tpmdd-devel Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH v3 0/5] Call GetEventLog before ExitBootServices
@ 2017-09-20  8:13 Thiebaud Weksteen
       [not found] ` <20170920081340.7413-1-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
  2017-09-20  8:13 ` [PATCH v3 5/5] tpm: parse TPM event logs based on EFI table Thiebaud Weksteen
  0 siblings, 2 replies; 31+ messages in thread
From: Thiebaud Weksteen @ 2017-09-20  8:13 UTC (permalink / raw)
  To: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
  Cc: ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A,
	matt-mF/unelCI9GS6iBeEJttW/XRex20P6io,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	mjg59-hpIqsD4AKlfQT0dZR+AlfA, peterhuewe-Mmb7MZpHnFY,
	jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA,
	jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ, Thiebaud Weksteen

With TPM 1.2, the ACPI table ("TCPA") has two fields to recover the Event
Log Area (LAML and LASA). These logs are useful to understand and rebuild
the final values of PCRs.

With TPM 2.0, the ACPI table ("TPM2") does not contain these fields
anymore. The recommended method is now to call the GetEventLog EFI
protocol before ExitBootServices.

Implement this method within the EFI stub and create a copy of the logs
for the TPM device using a Linux-specific EFI configuration table
(LINUX_EFI_TPM_EVENT_LOG). This will create
/sys/kernel/security/tpm0/binary_bios_measurements for TPM 2.0 devices
(similarly to the current behaviour for TPM 1.2 devices).

Two formats for the log entries exist: TPM 1.2 (SHA1) and TPM 2.0 (Crypto
Agile). This patch set only retrieves the first type of logs. The second
type will be implemented in a subsequent patch set.

According to the specifications[1], once GetEventLog has been called,
future events shall be stored in a separate EFI configuration table
(EFI_TCG2_FINAL_EVENTS_TABLE). Events stored in this table are not
processed in this patch set as they are stored in the Crypto Agile format.
These could eventually be merged with the new table for a unified view
of the logs from userspace.

[1] TCG EFI Protocol Specification, Revision 00.13, March 30, 2016
    https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf

-------------------------------------------------------------------------------

Patchset Changelog:

Version 3:
- Move event log providers (acpi and of) to tpm_eventlog_*.c
- Move efi changes from PATCH 3 to PATCH 2
- Change return value of tpm_read_log_acpi and tpm_read_log_of
- Change iounmap to memunmap calls
- Use log_tbl as variable name for consistency
- Fix kbuild failures

Version 2:
- Move tpm_eventlog.h to top include directory, add commit for this.
- Use EFI_LOADER_DATA to store the configuration table
- Whitespace and new lines fixes

Thiebaud Weksteen (5):
  tpm: move tpm_eventlog.h outside of drivers folder
  tpm: rename event log provider files
  tpm: add event log format version
  efi: call get_event_log before ExitBootServices
  tpm: parse TPM event logs based on EFI table

 arch/x86/boot/compressed/eboot.c                   |  1 +
 drivers/char/tpm/Makefile                          |  5 +-
 drivers/char/tpm/tpm-chip.c                        |  3 +-
 drivers/char/tpm/tpm-interface.c                   |  2 +-
 drivers/char/tpm/tpm.h                             | 35 ++++++++--
 drivers/char/tpm/tpm1_eventlog.c                   | 13 +++-
 drivers/char/tpm/tpm2_eventlog.c                   |  2 +-
 .../char/tpm/{tpm_acpi.c => tpm_eventlog_acpi.c}   |  4 +-
 drivers/char/tpm/tpm_eventlog_efi.c                | 66 ++++++++++++++++++
 drivers/char/tpm/{tpm_of.c => tpm_eventlog_of.c}   |  6 +-
 drivers/firmware/efi/Makefile                      |  2 +-
 drivers/firmware/efi/efi.c                         |  4 ++
 drivers/firmware/efi/libstub/Makefile              |  3 +-
 drivers/firmware/efi/libstub/tpm.c                 | 81 ++++++++++++++++++++++
 drivers/firmware/efi/tpm.c                         | 40 +++++++++++
 include/linux/efi.h                                | 46 ++++++++++++
 {drivers/char/tpm => include/linux}/tpm_eventlog.h | 35 +++-------
 17 files changed, 304 insertions(+), 44 deletions(-)
 rename drivers/char/tpm/{tpm_acpi.c => tpm_eventlog_acpi.c} (97%)
 create mode 100644 drivers/char/tpm/tpm_eventlog_efi.c
 rename drivers/char/tpm/{tpm_of.c => tpm_eventlog_of.c} (93%)
 create mode 100644 drivers/firmware/efi/tpm.c
 rename {drivers/char/tpm => include/linux}/tpm_eventlog.h (77%)

-- 
2.14.1.821.g8fa685d3b7-goog

^ permalink raw reply	[flat|nested] 31+ messages in thread

* [PATCH v3 1/5] tpm: move tpm_eventlog.h outside of drivers folder
       [not found] ` <20170920081340.7413-1-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
@ 2017-09-20  8:13   ` Thiebaud Weksteen
  2017-09-20  8:13   ` [PATCH v3 2/5] tpm: rename event log provider files Thiebaud Weksteen via tpmdd-devel
                     ` (4 subsequent siblings)
  5 siblings, 0 replies; 31+ messages in thread
From: Thiebaud Weksteen @ 2017-09-20  8:13 UTC (permalink / raw)
  To: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
  Cc: ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A,
	matt-mF/unelCI9GS6iBeEJttW/XRex20P6io,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	mjg59-hpIqsD4AKlfQT0dZR+AlfA, peterhuewe-Mmb7MZpHnFY,
	jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA,
	jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ, Thiebaud Weksteen

The generic definitions of data structures in tpm_eventlog.h are
required by other part of the kernel (namely, the EFI stub).

Signed-off-by: Thiebaud Weksteen <tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
---
 drivers/char/tpm/tpm-chip.c                        |  3 +-
 drivers/char/tpm/tpm-interface.c                   |  2 +-
 drivers/char/tpm/tpm.h                             | 27 +++++++++++++++---
 drivers/char/tpm/tpm1_eventlog.c                   |  2 +-
 drivers/char/tpm/tpm2_eventlog.c                   |  2 +-
 drivers/char/tpm/tpm_acpi.c                        |  2 +-
 drivers/char/tpm/tpm_of.c                          |  2 +-
 {drivers/char/tpm => include/linux}/tpm_eventlog.h | 32 +++++-----------------
 8 files changed, 37 insertions(+), 35 deletions(-)
 rename {drivers/char/tpm => include/linux}/tpm_eventlog.h (77%)

diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index 67ec9d3d04f5..de2680118181 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip.c
@@ -26,8 +26,9 @@
 #include <linux/spinlock.h>
 #include <linux/freezer.h>
 #include <linux/major.h>
+#include <linux/tpm_eventlog.h>
+
 #include "tpm.h"
-#include "tpm_eventlog.h"
 
 DEFINE_IDR(dev_nums_idr);
 static DEFINE_MUTEX(idr_lock);
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index fe597e6c55c4..bd7091d510bd 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -30,9 +30,9 @@
 #include <linux/spinlock.h>
 #include <linux/freezer.h>
 #include <linux/pm_runtime.h>
+#include <linux/tpm_eventlog.h>
 
 #include "tpm.h"
-#include "tpm_eventlog.h"
 
 #define TPM_MAX_ORDINAL 243
 #define TSC_MAX_ORDINAL 12
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 04fbff2edbf3..46caccf6fd1a 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -34,6 +34,7 @@
 #include <linux/acpi.h>
 #include <linux/cdev.h>
 #include <linux/highmem.h>
+#include <linux/tpm_eventlog.h>
 #include <crypto/hash_info.h>
 
 #ifdef CONFIG_X86
@@ -397,10 +398,6 @@ struct tpm_cmd_t {
 	tpm_cmd_params	params;
 } __packed;
 
-struct tpm2_digest {
-	u16 alg_id;
-	u8 digest[SHA512_DIGEST_SIZE];
-} __packed;
 
 /* A string buffer type for constructing TPM commands. This is based on the
  * ideas of string buffer code in security/keys/trusted.h but is heap based
@@ -581,4 +578,26 @@ int tpm2_prepare_space(struct tpm_chip *chip, struct tpm_space *space, u32 cc,
 		       u8 *cmd);
 int tpm2_commit_space(struct tpm_chip *chip, struct tpm_space *space,
 		      u32 cc, u8 *buf, size_t *bufsiz);
+
+extern const struct seq_operations tpm2_binary_b_measurements_seqops;
+
+#if defined(CONFIG_ACPI)
+int tpm_read_log_acpi(struct tpm_chip *chip);
+#else
+static inline int tpm_read_log_acpi(struct tpm_chip *chip)
+{
+	return -ENODEV;
+}
+#endif
+#if defined(CONFIG_OF)
+int tpm_read_log_of(struct tpm_chip *chip);
+#else
+static inline int tpm_read_log_of(struct tpm_chip *chip)
+{
+	return -ENODEV;
+}
+#endif
+
+int tpm_bios_log_setup(struct tpm_chip *chip);
+void tpm_bios_log_teardown(struct tpm_chip *chip);
 #endif
diff --git a/drivers/char/tpm/tpm1_eventlog.c b/drivers/char/tpm/tpm1_eventlog.c
index 9a8605e500b5..d6f70f365443 100644
--- a/drivers/char/tpm/tpm1_eventlog.c
+++ b/drivers/char/tpm/tpm1_eventlog.c
@@ -25,9 +25,9 @@
 #include <linux/security.h>
 #include <linux/module.h>
 #include <linux/slab.h>
+#include <linux/tpm_eventlog.h>
 
 #include "tpm.h"
-#include "tpm_eventlog.h"
 
 
 static const char* tcpa_event_type_strings[] = {
diff --git a/drivers/char/tpm/tpm2_eventlog.c b/drivers/char/tpm/tpm2_eventlog.c
index 34a8afa69138..1ce4411292ba 100644
--- a/drivers/char/tpm/tpm2_eventlog.c
+++ b/drivers/char/tpm/tpm2_eventlog.c
@@ -21,9 +21,9 @@
 #include <linux/security.h>
 #include <linux/module.h>
 #include <linux/slab.h>
+#include <linux/tpm_eventlog.h>
 
 #include "tpm.h"
-#include "tpm_eventlog.h"
 
 /*
  * calc_tpm2_event_size() - calculate the event size, where event
diff --git a/drivers/char/tpm/tpm_acpi.c b/drivers/char/tpm/tpm_acpi.c
index 169edf3ce86d..acc990ba376a 100644
--- a/drivers/char/tpm/tpm_acpi.c
+++ b/drivers/char/tpm/tpm_acpi.c
@@ -25,9 +25,9 @@
 #include <linux/module.h>
 #include <linux/slab.h>
 #include <linux/acpi.h>
+#include <linux/tpm_eventlog.h>
 
 #include "tpm.h"
-#include "tpm_eventlog.h"
 
 struct acpi_tcpa {
 	struct acpi_table_header hdr;
diff --git a/drivers/char/tpm/tpm_of.c b/drivers/char/tpm/tpm_of.c
index aadb7f464076..4a2f8c79231e 100644
--- a/drivers/char/tpm/tpm_of.c
+++ b/drivers/char/tpm/tpm_of.c
@@ -17,9 +17,9 @@
 
 #include <linux/slab.h>
 #include <linux/of.h>
+#include <linux/tpm_eventlog.h>
 
 #include "tpm.h"
-#include "tpm_eventlog.h"
 
 int tpm_read_log_of(struct tpm_chip *chip)
 {
diff --git a/drivers/char/tpm/tpm_eventlog.h b/include/linux/tpm_eventlog.h
similarity index 77%
rename from drivers/char/tpm/tpm_eventlog.h
rename to include/linux/tpm_eventlog.h
index b4b549559203..446656d1f317 100644
--- a/drivers/char/tpm/tpm_eventlog.h
+++ b/include/linux/tpm_eventlog.h
@@ -1,6 +1,5 @@
-
-#ifndef __TPM_EVENTLOG_H__
-#define __TPM_EVENTLOG_H__
+#ifndef __LINUX_TPM_EVENTLOG_H__
+#define __LINUX_TPM_EVENTLOG_H__
 
 #include <crypto/hash_info.h>
 
@@ -104,6 +103,11 @@ struct tcg_event_field {
 	u8 event[0];
 } __packed;
 
+struct tpm2_digest {
+	u16 alg_id;
+	u8 digest[SHA512_DIGEST_SIZE];
+} __packed;
+
 struct tcg_pcr_event2 {
 	u32 pcr_idx;
 	u32 event_type;
@@ -112,26 +116,4 @@ struct tcg_pcr_event2 {
 	struct tcg_event_field event;
 } __packed;
 
-extern const struct seq_operations tpm2_binary_b_measurements_seqops;
-
-#if defined(CONFIG_ACPI)
-int tpm_read_log_acpi(struct tpm_chip *chip);
-#else
-static inline int tpm_read_log_acpi(struct tpm_chip *chip)
-{
-	return -ENODEV;
-}
-#endif
-#if defined(CONFIG_OF)
-int tpm_read_log_of(struct tpm_chip *chip);
-#else
-static inline int tpm_read_log_of(struct tpm_chip *chip)
-{
-	return -ENODEV;
-}
-#endif
-
-int tpm_bios_log_setup(struct tpm_chip *chip);
-void tpm_bios_log_teardown(struct tpm_chip *chip);
-
 #endif
-- 
2.14.1.821.g8fa685d3b7-goog

^ permalink raw reply	[flat|nested] 31+ messages in thread

* [PATCH v3 2/5] tpm: rename event log provider files
       [not found] ` <20170920081340.7413-1-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
  2017-09-20  8:13   ` [PATCH v3 1/5] tpm: move tpm_eventlog.h outside of drivers folder Thiebaud Weksteen
@ 2017-09-20  8:13   ` Thiebaud Weksteen via tpmdd-devel
  2017-09-26 11:10     ` Jarkko Sakkinen
  2017-09-20  8:13   ` [PATCH v3 3/5] tpm: add event log format version Thiebaud Weksteen via tpmdd-devel
                     ` (3 subsequent siblings)
  5 siblings, 1 reply; 31+ messages in thread
From: Thiebaud Weksteen via tpmdd-devel @ 2017-09-20  8:13 UTC (permalink / raw)
  To: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
  Cc: ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A,
	matt-mF/unelCI9GS6iBeEJttW/XRex20P6io,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA,
	jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/,
	mjg59-hpIqsD4AKlfQT0dZR+AlfA

Rename the current TPM Event Log provider files (ACPI and OF)
for clarity.

Signed-off-by: Thiebaud Weksteen <tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
---
 drivers/char/tpm/Makefile                            | 4 ++--
 drivers/char/tpm/{tpm_acpi.c => tpm_eventlog_acpi.c} | 0
 drivers/char/tpm/{tpm_of.c => tpm_eventlog_of.c}     | 0
 3 files changed, 2 insertions(+), 2 deletions(-)
 rename drivers/char/tpm/{tpm_acpi.c => tpm_eventlog_acpi.c} (100%)
 rename drivers/char/tpm/{tpm_of.c => tpm_eventlog_of.c} (100%)

diff --git a/drivers/char/tpm/Makefile b/drivers/char/tpm/Makefile
index 23681f01f95a..c8509cd723a1 100644
--- a/drivers/char/tpm/Makefile
+++ b/drivers/char/tpm/Makefile
@@ -5,8 +5,8 @@ obj-$(CONFIG_TCG_TPM) += tpm.o
 tpm-y := tpm-interface.o tpm-dev.o tpm-sysfs.o tpm-chip.o tpm2-cmd.o \
 	 tpm-dev-common.o tpmrm-dev.o tpm1_eventlog.o tpm2_eventlog.o \
          tpm2-space.o
-tpm-$(CONFIG_ACPI) += tpm_ppi.o tpm_acpi.o
-tpm-$(CONFIG_OF) += tpm_of.o
+tpm-$(CONFIG_ACPI) += tpm_ppi.o tpm_eventlog_acpi.o
+tpm-$(CONFIG_OF) += tpm_eventlog_of.o
 obj-$(CONFIG_TCG_TIS_CORE) += tpm_tis_core.o
 obj-$(CONFIG_TCG_TIS) += tpm_tis.o
 obj-$(CONFIG_TCG_TIS_SPI) += tpm_tis_spi.o
diff --git a/drivers/char/tpm/tpm_acpi.c b/drivers/char/tpm/tpm_eventlog_acpi.c
similarity index 100%
rename from drivers/char/tpm/tpm_acpi.c
rename to drivers/char/tpm/tpm_eventlog_acpi.c
diff --git a/drivers/char/tpm/tpm_of.c b/drivers/char/tpm/tpm_eventlog_of.c
similarity index 100%
rename from drivers/char/tpm/tpm_of.c
rename to drivers/char/tpm/tpm_eventlog_of.c
-- 
2.14.1.821.g8fa685d3b7-goog


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

^ permalink raw reply	[flat|nested] 31+ messages in thread

* [PATCH v3 3/5] tpm: add event log format version
       [not found] ` <20170920081340.7413-1-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
  2017-09-20  8:13   ` [PATCH v3 1/5] tpm: move tpm_eventlog.h outside of drivers folder Thiebaud Weksteen
  2017-09-20  8:13   ` [PATCH v3 2/5] tpm: rename event log provider files Thiebaud Weksteen via tpmdd-devel
@ 2017-09-20  8:13   ` Thiebaud Weksteen via tpmdd-devel
  2017-09-20  8:13   ` [PATCH v3 4/5] efi: call get_event_log before ExitBootServices Thiebaud Weksteen via tpmdd-devel
                     ` (2 subsequent siblings)
  5 siblings, 0 replies; 31+ messages in thread
From: Thiebaud Weksteen via tpmdd-devel @ 2017-09-20  8:13 UTC (permalink / raw)
  To: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
  Cc: ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A,
	matt-mF/unelCI9GS6iBeEJttW/XRex20P6io,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA,
	jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/,
	mjg59-hpIqsD4AKlfQT0dZR+AlfA

Although defined as part of the TCG EFI specification, we add these
definitions here so that any event log provider may reference them.

