From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <u-boot-bounces@lists.denx.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 0A8D6C25B06
	for <u-boot@archiver.kernel.org>; Sun, 14 Aug 2022 05:42:53 +0000 (UTC)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 3ADA2845C8;
	Sun, 14 Aug 2022 07:42:51 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=gmx.de
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (1024-bit key; secure) header.d=gmx.net header.i=@gmx.net header.b="PeDnFqDc";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 75FF2845CD; Sun, 14 Aug 2022 07:42:49 +0200 (CEST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 03917845C3
 for <u-boot@lists.denx.de>; Sun, 14 Aug 2022 07:42:46 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=gmx.de
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=xypron.glpk@gmx.de
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net;
 s=badeba3b8450; t=1660455763;
 bh=JdiOE3F7i6jijLXyc8qXw00BIvCEKGQ8rRRddCjrNkU=;
 h=X-UI-Sender-Class:Date:Subject:To:Cc:References:From:In-Reply-To;
 b=PeDnFqDc0Cj9s1qZN6HbrZ3GfWLJHaavDXOmr+JPqS+Uf2i6a9rDO1igqClvvcyl4
 0oy3zHDzY8lqzqnZYUmdZNW+Sh52lPjPi+yKGAOlyx0XdykGSI0WZR3BE5DZa5jwqx
 ESx7o96v2q9sWV8RSlIfhUBFvLQNsiKk52dvg7us=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.123.94] ([62.143.94.109]) by mail.gmx.net (mrgmx105
 [212.227.17.168]) with ESMTPSA (Nemesis) id 1M26r3-1oLASI08OP-002XbS; Sun, 14
 Aug 2022 07:42:43 +0200
Message-ID: <97c733b6-9f9b-d068-0565-e1af94602673@gmx.de>
Date: Sun, 14 Aug 2022 07:42:37 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.1.0
Subject: Re: [PATCH v2 1/7] tpm: Require a digest source when extending the PCR
To: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>,
 Masahisa Kojima <masahisa.kojima@linaro.org>,
 Mathew McBride <matt@traverse.com.au>,
 Ruchika Gupta <ruchika.gupta@linaro.org>,
 Sughosh Ganu <sughosh.ganu@linaro.org>,
 U-Boot Mailing List <u-boot@lists.denx.de>
References: <20220813195639.1824765-1-sjg@chromium.org>
 <20220813195639.1824765-2-sjg@chromium.org>
Content-Language: en-US
From: Heinrich Schuchardt <xypron.glpk@gmx.de>
In-Reply-To: <20220813195639.1824765-2-sjg@chromium.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:83+caHGti+0qdI+ve3njiecWkbRLGa3Aj86G0aWguwtr6iaU6lt
 AT5RZXO4x4f/KK1gWcNE0YZfrqefwNyhfProdt/rVDXpYygMJOlap6EX7f1/i+8zg+qEo0t
 GoS01tpQI+L8QOb0KTqipbjDGnFYB3pd0gdq6KlblSLyUiuDDL86NBKTvp2v0NIJQf2UQfI
 kVNexq4M5fGxWSnAbTUOA==
X-UI-Out-Filterresults: notjunk:1;V03:K0:/sAhXTGnCZE=:61HaC/KyTIdV9ioHNZK2OH
 3pVIPOu9fHpvFsuWHEJeJN0CI/Ome4geRjVM1SHuXWIOsX+ZKjtTG0+5Wxt8mw5TuGZQrOQ0+
 YLR58wjdHQ3LVlXnMy2x93XY6b/e8eWLLPNJReeVObaC1acufV/FVDcDL3h6Ajz2oVwFY4w7H
 bQZHXP6Hod6NV05lVDAJeNkiSYQL/S+kTF54qPgZEFj7V5ya223bkv+3mmX6gscVKxaPMPm8R
 AnILSCCgAz8PryuSZWLJxg7FTBBxgUCgf2VCHafZ1Lst6pePRNGPe9kIthS3niu82woR0x2ZI
 9wbS2dyyl2Y+o357lRqi2MnuXUeG+4KBhZZmtuUuCoCUjc4uKP7mcdmOoVnoGwhZ5KT2iGQic
 hr42fm9+4KBTnOzpc5MtvaOmUq9LQl0qCoFb0cfP9O7OJOkIno0GgyrNeCA7DraJcZPGH/uiR
 OHiPKAm7jVzgJtTLPChapat22hx/brZaBNp1Yfp/ov5O2MCVi2kowcMt/VVfGcUDmNsjBwBuB
 eI271qLQNeQe3bxUJwVnyN9hL3GnRoSE8uJkExEKeL23Sfxc0NQZ4mb5OTeaCPiStf2udne3h
 f9+4dW1qRsm2sIEvcDw7y1jx0CsWMw8R/2JuDmVLkiqVRgJ3153/WMS6kphPvsOMQT07rMA8o
 VTwgy0cAgAJYhJnoJHCL77xbaS+ei7aoQquPOiVgNSIyglh0w1AVP+9skUd/RtCo9ucnrIXmg
 hBAFlDhPV+C5YvbDcQ6szziCEHMk3FV58RR4A9bCn5doeGcJf4u2ZqKrkrxrKtRcdrLGWPu1t
 SR8YzM6KgmLVkECu+q6dqJw8KPfs0igRwbykxzyKJIa6qzgAqgOA6pHginj5fR7P1wHKXA/VN
 LhfR201u7hVijUzlh7++MFyfE0n5Tm4wZm1/2+fITxF3AGGBUTPIRftisIZgraW88BEQIYdby
 QE3kjnEYLeJxDiG/g2UwXBe/NTV1XZqGcrTHap+yyi8EaSb3J7+z2Etdj4VQVFbEUxsos+3Pj
 sskJzXkbhqglEp7LRGa7q+MAgp9wmufW593kqXfCQO90ddmdqJU+VVpgkzIhS4eEoUBlckAGj
 yEQoZ25RIXx+oTfwWVyngTitVEb/tEhAdB2UaZvqa39jbe2SVfhHuODqg==
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de
X-Virus-Status: Clean

