From 66f9a09916368bfab09da42ef0beed84a4bb7206 Mon Sep 17 00:00:00 2001 From: Philipp Deppenwiese Date: Thu, 8 Nov 2018 10:59:40 +0100 Subject: [PATCH] security/vboot: Add measured boot mode * Introduce a measured boot mode into vboot. * Add hook for stage measurements in prog_loader and cbfs. * Implement and hook-up CRTM in vboot and check for suspend. Change-Id: I339a2f1051e44f36aba9f99828f130592a09355e Signed-off-by: Philipp Deppenwiese Signed-off-by: Werner Zeh Reviewed-on: https://review.coreboot.org/c/29547 Tested-by: build bot (Jenkins) --- Documentation/index.md | 1 + Documentation/security.md | 5 + Documentation/security/vboot/measured_boot.md | 58 +++++++ Documentation/security/vboot/srtm.png | Bin 0 -> 20192 bytes src/cpu/intel/haswell/Makefile.inc | 2 + src/cpu/intel/model_2065x/Makefile.inc | 1 + src/cpu/intel/model_206ax/Makefile.inc | 1 + src/lib/cbfs.c | 35 +++-- src/security/tpm/tspi/tspi.c | 7 +- src/security/vboot/Kconfig | 17 ++- src/security/vboot/Makefile.inc | 7 + src/security/vboot/vboot_crtm.c | 144 ++++++++++++++++++ src/security/vboot/vboot_crtm.h | 62 ++++++++ src/security/vboot/vboot_logic.c | 35 +++-- src/soc/amd/stoneyridge/Makefile.inc | 1 + src/soc/intel/baytrail/Makefile.inc | 1 + src/soc/intel/braswell/Makefile.inc | 2 + src/soc/intel/broadwell/Makefile.inc | 1 + src/soc/intel/fsp_baytrail/Makefile.inc | 1 + src/soc/intel/fsp_broadwell_de/Makefile.inc | 1 + .../mediatek/mt8183/include/soc/memlayout.ld | 2 +- util/abuild/abuild | 2 +- 22 files changed, 349 insertions(+), 37 deletions(-) create mode 100644 Documentation/security.md create mode 100644 Documentation/security/vboot/measured_boot.md create mode 100644 Documentation/security/vboot/srtm.png create mode 100644 src/security/vboot/vboot_crtm.c create mode 100644 src/security/vboot/vboot_crtm.h diff --git a/Documentation/index.md b/Documentation/index.md index 58ec11d148..dd8714cfe2 100644 --- a/Documentation/index.md +++ b/Documentation/index.md @@ -167,6 +167,7 @@ Contents: * [Code of Conduct](community/code_of_conduct.md) * [Community forums](community/forums.md) * [coreboot at conferences](community/conferences.md) +* [Security](security.md) * [Payloads](payloads.md) * [Distributions](distributions.md) * [Timestamps](timestamp.md) diff --git a/Documentation/security.md b/Documentation/security.md new file mode 100644 index 0000000000..73b167fdc4 --- /dev/null +++ b/Documentation/security.md @@ -0,0 +1,5 @@ +# Security + +## Google VBoot2 Measured boot extension + +- [Measured Boot](vboot/measured_boot.md) diff --git a/Documentation/security/vboot/measured_boot.md b/Documentation/security/vboot/measured_boot.md new file mode 100644 index 0000000000..3ec3729edf --- /dev/null +++ b/Documentation/security/vboot/measured_boot.md @@ -0,0 +1,58 @@ +# Measured Boot +coreboot measured boot is implemented as Google Verified Boot extension. This +means in order to use it, vboot needs to be available for your platform. + +## IBB/CRTM +The "Initial Boot Block" or "Core Root of Trust for Measurement" is the first +code block loaded at reset vector and measured by a DRTM solution. +In case SRTM mode is active, the IBB measures itself before measuring the next +code block. In coreboot, cbfs files which are part of the IBB are identified +by a metatdata tag. This makes it possible to have platform specific IBB +measurements without hardcoding them. + +## Known Limitations +At the moment measuring IBB dynamically and FMAP partitions are not possible but +will be added later to the implementation. + +Also SoCs making use of VBOOT_RETURN_FROM_VERSTAGE are not able to use the +measured boot extension because of platform constraints. + +## SRTM Mode +The "Static Root of Trust for Measurement" is the easiest way doing measurements +by measuring code before it is loaded. + +![][srtm] + +[srtm]: srtm.png + +## DRTM Mode +The "Dynamic Root of Trust for Measurement" is realised by platform features +like Intel TXT or Boot Guard. The features provide a way of loading a signed +"Authenticated Code Module" aka signed blob. Most of these features are also +a "Trusted Execution Environment", e.g. Intel TXT. + +DRTM gives you the ability of measuring the IBB from a higher Root of Trust +instead of doing it yourself without any hardware support. + +## Platform Configuration Register +Normally PCR 0-7 are reserved for firmware usage. In coreboot we use just 4 PCR +banks in order to store the measurements. coreboot uses the SHA-1 or SHA-256 +hash algorithm depending on the TPM specification for measurements. PCR-4 to +PCR-7 are left empty. + +### PCR-0 +_Hash:_ SHA1 +_Description:_ Google VBoot GBB flags. + +### PCR-1 +_Hash:_ SHA1/SHA256 +_Description:_ Google VBoot GBB HWID. + +### PCR-2 +_Hash:_ SHA1/SHA256 +_Description:_ Core Root of Trust for Measurement which includes all stages, +data and blobs. + +### PCR-3 +_Hash:_ SHA1/SHA256 +_Description:_ Runtime data like hwinfo.hex or MRC cache. diff --git a/Documentation/security/vboot/srtm.png b/Documentation/security/vboot/srtm.png new file mode 100644 index 0000000000000000000000000000000000000000..365fa3915f7d19dab92e2069d346cd2552fe3fd6 GIT binary patch literal 20192 zcmd43byU>R_cl5(0@B?jAtl|7ASg(8w}5m>w@8VUBHbbgjC6N{q|zPIjlfVt+{5?