Signed-off-by: Thiebaud Weksteen <tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
---
 include/linux/tpm_eventlog.h | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h
index 446656d1f317..6337614b0855 100644
--- a/include/linux/tpm_eventlog.h
+++ b/include/linux/tpm_eventlog.h
@@ -8,6 +8,9 @@
 #define ACPI_TCPA_SIG		"TCPA"	/* 0x41504354 /'TCPA' */
 #define TPM2_ACTIVE_PCR_BANKS	3
 
+#define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x1
+#define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2   0x2
+
 #ifdef CONFIG_PPC64
 #define do_endian_conversion(x) be32_to_cpu(x)
 #else
-- 
2.14.1.821.g8fa685d3b7-goog


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

^ permalink raw reply	[flat|nested] 31+ messages in thread

* [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found] ` <20170920081340.7413-1-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
                     ` (2 preceding siblings ...)
  2017-09-20  8:13   ` [PATCH v3 3/5] tpm: add event log format version Thiebaud Weksteen via tpmdd-devel
@ 2017-09-20  8:13   ` Thiebaud Weksteen via tpmdd-devel
       [not found]     ` <20170920081340.7413-5-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
  2018-03-05 15:40     ` Marc-André Lureau
  2017-09-21 15:13   ` [PATCH v3 0/5] Call GetEventLog " Jarkko Sakkinen
  2017-09-26 11:17   ` [tpmdd-devel] " Javier Martinez Canillas
  5 siblings, 2 replies; 31+ messages in thread
From: Thiebaud Weksteen via tpmdd-devel @ 2017-09-20  8:13 UTC (permalink / raw)
  To: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
  Cc: ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A,
	matt-mF/unelCI9GS6iBeEJttW/XRex20P6io,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA,
	jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/,
	mjg59-hpIqsD4AKlfQT0dZR+AlfA

With TPM 2.0 specification, the event logs may only be accessible by
calling an EFI Boot Service. Modify the EFI stub to copy the log area to
a new Linux-specific EFI configuration table so it remains accessible
once booted.

When calling this service, it is possible to specify the expected format
of the logs: TPM 1.2 (SHA1) or TPM 2.0 ("Crypto Agile"). For now, only the
first format is retrieved.

Signed-off-by: Thiebaud Weksteen <tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
---
 arch/x86/boot/compressed/eboot.c      |  1 +
 drivers/firmware/efi/Makefile         |  2 +-
 drivers/firmware/efi/efi.c            |  4 ++
 drivers/firmware/efi/libstub/Makefile |  3 +-
 drivers/firmware/efi/libstub/tpm.c    | 81 +++++++++++++++++++++++++++++++++++
 drivers/firmware/efi/tpm.c            | 40 +++++++++++++++++
 include/linux/efi.h                   | 46 ++++++++++++++++++++
 7 files changed, 174 insertions(+), 3 deletions(-)
 create mode 100644 drivers/firmware/efi/tpm.c

diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
index a1686f3dc295..ef6abe8b3788 100644
--- a/arch/x86/boot/compressed/eboot.c
+++ b/arch/x86/boot/compressed/eboot.c
@@ -999,6 +999,7 @@ struct boot_params *efi_main(struct efi_config *c,
 
 	/* Ask the firmware to clear memory on unclean shutdown */
 	efi_enable_reset_attack_mitigation(sys_table);
+	efi_retrieve_tpm2_eventlog(sys_table);
 
 	setup_graphics(boot_params);
 
diff --git a/drivers/firmware/efi/Makefile b/drivers/firmware/efi/Makefile
index 0329d319d89a..2f074b5cde87 100644
--- a/drivers/firmware/efi/Makefile
+++ b/drivers/firmware/efi/Makefile
@@ -10,7 +10,7 @@
 KASAN_SANITIZE_runtime-wrappers.o	:= n
 
 obj-$(CONFIG_ACPI_BGRT) 		+= efi-bgrt.o
-obj-$(CONFIG_EFI)			+= efi.o vars.o reboot.o memattr.o
+obj-$(CONFIG_EFI)			+= efi.o vars.o reboot.o memattr.o tpm.o
 obj-$(CONFIG_EFI)			+= capsule.o memmap.o
 obj-$(CONFIG_EFI_VARS)			+= efivars.o
 obj-$(CONFIG_EFI_ESRT)			+= esrt.o
diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
index f97f272e16ee..0308acfaaf76 100644
--- a/drivers/firmware/efi/efi.c
+++ b/drivers/firmware/efi/efi.c
@@ -52,6 +52,7 @@ struct efi __read_mostly efi = {
 	.properties_table	= EFI_INVALID_TABLE_ADDR,
 	.mem_attr_table		= EFI_INVALID_TABLE_ADDR,
 	.rng_seed		= EFI_INVALID_TABLE_ADDR,
+	.tpm_log		= EFI_INVALID_TABLE_ADDR
 };
 EXPORT_SYMBOL(efi);
 
@@ -444,6 +445,7 @@ static __initdata efi_config_table_type_t common_tables[] = {
 	{EFI_PROPERTIES_TABLE_GUID, "PROP", &efi.properties_table},
 	{EFI_MEMORY_ATTRIBUTES_TABLE_GUID, "MEMATTR", &efi.mem_attr_table},
 	{LINUX_EFI_RANDOM_SEED_TABLE_GUID, "RNG", &efi.rng_seed},
+	{LINUX_EFI_TPM_EVENT_LOG_GUID, "TPMEventLog", &efi.tpm_log},
 	{NULL_GUID, NULL, NULL},
 };
 
@@ -532,6 +534,8 @@ int __init efi_config_parse_tables(void *config_tables, int count, int sz,
 	if (efi_enabled(EFI_MEMMAP))
 		efi_memattr_init();
 
+	efi_tpm_eventlog_init();
+
 	/* Parse the EFI Properties table if it exists */
 	if (efi.properties_table != EFI_INVALID_TABLE_ADDR) {
 		efi_properties_table_t *tbl;
diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
index dedf9bde44db..2abe6d22dc5f 100644
--- a/drivers/firmware/efi/libstub/Makefile
+++ b/drivers/firmware/efi/libstub/Makefile
@@ -29,8 +29,7 @@ OBJECT_FILES_NON_STANDARD	:= y
 # Prevents link failures: __sanitizer_cov_trace_pc() is not linked in.
 KCOV_INSTRUMENT			:= n
 
-lib-y				:= efi-stub-helper.o gop.o secureboot.o
-lib-$(CONFIG_RESET_ATTACK_MITIGATION) += tpm.o
+lib-y				:= efi-stub-helper.o gop.o secureboot.o tpm.o
 
 # include the stub's generic dependencies from lib/ when building for ARM/arm64
 arm-deps := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c fdt_sw.c sort.c
diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c
index 6224cdbc9669..da661bf8cb96 100644
--- a/drivers/firmware/efi/libstub/tpm.c
+++ b/drivers/firmware/efi/libstub/tpm.c
@@ -4,15 +4,18 @@
  * Copyright (C) 2016 CoreOS, Inc
  * Copyright (C) 2017 Google, Inc.
  *     Matthew Garrett <mjg59-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
+ *     Thiebaud Weksteen <tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
  *
  * This file is part of the Linux kernel, and is made available under the
  * terms of the GNU General Public License version 2.
  */
 #include <linux/efi.h>
+#include <linux/tpm_eventlog.h>
 #include <asm/efi.h>
 
 #include "efistub.h"
 
+#ifdef CONFIG_RESET_ATTACK_MITIGATION
 static const efi_char16_t efi_MemoryOverWriteRequest_name[] = {
 	'M', 'e', 'm', 'o', 'r', 'y', 'O', 'v', 'e', 'r', 'w', 'r', 'i', 't',
 	'e', 'R', 'e', 'q', 'u', 'e', 's', 't', 'C', 'o', 'n', 't', 'r', 'o',
@@ -56,3 +59,81 @@ void efi_enable_reset_attack_mitigation(efi_system_table_t *sys_table_arg)
 		    EFI_VARIABLE_BOOTSERVICE_ACCESS |
 		    EFI_VARIABLE_RUNTIME_ACCESS, sizeof(val), &val);
 }
+
+#endif
+
+void efi_retrieve_tpm2_eventlog_1_2(efi_system_table_t *sys_table_arg)
+{
+	efi_guid_t tcg2_guid = EFI_TCG2_PROTOCOL_GUID;
+	efi_guid_t linux_eventlog_guid = LINUX_EFI_TPM_EVENT_LOG_GUID;
+	efi_status_t status;
+	efi_physical_addr_t log_location, log_last_entry;
+	struct linux_efi_tpm_eventlog *log_tbl;
+	unsigned long first_entry_addr, last_entry_addr;
+	size_t log_size, last_entry_size;
+	efi_bool_t truncated;
+	void *tcg2_protocol;
+
+	status = efi_call_early(locate_protocol, &tcg2_guid, NULL,
+				&tcg2_protocol);
+	if (status != EFI_SUCCESS)
+		return;
+
+	status = efi_call_proto(efi_tcg2_protocol, get_event_log, tcg2_protocol,
+				EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2,
+				&log_location, &log_last_entry, &truncated);
+	if (status != EFI_SUCCESS)
+		return;
+
+	if (!log_location)
+		return;
+	first_entry_addr = (unsigned long) log_location;
+
+	/*
+	 * We populate the EFI table even if the logs are empty.
+	 */
+	if (!log_last_entry) {
+		log_size = 0;
+	} else {
+		last_entry_addr = (unsigned long) log_last_entry;
+		/*
+		 * get_event_log only returns the address of the last entry.
+		 * We need to calculate its size to deduce the full size of
+		 * the logs.
+		 */
+		last_entry_size = sizeof(struct tcpa_event) +
+			((struct tcpa_event *) last_entry_addr)->event_size;
+		log_size = log_last_entry - log_location + last_entry_size;
+	}
+
+	/* Allocate space for the logs and copy them. */
+	status = efi_call_early(allocate_pool, EFI_LOADER_DATA,
+				sizeof(*log_tbl) + log_size,
+				(void **) &log_tbl);
+
+	if (status != EFI_SUCCESS) {
+		efi_printk(sys_table_arg,
+			   "Unable to allocate memory for event log\n");
+		return;
+	}
+
+	memset(log_tbl, 0, sizeof(*log_tbl) + log_size);
+	log_tbl->size = log_size;
+	log_tbl->version = EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2;
+	memcpy(log_tbl->log, (void *) first_entry_addr, log_size);
+
+	status = efi_call_early(install_configuration_table,
+				&linux_eventlog_guid, log_tbl);
+	if (status != EFI_SUCCESS)
+		goto err_free;
+	return;
+
+err_free:
+	efi_call_early(free_pool, log_tbl);
+}
+
+void efi_retrieve_tpm2_eventlog(efi_system_table_t *sys_table_arg)
+{
+	/* Only try to retrieve the logs in 1.2 format. */
+	efi_retrieve_tpm2_eventlog_1_2(sys_table_arg);
+}
diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c
new file mode 100644
index 000000000000..0cbeb3d46b18
--- /dev/null
+++ b/drivers/firmware/efi/tpm.c
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2017 Google, Inc.
+ *     Thiebaud Weksteen <tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include <linux/efi.h>
+#include <linux/init.h>
+#include <linux/memblock.h>
+
+#include <asm/early_ioremap.h>
+
+/*
+ * Reserve the memory associated with the TPM Event Log configuration table.
+ */
+int __init efi_tpm_eventlog_init(void)
+{
+	struct linux_efi_tpm_eventlog *log_tbl;
+	unsigned int tbl_size;
+
+	if (efi.tpm_log == EFI_INVALID_TABLE_ADDR)
+		return 0;
+
+	log_tbl = early_memremap(efi.tpm_log, sizeof(*log_tbl));
+	if (!log_tbl) {
+		pr_err("Failed to map TPM Event Log table @ 0x%lx\n",
+			efi.tpm_log);
+		efi.tpm_log = EFI_INVALID_TABLE_ADDR;
+		return -ENOMEM;
+	}
+
+	tbl_size = sizeof(*log_tbl) + log_tbl->size;
+	memblock_reserve(efi.tpm_log, tbl_size);
+	early_memunmap(log_tbl, sizeof(*log_tbl));
+	return 0;
+}
+
diff --git a/include/linux/efi.h b/include/linux/efi.h
index 8dc3d94a3e3c..c5805eb601b1 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -472,6 +472,39 @@ typedef struct {
 	u64 get_all;
 } apple_properties_protocol_64_t;
 
+typedef struct {
+	u32 get_capability;
+	u32 get_event_log;
+	u32 hash_log_extend_event;
+	u32 submit_command;
+	u32 get_active_pcr_banks;
+	u32 set_active_pcr_banks;
+	u32 get_result_of_set_active_pcr_banks;
+} efi_tcg2_protocol_32_t;
+
+typedef struct {
+	u64 get_capability;
+	u64 get_event_log;
+	u64 hash_log_extend_event;
+	u64 submit_command;
+	u64 get_active_pcr_banks;
+	u64 set_active_pcr_banks;
+	u64 get_result_of_set_active_pcr_banks;
+} efi_tcg2_protocol_64_t;
+
+typedef u32 efi_tcg2_event_log_format;
+
+typedef struct {
+	void *get_capability;
+	efi_status_t (*get_event_log)(efi_handle_t, efi_tcg2_event_log_format,
+		efi_physical_addr_t *, efi_physical_addr_t *, efi_bool_t *);
+	void *hash_log_extend_event;
+	void *submit_command;
+	void *get_active_pcr_banks;
+	void *set_active_pcr_banks;
+	void *get_result_of_set_active_pcr_banks;
+} efi_tcg2_protocol_t;
+
 /*
  * Types and defines for EFI ResetSystem
  */
@@ -622,6 +655,7 @@ void efi_native_runtime_setup(void);
 #define EFI_MEMORY_ATTRIBUTES_TABLE_GUID	EFI_GUID(0xdcfa911d, 0x26eb, 0x469f,  0xa2, 0x20, 0x38, 0xb7, 0xdc, 0x46, 0x12, 0x20)
 #define EFI_CONSOLE_OUT_DEVICE_GUID		EFI_GUID(0xd3b36f2c, 0xd551, 0x11d4,  0x9a, 0x46, 0x00, 0x90, 0x27, 0x3f, 0xc1, 0x4d)
 #define APPLE_PROPERTIES_PROTOCOL_GUID		EFI_GUID(0x91bd12fe, 0xf6c3, 0x44fb,  0xa5, 0xb7, 0x51, 0x22, 0xab, 0x30, 0x3a, 0xe0)
+#define EFI_TCG2_PROTOCOL_GUID			EFI_GUID(0x607f766c, 0x7455, 0x42be,  0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f)
 
