Change in coreboot[master]: security/vboot: Extend measurements for all execution flows - coreboot-gerrit

5 Mar 2018

Philipp Deppenwiese has uploaded this change for review. ( https://review.coreboot.org/24993
Change subject: security/vboot: Extend measurements for all execution flows
......................................................................
security/vboot: Extend measurements for all execution flows
* Implement blob_hook_region_device for blob
  measurements.
* Move PCR defines for measured boot into
  secdata_measurements.c
Change-Id: I3ddfeabd63aefec152a9bc439a415c37b814f94f
Signed-off-by: zaolin zaolin@das-labor.org
---
M src/security/tpm/tspi.h
M src/security/vboot/secdata_measurements.c
2 files changed, 81 insertions(+), 38 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/93/24993/1

diff --git a/src/security/tpm/tspi.h b/src/security/tpm/tspi.h
index 775311e..bf2b7ae 100644
--- a/src/security/tpm/tspi.h
+++ b/src/security/tpm/tspi.h
@@ -21,34 +21,6 @@
#define TPM_PCR_MAX_LENGTH 64
-// PCR Registers used by coreboot
-#define TPM_BOOTBLOCK_PCR 0
-#define TPM_STAGE_VERSTAGE_PCR 0
-#define TPM_STAGE_ROMSTAGE_PCR 1
-#define TPM_STAGE_POSTCAR_PCR 2
-#define TPM_STAGE_RAMSTAGE_PCR 2
-#define TPM_PAYLOAD_PCR 3
-#define TPM_FW_MAIN 1
-
-// Vendor / Platform specific
-#define TPM_INTEL_FSP_PCR 1
-#define TPM_INTEL_FSPM_PCR 1
-#define TPM_INTEL_FSPS_PCR 1
-#define TPM_INTEL_NHLT_PCR 1
-#define TPM_ARM_BL31_PCR 2
-#define TPM_ARM_BL32_PCR 2
-#define TPM_VGA_OPTION_ROM_PCR 2
-#define TPM_SPD_DATA_PCR 1
-#define TPM_AMD_PSP_PCR 1
-#define TPM_AMD_AGESA_PCR 1
-#define TPM_NVIDIA_MTC_PCR 1
-#define TPM_VBT_PCR 2
-#define TPM_MICROCODE_PCR 1
-
-// special
-#define TPM_UNKNOWN_PCR 4
-
-
 /**
  * TPM measurement with acpi log functionality based on binary data.
  */
diff --git a/src/security/vboot/secdata_measurements.c b/src/security/vboot/secdata_measurements.c
index 9111ffa..14b5c27 100644
--- a/src/security/vboot/secdata_measurements.c
+++ b/src/security/vboot/secdata_measurements.c
@@ -14,11 +14,30 @@
  */
#include "antirollback.h"
+#include <blob_provider.h>
 #include <cbfs.h>
-#include <fmap.h>
 #include <console/console.h>
+#include <fmap.h>
 #include <security/tpm/tspi.h>
+// CRTM
+#define TPM_BOOTBLOCK_PCR 0
+#define TPM_STAGE_VERSTAGE_PCR 0
+#define TPM_STAGE_ROMSTAGE_PCR 0
+
+// Soc Init
+#define TPM_STAGE_POSTCAR_PCR 1
+#define TPM_STAGE_RAMSTAGE_PCR 1
+#define TPM_INTEL_FSP_PCR 1
+
+// Payload
+#define TPM_PAYLOAD_PCR 3
+#define TPM_ARM_BL31_PCR 3
+#define TPM_ARM_BL32_PCR 3
+
+// Unknown
+#define TPM_UNKNOWN_PCR 4
+
 uint32_t vboot_measure_crtm(void)
 {
    struct prog bootblock = PROG_INIT(PROG_BOOTBLOCK, "bootblock");
@@ -29,19 +48,17 @@
/* measure bootblock from RO */
    struct cbfsf bootblock_data;
-	if (!cbfs_boot_locate(&bootblock_data, prog_name(&bootblock), NULL)) {
+	if (cbfs_boot_locate(&bootblock_data, prog_name(&bootblock), NULL) ==
+	    0) {