# zd++_{{o`HtkGrmGjcaB;blU(%X>9; zcDw!uO`&y~Ss~p^vhU(lAfCh~&6?sjxyyARw-Y?DfVvVTT^QkW7?yitq|pSS$lQ{mMQhnn=JE~0*kLy-Feh^k|L#Ih zufY}O22CkQ#af6Y?p1-1a`MHAGoE#RVQd(r z6!@TVQ=5_;L^{dE_?;31HM%{9EoBKv9SSVGI@`JXzxl~mBVMHfLw6cpuD#ILK zwZ;@KRA-CKNbqf?510~5&`vB!>JWEp;chD{^qd;p(UH~Vp7;Y8>jjz*@5K%4F@L{a zdLFXCIC;H1UT&g^k8k@@opzwWR;5p9;2J8a_CzQIleBgE_oK0ZvY(NW{9k@JwF)Zp zQJ2i7)%m3RpL7}JZU0VRGU^YzYqB8=PaqySiHwwu{_&F)Ei+n4a28|TI#E?}_6_2w zb=B{uoNRtno?v1~>hlvPPc$@eJBP~IVW)CVM-jfE9(?>L40ZB>R_i@Vq)N3xJ4JL~ zN9VJaO?vvVN8tPRZ)TI5{37y$BJCk7I+3rs^hxj&-r{-WI;2^n#_PyLc}eVb8E5>c z%YrAW{Y4q`FKda6q$>DWwIE{DSVeQWGO~X)x>&7OSJ7nj`iJDbC;>{#re>D`9)5x#yPeFeSE+-j z-fhNM<9m}+#dk{&r$?o!q4q-86AFv?yV}E|#ZPX$`XZ{>>FFJ{C&DV7WiZi0bEZvl z+3DTLEIN&Yt@&{tm;MxJa&Eg!LhF;9**?hP$wo3;b;SI2t-Jk8$%2Z95iW1h&I%Pi zjpY-$&i`f)<6EmIUk`FrCcQ>{Z7W=ky4@8&Jd9~dm7Hj_?oQ~6TUTuevU@j6$q*;r z%S+;a6b2SdMe9SQZJOX_y|1NqGY1x^J3<=PU33eA%HR>1} zsV2VfLlS_TtJ)aBIEch*lEN5WB)rz^^5 zN-s#YCVS~rLh@WTKPLL4T5n^kbM)xaq>VT2;ru((n7-`hV}+@&no)nUeI*$ zE4TXpQ`ET5SF5i2fizm`L$v}a%6|{fVo8*frJysoPRxXa5rsEVDSwX7Xy?khLFxM> zhC0rF^=68hZkp16%Ir19>&xAiGP}j;+R<9|6y1KFwOHGtzu`n@G!r+1boBHdACuHn zB5G*|0=qb=P}{vkmcxt!7e?ctFsA)En16?X;Ccq#uu)?pN()+=EWoIQyr+psd7D~4 z@(&dtiOGo(Mu*~m6bflF_3FH-tq_BD>=#tTDjAb4Auu%37PpXpD%+y-85RXG<= z-mQZ0(fLC#V2ejRJWU+IcKP>;3qt09zG5&@Nfn^H)~f?o{G7z) zeDHEbmO3A_Xq?K8FC5~Yhn6?>2d_RiK1~QzJXoxJ6(j!9DKxtt zQNoPMKWE=Bk0R-v&QY)pu#veN?@fOOL$)OvFpr;*h$_8p)bSajv1cywBk0Sg?fON| zJWf~i0{DabEg8w}GJUJ}UG#I7psUVgNQU=f)Uc@wfFpGmu%0@KFL%?KwJ-zRc>HIq&;;c~3w6HH&+k6k*CK~%FD$dE(OVqHjcCu5rZ8Dk%znYP^v z>@Ar@NKB3VD0vz7Q~cnc1RlOECm4{v+V`F6#qIcskm`T7`$Mz8gtGm+T&2WfyC)ja zB5U%2?awyKfsZ^am(Op>7vwM|hqAutk_qCe0{b5)G}Q|N{Bp8+TGd!*11R$JtP2~D zqjR^gzH5%E)W0^S3i|WUoI_EKWe-E0o<3%x(Ve^Y$vA&>$OxwX%->{}#NVIg|B~Jy zo3)vf{aWRWiB2 z|G*Jpp~@gS6fJfoty1PcXDYK$hO1*WqjP^UH|JDF5T2#A?f7y1$IF=#1FVs;EK|r2 z-&YGsmt75&lYsBB0Xzy~F<{QDwwq&FsMSZ0J7HPi;ZUKLPh9{v?>CPuRy$9{;r^&@ z0_Ug`N5gr^GqBfGVo(_=Pbg~)p2mZ#moA^D95Be?Ox7jO_$ORjF^lvNWRGeqb9H&~E zvgaUK(x_7o;Jxk5LUQ5UN;`m$#SXK6)f(9_x)=GyH{k#XlYd_Am1v4>ntpq|42J%Y zg;9N{alYWMkkIJ*{ve-Tt8nxDh$ba^`ag`t_5;$rP4yuAClcwnkDp_Yl153GPC zx&1XK|39Yq+=q$jAMhsLDvf8LEj*5YMWg?w1`%kDhBKzn7d3wW+rNvOw^N@9KjA#j zID$9WHchjllznnGESkL%P!elq6~HEhbdS&qD8qA~Nkv6gfA*vufE3t@R-{$+Nh3-G zB7RVFb=j3VWiPA9%67`;QsqlbrM;MlE!-ve1UOKxS}Bv(Pal+Ld5054S{md%KUU@{ zP~D>vAD)f+vL?)ViA;^C==4@6i+)N^&yu*eULv51!h0Nc ziiC4aY+8{z>{u{5`@sMH3db@;G2V9}DhwVKlz0M8Mou(m+D zOED$uFzyLB<{QS_?JcQgGBdQPQ@wm{Kp5FEHeT{7yNl}__+;Ey{D=N7?lWcIluzbR z3j_A+`zLzotYGdtTQU;gq!I@`K?Bi1#INaU3F;EmMGW34Scd~ivBdD@AMb$0%tzAT9@a_ z4}x;(&`Np6g#4T!I`*!#d9gw6Pp|?BJ^*^k7#k!jm^=Jzp^ff~hR@A&qowYzok zFZcb?eR$w(lUKxxR``4SW}nt@bnMT5 zJ3^uP0S>W+rlR@JM@B}<+xHI{Ia*tn3U(Re;Nzp?PJ%QqOaB32l`NyoL(c#I!v|R< zV4E~vUboMd77J@wU1Yez*ihz`Gma5HQpzHB496TviDU-R(7uB2hPT)PZ@6_x+I48 z;7S7i`WY!H@~>ZGP>XgGl9IkM%76xsjqxrx2}R(1RaaAcuCGrXE*(C-_p5(sDC^K| zmPT_Jn9D%p=VWg!Cj$esh~U(1g*llmq^PLqYWsE+Uc zQW4eNdee^3?0o-^I-(UU#X+81&UC(lh;2nh)&an|p1wZ5H~nfEDmI}|@+X`lA>%u5 z`r~tjsc^8mMCMaNfpCujVcq(!J^moU_I7$k7GZGfooG!A<>zZ3roPFmvsj`g7 za&j!tH6#rU4T|Otv7?(XYB3!i$2ngb-?zBGe!VI;>sUv1Uaqm9X6thbHGyQ|G)mE4 z3c29AP#=@7WVc!gK~2pk$C987{&5#b1Ho8k=;cUy&o}b-08>psoo*#T8 z^UfMr9=&VVc!K-vIW4YeubvrkIm#u;vwi?QH3xipv}SeAO_aeGArT=~?K&%-%f4mE zQ2)WQ-r`(Ibcb{5`=IA-zFC$p8vHjFA7>DsU0T2{7-nKxd86bhNr^$VS3sEaA|m|a zDK3>a#k7f7ba!{@%t6H`GFK753n!=J^E=C{xJA@ORHH~@I~&Mauvl;q#6DOGsSQb` z3*(1kxt&iO#2E=E2f0LN8Y)a#GK(-;zH7(0_R-7rrGy8CC_rPO;gtF48{8i;y?VlDqRZj%@yW>?bWu(@3~iSz7|F9wSf_)Vme2O_$|=?&a^R zMP~i2PW;I0v9`CHmeKaE0w#v~h!eOYKdPa2q2rN~POor;<47b+285#>mYLoQz6j44 zUpcU}K>k`Wg1z(u-Xdp3`~7~auGLDeopFU6_PdF^#I&-pBzXFVgGB&!iR#&Uj>nDk zJ4lK3Ea`R(u^!iD(uVmYJH!?(gXP!#xL1dxopuIJv972U?QlKQw~~*2#c408_5zSftlQ#? zJ2>bawSdc-|0aDq!JpQV#2JvGoSx)%wQ>LUSnv*i>8_!MVWLOtT>UzT2FKuzX6h&y zv&2U@F{}Nnp7h4O!m-35Db=P)yNZ=2yfw!P1)f;P(j5pH3-KzyHfn3fFuOlGl!f61 zqF&;cY*O7stIbR9Y203^4SGuW_nkd^?0e(#sn^b$3-uhit&@VZylT#ORDJeC0E3SG zhe+9wACEV>HvZN7{Od979|;U=I=V}YrKS`MEF4b%1Yb3MuWgU>l(vLvAM1JtqgiXT z_12v1CNI3$af+GPo3MoTN*4Cqgt+GfSyL6StTSTbyX0<*p$Fk3XIQT=Zu+g3th&%^{0r}s7*wn_`Dt5ZOLMds%_!JUcn ztE-2C+#SCOexiB>y)X~^C%bZ_g`?qybf@lKW;U648?bfjALo(p)Ks2U>3p_G`)P7{ zK`*l+&Fxm&pH2tDY%v+B3++Rrt_n_Sx=tnC^UfjM* z;!S4nk`*Z%_2aP>_bFsxaFDXOr_xHbBIw@9snrLGhbPAQ+_ULtm5tK)r*(Vwwim;v ziHq$CddgY27BPBDk=lfr5pc187~Iq)g3VO+&&S2|=nyzlk5@wBRP)`t%fsy$gQjwsn6Tg1d7O4gBuL*!~G+ii<%svmp^Jv8R z-x>pVSlIn?(=7;!&38ieY+v2x`^TQx=S>#121r7R}m;&nhokvy}}B0YhL+4h!`m;3^10Su+GkOdJfmGUR3>8TbvH$&2VPj%QUe9*FbimzkW} zCWjV?b8$hZ1-ywjj$R|FeDrm#j(|VmysB2B(dcUSVfe_$>o!J>bD_mua4@gi-x?6s z-PiXeZSL!b50Cae{Z{N$!2`X;XT@Wz-r*W z1)4stAHvg|f&J>HSnQRnSn0=F-)&Vd1zcHP*vJ@3^Q!f*7fhxqZbZStR7Yq$JACXzk+Ch-myKA zRYWDOk8hY;oZM`pHccv@2aBO=^_bgsY}d!LDWDgo&v0S@XrWs@I31rI(6iZ97u8c= z2~BKM5@sf*&!0cbMBx1E?