linux-efi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 0/4 v2] efi/libstub: measure initrd data loaded by the EFI stub
@ 2021-09-02  8:04 Ilias Apalodimas
  2021-09-02  8:04 ` [PATCH 1/4 v2] efi/libstub: add prototype of efi_tcg2_protocol::hash_log_extend_event() Ilias Apalodimas
                   ` (3 more replies)
  0 siblings, 4 replies; 8+ messages in thread
From: Ilias Apalodimas @ 2021-09-02  8:04 UTC (permalink / raw)
  To: linux-efi, ardb, James.Bottomley
  Cc: pjones, nivedita, mjg59, daniel.kiper, leif, Ilias Apalodimas

Hi!

This is a respin of [1].
This enables initrd measurement when loaded directly by the kernel EFI stub.
It ensures that the initrd observed and used by the OS is the same one that
got measured into the TPM, which is more difficult to guarantee in the current
situation.

There's a couple of changes compared to the original RFC:
- Ard fixed the x86 assembly for providing the extra arguments needed
- Instead of EV_IPL the logs are recorded with EV_EVENT_TAG. EV_IPL was marked
  as deprecated up until the latest PC client spec [2] and it's description
  reads "It may be used by Boot Manager Code to measure events."
  EV_EVENT_TAG on the other hand seems more appropriate as it's defined as:
  "Used for PCRs defined for OS and application usage.  Defined for use by Host
  Platform Operating System or Software."
- We are only measuring the initrd if it was loaded using the LOAD_FILE2
  protocol.  This is not what we probably want in the long run, but in an effort
  to keep current distros that rely on measurements unaffected, let's enable it
  only in the LOAD_FILE2 case.

Here's a (simple) eventlog using U-Boot and loading the initrd with LOAD_FILE2
version: 1
events:
- EventNum: 0
  PCRIndex: 0
  EventType: EV_NO_ACTION
  Digest: "0000000000000000000000000000000000000000"
  EventSize: 45
  SpecID:
  - Signature: Spec ID Event03
    platformClass: 0
    specVersionMinor: 0
    specVersionMajor: 2
    specErrata: 2
    uintnSize: 2
    numberOfAlgorithms: 4
    Algorithms:
    - Algorithm[0]:
      algorithmId: sha1
      digestSize: 20
    - Algorithm[1]:
      algorithmId: sha256
      digestSize: 32
    - Algorithm[2]:
      algorithmId: sha384
      digestSize: 48
    - Algorithm[3]:
      algorithmId: sha512
      digestSize: 64
    vendorInfoSize: 0
- EventNum: 1
  PCRIndex: 0
  EventType: EV_S_CRTM_VERSION
  DigestCount: 4
  Digests:
  - AlgorithmId: sha1
    Digest: "cb948776833ac1a6b1f7290a29798f6c6f3fe376"
  - AlgorithmId: sha256
    Digest: "cdc34410e11ad651c8aeb2705d889c80cf82a707d7471f140e1b6d7f1583e52f"
  - AlgorithmId: sha384
    Digest: "430ff24d1a65e81fef96771b7313b6622efe03d84d39faae0d0a7ee0b54a1222f3a2d99ebff5a2a31359ce1df618b3a5"
  - AlgorithmId: sha512
    Digest: "001cff096fbd9615c9039cb9785857f2bc586de42cea9da8471e4a782cd68ba879b8fe3d4410d74f70f2d83f506842b507afe4a89478b1841583e7bc4a1ef3a5"
  EventSize: 74
  Event: "552d426f6f7420323032312e30342d7263332d30303032322d67636434306530376666382d646972747920284d61722033302032303231202d2031353a30303a3234202b303030302900"
- EventNum: 2
  PCRIndex: 9
  EventType: EV_EVENT_TAG
  DigestCount: 4
  Digests:
  - AlgorithmId: sha1
    Digest: "a0d2c52d82ad30f5ca04e72153177179807dbef4"
  - AlgorithmId: sha256
    Digest: "5035f6ff3740e8462a30a9c65e45ea19d11d95cf286324be9d04378058abe6b3"
  - AlgorithmId: sha384
    Digest: "f414dfaa66ee06c234bf2341967999b59e3e33e091490f36cbb2a0830cdbf9663ed1b2adc5117d8b4f992c7c43774c83"
  - AlgorithmId: sha512
    Digest: "2654376c43e93ee4f2a7be231c35d207349587466e62d09803db6c7ab9da594f9ae8a21fa0f6f9496c61cf6b03ecb40bb019ad6112baaa5f7a9cbc20adea65da"
  EventSize: 21
  Event: "ec223b8f0d0000004c696e757820696e6974726400"
pcrs:
  sha1:
    0  : 0x99b6e79948ad34eb59882ab7cc46666e0ccdd783
    9  : 0x70c847a8dbc23693ecb3e341cb5ae745b6d07b29
  sha256:
    0  : 0xae32cb21ec1c654591be13f729ecfe7e71efe74c6b885e9aadc944df79ee722e
    9  : 0x099d14a1bfb6531ce2c3d807b8ad678a273dee0ea0ed88662943b97c03f99638
  sha384:
    0  : 0x1fe21137d71364096179281525719c3fd109363cff28ec191d7623620c3bc8609bd9534d5e31887d85664ef938abc5a6
    9  : 0xf848ece0a5e3f6a4c4194fd467a05a0b552a9e24d7360297bbe019fe980f9e29d71fbc45a0356c04c62f36906dcfb41b
  sha512:
    0  : 0xcba9c7c551179ce82a496a41629462836e4bc02fa1fe3922290e689a4d4a03264f14d00f2995d7091247a35cf4f54bc9ee3c594dd139c381fd6d0ccc0ed93e0c
    9  : 0xc62ebbeb16ea2ce0bca565866891be8496b8547254b13683ec0223394a402bd0c8758e0fe09742270fe7d31f00a960db8a70c4dfc0b2bfe7185e353eff67c489

[1] https://lore.kernel.org/linux-efi/20201102170634.20575-1-ardb@kernel.org/
[2] https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PFP_r1p05_v22_02dec2020.pdf

Changes since v1:
- no changes

Ard Biesheuvel (3):
  efi/libstub: add prototype of
    efi_tcg2_protocol::hash_log_extend_event()
  efi/libstub: x86/mixed: increase supported argument count
  efi/libstub: consolidate initrd handling across architectures

Ilias Apalodimas (1):
  efi/libstub: measure loaded initrd info into the TPM

 arch/x86/boot/compressed/efi_thunk_64.S       | 17 +++--
 arch/x86/include/asm/efi.h                    | 14 +++-
 arch/x86/platform/efi/efi_thunk_64.S          | 14 +++-
 .../firmware/efi/libstub/efi-stub-helper.c    | 73 ++++++++++++++++---
 drivers/firmware/efi/libstub/efi-stub.c       | 10 +--
 drivers/firmware/efi/libstub/efistub.h        | 30 +++++++-
 drivers/firmware/efi/libstub/x86-stub.c       | 26 +++----
 7 files changed, 135 insertions(+), 49 deletions(-)