On 8/13/22 21:56, Simon Glass wrote:
> This feature is used for measured boot, so we can add a log entry to the
> TCPA with some information about where the digest comes from. It is not
> currently supported in the TPM drivers, but add it to the API so that
> code which expects it can signal its request.
>
> Signed-off-by: Simon Glass <sjg@chromium.org>
> ---
>
> Changes in v2:
> - Drop limits on the TPM hash size
> - Update commit message
>
>   cmd/tpm-v1.c      |  3 ++-
>   cmd/tpm_test.c    |  5 +++--
>   include/tpm_api.h |  8 +++++---
>   lib/tpm-v2.c      |  2 ++
>   lib/tpm_api.c     | 10 ++++++----
>   5 files changed, 18 insertions(+), 10 deletions(-)
>
> diff --git a/cmd/tpm-v1.c b/cmd/tpm-v1.c
> index bf238a9f2e3..0869b707757 100644
> --- a/cmd/tpm-v1.c
> +++ b/cmd/tpm-v1.c
> @@ -131,7 +131,8 @@ static int do_tpm_extend(struct cmd_tbl *cmdtp, int =
flag, int argc,
>   		return CMD_RET_FAILURE;
>   	}
>
> -	rc =3D tpm_pcr_extend(dev, index, in_digest, out_digest);
> +	rc =3D tpm_pcr_extend(dev, index, in_digest, sizeof(in_digest),
> +			    out_digest, "test");

The value "test" seems inadequate in this context. Should this be a
command line argument? Or how about "cmd".