&-lN-Gby)S7X)959hwHA|fJE)6oexk6(rR^78Uk6*d{w z_G!73L^;$1ZX``5r#8$zN|ErZULvLYKc#%(@AVnoY;%(3AEg22#vwRW1=RBD%S-QY zEb@=zI}R>Spxr$pE~1%OXZe38hN@kp@e&Z2XMg=)0gV9`|?9w1E3t1ny&gD>16WqTxUYzAZsmrTm8!;B>ZR z3rH*P&h3*Z+&p-A&U4Cz3X}o+gSkWTZM8A15*`C96@&^5G_nTt!xiKsnFR!D26*Hc zdCBg^U1akMrbH!%MQLX>AGs{Jc2NinT)QMDH(lFDv> zSC8{U1$g9NKxa4D);5xl%oZE#j=kBor;iv*n+|Oo--#42Ij;Ss0>PuHqq8Y>p2sAC zgl|g{qDCWNrzJc{N1$F=Rb_~X|6d$zuk1cHFE4Y!YnjBt;_u~X5YzGB=sK5qM`xk8 zh*IOGO7|_5`wByeM0hHL#;^O-Z<1g_X8$+)q4nFpGIAd#?C$fT7Zi+D|5j=?nx%}r zv=qdCUm?eMGvUucfRDxe+{nl%w2n-0e=B6Zr{~K5ddK1Ar+Qe&d|&sYyBjefZw8>T zJ($Xj>N@0oZTAoiiS1c?;_;pG<)sX zw`G;{b0ifLSdvHF%AUa<#TqYu>hWaf-jtqxZC5g%?&b8~ZtA&8nZQlv4p=_rr zv_+P_i+-gyFOR;_>u4zlTh!~YXZ=?h)j3ER81Lga=<%Nmfcvie@AJinY#Dt<BhFUKJq zXW0r{9n@2Bqx6YBBLjop-WW<2RuM?~GCy%YeZp%nvXIRo@`OFN+06F2O5SH$b1sy5u;-=Dhc;yo7f4+u`!UGk{m z2pvQFH0ugy&b|Lh7YVg;x$I-%molFCX=MhCYyiVRmi_?l0JfkWhgJS>KD-M4{27@^ zRWL<-cI8_fMNmv|fzvVp31@T6uP@jID#|!s>Y((-`tP-o+oy@i9O*sLTzAD&8xs4W}IQBj6^n9N0a;H#YmGiaM$L%z?@{+PZs>0I`Y;j+cNYu5ezhq=g zUtRBA6#WqHzPS?mQ#ktA_kxC^;B$Cw03vyn^L^yRT0cYFR^wh4dc)9Kk=gy7zo4VR zz(?X!*QPa6ILwrL~8FLy${3WytJ%gAWJC#`{LqVV9GO1UYNwh5!-W<3I=oEGlK4pc7D?p z{V7w`%=VJ*@RYnc&URS1q?40dhW>6rK*DipM@6<4SlhGH&;9(iW5w*_Z!-QzQ=@ZaO`*(F&0fv$oMTL4_el&z!@Rmf)SMlN z75DlAnWx-gRug87An`kQ`1?CIJ2LJ_X*4U8TyS4zY~1<#i->ND`70@*>vQU1+Pm_P zEq-;!zzb%YuPk3HM$4;6zE5B%TiKGjw=_d!WC&eue@oq;tH}Zmced?{RhTIlb#`X> zLNcPouWfZLF5B#MGme#g=v!XiCmia}+e^1(;n+>V;1mTVB^1C&K#ikRRC#-Q5eI>_ zo)>0&>gu0&;Tm3Dt})Lx`>+B51NfG#zdy6@g=7+V^7`30Ga=#HV|~uD>A{l?cfAS= znyV{HZe=bBKb*gbnoMqUwy8JAT|!Ff*6@vG*FFRmwXai5Kw=`%@t;?G`fYc{7#OYJ z!EivqFPzEDYdwVhiONU6-}2S_ALv%&{Ls3lcRPe`nfv>?-iHm8E=_|-+*qM0DZ(G4 zPgyxfY(T=+Z}rEiTR5@qj~B@}SX&eOQ>2LtB(;COi{0Jb3Grr`OhmhJf4CinQr!h+ zXUnvF{4Wk;_Lo``K(qjLW+Ox@Dg5p3>Buji&<6Li?|FaKzV@}<2U0HwwZ)D~-3w_J z2FimKq0piMb6jYcu5`D-!Fh#Tw|HKQEHdETa!z^RIr_4T`|me_lqL^Ky!wD+GxL}Y zUg?fJ#_B4UPZzPHyC0@CG&o0~G9%T-tH z*newr^WOKjXjg|#4h1T=@m@;}*>y|TnqLF_?{5trPz|t1&gSD$?WCW;YpQHai7%BP zdsPnwYI8H!uR+9TRms$zOs_!MGLskFSd^Kf@b&}F!s>~}W4*rEqL~Ap83%34H^XVu zDPk9mY=~NuZvpz)Mx|*6ben%ti?|16Muh=>m?cEIMpC|%QAY;y8binB(3xX;lXoY;NSD5g(SI$M&V{%owxeL|gq_1XOBHQf1h zGd(E($6IDq2@mw3>v03HYP%fcC1rQvHTKJ$)>VA2e-+R6gbJib<>q1^;4OvQd^r9s z&Sq!lfT9-jQ;)LB{olDz@qgW;ENs_VAinBvP9lU?KiC6v4&}Z;)2rEiYT~oO`SD}x zmg#+Cq}08SgsUqxbbj8!v)xYJ_wFhR+&_Gf(=T{Jiy7d7^=hZ#!-B?8CLb^P;XVX@ z{dOLChTFg+s#x#Vt4&Q3_Wt$u5ZVWa5!uREesq51_LbM!1l7q)q{WYRP+NC6-?WXV zyXPs82-_PyqJ7|#%auSp*c@(3@H@Kwe0ixNe)gNDvdYxzeE%5|So^1EJ707*d`L;R zPLG1_3F?|MIE`cf4m_i^Y7f?oiaU}uH>aTuI3vsU=ZywxW7XR~w3j_xS+L3govAM& z&uMtqsY)B|m|FaBHwv=@K|-e4Xt|(i--ADDQPF1D@1t$o_{GeX1Mu?!#h;a4GDA@_ zKAO+?_hl>SOttCNIq`6{iGQVZN(s-1XQ;NLsPu5p~-GV+{- z8oB*4eMsCOf*;1XnNIqnf+N`-3+Cf5!<{$@F#U#_uX-zXvcK;#8gPY|;*x0#3Dz$98wVI zfd&FpSY5}|Hq0Q))-6;ZaHI`8odw)HG`$ zI-$S_Nwh%=Q!86j26IX*qZvLbW>akUqmFew?#lsvr-w~J8{6MhEynVb>;Ha?uy-)j zs*WB`mqIn$pTW}5h{f{x$D+*C9#^b){XhHGz`y|`1=EONjLld=fl6KzWY z0yPU#w`WjFLA^c^_(W8Q^@SO8mN&;OB75j}?iT7Dnf>Xc?$N)K!8)i*2TIUp^*HZd z0M1x#7{;bc@{UV`k<|loJXNIGa1NrReyh@Y`4@pKVA#gh>P-{8)DmZTd7Q@K1^M>U zSRtA771D%H@p{A767?nhL2}w$aw1Vl`iN89#(vdNam8YLNFj<7DUk#2g5kP)eSuXp=o*A1Bg=f>UL!raPy^s4GH zX`6eCO+ug35ljyZSN&DYk4gu``PUH1t&Y&qVh`HIMrviZ6MQ1lBa6P+$>G`nOHk$4 z8=yTuI|_1J@eI7vg&&rPWYyiL?*}6lhA#**^>#>H`0F_9dxDV65YYvtxbQ|Ix{?3C zPrh|gk5W@hhOehTH~JuzY}$~$^!FarsB@f`#Kh``#Q|}4-zMnCzm1cXj(`V70Kp=6 z^UR#bC3B%L4ZK1IQzVJ&qjr0A0W21=Ajw)pDJLhkGim>}pKB;8Y7x0^a8MDs&hJ8! z(*@CX-x8YcbgkN-gGu}muJC&IrG`eG==9D^h2qLNKw9KFfElFq2hPM;+6CraoNum9 zL5wU({nQ4`ur37!lXqv@8LPz?8wqAj(1t@T8nzH&YGm};IemaB3zT1Exvl@MXB|92 z4s~sKUE+WGQ`ueesJ=dpp@*__&*QW#$e8MF()CUuZL$Az*~ZzbS9ObLk$8kmupRp< zeQ4{=@XRWwremzQn=mlDLrkCY_#jL_S>32P`ojmJ(w6fb1H)>HQ!i3~U&|k(SoZ5K zi!Glf(ZmG0v4w`{o_@!r4ZP$Am}VMu8yB8eC=NdIWR_D}0L`(9}s z6oKR0yeL5hlOA(678cX-afnxjLNAZ~h*<$VP4|HyPP5MfqEHV=2<(RE{L@CK-ZAjq z`*0I4dn?VlGF5nM(OleeJ?yPr1Fn$#;2>_LWuM*W&yDUY?YR33sa=N7w^1OUAD5pq zJ1WATpM$)x@9AuEYZ(5@$jG99j;q}&S)$*4)OZx=46p!^svaF-aS7+#NtYNM?P>pAbjw=+ZMrIIs)>OBwqhRP3p6C z8`~Q2YP`bob)O`WPJZezy1iW$boSgh-V*`LqQmHXQpnf4Ce;Dh`E^=a` zHAIup^AJWQM`eV79nB}+&)XeeH7YN*^1Mgr6$2@=-pK0t;xglHn!(}9yp>hVJ;|=u z*&k+}fa~cHOjrNojxL9#438Pams&clCv_W|dA*++IJrw7s@Src=whBAua3}CoD05h ztbfw9(47UZKhtUM+tYxo3V>@jIc7A`F(N6yuvb;^z&3}`H>oiFxn zle;iMXJD9E7q^S3>dI~jt>r-CG?K8(3fdIR=cn{M!iE4Ue6^l#|B38kzKZz_aO4%ZTLx+$MJI6W15wCN#ny*&_u z{IDdo4*ELwU#9Ao1M%wv))V@so5~83ngHJmIS_KV%$Yj4KSpD2yVl04vYyOn9I=k> zSS@cwVrFFglE6dT#m&Mt_Y0FtspvvPe*R6JUm=(o6z~g?t2ZS(9=F$C{l9#^^@^gS z|2o^X!cLm2wpI9vIPq->A^8?~+dDDuF=>QD&9<8EEcw%&d$-)26pzqS`O(DhhSE^` zx*9m5(dau+0J+zB@5!D7AGHqRG{p94s_*#>++JsrUDC&=8zLSlLk5#atwytkJxU2V z)d>fj>Z0%OyzEv24dyP}4<6_ez%i)V#=w?+CMBZf;toe|d^m>OJ)p`F_bUV49;IHn z^Rib>me|Ek;nbu(kX&U(E)0y_#hve6bxMuerDc$V&j#6TJ{;(1U*!W0`?