| Age | Commit message (Collapse) | Author |
|---|
|
The read_blocks() function from the Block IO protocol is a UEFI function;
make sure to call it from within U-Boot using the EFI_CALL() macro.
To demonstrate the issue on an AArch64 machine, define the DEBUG macro in
include/efi_loader.h and build u-boot with sandbox_defconfig, then download
and uncompress the ACS-DT image [1], and finally execute the following
command:
$ ./u-boot -T -c " \
host bind 0 systemready-dt_acs_live_image.wic; \
setenv loadaddr 0x10000; \
load host 0 \${loadaddr} EFI/BOOT/Shell.efi; \
bootefi \${loadaddr} \${fdtcontroladdr}"
The following assertion should fail:
lib/efi_loader/efi_net.c:858: efi_network_timer_notify: Assertion `__efi_entry_check()' failed.
This happens due to the following EFIAPI functions call chain:
efi_start_image()
efi_disk_read_blocks()
(due to the missing EFI_CALL, entry_count == 2)
efi_network_timer_notify()
Link: https://github.com/ARM-software/arm-systemready/releases/download/v25.12_DT_3.1.1/systemready-dt_acs_live_image.wic.xz [1]
Fixes: ce3dbc5d080d ("efi_loader: add UEFI GPT measurement")
Signed-off-by: Vincent Stehlé <[email protected]>
Cc: Heinrich Schuchardt <[email protected]>
Cc: Ilias Apalodimas <[email protected]>
Cc: Tom Rini <[email protected]>
Cc: Masahisa Kojima <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Acked-by: Masahisa Kojima <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
add sm3 256 hash support, so TPM2 chips which report
5 pcrs with sm3 hash do not fail with:
u-boot=> tpm2 autostart
tpm2_get_pcr_info: too many pcrs: 5
Error: -90
Signed-off-by: Heiko Schocher <[email protected]>
|
|
These functions are useful for the EFI app. As a first step towards
making these available outside lib/efi_loader, create a separate header
file and include it where needed. Add proper comments to the functions,
since many are missing at present.
Signed-off-by: Simon Glass <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
Move default eventlog size from efi to tpm for using in both
efi and measured boot.
Signed-off-by: Raymond Mao <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
The log category should be LOGC_EFI all over the EFI sub-system.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
When the TCG2 protocol installation fails, we are trying to remove
all the objects we created in tcg2_uninit().
However, there are cases when this function runs before the config
table was installed. So instead of printing an error unconditionally
check against EFI_NOT_FOUND and don't print anything if the table wasn't
installed to begin with.
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
The value of variable nt is never used. Just use NULL when calling
efi_check_pe().
The API function is not expected to write to the console. Such output might
have unwanted side effects on the screen layout of an EFI application.
Leave error handling to the caller.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
This function is only used locally, so make it static and quiesce
the W=1 warning
Signed-off-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
This function was used on measured boot to retrieve the number of active
PCR banks and was designed to work with the TCG protocols.
Since we now have the need to retrieve the active PCRs outside the
measured boot context -- e.g use the in the command line, decouple the
function.
Create one that will only adheres to TCG TSS2.0 [0] specification called
tpm2_get_pcr_info() which can be used by the TPM2.0 APIs and a new one that
is called from the measured boot context called tcg2_get_pcr_info()
[0] https://trustedcomputinggroup.org/wp-content/uploads/TSS_Overview_Common_Structures_Version-0.9_Revision-03_Review_030918.pdf
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
efi_tcg2.h already includes tpm-v2.h. Remove it
Reviewed-by: Heinrich Schuchardt <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
Prepare v2024.07-rc5
|
|
A while back we moved the core functions of the EFI TCG protocol to the
TPM APIs in order for them to be used with bootm, booti etc.
Some prototypes changed from returning efi_status_t to int, which is more
appropriate for the non-EFI APIs. However, some of the EFI callsites never
changed and we ended up assigning the int value to efi_status_t.
This is unlikely to cause any problems, apart from returning invalid
values on failures and violating the EFI spec. Let's fix them
by looking at the new return code and map it to the proper EFI return
code on failures.
