include/linux/tpm_eventlog.h at ee9dce44362b2d8132c32964656ab6dff7dfbc6a

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / include / linux / tpm_eventlog.h
at ee9dce44362b2d8132c32964656ab6dff7dfbc6a 299 lines 6.7 kB view raw
wrap content
  1/* SPDX-License-Identifier: GPL-2.0 */
  2
  3#ifndef __LINUX_TPM_EVENTLOG_H__
  4#define __LINUX_TPM_EVENTLOG_H__
  5
  6#include <linux/tpm.h>
  7
  8#define TCG_EVENT_NAME_LEN_MAX	255
  9#define MAX_TEXT_EVENT		1000	/* Max event string length */
 10#define ACPI_TCPA_SIG		"TCPA"	/* 0x41504354 /'TCPA' */
 11
 12#define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x1
 13#define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2   0x2
 14
 15#ifdef CONFIG_PPC64
 16#define do_endian_conversion(x) be32_to_cpu(x)
 17#else
 18#define do_endian_conversion(x) x
 19#endif
 20
 21enum bios_platform_class {
 22	BIOS_CLIENT = 0x00,
 23	BIOS_SERVER = 0x01,
 24};
 25
 26struct tcpa_event {
 27	u32 pcr_index;
 28	u32 event_type;
 29	u8 pcr_value[20];	/* SHA1 */
 30	u32 event_size;
 31	u8 event_data[];
 32};
 33
 34enum tcpa_event_types {
 35	PREBOOT = 0,
 36	POST_CODE,
 37	UNUSED,
 38	NO_ACTION,
 39	SEPARATOR,
 40	ACTION,
 41	EVENT_TAG,
 42	SCRTM_CONTENTS,
 43	SCRTM_VERSION,
 44	CPU_MICROCODE,
 45	PLATFORM_CONFIG_FLAGS,
 46	TABLE_OF_DEVICES,
 47	COMPACT_HASH,
 48	IPL,
 49	IPL_PARTITION_DATA,
 50	NONHOST_CODE,
 51	NONHOST_CONFIG,
 52	NONHOST_INFO,
 53};
 54
 55struct tcpa_pc_event {
 56	u32 event_id;
 57	u32 event_size;
 58	u8 event_data[];
 59};
 60
 61enum tcpa_pc_event_ids {
 62	SMBIOS = 1,
 63	BIS_CERT,
 64	POST_BIOS_ROM,
 65	ESCD,
 66	CMOS,
 67	NVRAM,
 68	OPTION_ROM_EXEC,
 69	OPTION_ROM_CONFIG,
 70	OPTION_ROM_MICROCODE = 10,
 71	S_CRTM_VERSION,
 72	S_CRTM_CONTENTS,
 73	POST_CONTENTS,
 74	HOST_TABLE_OF_DEVICES,
 75};
 76
 77/* http://www.trustedcomputinggroup.org/tcg-efi-protocol-specification/ */
 78
 79struct tcg_efi_specid_event_algs {
 80	u16 alg_id;
 81	u16 digest_size;
 82} __packed;
 83
 84#define TCG_SPECID_SIG "Spec ID Event03"
 85
 86struct tcg_efi_specid_event_head {
 87	u8 signature[16];
 88	u32 platform_class;
 89	u8 spec_version_minor;
 90	u8 spec_version_major;
 91	u8 spec_errata;
 92	u8 uintnsize;
 93	u32 num_algs;
 94	struct tcg_efi_specid_event_algs digest_sizes[];
 95} __packed;
 96
 97struct tcg_pcr_event {
 98	u32 pcr_idx;
 99	u32 event_type;
100	u8 digest[20];
101	u32 event_size;
102	u8 event[];
103} __packed;
104
105struct tcg_event_field {
106	u32 event_size;
107	u8 event[];
108} __packed;
109
110struct tcg_pcr_event2_head {
111	u32 pcr_idx;
112	u32 event_type;
113	u32 count;
114	struct tpm_digest digests[];
115} __packed;
116
117struct tcg_algorithm_size {
118	u16 algorithm_id;
119	u16 algorithm_size;
120};
121
122struct tcg_algorithm_info {
123	u8 signature[16];
124	u32 platform_class;
125	u8 spec_version_minor;
126	u8 spec_version_major;
127	u8 spec_errata;
128	u8 uintn_size;
129	u32 number_of_algorithms;
130	struct tcg_algorithm_size digest_sizes[];
131};
132
133#ifndef TPM_MEMREMAP
134static inline void *TPM_MEMREMAP(unsigned long start, size_t size)
135{
136	return NULL;
137}
138#endif
139
140#ifndef TPM_MEMUNMAP
141static inline void TPM_MEMUNMAP(void *mapping, size_t size)
142{
143}
144#endif
145
146/**
147 * __calc_tpm2_event_size - calculate the size of a TPM2 event log entry
148 * @event:        Pointer to the event whose size should be calculated
149 * @event_header: Pointer to the initial event containing the digest lengths
150 * @do_mapping:   Whether or not the event needs to be mapped
151 *
152 * The TPM2 event log format can contain multiple digests corresponding to
153 * separate PCR banks, and also contains a variable length of the data that
154 * was measured. This requires knowledge of how long each digest type is,
155 * and this information is contained within the first event in the log.
