[SeaBIOS] [PATCH v8 5/8] Add 'measurement' code to the BIOS

Kevin O'Connor kevin at koconnor.net
Tue Aug 26 16:49:34 CEST 2014


On Wed, Jul 02, 2014 at 11:38:49AM -0400, Stefan Berger wrote:
> This patch adds invocactions of functions that measure various parts of the
> code and data through various parts of the BIOS code. It follows TCG
> specifications on what needs to be measured. It also adds the implementation
> of the called functions.
> 
> Reference for what needs to be measured can be found in section 3.2.2++ in
> 
> http://www.trustedcomputinggroup.org/resources/pc_client_work_group_specific_implementation_specification_for_conventional_bios_specification_version_12
> 
> 
> The first measurements are done once the ACPI tables have been initialized.
> 
> Once booted into Linux, the current measurements produce the following logs
> which can be found in /sys/kernel/security/tpm0/ascii_bios_measurements.
> The below log also shows measurements from trusted grub.
> 
>  1 3fb240d2a04085a4e84f81e4398e070ed5a18163 06 [SMBIOS]
>  2 cc812353fc277c1fab99e0b721752a1392984566 06 [Option ROM]
>  2 9dbd87163112e5670378abe4510491259a61f411 05 [Start Option ROM Scan]
>  2 6f74e357331b8dee11bbad85f27bc66cb873106c 06 [Option ROM]
>  2 5626eb7ac05c7231e46d7461e7d3839b03ae9fad 06 [Option ROM]
>  4 c1e25c3f6b0dc78d57296aa2870ca6f782ccf80f 05 [Calling INT 19h]
>  0 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
>  1 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
>  2 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
>  3 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
>  4 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
>  5 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
>  6 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
>  7 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
>  4 8cf2fe6c87d4d0b2998a43da630292e6d85ee8b6 05 [Booting BCV device 80h (HDD)]
>  4 5dff94459a3e2d13a433ef94afdc306144565bf7 0d [IPL]
>  5 d1b33afde65ad47502332af957c60f20c84c1edc 0e [IPL Partition Data]
>  4 487ce764b527ccad17f1d04243d0136fa981e6c4 0d [IPL]
>  4 91d285e4dead566324c8938a3cc75803f462d9a1 0d [IPL]
>  4 8ba79ac98bb491524fef29defc724daaf6263d35 0d [IPL]
>  4 c591c15b82e4ff30e7383a4ff1ef3b41b38521ac 06 []
>  4 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 04 [Grub Event Separator]
>  5 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 04 [Grub Event Separator]
>  5 e8673b9e14b02dc12d8ccfd0176bca7a3de7fc3c 0e [IPL Partition Data]
>  5 0163e375a0af7525c5dac1a8e74b277359e40d1d 1105 []
>  8 4be30f67c3d48ab7f04d9c0fd07f06d4c68379be 1205 []
>  8 54c83965978de9708d026016ecb0e70660e04388 1305 []
>  5 2431ed60130faeaf3a045f21963f71cacd46a029 04 [OS Event Separator]
>  8 2431ed60130faeaf3a045f21963f71cacd46a029 04 [OS Event Separator]
>  8 f3973cae05d6e2055062119d6e6e1e077b7df876 1005 []
> 
> v5:
>  - call code for measuring CDROM boot sector
> 
> v4:
>  - return TCG_GENERAL_ERROR if ! has_working_tpm()
> 
> v2:
>  - dropping call to tcpa_measure_post
>  - converting tcpa_option_rom and tcpa_ipl functions to get pointers
>    rather than segments passed
>  - introduce public get_smbios_entry_point() function and use it
>    rather than searching for the entry point
>  - use dprintf(DEBUG_tcg, ...)
> 
> 
> Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
> ---
>  src/boot.c       |  11 ++
>  src/cdrom.c      |  10 ++
>  src/optionroms.c |   4 +
>  src/post.c       |   4 +
>  src/tcgbios.c    | 359 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  src/tcgbios.h    |   8 ++
>  6 files changed, 396 insertions(+)
> 
> diff --git a/src/boot.c b/src/boot.c
> index f36f3d6..91edf9c 100644
> --- a/src/boot.c
> +++ b/src/boot.c
> @@ -624,6 +624,10 @@ boot_disk(u8 bootdrv, int checksig)
>          }
>      }
>  
> +    tcpa_add_bootdevice(0, bootdrv);
> +    /* specs: 8.2.3 steps 4 and 5 */
> +    tcpa_ipl(IPL_BCV, MAKE_FLATPTR(bootseg, 0), 512);

Minor quibble, but these repeated tcpa calls should be compacted into
a single call to minimize the impact to the main bios code.

-Kevin



More information about the SeaBIOS mailing list