Fixes: commit 97707f12fdab ("tpm: Support boot measurements")
Fixes: commit d6b55a420cfc ("efi_loader: startup the tpm device when installing the protocol")
Reviewed-by: Heinrich Schuchardt <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
The PC client spec [0], doesn't describe measurements for DTBs. It does
describe what do to for ACPI tables though.
There is a description for ACPI in 3.3.4.1 PCR[0] – SRTM, POST BIOS,
and Embedded Drivers and they explicitly mention ACPI in there. There's
no mention of ACPI in 3.3.4.2 PCR[1] – Host Platform Configuration.
However, in Figure 6 -- PCR Mapping of UEFI Components ACPI is shown
in PCR1. The general description also mentions PCR0 is for code and PCR1
is for data such as ACPI and SMBIOS.
So let's switch over the DTB measurements to PCR1 which seems a better
fit.
[0] https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification
Reported-by: Heinrich Schuchardt <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Eddie James <[email protected]>
|
|
Prepare v2024.070-rc4
|
|
replace tpm2_supported_algorithms with an array of structures
relating algorithm names, to TCG id's, digest length and mask values.
While at it fix the tpm2_algorithm_to_mask to return the proper value.
Cc: Eddie James <[email protected]>
Cc: Ilias Apalodimas <[email protected]>
Fixes: 97707f12fdab ("tpm: Support boot measurements")
Signed-off-by: Tim Harvey <[email protected]>
Tested-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
Remove the redundant includes of u-boot/sha1.h, u-boot/sha256.h
and u-boot/sha512.h
Signed-off-by: Raymond Mao <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
In the SMBIOS 3 entry point the Structure Table Maximum Size field was
incorrectly named max_struct_size. A Maximum Structure Size field only
exists in the SMBIOS 2.1 entry point and has a different meaning.
Call the Structure Table Length field table_maximum_size.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
The code in find_smbios_table() is redundant to
efi_get_configuration_table(). Replace it.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
Current U-Boot only supports the SMBIOS 3.0 entry point structure.
TCG2 measurement code should migrate to SMBIOS 3.0 entry
point structure.
efi_selftest tcg2 test also needs to be updated, and expected
PCR[1] result is changed since guid for SMBIOS EFI system table
uses different guid SMBIOS3_TABLE_GUID instead of SMBIOS_TABLE_GUID.
Signed-off-by: Masahisa Kojima <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
We largely do not need <common.h> in these files, so drop it. The only
exception here is that efi_freestanding.c needs <linux/types.h> and had
been getting that via <common.h>.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
The result of efi_append_scrtm_version() is overwritten before anyone
checks its result. Check it and exit the function on failures
Addresses-Coverity-ID: 467399 Code maintainability issues (UNUSED_VALUE)
Fixes: commit 97707f12fdab ("tpm: Support boot measurements")
Signed-off-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
efi_tcg2_get_active_pcr_banks doesn't immediately call the
EFI_ENTRY() wrapper once it enters the function. Move the call a
few lines above to cover the error cases properly as well.
Reviewed-by: Heinrich Schuchardt <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
Add TPM2 functions to support boot measurement. This includes
starting up the TPM, initializing/appending the event log, and
measuring the U-Boot version. Much of the code was used in the
EFI subsystem, so remove it there and use the common functions.
Signed-off-by: Eddie James <[email protected]>
For the API moving around from EFI -> u-boot core
Reviewed-by: Ilias Apalodimas <[email protected]>
For EFI testing
Tested-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
If the hard coded array hash_algo_list[] contains an entry for an
unsupported algorithm, we should not leak resources new_efi and regs.
We should still extend the log with the digests for the supported
algorithms and not write any message.
The same holds true of tcg2_create_digest(): just continue in case
hash_algo_list[] contains an unsupported entry.
Fixes: 163a0d7e2cbd ("efi_loader: add PE/COFF image measurement")
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
The TCG2 protocol currently adds and removes protocols with
efi_(add/remove)_protocol().
Removing protocols with efi_remove_protocol() might prove
problematic since it doesn't call DisconnectController() when
uninstalling the protocol and does not comply with the UEFI specification.