}j4cVho zL7aHrmVHYzGT(phtVXDAJ-ogr2O8U>m>n%~gxK=lZoPOhiN820HTd4XG1soR!1e^_ zzkfZOkmFFirr`i(e{)=bXp~9f@YYD$74_WjJYG$PlshdNKGa`y(}SRJIvrJgGgsXa z;zLER03aBo@RNf&Q?0AnT1OPq065K2%f*w6MK5sxZZu{wy)+^xAKB(jJ!hpNqg>TY z0^?KpM$OlHpN6=*1l{~IBwz& zE={A1(WMqcy~=gA}7{WWOV^F`I99n3(Re38azuV&s-1kf1B`bNMn zpqqhd;p&+}mVCCjn(wZUM0WBi?E;*Vjn5y72C$+Nnxv;Yh3uf&n9b4 zZ1G9KK=+PiuMw@=8yC$wRmG-6kG-Yd1J13AJ{ZLY$mOnEnTo|q0$#o3byc1R^d{cs z7+lTVD4_ZtP|^=T#Qy!PcsG|bohLHz00N*&l>v+43laq9F(x%T$b~?u@XSeVl&q+5 zUGP6ertw~p#i72A+RAFmTE6qtFA-Rd;-A#FS?mA;&cnE91NgsGSO)1^6)Q(DWSQPy z8`Jph8)0D7p5B}i>X(~otR%i{lMEQE-$)WNgjdEDW{D<%UB*iPt13Va>ZdkW03qP9 z9UIhULI|Jquf99*Uq-hCNY8C=hcE~v5{fAt`A5kK3ku;>y0 z`&dDA;S{GyJ{pUG zl8c^+1KIH>4^Px0O;=eU92LayfY1~ex>;$uf9yhDj_ci+wbl)}i%RN4TArvVm7f8%20Nf) zS->y;EqaL%kp{(0?>&9G@fa0HJd(upNIm3KThZUXfY8jR-k~kglLgc4F8DSA}?0Ad~NwvR)uBJ$fCmcaJrLvat0m z^gla1@|S1FxA&I6Em5T7F3_@|t&dtEPPr$}g2W}WqTWq&&5xQIfVSi$r9g03=Yq~koGo(QKlh<}8D@E+qzY7YEkFsJl|AATC>fVo31r|oaY*oi2= zu577sV5T?EQ6oXmMuxR683tU4K?ouDR$+}uvwF~WR0}wi`8tUM%GqAbL-~9=8u1=& z=J6%hi)w;?Xeo5bu3(FfepnXlRf#Tj?2?|}Uvk9;K)JDI-g~5t*}+=hl%x7fKpY@< z7&jR9iRWv2HH#O)Wg)|@2hDl{YrBCV0xS;6&Zd;*FTL9$h-c^t==iS<@;4?uYGRLm zP|avBVzy?RbwI0_5P>(Fla<+Uy+Up6i?`Gp1PR<~%KxugX7e|QEtS1?O3$lUl{Uzs zpRmR&mz0E3oN+0vR zp-isxNYIS>m==~pjYf53crLDEW`e^AQ4Chlqr3BiVQOI^TT~!>V3b$KTHZqI$?UWC zZ9>M&IfGr1%dzXR_IA~8k#zYar0{K@fSzH4KEw80JE=A}$Fok1Ih)|Za=TI~bK|6c zO0XvaA))P5D|XACx{%SUa}S7c<^YA~3uBb#aN>Tm$pPh+^_PdQWYa=G6#rbafGIwm z+LVA%ltd4tIjJt+XQTWi4fUY5zCY>Au|nW}Gm;2#_m>Jpm+m7;(8&ioomgK&TJ(me zzm(f`U$t6&`$5qf=odl*yvyuX+0Xw1n+=g9HtDwD4`VtprFH6%%fEUgBO)dyma&0n zI~t362<=67Z7`>~N--SC%Ih$is_~Gm&mRMF?e;W^x zl|Ne%mk9_$O1MaC-MP&?0H9|G2|g-=!KTjJZgnYoYx;! z@CBP9t6IRX=0Ya*axtgm_qAZ^(7sHq4<|0x07t?9>~

L4=MTSzjI=RcHrw)gjb!{G>@udokHP^O*8SnX z8SCLpF}J>ag_3LmET&+6LBDf!^o~8{l=6Zy(CNNn5Z+|{_kUB1mFKC0GNnMlO595Ta2=2C@NkE$3trA^)R7W_Km<#SiX_DYq_cT5-Nxv(2w_ktAsa<8%} zIl z@&R|LoNZQQ8`TsX!SV9R_XNWfe6X~M^S&}9ydzlQi%uKOA!y>A=k+<+jl&K_3f_VD zF6EQd^%rdJ3Fe&025~Fbf(A7MWmS5OGH`m(8s-~*I`#P+H75opm7$h7Yj>`0-%(FL z@!E>(-e>f=m)08wNN31OWkQ>zqmt?8ZuNst;hHRUbR8YA4pVx9*ENHDZ1MACaMn7y zhvSvgl&8@H=xY*&%qm6#0t)~j`?+2J78iLo+1PJvkXx$gKB?mGWm1v{M^PVo97Y2Sc<1-C!e)HjOPNhk@s_gx2A8TJ&RS zOyKU5)@yX!7LalNVb#qc5ju&5jn7@*)ST8Hj4q&jVX^$^G=<5q#bkc=I-H$g5!PyX z^f~9xWKTH0dxG_@-8|8NIz1mB0-Ku)32VHYA8T_YOTt$JOptz$NDG_AI>4kfTp88@*KT;^xvItE0u(@XYZQHVhcC z=ImZ7wdP9bw=gcQ`Rh8)KL&n6jj`q_o4XJ@0TV$W^1Ub5Di+J;s^q;d3wmz8*}BQW z+f>6`5qWA(5wIOmiHp!#TIA(!WwUhK-Wzp3NK|!f6rp>WAlAk0^Pr%gWcK{@!Kv|(;yLZDU7CSk*+7dn_V~Kx7_Hj2w;ASqKp$cAw|k-F!1IErY?_LYsyi5cUFK7-*W(1az5b3By-ykhiMnBE?h0L4~ z?L}O{FVb-HK@CTPP7Xfz;e&!5Wg#pTe5bo&6{b_T!m3x!oy*RRA2Dqn|{ zx;|2Ao3kQ&6XMwN-oW6a0PmdG5WfQ2X(Zll$8)pZrURA_-@mdXK4tgkBhR$V^xcr4 zf9FWyPx^XSV}s$H`*w7Xk#a1e+FN<@1hy6S|9%SBO9f8t2gzvfebNP^EFD z(x2z{JcI2zSg5z z!-WTxfw;{QSY3Xs!PANq&mE2FzQT?Ll#fWdxOKc+cp9!H;^hm}k_3x<_0kK-P4Cg( znT>t9#iN>YK$-W2z%A=a|NB#&o9`Z@cGlqozfnYW(?2jUE*HsLVVK(P5e*P{z^q-q z0s8im+1@3UT-Ov^OwYxeGQ0saTi!xUxa7bR6dR4#zTEnzQ#oRK5qq{Q1pW-e@XL=L z^ZO2IFQu0AP{SObRt@pTxOJH|*``V9ci10lS5?VUf`xgOn%Yq4+d}*e2`lv9)O{_3 z()j+aA8cvP)7YP(fAIDKJCwJ}%>9SQZNRF>QH9ToHs815e~;3!Yle2qo^B7ukn4Ia zJKo+bVuza(r4)E2A63Xf1P%A?0(KJ40dpmg`Egw9WGHYnfMC>c9Qflo;+U3rd30%C zJLPDYFuiAtieZ>A2l!yxpYEuV0@URTp>Gie)61kL({~0>&PqO5Z(AA!RMoH>uENv& zLTNP#L3h^w$v;_C&_=Az@X*W3)GIN<{pnxuIJXP3%JN_FamLZ>WutY^KK69b^5%N^ z`Wd~(7a9GzW>!tN44OEbH1qgBDF;el{-1u^Vh8YR+FY=V&%pg2`fZ^MF8Gn%-LhcE zd;2$CR(-wj-@jCl#H6HE&nA&~KR&&Gk329i@c#Ubl2?O6T#d}|mD@^P`@dkcOA7Bt z-rvLG=E-!Sw8)4~W4wfO`CN8K4e)CxHwPHPvWt5R?Br)~MQ^R#`=^kGhk?9`#b0I5Tfqv3u3<%Wx9zhK99-4L5#ymBJ%?tR1#-fT?r zbciYhyXzn_ubEI?U57VTyToo&W<9v?MeFDm171q_vXmK0cimH>T}Cp8_DXh#bkAeX z;$k+*&u@~;kX4XOp`OO?_I28k?~pHpX(6;P0@I~e6rVF33%k(NlhosEBTpeyhS;_T z1<&JG1R=kL79f8KrZN+7dCUS$f?~$p`nw-`=MY3~E<*&7{6Y{R1nsD?`fnMH9T90JNIXQ9C;9lX0JQ4gnFx>ujh4hxn z4+;Mb9^L;H*$5{0oCVAQW&kyazykaaiC|03aStM*cbfJ@M3g~>#+L#20`m|-ua3db z_EJ<-)GN#* zMud|s%wv#fv~!U2mLZXJmuXi53y^3Q;7`B>Bx-%lv_qy{2TXDGwV&v`@KcD`Pl(g+ z&mtn+VcHc)B%K{+KZ>Hnh>Eh3F^m`yDff6hbA3J^g@x0T-hW}?baHZX@OV6Pb8^D# z2EQU^&H`hB+(FKp2)yZPx48C0R2)H~;fveuHYm;^io@+lb-)pwZv zilPhwD#}VmP*zqG@ObzNKp-$JDG~C;WM_L_V(-~fR#p=j@PgPm1hfOI`Z=})nQI0a z9-inrHr{McCt%YZ6&ILo3nJd`T#~#2`Z$Fos0Cbq`M}8p{81Do22_-ljG(6{QVx=3 zeK~W;gW>o4C@3iCV>1bKBcDRuk7Qa;M#S(Q;O9sb3a|%Q35+!DHNc;d1h06xjp%Up z-AIyF3(yP{0;62V9C{GZ9%I^1A&FgAnf51EqGBtx_$cspxrD~h6|0u^ONQ4~c<6I7Iyw8yqN0aDp1RfIylD`Fl^ znNdYi-tnj?D;a>@1kl~xoidBza9Awc_E6VYRuo0)MH9W0w8!J|Gyxy!>gpsfZ*)x8 z?Ay1M{rk58HsP?vnl-Y3)wXRX$jh5J@Wnt^SEt*yq9{sAP*GMgfxWOP}9D$}~P|w!_Ulq*UeKhuaZFNi{lr zt)xAc<$V#LqoX4w^UB@bmb02yuk9^8QO#ixK;q+-+)M1OyUNLj=tWO>YoiLS^sAE`1`54?fYGB2zl%8mYykd^)K~TaKQ{f;BXygnnRD+3o;Uu#3^W3Z zku|tqHuh(mb0+|Q02<7F?L#VLeI2+9_#RR=5@SDTe0dd#q#f=v$7+EGkpdno%(2P9 zZ;h|DNI?)C9aPd96=fwO$jb7T1GKibx-+AbPAJq#YinyCn@MCYa04(CC;=9k{f{7G z699^l0us*ho)00z$}@mjNa@5IV(8P&M}hAkm7|J)O^6s5AO$iSfiD6Z`?_LYAx1070z*=+eI;3jVbkp}i92gIqNEKf%1TC1Sy|i!