From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: linux-efi@vger.kernel.org, ardb@kernel.org,
James.Bottomley@hansenpartnership.com
Cc: pjones@redhat.com, nivedita@alum.mit.edu, mjg59@google.com,
daniel.kiper@oracle.com, leif@nuviainc.com,
Ilias Apalodimas <ilias.apalodimas@linaro.org>
Subject: [PATCH 0/4 v2] efi/libstub: measure initrd data loaded by the EFI stub
Date: Thu, 2 Sep 2021 11:04:12 +0300 [thread overview]
Message-ID: <20210902080416.5461-1-ilias.apalodimas@linaro.org> (raw)
Hi!
This is a respin of [1].
This enables initrd measurement when loaded directly by the kernel EFI stub.
It ensures that the initrd observed and used by the OS is the same one that
got measured into the TPM, which is more difficult to guarantee in the current
situation.
There's a couple of changes compared to the original RFC:
- Ard fixed the x86 assembly for providing the extra arguments needed
- Instead of EV_IPL the logs are recorded with EV_EVENT_TAG. EV_IPL was marked
as deprecated up until the latest PC client spec [2] and it's description
reads "It may be used by Boot Manager Code to measure events."
EV_EVENT_TAG on the other hand seems more appropriate as it's defined as:
"Used for PCRs defined for OS and application usage. Defined for use by Host
Platform Operating System or Software."
- We are only measuring the initrd if it was loaded using the LOAD_FILE2
protocol. This is not what we probably want in the long run, but in an effort
to keep current distros that rely on measurements unaffected, let's enable it
only in the LOAD_FILE2 case.
Here's a (simple) eventlog using U-Boot and loading the initrd with LOAD_FILE2
version: 1
events:
- EventNum: 0
PCRIndex: 0
EventType: EV_NO_ACTION
Digest: "0000000000000000000000000000000000000000"
EventSize: 45
SpecID:
- Signature: Spec ID Event03
platformClass: 0
specVersionMinor: 0
specVersionMajor: 2
specErrata: 2
uintnSize: 2
numberOfAlgorithms: 4
Algorithms:
- Algorithm[0]:
algorithmId: sha1
digestSize: 20
- Algorithm[1]:
algorithmId: sha256
digestSize: 32
- Algorithm[2]:
algorithmId: sha384
digestSize: 48
- Algorithm[3]:
algorithmId: sha512
digestSize: 64
vendorInfoSize: 0
- EventNum: 1
PCRIndex: 0
EventType: EV_S_CRTM_VERSION
DigestCount: 4
Digests:
- AlgorithmId: sha1
Digest: "cb948776833ac1a6b1f7290a29798f6c6f3fe376"
- AlgorithmId: sha256
Digest: "cdc34410e11ad651c8aeb2705d889c80cf82a707d7471f140e1b6d7f1583e52f"
- AlgorithmId: sha384
Digest: "430ff24d1a65e81fef96771b7313b6622efe03d84d39faae0d0a7ee0b54a1222f3a2d99ebff5a2a31359ce1df618b3a5"
- AlgorithmId: sha512
Digest: "001cff096fbd9615c9039cb9785857f2bc586de42cea9da8471e4a782cd68ba879b8fe3d4410d74f70f2d83f506842b507afe4a89478b1841583e7bc4a1ef3a5"
EventSize: 74
Event: "552d426f6f7420323032312e30342d7263332d30303032322d67636434306530376666382d646972747920284d61722033302032303231202d2031353a30303a3234202b303030302900"
- EventNum: 2
PCRIndex: 9
EventType: EV_EVENT_TAG
DigestCount: 4
Digests:
- AlgorithmId: sha1
Digest: "a0d2c52d82ad30f5ca04e72153177179807dbef4"
- AlgorithmId: sha256
Digest: "5035f6ff3740e8462a30a9c65e45ea19d11d95cf286324be9d04378058abe6b3"
