[coreboot-gerrit] Patch set updated for coreboot: b1c7330 chromeos: vboot2: Add TPM PCR extension support

Patrick Georgi (pgeorgi@google.com) gerrit at coreboot.org
Mon Apr 20 10:08:13 CEST 2015 

Patrick Georgi (pgeorgi at google.com) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/9706

-gerrit

commit b1c733009c82a131758d6eabe6768568c96c7e3c
Author: Julius Werner <jwerner at chromium.org>
Date:   Fri Jan 30 18:45:27 2015 -0800

    chromeos: vboot2: Add TPM PCR extension support
    
    ChromeOS/vboot devices expect the TPM PCRs 0 and 1 to be extended with
    digests that attest the chosen boot mode (developer/recovery) and the
    HWID in a secure way. This patch uses the newly added vboot2 support
    functions to fetch these digests and store them in the TPM.
    
    CQ-DEPEND=CL:244542
    BRANCH=veyron
    BUG=chromium:451609
    TEST=Booted Jerry. Confirmed that PCR0 contains the same value as on my
    vboot1 Blaze and Falco (and PCR1 contains some non-zero hash).
    
    Original-Change-Id: I7037b8198c09fccee5440c4c85f0821166784cec
    Original-Signed-off-by: Julius Werner <jwerner at chromium.org>
    Original-Reviewed-on: https://chromium-review.googlesource.com/245119
    Original-Reviewed-by: Aaron Durbin <adurbin at chromium.org>
    Original-Reviewed-by: Daisuke Nojiri <dnojiri at chromium.org>
    
    (cherry picked from commit 8b44e13098cb7493091f2ce6c4ab423f2cbf0177)
    Signed-off-by: Aaron Durbin <adurbin at chromium.org>
    
    Change-Id: I549de8c07353683633fbf73e4ee62ba0ed72ff89
---
 src/include/antirollback.h                           |  7 +++++++
 src/lib/tlcl.c                                       |  5 +++--
 src/vendorcode/google/chromeos/vboot2/antirollback.c | 17 +++++++++++++++++
 src/vendorcode/google/chromeos/vboot2/verstage.c     | 15 +++++++++++++++
 4 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/src/include/antirollback.h b/src/include/antirollback.h
index 942793a..5ba36f7 100644
--- a/src/include/antirollback.h
+++ b/src/include/antirollback.h
@@ -12,6 +12,7 @@
 #include "tpm_lite/tss_constants.h"
 
 struct vb2_context;
+enum vb2_pcr_digest;
 
 /* TPM NVRAM location indices. */
 #define FIRMWARE_NV_INDEX               0x1007
@@ -51,6 +52,12 @@ uint32_t antirollback_lock_space_firmware(void);
  */
 
 /**
+ * Ask vboot for a digest and extend a TPM PCR with it.
+ */
+uint32_t tpm_extend_pcr(struct vb2_context *ctx, int pcr,
+			enum vb2_pcr_digest which_digest);
+
+/**
  * Issue a TPM_Clear and reenable/reactivate the TPM.
  */
 uint32_t tpm_clear_and_reenable(void);
diff --git a/src/lib/tlcl.c b/src/lib/tlcl.c
index c37b51a..ccf4e80 100644
--- a/src/lib/tlcl.c
+++ b/src/lib/tlcl.c
@@ -320,7 +320,8 @@ uint32_t tlcl_extend(int pcr_num, const uint8_t* in_digest,
 	if (result != TPM_SUCCESS)
 		return result;
 
-	memcpy(out_digest, response + kTpmResponseHeaderLength,
-	       kPcrDigestLength);
+	if (out_digest)
+		memcpy(out_digest, response + kTpmResponseHeaderLength,
+		       kPcrDigestLength);
 	return result;
 }
diff --git a/src/vendorcode/google/chromeos/vboot2/antirollback.c b/src/vendorcode/google/chromeos/vboot2/antirollback.c
index f420d16..407b19c 100644
--- a/src/vendorcode/google/chromeos/vboot2/antirollback.c
+++ b/src/vendorcode/google/chromeos/vboot2/antirollback.c
@@ -35,6 +35,23 @@
 		}							\
 	} while (0)
 
+
+uint32_t tpm_extend_pcr(struct vb2_context *ctx, int pcr,
+			enum vb2_pcr_digest which_digest)
+{
+	uint8_t buffer[VB2_PCR_DIGEST_RECOMMENDED_SIZE];
+	uint32_t size = sizeof(buffer);
+	int rv;
+
+	rv = vb2api_get_pcr_digest(ctx, which_digest, buffer, &size);
+	if (rv != VB2_SUCCESS)
+		return rv;
+	if (size < TPM_PCR_DIGEST)
+		return VB2_ERROR_UNKNOWN;
+
+	return tlcl_extend(pcr, buffer, NULL);
+}
+
 uint32_t tpm_clear_and_reenable(void)
 {
 	VBDEBUG("TPM: Clear and re-enable\n");
diff --git a/src/vendorcode/google/chromeos/vboot2/verstage.c b/src/vendorcode/google/chromeos/vboot2/verstage.c
index 06d76fe..0ce4e89 100644
--- a/src/vendorcode/google/chromeos/vboot2/verstage.c
+++ b/src/vendorcode/google/chromeos/vboot2/verstage.c
@@ -205,6 +205,12 @@ static void save_if_needed(struct vb2_context *ctx)
 	}
 }
 
+static uint32_t extend_pcrs(struct vb2_context *ctx)
+{
+	return tpm_extend_pcr(ctx, 0, BOOT_MODE_PCR) ||
+	       tpm_extend_pcr(ctx, 1, HWID_DIGEST_PCR);
+}
+
 /**
  * Verify and select the firmware in the RW image
  *
@@ -248,6 +254,7 @@ void verstage_main(void)
 		printk(BIOS_INFO, "Recovery requested (%x)\n", rv);
 		/* If we need recovery mode, leave firmware selection now */
 		save_if_needed(&ctx);
+		extend_pcrs(&ctx);	/* ignore failures */
 		timestamp_add_now(TS_END_VBOOT);
 		return;
 	}
@@ -284,6 +291,14 @@ void verstage_main(void)
 		vboot_reboot();
 	}
 
+	rv = extend_pcrs(&ctx);
+	if (rv) {
+		printk(BIOS_WARNING, "Failed to extend TPM PCRs (%#x)\n", rv);
+		vb2api_fail(&ctx, VB2_RECOVERY_RO_TPM_U_ERROR, rv);
+		save_if_needed(&ctx);
+		vboot_reboot();
+	}
+
 	/* Lock TPM */
 	rv = antirollback_lock_space_firmware();
 	if (rv) {

More information about the coreboot-gerrit mailing list