From patchwork Thu Nov 18 06:17:49 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ruchika Gupta X-Patchwork-Id: 519235 Delivered-To: patch@linaro.org Received: by 2002:ac0:c605:0:0:0:0:0 with SMTP id p5csp518578imj; Wed, 17 Nov 2021 22:18:35 -0800 (PST) X-Google-Smtp-Source: ABdhPJzWnEpY9bOZNqQn7XtyOWA7uEuXSHPshfD3OzoN8OOqnsoWYT5mH0pwOXTUfQi9lYw3hj3+ X-Received: by 2002:a17:907:1c25:: with SMTP id nc37mr29038086ejc.333.1637216314951; Wed, 17 Nov 2021 22:18:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1637216314; cv=none; d=google.com; s=arc-20160816; b=LhKaQ4hgmYgqbLekQELcFZdl5Vpd4AozXeDQh6G2z6ofQOT1141YG5bej7TNawC/Kb nBFkkj2SVvR/kgHwNJ88q3kvN0kLUt4MwyqiOZPz2jajti1z+87qdTQwEexPY1BTTZn0 geFco3iAcfMG8nMlQb9kX0k10r3VrrkjYAzOns0C6MjJxSSU/+VRnxCysUB1J8HAZnmm qR3bSGVoxZlVQi1YbLNEOojEaFSHqowTH/K51JhhclMtGfDTauObOZICXIwAkYs6uOTN UTwP96xxa8qtmEmhJKM+Fcy2IhwV31GH1qV9wxKxe4N8ImTj9nbnaP9s47MMN9WuOLEw vP+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=2Al4uVHa+R1JJ70rNqVn5GY6uQVKQcpoWPfeJ/z4qLM=; b=YTZDaZ66/R8ooHk5G57FJMpQhwAcvNKDtu4dusKewFPx87msQcY0M3MYAN1+5sOM7F GNnXdykru5DOY2anWHfhq+Eumn+lNJYRQUnu9q4Zlo7tzfXQgXmgrVPFUhi7rjL/9h8h zHLpLMZqEqPclEcx6BJjtB71wi2WdZpYu31LzDhETu44gAJsqLAQxZja4vDrge9GPTDo Rvg+lsdf8VZUDxpKmxV78YXqgxgEFim2K0dUOvV5qILY0BeHv+DLbpdyBLGRv/FXarGP jsfVtXjAQiAxwwLCnH66ou7wYou7pBjQlrRrlhtbTR8RUvgTgSASUNcX6tx+PfmDrri/ nyKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=QHEe2B5O; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id d9si5359683edm.271.2021.11.17.22.18.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 17 Nov 2021 22:18:34 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=QHEe2B5O; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 1D9EF82F64; Thu, 18 Nov 2021 07:18:32 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="QHEe2B5O"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 0D89382F56; Thu, 18 Nov 2021 07:18:30 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pl1-x636.google.com (mail-pl1-x636.google.com [IPv6:2607:f8b0:4864:20::636]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id DE04C82D5B for ; Thu, 18 Nov 2021 07:18:24 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ruchika.gupta@linaro.org Received: by mail-pl1-x636.google.com with SMTP id v19so4348584plo.7 for ; Wed, 17 Nov 2021 22:18:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=2Al4uVHa+R1JJ70rNqVn5GY6uQVKQcpoWPfeJ/z4qLM=; b=QHEe2B5O5TGGwbGUnOZwaVnYqSgFOnnAW43zSGrPEoF8DsltjEtFzUDa+eD1VbwwDx gh6+MXNkDJA3YQJR558ugXZTF/QgI+WfRC9UR+jslvQNs4xfj6OGZcvvz/Lc0EOZxDqP vzvHhHXpaIH6V2aNZKv4/Z6GRCtkru0zL6R80pztaHf+pf4BTMb1xL9f4Lzy8Lsl0RiV MbpPzoOES1fXToGg8cd0nfsSv+1qOri8roymKgPuuWgDd3VbQMzIHYXn6TAHREb0QQ5D hrMiLaAs6Cc2uTD5MsIjyHoqGbiTdIZnk1xDHTMuKFRe3L0SuEvn/9DnJDbukNspt9Sw sc0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=2Al4uVHa+R1JJ70rNqVn5GY6uQVKQcpoWPfeJ/z4qLM=; b=Bg+445K28HNr19F2O+IcMDdhj/sl29NM8mncF4gs09NyUyW6naz3E763pnuGf+lGZt D/Znbosl680k5YOsBjAOtRX5/ffiPxEjLoYw8tOaZijBgGofy5iMSlNwlk0VZ1qOG2cb PUbK5vQ5CguMNeyTpFhQq+janxTj/5ZhNkOYhTCkHvi5TrHr/yi8KPsM4yii1bvEjuQz AEpiZT8AcWda5tL1hbTnZhJTmttJsi/O11uVT3knbVkKdS40aw/hyU0bXJrbQJgpSjPV PzSfLlXYsKbb6orY1Q+dXM84rPEB2HnDvQtcFpLfdj1ql+DMJHVx6hqJ6X112YDS/Sca q4bw== X-Gm-Message-State: AOAM533K5+s9UyyMjttg1kJwiJd37x7ksKdujya2bG17ZEDyODEiiQGF wwW4oE/nOeHW1jFggxcyc85C5xr/WWulDQ== X-Received: by 2002:a17:90b:105:: with SMTP id p5mr7339059pjz.60.1637216302452; Wed, 17 Nov 2021 22:18:22 -0800 (PST) Received: from localhost.localdomain ([122.177.104.97]) by smtp.gmail.com with ESMTPSA id h3sm1745920pfc.204.2021.11.17.22.18.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 17 Nov 2021 22:18:22 -0800 (PST) From: Ruchika Gupta To: u-boot@lists.denx.de, ilias.apalodimas@linaro.org, xypron.glpk@gmx.de, agraf@csgraf.de Cc: Ruchika Gupta Subject: [PATCH] efi_loader: fix FinalEvents table if an EFI uses GetEventLog Date: Thu, 18 Nov 2021 11:47:49 +0530 Message-Id: <20211118061751.3334620-2-ruchika.gupta@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211118061751.3334620-1-ruchika.gupta@linaro.org> References: <20211118061751.3334620-1-ruchika.gupta@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.35 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean --- lib/efi_loader/efi_tcg2.c | 90 ++++++++++++++++++++++++++------------- 1 file changed, 61 insertions(+), 29 deletions(-) diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index 189e4a5ba5..215f4b2b04 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -34,6 +34,7 @@ struct event_log_buffer { size_t final_pos; /* final events config table position */ size_t last_event_size; bool get_event_called; + bool ebs_called; bool truncated; }; @@ -186,39 +187,29 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev, u32 pcr_index, return EFI_SUCCESS; } -/* tcg2_agile_log_append - Append an agile event to out eventlog +/* put_event - Append an agile event to an eventlog * * @pcr_index: PCR index * @event_type: type of event added * @digest_list: list of digest algorithms to add * @size: size of event * @event: event to add + * @log: log buffer to append the event * - * @Return: status code */ -static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type, - struct tpml_digest_values *digest_list, - u32 size, u8 event[]) +static void put_event(u32 pcr_index, u32 event_type, + struct tpml_digest_values *digest_list, u32 size, + u8 event[], void *log) { - void *log = (void *)((uintptr_t)event_log.buffer + event_log.pos); size_t pos; size_t i; u32 event_size; - if (event_log.get_event_called) - log = (void *)((uintptr_t)event_log.final_buffer + - event_log.final_pos); - /* * size refers to the length of event[] only, we need to check against * the final tcg_pcr_event2 size */ event_size = size + tcg_event_final_size(digest_list); - if (event_log.pos + event_size > TPM2_EVENT_LOG_SIZE || - event_log.final_pos + event_size > TPM2_EVENT_LOG_SIZE) { - event_log.truncated = true; - return EFI_VOLUME_FULL; - } put_unaligned_le32(pcr_index, log); pos = offsetof(struct tcg_pcr_event2, event_type); @@ -242,25 +233,64 @@ static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type, memcpy((void *)((uintptr_t)log + pos), event, size); pos += size; - /* make sure the calculated buffer is what we checked against */ + /* + * make sure the calculated buffer is what we checked against + * This check should never fail. It checks the code above is + * calculating the right length for the event we are adding + * */ if (pos != event_size) - return EFI_INVALID_PARAMETER; + log_err("Appending to the EventLog failed\n"); - /* if GetEventLog hasn't been called update the normal log */ - if (!event_log.get_event_called) { - event_log.pos += pos; - event_log.last_event_size = pos; - } else { - /* if GetEventLog has been called update config table log */ - struct efi_tcg2_final_events_table *final_event; +} - final_event = - (struct efi_tcg2_final_events_table *)(event_log.final_buffer); - final_event->number_of_events++; - event_log.final_pos += pos; +/* tcg2_agile_log_append - Append an agile event to an eventlog + * + * @pcr_index: PCR index + * @event_type: type of event added + * @digest_list: list of digest algorithms to add + * @size: size of event + * @event: event to add + * @log: log buffer to append the event + * + * @Return: status code + */ +static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type, + struct tpml_digest_values *digest_list, + u32 size, u8 event[]) +{ + void *log = (void *)((uintptr_t)event_log.buffer + event_log.pos); + u32 event_size = size + tcg_event_final_size(digest_list); + struct efi_tcg2_final_events_table *final_event; + efi_status_t ret = EFI_SUCCESS; + + /* if ExitBootServices hasn't been called update the normal log */ + if (!event_log.ebs_called) { + if (event_log.truncated || + event_log.pos + event_size > TPM2_EVENT_LOG_SIZE) { + event_log.truncated = true; + return EFI_VOLUME_FULL; + } + put_event(pcr_index, event_type, digest_list, size, event, log); + event_log.pos += event_size; + event_log.last_event_size = event_size; } - return EFI_SUCCESS; + if (!event_log.get_event_called) + return ret; + + /* if GetEventLog has been called update FinalEventLog as well */ + if (event_log.final_pos + event_size > TPM2_EVENT_LOG_SIZE) + return EFI_VOLUME_FULL; + + log = (void *)((uintptr_t)event_log.final_buffer + event_log.final_pos); + put_event(pcr_index, event_type, digest_list, size, event, log); + + final_event = + (struct efi_tcg2_final_events_table *)event_log.final_buffer; + final_event->number_of_events++; + event_log.final_pos += event_size; + + return ret; } /** @@ -1303,6 +1333,7 @@ static efi_status_t efi_init_event_log(void) event_log.pos = 0; event_log.last_event_size = 0; event_log.get_event_called = false; + event_log.ebs_called = false; event_log.truncated = false; /* @@ -1792,6 +1823,7 @@ efi_tcg2_notify_exit_boot_services(struct efi_event *event, void *context) EFI_ENTRY("%p, %p", event, context); + event_log.ebs_called = true; ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS) goto out;