_phase1 will catch * invalid secdata and tell us what to do (=reboot). */ timestamp_add_now(TS_START_TPMINIT); - antirollback_read_space_firmware(&ctx); + rv = vboot_setup_tpm(&ctx); + if (rv) + antirollback_read_space_firmware(&ctx); timestamp_add_now(TS_END_TPMINIT); /* Enable measured boot mode */