_Evyk zuz_$mGT0??6AniR1{+Mv-YPbe%8!srOs9e4z_n)oQbc$_gz8l!dIb@cWxxjz(JKXx z#L%akWr&zHoA&cSEAZhMe72Dij$N+4cDdS>h!8r}v>K2~R~Ua@Ln3OY?Ua*jMk3xN zfFFs{f7XxvSIj**HKm^=`fP4NqToZOT?IJv8wJSA#CCHJ|24-yAHzK>%CMoLtYi$9 zm0bZGwJeKZFqriI>+9>VEDN!bU6FJH(B}HThv*#bLg4pEImK5H0d{_yD-jWX40scX zoZU;CyKrjpOlC> z9F9;|SMMZuowF?O!X(cn4@3bH#Xbz&j0o}}*YOKT6g>wS+FpzZbv&HmQUM-MH2NG2 zdw{;in{BLpxp@p3Qhqlg-aGm^ryO`M67|jlzTi66&ZQzd)oh)_fE$r%fdC@*XL5*-4>0FO&mX7>l(852CAxxj|_Hgl5sMs4*~x~qQMQomw`_s8ND{YZxOzmVbV21IC|MV3RIYa#^Lw-@p`?z)t*A3P9l*Ap-_m{)|TGykOh0IWo1{SI6_vEgO_NwHONcH zIz+$~CF4+0Rx+NlvYJ3oPo$ja_o=b6J1fguJ_K3TN^0;US=@Ia(efhTcffn-o1CU7 z8H0+la>XE#b7Uc~)VA$_$K%OI=4Szp+P2+p*0SDfS>6{lGQJ|X9T`&hBS~=^5n)yo sMNt$*Q4~c{6h%=KMNt$*QIf;|0oYq{4cbK3ng9R*07*qoM6N<$f(vV!NB{r; literal 0 HcmV?d00001 diff --git a/src/cpu/intel/haswell/Makefile.inc b/src/cpu/intel/haswell/Makefile.inc index c317c09065..1fa71c9521 100644 --- a/src/cpu/intel/haswell/Makefile.inc +++ b/src/cpu/intel/haswell/Makefile.inc @@ -4,6 +4,8 @@ romstage-y += romstage.c romstage-y += tsc_freq.c romstage-y += ../car/romstage.c +postcar-y += tsc_freq.c + ramstage-y += acpi.c ramstage-$(CONFIG_CACHE_RELOCATED_RAMSTAGE_OUTSIDE_CBMEM) += stage_cache.c ramstage-$(CONFIG_HAVE_SMI_HANDLER) += smmrelocate.c diff --git a/src/cpu/intel/model_2065x/Makefile.inc b/src/cpu/intel/model_2065x/Makefile.inc index ec8643a204..043141ac18 100644 --- a/src/cpu/intel/model_2065x/Makefile.inc +++ b/src/cpu/intel/model_2065x/Makefile.inc @@ -12,6 +12,7 @@ subdirs-y += ../common ramstage-y += tsc_freq.c romstage-y += tsc_freq.c +postcar-y += tsc_freq.c smm-$(CONFIG_HAVE_SMI_HANDLER) += tsc_freq.c ramstage-y += acpi.c diff --git a/src/cpu/intel/model_206ax/Makefile.inc b/src/cpu/intel/model_206ax/Makefile.inc index d193e60a4c..e1fa87989c 100644 --- a/src/cpu/intel/model_206ax/Makefile.inc +++ b/src/cpu/intel/model_206ax/Makefile.inc @@ -19,6 +19,7 @@ smm-$(CONFIG_HAVE_SMI_HANDLER) += common.c ramstage-y += tsc_freq.c romstage-y += tsc_freq.c +postcar-y += tsc_freq.c smm-$(CONFIG_HAVE_SMI_HANDLER) += tsc_freq.c smm-$(CONFIG_HAVE_SMI_HANDLER) += finalize.c diff --git a/src/lib/cbfs.c b/src/lib/cbfs.c index a5c9f85238..3e2ccf3db4 100644 --- a/src/lib/cbfs.c +++ b/src/lib/cbfs.c @@ -26,6 +26,7 @@ #include #include #include "fmap_config.h" +#include #define ERROR(x...) printk(BIOS_ERR, "CBFS: " x) #define LOG(x...) printk(BIOS_INFO, "CBFS: " x) @@ -59,7 +60,12 @@ int cbfs_boot_locate(struct cbfsf *fh, const char *name, uint32_t *type) return -1; } - return cbfs_locate(fh, &rdev, name, type); + int ret = cbfs_locate(fh, &rdev, name, type); + if (!ret) + if (vboot_measure_cbfs_hook(fh, name)) + return -1; + + return ret; } void *cbfs_boot_map_with_leak(const char *name, uint32_t type, size_t *size) @@ -79,13 +85,13 @@ void *cbfs_boot_map_with_leak(const char *name, uint32_t type, size_t *size) } int cbfs_locate_file_in_region(struct cbfsf *fh, const char *region_name, - const char *name, uint32_t *type) + const char *name, uint32_t *type) { struct region_device rdev; if (fmap_locate_area_as_rdev(region_name, &rdev)) { LOG("%s region not found while looking for %s\n", - region_name, name); + region_name, name); return -1; } @@ -107,7 +113,7 @@ size_t cbfs_load_and_decompress(const struct region_device *rdev, size_t offset, case CBFS_COMPRESS_LZ4: if ((ENV_BOOTBLOCK || ENV_VERSTAGE) && - !IS_ENABLED(CONFIG_COMPRESS_PRERAM_STAGES)) + !IS_ENABLED(CONFIG_COMPRESS_PRERAM_STAGES)) return 0; /* Load the compressed image to the end of the available memory @@ -130,7 +136,7 @@ size_t cbfs_load_and_decompress(const struct region_device *rdev, size_t offset, if (ENV_ROMSTAGE && IS_ENABLED(CONFIG_POSTCAR_STAGE)) return 0; if ((ENV_ROMSTAGE || ENV_POSTCAR) - && !IS_ENABLED(CONFIG_COMPRESS_RAMSTAGE)) + && !IS_ENABLED(CONFIG_COMPRESS_RAMSTAGE)) return 0; void *map = rdev_mmap(rdev, offset, in_size); if (map == NULL) @@ -157,9 +163,9 @@ static inline int tohex4(unsigned int c) static void tohex16(unsigned int val, char *dest) { - dest[0] = tohex4(val>>12); - dest[1] = tohex4((val>>8) & 0xf); - dest[2] = tohex4((val>>4) & 0xf); + dest[0] = tohex4(val >> 12); + dest[1] = tohex4((val >> 8) & 0xf); + dest[2] = tohex4((val >> 4) & 0xf); dest[3] = tohex4(val & 0xf); } @@ -167,8 +173,8 @@ void *cbfs_boot_map_optionrom(uint16_t vendor, uint16_t device) { char name[17] = "pciXXXX,XXXX.rom"; - tohex16(vendor, name+3); - tohex16(device, name+8); + tohex16(vendor, name + 3); + tohex16(device, name + 8); return cbfs_boot_map_with_leak(name, CBFS_TYPE_OPTIONROM, NULL); } @@ -202,8 +208,9 @@ size_t cbfs_boot_load_file(const char *name, void *buf, size_t buf_size, return 0; if (cbfsf_decompression_info(&fh, &compression_algo, - &decompressed_size) < 0 - || decompressed_size > buf_size) + &decompressed_size) + < 0 + || decompressed_size > buf_size) return 0; return cbfs_load_and_decompress(&fh.data, 0, region_device_sz(&fh.data), @@ -249,7 +256,7 @@ int cbfs_prog_stage_load(struct prog *pstage) /* Hacky way to not load programs over read only media. The stages * that would hit this path initialize themselves. */ if (ENV_VERSTAGE && !IS_ENABLED(CONFIG_NO_XIP_EARLY_STAGES) && - IS_ENABLED(CONFIG_BOOT_DEVICE_MEMORY_MAPPED)) { + IS_ENABLED(CONFIG_BOOT_DEVICE_MEMORY_MAPPED)) { void *mapping = rdev_mmap(fh, foffset, fsize); rdev_munmap(fh, mapping); if (mapping == load) @@ -354,7 +361,7 @@ int cbfs_boot_region_properties(struct cbfs_props *props) continue; LOG("'%s' located CBFS at [%zx:%zx)\n", - ops->name, props->offset, props->offset + props->size); + ops->name, props->offset, props->offset + props->size); return 0; } diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c index 285f18dde2..b8ebf7b809 100644 --- a/src/security/tpm/tspi/tspi.c +++ b/src/security/tpm/tspi/tspi.c @@ -90,7 +90,6 @@ static uint32_t tpm_setup_s3_helper(void) default: printk(BIOS_ERR, "TPM: Resume failed (%#x).