It's also beneficial for readability to have protocol installations and
removals in pairs -- IOW when efi_install_multiple_protocol_interfaces()
is called, efi_uninstall_multiple_protocol_interfaces() should be used to
remove it. So let's swap the efi_add_protocol() as well.
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
A previous commit is adding a new tpm startup functions which
initializes the TPMv2 and performs all the needed selftests.
Since the TPM selftests might be needed depending on the requested
algorithm or functional module use that instead.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
Measures the DTB passed to the EFI application upon new boolean config
switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the
content of the DTB passed to the OS can change across reboots, there is
not point measuring it hence the config switch to allow platform to not
embed this feature.
Co-developed-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Etienne Carriere <[email protected]>
Tested-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
"Unable to find TPMv2 device" doesn't explain much with regards to the
error origin. Update it to match what we have in the RNG protocol
installation.
Signed-off-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
The CloseProtocol() boot service requires a handle as first argument.
Passing the protocol interface is incorrect.
CloseProtocol() only has an effect if called with a non-zero value for
agent_handle. HandleProtocol() uses an opaque agent_handle when invoking
OpenProtocol() (currently NULL). Therefore HandleProtocol() should be
avoided.
* Replace the LocateHandle() call by efi_search_protocol().
* Remove the CloseProtocol() call.
* Remove a superfluous goto.
Fixes: ce3dbc5d080d ("efi_loader: add UEFI GPT measurement")
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
At present we use wide characters for unicode but this is not necessary.
Change the code to use the 'u' literal instead. This helps to fix build
warnings for sandbox on rpi.
Signed-off-by: Simon Glass <[email protected]>
Suggested-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
When the TCG2 protocol is installed in efi_tcg2_register(),
TPM2 device must be present.
tcg2_measure_pe_image() expects that TCP2 protocol is installed
and TPM device is available. If TCG2 Protocol is installed but
TPM device is not found, tcg2_measure_pe_image() returns
EFI_SECURITY_VIOLATION and efi_load_image() ends with failure.
The same error handling is applied to
efi_tcg2_measure_efi_app_invocation().
Signed-off-by: Masahisa Kojima <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
There are functions that calls tcg2_agile_log_append() outside
of the TCG protocol invocation (e.g tcg2_measure_pe_image).
These functions must to check that TCG2 protocol is installed.
If not, measurement shall be skipped.
Signed-off-by: Masahisa Kojima <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
This commit modify efi_tcg2_register() to return the
appropriate error.
With this fix, sandbox will not boot because efi_tcg2_register()
fails due to some missing feature in GetCapabilities.
So disable sandbox if EFI_TCG2_PROTOCOL is enabled.
UEFI secure boot variable measurement is not directly related
to TCG2 protocol installation, tcg2_measure_secure_boot_variable()
is moved to the separate function.
Signed-off-by: Masahisa Kojima <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
Firmwares before U-Boot may be capable of doing tpm measurements
and passing them to U-Boot in the form of eventlog. However there
may be scenarios where the firmwares don't have TPM driver and
are not capable of extending the measurements in the PCRs.
Based on TCG spec, if previous firnware has extended PCR's, PCR0
would not be 0. So, read the PCR0 to determine if the PCR's need
to be extended as eventlog is parsed or not.
Signed-off-by: Ruchika Gupta <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Tested-by: Ilias Apalodimas <[email protected]>
|
|
Platforms may have support to measure their initial firmware components
and pass the event log to u-boot. The event log address can be passed
in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
Platforms may choose their own specific mechanism to do so. A weak
function is added to check if even log has been passed to u-boot
from earlier firmware components. If available, the eventlog is parsed
to check for its correctness and further event logs are appended to the
passed log.
Signed-off-by: Ruchika Gupta <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Tested-by: Ilias Apalodimas <[email protected]>
|
|
Due to U-Boot's lazy binding mentality the TPM is probed but not properly
initialized. The user can startup the device from the command line
e.g 'tpm2 startup TPM2_SU_CLEAR'. However we can initialize the TPM during
the TCG protocol installation, which is easier to use overall.
Signed-off-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
As described in the TCG spec [1] in sections 7.1.1 and 7.1.2 the FinalEvent
table should include events after GetEventLog has been called. This
currently works for us as long as the kernel is the only EFI application
calling that. Specifically we only implement what's described in 7.1.1.