-- 
2.32.0.rc0


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [PATCH 1/4 v2] efi/libstub: add prototype of efi_tcg2_protocol::hash_log_extend_event()
  2021-09-02  8:04 [PATCH 0/4 v2] efi/libstub: measure initrd data loaded by the EFI stub Ilias Apalodimas
@ 2021-09-02  8:04 ` Ilias Apalodimas
  2021-09-02  8:04 ` [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count Ilias Apalodimas
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 8+ messages in thread
From: Ilias Apalodimas @ 2021-09-02  8:04 UTC (permalink / raw)
  To: linux-efi, ardb, James.Bottomley
  Cc: pjones, nivedita, mjg59, daniel.kiper, leif, Ilias Apalodimas

From: Ard Biesheuvel <ardb@kernel.org>

Define the right prototype for efi_tcg2_protocol::hash_log_extend_event()
and add the required structs so we can start using it to measure the initrd
into the TPM if it was loaded by the EFI stub itself.

Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/x86/include/asm/efi.h             |  4 ++++
 drivers/firmware/efi/libstub/efistub.h | 29 +++++++++++++++++++++++++-
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
index 4d0b126835b8..85f156f8ef81 100644
--- a/arch/x86/include/asm/efi.h
+++ b/arch/x86/include/asm/efi.h
@@ -308,6 +308,10 @@ static inline u32 efi64_convert_status(efi_status_t status)
 #define __efi64_argmap_query_mode(gop, mode, size, info)		\
 	((gop), (mode), efi64_zero_upper(size), efi64_zero_upper(info))
 
+/* TCG2 protocol */
+#define __efi64_argmap_hash_log_extend_event(prot, fl, addr, size, ev)	\
+	((prot), (fl), 0ULL, (u64)(addr), 0ULL, (u64)(size), 0ULL, ev)
+
 /*
  * The macros below handle the plumbing for the argument mapping. To add a
  * mapping for a specific EFI method, simply define a macro
diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
index cde0a2ef507d..a2825c435158 100644
--- a/drivers/firmware/efi/libstub/efistub.h
+++ b/drivers/firmware/efi/libstub/efistub.h
@@ -667,6 +667,29 @@ union apple_properties_protocol {
 
 typedef u32 efi_tcg2_event_log_format;
 
+#define INITRD_EVENT_TAG_ID 0x8F3B22ECU
+#define EV_EVENT_TAG 0x00000006U
+#define EFI_TCG2_EVENT_HEADER_VERSION	0x1
+
+struct efi_tcg2_event {
+	u32		event_size;
+	struct {
+		u32	header_size;
+		u16	header_version;
+		u32	pcr_index;
+		u32	event_type;
+	} __packed event_header;
+	/* u8[] event follows here */
+} __packed;
+
+struct efi_tcg2_tagged_event {
+	u32 tagged_event_id;
+	u32 tagged_event_data_size;
+	/* u8  tagged event data follows here */
+} __packed;
+
+typedef struct efi_tcg2_event efi_tcg2_event_t;
+typedef struct efi_tcg2_tagged_event efi_tcg2_tagged_event_t;
 typedef union efi_tcg2_protocol efi_tcg2_protocol_t;
 
 union efi_tcg2_protocol {
@@ -677,7 +700,11 @@ union efi_tcg2_protocol {
 						       efi_physical_addr_t *,
 						       efi_physical_addr_t *,
 						       efi_bool_t *);
-		void *hash_log_extend_event;
+		efi_status_t (__efiapi *hash_log_extend_event)(efi_tcg2_protocol_t *,
+							       u64,
+							       efi_physical_addr_t,
+							       u64,
+							       const efi_tcg2_event_t *);
 		void *submit_command;
 		void *get_active_pcr_banks;
 		void *set_active_pcr_banks;
-- 
2.32.0.rc0


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count
  2021-09-02  8:04 [PATCH 0/4 v2] efi/libstub: measure initrd data loaded by the EFI stub Ilias Apalodimas
  2021-09-02  8:04 ` [PATCH 1/4 v2] efi/libstub: add prototype of efi_tcg2_protocol::hash_log_extend_event() Ilias Apalodimas
@ 2021-09-02  8:04 ` Ilias Apalodimas
  2021-09-02  8:27   ` Ard Biesheuvel
  2021-09-02  8:04 ` [PATCH 3/4 v2] efi/libstub: consolidate initrd handling across architectures Ilias Apalodimas
  2021-09-02  8:04 ` [PATCH 4/4 v2] efi/libstub: measure loaded initrd info into the TPM Ilias Apalodimas
  3 siblings, 1 reply; 8+ messages in thread
From: Ilias Apalodimas @ 2021-09-02  8:04 UTC (permalink / raw)
  To: linux-efi, ardb, James.Bottomley
  Cc: pjones, nivedita, mjg59, daniel.kiper, leif, Ilias Apalodimas

From: Ard Biesheuvel <ardb@kernel.org>

Increase the number of arguments supported by mixed mode calls, so that
we will be able to call into the TCG2 protocol to measure the initrd
and extend the associated PCR. This involves the TCG2 protocol's
hash_log_extend_event() method, which takes five arguments, three of
which are u64 and need to be split, producing a total of 8 outgoing
arguments.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
 arch/x86/boot/compressed/efi_thunk_64.S | 17 ++++++++++++-----
 arch/x86/include/asm/efi.h              | 10 ++++++----
 arch/x86/platform/efi/efi_thunk_64.S    | 14 ++++++++++++--
 3 files changed, 30 insertions(+), 11 deletions(-)

diff --git a/arch/x86/boot/compressed/efi_thunk_64.S b/arch/x86/boot/compressed/efi_thunk_64.S
index 95a223b3e56a..fec6c48d6b30 100644
--- a/arch/x86/boot/compressed/efi_thunk_64.S
+++ b/arch/x86/boot/compressed/efi_thunk_64.S
@@ -27,8 +27,6 @@ SYM_FUNC_START(__efi64_thunk)
 	push	%rbp
 	push	%rbx
 
-	leaq	1f(%rip), %rbp
-
 	movl	%ds, %eax
 	push	%rax
 	movl	%es, %eax
@@ -36,19 +34,28 @@ SYM_FUNC_START(__efi64_thunk)
 	movl	%ss, %eax
 	push	%rax
 
+	movq	0x30(%rsp), %rbp
+	movq	0x38(%rsp), %rbx
+	movq	0x40(%rsp), %rax
+
 	/*
 	 * Convert x86-64 ABI params to i386 ABI
 	 */
-	subq	$32, %rsp
+	subq	$48, %rsp
 	movl	%esi, 0x0(%rsp)
 	movl	%edx, 0x4(%rsp)
 	movl	%ecx, 0x8(%rsp)
 	movl	%r8d, 0xc(%rsp)
 	movl	%r9d, 0x10(%rsp)
+	movl	%ebp, 0x14(%rsp)
+	movl	%ebx, 0x18(%rsp)
+	movl	%eax, 0x1c(%rsp)
 
