From: Ross Philipson <ross.philipson@oracle.com> To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-doc@vger.kernel.org Cc: ross.philipson@oracle.com, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, trenchboot-devel@googlegroups.com Subject: [RFC PATCH 10/12] x86: Secure Launch adding event log securityfs Date: Wed, 25 Mar 2020 15:43:15 -0400 Message-ID: <20200325194317.526492-11-ross.philipson@oracle.com> (raw) In-Reply-To: <20200325194317.526492-1-ross.philipson@oracle.com> From: "Daniel P. Smith" <dpsmith@apertussolutions.com> The late init functionality registers securityfs nodes to allow fetching of and writing events to the late launch TPM log. Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com> --- arch/x86/kernel/slaunch.c | 184 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 184 insertions(+) diff --git a/arch/x86/kernel/slaunch.c b/arch/x86/kernel/slaunch.c index 083fa72bd9f9..fea15b0e36b7 100644 --- a/arch/x86/kernel/slaunch.c +++ b/arch/x86/kernel/slaunch.c @@ -449,3 +449,187 @@ void __init slaunch_setup(void) vendor[3] == INTEL_CPUID_MFGID_EDX) slaunch_setup_intel(); } + +/* + * Securityfs exposure + */ +struct memfile { + char *name; + void __iomem *addr; + size_t size; +}; + +static struct memfile sl_evtlog = {"eventlog", 0, 0}; +static void __iomem *txt_heap; +static struct txt_heap_event_log_pointer2_1_element __iomem *evtlog20; + +static DEFINE_MUTEX(sl_evt_write_mutex); + +static ssize_t sl_evtlog_read(struct file *file, char __user *buf, + size_t count, loff_t *pos) +{ + return simple_read_from_buffer(buf, count, pos, + sl_evtlog.addr, sl_evtlog.size); +} + +static ssize_t sl_evtlog_write(struct file *file, const char __user *buf, + size_t datalen, loff_t *ppos) +{ + char *data; + ssize_t result; + + /* No partial writes. */ + result = -EINVAL; + if (*ppos != 0) + goto out; + + data = memdup_user(buf, datalen); + if (IS_ERR(data)) { + result = PTR_ERR(data); + goto out; + } + + mutex_lock(&sl_evt_write_mutex); + if (evtlog20) + result = tpm20_log_event(evtlog20, sl_evtlog.addr, + datalen, data); + else + result = tpm12_log_event(sl_evtlog.addr, datalen, data); + mutex_unlock(&sl_evt_write_mutex); + + kfree(data); +out: + return result; +} + +static const struct file_operations sl_evtlog_ops = { + .read = sl_evtlog_read, + .write = sl_evtlog_write, + .llseek = default_llseek, +}; + +#define SL_DIR_ENTRY 1 /* directoy node must be last */ +#define SL_FS_ENTRIES 2 + +static struct dentry *fs_entries[SL_FS_ENTRIES]; + +static long slaunch_expose_securityfs(void) +{ + long ret = 0; + int entry = SL_DIR_ENTRY; + + fs_entries[entry] = securityfs_create_dir("slaunch", NULL); + if (IS_ERR(fs_entries[entry])) { + pr_err("Error creating securityfs sl_evt_log directory\n"); + ret = PTR_ERR(fs_entries[entry]); + goto err; + } + + if (sl_evtlog.addr > 0) { + entry--; + fs_entries[entry] = securityfs_create_file(sl_evtlog.name, + S_IRUSR | S_IRGRP, + fs_entries[SL_DIR_ENTRY], NULL, + &sl_evtlog_ops); + if (IS_ERR(fs_entries[entry])) { + pr_err("Error creating securityfs %s file\n", + sl_evtlog.name); + ret = PTR_ERR(fs_entries[entry]); + goto err_dir; + } + } + + return 0; + +err_dir: + securityfs_remove(fs_entries[SL_DIR_ENTRY]); +err: + return ret; +} + +static void slaunch_teardown_securityfs(void) +{ + int i; + + for (i = 0; i < SL_FS_ENTRIES; i++) + securityfs_remove(fs_entries[i]); + + if (sl_flags & SL_FLAG_ARCH_TXT) { + if (txt_heap) { + memunmap(txt_heap); + txt_heap = NULL; + } + } + + sl_evtlog.addr = 0; + sl_evtlog.size = 0; +} + +static void slaunch_intel_evtlog(void) +{ + void __iomem *config; + struct txt_os_mle_data *params; + void *os_sinit_data; + u64 base, size; + + config = ioremap(TXT_PUB_CONFIG_REGS_BASE, TXT_NR_CONFIG_PAGES * + PAGE_SIZE); + if (!config) { + pr_err("Error failed to ioremap TXT reqs\n"); + return; + } + + memcpy_fromio(&base, config + TXT_CR_HEAP_BASE, sizeof(u64)); + memcpy_fromio(&size, config + TXT_CR_HEAP_SIZE, sizeof(u64)); + iounmap(config); + + /* now map TXT heap */ + txt_heap = memremap(base, size, MEMREMAP_WB); + if (!txt_heap) { + pr_err("Error failed to memremap TXT heap\n"); + return; + } + + params = (struct txt_os_mle_data *)txt_os_mle_data_start(txt_heap); + + sl_evtlog.size = TXT_MAX_EVENT_LOG_SIZE; + sl_evtlog.addr = (void __iomem *)¶ms->event_log_buffer[0]; + + /* Determine if this is TPM 1.2 or 2.0 