156 *
157 * We calculate the length by examining the number of events, and then looking
158 * at each event in turn to determine how much space is used for events in
159 * total. Once we've done this we know the offset of the data length field,
160 * and can calculate the total size of the event.
161 *
162 * Return: size of the event on success, 0 on failure
163 */
164
165static __always_inline u32 __calc_tpm2_event_size(struct tcg_pcr_event2_head *event,
166					 struct tcg_pcr_event *event_header,
167					 bool do_mapping)
168{
169	struct tcg_efi_specid_event_head *efispecid;
170	struct tcg_event_field *event_field;
171	void *mapping = NULL;
172	int mapping_size;
173	void *marker;
174	void *marker_start;
175	u32 halg_size;
176	size_t size;
177	u16 halg;
178	int i;
179	int j;
180	u32 count, event_type;
181	const u8 zero_digest[sizeof(event_header->digest)] = {0};
182
183	marker = event;
184	marker_start = marker;
185	marker = marker + sizeof(event->pcr_idx) + sizeof(event->event_type)
186		+ sizeof(event->count);
187
188	/* Map the event header */
189	if (do_mapping) {
190		mapping_size = marker - marker_start;
191		mapping = TPM_MEMREMAP((unsigned long)marker_start,
192				       mapping_size);
193		if (!mapping) {
194			size = 0;
195			goto out;
196		}
197	} else {
198		mapping = marker_start;
199	}
200
201	event = (struct tcg_pcr_event2_head *)mapping;
202	/*
203	 * The loop below will unmap these fields if the log is larger than
204	 * one page, so save them here for reference:
205	 */
206	count = event->count;
207	event_type = event->event_type;
208
209	/* Verify that it's the log header */
210	if (event_header->pcr_idx != 0 ||
211	    event_header->event_type != NO_ACTION ||
212	    memcmp(event_header->digest, zero_digest, sizeof(zero_digest))) {
213		size = 0;
214		goto out;
215	}
216
217	efispecid = (struct tcg_efi_specid_event_head *)event_header->event;
218
219	/*
220	 * Perform validation of the event in order to identify malformed
221	 * events. This function may be asked to parse arbitrary byte sequences
222	 * immediately following a valid event log. The caller expects this
223	 * function to recognize that the byte sequence is not a valid event
224	 * and to return an event size of 0.
225	 */
226	if (memcmp(efispecid->signature, TCG_SPECID_SIG,
227		   sizeof(TCG_SPECID_SIG)) ||
228	    !efispecid->num_algs || count != efispecid->num_algs) {
229		size = 0;
230		goto out;
231	}
232
233	for (i = 0; i < count; i++) {
234		halg_size = sizeof(event->digests[i].alg_id);
235
236		/* Map the digest's algorithm identifier */
237		if (do_mapping) {
238			TPM_MEMUNMAP(mapping, mapping_size);
239			mapping_size = halg_size;
240			mapping = TPM_MEMREMAP((unsigned long)marker,
241					     mapping_size);
242			if (!mapping) {
243				size = 0;
244				goto out;
245			}
246		} else {
247			mapping = marker;
248		}
249
250		memcpy(&halg, mapping, halg_size);
251		marker = marker + halg_size;
252
253		for (j = 0; j < efispecid->num_algs; j++) {
254			if (halg == efispecid->digest_sizes[j].alg_id) {
255				marker +=
256					efispecid->digest_sizes[j].digest_size;
257				break;
258			}
259		}
260		/* Algorithm without known length. Such event is unparseable. */
261		if (j == efispecid->num_algs) {
262			size = 0;
263			goto out;
264		}
265	}
266
267	/*
268	 * Map the event size - we don't read from the event itself, so
269	 * we don't need to map it
270	 */
271	if (do_mapping) {
272		TPM_MEMUNMAP(mapping, mapping_size);
273		mapping_size += sizeof(event_field->event_size);
274		mapping = TPM_MEMREMAP((unsigned long)marker,
275				       mapping_size);
276		if (!mapping) {
277			size = 0;
278			goto out;
279		}
280	} else {
281		mapping = marker;
282	}
283
284	event_field = (struct tcg_event_field *)mapping;
285
286	marker = marker + sizeof(event_field->event_size)
287		+ event_field->event_size;
288	size = marker - marker_start;
289
290	if (event_type == 0 && event_field->event_size == 0)
291		size = 0;
292
293out:
294	if (do_mapping)
295		TPM_MEMUNMAP(mapping, mapping_size);
296	return size;
297}
298
299#endif
Configure Feed

Configure Feed