-	leaq	0x14(%rsp), %rbx
+	leaq	0x20(%rsp), %rbx
 	sgdt	(%rbx)
 
+	leaq	1f(%rip), %rbp
+
 	/*
 	 * Switch to gdt with 32-bit segments. This is the firmware GDT
 	 * that was installed when the kernel started executing. This
@@ -67,7 +74,7 @@ SYM_FUNC_START(__efi64_thunk)
 	pushq	%rax
 	lretq
 
-1:	addq	$32, %rsp
+1:	addq	$48, %rsp
 	movq	%rdi, %rax
 
 	pop	%rbx
diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
index 85f156f8ef81..a323dbac9182 100644
--- a/arch/x86/include/asm/efi.h
+++ b/arch/x86/include/asm/efi.h
@@ -46,13 +46,14 @@ extern unsigned long efi_mixed_mode_stack_pa;
 
 #define __efi_nargs(...) __efi_nargs_(__VA_ARGS__)
 #define __efi_nargs_(...) __efi_nargs__(0, ##__VA_ARGS__,	\
+	__efi_arg_sentinel(9), __efi_arg_sentinel(8),		\
 	__efi_arg_sentinel(7), __efi_arg_sentinel(6),		\
 	__efi_arg_sentinel(5), __efi_arg_sentinel(4),		\
 	__efi_arg_sentinel(3), __efi_arg_sentinel(2),		\
 	__efi_arg_sentinel(1), __efi_arg_sentinel(0))
-#define __efi_nargs__(_0, _1, _2, _3, _4, _5, _6, _7, n, ...)	\
+#define __efi_nargs__(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, n, ...)	\
 	__take_second_arg(n,					\
-		({ BUILD_BUG_ON_MSG(1, "__efi_nargs limit exceeded"); 8; }))
+		({ BUILD_BUG_ON_MSG(1, "__efi_nargs limit exceeded"); 10; }))
 #define __efi_arg_sentinel(n) , n
 
 /*
@@ -176,8 +177,9 @@ extern u64 efi_setup;
 extern efi_status_t __efi64_thunk(u32, ...);
 
 #define efi64_thunk(...) ({						\
-	__efi_nargs_check(efi64_thunk, 6, __VA_ARGS__);			\
-	__efi64_thunk(__VA_ARGS__);					\
+	u64 __pad[3]; /* must have space for 3 args on the stack */	\
+	__efi_nargs_check(efi64_thunk, 9, __VA_ARGS__);			\
+	__efi64_thunk(__VA_ARGS__, __pad);				\
 })
 
 static inline bool efi_is_mixed(void)
diff --git a/arch/x86/platform/efi/efi_thunk_64.S b/arch/x86/platform/efi/efi_thunk_64.S
index fd3dd1708eba..5b7c6e09954e 100644
--- a/arch/x86/platform/efi/efi_thunk_64.S
+++ b/arch/x86/platform/efi/efi_thunk_64.S
@@ -36,6 +36,17 @@ SYM_CODE_START(__efi64_thunk)
 	movq	efi_mixed_mode_stack_pa(%rip), %rsp
 	push	%rax
 
+	/*
+	 * Copy args passed via the stack
+	 */
+	subq	$0x24, %rsp
+	movq	0x18(%rax), %rbp
+	movq	0x20(%rax), %rbx
+	movq	0x28(%rax), %rax
+	movl	%ebp, 0x18(%rsp)
+	movl	%ebx, 0x1c(%rsp)
+	movl	%eax, 0x20(%rsp)
+
 	/*
 	 * Calculate the physical address of the kernel text.
 	 */
@@ -47,7 +58,6 @@ SYM_CODE_START(__efi64_thunk)
 	subq	%rax, %rbp
 	subq	%rax, %rbx
 
-	subq	$28, %rsp
 	movl	%ebx, 0x0(%rsp)		/* return address */
 	movl	%esi, 0x4(%rsp)
 	movl	%edx, 0x8(%rsp)
@@ -60,7 +70,7 @@ SYM_CODE_START(__efi64_thunk)
 	pushq	%rdi			/* EFI runtime service address */
 	lretq
 
-1:	movq	24(%rsp), %rsp
+1:	movq	0x20(%rsp), %rsp
 	pop	%rbx
 	pop	%rbp
 	retq
-- 
2.32.0.rc0


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [PATCH 3/4 v2] efi/libstub: consolidate initrd handling across architectures
  2021-09-02  8:04 [PATCH 0/4 v2] efi/libstub: measure initrd data loaded by the EFI stub Ilias Apalodimas
  2021-09-02  8:04 ` [PATCH 1/4 v2] efi/libstub: add prototype of efi_tcg2_protocol::hash_log_extend_event() Ilias Apalodimas
  2021-09-02  8:04 ` [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count Ilias Apalodimas
@ 2021-09-02  8:04 ` Ilias Apalodimas
  2021-09-02  8:04 ` [PATCH 4/4 v2] efi/libstub: measure loaded initrd info into the TPM Ilias Apalodimas
  3 siblings, 0 replies; 8+ messages in thread
From: Ilias Apalodimas @ 2021-09-02  8:04 UTC (permalink / raw)
  To: linux-efi, ardb, James.Bottomley
  Cc: pjones, nivedita, mjg59, daniel.kiper, leif, Ilias Apalodimas

From: Ard Biesheuvel <ardb@kernel.org>

Before adding TPM measurement of the initrd contents, refactor the
initrd handling slightly to be more self-contained and consistent.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
 .../firmware/efi/libstub/efi-stub-helper.c    | 13 +++++++---
 drivers/firmware/efi/libstub/efi-stub.c       | 10 ++-----
 drivers/firmware/efi/libstub/efistub.h        |  1 -
 drivers/firmware/efi/libstub/x86-stub.c       | 26 +++++++------------
 4 files changed, 21 insertions(+), 29 deletions(-)

diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c
index aa8da0a49829..72a7e7c4d403 100644
--- a/drivers/firmware/efi/libstub/efi-stub-helper.c
+++ b/drivers/firmware/efi/libstub/efi-stub-helper.c
@@ -20,10 +20,10 @@
 
 bool efi_nochunk;
 bool efi_nokaslr = !IS_ENABLED(CONFIG_RANDOMIZE_BASE);
-bool efi_noinitrd;
 int efi_loglevel = CONSOLE_LOGLEVEL_DEFAULT;
 bool efi_novamap;
 
+static bool efi_noinitrd;
 static bool efi_nosoftreserve;
 static bool efi_disable_pci_dma = IS_ENABLED(CONFIG_EFI_DISABLE_PCI_DMA);
 
@@ -643,8 +643,10 @@ efi_status_t efi_load_initrd(efi_loaded_image_t *image,
 {
 	efi_status_t status;
 
