From: Jerry Snitselaar <jsnitsel@redhat.com>
To: Jordan Hand <jorhand@linux.microsoft.com>
Cc: jarkko.sakkinen@linux.intel.com, Peter Huewe <peterhuewe@gmx.de>,
Jason Gunthorpe <jgg@ziepe.ca>, Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Allison Randal <allison@lohutok.net>,
linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v4] tpm: Parse event log from TPM2 ACPI table
Date: Tue, 3 Sep 2019 11:27:42 -0700 [thread overview]
Message-ID: <20190903182742.rmqthgu6rms3uill@cantor> (raw)
In-Reply-To: <20190831051027.11544-1-jorhand@linux.microsoft.com>
On Fri Aug 30 19, Jordan Hand wrote:
>For systems with a TPM2 chip which use ACPI to expose event logs, retrieve the
>crypto-agile event log from the TPM2 ACPI table. The TPM2 table is defined
>in section 7.3 of the TCG ACPI Specification (see link).
>
>The TPM2 table is used by SeaBIOS in place of the TCPA table when the system's
>TPM is version 2.0 to denote (among other metadata) the location of the
>crypto-agile log.
>
>Link: https://trustedcomputinggroup.org/resource/tcg-acpi-specification/
>Signed-off-by: Jordan Hand <jorhand@linux.microsoft.com>
>---
> drivers/char/tpm/eventlog/acpi.c | 60 ++++++++++++++++++++++----------
> 1 file changed, 41 insertions(+), 19 deletions(-)
>
>diff --git a/drivers/char/tpm/eventlog/acpi.c b/drivers/char/tpm/eventlog/acpi.c
>index 63ada5e53f13..38a8bcec1dd5 100644
>--- a/drivers/char/tpm/eventlog/acpi.c
>+++ b/drivers/char/tpm/eventlog/acpi.c
>@@ -41,17 +41,23 @@ struct acpi_tcpa {
> };
> };
>
>+/* If an event log is present, the TPM2 ACPI table will contain the full
>+ * trailer
>+ */
>+
> /* read binary bios log */
> int tpm_read_log_acpi(struct tpm_chip *chip)
> {
>- struct acpi_tcpa *buff;
>+ struct acpi_table_header *buff;
>+ struct acpi_tcpa *tcpa;
>+ struct acpi_tpm2_trailer *tpm2_trailer;
> acpi_status status;
> void __iomem *virt;
> u64 len, start;
>+ int log_type;
> struct tpm_bios_log *log;
>-
>- if (chip->flags & TPM_CHIP_FLAG_TPM2)
>- return -ENODEV;
>+ bool is_tpm2 = chip->flags & TPM_CHIP_FLAG_TPM2;
>+ acpi_string table_sig;
>
> log = &chip->log;
>
>@@ -61,26 +67,42 @@ int tpm_read_log_acpi(struct tpm_chip *chip)
> if (!chip->acpi_dev_handle)
> return -ENODEV;
>
>- /* Find TCPA entry in RSDT (ACPI_LOGICAL_ADDRESSING) */
>- status = acpi_get_table(ACPI_SIG_TCPA, 1,
>- (struct acpi_table_header **)&buff);
>+ /* Find TCPA or TPM2 entry in RSDT (ACPI_LOGICAL_ADDRESSING) */
>+ table_sig = is_tpm2 ? ACPI_SIG_TPM2 : ACPI_SIG_TCPA;
>+ status = acpi_get_table(table_sig, 1, &buff);
>
> if (ACPI_FAILURE(status))
> return -ENODEV;
>
>- switch(buff->platform_class) {
>- case BIOS_SERVER:
>- len = buff->server.log_max_len;
>- start = buff->server.log_start_addr;
>- break;
>- case BIOS_CLIENT:
>- default:
>- len = buff->client.log_max_len;
>- start = buff->client.log_start_addr;
>- break;
>+ if (!is_tpm2) {
>+ tcpa = (struct acpi_tcpa *)buff;
>+ switch (tcpa->platform_class) {
>+ case BIOS_SERVER:
>+ len = tcpa->server.log_max_len;
>+ start = tcpa->server.log_start_addr;
>+ break;
>+ case BIOS_CLIENT:
>+ default:
>+ len = tcpa->client.log_max_len;
>+ start = tcpa->client.log_start_addr;
>+ break;
>+ }
>+ log_type = EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2;
>+ } else if (buff->length ==
>+ sizeof(struct acpi_table_tpm2) +
>+ sizeof(struct acpi_tpm2_trailer)) {
>+ tpm2_trailer = (struct acpi_tpm2_trailer *)buff;
>+
>+ len = tpm2_trailer.minimum_log_length;
>+ start = tpm2_trailer.log_address;
Are your builds not failing here? Both v3 and v4 have this.
>+ log_type = EFI_TCG2_EVENT_LOG_FORMAT_TCG_2;
>+ } else {
>+ return -ENODEV;
> }
>+
> if (!len) {
>- dev_warn(&chip->dev, "%s: TCPA log area empty\n", __func__);
>+ dev_warn(&chip->dev, "%s: %s log area empty\n",
>+ __func__, table_sig);
> return -EIO;
> }
>
>@@ -98,7 +120,7 @@ int tpm_read_log_acpi(struct tpm_chip *chip)
> memcpy_fromio(log->bios_event_log, virt, len);
>
> acpi_os_unmap_iomem(virt, len);
>- return EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2;
>+ return log_type;
>
> err:
> kfree(log->bios_event_log);
>--
>2.20.1
>
next prev parent reply other threads:[~2019-09-03 18:27 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-31 5:10 [PATCH v4] tpm: Parse event log from TPM2 ACPI table Jordan Hand
2019-08-31 17:15 ` kbuild test robot
2019-09-02 13:46 ` Jarkko Sakkinen
2019-09-03 18:27 ` Jerry Snitselaar [this message]
2019-09-03 19:15 ` Jordan Hand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190903182742.rmqthgu6rms3uill@cantor \
--to=jsnitsel@redhat.com \
--cc=allison@lohutok.net \
--cc=arnd@arndb.de \
--cc=gregkh@linuxfoundation.org \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jgg@ziepe.ca \
--cc=jorhand@linux.microsoft.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).