event log */ + if (memcmp(sl_evtlog.addr + sizeof(struct tpm12_pcr_event), + TPM20_EVTLOG_SIGNATURE, sizeof(TPM20_EVTLOG_SIGNATURE))) + return; /* looks like it is not 2.0 */ + + /* For TPM 2.0 logs, the extended heap element must be located */ + os_sinit_data = txt_os_sinit_data_start(txt_heap); + + evtlog20 = tpm20_find_log2_1_element(os_sinit_data); + + /* + * If this fails, things are in really bad shape. Any attempt to write + * events to the log will fail. + */ + if (!evtlog20) + pr_err("Error failed to find TPM20 event log element\n"); +} + +static int __init slaunch_late_init(void) +{ + /* Check to see if Secure Launch happened */ + if (!(sl_flags & (SL_FLAG_ACTIVE|SL_FLAG_ARCH_TXT))) + return 0; + + /* Only Intel TXT is supported at this point */ + slaunch_intel_evtlog(); + + return slaunch_expose_securityfs(); +} + +static void __exit slaunch_exit(void) +{ + slaunch_teardown_securityfs(); +} + +late_initcall(slaunch_late_init); + +__exitcall(slaunch_exit); -- 2.25.1
next prev parent reply index Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-03-25 19:43 [RFC PATCH 00/12] x86: Trenchboot secure late launch Linux kernel support Ross Philipson 2020-03-25 19:43 ` [RFC PATCH 01/12] x86: Secure Launch Kconfig Ross Philipson 2020-03-26 18:06 ` Daniel Kiper 2020-03-26 19:42 ` Ross Philipson 2020-03-25 19:43 ` [RFC PATCH 02/12] x86: Secure Launch main header file Ross Philipson 2020-03-26 19:00 ` Daniel Kiper 2020-03-25 19:43 ` [RFC PATCH 03/12] x86: Add early SHA support for Secure Launch early measurements Ross Philipson 2020-03-26 3:44 ` Andy Lutomirski 2020-03-26 22:49 ` Daniel P. Smith 2020-03-25 19:43 ` [RFC PATCH 04/12] x86: Add early TPM TIS/CRB interface support for Secure Launch Ross Philipson 2020-03-25 19:43 ` [RFC PATCH 05/12] x86: Add early TPM1.2/TPM2.0 " Ross Philipson 2020-03-25 19:43 ` [RFC PATCH 06/12] x86: Add early general TPM " Ross Philipson 2020-03-25 19:43 ` [RFC PATCH 07/12] x86: Secure Launch kernel early boot stub Ross Philipson 2020-03-25 19:43 ` [RFC PATCH 08/12] x86: Secure Launch kernel late " Ross Philipson 2020-03-25 19:43 ` [RFC PATCH 09/12] x86: Secure Launch SMP bringup support Ross Philipson 2020-03-25 19:43 ` Ross Philipson [this message] 2020-03-25 20:21 ` [RFC PATCH 10/12] x86: Secure Launch adding event log securityfs Matthew Garrett 2020-03-25 21:43 ` Daniel P. Smith 2020-03-25 19:43 ` [RFC PATCH 11/12] kexec: Secure Launch kexec SEXIT support Ross Philipson 2020-03-25 19:43 ` [RFC PATCH 12/12] tpm: Allow locality 2 to be set when initializing the TPM for Secure Launch Ross Philipson 2020-03-25 20:29 ` [RFC PATCH 00/12] x86: Trenchboot secure late launch Linux kernel support Matthew Garrett 2020-03-25 22:51 ` Andy Lutomirski 2020-03-26 20:50 ` Daniel P. Smith 2020-03-26 23:13 ` Andy Lutomirski 2020-05-11 19:00 ` Daniel P. Smith 2020-03-26 13:40 ` Daniel Kiper 2020-03-26 20:19 ` Matthew Garrett 2020-03-26 20:33 ` Andy Lutomirski 2020-03-26 20:40 ` Matthew Garrett 2020-03-26 20:59 ` Daniel P. Smith 2020-03-26 21:07 ` Andy Lutomirski 2020-03-26 21:28 ` Matthew Garrett 2020-03-26 22:52 ` Andy Lutomirski 2020-03-26 22:59 ` Matthew Garrett 2020-03-26 23:04 ` Andy Lutomirski 2020-03-27 0:01 ` Daniel P. Smith 2020-03-26 23:50 ` Daniel P. Smith 2020-05-11 19:00 ` Daniel P. Smith 2020-03-26 20:50 ` Daniel P. Smith 2020-03-26 20:54 ` Matthew Garrett 2020-03-26 22:37 ` Daniel P. Smith 2020-03-26 22:41 ` Matthew Garrett 2020-03-26 23:55 ` Daniel P. Smith
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200325194317.526492-11-ross.philipson@oracle.com \ --to=ross.philipson@oracle.com \ --cc=bp@alien8.de \ --cc=dpsmith@apertussolutions.com \ --cc=hpa@zytor.com \ --cc=linux-doc@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=mingo@redhat.com \ --cc=tglx@linutronix.de \ --cc=trenchboot-devel@googlegroups.com \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
Linux-Doc Archive on lore.kernel.org Archives are clonable: git clone --mirror https://lore.kernel.org/linux-doc/0 linux-doc/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 linux-doc linux-doc/ https://lore.kernel.org/linux-doc \ linux-doc@vger.kernel.org public-inbox-index linux-doc Example config snippet for mirrors Newsgroup available over NNTP: nntp://nntp.lore.kernel.org/org.kernel.vger.linux-doc AGPL code for this site: git clone https://public-inbox.org/public-inbox.git