-	if (!load_addr || !load_size)
-		return EFI_INVALID_PARAMETER;
+	if (efi_noinitrd) {
+		*load_addr = *load_size = 0;
+		return EFI_SUCCESS;
+	}
 
 	status = efi_load_initrd_dev_path(load_addr, load_size, hard_limit);
 	if (status == EFI_SUCCESS) {
@@ -655,7 +657,10 @@ efi_status_t efi_load_initrd(efi_loaded_image_t *image,
 		if (status == EFI_SUCCESS && *load_size > 0)
 			efi_info("Loaded initrd from command line option\n");
 	}
-
+	if (status != EFI_SUCCESS) {
+		efi_err("Failed to load initrd: 0x%lx\n", status);
+		*load_addr = *load_size = 0;
+	}
 	return status;
 }
 
diff --git a/drivers/firmware/efi/libstub/efi-stub.c b/drivers/firmware/efi/libstub/efi-stub.c
index 26e69788f27a..e87e7f1b1a33 100644
--- a/drivers/firmware/efi/libstub/efi-stub.c
+++ b/drivers/firmware/efi/libstub/efi-stub.c
@@ -134,7 +134,6 @@ efi_status_t __efiapi efi_pe_entry(efi_handle_t handle,
 	enum efi_secureboot_mode secure_boot;
 	struct screen_info *si;
 	efi_properties_table_t *prop_tbl;
-	unsigned long max_addr;
 
 	efi_system_table = sys_table_arg;
 
@@ -240,13 +239,8 @@ efi_status_t __efiapi efi_pe_entry(efi_handle_t handle,
 	if (!fdt_addr)
 		efi_info("Generating empty DTB\n");
 
-	if (!efi_noinitrd) {
-		max_addr = efi_get_max_initrd_addr(image_addr);
-		status = efi_load_initrd(image, &initrd_addr, &initrd_size,
-					 ULONG_MAX, max_addr);
-		if (status != EFI_SUCCESS)
-			efi_err("Failed to load initrd!\n");
-	}
+	efi_load_initrd(image, &initrd_addr, &initrd_size, ULONG_MAX,
+			efi_get_max_initrd_addr(image_addr));
 
 	efi_random_get_seed();
 
diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
index a2825c435158..edb77b0621ea 100644
--- a/drivers/firmware/efi/libstub/efistub.h
+++ b/drivers/firmware/efi/libstub/efistub.h
@@ -31,7 +31,6 @@
 
 extern bool efi_nochunk;
 extern bool efi_nokaslr;
-extern bool efi_noinitrd;
 extern int efi_loglevel;
 extern bool efi_novamap;
 
diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c
index f14c4ff5839f..01ddd4502e28 100644
--- a/drivers/firmware/efi/libstub/x86-stub.c
+++ b/drivers/firmware/efi/libstub/x86-stub.c
@@ -673,6 +673,7 @@ unsigned long efi_main(efi_handle_t handle,
 	unsigned long bzimage_addr = (unsigned long)startup_32;
 	unsigned long buffer_start, buffer_end;
 	struct setup_header *hdr = &boot_params->hdr;
+	unsigned long addr, size;
 	efi_status_t status;
 
 	efi_system_table = sys_table_arg;
@@ -761,22 +762,15 @@ unsigned long efi_main(efi_handle_t handle,
 	 * arguments will be processed only if image is not NULL, which will be
 	 * the case only if we were loaded via the PE entry point.
 	 */
-	if (!efi_noinitrd) {
-		unsigned long addr, size;
-
-		status = efi_load_initrd(image, &addr, &size,
-					 hdr->initrd_addr_max, ULONG_MAX);
-
-		if (status != EFI_SUCCESS) {
-			efi_err("Failed to load initrd!\n");
-			goto fail;
-		}
-		if (size > 0) {
-			efi_set_u64_split(addr, &hdr->ramdisk_image,
-					  &boot_params->ext_ramdisk_image);
-			efi_set_u64_split(size, &hdr->ramdisk_size,
-					  &boot_params->ext_ramdisk_size);
-		}
+	status = efi_load_initrd(image, &addr, &size, hdr->initrd_addr_max,
+				 ULONG_MAX);
+	if (status != EFI_SUCCESS)
+		goto fail;
+	if (size > 0) {
+		efi_set_u64_split(addr, &hdr->ramdisk_image,
+				  &boot_params->ext_ramdisk_image);
+		efi_set_u64_split(size, &hdr->ramdisk_size,
+				  &boot_params->ext_ramdisk_size);
 	}
 
 	/*
-- 
2.32.0.rc0


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [PATCH 4/4 v2] efi/libstub: measure loaded initrd info into the TPM
  2021-09-02  8:04 [PATCH 0/4 v2] efi/libstub: measure initrd data loaded by the EFI stub Ilias Apalodimas
                   ` (2 preceding siblings ...)
  2021-09-02  8:04 ` [PATCH 3/4 v2] efi/libstub: consolidate initrd handling across architectures Ilias Apalodimas
@ 2021-09-02  8:04 ` Ilias Apalodimas
  3 siblings, 0 replies; 8+ messages in thread
From: Ilias Apalodimas @ 2021-09-02  8:04 UTC (permalink / raw)
  To: linux-efi, ardb, James.Bottomley
  Cc: pjones, nivedita, mjg59, daniel.kiper, leif, Ilias Apalodimas

In an effort to ensure the initrd observed and used by the OS is
the same one that was meant to be loaded, which is difficult to
guarantee otherwise, let's measure the initrd if the EFI stub and
specifically the newly introduced LOAD_FILE2 protocol was used.

Modify the initrd loading sequence so that the contents of the initrd
are measured into PCR9.  Note that the patch is currently using
EV_EVENT_TAG to create the eventlog entry instead of EV_IPL.  According
to the TCP PC Client specification this is used for PCRs defined for OS
and application usage.

Co-developed-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
 .../firmware/efi/libstub/efi-stub-helper.c    | 72 +++++++++++++++----
 1 file changed, 58 insertions(+), 14 deletions(-)

diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c
index 72a7e7c4d403..c1d415bb534b 100644
--- a/drivers/firmware/efi/libstub/efi-stub-helper.c
+++ b/drivers/firmware/efi/libstub/efi-stub-helper.c
@@ -625,6 +625,47 @@ efi_status_t efi_load_initrd_cmdline(efi_loaded_image_t *image,
 				    load_addr, load_size);
 }
 
