[coreboot-gerrit] Change in coreboot[master]: security/vboot: Interface FSP 2.0 mrc caching

Philipp Deppenwiese (Code Review) gerrit at coreboot.org
Tue Feb 27 22:17:59 CET 2018 

Philipp Deppenwiese has uploaded this change for review. ( https://review.coreboot.org/24904


Change subject: security/vboot: Interface FSP 2.0 mrc caching
......................................................................

security/vboot: Interface FSP 2.0 mrc caching

Change-Id: I41a458186c7981adaf3fea8974adec2ca8668f14
Signed-off-by: Philipp Deppenwiese <zaolin at das-labor.org>
---
A src/drivers/intel/fsp2_0/include/fsp/memory_init.h
M src/drivers/intel/fsp2_0/memory_init.c
A src/security/vboot/mrc_cache_hash_tpm.c
3 files changed, 148 insertions(+), 95 deletions(-)



  git pull ssh://review.coreboot.org:29418/coreboot refs/changes/04/24904/1

diff --git a/src/drivers/intel/fsp2_0/include/fsp/memory_init.h b/src/drivers/intel/fsp2_0/include/fsp/memory_init.h
new file mode 100644
index 0000000..2f21019
--- /dev/null
+++ b/src/drivers/intel/fsp2_0/include/fsp/memory_init.h
@@ -0,0 +1,30 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2018 Facebook Inc
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ */
+
+#ifndef _FSP2_0_MEMORY_INIT_H_
+#define _FSP2_0_MEMORY_INIT_H_
+
+/*
+ * Updates mrc cache hash if it differs.
+ */
+void mrc_cache_update_hash(const uint8_t *data, size_t size);
+
+/*
+ * Verifies mrc cache hash which is stored somewhere.
+ * return 1 verification was successful and 0 for error.
+ */
+int mrc_cache_verify_hash(const uint8_t *data, size_t size);
+
+#endif /* _FSP2_0_MEMORY_INIT_H_ */
diff --git a/src/drivers/intel/fsp2_0/memory_init.c b/src/drivers/intel/fsp2_0/memory_init.c
index aa5909f..3dafa00 100644
--- a/src/drivers/intel/fsp2_0/memory_init.c
+++ b/src/drivers/intel/fsp2_0/memory_init.c
@@ -31,62 +31,19 @@
 #include <string.h>
 #include <symbols.h>
 #include <timestamp.h>
-#include <security/tpm/tspi.h>
 #include <security/vboot/vboot_common.h>
 #include <vb2_api.h>
+#include <fsp/memory_init.h>
 
-static void mrc_cache_update_tpm_hash(const uint8_t *data, size_t size)
+__attribute__((weak)) void mrc_cache_update_hash(const uint8_t *data,
+						 size_t size)
 {
-	uint8_t data_hash[VB2_SHA256_DIGEST_SIZE];
-	static const uint8_t dead_hash[VB2_SHA256_DIGEST_SIZE] = {
-		0xba, 0xad, 0xda, 0x1a, /* BAADDA1A */
-		0xde, 0xad, 0xde, 0xad, /* DEADDEAD */
-		0xde, 0xad, 0xda, 0x1a, /* DEADDA1A */
-		0xba, 0xad, 0xba, 0xad, /* BAADBAAD */
-		0xba, 0xad, 0xda, 0x1a, /* BAADDA1A */
-		0xde, 0xad, 0xde, 0xad, /* DEADDEAD */
-		0xde, 0xad, 0xda, 0x1a, /* DEADDA1A */
-		0xba, 0xad, 0xba, 0xad, /* BAADBAAD */
-	};
-	const uint8_t *hash_ptr = data_hash;
+}
 