\n", result); break; - } return result; @@ -215,8 +214,6 @@ uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, if (result != TPM_SUCCESS) return result; - tcpa_log_add_table_entry(name, pcr, digest, digest_len); - return TPM_SUCCESS; } @@ -240,7 +237,7 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, } if (IS_ENABLED(CONFIG_TPM1)) hash_alg = VB2_HASH_SHA1; - else /* CONFIG_TPM2 */ + else /* CONFIG_TPM2 */ hash_alg = VB2_HASH_SHA256; digest_len = vb2_digest_size(hash_alg); @@ -258,7 +255,7 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, len = MIN(sizeof(buf), region_device_sz(rdev) - offset); if (rdev_readat(rdev, buf, offset, len) < 0) { printk(BIOS_ERR, "TPM: Not able to read region %s.\n", - rname); + rname); return TPM_E_READ_FAILURE; } if (vb2_digest_extend(&ctx, buf, len)) { diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig index a3e9b863cf..a382e670c4 100644 --- a/src/security/vboot/Kconfig +++ b/src/security/vboot/Kconfig @@ -26,6 +26,22 @@ config VBOOT if VBOOT +config VBOOT_MEASURED_BOOT + bool "Enable Measured Boot" + default n + depends on !VBOOT_MOCK_SECDATA + depends on !VBOOT_RETURN_FROM_VERSTAGE + help + Enables measured boot mode in vboot (experimental) + +config VBOOT_MEASURED_BOOT_RUNTIME_DATA + string "Runtime data whitelist" + default "" + depends on VBOOT_MEASURED_BOOT + help + Runtime data whitelist of cbfs filenames. Needs to be a comma separated + list + config VBOOT_SLOTS_RW_A bool "Firmware RO + RW_A" help @@ -37,7 +53,6 @@ config VBOOT_SLOTS_RW_AB help Have two update partitions beside the RO partition. - config VBOOT_VBNV_CMOS bool default n diff --git a/src/security/vboot/Makefile.inc b/src/security/vboot/Makefile.inc index 0c32d94fab..6d2096ddb0 100644 --- a/src/security/vboot/Makefile.inc +++ b/src/security/vboot/Makefile.inc @@ -69,6 +69,13 @@ romstage-y += vboot_common.c ramstage-y += vboot_common.c postcar-y += vboot_common.c +ifeq ($(CONFIG_VBOOT_MEASURED_BOOT),y) +verstage-y += vboot_crtm.c +romstage-y += vboot_crtm.c +ramstage-y += vboot_crtm.c +postcar-y += vboot_crtm.c +endif + bootblock-y += common.c verstage-y += vboot_logic.c verstage-y += common.c diff --git a/src/security/vboot/vboot_crtm.c b/src/security/vboot/vboot_crtm.c new file mode 100644 index 0000000000..768986f5cc --- /dev/null +++ b/src/security/vboot/vboot_crtm.c @@ -0,0 +1,144 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2018 Facebook Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include +#include +#include +#include + +uint32_t vboot_init_crtm(void) +{ + struct prog bootblock = PROG_INIT(PROG_BOOTBLOCK, "bootblock"); + struct prog verstage = + PROG_INIT(PROG_VERSTAGE, CONFIG_CBFS_PREFIX "/verstage"); + struct prog romstage = + PROG_INIT(PROG_ROMSTAGE, CONFIG_CBFS_PREFIX "/romstage"); + + /* measure bootblock from RO */ + struct cbfsf bootblock_data; + struct region_device bootblock_fmap; + if (fmap_locate_area_as_rdev("BOOTBLOCK", &bootblock_fmap) == 0) { + if (tpm_measure_region(&bootblock_fmap, + TPM_CRTM_PCR, + prog_name(&bootblock))) + return VB2_ERROR_UNKNOWN; + } else { + if (cbfs_boot_locate(&bootblock_data, + prog_name(&bootblock), NULL) == 0) { + cbfs_file_data(prog_rdev(&bootblock), &bootblock_data); + + if (tpm_measure_region(prog_rdev(&bootblock), + TPM_CRTM_PCR, + prog_name(&bootblock))) + return VB2_ERROR_UNKNOWN; + } else { + printk(BIOS_INFO, + "VBOOT: Couldn't measure bootblock into CRTM!\n"); + return VB2_ERROR_UNKNOWN; + } + } + + if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) { + struct cbfsf romstage_data; + /* measure romstage from RO */ + if (cbfs_boot_locate(&romstage_data, + prog_name(&romstage), NULL) == 0) { + cbfs_file_data(prog_rdev(&romstage), &romstage_data); + + if (tpm_measure_region(prog_rdev(&romstage), + TPM_CRTM_PCR, + CONFIG_CBFS_PREFIX "/romstage")) + return VB2_ERROR_UNKNOWN; + } else { + printk(BIOS_INFO, + "VBOOT: Couldn't measure %s into CRTM!