From: "Dr. Greg" <greg@enjellic.com>
To: linux-security-module@vger.kernel.org
Subject: [PATCH 07/14] Add root domain trust implementation.
Date: Fri, 3 Feb 2023 23:09:47 -0600 [thread overview]
Message-ID: <20230204050954.11583-8-greg@enjellic.com> (raw)
In-Reply-To: <20230204050954.11583-1-greg@enjellic.com>
The trust.c contains the support infrastructure for anchoring the
root modeling domain in a hardware TPM implementation if it is
available.
The security event state points are extended into Platform
Configuration Register (PCR) 11 in order to provide authentication of
the security execution trajectory for the root domain. This
value was chosen to avoid the use of PCR register 10 that the
Integrity Measurement Architecture uses to register the integrity
events that it handles.
This file is also responsible for computing the hardware platform
aggregate measurement. This is the linear extension sum over PCR
rsegisters 0 through 7. This file contains an accessor function
for surfacing this value to either the internal or external
Trusted Modeling Agent implementations.
The platform hardware aggregate value is designed to be the first
security event state point injected into a model.
Signed-off-by: Greg Wettstein <greg@enjellic.com>
---
security/tsem/trust.c | 134 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 134 insertions(+)
create mode 100644 security/tsem/trust.c
diff --git a/security/tsem/trust.c b/security/tsem/trust.c
new file mode 100644
index 000000000000..77190c07f772
--- /dev/null
+++ b/security/tsem/trust.c
@@ -0,0 +1,134 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+/*
+ * Copyright (C) 2022 Enjellic Systems Development, LLC
+ * Author: Dr. Greg Wettstein <greg@enjellic.com>
+ *
+ * Implements management of a TPM trust root for the in kernel TMA.
+ */
+
+#include <crypto/hash.h>
+#include <linux/tpm.h>
+
+#include "tsem.h"
+
+#define TSEM_TRUST_ROOT 11
+
+static u8 hardware_aggregate[WP256_DIGEST_SIZE];
+
+static struct tpm_chip *tpm;
+
+static struct tpm_digest *digests;
+
+
+void __init generate_aggregate(struct crypto_shash *tfm)
+{
+ int retn = 0, lp;
+ struct tpm_digest pcr;
+ u8 digest[WP256_DIGEST_SIZE];
+ SHASH_DESC_ON_STACK(shash, tfm);
+
+ shash->tfm = tfm;
+ retn = crypto_shash_init(shash);
+ if (retn)
+ goto done;
+
+ if (tpm_is_tpm2(tpm))
+ pcr.alg_id = TPM_ALG_SHA256;
+ else
+ pcr.alg_id = TPM_ALG_SHA1;
+ memset(pcr.digest, '\0', TPM_MAX_DIGEST_SIZE);
+
+ for (lp = 0; lp < 8; ++lp) {
+ retn = tpm_pcr_read(tpm, lp, &pcr);
+ if (retn)
+ goto done;
+ memcpy(digest, pcr.digest, sizeof(digest));
+ retn = crypto_shash_update(shash, digest, WP256_DIGEST_SIZE);
+ if (retn)
+ goto done;
+ }
+ if (!retn)
+ retn = crypto_shash_final(shash, hardware_aggregate);
+
+ done:
+ if (retn)
+ pr_info("Unable to generate platform aggregate\n");
+}
+
+static int __init trust_init(void)
+{
+ int retn = -EINVAL, lp;
+ struct crypto_shash *tfm = NULL;
+
+ tpm = tpm_default_chip();
+ if (!tpm) {
+ pr_info("No TPM found for event modeling.\n");
+ return retn;
+ }
+
+ digests = kcalloc(tpm->nr_allocated_banks, sizeof(*digests), GFP_NOFS);
+ if (!digests) {
+ tpm = NULL;
+ return retn;
+ }
+ for (lp = 0; lp < tpm->nr_allocated_banks; lp++)
+ digests[lp].alg_id = tpm->allocated_banks[lp].alg_id;
+
+ tfm = crypto_alloc_shash("sha256", 0, 0);
+ if (IS_ERR(tfm))
+ retn = PTR_ERR(tfm);
+ else {
+ generate_aggregate(tfm);
+ retn = 0;
+ }
+ crypto_free_shash(tfm);
+
+ return retn;
+}
+
+/**
+ * tsem_trust_aggregate() - Return a pointer to the hardware aggregate.
+ *
+ * This function returns a pointer to the hardware aggregate that
+ * is computed at system boot time.
+ *
+ * Return: A byte pointer is returned to the statically scoped array
+ * that contains the hardware aggregate value.
