diff options
author | Daisuke Nojiri <dnojiri@chromium.org> | 2020-04-21 15:13:07 -0700 |
---|---|---|
committer | Julius Werner <jwerner@chromium.org> | 2020-04-23 01:21:07 +0000 |
commit | d9f26edfec760ff81f88f164fc0e601fe8e20e3e (patch) | |
tree | 4c24fd4bf990e93bbb98f49739b6cd588b851112 /src/security/vboot | |
parent | 5feef37de8fa2da9ca0b5df48bdf470c248cc0cb (diff) | |
download | coreboot-d9f26edfec760ff81f88f164fc0e601fe8e20e3e.tar.xz |
vboot: Add permission check for kernel space
This patch restores the permission check for the kernel space which
was dropped when read_space_kernel was moved from Depthcharge by
CL:2155429.
BUG=chromium:1045217, chromium:1020578
BRANCH=none
TEST=none
Signed-off-by: dnojiri <dnojiri@chromium.org>
Change-Id: If6d487940f39865cadc0ca9d5de6e055ad3e017d
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40579
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/security/vboot')
-rw-r--r-- | src/security/vboot/secdata_tpm.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index d666ae8a5e..37665bc23d 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -36,6 +36,8 @@ #include <security/vboot/tpm_common.h> #include <string.h> #include <security/tpm/tspi.h> +#include <security/tpm/tss.h> +#include <security/tpm/tss/tcg-1.2/tss_structures.h> #include <vb2_api.h> #include <console/console.h> @@ -68,6 +70,26 @@ static uint32_t read_space_firmware(struct vb2_context *ctx) uint32_t antirollback_read_space_kernel(struct vb2_context *ctx) { + if (!CONFIG(TPM2)) { + /* + * Before reading the kernel space, verify its permissions. If + * the kernel space has the wrong permission, we give up. This + * will need to be fixed by the recovery kernel. We will have + * to worry about this because at any time (even with PP turned + * off) the TPM owner can remove and redefine a PP-protected + * space (but not write to it). + */ + uint32_t perms; + + RETURN_ON_FAILURE(tlcl_get_permissions(KERNEL_NV_INDEX, + &perms)); + if (perms != TPM_NV_PER_PPWRITE) { + printk(BIOS_ERR, + "TPM: invalid secdata_kernel permissions\n"); + return TPM_E_CORRUPTED_STATE; + } + } + uint8_t size = VB2_SECDATA_KERNEL_MIN_SIZE; RETURN_ON_FAILURE(tlcl_read(KERNEL_NV_INDEX, ctx->secdata_kernel, |