+static const struct {
+	efi_tcg2_event_t	event_data;
+	efi_tcg2_tagged_event_t tagged_event;
+	u8			tagged_event_data[];
+} initrd_tcg2_event = {
+	{
+		sizeof(initrd_tcg2_event) + sizeof("Linux initrd"),
+		{
+			sizeof(initrd_tcg2_event.event_data.event_header),
+			EFI_TCG2_EVENT_HEADER_VERSION,
+			9,
+			EV_EVENT_TAG,
+		},
+	},
+	{
+		INITRD_EVENT_TAG_ID,
+		sizeof("Linux initrd"),
+	},
+	"Linux initrd",
+};
+
+void efi_measure_initrd(unsigned long load_addr, unsigned long load_size)
+{
+	efi_guid_t tcg2_guid = EFI_TCG2_PROTOCOL_GUID;
+	efi_tcg2_protocol_t *tcg2 = NULL;
+	efi_status_t status;
+
+	efi_bs_call(locate_protocol, &tcg2_guid, NULL, (void **)&tcg2);
+	if (tcg2) {
+		status = efi_call_proto(tcg2, hash_log_extend_event,
+					0, load_addr, load_size,
+					&initrd_tcg2_event.event_data);
+		if (status != EFI_SUCCESS)
+			efi_warn("Failed to measure initrd data: 0x%lx\n",
+				 status);
+		else
+			efi_info("Measured initrd data into PCR %d\n",
+				 initrd_tcg2_event.event_data.event_header.pcr_index);
+	}
+}
+
 /**
  * efi_load_initrd() - Load initial RAM disk
  * @image:	EFI loaded image protocol
@@ -645,22 +686,25 @@ efi_status_t efi_load_initrd(efi_loaded_image_t *image,
 
 	if (efi_noinitrd) {
 		*load_addr = *load_size = 0;
-		return EFI_SUCCESS;
+		status = EFI_SUCCESS;
+	} else {
+		status = efi_load_initrd_dev_path(load_addr, load_size, hard_limit);
+		if (status == EFI_SUCCESS) {
+			efi_info("Loaded initrd from LINUX_EFI_INITRD_MEDIA_GUID device path\n");
+			if (*load_size > 0)
+				efi_measure_initrd(*load_addr, *load_size);
+		} else if (status == EFI_NOT_FOUND) {
+			status = efi_load_initrd_cmdline(image, load_addr, load_size,
+							 soft_limit, hard_limit);
+			if (status == EFI_SUCCESS && *load_size > 0)
+				efi_info("Loaded initrd from command line option\n");
+		}
+		if (status != EFI_SUCCESS) {
+			efi_err("Failed to load initrd: 0x%lx\n", status);
+			*load_addr = *load_size = 0;
+		}
 	}
 
-	status = efi_load_initrd_dev_path(load_addr, load_size, hard_limit);
-	if (status == EFI_SUCCESS) {
-		efi_info("Loaded initrd from LINUX_EFI_INITRD_MEDIA_GUID device path\n");
-	} else if (status == EFI_NOT_FOUND) {
-		status = efi_load_initrd_cmdline(image, load_addr, load_size,
-						 soft_limit, hard_limit);
-		if (status == EFI_SUCCESS && *load_size > 0)
-			efi_info("Loaded initrd from command line option\n");
-	}
-	if (status != EFI_SUCCESS) {
-		efi_err("Failed to load initrd: 0x%lx\n", status);
-		*load_addr = *load_size = 0;
-	}
 	return status;
 }
 
-- 
2.32.0.rc0


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count
  2021-09-02  8:04 ` [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count Ilias Apalodimas
@ 2021-09-02  8:27   ` Ard Biesheuvel
  2021-09-02  8:37     ` Ilias Apalodimas
  0 siblings, 1 reply; 8+ messages in thread
From: Ard Biesheuvel @ 2021-09-02  8:27 UTC (permalink / raw)
  To: Ilias Apalodimas
  Cc: linux-efi, James E.J. Bottomley, Peter Jones, Arvind Sankar,
	Matthew Garrett, Daniel Kiper, Leif Lindholm

On Thu, 2 Sept 2021 at 10:04, Ilias Apalodimas
<ilias.apalodimas@linaro.org> wrote:
>
> From: Ard Biesheuvel <ardb@kernel.org>
>
> Increase the number of arguments supported by mixed mode calls, so that
> we will be able to call into the TCG2 protocol to measure the initrd
> and extend the associated PCR. This involves the TCG2 protocol's
> hash_log_extend_event() method, which takes five arguments, three of
> which are u64 and need to be split, producing a total of 8 outgoing
> arguments.
>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Does this still apply cleanly? There was a last minute fix that went
into v5.14 that looked like it would conflict with this.