 #define EFI_IMAGE_SECURITY_DATABASE_GUID	EFI_GUID(0xd719b2cb, 0x3d3a, 0x4596,  0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f)
 #define EFI_SHIM_LOCK_GUID			EFI_GUID(0x605dab50, 0xe046, 0x4300,  0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23)
@@ -634,6 +668,7 @@ void efi_native_runtime_setup(void);
 #define LINUX_EFI_ARM_SCREEN_INFO_TABLE_GUID	EFI_GUID(0xe03fc20a, 0x85dc, 0x406e,  0xb9, 0x0e, 0x4a, 0xb5, 0x02, 0x37, 0x1d, 0x95)
 #define LINUX_EFI_LOADER_ENTRY_GUID		EFI_GUID(0x4a67b082, 0x0a4c, 0x41cf,  0xb6, 0xc7, 0x44, 0x0b, 0x29, 0xbb, 0x8c, 0x4f)
 #define LINUX_EFI_RANDOM_SEED_TABLE_GUID	EFI_GUID(0x1ce1e5bc, 0x7ceb, 0x42f2,  0x81, 0xe5, 0x8a, 0xad, 0xf1, 0x80, 0xf5, 0x7b)
+#define LINUX_EFI_TPM_EVENT_LOG_GUID		EFI_GUID(0xb7799cb0, 0xeca2, 0x4943,  0x96, 0x67, 0x1f, 0xae, 0x07, 0xb7, 0x47, 0xfa)
 
 typedef struct {
 	efi_guid_t guid;
@@ -908,6 +943,7 @@ extern struct efi {
 	unsigned long properties_table;	/* properties table */
 	unsigned long mem_attr_table;	/* memory attributes table */
 	unsigned long rng_seed;		/* UEFI firmware random seed */
+	unsigned long tpm_log;		/* TPM2 Event Log table */
 	efi_get_time_t *get_time;
 	efi_set_time_t *set_time;
 	efi_get_wakeup_time_t *get_wakeup_time;
@@ -1504,6 +1540,8 @@ static inline void
 efi_enable_reset_attack_mitigation(efi_system_table_t *sys_table_arg) { }
 #endif
 
+void efi_retrieve_tpm2_eventlog(efi_system_table_t *sys_table);
+
 /*
  * Arch code can implement the following three template macros, avoiding
  * reptition for the void/non-void return cases of {__,}efi_call_virt():
@@ -1571,4 +1609,12 @@ struct linux_efi_random_seed {
 	u8	bits[];
 };
 
+struct linux_efi_tpm_eventlog {
+	u32	size;
+	u8	version;
+	u8	log[];
+};
+
+extern int efi_tpm_eventlog_init(void);
+
 #endif /* _LINUX_EFI_H */
-- 
2.14.1.821.g8fa685d3b7-goog


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

^ permalink raw reply	[flat|nested] 31+ messages in thread

* [PATCH v3 5/5] tpm: parse TPM event logs based on EFI table
  2017-09-20  8:13 [PATCH v3 0/5] Call GetEventLog before ExitBootServices Thiebaud Weksteen
       [not found] ` <20170920081340.7413-1-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
@ 2017-09-20  8:13 ` Thiebaud Weksteen
       [not found]   ` <20170920081340.7413-6-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
  1 sibling, 1 reply; 31+ messages in thread
From: Thiebaud Weksteen @ 2017-09-20  8:13 UTC (permalink / raw)
  To: linux-efi, linux-integrity, tpmdd-devel
  Cc: ard.biesheuvel, matt, linux-kernel, mjg59, peterhuewe,
	jarkko.sakkinen, jgunthorpe, tpmdd, Thiebaud Weksteen

If we are not able to retrieve the TPM event logs from the ACPI table,
check the EFI configuration table (Linux-specific GUID).

The format version of the log is now returned by the provider function.

Signed-off-by: Thiebaud Weksteen <tweek@google.com>
---
 drivers/char/tpm/Makefile            |  1 +
 drivers/char/tpm/tpm.h               |  8 +++++
 drivers/char/tpm/tpm1_eventlog.c     | 11 ++++--
 drivers/char/tpm/tpm_eventlog_acpi.c |  2 +-
 drivers/char/tpm/tpm_eventlog_efi.c  | 66 ++++++++++++++++++++++++++++++++++++
 drivers/char/tpm/tpm_eventlog_of.c   |  4 ++-
 6 files changed, 88 insertions(+), 4 deletions(-)
 create mode 100644 drivers/char/tpm/tpm_eventlog_efi.c

diff --git a/drivers/char/tpm/Makefile b/drivers/char/tpm/Makefile
index c8509cd723a1..e94ccecff4a5 100644
--- a/drivers/char/tpm/Makefile
+++ b/drivers/char/tpm/Makefile
@@ -6,6 +6,7 @@ tpm-y := tpm-interface.o tpm-dev.o tpm-sysfs.o tpm-chip.o tpm2-cmd.o \
 	 tpm-dev-common.o tpmrm-dev.o tpm1_eventlog.o tpm2_eventlog.o \
          tpm2-space.o
 tpm-$(CONFIG_ACPI) += tpm_ppi.o tpm_eventlog_acpi.o
+tpm-$(CONFIG_EFI) += tpm_eventlog_efi.o
 tpm-$(CONFIG_OF) += tpm_eventlog_of.o
 obj-$(CONFIG_TCG_TIS_CORE) += tpm_tis_core.o
 obj-$(CONFIG_TCG_TIS) += tpm_tis.o
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 46caccf6fd1a..1bd97e01df50 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -597,6 +597,14 @@ static inline int tpm_read_log_of(struct tpm_chip *chip)
 	return -ENODEV;
 }
 #endif
+#if defined(CONFIG_EFI)
+int tpm_read_log_efi(struct tpm_chip *chip);
+#else
+static inline int tpm_read_log_efi(struct tpm_chip *chip)
+{
+	return -ENODEV;
+}
+#endif
 
 int tpm_bios_log_setup(struct tpm_chip *chip);
 void tpm_bios_log_teardown(struct tpm_chip *chip);
diff --git a/drivers/char/tpm/tpm1_eventlog.c b/drivers/char/tpm/tpm1_eventlog.c
index d6f70f365443..add798bd69d0 100644
--- a/drivers/char/tpm/tpm1_eventlog.c
+++ b/drivers/char/tpm/tpm1_eventlog.c
@@ -21,6 +21,7 @@
  */
 
 #include <linux/seq_file.h>
+#include <linux/efi.h>
 #include <linux/fs.h>
 #include <linux/security.h>
 #include <linux/module.h>
@@ -371,6 +372,10 @@ static int tpm_read_log(struct tpm_chip *chip)
 	if (rc != -ENODEV)
 		return rc;
 
+	rc = tpm_read_log_efi(chip);
+	if (rc != -ENODEV)
+		return rc;
+
 	return tpm_read_log_of(chip);
 }
 
@@ -388,11 +393,13 @@ int tpm_bios_log_setup(struct tpm_chip *chip)
 {
 	const char *name = dev_name(&chip->dev);
 	unsigned int cnt;
+	int log_version;
 	int rc = 0;
 
 	rc = tpm_read_log(chip);
-	if (rc)
+	if (rc < 0)
 		return rc;
+	log_version = rc;
 
 	cnt = 0;
 	chip->bios_dir[cnt] = securityfs_create_dir(name, NULL);
@@ -404,7 +411,7 @@ int tpm_bios_log_setup(struct tpm_chip *chip)
 	cnt++;
 
 	chip->bin_log_seqops.chip = chip;
-	if (chip->flags & TPM_CHIP_FLAG_TPM2)
+	if (log_version == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2)
 		chip->bin_log_seqops.seqops =
 			&tpm2_binary_b_measurements_seqops;
 	else
diff --git a/drivers/char/tpm/tpm_eventlog_acpi.c b/drivers/char/tpm/tpm_eventlog_acpi.c
index acc990ba376a..66f19e93c216 100644
--- a/drivers/char/tpm/tpm_eventlog_acpi.c
+++ b/drivers/char/tpm/tpm_eventlog_acpi.c
@@ -102,7 +102,7 @@ int tpm_read_log_acpi(struct tpm_chip *chip)
 	memcpy_fromio(log->bios_event_log, virt, len);
 
 	acpi_os_unmap_iomem(virt, len);
-	return 0;
+	return EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2;
 
 err:
 	kfree(log->bios_event_log);
diff --git a/drivers/char/tpm/tpm_eventlog_efi.c b/drivers/char/tpm/tpm_eventlog_efi.c
new file mode 100644
index 000000000000..e3f9ffd341d2
--- /dev/null
+++ b/drivers/char/tpm/tpm_eventlog_efi.c
@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) 2017 Google
+ *
+ * Authors:
+ *      Thiebaud Weksteen <tweek@google.com>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version
+ * 2 of the License, or (at your option) any later version.
+ *
+ */
+
+#include <linux/efi.h>
+#include <linux/tpm_eventlog.h>
+
+#include "tpm.h"
+
+/* read binary bios log from EFI configuration table */
+int tpm_read_log_efi(struct tpm_chip *chip)
+{
+
+	struct linux_efi_tpm_eventlog *log_tbl;
+	struct tpm_bios_log *log;
+	u32 log_size;
+	u8 tpm_log_version;
+
+	if (!(chip->flags & TPM_CHIP_FLAG_TPM2))
+		return -ENODEV;
+
+	if (efi.tpm_log == EFI_INVALID_TABLE_ADDR)
+		return -ENODEV;
+
+	log = &chip->log;
+
+	log_tbl = memremap(efi.tpm_log, sizeof(*log_tbl), MEMREMAP_WB);
+	if (!log_tbl) {
+		pr_err("Could not map UEFI TPM log table !\n");
+		return -ENOMEM;
+	}
+
+	log_size = log_tbl->size;
+	memunmap(log_tbl);
+
+	log_tbl = memremap(efi.tpm_log, sizeof(*log_tbl) + log_size,
+			   MEMREMAP_WB);
+	if (!log_tbl) {
+		pr_err("Could not map UEFI TPM log table payload!\n");
+		return -ENOMEM;
+	}
+
+	/* malloc EventLog space */
+	log->bios_event_log = kmalloc(log_size, GFP_KERNEL);
+	if (!log->bios_event_log)
+		goto err_memunmap;
+	memcpy(log->bios_event_log, log_tbl->log, log_size);
+	log->bios_event_log_end = log->bios_event_log + log_size;
+
+	tpm_log_version = log_tbl->version;
+	memunmap(log_tbl);
+	return tpm_log_version;
+
+err_memunmap:
+	memunmap(log_tbl);
+	return -ENOMEM;
+}
diff --git a/drivers/char/tpm/tpm_eventlog_of.c b/drivers/char/tpm/tpm_eventlog_of.c
index 4a2f8c79231e..96fd5646f866 100644
--- a/drivers/char/tpm/tpm_eventlog_of.c
+++ b/drivers/char/tpm/tpm_eventlog_of.c
@@ -76,5 +76,7 @@ int tpm_read_log_of(struct tpm_chip *chip)
 
 	memcpy(log->bios_event_log, __va(base), size);
 
-	return 0;
+	if (chip->flags & TPM_CHIP_FLAG_TPM2)
+		return EFI_TCG2_EVENT_LOG_FORMAT_TCG_2;
+	return EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2;
 }
-- 
2.14.1.821.g8fa685d3b7-goog

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 5/5] tpm: parse TPM event logs based on EFI table
       [not found]   ` <20170920081340.7413-6-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
@ 2017-09-20 16:40     ` Jason Gunthorpe
  0 siblings, 0 replies; 31+ messages in thread
From: Jason Gunthorpe @ 2017-09-20 16:40 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f,
	ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A,
	matt-mF/unelCI9GS6iBeEJttW/XRex20P6io,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	mjg59-hpIqsD4AKlfQT0dZR+AlfA, peterhuewe-Mmb7MZpHnFY,
	jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Wed, Sep 20, 2017 at 10:13:40AM +0200, Thiebaud Weksteen wrote:
> If we are not able to retrieve the TPM event logs from the ACPI table,
> check the EFI configuration table (Linux-specific GUID).
> 
> The format version of the log is now returned by the provider function.
> 
> Signed-off-by: Thiebaud Weksteen <tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>

Thanks, looks good to me.

Reviewed-by: Jason Gunthorpe <jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>

Jason

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 0/5] Call GetEventLog before ExitBootServices
       [not found] ` <20170920081340.7413-1-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
                     ` (3 preceding siblings ...)
  2017-09-20  8:13   ` [PATCH v3 4/5] efi: call get_event_log before ExitBootServices Thiebaud Weksteen via tpmdd-devel
@ 2017-09-21 15:13   ` " Jarkko Sakkinen
  2017-09-26 11:17   ` [tpmdd-devel] " Javier Martinez Canillas
  5 siblings, 0 replies; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-09-21 15:13 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f,
	ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A,
	matt-mF/unelCI9GS6iBeEJttW/XRex20P6io,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	mjg59-hpIqsD4AKlfQT0dZR+AlfA, peterhuewe-Mmb7MZpHnFY,
	jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Wed, Sep 20, 2017 at 10:13:35AM +0200, Thiebaud Weksteen wrote:
> With TPM 1.2, the ACPI table ("TCPA") has two fields to recover the Event
> Log Area (LAML and LASA). These logs are useful to understand and rebuild
> the final values of PCRs.
> 
> With TPM 2.0, the ACPI table ("TPM2") does not contain these fields
> anymore. The recommended method is now to call the GetEventLog EFI
> protocol before ExitBootServices.
> 
> Implement this method within the EFI stub and create a copy of the logs
> for the TPM device using a Linux-specific EFI configuration table
> (LINUX_EFI_TPM_EVENT_LOG). This will create
> /sys/kernel/security/tpm0/binary_bios_measurements for TPM 2.0 devices
> (similarly to the current behaviour for TPM 1.2 devices).
> 
> Two formats for the log entries exist: TPM 1.2 (SHA1) and TPM 2.0 (Crypto
> Agile). This patch set only retrieves the first type of logs. The second
> type will be implemented in a subsequent patch set.
> 
> According to the specifications[1], once GetEventLog has been called,
> future events shall be stored in a separate EFI configuration table
> (EFI_TCG2_FINAL_EVENTS_TABLE). Events stored in this table are not
> processed in this patch set as they are stored in the Crypto Agile format.
> These could eventually be merged with the new table for a unified view
> of the logs from userspace.
> 
> [1] TCG EFI Protocol Specification, Revision 00.13, March 30, 2016
>     https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf
> 
> -------------------------------------------------------------------------------
> 
> Patchset Changelog:
> 
> Version 3:
> - Move event log providers (acpi and of) to tpm_eventlog_*.c
> - Move efi changes from PATCH 3 to PATCH 2
> - Change return value of tpm_read_log_acpi and tpm_read_log_of
> - Change iounmap to memunmap calls
> - Use log_tbl as variable name for consistency
> - Fix kbuild failures
> 
> Version 2:
> - Move tpm_eventlog.h to top include directory, add commit for this.
> - Use EFI_LOADER_DATA to store the configuration table
> - Whitespace and new lines fixes
> 
> Thiebaud Weksteen (5):
>   tpm: move tpm_eventlog.h outside of drivers folder
>   tpm: rename event log provider files
>   tpm: add event log format version
>   efi: call get_event_log before ExitBootServices
>   tpm: parse TPM event logs based on EFI table
> 
>  arch/x86/boot/compressed/eboot.c                   |  1 +
>  drivers/char/tpm/Makefile                          |  5 +-
>  drivers/char/tpm/tpm-chip.c                        |  3 +-
>  drivers/char/tpm/tpm-interface.c                   |  2 +-
>  drivers/char/tpm/tpm.h                             | 35 ++++++++--
>  drivers/char/tpm/tpm1_eventlog.c                   | 13 +++-
>  drivers/char/tpm/tpm2_eventlog.c                   |  2 +-
>  .../char/tpm/{tpm_acpi.c => tpm_eventlog_acpi.c}   |  4 +-
>  drivers/char/tpm/tpm_eventlog_efi.c                | 66 ++++++++++++++++++
>  drivers/char/tpm/{tpm_of.c => tpm_eventlog_of.c}   |  6 +-
>  drivers/firmware/efi/Makefile                      |  2 +-
>  drivers/firmware/efi/efi.c                         |  4 ++
>  drivers/firmware/efi/libstub/Makefile              |  3 +-
>  drivers/firmware/efi/libstub/tpm.c                 | 81 ++++++++++++++++++++++
>  drivers/firmware/efi/tpm.c                         | 40 +++++++++++
>  include/linux/efi.h                                | 46 ++++++++++++
>  {drivers/char/tpm => include/linux}/tpm_eventlog.h | 35 +++-------
>  17 files changed, 304 insertions(+), 44 deletions(-)
>  rename drivers/char/tpm/{tpm_acpi.c => tpm_eventlog_acpi.c} (97%)
>  create mode 100644 drivers/char/tpm/tpm_eventlog_efi.c
>  rename drivers/char/tpm/{tpm_of.c => tpm_eventlog_of.c} (93%)
>  create mode 100644 drivers/firmware/efi/tpm.c
>  rename {drivers/char/tpm => include/linux}/tpm_eventlog.h (77%)
> 
> -- 
> 2.14.1.821.g8fa685d3b7-goog
> 