>   	if (!rc) {
>   		puts("PCR value after execution of the command:\n");
>   		print_byte_string(out_digest, sizeof(out_digest));
> diff --git a/cmd/tpm_test.c b/cmd/tpm_test.c
> index a3ccb12f53a..b35eae81dc3 100644
> --- a/cmd/tpm_test.c
> +++ b/cmd/tpm_test.c
> @@ -91,7 +91,8 @@ static int test_early_extend(struct udevice *dev)
>   	tpm_init(dev);
>   	TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
>   	TPM_CHECK(tpm_continue_self_test(dev));
> -	TPM_CHECK(tpm_pcr_extend(dev, 1, value_in, value_out));
> +	TPM_CHECK(tpm_pcr_extend(dev, 1, value_in, sizeof(value_in), value_out=
,
> +				 "test"));

Here the string "test" is adequate.

>   	printf("done\n");
>   	return 0;
>   }
> @@ -438,7 +439,7 @@ static int test_timing(struct udevice *dev)
>   		   100);
>   	TTPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)),
>   		   100);
> -	TTPM_CHECK(tpm_pcr_extend(dev, 0, in, out), 200);
> +	TTPM_CHECK(tpm_pcr_extend(dev, 0, in, sizeof(in), out, "test"), 200);
>   	TTPM_CHECK(tpm_set_global_lock(dev), 50);
>   	TTPM_CHECK(tpm_tsc_physical_presence(dev, PHYS_PRESENCE), 100);
>   	printf("done\n");
> diff --git a/include/tpm_api.h b/include/tpm_api.h
> index 11aa14eb793..3c8e48bc255 100644
> --- a/include/tpm_api.h
> +++ b/include/tpm_api.h
> @@ -81,14 +81,16 @@ u32 tpm_nv_write_value(struct udevice *dev, u32 inde=
x, const void *data,
>    *
>    * @param dev		TPM device
>    * @param index		index of the PCR
> - * @param in_digest	160-bit value representing the event to be
> + * @param in_digest	160/256-bit value representing the event to be
>    *			recorded
> - * @param out_digest	160-bit PCR value after execution of the
> + * @param size		size of digest in bytes
> + * @param out_digest	160/256-bit PCR value after execution of the
>    *			command
> + * @param name		additional info about where the digest comes from

This does not indicate the usage and if the argument will be stored on
the TPM. I would prefer:

"digest source used for log output"

Best regards

Heinrich

>    * Return: return code of the operation
>    */
>   u32 tpm_pcr_extend(struct udevice *dev, u32 index, const void *in_dige=
st,
> -		   void *out_digest);
> +		   uint size, void *out_digest, const char *name);
>
>   /**
>    * Issue a TPM_PCRRead command.
> diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
> index 1bf627853af..6058f2e1e4f 100644
> --- a/lib/tpm-v2.c
> +++ b/lib/tpm-v2.c
> @@ -157,6 +157,8 @@ u32 tpm2_pcr_extend(struct udevice *dev, u32 index, =
u32 algorithm,
>   	};
>   	int ret;
>
> +	if (!digest)
> +		return -EINVAL;
>   	/*
>   	 * Fill the command structure starting from the first buffer:
>   	 *     - the digest
> diff --git a/lib/tpm_api.c b/lib/tpm_api.c
> index 032f383ca04..aa4a9fd406c 100644
> --- a/lib/tpm_api.c
> +++ b/lib/tpm_api.c
> @@ -140,15 +140,17 @@ u32 tpm_write_lock(struct udevice *dev, u32 index)
>   }
>
>   u32 tpm_pcr_extend(struct udevice *dev, u32 index, const void *in_dige=
st,
> -		   void *out_digest)
> +		   uint size, void *out_digest, const char *name)
>   {
> -	if (tpm_is_v1(dev))
> +	if (tpm_is_v1(dev)) {
>   		return tpm1_extend(dev, index, in_digest, out_digest);
> -	else if (tpm_is_v2(dev))
> +	} else if (tpm_is_v2(dev)) {
>   		return tpm2_pcr_extend(dev, index, TPM2_ALG_SHA256, in_digest,
>   				       TPM2_DIGEST_LEN);
> -	else
> +		/* @name is ignored as we do not support measured boot */
> +	} else {
>   		return -ENOSYS;
> +	}
>   }
>
>   u32 tpm_pcr_read(struct udevice *dev, u32 index, void *data, size_t co=
unt)