diff options
author | Ilias Apalodimas <ilias.apalodimas@linaro.org> | 2020-11-30 11:47:40 +0200 |
---|---|---|
committer | Heinrich Schuchardt <xypron.glpk@gmx.de> | 2020-12-03 21:22:40 +0100 |
commit | c8d0fd582576ff7cc67d0053282430476201fd33 (patch) | |
tree | e23f1673ca05d9909846924d3020f31adfeb6ded /include/efi_tcg2.h | |
parent | 8e0b0871b82db0511440208b101ecf488858e915 (diff) | |
download | u-boot-c8d0fd582576ff7cc67d0053282430476201fd33.tar.gz u-boot-c8d0fd582576ff7cc67d0053282430476201fd33.tar.bz2 u-boot-c8d0fd582576ff7cc67d0053282430476201fd33.zip |
efi_loader: Introduce eventlog support for TCG2_PROTOCOL
In the previous patches we only introduced a minimal subset of the
EFI_TCG2_PROTOCOL protocol implementing GetCapability().
So let's continue adding features to it, introducing the
GetEventLog() and HashLogExtendEvent() functions.
In order to do that we first need to construct the eventlog in memory,
specifically in EFI_BOOT_SERVICES_DATA memory and a configuration table
from EFI_ACPI_MEMORY_NVS.
U-Boot won't currently add any events to the log or measure any
components, but will expose the necessary EFI APIs for applications
to do so.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Diffstat (limited to 'include/efi_tcg2.h')
-rw-r--r-- | include/efi_tcg2.h | 71 |
1 files changed, 70 insertions, 1 deletions
diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h index 86b8fe4c01..40e241ce31 100644 --- a/include/efi_tcg2.h +++ b/include/efi_tcg2.h @@ -17,6 +17,8 @@ /* TPMV2 only */ #define TCG2_EVENT_LOG_FORMAT_TCG_2 0x00000002 +#define EFI_TCG2_EXTEND_ONLY 0x0000000000000001 +#define PE_COFF_IMAGE 0x0000000000000010 /* Algorithm Registry */ #define EFI_TCG2_BOOT_HASH_ALG_SHA1 0x00000001 @@ -25,6 +27,10 @@ #define EFI_TCG2_BOOT_HASH_ALG_SHA512 0x00000008 #define EFI_TCG2_BOOT_HASH_ALG_SM3_256 0x00000010 +#define EFI_TCG2_FINAL_EVENTS_TABLE_VERSION 1 + +#define TPM2_EVENT_LOG_SIZE CONFIG_EFI_TCG2_PROTOCOL_EVENTLOG_SIZE + typedef u32 efi_tcg_event_log_bitmap; typedef u32 efi_tcg_event_log_format; typedef u32 efi_tcg_event_algorithm_bitmap; @@ -65,6 +71,68 @@ struct efi_tcg2_boot_service_capability { sizeof(struct efi_tcg2_boot_service_capability) - \ offsetof(struct efi_tcg2_boot_service_capability, number_of_pcr_banks) +#define TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03 "Spec ID Event03" +#define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MAJOR_TPM2 2 +#define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MINOR_TPM2 0 +#define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_ERRATA_TPM2 2 + +/** + * struct TCG_EfiSpecIdEventAlgorithmSize + * + * @algorithm_id: algorithm defined in enum tpm2_algorithms + * @digest_size: size of the algorithm + */ +struct tcg_efi_spec_id_event_algorithm_size { + u16 algorithm_id; + u16 digest_size; +} __packed; + +/** + * struct TCG_EfiSpecIDEventStruct + * + * @signature: signature, set to Spec ID Event03 + * @platform_class: class defined in TCG ACPI Specification + * Client Common Header. + * @spec_version_minor: minor version + * @spec_version_major: major version + * @spec_version_errata: major version + * @uintn_size: size of the efi_uintn_t fields used in various + * data structures used in this specification. + * 0x01 indicates u32 and 0x02 indicates u64 + * @number_of_algorithms: hashing algorithms used in this event log + * @digest_sizes: array of number_of_algorithms pairs + * 1st member defines the algorithm id + * 2nd member defines the algorithm size + * @vendor_info_size: size in bytes for vendor specific info + * @vendor_info: vendor specific info + */ +struct tcg_efi_spec_id_event { + u8 signature[16]; + u32 platform_class; + u8 spec_version_minor; + u8 spec_version_major; + u8 spec_errata; + u8 uintn_size; + u32 number_of_algorithms; + struct tcg_efi_spec_id_event_algorithm_size digest_sizes[TPM2_NUM_PCR_BANKS]; + u8 vendor_info_size; + /* U-Boot does not provide any vendor info */ + u8 vendor_info[]; +} __packed; + +/** + * struct tdEFI_TCG2_FINAL_EVENTS_TABLE + * @version: version number for this structure + * @number_of_events: number of events recorded after invocation of + * GetEventLog() + * @event: List of events of type tcg_pcr_event2 + */ +struct efi_tcg2_final_events_table { + u64 version; + u64 number_of_events; + struct tcg_pcr_event2 event[]; +}; + struct efi_tcg2_protocol { efi_status_t (EFIAPI * get_capability)(struct efi_tcg2_protocol *this, struct efi_tcg2_boot_service_capability *capability); @@ -73,7 +141,8 @@ struct efi_tcg2_protocol { u64 *event_log_location, u64 *event_log_last_entry, bool *event_log_truncated); efi_status_t (EFIAPI * hash_log_extend_event)(struct efi_tcg2_protocol *this, - u64 flags, u64 data_to_hash, + u64 flags, + efi_physical_addr_t data_to_hash, u64 data_to_hash_len, struct efi_tcg2_event *efi_tcg_event); efi_status_t (EFIAPI * submit_command)(struct efi_tcg2_protocol *this, |