Thank you. I'll have to postpone testing this at some point next week.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 2/5] tpm: rename event log provider files
  2017-09-20  8:13   ` [PATCH v3 2/5] tpm: rename event log provider files Thiebaud Weksteen via tpmdd-devel
@ 2017-09-26 11:10     ` Jarkko Sakkinen
  0 siblings, 0 replies; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-09-26 11:10 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi, linux-integrity, tpmdd-devel, ard.biesheuvel, matt,
	linux-kernel, mjg59, peterhuewe, jgunthorpe, tpmdd

On Wed, Sep 20, 2017 at 10:13:37AM +0200, Thiebaud Weksteen wrote:
> Rename the current TPM Event Log provider files (ACPI and OF)
> for clarity.
> 
> Signed-off-by: Thiebaud Weksteen <tweek@google.com>
> ---
>  drivers/char/tpm/Makefile                            | 4 ++--
>  drivers/char/tpm/{tpm_acpi.c => tpm_eventlog_acpi.c} | 0
>  drivers/char/tpm/{tpm_of.c => tpm_eventlog_of.c}     | 0
>  3 files changed, 2 insertions(+), 2 deletions(-)
>  rename drivers/char/tpm/{tpm_acpi.c => tpm_eventlog_acpi.c} (100%)
>  rename drivers/char/tpm/{tpm_of.c => tpm_eventlog_of.c} (100%)

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [tpmdd-devel] [PATCH v3 0/5] Call GetEventLog before ExitBootServices
       [not found] ` <20170920081340.7413-1-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
                     ` (4 preceding siblings ...)
  2017-09-21 15:13   ` [PATCH v3 0/5] Call GetEventLog " Jarkko Sakkinen
@ 2017-09-26 11:17   ` " Javier Martinez Canillas
  5 siblings, 0 replies; 31+ messages in thread
From: Javier Martinez Canillas @ 2017-09-26 11:17 UTC (permalink / raw)
  To: Thiebaud Weksteen, linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
  Cc: ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A,
	matt-mF/unelCI9GS6iBeEJttW/XRex20P6io,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA,
	jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/,
	mjg59-hpIqsD4AKlfQT0dZR+AlfA

On 09/20/2017 10:13 AM, Thiebaud Weksteen via tpmdd-devel wrote:
> With TPM 1.2, the ACPI table ("TCPA") has two fields to recover the Event
> Log Area (LAML and LASA). These logs are useful to understand and rebuild
> the final values of PCRs.
> 
> With TPM 2.0, the ACPI table ("TPM2") does not contain these fields
> anymore. The recommended method is now to call the GetEventLog EFI
> protocol before ExitBootServices.
> 
> Implement this method within the EFI stub and create a copy of the logs
> for the TPM device using a Linux-specific EFI configuration table
> (LINUX_EFI_TPM_EVENT_LOG). This will create
> /sys/kernel/security/tpm0/binary_bios_measurements for TPM 2.0 devices
> (similarly to the current behaviour for TPM 1.2 devices).
> 
> Two formats for the log entries exist: TPM 1.2 (SHA1) and TPM 2.0 (Crypto
> Agile). This patch set only retrieves the first type of logs. The second
> type will be implemented in a subsequent patch set.
> 
> According to the specifications[1], once GetEventLog has been called,
> future events shall be stored in a separate EFI configuration table
> (EFI_TCG2_FINAL_EVENTS_TABLE). Events stored in this table are not
> processed in this patch set as they are stored in the Crypto Agile format.
> These could eventually be merged with the new table for a unified view
> of the logs from userspace.
> 
> [1] TCG EFI Protocol Specification, Revision 00.13, March 30, 2016
>     https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf
> 
> -------------------------------------------------------------------------------
> 
> Patchset Changelog:
> 
> Version 3:
> - Move event log providers (acpi and of) to tpm_eventlog_*.c
> - Move efi changes from PATCH 3 to PATCH 2
> - Change return value of tpm_read_log_acpi and tpm_read_log_of
> - Change iounmap to memunmap calls
> - Use log_tbl as variable name for consistency
> - Fix kbuild failures
> 

Thanks for addressing the things I pointed out. For the whole patch-set:

Reviewed-by: Javier Martinez Canillas <javierm-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Tested-by: Javier Martinez Canillas <javierm-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>

Best regards,
-- 
Javier Martinez Canillas
Software Engineer - Desktop Hardware Enablement
Red Hat

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]     ` <20170920081340.7413-5-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
@ 2017-09-26 11:45       ` Jarkko Sakkinen
  2017-09-26 12:49         ` Thiebaud Weksteen
  0 siblings, 1 reply; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-09-26 11:45 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f,
	ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A,
	matt-mF/unelCI9GS6iBeEJttW/XRex20P6io,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	mjg59-hpIqsD4AKlfQT0dZR+AlfA, peterhuewe-Mmb7MZpHnFY,
	jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Wed, Sep 20, 2017 at 10:13:39AM +0200, Thiebaud Weksteen wrote:
> With TPM 2.0 specification, the event logs may only be accessible by
> calling an EFI Boot Service. Modify the EFI stub to copy the log area to
> a new Linux-specific EFI configuration table so it remains accessible
> once booted.
> 
> When calling this service, it is possible to specify the expected format
> of the logs: TPM 1.2 (SHA1) or TPM 2.0 ("Crypto Agile"). For now, only the
> first format is retrieved.
> 
> Signed-off-by: Thiebaud Weksteen <tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>

Does not apply:

Applying: tpm: move tpm_eventlog.h outside of drivers folder
Applying: tpm: rename event log provider files
Applying: tpm: add event log format version
Applying: efi: call get_event_log before ExitBootServices
error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
error: could not build fake ancestor
Patch failed at 0004 efi: call get_event_log before ExitBootServices
The copy of the patch that failed is found in: .git/rebase-apply/patch
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

Just rebased my tree to the latest security-next.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
  2017-09-26 11:45       ` Jarkko Sakkinen
@ 2017-09-26 12:49         ` Thiebaud Weksteen
  2017-09-29 17:16           ` Jarkko Sakkinen
  0 siblings, 1 reply; 31+ messages in thread
From: Thiebaud Weksteen @ 2017-09-26 12:49 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: linux-efi, linux-integrity, tpmdd-devel, Ard Biesheuvel,
	Matt Fleming, linux-kernel, Matthew Garrett, peterhuewe,
	Jason Gunthorpe, tpmdd

On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen
<jarkko.sakkinen@linux.intel.com> wrote:
> On Wed, Sep 20, 2017 at 10:13:39AM +0200, Thiebaud Weksteen wrote:
>> With TPM 2.0 specification, the event logs may only be accessible by
>> calling an EFI Boot Service. Modify the EFI stub to copy the log area to
>> a new Linux-specific EFI configuration table so it remains accessible
>> once booted.
>>
>> When calling this service, it is possible to specify the expected format
>> of the logs: TPM 1.2 (SHA1) or TPM 2.0 ("Crypto Agile"). For now, only the
>> first format is retrieved.
>>
>> Signed-off-by: Thiebaud Weksteen <tweek@google.com>
>
> Does not apply:
>
> Applying: tpm: move tpm_eventlog.h outside of drivers folder
> Applying: tpm: rename event log provider files
> Applying: tpm: add event log format version
> Applying: efi: call get_event_log before ExitBootServices
> error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
> error: could not build fake ancestor
> Patch failed at 0004 efi: call get_event_log before ExitBootServices
> The copy of the patch that failed is found in: .git/rebase-apply/patch
> When you have resolved this problem, run "git am --continue".
> If you prefer to skip this patch, run "git am --skip" instead.
> To restore the original branch and stop patching, run "git am --abort".
>
> Just rebased my tree to the latest security-next.

It applies fine on security/next-general which is more up-to-date.
(security/next does not include
ccc829ba3624beb9a703fc995d016b836d9eead8 on which this patch set is
based)

>
> /Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
  2017-09-26 12:49         ` Thiebaud Weksteen
@ 2017-09-29 17:16           ` Jarkko Sakkinen
       [not found]             ` <20170929171617.yq4dvn66czvnebns-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
  0 siblings, 1 reply; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-09-29 17:16 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi, linux-integrity, tpmdd-devel, Ard Biesheuvel,
	Matt Fleming, linux-kernel, Matthew Garrett, peterhuewe,
	Jason Gunthorpe, tpmdd

On Tue, Sep 26, 2017 at 02:49:31PM +0200, Thiebaud Weksteen wrote:
> On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen
> <jarkko.sakkinen@linux.intel.com> wrote:
> > On Wed, Sep 20, 2017 at 10:13:39AM +0200, Thiebaud Weksteen wrote:
> >> With TPM 2.0 specification, the event logs may only be accessible by
> >> calling an EFI Boot Service. Modify the EFI stub to copy the log area to
> >> a new Linux-specific EFI configuration table so it remains accessible
> >> once booted.
> >>
> >> When calling this service, it is possible to specify the expected format
> >> of the logs: TPM 1.2 (SHA1) or TPM 2.0 ("Crypto Agile"). For now, only the
> >> first format is retrieved.
> >>
> >> Signed-off-by: Thiebaud Weksteen <tweek@google.com>
> >
> > Does not apply:
> >
> > Applying: tpm: move tpm_eventlog.h outside of drivers folder
> > Applying: tpm: rename event log provider files
> > Applying: tpm: add event log format version
> > Applying: efi: call get_event_log before ExitBootServices
> > error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
> > error: could not build fake ancestor
> > Patch failed at 0004 efi: call get_event_log before ExitBootServices
> > The copy of the patch that failed is found in: .git/rebase-apply/patch
> > When you have resolved this problem, run "git am --continue".
> > If you prefer to skip this patch, run "git am --skip" instead.
> > To restore the original branch and stop patching, run "git am --abort".
> >
> > Just rebased my tree to the latest security-next.
> 
> It applies fine on security/next-general which is more up-to-date.
> (security/next does not include
> ccc829ba3624beb9a703fc995d016b836d9eead8 on which this patch set is
> based)

Thanks, my bad, I though that I had it updated.

I'll update my tree and retry.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]             ` <20170929171617.yq4dvn66czvnebns-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
@ 2017-10-04 10:51               ` Jarkko Sakkinen
  2017-10-04 11:12                 ` Thiebaud Weksteen
       [not found]                 ` <20171004105113.mcho3rlytaxfruyf-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
  0 siblings, 2 replies; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-04 10:51 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f, Ard Biesheuvel,
	Matt Fleming, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Matthew Garrett, peterhuewe-Mmb7MZpHnFY, Jason Gunthorpe,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Fri, Sep 29, 2017 at 08:16:17PM +0300, Jarkko Sakkinen wrote:
> On Tue, Sep 26, 2017 at 02:49:31PM +0200, Thiebaud Weksteen wrote:
> > On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen
> > <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> wrote:
> > > On Wed, Sep 20, 2017 at 10:13:39AM +0200, Thiebaud Weksteen wrote:
> > >> With TPM 2.0 specification, the event logs may only be accessible by
> > >> calling an EFI Boot Service. Modify the EFI stub to copy the log area to
> > >> a new Linux-specific EFI configuration table so it remains accessible
> > >> once booted.
> > >>
> > >> When calling this service, it is possible to specify the expected format
> > >> of the logs: TPM 1.2 (SHA1) or TPM 2.0 ("Crypto Agile"). For now, only the
> > >> first format is retrieved.
> > >>
> > >> Signed-off-by: Thiebaud Weksteen <tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
> > >
> > > Does not apply:
> > >
> > > Applying: tpm: move tpm_eventlog.h outside of drivers folder
> > > Applying: tpm: rename event log provider files
> > > Applying: tpm: add event log format version
> > > Applying: efi: call get_event_log before ExitBootServices
> > > error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
> > > error: could not build fake ancestor
> > > Patch failed at 0004 efi: call get_event_log before ExitBootServices
> > > The copy of the patch that failed is found in: .git/rebase-apply/patch
> > > When you have resolved this problem, run "git am --continue".
> > > If you prefer to skip this patch, run "git am --skip" instead.
> > > To restore the original branch and stop patching, run "git am --abort".
> > >
> > > Just rebased my tree to the latest security-next.
> > 
> > It applies fine on security/next-general which is more up-to-date.
> > (security/next does not include
> > ccc829ba3624beb9a703fc995d016b836d9eead8 on which this patch set is
> > based)
> 
> Thanks, my bad, I though that I had it updated.
> 
> I'll update my tree and retry.
> 
> /Jarkko

My master is up to date with security/next.

Still get the same result:

$ git am -3 ~/Downloads/v3-4-5-efi-call-get_event_log-before-ExitBootServices.patch
Applying: efi: call get_event_log before ExitBootServices
error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
error: could not build fake ancestor
Patch failed at 0001 efi: call get_event_log before ExitBootServices
The copy of the patch that failed is found in: .git/rebase-apply/patch
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

Maybe you have some other trees fetched in your local GIT so that it
finds the ancestors? Anyway, cannot test this at this point.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
  2017-10-04 10:51               ` Jarkko Sakkinen
@ 2017-10-04 11:12                 ` Thiebaud Weksteen
  2017-10-10 14:14                   ` Jarkko Sakkinen
       [not found]                 ` <20171004105113.mcho3rlytaxfruyf-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
  1 sibling, 1 reply; 31+ messages in thread
From: Thiebaud Weksteen @ 2017-10-04 11:12 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: linux-efi, linux-integrity, tpmdd-devel, Ard Biesheuvel,
	Matt Fleming, linux-kernel, Matthew Garrett, peterhuewe,
	Jason Gunthorpe, tpmdd

On Wed, Oct 4, 2017 at 12:51 PM, Jarkko Sakkinen
<jarkko.sakkinen@linux.intel.com> wrote:
> On Fri, Sep 29, 2017 at 08:16:17PM +0300, Jarkko Sakkinen wrote:
>> On Tue, Sep 26, 2017 at 02:49:31PM +0200, Thiebaud Weksteen wrote:
>> > On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen
>> > <jarkko.sakkinen@linux.intel.com> wrote:
>> > > On Wed, Sep 20, 2017 at 10:13:39AM +0200, Thiebaud Weksteen wrote:
>> > >> With TPM 2.0 specification, the event logs may only be accessible by
>> > >> calling an EFI Boot Service. Modify the EFI stub to copy the log area to
>> > >> a new Linux-specific EFI configuration table so it remains accessible
>> > >> once booted.
>> > >>
>> > >> When calling this service, it is possible to specify the expected format
>> > >> of the logs: TPM 1.2 (SHA1) or TPM 2.0 ("Crypto Agile"). For now, only the
>> > >> first format is retrieved.
>> > >>
>> > >> Signed-off-by: Thiebaud Weksteen <tweek@google.com>
>> > >
>> > > Does not apply:
>> > >
>> > > Applying: tpm: move tpm_eventlog.h outside of drivers folder
>> > > Applying: tpm: rename event log provider files
>> > > Applying: tpm: add event log format version
>> > > Applying: efi: call get_event_log before ExitBootServices
>> > > error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
>> > > error: could not build fake ancestor
>> > > Patch failed at 0004 efi: call get_event_log before ExitBootServices
>> > > The copy of the patch that failed is found in: .git/rebase-apply/patch
>> > > When you have resolved this problem, run "git am --continue".
>> > > If you prefer to skip this patch, run "git am --skip" instead.
>> > > To restore the original branch and stop patching, run "git am --abort".
>> > >
>> > > Just rebased my tree to the latest security-next.
>> >
>> > It applies fine on security/next-general which is more up-to-date.
>> > (security/next does not include
>> > ccc829ba3624beb9a703fc995d016b836d9eead8 on which this patch set is
>> > based)
>>
>> Thanks, my bad, I though that I had it updated.
>>
>> I'll update my tree and retry.
>>
>> /Jarkko
>
> My master is up to date with security/next.
>
> Still get the same result:
>
> $ git am -3 ~/Downloads/v3-4-5-efi-call-get_event_log-before-ExitBootServices.patch
> Applying: efi: call get_event_log before ExitBootServices
> error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
> error: could not build fake ancestor
> Patch failed at 0001 efi: call get_event_log before ExitBootServices
> The copy of the patch that failed is found in: .git/rebase-apply/patch
> When you have resolved this problem, run "git am --continue".
> If you prefer to skip this patch, run "git am --skip" instead.
> To restore the original branch and stop patching, run "git am --abort".
>
> Maybe you have some other trees fetched in your local GIT so that it
> finds the ancestors? Anyway, cannot test this at this point.
>
> /Jarkko

The security/next branch still does not contain the commit I mentioned
(ccc829ba3624beb9a703fc995d016b836d9eead8), which is already part of
torvalds/master now.