So refactor the code a bit and support EFI application(s) calling
GetEventLog. Events will now be logged in both the EventLog and FinalEvent
table as long as ExitBootServices haven't been invoked.
[1] https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
log_info() is used for the debug level logging statement
which should use log_debug() instead. Convert it to reduce the
log output.
Signed-off-by: Masahisa Kojima <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
UEFI specification does not require that BootOrder is defined.
In current implementation, boot variable measurement fails and
returns EFI_NOT_FOUND if BootOrder is not defined.
This commit correcly handles this case, skip the boot variable
measurement if BootOrder is not defined.
Signed-off-by: Masahisa Kojima <[email protected]>
Acked-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand
required in the TCG PC Client PFP spec.
SubmitCommand enables to send the raw command to the TPM device.
To implement this api, tpm2_submit_command() is added
into tpm-v2.c.
Signed-off-by: Masahisa Kojima <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
Calling unaligned/access-ok.h version of put_unaligned_le64()
causes data abort in arm 32-bit QEMU.
The similar issue also occurs in linux kernel,
unaligned/access-ok.h is no longer used in linux kernel[1].
This commit uses the unaligned/be_byteshift.h and
unaligned/le_byteshift.h helper instead of unaligned/access-ok.h.
[1]https://lore.kernel.org/all/[email protected]/
Signed-off-by: Masahisa Kojima <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
This commit adds the DeployedMode and AuditMode variable
measurement required in TCG PC Client Platform Firmware
Profile Specification.
Signed-off-by: Masahisa Kojima <[email protected]>
|
|
This commit simplifies tcg2_measure_secure_boot_variable()
using secure_variables table.
Signed-off-by: Masahisa Kojima <[email protected]>
|
|
This commit adds the UEFI GPT disk partition topology
measurement required in TCG PC Client Platform Firmware
Profile Specification
Signed-off-by: Masahisa Kojima <[email protected]>
|
|
TCG PC Client Platform Firmware Profile Specification
requires to measure the SMBIOS table that contains static
configuration information (e.g. Platform Manufacturer
Enterprise Number assigned by IANA, platform model number,
Vendor and Device IDs for each SMBIOS table).
The device- and environment-dependent information such as
serial number is cleared to zero or space character for
the measurement.
Existing smbios_string() function returns pointer to the string
with const qualifier, but exisintg use case is updating version
string and const qualifier must be removed.
This commit removes const qualifier from smbios_string()
return value and reuses to clear the strings for the measurement.
This commit also fixes the following compiler warning:
lib/smbios-parser.c:59:39: warning: cast to pointer from integer of
different size [-Wint-to-pointer-cast]
const struct smbios_header *header = (struct smbios_header *)entry->struct_table_address;
Signed-off-by: Masahisa Kojima <[email protected]>
|
|
Don't duplicate GUIDs.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
UEFI variable names are typically constants and hence should be defined as
const. Unfortunately some of our API functions do not define the parameters
for UEFI variable names as const. This requires unnecessary conversions.
Adjust parameters of several internal functions to tre UEFI variable names
as const.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
Prepare v2021.10-rc5
|
|
TCG EFI Protocol Specification defines the number_of_algorithms
field in spec ID event to be equal to the number of active
algorithms supported by the TPM device. In current implementation,
this field is populated with the count of all algorithms supported
by the TPM which leads to incorrect spec ID event creation.
Similarly, the algorithm array in spec ID event should be a variable
length array with length being equal to the number_of_algorithms field.
In current implementation this is defined as a fixed length array
which has been fixed.
Signed-off-by: Ruchika Gupta <[email protected]>
CC: Masahisa Kojima <[email protected]>
CC: Ilias Apalodimas <[email protected]>
CC: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
More C files do not use compile time timestamp macros and do not have to be
recompiled every time when SOURCE_DATE_EPOCH changes.
This patch moves version_string[] from version.h to version_string.h and
updates other C files which only needs version_string[] string to include
version_string.h instead of version.h. After applying this patch these
files are not recompiled every time when SOURCE_DATE_EPOCH changes.
Signed-off-by: Pali Rohár <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
|