> ---
>  arch/x86/boot/compressed/efi_thunk_64.S | 17 ++++++++++++-----
>  arch/x86/include/asm/efi.h              | 10 ++++++----
>  arch/x86/platform/efi/efi_thunk_64.S    | 14 ++++++++++++--
>  3 files changed, 30 insertions(+), 11 deletions(-)
>
> diff --git a/arch/x86/boot/compressed/efi_thunk_64.S b/arch/x86/boot/compressed/efi_thunk_64.S
> index 95a223b3e56a..fec6c48d6b30 100644
> --- a/arch/x86/boot/compressed/efi_thunk_64.S
> +++ b/arch/x86/boot/compressed/efi_thunk_64.S
> @@ -27,8 +27,6 @@ SYM_FUNC_START(__efi64_thunk)
>         push    %rbp
>         push    %rbx
>
> -       leaq    1f(%rip), %rbp
> -
>         movl    %ds, %eax
>         push    %rax
>         movl    %es, %eax
> @@ -36,19 +34,28 @@ SYM_FUNC_START(__efi64_thunk)
>         movl    %ss, %eax
>         push    %rax
>
> +       movq    0x30(%rsp), %rbp
> +       movq    0x38(%rsp), %rbx
> +       movq    0x40(%rsp), %rax
> +
>         /*
>          * Convert x86-64 ABI params to i386 ABI
>          */
> -       subq    $32, %rsp
> +       subq    $48, %rsp
>         movl    %esi, 0x0(%rsp)
>         movl    %edx, 0x4(%rsp)
>         movl    %ecx, 0x8(%rsp)
>         movl    %r8d, 0xc(%rsp)
>         movl    %r9d, 0x10(%rsp)
> +       movl    %ebp, 0x14(%rsp)
> +       movl    %ebx, 0x18(%rsp)
> +       movl    %eax, 0x1c(%rsp)
>
> -       leaq    0x14(%rsp), %rbx
> +       leaq    0x20(%rsp), %rbx
>         sgdt    (%rbx)
>
> +       leaq    1f(%rip), %rbp
> +
>         /*
>          * Switch to gdt with 32-bit segments. This is the firmware GDT
>          * that was installed when the kernel started executing. This
> @@ -67,7 +74,7 @@ SYM_FUNC_START(__efi64_thunk)
>         pushq   %rax
>         lretq
>
> -1:     addq    $32, %rsp
> +1:     addq    $48, %rsp
>         movq    %rdi, %rax
>
>         pop     %rbx
> diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
> index 85f156f8ef81..a323dbac9182 100644
> --- a/arch/x86/include/asm/efi.h
> +++ b/arch/x86/include/asm/efi.h
> @@ -46,13 +46,14 @@ extern unsigned long efi_mixed_mode_stack_pa;
>
>  #define __efi_nargs(...) __efi_nargs_(__VA_ARGS__)
>  #define __efi_nargs_(...) __efi_nargs__(0, ##__VA_ARGS__,      \
> +       __efi_arg_sentinel(9), __efi_arg_sentinel(8),           \
>         __efi_arg_sentinel(7), __efi_arg_sentinel(6),           \
>         __efi_arg_sentinel(5), __efi_arg_sentinel(4),           \
>         __efi_arg_sentinel(3), __efi_arg_sentinel(2),           \
>         __efi_arg_sentinel(1), __efi_arg_sentinel(0))
> -#define __efi_nargs__(_0, _1, _2, _3, _4, _5, _6, _7, n, ...)  \
> +#define __efi_nargs__(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, n, ...)  \
>         __take_second_arg(n,                                    \
> -               ({ BUILD_BUG_ON_MSG(1, "__efi_nargs limit exceeded"); 8; }))
> +               ({ BUILD_BUG_ON_MSG(1, "__efi_nargs limit exceeded"); 10; }))
>  #define __efi_arg_sentinel(n) , n
>
>  /*
> @@ -176,8 +177,9 @@ extern u64 efi_setup;
>  extern efi_status_t __efi64_thunk(u32, ...);
>
>  #define efi64_thunk(...) ({                                            \
> -       __efi_nargs_check(efi64_thunk, 6, __VA_ARGS__);                 \
> -       __efi64_thunk(__VA_ARGS__);                                     \
> +       u64 __pad[3]; /* must have space for 3 args on the stack */     \
> +       __efi_nargs_check(efi64_thunk, 9, __VA_ARGS__);                 \
> +       __efi64_thunk(__VA_ARGS__, __pad);                              \
>  })
>
>  static inline bool efi_is_mixed(void)
> diff --git a/arch/x86/platform/efi/efi_thunk_64.S b/arch/x86/platform/efi/efi_thunk_64.S
> index fd3dd1708eba..5b7c6e09954e 100644
> --- a/arch/x86/platform/efi/efi_thunk_64.S
> +++ b/arch/x86/platform/efi/efi_thunk_64.S
> @@ -36,6 +36,17 @@ SYM_CODE_START(__efi64_thunk)
>         movq    efi_mixed_mode_stack_pa(%rip), %rsp
>         push    %rax
>
> +       /*
> +        * Copy args passed via the stack
> +        */
> +       subq    $0x24, %rsp
> +       movq    0x18(%rax), %rbp
> +       movq    0x20(%rax), %rbx
> +       movq    0x28(%rax), %rax
> +       movl    %ebp, 0x18(%rsp)
> +       movl    %ebx, 0x1c(%rsp)
> +       movl    %eax, 0x20(%rsp)
> +
>         /*
>          * Calculate the physical address of the kernel text.
>          */
> @@ -47,7 +58,6 @@ SYM_CODE_START(__efi64_thunk)
>         subq    %rax, %rbp
>         subq    %rax, %rbx
>
> -       subq    $28, %rsp
>         movl    %ebx, 0x0(%rsp)         /* return address */
>         movl    %esi, 0x4(%rsp)
>         movl    %edx, 0x8(%rsp)
> @@ -60,7 +70,7 @@ SYM_CODE_START(__efi64_thunk)
>         pushq   %rdi                    /* EFI runtime service address */
>         lretq
>
> -1:     movq    24(%rsp), %rsp
> +1:     movq    0x20(%rsp), %rsp
>         pop     %rbx
>         pop     %rbp
>         retq
> --
> 2.32.0.rc0
>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count
  2021-09-02  8:27   ` Ard Biesheuvel
@ 2021-09-02  8:37     ` Ilias Apalodimas
  2021-09-02  8:39       ` Ilias Apalodimas
  0 siblings, 1 reply; 8+ messages in thread
From: Ilias Apalodimas @ 2021-09-02  8:37 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: linux-efi, James E.J. Bottomley, Peter Jones, Arvind Sankar,
	Matthew Garrett, Daniel Kiper, Leif Lindholm

Hi Ard, 

On Thu, Sep 02, 2021 at 10:27:19AM +0200, Ard Biesheuvel wrote:
> On Thu, 2 Sept 2021 at 10:04, Ilias Apalodimas
> <ilias.apalodimas@linaro.org> wrote:
> >
> > From: Ard Biesheuvel <ardb@kernel.org>
> >
> > Increase the number of arguments supported by mixed mode calls, so that
> > we will be able to call into the TCG2 protocol to measure the initrd
> > and extend the associated PCR. This involves the TCG2 protocol's
> > hash_log_extend_event() method, which takes five arguments, three of
> > which are u64 and need to be split, producing a total of 8 outgoing
> > arguments.
> >
> > Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> > Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> 
> Does this still apply cleanly? There was a last minute fix that went
> into v5.14 that looked like it would conflict with this.

Not sure, I just rebased this on on top of net-next.  The last commit I can
see in there is 9d31d2338950.  I'll give it a try and send a v3 if that
fails.