-	/* We do not store normal mode data hash in TPM. */
-	if (!vboot_recovery_mode_enabled())
-		return;
-
-	/* Bail out early if no mrc hash space is supported in TPM. */
-	if (!IS_ENABLED(CONFIG_FSP2_0_USES_TPM_MRC_HASH))
-		return;
-
-	/* Initialize TPM driver. */
-	if (tlcl_lib_init() != VB2_SUCCESS) {
-		printk(BIOS_ERR, "MRC: TPM driver initialization failed.\n");
-		return;
-	}
-
-	/* Calculate hash of data generated by MRC. */
-	if (vb2_digest_buffer(data, size, VB2_HASH_SHA256, data_hash,
-			      sizeof(data_hash))) {
-		printk(BIOS_ERR, "MRC: SHA-256 calculation failed for data. "
-		       "Not updating TPM hash space.\n");
-		/*
-		 * Since data is being updated in recovery cache, the hash
-		 * currently stored in TPM recovery hash space is no longer
-		 * valid. If we are not able to calculate hash of the data being
-		 * updated, reset all the bits in TPM recovery hash space to
-		 * pre-defined hash pattern.
-		 */
-		hash_ptr = dead_hash;
-	}
-
-	/* Write hash of data to TPM space. */
-	if (antirollback_write_space_rec_hash(hash_ptr, VB2_SHA256_DIGEST_SIZE)
-	    != TPM_SUCCESS) {
-		printk(BIOS_ERR, "MRC: Could not save hash to TPM.\n");
-		return;
-	}
-
-	printk(BIOS_INFO, "MRC: TPM MRC hash updated successfully.\n");
+__attribute__((weak)) int mrc_cache_verify_hash(const uint8_t *data,
+						size_t size)
+{
+	return 1;
 }
 
 static void save_memory_training_data(bool s3wake, uint32_t fsp_version)
@@ -113,7 +70,7 @@
 				mrc_data_size) < 0)
 		printk(BIOS_ERR, "Failed to stash MRC data\n");
 
-	mrc_cache_update_tpm_hash(mrc_data, mrc_data_size);
+	mrc_cache_update_hash(mrc_data, mrc_data_size);
 }
 
 static void do_fsp_post_memory_init(bool s3wake, uint32_t fsp_version)
@@ -148,48 +105,6 @@
 	romstage_handoff_init(s3wake);
 }
 
-static int mrc_cache_verify_tpm_hash(const uint8_t *data, size_t size)
-{
-	uint8_t data_hash[VB2_SHA256_DIGEST_SIZE];
-	uint8_t tpm_hash[VB2_SHA256_DIGEST_SIZE];
-
-	/* We do not store normal mode data hash in TPM. */
-	if (!vboot_recovery_mode_enabled())
-		return 1;
-
-	if (!IS_ENABLED(CONFIG_FSP2_0_USES_TPM_MRC_HASH))
-		return 1;
-
-	/* Calculate hash of data read from RECOVERY_MRC_CACHE. */
-	if (vb2_digest_buffer(data, size, VB2_HASH_SHA256, data_hash,
-			      sizeof(data_hash))) {
-		printk(BIOS_ERR, "MRC: SHA-256 calculation failed for data.\n");
-		return 0;
-	}
-
-	/* Initialize TPM driver. */
-	if (tlcl_lib_init() != VB2_SUCCESS) {
-		printk(BIOS_ERR, "MRC: TPM driver initialization failed.\n");
-		return 0;
-	}
-
-	/* Read hash of MRC data saved in TPM. */
-	if (antirollback_read_space_rec_hash(tpm_hash, sizeof(tpm_hash))
-	    != TPM_SUCCESS) {
-		printk(BIOS_ERR, "MRC: Could not read hash from TPM.\n");
-		return 0;
-	}
-
-	if (memcmp(tpm_hash, data_hash, sizeof(tpm_hash))) {
-		printk(BIOS_ERR, "MRC: Hash comparison failed.\n");
-		return 0;
-	}
-
-	printk(BIOS_INFO, "MRC: Hash comparison successful. "
-	       "Using data from RECOVERY_MRC_CACHE\n");
-	return 1;
-}
-
 static void fsp_fill_mrc_cache(FSPM_ARCH_UPD *arch_upd, uint32_t fsp_version)
 {
 	struct region_device rdev;
@@ -222,7 +137,7 @@
 	if (data == NULL)
 		return;
 
-	if (!mrc_cache_verify_tpm_hash(data, region_device_sz(&rdev)))
+	if (!mrc_cache_verify_hash(data, region_device_sz(&rdev)))
 		return;
 