+ */
+u8 *tsem_trust_aggregate(void)
+{
+ return hardware_aggregate;
+}
+
+/**
+ * tsem_trust_add_point() - Add a measurement to the trust root.
+ * @coefficient: A pointer to the event coefficient to be added.
+ *
+ * This function extends the platform configuration register being
+ * used to document the hardware root of trust for internally modeled
+ * domains with a security event coefficient value.
+ *
+ * Return: If the extension fails the error return value from the
+ * TPM command is returned, otherwise a value of zero is
+ * returned.
+ */
+int tsem_trust_add_event(u8 *coefficient)
+{
+ int amt, bank;
+
+ if (!tpm)
+ return 0;
+
+ for (bank = 0; bank < tpm->nr_allocated_banks; bank++) {
+ if (tpm->allocated_banks[bank].digest_size < WP256_DIGEST_SIZE)
+ amt = tpm->allocated_banks[bank].digest_size;
+ else
+ amt = WP256_DIGEST_SIZE;
+ memcpy(digests[bank].digest, coefficient, amt);
+ }
+
+ return tpm_pcr_extend(tpm, TSEM_TRUST_ROOT, digests);
+}
+
+late_initcall(trust_init);
--
2.39.1
next prev parent reply other threads:[~2023-02-04 5:32 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-04 5:09 [PATCH 00/14] Implement Trusted Security Event Modeling Dr. Greg
2023-02-04 5:09 ` [PATCH 01/14] Update MAINTAINERS file Dr. Greg
2023-02-04 5:09 ` [PATCH 02/14] Add TSEM specific documentation Dr. Greg
2023-02-09 11:47 ` Greg KH
2023-02-09 23:47 ` Dr. Greg
2023-02-13 4:33 ` Paul Moore
2023-02-14 11:58 ` Dr. Greg
2023-02-14 12:18 ` Roberto Sassu
2023-02-15 16:26 ` Dr. Greg
2023-03-03 4:15 ` Paul Moore
2023-03-13 22:52 ` Dr. Greg
2023-03-22 23:45 ` Paul Moore
2023-03-30 3:34 ` Dr. Greg
2023-04-05 20:45 ` Paul Moore
2023-04-07 14:10 ` Dr. Greg
2023-02-04 5:09 ` [PATCH 03/14] Add magic number for tsemfs Dr. Greg
2023-02-04 5:09 ` [PATCH 04/14] Implement CAP_TRUST capability Dr. Greg
2023-02-06 17:28 ` Serge Hallyn (shallyn)
2023-02-11 0:32 ` Dr. Greg
[not found] ` <a12483d1-9d57-d429-789b-9e47ff575546@schaufler-ca.com>
2023-02-13 11:43 ` Dr. Greg
2023-02-13 18:02 ` Casey Schaufler
2023-02-16 21:47 ` Dr. Greg
2023-02-04 5:09 ` [PATCH 05/14] Add TSEM master header file Dr. Greg
[not found] ` <ecb168ef-b82d-fd61-f2f8-54a4ef8c3b48@schaufler-ca.com>
2023-02-06 0:10 ` Dr. Greg
2023-02-04 5:09 ` [PATCH 06/14] Add primary TSEM implementation file Dr. Greg
2023-02-04 5:09 ` Dr. Greg [this message]
2023-02-04 5:09 ` [PATCH 08/14] Implement TSEM control plane Dr. Greg
2023-02-09 11:30 ` Greg KH
2023-02-11 0:18 ` Dr. Greg
2023-02-11 10:59 ` Greg KH
2023-02-12 6:54 ` Dr. Greg
2023-02-16 6:53 ` Greg KH
2023-02-18 18:03 ` Dr. Greg
2023-02-04 5:09 ` [PATCH 09/14] Add namespace implementation Dr. Greg
2023-02-04 5:09 ` [PATCH 10/14] Add security event description export facility Dr. Greg
2023-02-04 5:09 ` [PATCH 11/14] Add event description implementation Dr. Greg
2023-02-04 5:09 ` [PATCH 12/14] Implement security event mapping Dr. Greg
2023-02-04 5:09 ` [PATCH 13/14] Implement an internal Trusted Modeling Agent Dr. Greg
2023-02-04 5:09 ` [PATCH 14/14] Activate the configuration and build of the TSEM LSM Dr. Greg
2023-02-08 22:15 ` Casey Schaufler
2023-02-09 22:21 ` Dr. Greg
[not found] ` <20230204115917.1015-1-hdanton@sina.com>
2023-02-23 18:41 ` [PATCH 09/14] Add namespace implementation Dr. Greg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230204050954.11583-8-greg@enjellic.com \
--to=greg@enjellic.com \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).