 $ git branch -a --contains ccc829ba3624beb9a703fc995d016b836d9eead8
  efi_tpm2_eventlog
  master
  remotes/linux-next/akpm
  remotes/linux-next/akpm-base
  remotes/linux-next/master
  remotes/linux-next/stable
  remotes/security/fixes-v4.14-rc3
  remotes/security/fixes-v4.14-rc4
  remotes/security/next-general
  remotes/security/next-testing
  remotes/torvalds/master

Is there any reason why you are trying to merge on that specific
branch and not next-general or next-testing? Would you know the
purpose of all these next-* branches?

Thanks,
Thiebaud

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]                 ` <20171004105113.mcho3rlytaxfruyf-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
@ 2017-10-04 11:20                   ` Jarkko Sakkinen
  0 siblings, 0 replies; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-04 11:20 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f, Ard Biesheuvel,
	Matt Fleming, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Matthew Garrett, peterhuewe-Mmb7MZpHnFY, Jason Gunthorpe,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Wed, Oct 04, 2017 at 01:51:13PM +0300, Jarkko Sakkinen wrote:
> On Fri, Sep 29, 2017 at 08:16:17PM +0300, Jarkko Sakkinen wrote:
> > On Tue, Sep 26, 2017 at 02:49:31PM +0200, Thiebaud Weksteen wrote:
> > > On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen
> > > <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> wrote:
> > > > On Wed, Sep 20, 2017 at 10:13:39AM +0200, Thiebaud Weksteen wrote:
> > > >> With TPM 2.0 specification, the event logs may only be accessible by
> > > >> calling an EFI Boot Service. Modify the EFI stub to copy the log area to
> > > >> a new Linux-specific EFI configuration table so it remains accessible
> > > >> once booted.
> > > >>
> > > >> When calling this service, it is possible to specify the expected format
> > > >> of the logs: TPM 1.2 (SHA1) or TPM 2.0 ("Crypto Agile"). For now, only the
> > > >> first format is retrieved.
> > > >>
> > > >> Signed-off-by: Thiebaud Weksteen <tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
> > > >
> > > > Does not apply:
> > > >
> > > > Applying: tpm: move tpm_eventlog.h outside of drivers folder
> > > > Applying: tpm: rename event log provider files
> > > > Applying: tpm: add event log format version
> > > > Applying: efi: call get_event_log before ExitBootServices
> > > > error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
> > > > error: could not build fake ancestor
> > > > Patch failed at 0004 efi: call get_event_log before ExitBootServices
> > > > The copy of the patch that failed is found in: .git/rebase-apply/patch
> > > > When you have resolved this problem, run "git am --continue".
> > > > If you prefer to skip this patch, run "git am --skip" instead.
> > > > To restore the original branch and stop patching, run "git am --abort".
> > > >
> > > > Just rebased my tree to the latest security-next.
> > > 
> > > It applies fine on security/next-general which is more up-to-date.
> > > (security/next does not include
> > > ccc829ba3624beb9a703fc995d016b836d9eead8 on which this patch set is
> > > based)
> > 
> > Thanks, my bad, I though that I had it updated.
> > 
> > I'll update my tree and retry.
> > 
> > /Jarkko
> 
> My master is up to date with security/next.
> 
> Still get the same result:
> 
> $ git am -3 ~/Downloads/v3-4-5-efi-call-get_event_log-before-ExitBootServices.patch
> Applying: efi: call get_event_log before ExitBootServices
> error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
> error: could not build fake ancestor
> Patch failed at 0001 efi: call get_event_log before ExitBootServices
> The copy of the patch that failed is found in: .git/rebase-apply/patch
> When you have resolved this problem, run "git am --continue".
> If you prefer to skip this patch, run "git am --skip" instead.
> To restore the original branch and stop patching, run "git am --abort".
> 
> Maybe you have some other trees fetched in your local GIT so that it
> finds the ancestors? Anyway, cannot test this at this point.
> 
> /Jarkko

I pushed the first three patches to my master as they looked OK. You
should still consider them unreviewed.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
  2017-10-04 11:12                 ` Thiebaud Weksteen
@ 2017-10-10 14:14                   ` Jarkko Sakkinen
       [not found]                     ` <20171010141419.e4uv4fkmcmpc7sdc-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
  0 siblings, 1 reply; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-10 14:14 UTC (permalink / raw)
  To: Thiebaud Weksteen, jmorris
  Cc: linux-efi, linux-integrity, tpmdd-devel, Ard Biesheuvel,
	Matt Fleming, linux-kernel, Matthew Garrett, peterhuewe,
	Jason Gunthorpe, tpmdd

On Wed, Oct 04, 2017 at 01:12:27PM +0200, Thiebaud Weksteen wrote:
> On Wed, Oct 4, 2017 at 12:51 PM, Jarkko Sakkinen
> <jarkko.sakkinen@linux.intel.com> wrote:
> > On Fri, Sep 29, 2017 at 08:16:17PM +0300, Jarkko Sakkinen wrote:
> >> On Tue, Sep 26, 2017 at 02:49:31PM +0200, Thiebaud Weksteen wrote:
> >> > On Tue, Sep 26, 2017 at 1:45 PM, Jarkko Sakkinen
> >> > <jarkko.sakkinen@linux.intel.com> wrote:
> >> > > On Wed, Sep 20, 2017 at 10:13:39AM +0200, Thiebaud Weksteen wrote:
> >> > >> With TPM 2.0 specification, the event logs may only be accessible by
> >> > >> calling an EFI Boot Service. Modify the EFI stub to copy the log area to
> >> > >> a new Linux-specific EFI configuration table so it remains accessible
> >> > >> once booted.
> >> > >>
> >> > >> When calling this service, it is possible to specify the expected format
> >> > >> of the logs: TPM 1.2 (SHA1) or TPM 2.0 ("Crypto Agile"). For now, only the
> >> > >> first format is retrieved.
> >> > >>
> >> > >> Signed-off-by: Thiebaud Weksteen <tweek@google.com>
> >> > >
> >> > > Does not apply:
> >> > >
> >> > > Applying: tpm: move tpm_eventlog.h outside of drivers folder
> >> > > Applying: tpm: rename event log provider files
> >> > > Applying: tpm: add event log format version
> >> > > Applying: efi: call get_event_log before ExitBootServices
> >> > > error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
> >> > > error: could not build fake ancestor
> >> > > Patch failed at 0004 efi: call get_event_log before ExitBootServices
> >> > > The copy of the patch that failed is found in: .git/rebase-apply/patch
> >> > > When you have resolved this problem, run "git am --continue".
> >> > > If you prefer to skip this patch, run "git am --skip" instead.
> >> > > To restore the original branch and stop patching, run "git am --abort".
> >> > >
> >> > > Just rebased my tree to the latest security-next.
> >> >
> >> > It applies fine on security/next-general which is more up-to-date.
> >> > (security/next does not include
> >> > ccc829ba3624beb9a703fc995d016b836d9eead8 on which this patch set is
> >> > based)
> >>
> >> Thanks, my bad, I though that I had it updated.
> >>
> >> I'll update my tree and retry.
> >>
> >> /Jarkko
> >
> > My master is up to date with security/next.
> >
> > Still get the same result:
> >
> > $ git am -3 ~/Downloads/v3-4-5-efi-call-get_event_log-before-ExitBootServices.patch
> > Applying: efi: call get_event_log before ExitBootServices
> > error: sha1 information is lacking or useless (drivers/firmware/efi/efi.c).
> > error: could not build fake ancestor
> > Patch failed at 0001 efi: call get_event_log before ExitBootServices
> > The copy of the patch that failed is found in: .git/rebase-apply/patch
> > When you have resolved this problem, run "git am --continue".
> > If you prefer to skip this patch, run "git am --skip" instead.
> > To restore the original branch and stop patching, run "git am --abort".
> >
> > Maybe you have some other trees fetched in your local GIT so that it
> > finds the ancestors? Anyway, cannot test this at this point.
> >
> > /Jarkko
> 
> The security/next branch still does not contain the commit I mentioned
> (ccc829ba3624beb9a703fc995d016b836d9eead8), which is already part of
> torvalds/master now.
> 
>  $ git branch -a --contains ccc829ba3624beb9a703fc995d016b836d9eead8
>   efi_tpm2_eventlog
>   master
>   remotes/linux-next/akpm
>   remotes/linux-next/akpm-base
>   remotes/linux-next/master
>   remotes/linux-next/stable
>   remotes/security/fixes-v4.14-rc3
>   remotes/security/fixes-v4.14-rc4
>   remotes/security/next-general
>   remotes/security/next-testing
>   remotes/torvalds/master
> 
> Is there any reason why you are trying to merge on that specific
> branch and not next-general or next-testing? Would you know the
> purpose of all these next-* branches?
> 
> Thanks,
> Thiebaud

The way I've agreed with James Morris to have my tree is to be rooted to
security trees next branch.

James, what actions should we take?

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]                     ` <20171010141419.e4uv4fkmcmpc7sdc-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
@ 2017-10-11  1:54                       ` James Morris
  2017-10-11 11:52                         ` Jarkko Sakkinen
  0 siblings, 1 reply; 31+ messages in thread
From: James Morris @ 2017-10-11  1:54 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA, Ard Biesheuvel, Matt Fleming,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA, Matthew Garrett,
	Jason Gunthorpe, tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA

On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:

> The way I've agreed with James Morris to have my tree is to be rooted to
> security trees next branch.
> 
> James, what actions should we take?

This process has changed recently -- I posted to lsm but forgot to post to 
linux-integrity.

http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003356.html

Summary: please track the next-general branch in my tree for your 
development, it replaces 'next'.


- James
-- 
James Morris
<jmorris-gx6/JNMH7DfYtjvyW6yDsg@public.gmane.org>


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
  2017-10-11  1:54                       ` James Morris
@ 2017-10-11 11:52                         ` Jarkko Sakkinen
       [not found]                           ` <20171011115254.2n4zs77ixyl2mdgm-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
  0 siblings, 1 reply; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-11 11:52 UTC (permalink / raw)
  To: James Morris
  Cc: Thiebaud Weksteen, linux-efi, linux-integrity, tpmdd-devel,
	Ard Biesheuvel, Matt Fleming, linux-kernel, Matthew Garrett,
	peterhuewe, Jason Gunthorpe, tpmdd

On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
> On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> 
> > The way I've agreed with James Morris to have my tree is to be rooted to
> > security trees next branch.
> > 
> > James, what actions should we take?
> 
> This process has changed recently -- I posted to lsm but forgot to post to 
> linux-integrity.
> 
> http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003356.html
> 
> Summary: please track the next-general branch in my tree for your 
> development, it replaces 'next'.
> 
> 
> - James
> -- 
> James Morris
> <jmorris@namei.org>

Ah I'm subscribed to that list but lately been busy getting a huge patch
set to platform-driver-x86 [1] for review, which has prioritized out
reading much else than linux-integrity.

Thank you. I'll retry the patches tomorrow.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]                           ` <20171011115254.2n4zs77ixyl2mdgm-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
@ 2017-10-11 11:53                             ` Jarkko Sakkinen
  2017-10-12 11:38                               ` Jarkko Sakkinen
  2017-10-16 11:28                             ` Jarkko Sakkinen
  1 sibling, 1 reply; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-11 11:53 UTC (permalink / raw)
  To: James Morris
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA, Ard Biesheuvel, Matt Fleming,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA, Matthew Garrett,
	Jason Gunthorpe, tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA

On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
> > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> > 
> > > The way I've agreed with James Morris to have my tree is to be rooted to
> > > security trees next branch.
> > > 
> > > James, what actions should we take?
> > 
> > This process has changed recently -- I posted to lsm but forgot to post to 
> > linux-integrity.
> > 
> > http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003356.html
> > 
> > Summary: please track the next-general branch in my tree for your 
> > development, it replaces 'next'.
> > 
> > 
> > - James
> > -- 
> > James Morris
> > <jmorris-gx6/JNMH7DfYtjvyW6yDsg@public.gmane.org>
> 
> Ah I'm subscribed to that list but lately been busy getting a huge patch
> set to platform-driver-x86 [1] for review, which has prioritized out
> reading much else than linux-integrity.
> 
> Thank you. I'll retry the patches tomorrow.
> 
> /Jarkko

[1] http://www.spinics.net/lists/platform-driver-x86/msg13260.html

/Jarkko

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
  2017-10-11 11:53                             ` Jarkko Sakkinen
@ 2017-10-12 11:38                               ` Jarkko Sakkinen
       [not found]                                 ` <20171012113844.ptfynppgx3tkwe7g-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
  0 siblings, 1 reply; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-12 11:38 UTC (permalink / raw)
  To: James Morris
  Cc: Thiebaud Weksteen, linux-efi, linux-integrity, tpmdd-devel,
	Ard Biesheuvel, Matt Fleming, linux-kernel, Matthew Garrett,
	peterhuewe, Jason Gunthorpe, tpmdd

On Wed, Oct 11, 2017 at 02:53:18PM +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote:
> > On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
> > > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> > > 
> > > > The way I've agreed with James Morris to have my tree is to be rooted to
> > > > security trees next branch.
> > > > 
> > > > James, what actions should we take?
> > > 
> > > This process has changed recently -- I posted to lsm but forgot to post to 
> > > linux-integrity.
> > > 
> > > http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003356.html
> > > 
> > > Summary: please track the next-general branch in my tree for your 
> > > development, it replaces 'next'.
> > > 
> > > 
> > > - James
> > > -- 
> > > James Morris
> > > <jmorris@namei.org>
> > 
> > Ah I'm subscribed to that list but lately been busy getting a huge patch
> > set to platform-driver-x86 [1] for review, which has prioritized out
> > reading much else than linux-integrity.
> > 
> > Thank you. I'll retry the patches tomorrow.
> > 
> > /Jarkko
> 
> [1] http://www.spinics.net/lists/platform-driver-x86/msg13260.html
> 
> /Jarkko

Now all Thiebaud's patches have been applied to the master of

  git://git.infradead.org/users/jjs/linux-tpmdd.git

Testing is still pending.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]                                 ` <20171012113844.ptfynppgx3tkwe7g-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
@ 2017-10-12 15:03                                   ` Javier Martinez Canillas
       [not found]                                     ` <CABxcv=neJZjA407pbmNesNbGY9k3VRbhawut6ewofw_UB5U1_w-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
  0 siblings, 1 reply; 31+ messages in thread
From: Javier Martinez Canillas @ 2017-10-12 15:03 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: James Morris, Thiebaud Weksteen,
	linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f, Ard Biesheuvel,
	Matt Fleming, Linux Kernel, Matthew Garrett,
	peterhuewe-Mmb7MZpHnFY, Jason Gunthorpe,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Thu, Oct 12, 2017 at 1:38 PM, Jarkko Sakkinen
<jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> wrote:

[snip]

>
> Now all Thiebaud's patches have been applied to the master of
>
>   git://git.infradead.org/users/jjs/linux-tpmdd.git
>
> Testing is still pending.
>

I provided my reviewed and tested by tags for the patches but I
noticed that weren't picked. Probably my fault though since I answered
to the cover letter instead of the individual patches.

> /Jarkko

Best regards,
Javier

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]                                     ` <CABxcv=neJZjA407pbmNesNbGY9k3VRbhawut6ewofw_UB5U1_w-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
@ 2017-10-13 19:47                                       ` Jarkko Sakkinen
  2017-10-16 11:34                                         ` Jarkko Sakkinen
  0 siblings, 1 reply; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-13 19:47 UTC (permalink / raw)
  To: Javier Martinez Canillas
  Cc: James Morris, Thiebaud Weksteen,
	linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f, Ard Biesheuvel,
	Matt Fleming, Linux Kernel, Matthew Garrett,
	peterhuewe-Mmb7MZpHnFY, Jason Gunthorpe,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Thu, Oct 12, 2017 at 05:03:38PM +0200, Javier Martinez Canillas wrote:
> On Thu, Oct 12, 2017 at 1:38 PM, Jarkko Sakkinen
> <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> wrote:
> 
> [snip]
> 
> >
> > Now all Thiebaud's patches have been applied to the master of
> >
> >   git://git.infradead.org/users/jjs/linux-tpmdd.git
> >
> > Testing is still pending.
> >
> 
> I provided my reviewed and tested by tags for the patches but I
> noticed that weren't picked. Probably my fault though since I answered
> to the cover letter instead of the individual patches.
> 
> > /Jarkko
> 
> Best regards,
> Javier

I will add it. The master branch is bleeding edge where tags might be
sometimes (*not* usually) missing. The next branch is the one that goes
to linux-next.