\n", + CONFIG_CBFS_PREFIX "/romstage"); + return VB2_ERROR_UNKNOWN; + } + } + + if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) { + struct cbfsf verstage_data; + /* measure verstage from RO */ + if (cbfs_boot_locate(&verstage_data, + prog_name(&verstage), NULL) == 0) { + cbfs_file_data(prog_rdev(&verstage), &verstage_data); + + if (tpm_measure_region(prog_rdev(&verstage), + TPM_CRTM_PCR, + CONFIG_CBFS_PREFIX "/verstage")) + return VB2_ERROR_UNKNOWN; + } else { + printk(BIOS_INFO, + "VBOOT: Couldn't measure %s into CRTM!\n", + CONFIG_CBFS_PREFIX "/verstage"); + return VB2_ERROR_UNKNOWN; + } + } + + return VB2_SUCCESS; +} + +static bool is_runtime_data(const char *name) +{ + const char *whitelist = CONFIG_VBOOT_MEASURED_BOOT_RUNTIME_DATA; + size_t whitelist_len = sizeof(CONFIG_VBOOT_MEASURED_BOOT_RUNTIME_DATA) - 1; + size_t name_len = strlen(name); + int i; + + if (!whitelist_len || !name_len) + return false; + + for (i = 0; (i + name_len) <= whitelist_len; i++) { + if (!strcmp(whitelist + i, name)) + return true; + } + + return false; +} + +uint32_t vboot_measure_cbfs_hook(struct cbfsf *fh, const char *name) +{ + uint32_t pcr_index; + uint32_t cbfs_type; + struct region_device rdev; + + if (!vb2_logic_executed()) + return 0; + + cbfsf_file_type(fh, &cbfs_type); + cbfs_file_data(&rdev, fh); + + switch (cbfs_type) { + case CBFS_TYPE_MRC: + case CBFS_TYPE_MRC_CACHE: + pcr_index = TPM_RUNTIME_DATA_PCR; + break; + case CBFS_TYPE_STAGE: + case CBFS_TYPE_SELF: + case CBFS_TYPE_FIT: + pcr_index = TPM_CRTM_PCR; + break; + default: + if (is_runtime_data(name)) + pcr_index = TPM_RUNTIME_DATA_PCR; + else + pcr_index = TPM_CRTM_PCR; + break; + } + + return tpm_measure_region(&rdev, pcr_index, + name); +} diff --git a/src/security/vboot/vboot_crtm.h b/src/security/vboot/vboot_crtm.h new file mode 100644 index 0000000000..84ee9e63b5 --- /dev/null +++ b/src/security/vboot/vboot_crtm.h @@ -0,0 +1,62 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2018 Facebook Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef __SECURITY_VBOOT_CRTM_H__ +#define __SECURITY_VBOOT_CRTM_H__ + +#include +#include +#include +#include + +/* CRTM */ +#define TPM_CRTM_PCR 2 + +/* PCR for measuring data which changes during runtime + * e.g. CMOS, NVRAM... + */ +#define TPM_RUNTIME_DATA_PCR 3 + +/* + * Initializes the Core Root of Trust for Measurements + * in coreboot. The initial code in a chain of trust must measure + * itself. + * + * Summary: + * + Measures bootblock in CBFS or BOOTBLOCK FMAP partition. + * + If vboot starts in romstage, it measures the romstage + * in CBFS. + * + Measure the verstage if it is compiled as separate + * stage. + * + * Takes the current vboot context as parameter for s3 checks. + * returns on success VB2_SUCCESS, else a vboot error. + */ +uint32_t vboot_init_crtm(void); + +#if (IS_ENABLED(CONFIG_VBOOT_MEASURED_BOOT) && \ +!ENV_BOOTBLOCK && !ENV_DECOMPRESSOR && !ENV_SMM) +/* + * Measures cbfs data via hook (cbfs) + * fh is the cbfs file handle to measure + * return 0 if successful, else an error + */ +uint32_t vboot_measure_cbfs_hook(struct cbfsf *fh, const char *name); + +#else +#define vboot_measure_cbfs_hook(fh, name) 0 +#endif + +#endif /* __VBOOT_VBOOT_CRTM_H__ */ diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index 1b241600d4..00bbae6204 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "antirollback.h" @@ -86,24 +87,21 @@ int vb2ex_read_resource(struct vb2_context *ctx, } /* No-op stubs that can be overridden by SoCs with hardware crypto support. */ -__weak -int vb2ex_hwcrypto_digest_init(enum vb2_hash_algorithm hash_alg, - uint32_t data_size) +__weak int vb2ex_hwcrypto_digest_init(enum vb2_hash_algorithm hash_alg, + uint32_t data_size) { return VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED; } -__weak -int vb2ex_hwcrypto_digest_extend(const uint8_t *buf, uint32_t size) +__weak int vb2ex_hwcrypto_digest_extend(const uint8_t *buf, uint32_t size) { - BUG(); /* Should never get called if init() returned an error. */ + BUG(); /* Should never get called if init() returned an error. */ return VB2_ERROR_UNKNOWN; } -__weak -int vb2ex_hwcrypto_digest_finalize(uint8_t *digest, uint32_t digest_size) +__weak int vb2ex_hwcrypto_digest_finalize(uint8_t *digest, uint32_t digest_size) { - BUG(); /* Should never get called if init() returned an error. */ + BUG(); /* Should never get called if init() returned an error. */ return VB2_ERROR_UNKNOWN; } @@ -249,7 +247,7 @@ static int hash_body(struct vb2_context *ctx, struct region_device *fw_main) } static int locate_firmware(struct vb2_context *ctx, - struct region_device *fw_main) + struct region_device *fw_main) { const char *name; @@ -281,7 +279,7 @@ static void save_if_needed(struct vb2_context *ctx) static uint32_t extend_pcrs(struct vb2_context *ctx) { return vboot_extend_pcr(ctx, 0, BOOT_MODE_PCR) || - vboot_extend_pcr(ctx, 1, HWID_DIGEST_PCR); + vboot_extend_pcr(ctx, 1, HWID_DIGEST_PCR); } /** @@ -309,7 +307,7 @@ void verstage_main(void) * does verification of memory init and thus must ensure it resumes with * the same slot that it booted from. */ if (IS_ENABLED(CONFIG_RESUME_PATH_SAME_AS_BOOT) && - vboot_platform_is_resuming()) + vboot_platform_is_resuming()) ctx.flags |= VB2_CONTEXT_S3_RESUME; /* Read secdata from TPM. Initialize TPM if secdata not found. We don't @@ -319,8 +317,15 @@ void verstage_main(void) antirollback_read_space_firmware(&ctx); timestamp_add_now(TS_END_TPMINIT); + /* Enable measured boot mode */ + if (IS_ENABLED(CONFIG_VBOOT_MEASURED_BOOT) && + !