 	/* MRC cache found */
diff --git a/src/security/vboot/mrc_cache_hash_tpm.c b/src/security/vboot/mrc_cache_hash_tpm.c
new file mode 100644
index 0000000..986aa63
--- /dev/null
+++ b/src/security/vboot/mrc_cache_hash_tpm.c
@@ -0,0 +1,108 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2018 Facebook Inc
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ */
+
+#include <security/vboot/antirollback.h>
+#include <program_loading.h>
+#include <security/vboot/vboot_common.h>
+#include <vb2_api.h>
+#include <security/tpm/tss.h>
+#include <fsp/memory_init.h>
+#include <console/console.h>
+#include <string.h>
+
+void mrc_cache_update_hash(const uint8_t *data, size_t size)
+{
+	uint8_t data_hash[VB2_SHA256_DIGEST_SIZE];
+	static const uint8_t dead_hash[VB2_SHA256_DIGEST_SIZE] = {
+		0xba, 0xad, 0xda, 0x1a, /* BAADDA1A */
+		0xde, 0xad, 0xde, 0xad, /* DEADDEAD */
+		0xde, 0xad, 0xda, 0x1a, /* DEADDA1A */
+		0xba, 0xad, 0xba, 0xad, /* BAADBAAD */
+		0xba, 0xad, 0xda, 0x1a, /* BAADDA1A */
+		0xde, 0xad, 0xde, 0xad, /* DEADDEAD */
+		0xde, 0xad, 0xda, 0x1a, /* DEADDA1A */
+		0xba, 0xad, 0xba, 0xad, /* BAADBAAD */
+	};
+	const uint8_t *hash_ptr = data_hash;
+
+	/* We do not store normal mode data hash in TPM. */
+	if (!vboot_recovery_mode_enabled())
+		return;
+
+	/* Initialize TPM driver. */
+	if (tlcl_lib_init() != VB2_SUCCESS) {
+		printk(BIOS_ERR, "MRC: TPM driver initialization failed.\n");
+		return;
+	}
+
+	/* Calculate hash of data generated by MRC. */
+	if (vb2_digest_buffer(data, size, VB2_HASH_SHA256, data_hash,
+			      sizeof(data_hash))) {
+		printk(BIOS_ERR, "MRC: SHA-256 calculation failed for data. "
+		       "Not updating TPM hash space.\n");
+		/*
+		 * Since data is being updated in recovery cache, the hash
+		 * currently stored in TPM recovery hash space is no longer
+		 * valid. If we are not able to calculate hash of the data being
+		 * updated, reset all the bits in TPM recovery hash space to
+		 * pre-defined hash pattern.
+		 */
+		hash_ptr = dead_hash;
+	}
+
+	/* Write hash of data to TPM space. */
+	if (antirollback_write_space_rec_hash(hash_ptr, VB2_SHA256_DIGEST_SIZE)
+	    != TPM_SUCCESS) {
+		printk(BIOS_ERR, "MRC: Could not save hash to TPM.\n");
+		return;
+	}
+
+	printk(BIOS_INFO, "MRC: TPM MRC hash updated successfully.\n");
+}
+
+int mrc_cache_verify_hash(const uint8_t *data, size_t size)
+{
+	uint8_t data_hash[VB2_SHA256_DIGEST_SIZE];
+	uint8_t tpm_hash[VB2_SHA256_DIGEST_SIZE];
+
+	/* We do not store normal mode data hash in TPM. */
+	if (!vboot_recovery_mode_enabled())
+		return 1;
+
+	/* Calculate hash of data read from RECOVERY_MRC_CACHE. */
+	if (vb2_digest_buffer(data, size, VB2_HASH_SHA256, data_hash,
+			      sizeof(data_hash))) {
+		printk(BIOS_ERR, "MRC: SHA-256 calculation failed for data.\n");
+		return 0;
+	}
+
+	/* Initialize TPM driver. */
+	if (tlcl_lib_init() != VB2_SUCCESS) {
+		printk(BIOS_ERR, "MRC: TPM driver initialization failed.\n");
+		return 0;
+	}
+
+	/* Read hash of MRC data saved in TPM. */
+	if (antirollback_read_space_rec_hash(tpm_hash, sizeof(tpm_hash))
+	    != TPM_SUCCESS) {
+		printk(BIOS_ERR, "MRC: Could not read hash from TPM.\n");
+		return 0;
+	}
+
+	if (memcmp(tpm_hash, data_hash, sizeof(tpm_hash))) {
+		printk(BIOS_ERR, "MRC: Hash comparison failed.\n");
+		return 0;
+	}
+
+	printk(BIOS_INFO, "MRC: Hash comparison successful. "
+	       "Using data from RECOVERY_MRC_CACHE\n");
+	return 1;
+}

-- 
To view, visit https://review.coreboot.org/24904
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I41a458186c7981adaf3fea8974adec2ca8668f14
Gerrit-Change-Number: 24904
Gerrit-PatchSet: 1
Gerrit-Owner: Philipp Deppenwiese <zaolin.daisuki at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot-gerrit/attachments/20180227/4cea3126/attachment-0001.html>

More information about the coreboot-gerrit mailing list