I'll check all tags from patchwork before moving any of these to next.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]                           ` <20171011115254.2n4zs77ixyl2mdgm-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
  2017-10-11 11:53                             ` Jarkko Sakkinen
@ 2017-10-16 11:28                             ` Jarkko Sakkinen
  2017-10-16 11:49                               ` Jarkko Sakkinen
  1 sibling, 1 reply; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-16 11:28 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f, Ard Biesheuvel,
	Matt Fleming, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Matthew Garrett, peterhuewe-Mmb7MZpHnFY, Jason Gunthorpe,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
> > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> > 
> > > The way I've agreed with James Morris to have my tree is to be rooted to
> > > security trees next branch.
> > > 
> > > James, what actions should we take?
> > 
> > This process has changed recently -- I posted to lsm but forgot to post to 
> > linux-integrity.
> > 
> > http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003356.html
> > 
> > Summary: please track the next-general branch in my tree for your 
> > development, it replaces 'next'.
> > 
> > 
> > - James
> > -- 
> > James Morris
> > <jmorris-gx6/JNMH7DfYtjvyW6yDsg@public.gmane.org>
> 
> Ah I'm subscribed to that list but lately been busy getting a huge patch
> set to platform-driver-x86 [1] for review, which has prioritized out
> reading much else than linux-integrity.
> 
> Thank you. I'll retry the patches tomorrow.
> 
> /Jarkko

Cannot observer binary_bios_measuremens file.

What kind of hardware was used to develop/test this?

I tried it with Kabylake and PTT (firmware TPM).

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
  2017-10-13 19:47                                       ` Jarkko Sakkinen
@ 2017-10-16 11:34                                         ` Jarkko Sakkinen
  0 siblings, 0 replies; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-16 11:34 UTC (permalink / raw)
  To: Javier Martinez Canillas
  Cc: James Morris, Thiebaud Weksteen, linux-efi, linux-integrity,
	tpmdd-devel, Ard Biesheuvel, Matt Fleming, Linux Kernel,
	Matthew Garrett, peterhuewe, Jason Gunthorpe, tpmdd

On Fri, Oct 13, 2017 at 10:47:46PM +0300, Jarkko Sakkinen wrote:
> On Thu, Oct 12, 2017 at 05:03:38PM +0200, Javier Martinez Canillas wrote:
> > On Thu, Oct 12, 2017 at 1:38 PM, Jarkko Sakkinen
> > <jarkko.sakkinen@linux.intel.com> wrote:
> > 
> > [snip]
> > 
> > >
> > > Now all Thiebaud's patches have been applied to the master of
> > >
> > >   git://git.infradead.org/users/jjs/linux-tpmdd.git
> > >
> > > Testing is still pending.
> > >
> > 
> > I provided my reviewed and tested by tags for the patches but I
> > noticed that weren't picked. Probably my fault though since I answered
> > to the cover letter instead of the individual patches.
> > 
> > > /Jarkko
> > 
> > Best regards,
> > Javier
> 
> I will add it. The master branch is bleeding edge where tags might be
> sometimes (*not* usually) missing. The next branch is the one that goes
> to linux-next.
> 
> I'll check all tags from patchwork before moving any of these to next.
> 
> /Jarkko

Updated.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
  2017-10-16 11:28                             ` Jarkko Sakkinen
@ 2017-10-16 11:49                               ` Jarkko Sakkinen
       [not found]                                 ` <20171016114946.phj3n6vyjdbpj2sj-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
  0 siblings, 1 reply; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-16 11:49 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi, linux-integrity, tpmdd-devel, Ard Biesheuvel,
	Matt Fleming, linux-kernel, Matthew Garrett, peterhuewe,
	Jason Gunthorpe, tpmdd

On Mon, Oct 16, 2017 at 02:28:33PM +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote:
> > On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
> > > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> > > 
> > > > The way I've agreed with James Morris to have my tree is to be rooted to
> > > > security trees next branch.
> > > > 
> > > > James, what actions should we take?
> > > 
> > > This process has changed recently -- I posted to lsm but forgot to post to 
> > > linux-integrity.
> > > 
> > > http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003356.html
> > > 
> > > Summary: please track the next-general branch in my tree for your 
> > > development, it replaces 'next'.
> > > 
> > > 
> > > - James
> > > -- 
> > > James Morris
> > > <jmorris@namei.org>
> > 
> > Ah I'm subscribed to that list but lately been busy getting a huge patch
> > set to platform-driver-x86 [1] for review, which has prioritized out
> > reading much else than linux-integrity.
> > 
> > Thank you. I'll retry the patches tomorrow.
> > 
> > /Jarkko
> 
> Cannot observer binary_bios_measuremens file.
> 
> What kind of hardware was used to develop/test this?
> 
> I tried it with Kabylake and PTT (firmware TPM).
> 
> /Jarkko

My guess would be wrong event log format.

At minimum this patch set should add a klog (info level) message to tell
that unsupported event log format is being used.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]                                 ` <20171016114946.phj3n6vyjdbpj2sj-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
@ 2017-10-17  8:00                                   ` Thiebaud Weksteen
       [not found]                                     ` <CA+zpnLc038dv-WAE7fdD8i6DpGV3zCLEieg-KPTAvaW7yt-tLA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
  0 siblings, 1 reply; 31+ messages in thread
From: Thiebaud Weksteen @ 2017-10-17  8:00 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f, Ard Biesheuvel,
	Matt Fleming, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Matthew Garrett, peterhuewe-Mmb7MZpHnFY, Jason Gunthorpe,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Mon, Oct 16, 2017 at 1:49 PM, Jarkko Sakkinen
<jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> wrote:
> On Mon, Oct 16, 2017 at 02:28:33PM +0300, Jarkko Sakkinen wrote:
>> On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote:
>> > On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
>> > > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
>> > >
>> > > > The way I've agreed with James Morris to have my tree is to be rooted to
>> > > > security trees next branch.
>> > > >
>> > > > James, what actions should we take?
>> > >
>> > > This process has changed recently -- I posted to lsm but forgot to post to
>> > > linux-integrity.
>> > >
>> > > http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003356.html
>> > >
>> > > Summary: please track the next-general branch in my tree for your
>> > > development, it replaces 'next'.
>> > >
>> > >
>> > > - James
>> > > --
>> > > James Morris
>> > > <jmorris-gx6/JNMH7DfYtjvyW6yDsg@public.gmane.org>
>> >
>> > Ah I'm subscribed to that list but lately been busy getting a huge patch
>> > set to platform-driver-x86 [1] for review, which has prioritized out
>> > reading much else than linux-integrity.
>> >
>> > Thank you. I'll retry the patches tomorrow.
>> >
>> > /Jarkko
>>
>> Cannot observer binary_bios_measuremens file.
>>
>> What kind of hardware was used to develop/test this?
>>
>> I tried it with Kabylake and PTT (firmware TPM).
>>
>> /Jarkko
>
> My guess would be wrong event log format.
>
> At minimum this patch set should add a klog (info level) message to tell
> that unsupported event log format is being used.
>
> /Jarkko

This patch was mainly developed and tested on Kabylake with PTT as well.

It could be a few things. Are you booting with the EFI stub? Is the
TPM enabled within the BIOS? Does tpm_tis get loaded? Does it produce
any log?
If the logs are recovered (but not parsed), you should already see an
entry in the logs like:

efi:  SMBIOS=0x7fed6000  ACPI=0x7ff00000  TPMEventLog=0x.....

Can you see the TPMEventLog part?

The issue with extra logging is that the log recovery happens within
the EFI stub phase where limited logging is available (which I think
has been limited to error and fatal message only).
For now, it cannot be a version mismatch as the stub will only request
the version 1.2 format.

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]                                     ` <CA+zpnLc038dv-WAE7fdD8i6DpGV3zCLEieg-KPTAvaW7yt-tLA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
@ 2017-10-18 15:11                                       ` Jarkko Sakkinen
  2017-10-26 18:58                                       ` Jarkko Sakkinen
  1 sibling, 0 replies; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-18 15:11 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f, Ard Biesheuvel,
	Matt Fleming, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Matthew Garrett, peterhuewe-Mmb7MZpHnFY, Jason Gunthorpe,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Tue, Oct 17, 2017 at 10:00:15AM +0200, Thiebaud Weksteen wrote:
> On Mon, Oct 16, 2017 at 1:49 PM, Jarkko Sakkinen
> <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> wrote:
> > On Mon, Oct 16, 2017 at 02:28:33PM +0300, Jarkko Sakkinen wrote:
> >> On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote:
> >> > On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
> >> > > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> >> > >
> >> > > > The way I've agreed with James Morris to have my tree is to be rooted to
> >> > > > security trees next branch.
> >> > > >
> >> > > > James, what actions should we take?
> >> > >
> >> > > This process has changed recently -- I posted to lsm but forgot to post to
> >> > > linux-integrity.
> >> > >
> >> > > http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003356.html
> >> > >
> >> > > Summary: please track the next-general branch in my tree for your
> >> > > development, it replaces 'next'.
> >> > >
> >> > >
> >> > > - James
> >> > > --
> >> > > James Morris
> >> > > <jmorris-gx6/JNMH7DfYtjvyW6yDsg@public.gmane.org>
> >> >
> >> > Ah I'm subscribed to that list but lately been busy getting a huge patch
> >> > set to platform-driver-x86 [1] for review, which has prioritized out
> >> > reading much else than linux-integrity.
> >> >
> >> > Thank you. I'll retry the patches tomorrow.
> >> >
> >> > /Jarkko
> >>
> >> Cannot observer binary_bios_measuremens file.
> >>
> >> What kind of hardware was used to develop/test this?
> >>
> >> I tried it with Kabylake and PTT (firmware TPM).
> >>
> >> /Jarkko
> >
> > My guess would be wrong event log format.
> >
> > At minimum this patch set should add a klog (info level) message to tell
> > that unsupported event log format is being used.
> >
> > /Jarkko
> 
> This patch was mainly developed and tested on Kabylake with PTT as well.
> 
> It could be a few things. Are you booting with the EFI stub? Is the
> TPM enabled within the BIOS? Does tpm_tis get loaded? Does it produce
> any log?
> If the logs are recovered (but not parsed), you should already see an
> entry in the logs like:
> 
> efi:  SMBIOS=0x7fed6000  ACPI=0x7ff00000  TPMEventLog=0x.....
> 
> Can you see the TPMEventLog part?
> 
> The issue with extra logging is that the log recovery happens within
> the EFI stub phase where limited logging is available (which I think
> has been limited to error and fatal message only).
> For now, it cannot be a version mismatch as the stub will only request
> the version 1.2 format.

Thank you for the great tips. I'll retry tomorrow.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
       [not found]                                     ` <CA+zpnLc038dv-WAE7fdD8i6DpGV3zCLEieg-KPTAvaW7yt-tLA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
  2017-10-18 15:11                                       ` Jarkko Sakkinen
@ 2017-10-26 18:58                                       ` Jarkko Sakkinen
  1 sibling, 0 replies; 31+ messages in thread
From: Jarkko Sakkinen @ 2017-10-26 18:58 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA,
	linux-integrity-u79uwXL29TY76Z2rM5mHXA,
	tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f, Ard Biesheuvel,
	Matt Fleming, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Matthew Garrett, peterhuewe-Mmb7MZpHnFY, Jason Gunthorpe,
	tpmdd-yWjUBOtONefk1uMJSBkQmQ

On Tue, Oct 17, 2017 at 10:00:15AM +0200, Thiebaud Weksteen wrote:
> This patch was mainly developed and tested on Kabylake with PTT as well.
> 
> It could be a few things. Are you booting with the EFI stub? Is the
> TPM enabled within the BIOS? Does tpm_tis get loaded? Does it produce
> any log?

Nope, and it should not get loaded anyway as I'm using PTT. With PTT you
use tpm_crb. TPM is working just fine.

> If the logs are recovered (but not parsed), you should already see an
> entry in the logs like:
> 
> efi:  SMBIOS=0x7fed6000  ACPI=0x7ff00000  TPMEventLog=0x.....
> 
> Can you see the TPMEventLog part?

I can check this when I'm back in Finland. Still in Prague. Tried to
test this with my work laptop (XPS13 with dTPM) now but the USB stick I
have with seems to be broken :-(

This is anyway almost guaranteed to go to 4.16  and I don't want to push
this to 4.15 so there is no rush right now (already sent my PR).

> The issue with extra logging is that the log recovery happens within
> the EFI stub phase where limited logging is available (which I think
> has been limited to error and fatal message only).
> For now, it cannot be a version mismatch as the stub will only request
> the version 1.2 format.

Right, I see.

/Jarkko

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
  2017-09-20  8:13   ` [PATCH v3 4/5] efi: call get_event_log before ExitBootServices Thiebaud Weksteen via tpmdd-devel
       [not found]     ` <20170920081340.7413-5-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
@ 2018-03-05 15:40     ` Marc-André Lureau
  2018-03-06 10:15       ` Thiebaud Weksteen
  1 sibling, 1 reply; 31+ messages in thread
From: Marc-André Lureau @ 2018-03-05 15:40 UTC (permalink / raw)
  To: Thiebaud Weksteen
  Cc: linux-efi, linux-integrity, tpmdd-devel, ard.biesheuvel, matt,
	open list, mjg59, peterhuewe, jarkko.sakkinen, jgunthorpe, tpmdd

Hi Thiebaud

On Wed, Sep 20, 2017 at 10:13 AM, Thiebaud Weksteen <tweek@google.com> wrote:
> With TPM 2.0 specification, the event logs may only be accessible by
> calling an EFI Boot Service. Modify the EFI stub to copy the log area to
> a new Linux-specific EFI configuration table so it remains accessible
> once booted.
>
> When calling this service, it is possible to specify the expected format
> of the logs: TPM 1.2 (SHA1) or TPM 2.0 ("Crypto Agile"). For now, only the
> first format is retrieved.
>

Do you have plans to add support for the crypto-agile format? I am
working on uefi/ovmf support, and I am wondering if it is at all
necessary to add support for the 1.2 format. What do you think? I can
eventually try to work on 2.0 format support.