> 
> > ---
> >  arch/x86/boot/compressed/efi_thunk_64.S | 17 ++++++++++++-----
> >  arch/x86/include/asm/efi.h              | 10 ++++++----
> >  arch/x86/platform/efi/efi_thunk_64.S    | 14 ++++++++++++--
> >  3 files changed, 30 insertions(+), 11 deletions(-)
> >
> > diff --git a/arch/x86/boot/compressed/efi_thunk_64.S b/arch/x86/boot/compressed/efi_thunk_64.S
> > index 95a223b3e56a..fec6c48d6b30 100644
> > --- a/arch/x86/boot/compressed/efi_thunk_64.S
> > +++ b/arch/x86/boot/compressed/efi_thunk_64.S
> > @@ -27,8 +27,6 @@ SYM_FUNC_START(__efi64_thunk)
> >         push    %rbp
> >         push    %rbx
> >
> > -       leaq    1f(%rip), %rbp
> > -
> >         movl    %ds, %eax
> >         push    %rax
> >         movl    %es, %eax
> > @@ -36,19 +34,28 @@ SYM_FUNC_START(__efi64_thunk)
> >         movl    %ss, %eax
> >         push    %rax
> >
> > +       movq    0x30(%rsp), %rbp
> > +       movq    0x38(%rsp), %rbx
> > +       movq    0x40(%rsp), %rax
> > +
> >         /*
> >          * Convert x86-64 ABI params to i386 ABI
> >          */
> > -       subq    $32, %rsp
> > +       subq    $48, %rsp
> >         movl    %esi, 0x0(%rsp)
> >         movl    %edx, 0x4(%rsp)
> >         movl    %ecx, 0x8(%rsp)
> >         movl    %r8d, 0xc(%rsp)
> >         movl    %r9d, 0x10(%rsp)
> > +       movl    %ebp, 0x14(%rsp)
> > +       movl    %ebx, 0x18(%rsp)
> > +       movl    %eax, 0x1c(%rsp)
> >
> > -       leaq    0x14(%rsp), %rbx
> > +       leaq    0x20(%rsp), %rbx
> >         sgdt    (%rbx)
> >
> > +       leaq    1f(%rip), %rbp
> > +
> >         /*
> >          * Switch to gdt with 32-bit segments. This is the firmware GDT
> >          * that was installed when the kernel started executing. This
> > @@ -67,7 +74,7 @@ SYM_FUNC_START(__efi64_thunk)
> >         pushq   %rax
> >         lretq
> >
> > -1:     addq    $32, %rsp
> > +1:     addq    $48, %rsp
> >         movq    %rdi, %rax
> >
> >         pop     %rbx
> > diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
> > index 85f156f8ef81..a323dbac9182 100644
> > --- a/arch/x86/include/asm/efi.h
> > +++ b/arch/x86/include/asm/efi.h
> > @@ -46,13 +46,14 @@ extern unsigned long efi_mixed_mode_stack_pa;
> >
> >  #define __efi_nargs(...) __efi_nargs_(__VA_ARGS__)
> >  #define __efi_nargs_(...) __efi_nargs__(0, ##__VA_ARGS__,      \
> > +       __efi_arg_sentinel(9), __efi_arg_sentinel(8),           \
> >         __efi_arg_sentinel(7), __efi_arg_sentinel(6),           \
> >         __efi_arg_sentinel(5), __efi_arg_sentinel(4),           \
> >         __efi_arg_sentinel(3), __efi_arg_sentinel(2),           \
> >         __efi_arg_sentinel(1), __efi_arg_sentinel(0))
> > -#define __efi_nargs__(_0, _1, _2, _3, _4, _5, _6, _7, n, ...)  \
> > +#define __efi_nargs__(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, n, ...)  \
> >         __take_second_arg(n,                                    \
> > -               ({ BUILD_BUG_ON_MSG(1, "__efi_nargs limit exceeded"); 8; }))
> > +               ({ BUILD_BUG_ON_MSG(1, "__efi_nargs limit exceeded"); 10; }))
> >  #define __efi_arg_sentinel(n) , n
> >
> >  /*
> > @@ -176,8 +177,9 @@ extern u64 efi_setup;
> >  extern efi_status_t __efi64_thunk(u32, ...);
> >
> >  #define efi64_thunk(...) ({                                            \
> > -       __efi_nargs_check(efi64_thunk, 6, __VA_ARGS__);                 \
> > -       __efi64_thunk(__VA_ARGS__);                                     \
> > +       u64 __pad[3]; /* must have space for 3 args on the stack */     \
> > +       __efi_nargs_check(efi64_thunk, 9, __VA_ARGS__);                 \
> > +       __efi64_thunk(__VA_ARGS__, __pad);                              \
> >  })
> >
> >  static inline bool efi_is_mixed(void)
> > diff --git a/arch/x86/platform/efi/efi_thunk_64.S b/arch/x86/platform/efi/efi_thunk_64.S
> > index fd3dd1708eba..5b7c6e09954e 100644
> > --- a/arch/x86/platform/efi/efi_thunk_64.S
> > +++ b/arch/x86/platform/efi/efi_thunk_64.S
> > @@ -36,6 +36,17 @@ SYM_CODE_START(__efi64_thunk)
> >         movq    efi_mixed_mode_stack_pa(%rip), %rsp
> >         push    %rax
> >
> > +       /*
> > +        * Copy args passed via the stack
> > +        */
> > +       subq    $0x24, %rsp
> > +       movq    0x18(%rax), %rbp
> > +       movq    0x20(%rax), %rbx
> > +       movq    0x28(%rax), %rax
> > +       movl    %ebp, 0x18(%rsp)
> > +       movl    %ebx, 0x1c(%rsp)
> > +       movl    %eax, 0x20(%rsp)
> > +
> >         /*
> >          * Calculate the physical address of the kernel text.
> >          */
> > @@ -47,7 +58,6 @@ SYM_CODE_START(__efi64_thunk)
> >         subq    %rax, %rbp
> >         subq    %rax, %rbx
> >
> > -       subq    $28, %rsp
> >         movl    %ebx, 0x0(%rsp)         /* return address */
> >         movl    %esi, 0x4(%rsp)
> >         movl    %edx, 0x8(%rsp)
> > @@ -60,7 +70,7 @@ SYM_CODE_START(__efi64_thunk)
> >         pushq   %rdi                    /* EFI runtime service address */
> >         lretq
> >
> > -1:     movq    24(%rsp), %rsp
> > +1:     movq    0x20(%rsp), %rsp
> >         pop     %rbx
> >         pop     %rbp
> >         retq
> > --
> > 2.32.0.rc0
> >

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count
  2021-09-02  8:37     ` Ilias Apalodimas
@ 2021-09-02  8:39       ` Ilias Apalodimas
  0 siblings, 0 replies; 8+ messages in thread
From: Ilias Apalodimas @ 2021-09-02  8:39 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: linux-efi, James E.J. Bottomley, Peter Jones, Arvind Sankar,
	Matthew Garrett, Daniel Kiper, Leif Lindholm

On Thu, 2 Sept 2021 at 11:37, Ilias Apalodimas
<ilias.apalodimas@linaro.org> wrote:
>
> Hi Ard,
>
> On Thu, Sep 02, 2021 at 10:27:19AM +0200, Ard Biesheuvel wrote:
> > On Thu, 2 Sept 2021 at 10:04, Ilias Apalodimas
> > <ilias.apalodimas@linaro.org> wrote:
> > >
> > > From: Ard Biesheuvel <ardb@kernel.org>
> > >
> > > Increase the number of arguments supported by mixed mode calls, so that
> > > we will be able to call into the TCG2 protocol to measure the initrd
> > > and extend the associated PCR. This involves the TCG2 protocol's
> > > hash_log_extend_event() method, which takes five arguments, three of
> > > which are u64 and need to be split, producing a total of 8 outgoing
> > > arguments.
> > >
> > > Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> > > Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> >
> > Does this still apply cleanly? There was a last minute fix that went
> > into v5.14 that looked like it would conflict with this.
>
> Not sure, I just rebased this on on top of net-next.  The last commit I can
> see in there is 9d31d2338950.  I'll give it a try and send a v3 if that
> fails.
>

Replying to myself here, but you are right. I'll wait a few more days
for feedback and send a v3

