diff options
author | Philipp Deppenwiese <zaolin@das-labor.org> | 2018-02-27 22:14:34 +0100 |
---|---|---|
committer | Philipp Deppenwiese <zaolin.daisuki@gmail.com> | 2018-07-17 17:40:33 +0000 |
commit | 80961af4b6888ff31aacaae0753969db4a8fb734 (patch) | |
tree | e34d36a3a65601327fdc973864c1b465d3f842b8 /src/security | |
parent | d29c81d51314806f17e0b49cb57f0d620bde783c (diff) | |
download | coreboot-80961af4b6888ff31aacaae0753969db4a8fb734.tar.xz |
security/vboot: Add interface for FSP 2.0 mrc caching
* Move vboot/tpm specific implementation to vboot.
* Only call functions if CONFIG_FSP2_0_USES_TPM_MRC_HASH is set.
* Preparation for software hash function support, no logic changed.
Change-Id: I41a458186c7981adaf3fea8974adec2ca8668f14
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/24904
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/security')
-rw-r--r-- | src/security/vboot/Makefile.inc | 2 | ||||
-rw-r--r-- | src/security/vboot/mrc_cache_hash_tpm.c | 115 |
2 files changed, 117 insertions, 0 deletions
diff --git a/src/security/vboot/Makefile.inc b/src/security/vboot/Makefile.inc index 75c2a9e44c..b542425346 100644 --- a/src/security/vboot/Makefile.inc +++ b/src/security/vboot/Makefile.inc @@ -78,6 +78,8 @@ romstage-y += vboot_handoff.c common.c ramstage-y += common.c postcar-y += common.c +romstage-$(CONFIG_FSP2_0_USES_TPM_MRC_HASH) += mrc_cache_hash_tpm.c + ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y) VB_FIRMWARE_ARCH := $(ARCHDIR-$(ARCH-verstage-y)) else diff --git a/src/security/vboot/mrc_cache_hash_tpm.c b/src/security/vboot/mrc_cache_hash_tpm.c new file mode 100644 index 0000000000..d54f8f4618 --- /dev/null +++ b/src/security/vboot/mrc_cache_hash_tpm.c @@ -0,0 +1,115 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2018 Facebook Inc + * Copyright (C) 2015-2016 Intel Corp. + * (Written by Andrey Petrov <andrey.petrov@intel.com> for Intel Corp.) + * (Written by Alexandru Gagniuc <alexandrux.gagniuc@intel.com> for Intel Corp.) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include <security/vboot/antirollback.h> +#include <program_loading.h> +#include <security/vboot/vboot_common.h> +#include <vb2_api.h> +#include <security/tpm/tss.h> +#include <fsp/memory_init.h> +#include <console/console.h> +#include <string.h> + +void mrc_cache_update_hash(const uint8_t *data, size_t size) +{ + uint8_t data_hash[VB2_SHA256_DIGEST_SIZE]; + static const uint8_t dead_hash[VB2_SHA256_DIGEST_SIZE] = { + 0xba, 0xad, 0xda, 0x1a, /* BAADDA1A */ + 0xde, 0xad, 0xde, 0xad, /* DEADDEAD */ + 0xde, 0xad, 0xda, 0x1a, /* DEADDA1A */ + 0xba, 0xad, 0xba, 0xad, /* BAADBAAD */ + 0xba, 0xad, 0xda, 0x1a, /* BAADDA1A */ + 0xde, 0xad, 0xde, 0xad, /* DEADDEAD */ + 0xde, 0xad, 0xda, 0x1a, /* DEADDA1A */ + 0xba, 0xad, 0xba, 0xad, /* BAADBAAD */ + }; + const uint8_t *hash_ptr = data_hash; + + /* We do not store normal mode data hash in TPM. */ + if (!vboot_recovery_mode_enabled()) + return; + + /* Initialize TPM driver. */ + if (tlcl_lib_init() != VB2_SUCCESS) { + printk(BIOS_ERR, "MRC: TPM driver initialization failed.\n"); + return; + } + + /* Calculate hash of data generated by MRC. */ + if (vb2_digest_buffer(data, size, VB2_HASH_SHA256, data_hash, + sizeof(data_hash))) { + printk(BIOS_ERR, "MRC: SHA-256 calculation failed for data. " + "Not updating TPM hash space.\n"); + /* + * Since data is being updated in recovery cache, the hash + * currently stored in TPM recovery hash space is no longer + * valid. If we are not able to calculate hash of the data being + * updated, reset all the bits in TPM recovery hash space to + * pre-defined hash pattern. + */ + hash_ptr = dead_hash; + } + + /* Write hash of data to TPM space. */ + if (antirollback_write_space_rec_hash(hash_ptr, VB2_SHA256_DIGEST_SIZE) + != TPM_SUCCESS) { + printk(BIOS_ERR, "MRC: Could not save hash to TPM.\n"); + return; + } + + printk(BIOS_INFO, "MRC: TPM MRC hash updated successfully.\n"); +} + +int mrc_cache_verify_hash(const uint8_t *data, size_t size) +{ + uint8_t data_hash[VB2_SHA256_DIGEST_SIZE]; + uint8_t tpm_hash[VB2_SHA256_DIGEST_SIZE]; + + /* We do not store normal mode data hash in TPM. */ + if (!vboot_recovery_mode_enabled()) + return 1; + + /* Calculate hash of data read from RECOVERY_MRC_CACHE. */ + if (vb2_digest_buffer(data, size, VB2_HASH_SHA256, data_hash, + sizeof(data_hash))) { + printk(BIOS_ERR, "MRC: SHA-256 calculation failed for data.\n"); + return 0; + } + + /* Initialize TPM driver. */ + if (tlcl_lib_init() != VB2_SUCCESS) { + printk(BIOS_ERR, "MRC: TPM driver initialization failed.\n"); + return 0; + } + + /* Read hash of MRC data saved in TPM. */ + if (antirollback_read_space_rec_hash(tpm_hash, sizeof(tpm_hash)) + != TPM_SUCCESS) { + printk(BIOS_ERR, "MRC: Could not read hash from TPM.\n"); + return 0; + } + + if (memcmp(tpm_hash, data_hash, sizeof(tpm_hash))) { + printk(BIOS_ERR, "MRC: Hash comparison failed.\n"); + return 0; + } + + printk(BIOS_INFO, "MRC: Hash comparison successful. " + "Using data from RECOVERY_MRC_CACHE\n"); + return 1; +} |