Thanks

> Signed-off-by: Thiebaud Weksteen <tweek@google.com>
> ---
>  arch/x86/boot/compressed/eboot.c      |  1 +
>  drivers/firmware/efi/Makefile         |  2 +-
>  drivers/firmware/efi/efi.c            |  4 ++
>  drivers/firmware/efi/libstub/Makefile |  3 +-
>  drivers/firmware/efi/libstub/tpm.c    | 81 +++++++++++++++++++++++++++++++++++
>  drivers/firmware/efi/tpm.c            | 40 +++++++++++++++++
>  include/linux/efi.h                   | 46 ++++++++++++++++++++
>  7 files changed, 174 insertions(+), 3 deletions(-)
>  create mode 100644 drivers/firmware/efi/tpm.c
>
> diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
> index a1686f3dc295..ef6abe8b3788 100644
> --- a/arch/x86/boot/compressed/eboot.c
> +++ b/arch/x86/boot/compressed/eboot.c
> @@ -999,6 +999,7 @@ struct boot_params *efi_main(struct efi_config *c,
>
>         /* Ask the firmware to clear memory on unclean shutdown */
>         efi_enable_reset_attack_mitigation(sys_table);
> +       efi_retrieve_tpm2_eventlog(sys_table);
>
>         setup_graphics(boot_params);
>
> diff --git a/drivers/firmware/efi/Makefile b/drivers/firmware/efi/Makefile
> index 0329d319d89a..2f074b5cde87 100644
> --- a/drivers/firmware/efi/Makefile
> +++ b/drivers/firmware/efi/Makefile
> @@ -10,7 +10,7 @@
>  KASAN_SANITIZE_runtime-wrappers.o      := n
>
>  obj-$(CONFIG_ACPI_BGRT)                += efi-bgrt.o
> -obj-$(CONFIG_EFI)                      += efi.o vars.o reboot.o memattr.o
> +obj-$(CONFIG_EFI)                      += efi.o vars.o reboot.o memattr.o tpm.o
>  obj-$(CONFIG_EFI)                      += capsule.o memmap.o
>  obj-$(CONFIG_EFI_VARS)                 += efivars.o
>  obj-$(CONFIG_EFI_ESRT)                 += esrt.o
> diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
> index f97f272e16ee..0308acfaaf76 100644
> --- a/drivers/firmware/efi/efi.c
> +++ b/drivers/firmware/efi/efi.c
> @@ -52,6 +52,7 @@ struct efi __read_mostly efi = {
>         .properties_table       = EFI_INVALID_TABLE_ADDR,
>         .mem_attr_table         = EFI_INVALID_TABLE_ADDR,
>         .rng_seed               = EFI_INVALID_TABLE_ADDR,
> +       .tpm_log                = EFI_INVALID_TABLE_ADDR
>  };
>  EXPORT_SYMBOL(efi);
>
> @@ -444,6 +445,7 @@ static __initdata efi_config_table_type_t common_tables[] = {
>         {EFI_PROPERTIES_TABLE_GUID, "PROP", &efi.properties_table},
>         {EFI_MEMORY_ATTRIBUTES_TABLE_GUID, "MEMATTR", &efi.mem_attr_table},
>         {LINUX_EFI_RANDOM_SEED_TABLE_GUID, "RNG", &efi.rng_seed},
> +       {LINUX_EFI_TPM_EVENT_LOG_GUID, "TPMEventLog", &efi.tpm_log},
>         {NULL_GUID, NULL, NULL},
>  };
>
> @@ -532,6 +534,8 @@ int __init efi_config_parse_tables(void *config_tables, int count, int sz,
>         if (efi_enabled(EFI_MEMMAP))
>                 efi_memattr_init();
>
> +       efi_tpm_eventlog_init();
> +
>         /* Parse the EFI Properties table if it exists */
>         if (efi.properties_table != EFI_INVALID_TABLE_ADDR) {
>                 efi_properties_table_t *tbl;
> diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
> index dedf9bde44db..2abe6d22dc5f 100644
> --- a/drivers/firmware/efi/libstub/Makefile
> +++ b/drivers/firmware/efi/libstub/Makefile
> @@ -29,8 +29,7 @@ OBJECT_FILES_NON_STANDARD     := y
>  # Prevents link failures: __sanitizer_cov_trace_pc() is not linked in.
>  KCOV_INSTRUMENT                        := n
>
> -lib-y                          := efi-stub-helper.o gop.o secureboot.o
> -lib-$(CONFIG_RESET_ATTACK_MITIGATION) += tpm.o
> +lib-y                          := efi-stub-helper.o gop.o secureboot.o tpm.o
>
>  # include the stub's generic dependencies from lib/ when building for ARM/arm64
>  arm-deps := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c fdt_sw.c sort.c
> diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c
> index 6224cdbc9669..da661bf8cb96 100644
> --- a/drivers/firmware/efi/libstub/tpm.c
> +++ b/drivers/firmware/efi/libstub/tpm.c
> @@ -4,15 +4,18 @@
>   * Copyright (C) 2016 CoreOS, Inc
>   * Copyright (C) 2017 Google, Inc.
>   *     Matthew Garrett <mjg59@google.com>
> + *     Thiebaud Weksteen <tweek@google.com>
>   *
>   * This file is part of the Linux kernel, and is made available under the
>   * terms of the GNU General Public License version 2.
>   */
>  #include <linux/efi.h>
> +#include <linux/tpm_eventlog.h>
>  #include <asm/efi.h>
>
>  #include "efistub.h"
>
> +#ifdef CONFIG_RESET_ATTACK_MITIGATION
>  static const efi_char16_t efi_MemoryOverWriteRequest_name[] = {
>         'M', 'e', 'm', 'o', 'r', 'y', 'O', 'v', 'e', 'r', 'w', 'r', 'i', 't',
>         'e', 'R', 'e', 'q', 'u', 'e', 's', 't', 'C', 'o', 'n', 't', 'r', 'o',
> @@ -56,3 +59,81 @@ void efi_enable_reset_attack_mitigation(efi_system_table_t *sys_table_arg)
>                     EFI_VARIABLE_BOOTSERVICE_ACCESS |
>                     EFI_VARIABLE_RUNTIME_ACCESS, sizeof(val), &val);
>  }
> +
> +#endif
> +
> +void efi_retrieve_tpm2_eventlog_1_2(efi_system_table_t *sys_table_arg)
> +{
> +       efi_guid_t tcg2_guid = EFI_TCG2_PROTOCOL_GUID;
> +       efi_guid_t linux_eventlog_guid = LINUX_EFI_TPM_EVENT_LOG_GUID;
> +       efi_status_t status;
> +       efi_physical_addr_t log_location, log_last_entry;
> +       struct linux_efi_tpm_eventlog *log_tbl;
> +       unsigned long first_entry_addr, last_entry_addr;
> +       size_t log_size, last_entry_size;
> +       efi_bool_t truncated;
> +       void *tcg2_protocol;
> +
> +       status = efi_call_early(locate_protocol, &tcg2_guid, NULL,
> +                               &tcg2_protocol);
> +       if (status != EFI_SUCCESS)
> +               return;
> +
> +       status = efi_call_proto(efi_tcg2_protocol, get_event_log, tcg2_protocol,
> +                               EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2,
> +                               &log_location, &log_last_entry, &truncated);
> +       if (status != EFI_SUCCESS)
> +               return;
> +
> +       if (!log_location)
> +               return;
> +       first_entry_addr = (unsigned long) log_location;
> +
> +       /*
> +        * We populate the EFI table even if the logs are empty.
> +        */
> +       if (!log_last_entry) {
> +               log_size = 0;
> +       } else {
> +               last_entry_addr = (unsigned long) log_last_entry;
> +               /*
> +                * get_event_log only returns the address of the last entry.
> +                * We need to calculate its size to deduce the full size of
> +                * the logs.
> +                */
> +               last_entry_size = sizeof(struct tcpa_event) +
> +                       ((struct tcpa_event *) last_entry_addr)->event_size;
> +               log_size = log_last_entry - log_location + last_entry_size;
> +       }
> +
> +       /* Allocate space for the logs and copy them. */
> +       status = efi_call_early(allocate_pool, EFI_LOADER_DATA,
> +                               sizeof(*log_tbl) + log_size,
> +                               (void **) &log_tbl);
> +
> +       if (status != EFI_SUCCESS) {
> +               efi_printk(sys_table_arg,
> +                          "Unable to allocate memory for event log\n");
> +               return;
> +       }
> +
> +       memset(log_tbl, 0, sizeof(*log_tbl) + log_size);
> +       log_tbl->size = log_size;
> +       log_tbl->version = EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2;
> +       memcpy(log_tbl->log, (void *) first_entry_addr, log_size);
> +
> +       status = efi_call_early(install_configuration_table,
> +                               &linux_eventlog_guid, log_tbl);
> +       if (status != EFI_SUCCESS)
> +               goto err_free;
> +       return;
> +
> +err_free:
> +       efi_call_early(free_pool, log_tbl);
> +}
> +
> +void efi_retrieve_tpm2_eventlog(efi_system_table_t *sys_table_arg)
> +{
> +       /* Only try to retrieve the logs in 1.2 format. */
> +       efi_retrieve_tpm2_eventlog_1_2(sys_table_arg);
> +}
> diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c
> new file mode 100644
> index 000000000000..0cbeb3d46b18
> --- /dev/null
> +++ b/drivers/firmware/efi/tpm.c
> @@ -0,0 +1,40 @@
> +/*
> + * Copyright (C) 2017 Google, Inc.
> + *     Thiebaud Weksteen <tweek@google.com>
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License version 2 as
> + * published by the Free Software Foundation.
> + */
> +
> +#include <linux/efi.h>
> +#include <linux/init.h>
> +#include <linux/memblock.h>
> +
> +#include <asm/early_ioremap.h>
> +
> +/*
> + * Reserve the memory associated with the TPM Event Log configuration table.
> + */
> +int __init efi_tpm_eventlog_init(void)
> +{
> +       struct linux_efi_tpm_eventlog *log_tbl;
> +       unsigned int tbl_size;
> +
> +       if (efi.tpm_log == EFI_INVALID_TABLE_ADDR)
> +               return 0;
> +
> +       log_tbl = early_memremap(efi.tpm_log, sizeof(*log_tbl));
> +       if (!log_tbl) {
> +               pr_err("Failed to map TPM Event Log table @ 0x%lx\n",
> +                       efi.tpm_log);
> +               efi.tpm_log = EFI_INVALID_TABLE_ADDR;
> +               return -ENOMEM;
> +       }
> +
> +       tbl_size = sizeof(*log_tbl) + log_tbl->size;
> +       memblock_reserve(efi.tpm_log, tbl_size);
> +       early_memunmap(log_tbl, sizeof(*log_tbl));
> +       return 0;
> +}
> +
> diff --git a/include/linux/efi.h b/include/linux/efi.h
> index 8dc3d94a3e3c..c5805eb601b1 100644
> --- a/include/linux/efi.h
> +++ b/include/linux/efi.h
> @@ -472,6 +472,39 @@ typedef struct {
>         u64 get_all;
>  } apple_properties_protocol_64_t;
>
> +typedef struct {
> +       u32 get_capability;
> +       u32 get_event_log;
> +       u32 hash_log_extend_event;
> +       u32 submit_command;
> +       u32 get_active_pcr_banks;
> +       u32 set_active_pcr_banks;
> +       u32 get_result_of_set_active_pcr_banks;
> +} efi_tcg2_protocol_32_t;
> +
> +typedef struct {
> +       u64 get_capability;
> +       u64 get_event_log;
> +       u64 hash_log_extend_event;
> +       u64 submit_command;
> +       u64 get_active_pcr_banks;
> +       u64 set_active_pcr_banks;
> +       u64 get_result_of_set_active_pcr_banks;
> +} efi_tcg2_protocol_64_t;
> +
> +typedef u32 efi_tcg2_event_log_format;
> +
> +typedef struct {
> +       void *get_capability;
> +       efi_status_t (*get_event_log)(efi_handle_t, efi_tcg2_event_log_format,
> +               efi_physical_addr_t *, efi_physical_addr_t *, efi_bool_t *);
> +       void *hash_log_extend_event;
> +       void *submit_command;
> +       void *get_active_pcr_banks;
> +       void *set_active_pcr_banks;
> +       void *get_result_of_set_active_pcr_banks;
> +} efi_tcg2_protocol_t;
> +
>  /*
>   * Types and defines for EFI ResetSystem
>   */
> @@ -622,6 +655,7 @@ void efi_native_runtime_setup(void);
>  #define EFI_MEMORY_ATTRIBUTES_TABLE_GUID       EFI_GUID(0xdcfa911d, 0x26eb, 0x469f,  0xa2, 0x20, 0x38, 0xb7, 0xdc, 0x46, 0x12, 0x20)
>  #define EFI_CONSOLE_OUT_DEVICE_GUID            EFI_GUID(0xd3b36f2c, 0xd551, 0x11d4,  0x9a, 0x46, 0x00, 0x90, 0x27, 0x3f, 0xc1, 0x4d)
>  #define APPLE_PROPERTIES_PROTOCOL_GUID         EFI_GUID(0x91bd12fe, 0xf6c3, 0x44fb,  0xa5, 0xb7, 0x51, 0x22, 0xab, 0x30, 0x3a, 0xe0)
> +#define EFI_TCG2_PROTOCOL_GUID                 EFI_GUID(0x607f766c, 0x7455, 0x42be,  0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f)
>
>  #define EFI_IMAGE_SECURITY_DATABASE_GUID       EFI_GUID(0xd719b2cb, 0x3d3a, 0x4596,  0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f)
>  #define EFI_SHIM_LOCK_GUID                     EFI_GUID(0x605dab50, 0xe046, 0x4300,  0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23)
> @@ -634,6 +668,7 @@ void efi_native_runtime_setup(void);
>  #define LINUX_EFI_ARM_SCREEN_INFO_TABLE_GUID   EFI_GUID(0xe03fc20a, 0x85dc, 0x406e,  0xb9, 0x0e, 0x4a, 0xb5, 0x02, 0x37, 0x1d, 0x95)
>  #define LINUX_EFI_LOADER_ENTRY_GUID            EFI_GUID(0x4a67b082, 0x0a4c, 0x41cf,  0xb6, 0xc7, 0x44, 0x0b, 0x29, 0xbb, 0x8c, 0x4f)
>  #define LINUX_EFI_RANDOM_SEED_TABLE_GUID       EFI_GUID(0x1ce1e5bc, 0x7ceb, 0x42f2,  0x81, 0xe5, 0x8a, 0xad, 0xf1, 0x80, 0xf5, 0x7b)
> +#define LINUX_EFI_TPM_EVENT_LOG_GUID           EFI_GUID(0xb7799cb0, 0xeca2, 0x4943,  0x96, 0x67, 0x1f, 0xae, 0x07, 0xb7, 0x47, 0xfa)
>
>  typedef struct {
>         efi_guid_t guid;
> @@ -908,6 +943,7 @@ extern struct efi {
>         unsigned long properties_table; /* properties table */
>         unsigned long mem_attr_table;   /* memory attributes table */
>         unsigned long rng_seed;         /* UEFI firmware random seed */
> +       unsigned long tpm_log;          /* TPM2 Event Log table */
>         efi_get_time_t *get_time;
>         efi_set_time_t *set_time;
>         efi_get_wakeup_time_t *get_wakeup_time;
> @@ -1504,6 +1540,8 @@ static inline void
>  efi_enable_reset_attack_mitigation(efi_system_table_t *sys_table_arg) { }
>  #endif
>
> +void efi_retrieve_tpm2_eventlog(efi_system_table_t *sys_table);
> +
>  /*
>   * Arch code can implement the following three template macros, avoiding
>   * reptition for the void/non-void return cases of {__,}efi_call_virt():
> @@ -1571,4 +1609,12 @@ struct linux_efi_random_seed {
>         u8      bits[];
>  };
>
> +struct linux_efi_tpm_eventlog {
> +       u32     size;
> +       u8      version;
> +       u8      log[];
> +};
> +
> +extern int efi_tpm_eventlog_init(void);
> +
>  #endif /* _LINUX_EFI_H */
> --
> 2.14.1.821.g8fa685d3b7-goog
>



-- 
Marc-André Lureau

^ permalink raw reply	[flat|nested] 31+ messages in thread

* Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices
  2018-03-05 15:40     ` Marc-André Lureau
@ 2018-03-06 10:15       ` Thiebaud Weksteen
  0 siblings, 0 replies; 31+ messages in thread
From: Thiebaud Weksteen @ 2018-03-06 10:15 UTC (permalink / raw)
  To: marcandre.lureau
  Cc: linux-efi, linux-integrity, tpmdd-devel, Ard Biesheuvel,
	Matt Fleming, linux-kernel, Matthew Garrett, peterhuewe,
	Jarkko Sakkinen, Jason Gunthorpe, tpmdd

On Mon, Mar 5, 2018 at 4:40 PM Marc-André Lureau
<marcandre.lureau@gmail.com>
wrote:

> Hi Thiebaud

> On Wed, Sep 20, 2017 at 10:13 AM, Thiebaud Weksteen <tweek@google.com>
wrote:
> > With TPM 2.0 specification, the event logs may only be accessible by
> > calling an EFI Boot Service. Modify the EFI stub to copy the log area to
> > a new Linux-specific EFI configuration table so it remains accessible
> > once booted.
> >
> > When calling this service, it is possible to specify the expected format
> > of the logs: TPM 1.2 (SHA1) or TPM 2.0 ("Crypto Agile"). For now, only
the
> > first format is retrieved.
> >

> Do you have plans to add support for the crypto-agile format? I am
> working on uefi/ovmf support, and I am wondering if it is at all
> necessary to add support for the 1.2 format. What do you think? I can
> eventually try to work on 2.0 format support.

Yes, this is definitely my intent. I am running low on free time for this
piece of work to happen just now though.