    	cbfs_file_data(prog_rdev(&bootblock), &bootblock_data);
if (tpm_measure_region(TPM_BOOTBLOCK_PCR, prog_rdev(&bootblock),
    			       "bootblock")) {
    		return VB2_ERROR_UNKNOWN;
    	}
-
-		printk(BIOS_INFO, "VBOOT: Couldn't measure %s into CRTM!",
-		       "bootblock");
    } else {
    	struct region_device fmap;
-		if (!fmap_locate_area_as_rdev("BOOTBLOCK", &fmap)) {
+		if (fmap_locate_area_as_rdev("BOOTBLOCK", &fmap) == 0) {
    		if (tpm_measure_region(TPM_BOOTBLOCK_PCR, &fmap,
    				       "bootblock")) {
    			return VB2_ERROR_UNKNOWN;
@@ -56,8 +73,8 @@
    if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE)) {
    	struct cbfsf romstage_data;
    	/* measure verstage from RO */
-		if (!cbfs_boot_locate(&romstage_data, prog_name(&romstage),
-				      NULL)) {
+		if (cbfs_boot_locate(&romstage_data, prog_name(&romstage),
+				     NULL) == 0) {
    		cbfs_file_data(prog_rdev(&romstage), &romstage_data);
if (tpm_measure_region(TPM_STAGE_ROMSTAGE_PCR,
@@ -76,8 +93,8 @@
    if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) {
    	struct cbfsf verstage_data;
    	/* measure verstage from RO */
-		if (!cbfs_boot_locate(&verstage_data, prog_name(&verstage),
-				      NULL)) {
+		if (cbfs_boot_locate(&verstage_data, prog_name(&verstage),
+				     NULL) == 0) {
    		cbfs_file_data(prog_rdev(&verstage), &verstage_data);
if (tpm_measure_region(TPM_STAGE_VERSTAGE_PCR,
@@ -146,3 +163,57 @@
    	break;
    }
 }
+
+int blob_hook_region_device(const struct blob_locator locator,
+			    const struct region_device *data)
+{
+	int pcr_index = TPM_UNKNOWN_PCR;
+
+	switch (locator.id) {
+	case ID_DATA_BOOTSPLASH:
+	case ID_DATA_ACPI_SLIC:
+	case ID_DATA_ACPI_DSDT:
+	case ID_DATA_ACPI_SSDT:
+		pcr_index = 2;
+		break;
+	case ID_DATA_MICROCODE:
+	case ID_DATA_MICROCODE_RMU:
+	case ID_DATA_MRC_CACHE:
+	case ID_DATA_MRC_CACHE_RW_REGION:
+		pcr_index = 1;
+		break;
+	case ID_DATA_VGA_VBT:
+	case ID_DATA_NVRAM_CMOS_LAYOUT:
+	case ID_DATA_NVRAM_CMOS_DEFAULT:
+	case ID_DATA_NVRAM_VPD:
+	case ID_DATA_SIEMENS_HWLIB:
+	case ID_DATA_SPD:
+	case ID_DATA_MAC:
+	case ID_DATA_AMD_S3NV:
+	case ID_DATA_NVRAM_VPD_RO_REGION:
+		pcr_index = 2;
+		break;
+	case ID_CODE_AMD_AGESA:
+	case ID_CODE_AMD_AGESA_PRE_MEM:
+	case ID_CODE_AMD_AGESA_POST_MEM:
+	case ID_CODE_AMD_PSP:
+	case ID_CODE_INTEL_MRC:
+	case ID_CODE_INTEL_FSP_S:
+	case ID_CODE_INTEL_FSP_M:
+	case ID_CODE_INTEL_MMA:
+	case ID_CODE_NVIDIA_MTC:
+	case ID_CODE_QUALCOMM_CDT:
+	case ID_CODE_QUALCOMM_DDR:
+	case ID_CODE_QUALCOMM_TZ:
+	case ID_CODE_QUALCOMM_RPM:
+		pcr_index = 1;
+		break;
+	}
+
+	if (tpm_measure_region(pcr_index, data, locator.cbfs_name) !=
+	    TPM_SUCCESS) {
+		return -1;
+	}
+
+	return 0;
+}
-- 
To view, visit https://review.coreboot.org/24993
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I3ddfeabd63aefec152a9bc439a415c37b814f94f
Gerrit-Change-Number: 24993
Gerrit-PatchSet: 1
Gerrit-Owner: Philipp Deppenwiese zaolin.daisuki@gmail.com



    