- AlgorithmId: sha384
Digest: "f414dfaa66ee06c234bf2341967999b59e3e33e091490f36cbb2a0830cdbf9663ed1b2adc5117d8b4f992c7c43774c83"
- AlgorithmId: sha512
Digest: "2654376c43e93ee4f2a7be231c35d207349587466e62d09803db6c7ab9da594f9ae8a21fa0f6f9496c61cf6b03ecb40bb019ad6112baaa5f7a9cbc20adea65da"
EventSize: 21
Event: "ec223b8f0d0000004c696e757820696e6974726400"
pcrs:
sha1:
0 : 0x99b6e79948ad34eb59882ab7cc46666e0ccdd783
9 : 0x70c847a8dbc23693ecb3e341cb5ae745b6d07b29
sha256:
0 : 0xae32cb21ec1c654591be13f729ecfe7e71efe74c6b885e9aadc944df79ee722e
9 : 0x099d14a1bfb6531ce2c3d807b8ad678a273dee0ea0ed88662943b97c03f99638
sha384:
0 : 0x1fe21137d71364096179281525719c3fd109363cff28ec191d7623620c3bc8609bd9534d5e31887d85664ef938abc5a6
9 : 0xf848ece0a5e3f6a4c4194fd467a05a0b552a9e24d7360297bbe019fe980f9e29d71fbc45a0356c04c62f36906dcfb41b
sha512:
0 : 0xcba9c7c551179ce82a496a41629462836e4bc02fa1fe3922290e689a4d4a03264f14d00f2995d7091247a35cf4f54bc9ee3c594dd139c381fd6d0ccc0ed93e0c
9 : 0xc62ebbeb16ea2ce0bca565866891be8496b8547254b13683ec0223394a402bd0c8758e0fe09742270fe7d31f00a960db8a70c4dfc0b2bfe7185e353eff67c489
[1] https://lore.kernel.org/linux-efi/20201102170634.20575-1-ardb@kernel.org/
[2] https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PFP_r1p05_v22_02dec2020.pdf
Changes since v1:
- no changes
Ard Biesheuvel (3):
efi/libstub: add prototype of
efi_tcg2_protocol::hash_log_extend_event()
efi/libstub: x86/mixed: increase supported argument count
efi/libstub: consolidate initrd handling across architectures
Ilias Apalodimas (1):
efi/libstub: measure loaded initrd info into the TPM
arch/x86/boot/compressed/efi_thunk_64.S | 17 +++--
arch/x86/include/asm/efi.h | 14 +++-
arch/x86/platform/efi/efi_thunk_64.S | 14 +++-
.../firmware/efi/libstub/efi-stub-helper.c | 73 ++++++++++++++++---
drivers/firmware/efi/libstub/efi-stub.c | 10 +--
drivers/firmware/efi/libstub/efistub.h | 30 +++++++-
drivers/firmware/efi/libstub/x86-stub.c | 26 +++----
7 files changed, 135 insertions(+), 49 deletions(-)
--
2.32.0.rc0
next reply other threads:[~2021-09-02 8:04 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-02 8:04 Ilias Apalodimas [this message]
2021-09-02 8:04 ` [PATCH 1/4 v2] efi/libstub: add prototype of efi_tcg2_protocol::hash_log_extend_event() Ilias Apalodimas
2021-09-02 8:04 ` [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count Ilias Apalodimas
2021-09-02 8:27 ` Ard Biesheuvel
2021-09-02 8:37 ` Ilias Apalodimas
2021-09-02 8:39 ` Ilias Apalodimas
2021-09-02 8:04 ` [PATCH 3/4 v2] efi/libstub: consolidate initrd handling across architectures Ilias Apalodimas
2021-09-02 8:04 ` [PATCH 4/4 v2] efi/libstub: measure loaded initrd info into the TPM Ilias Apalodimas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210902080416.5461-1-ilias.apalodimas@linaro.org \
--to=ilias.apalodimas@linaro.org \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ardb@kernel.org \
--cc=daniel.kiper@oracle.com \
--cc=leif@nuviainc.com \
--cc=linux-efi@vger.kernel.org \
--cc=mjg59@google.com \
--cc=nivedita@alum.mit.edu \
--cc=pjones@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.