Cheers
/Ilias
> >
> > > ---
> > >  arch/x86/boot/compressed/efi_thunk_64.S | 17 ++++++++++++-----
> > >  arch/x86/include/asm/efi.h              | 10 ++++++----
> > >  arch/x86/platform/efi/efi_thunk_64.S    | 14 ++++++++++++--
> > >  3 files changed, 30 insertions(+), 11 deletions(-)
> > >
> > > diff --git a/arch/x86/boot/compressed/efi_thunk_64.S b/arch/x86/boot/compressed/efi_thunk_64.S
> > > index 95a223b3e56a..fec6c48d6b30 100644
> > > --- a/arch/x86/boot/compressed/efi_thunk_64.S
> > > +++ b/arch/x86/boot/compressed/efi_thunk_64.S
> > > @@ -27,8 +27,6 @@ SYM_FUNC_START(__efi64_thunk)
> > >         push    %rbp
> > >         push    %rbx
> > >
> > > -       leaq    1f(%rip), %rbp
> > > -
> > >         movl    %ds, %eax
> > >         push    %rax
> > >         movl    %es, %eax
> > > @@ -36,19 +34,28 @@ SYM_FUNC_START(__efi64_thunk)
> > >         movl    %ss, %eax
> > >         push    %rax
> > >
> > > +       movq    0x30(%rsp), %rbp
> > > +       movq    0x38(%rsp), %rbx
> > > +       movq    0x40(%rsp), %rax
> > > +
> > >         /*
> > >          * Convert x86-64 ABI params to i386 ABI
> > >          */
> > > -       subq    $32, %rsp
> > > +       subq    $48, %rsp
> > >         movl    %esi, 0x0(%rsp)
> > >         movl    %edx, 0x4(%rsp)
> > >         movl    %ecx, 0x8(%rsp)
> > >         movl    %r8d, 0xc(%rsp)
> > >         movl    %r9d, 0x10(%rsp)
> > > +       movl    %ebp, 0x14(%rsp)
> > > +       movl    %ebx, 0x18(%rsp)
> > > +       movl    %eax, 0x1c(%rsp)
> > >
> > > -       leaq    0x14(%rsp), %rbx
> > > +       leaq    0x20(%rsp), %rbx
> > >         sgdt    (%rbx)
> > >
> > > +       leaq    1f(%rip), %rbp
> > > +
> > >         /*
> > >          * Switch to gdt with 32-bit segments. This is the firmware GDT
> > >          * that was installed when the kernel started executing. This
> > > @@ -67,7 +74,7 @@ SYM_FUNC_START(__efi64_thunk)
> > >         pushq   %rax
> > >         lretq
> > >
> > > -1:     addq    $32, %rsp
> > > +1:     addq    $48, %rsp
> > >         movq    %rdi, %rax
> > >
> > >         pop     %rbx
> > > diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
> > > index 85f156f8ef81..a323dbac9182 100644
> > > --- a/arch/x86/include/asm/efi.h
> > > +++ b/arch/x86/include/asm/efi.h
> > > @@ -46,13 +46,14 @@ extern unsigned long efi_mixed_mode_stack_pa;
> > >
> > >  #define __efi_nargs(...) __efi_nargs_(__VA_ARGS__)
> > >  #define __efi_nargs_(...) __efi_nargs__(0, ##__VA_ARGS__,      \
> > > +       __efi_arg_sentinel(9), __efi_arg_sentinel(8),           \
> > >         __efi_arg_sentinel(7), __efi_arg_sentinel(6),           \
> > >         __efi_arg_sentinel(5), __efi_arg_sentinel(4),           \
> > >         __efi_arg_sentinel(3), __efi_arg_sentinel(2),           \
> > >         __efi_arg_sentinel(1), __efi_arg_sentinel(0))
> > > -#define __efi_nargs__(_0, _1, _2, _3, _4, _5, _6, _7, n, ...)  \
> > > +#define __efi_nargs__(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, n, ...)  \
> > >         __take_second_arg(n,                                    \
> > > -               ({ BUILD_BUG_ON_MSG(1, "__efi_nargs limit exceeded"); 8; }))
> > > +               ({ BUILD_BUG_ON_MSG(1, "__efi_nargs limit exceeded"); 10; }))
> > >  #define __efi_arg_sentinel(n) , n
> > >
> > >  /*
> > > @@ -176,8 +177,9 @@ extern u64 efi_setup;
> > >  extern efi_status_t __efi64_thunk(u32, ...);
> > >
> > >  #define efi64_thunk(...) ({                                            \
> > > -       __efi_nargs_check(efi64_thunk, 6, __VA_ARGS__);                 \
> > > -       __efi64_thunk(__VA_ARGS__);                                     \
> > > +       u64 __pad[3]; /* must have space for 3 args on the stack */     \
> > > +       __efi_nargs_check(efi64_thunk, 9, __VA_ARGS__);                 \
> > > +       __efi64_thunk(__VA_ARGS__, __pad);                              \
> > >  })
> > >
> > >  static inline bool efi_is_mixed(void)
> > > diff --git a/arch/x86/platform/efi/efi_thunk_64.S b/arch/x86/platform/efi/efi_thunk_64.S
> > > index fd3dd1708eba..5b7c6e09954e 100644
> > > --- a/arch/x86/platform/efi/efi_thunk_64.S
> > > +++ b/arch/x86/platform/efi/efi_thunk_64.S
> > > @@ -36,6 +36,17 @@ SYM_CODE_START(__efi64_thunk)
> > >         movq    efi_mixed_mode_stack_pa(%rip), %rsp
> > >         push    %rax
> > >
> > > +       /*
> > > +        * Copy args passed via the stack
> > > +        */
> > > +       subq    $0x24, %rsp
> > > +       movq    0x18(%rax), %rbp
> > > +       movq    0x20(%rax), %rbx
> > > +       movq    0x28(%rax), %rax
> > > +       movl    %ebp, 0x18(%rsp)
> > > +       movl    %ebx, 0x1c(%rsp)
> > > +       movl    %eax, 0x20(%rsp)
> > > +
> > >         /*
> > >          * Calculate the physical address of the kernel text.
> > >          */
> > > @@ -47,7 +58,6 @@ SYM_CODE_START(__efi64_thunk)
> > >         subq    %rax, %rbp
> > >         subq    %rax, %rbx
> > >
> > > -       subq    $28, %rsp
> > >         movl    %ebx, 0x0(%rsp)         /* return address */
> > >         movl    %esi, 0x4(%rsp)
> > >         movl    %edx, 0x8(%rsp)
> > > @@ -60,7 +70,7 @@ SYM_CODE_START(__efi64_thunk)
> > >         pushq   %rdi                    /* EFI runtime service address */
> > >         lretq
> > >
> > > -1:     movq    24(%rsp), %rsp
> > > +1:     movq    0x20(%rsp), %rsp
> > >         pop     %rbx
> > >         pop     %rbp
> > >         retq
> > > --
> > > 2.32.0.rc0
> > >

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2021-09-02  8:40 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-02  8:04 [PATCH 0/4 v2] efi/libstub: measure initrd data loaded by the EFI stub Ilias Apalodimas
2021-09-02  8:04 ` [PATCH 1/4 v2] efi/libstub: add prototype of efi_tcg2_protocol::hash_log_extend_event() Ilias Apalodimas
2021-09-02  8:04 ` [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count Ilias Apalodimas
2021-09-02  8:27   ` Ard Biesheuvel
2021-09-02  8:37     ` Ilias Apalodimas
2021-09-02  8:39       ` Ilias Apalodimas
2021-09-02  8:04 ` [PATCH 3/4 v2] efi/libstub: consolidate initrd handling across architectures Ilias Apalodimas
2021-09-02  8:04 ` [PATCH 4/4 v2] efi/libstub: measure loaded initrd info into the TPM Ilias Apalodimas

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).