(ctx.flags & VB2_CONTEXT_S3_RESUME)) { + if (vboot_init_crtm() != VB2_SUCCESS) + die("Initializing measured boot mode failed!"); + } + if (IS_ENABLED(CONFIG_VBOOT_PHYSICAL_DEV_SWITCH) && - get_developer_mode_switch()) + get_developer_mode_switch()) ctx.flags |= VB2_CONTEXT_FORCE_DEVELOPER_MODE; if (get_recovery_mode_switch()) { @@ -330,7 +335,7 @@ void verstage_main(void) } if (IS_ENABLED(CONFIG_VBOOT_WIPEOUT_SUPPORTED) && - get_wipeout_mode_switch()) + get_wipeout_mode_switch()) ctx.flags |= VB2_CONTEXT_FORCE_WIPEOUT_MODE; if (IS_ENABLED(CONFIG_VBOOT_LID_SWITCH) && !get_lid_switch()) @@ -350,7 +355,7 @@ void verstage_main(void) if (rv == VB2_ERROR_API_PHASE1_RECOVERY) { printk(BIOS_INFO, "Recovery requested (%x)\n", rv); save_if_needed(&ctx); - extend_pcrs(&ctx); /* ignore failures */ + extend_pcrs(&ctx); /* ignore failures */ timestamp_add_now(TS_END_VBOOT); return; } diff --git a/src/soc/amd/stoneyridge/Makefile.inc b/src/soc/amd/stoneyridge/Makefile.inc index 0f6290bc49..d553e8cda3 100644 --- a/src/soc/amd/stoneyridge/Makefile.inc +++ b/src/soc/amd/stoneyridge/Makefile.inc @@ -89,6 +89,7 @@ postcar-y += ramtop.c postcar-y += sb_util.c postcar-y += nb_util.c postcar-$(CONFIG_VBOOT_MEASURED_BOOT) += i2c.c +postcar-y += tsc_freq.c ramstage-y += BiosCallOuts.c ramstage-y += i2c.c diff --git a/src/soc/intel/baytrail/Makefile.inc b/src/soc/intel/baytrail/Makefile.inc index 1debea9e2a..0d4bac5140 100644 --- a/src/soc/intel/baytrail/Makefile.inc +++ b/src/soc/intel/baytrail/Makefile.inc @@ -14,6 +14,7 @@ romstage-y += memmap.c postcar-y += memmap.c ramstage-y += tsc_freq.c romstage-y += tsc_freq.c +postcar-y += tsc_freq.c smm-y += tsc_freq.c ramstage-y += spi.c smm-y += spi.c diff --git a/src/soc/intel/braswell/Makefile.inc b/src/soc/intel/braswell/Makefile.inc index fabbc2bc61..d5fe1abb66 100644 --- a/src/soc/intel/braswell/Makefile.inc +++ b/src/soc/intel/braswell/Makefile.inc @@ -16,6 +16,8 @@ romstage-y += memmap.c romstage-y += pmutil.c romstage-y += tsc_freq.c +postcar-y += tsc_freq.c + ramstage-y += acpi.c ramstage-y += chip.c ramstage-y += cpu.c diff --git a/src/soc/intel/broadwell/Makefile.inc b/src/soc/intel/broadwell/Makefile.inc index acb71fe7d7..1caf67adf4 100644 --- a/src/soc/intel/broadwell/Makefile.inc +++ b/src/soc/intel/broadwell/Makefile.inc @@ -61,6 +61,7 @@ ramstage-y += systemagent.c ramstage-y += tsc_freq.c romstage-y += tsc_freq.c smm-y += tsc_freq.c +postcar-y += tsc_freq.c bootblock-$(CONFIG_USBDEBUG) += usb_debug.c romstage-$(CONFIG_USBDEBUG) += usb_debug.c ramstage-$(CONFIG_USBDEBUG) += usb_debug.c diff --git a/src/soc/intel/fsp_baytrail/Makefile.inc b/src/soc/intel/fsp_baytrail/Makefile.inc index d8c4f71c32..5ed635d943 100644 --- a/src/soc/intel/fsp_baytrail/Makefile.inc +++ b/src/soc/intel/fsp_baytrail/Makefile.inc @@ -32,6 +32,7 @@ ramstage-y += memmap.c romstage-y += memmap.c ramstage-y += tsc_freq.c romstage-y += tsc_freq.c +postcar-y += tsc_freq.c smm-$(CONFIG_HAVE_SMI_HANDLER) += tsc_freq.c ramstage-y += spi.c smm-$(CONFIG_HAVE_SMI_HANDLER) += spi.c diff --git a/src/soc/intel/fsp_broadwell_de/Makefile.inc b/src/soc/intel/fsp_broadwell_de/Makefile.inc index 26653b602d..0a23170d0c 100644 --- a/src/soc/intel/fsp_broadwell_de/Makefile.inc +++ b/src/soc/intel/fsp_broadwell_de/Makefile.inc @@ -24,6 +24,7 @@ ramstage-y += acpi.c ramstage-y += smbus_common.c ramstage-y += smbus.c romstage-y += tsc_freq.c +postcar-y += tsc_freq.c ramstage-y += smi.c ramstage-y += gpio.c ramstage-y += iou_complto.c diff --git a/src/soc/mediatek/mt8183/include/soc/memlayout.ld b/src/soc/mediatek/mt8183/include/soc/memlayout.ld index a547083ebd..e01dd1c2ae 100644 --- a/src/soc/mediatek/mt8183/include/soc/memlayout.ld +++ b/src/soc/mediatek/mt8183/include/soc/memlayout.ld @@ -39,7 +39,7 @@ SECTIONS SRAM_END(0x00120000) SRAM_L2C_START(0x00200000) - OVERLAP_DECOMPRESSOR_ROMSTAGE(0x000201000, 110K) + OVERLAP_DECOMPRESSOR_ROMSTAGE(0x000201000, 152K) BOOTBLOCK(0x00227000, 89K) VERSTAGE(0x0023E000, 114K) SRAM_L2C_END(0x00280000) diff --git a/util/abuild/abuild b/util/abuild/abuild index 9afd3644b7..d32b16d922 100755 --- a/util/abuild/abuild +++ b/util/abuild/abuild @@ -717,7 +717,7 @@ while true ; do chromeos=true testclass=chromeos customizing="${customizing}, chrome os" - configoptions="${configoptions}CONFIG_CHROMEOS=y\n" + configoptions="${configoptions}CONFIG_CHROMEOS=y\nCONFIG_VBOOT_MEASURED_BOOT=y\n" ;; -X|--xmlfile) shift; XMLFILE=$1; REAL_XMLFILE=$1; shift;; -I|--recursive) shift; recursive=true;;