Thanks


> Thanks

> > Signed-off-by: Thiebaud Weksteen <tweek@google.com>
> > ---
> >  arch/x86/boot/compressed/eboot.c      |  1 +
> >  drivers/firmware/efi/Makefile         |  2 +-
> >  drivers/firmware/efi/efi.c            |  4 ++
> >  drivers/firmware/efi/libstub/Makefile |  3 +-
> >  drivers/firmware/efi/libstub/tpm.c    | 81
+++++++++++++++++++++++++++++++++++
> >  drivers/firmware/efi/tpm.c            | 40 +++++++++++++++++
> >  include/linux/efi.h                   | 46 ++++++++++++++++++++
> >  7 files changed, 174 insertions(+), 3 deletions(-)
> >  create mode 100644 drivers/firmware/efi/tpm.c
> >
> > diff --git a/arch/x86/boot/compressed/eboot.c
b/arch/x86/boot/compressed/eboot.c
> > index a1686f3dc295..ef6abe8b3788 100644
> > --- a/arch/x86/boot/compressed/eboot.c
> > +++ b/arch/x86/boot/compressed/eboot.c
> > @@ -999,6 +999,7 @@ struct boot_params *efi_main(struct efi_config *c,
> >
> >         /* Ask the firmware to clear memory on unclean shutdown */
> >         efi_enable_reset_attack_mitigation(sys_table);
> > +       efi_retrieve_tpm2_eventlog(sys_table);
> >
> >         setup_graphics(boot_params);
> >
> > diff --git a/drivers/firmware/efi/Makefile
b/drivers/firmware/efi/Makefile
> > index 0329d319d89a..2f074b5cde87 100644
> > --- a/drivers/firmware/efi/Makefile
> > +++ b/drivers/firmware/efi/Makefile
> > @@ -10,7 +10,7 @@
> >  KASAN_SANITIZE_runtime-wrappers.o      := n
> >
> >  obj-$(CONFIG_ACPI_BGRT)                += efi-bgrt.o
> > -obj-$(CONFIG_EFI)                      += efi.o vars.o reboot.o
memattr.o
> > +obj-$(CONFIG_EFI)                      += efi.o vars.o reboot.o
memattr.o tpm.o
> >  obj-$(CONFIG_EFI)                      += capsule.o memmap.o
> >  obj-$(CONFIG_EFI_VARS)                 += efivars.o
> >  obj-$(CONFIG_EFI_ESRT)                 += esrt.o
> > diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
> > index f97f272e16ee..0308acfaaf76 100644
> > --- a/drivers/firmware/efi/efi.c
> > +++ b/drivers/firmware/efi/efi.c
> > @@ -52,6 +52,7 @@ struct efi __read_mostly efi = {
> >         .properties_table       = EFI_INVALID_TABLE_ADDR,
> >         .mem_attr_table         = EFI_INVALID_TABLE_ADDR,
> >         .rng_seed               = EFI_INVALID_TABLE_ADDR,
> > +       .tpm_log                = EFI_INVALID_TABLE_ADDR
> >  };
> >  EXPORT_SYMBOL(efi);
> >
> > @@ -444,6 +445,7 @@ static __initdata efi_config_table_type_t
common_tables[] = {
> >         {EFI_PROPERTIES_TABLE_GUID, "PROP", &efi.properties_table},
> >         {EFI_MEMORY_ATTRIBUTES_TABLE_GUID, "MEMATTR",
&efi.mem_attr_table},
> >         {LINUX_EFI_RANDOM_SEED_TABLE_GUID, "RNG", &efi.rng_seed},
> > +       {LINUX_EFI_TPM_EVENT_LOG_GUID, "TPMEventLog", &efi.tpm_log},
> >         {NULL_GUID, NULL, NULL},
> >  };
> >
> > @@ -532,6 +534,8 @@ int __init efi_config_parse_tables(void
*config_tables, int count, int sz,
> >         if (efi_enabled(EFI_MEMMAP))
> >                 efi_memattr_init();
> >
> > +       efi_tpm_eventlog_init();
> > +
> >         /* Parse the EFI Properties table if it exists */
> >         if (efi.properties_table != EFI_INVALID_TABLE_ADDR) {
> >                 efi_properties_table_t *tbl;
> > diff --git a/drivers/firmware/efi/libstub/Makefile
b/drivers/firmware/efi/libstub/Makefile
> > index dedf9bde44db..2abe6d22dc5f 100644
> > --- a/drivers/firmware/efi/libstub/Makefile
> > +++ b/drivers/firmware/efi/libstub/Makefile
> > @@ -29,8 +29,7 @@ OBJECT_FILES_NON_STANDARD     := y
> >  # Prevents link failures: __sanitizer_cov_trace_pc() is not linked in.
> >  KCOV_INSTRUMENT                        := n
> >
> > -lib-y                          := efi-stub-helper.o gop.o secureboot.o
> > -lib-$(CONFIG_RESET_ATTACK_MITIGATION) += tpm.o
> > +lib-y                          := efi-stub-helper.o gop.o secureboot.o
tpm.o
> >
> >  # include the stub's generic dependencies from lib/ when building for
ARM/arm64
> >  arm-deps := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c
fdt_sw.c sort.c
> > diff --git a/drivers/firmware/efi/libstub/tpm.c
b/drivers/firmware/efi/libstub/tpm.c
> > index 6224cdbc9669..da661bf8cb96 100644
> > --- a/drivers/firmware/efi/libstub/tpm.c
> > +++ b/drivers/firmware/efi/libstub/tpm.c
> > @@ -4,15 +4,18 @@
> >   * Copyright (C) 2016 CoreOS, Inc
> >   * Copyright (C) 2017 Google, Inc.
> >   *     Matthew Garrett <mjg59@google.com>
> > + *     Thiebaud Weksteen <tweek@google.com>
> >   *
> >   * This file is part of the Linux kernel, and is made available under
the
> >   * terms of the GNU General Public License version 2.
> >   */
> >  #include <linux/efi.h>
> > +#include <linux/tpm_eventlog.h>
> >  #include <asm/efi.h>
> >
> >  #include "efistub.h"
> >
> > +#ifdef CONFIG_RESET_ATTACK_MITIGATION
> >  static const efi_char16_t efi_MemoryOverWriteRequest_name[] = {
> >         'M', 'e', 'm', 'o', 'r', 'y', 'O', 'v', 'e', 'r', 'w', 'r',
'i', 't',
> >         'e', 'R', 'e', 'q', 'u', 'e', 's', 't', 'C', 'o', 'n', 't',
'r', 'o',
> > @@ -56,3 +59,81 @@ void
efi_enable_reset_attack_mitigation(efi_system_table_t *sys_table_arg)
> >                     EFI_VARIABLE_BOOTSERVICE_ACCESS |
> >                     EFI_VARIABLE_RUNTIME_ACCESS, sizeof(val), &val);
> >  }
> > +
> > +#endif
> > +
> > +void efi_retrieve_tpm2_eventlog_1_2(efi_system_table_t *sys_table_arg)
> > +{
> > +       efi_guid_t tcg2_guid = EFI_TCG2_PROTOCOL_GUID;
> > +       efi_guid_t linux_eventlog_guid = LINUX_EFI_TPM_EVENT_LOG_GUID;
> > +       efi_status_t status;
> > +       efi_physical_addr_t log_location, log_last_entry;
> > +       struct linux_efi_tpm_eventlog *log_tbl;
> > +       unsigned long first_entry_addr, last_entry_addr;
> > +       size_t log_size, last_entry_size;
> > +       efi_bool_t truncated;
> > +       void *tcg2_protocol;
> > +
> > +       status = efi_call_early(locate_protocol, &tcg2_guid, NULL,
> > +                               &tcg2_protocol);
> > +       if (status != EFI_SUCCESS)
> > +               return;
> > +
> > +       status = efi_call_proto(efi_tcg2_protocol, get_event_log,
tcg2_protocol,
> > +                               EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2,
> > +                               &log_location, &log_last_entry,
&truncated);
> > +       if (status != EFI_SUCCESS)
> > +               return;
> > +
> > +       if (!log_location)
> > +               return;
> > +       first_entry_addr = (unsigned long) log_location;
> > +
> > +       /*
> > +        * We populate the EFI table even if the logs are empty.
> > +        */
> > +       if (!log_last_entry) {
> > +               log_size = 0;
> > +       } else {
> > +               last_entry_addr = (unsigned long) log_last_entry;
> > +               /*
> > +                * get_event_log only returns the address of the last
entry.
> > +                * We need to calculate its size to deduce the full
size of
> > +                * the logs.
> > +                */
> > +               last_entry_size = sizeof(struct tcpa_event) +
> > +                       ((struct tcpa_event *)
last_entry_addr)->event_size;
> > +               log_size = log_last_entry - log_location +
last_entry_size;
> > +       }
> > +
> > +       /* Allocate space for the logs and copy them. */
> > +       status = efi_call_early(allocate_pool, EFI_LOADER_DATA,
> > +                               sizeof(*log_tbl) + log_size,
> > +                               (void **) &log_tbl);
> > +
> > +       if (status != EFI_SUCCESS) {
> > +               efi_printk(sys_table_arg,
> > +                          "Unable to allocate memory for event log\n");
> > +               return;
> > +       }
> > +
> > +       memset(log_tbl, 0, sizeof(*log_tbl) + log_size);
> > +       log_tbl->size = log_size;
> > +       log_tbl->version = EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2;
> > +       memcpy(log_tbl->log, (void *) first_entry_addr, log_size);
> > +
> > +       status = efi_call_early(install_configuration_table,
> > +                               &linux_eventlog_guid, log_tbl);
> > +       if (status != EFI_SUCCESS)
> > +               goto err_free;
> > +       return;
> > +
> > +err_free:
> > +       efi_call_early(free_pool, log_tbl);
> > +}
> > +
> > +void efi_retrieve_tpm2_eventlog(efi_system_table_t *sys_table_arg)
> > +{
> > +       /* Only try to retrieve the logs in 1.2 format. */
> > +       efi_retrieve_tpm2_eventlog_1_2(sys_table_arg);
> > +}
> > diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c
> > new file mode 100644
> > index 000000000000..0cbeb3d46b18
> > --- /dev/null
> > +++ b/drivers/firmware/efi/tpm.c
> > @@ -0,0 +1,40 @@
> > +/*
> > + * Copyright (C) 2017 Google, Inc.
> > + *     Thiebaud Weksteen <tweek@google.com>
> > + *
> > + * This program is free software; you can redistribute it and/or modify
> > + * it under the terms of the GNU General Public License version 2 as
> > + * published by the Free Software Foundation.
> > + */
> > +
> > +#include <linux/efi.h>
> > +#include <linux/init.h>
> > +#include <linux/memblock.h>
> > +
> > +#include <asm/early_ioremap.h>
> > +
> > +/*
> > + * Reserve the memory associated with the TPM Event Log configuration
table.
> > + */
> > +int __init efi_tpm_eventlog_init(void)
> > +{
> > +       struct linux_efi_tpm_eventlog *log_tbl;
> > +       unsigned int tbl_size;
> > +
> > +       if (efi.tpm_log == EFI_INVALID_TABLE_ADDR)
> > +               return 0;
> > +
> > +       log_tbl = early_memremap(efi.tpm_log, sizeof(*log_tbl));
> > +       if (!log_tbl) {
> > +               pr_err("Failed to map TPM Event Log table @ 0x%lx\n",
> > +                       efi.tpm_log);
> > +               efi.tpm_log = EFI_INVALID_TABLE_ADDR;
> > +               return -ENOMEM;
> > +       }
> > +
> > +       tbl_size = sizeof(*log_tbl) + log_tbl->size;
> > +       memblock_reserve(efi.tpm_log, tbl_size);
> > +       early_memunmap(log_tbl, sizeof(*log_tbl));
> > +       return 0;
> > +}
> > +
> > diff --git a/include/linux/efi.h b/include/linux/efi.h
> > index 8dc3d94a3e3c..c5805eb601b1 100644
> > --- a/include/linux/efi.h
> > +++ b/include/linux/efi.h
> > @@ -472,6 +472,39 @@ typedef struct {
> >         u64 get_all;
> >  } apple_properties_protocol_64_t;
> >
> > +typedef struct {
> > +       u32 get_capability;
> > +       u32 get_event_log;
> > +       u32 hash_log_extend_event;
> > +       u32 submit_command;
> > +       u32 get_active_pcr_banks;
> > +       u32 set_active_pcr_banks;
> > +       u32 get_result_of_set_active_pcr_banks;
> > +} efi_tcg2_protocol_32_t;
> > +
> > +typedef struct {
> > +       u64 get_capability;
> > +       u64 get_event_log;
> > +       u64 hash_log_extend_event;
> > +       u64 submit_command;
> > +       u64 get_active_pcr_banks;
> > +       u64 set_active_pcr_banks;
> > +       u64 get_result_of_set_active_pcr_banks;
> > +} efi_tcg2_protocol_64_t;
> > +
> > +typedef u32 efi_tcg2_event_log_format;
> > +
> > +typedef struct {
> > +       void *get_capability;
> > +       efi_status_t (*get_event_log)(efi_handle_t,
efi_tcg2_event_log_format,
> > +               efi_physical_addr_t *, efi_physical_addr_t *,
efi_bool_t *);
> > +       void *hash_log_extend_event;
> > +       void *submit_command;
> > +       void *get_active_pcr_banks;
> > +       void *set_active_pcr_banks;
> > +       void *get_result_of_set_active_pcr_banks;
> > +} efi_tcg2_protocol_t;
> > +
> >  /*
> >   * Types and defines for EFI ResetSystem
> >   */
> > @@ -622,6 +655,7 @@ void efi_native_runtime_setup(void);
> >  #define EFI_MEMORY_ATTRIBUTES_TABLE_GUID       EFI_GUID(0xdcfa911d,
0x26eb, 0x469f,  0xa2, 0x20, 0x38, 0xb7, 0xdc, 0x46, 0x12, 0x20)
> >  #define EFI_CONSOLE_OUT_DEVICE_GUID            EFI_GUID(0xd3b36f2c,
0xd551, 0x11d4,  0x9a, 0x46, 0x00, 0x90, 0x27, 0x3f, 0xc1, 0x4d)
> >  #define APPLE_PROPERTIES_PROTOCOL_GUID         EFI_GUID(0x91bd12fe,
0xf6c3, 0x44fb,  0xa5, 0xb7, 0x51, 0x22, 0xab, 0x30, 0x3a, 0xe0)
> > +#define EFI_TCG2_PROTOCOL_GUID                 EFI_GUID(0x607f766c,
0x7455, 0x42be,  0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f)
> >
> >  #define EFI_IMAGE_SECURITY_DATABASE_GUID       EFI_GUID(0xd719b2cb,
0x3d3a, 0x4596,  0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f)
> >  #define EFI_SHIM_LOCK_GUID                     EFI_GUID(0x605dab50,
0xe046, 0x4300,  0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23)
> > @@ -634,6 +668,7 @@ void efi_native_runtime_setup(void);
> >  #define LINUX_EFI_ARM_SCREEN_INFO_TABLE_GUID   EFI_GUID(0xe03fc20a,
0x85dc, 0x406e,  0xb9, 0x0e, 0x4a, 0xb5, 0x02, 0x37, 0x1d, 0x95)
> >  #define LINUX_EFI_LOADER_ENTRY_GUID            EFI_GUID(0x4a67b082,
0x0a4c, 0x41cf,  0xb6, 0xc7, 0x44, 0x0b, 0x29, 0xbb, 0x8c, 0x4f)
> >  #define LINUX_EFI_RANDOM_SEED_TABLE_GUID       EFI_GUID(0x1ce1e5bc,
0x7ceb, 0x42f2,  0x81, 0xe5, 0x8a, 0xad, 0xf1, 0x80, 0xf5, 0x7b)
> > +#define LINUX_EFI_TPM_EVENT_LOG_GUID           EFI_GUID(0xb7799cb0,
0xeca2, 0x4943,  0x96, 0x67, 0x1f, 0xae, 0x07, 0xb7, 0x47, 0xfa)
> >
> >  typedef struct {
> >         efi_guid_t guid;
> > @@ -908,6 +943,7 @@ extern struct efi {
> >         unsigned long properties_table; /* properties table */
> >         unsigned long mem_attr_table;   /* memory attributes table */
> >         unsigned long rng_seed;         /* UEFI firmware random seed */
> > +       unsigned long tpm_log;          /* TPM2 Event Log table */
> >         efi_get_time_t *get_time;
> >         efi_set_time_t *set_time;
> >         efi_get_wakeup_time_t *get_wakeup_time;
> > @@ -1504,6 +1540,8 @@ static inline void
> >  efi_enable_reset_attack_mitigation(efi_system_table_t *sys_table_arg)
{ }
> >  #endif
> >
> > +void efi_retrieve_tpm2_eventlog(efi_system_table_t *sys_table);
> > +
> >  /*
> >   * Arch code can implement the following three template macros,
avoiding
> >   * reptition for the void/non-void return cases of
{__,}efi_call_virt():
> > @@ -1571,4 +1609,12 @@ struct linux_efi_random_seed {
> >         u8      bits[];
> >  };
> >
> > +struct linux_efi_tpm_eventlog {
> > +       u32     size;
> > +       u8      version;
> > +       u8      log[];
> > +};
> > +
> > +extern int efi_tpm_eventlog_init(void);
> > +
> >  #endif /* _LINUX_EFI_H */
> > --
> > 2.14.1.821.g8fa685d3b7-goog
> >



> --
> Marc-André Lureau

^ permalink raw reply	[flat|nested] 31+ messages in thread

end of thread, back to index

Thread overview: 31+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-09-20  8:13 [PATCH v3 0/5] Call GetEventLog before ExitBootServices Thiebaud Weksteen
     [not found] ` <20170920081340.7413-1-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
2017-09-20  8:13   ` [PATCH v3 1/5] tpm: move tpm_eventlog.h outside of drivers folder Thiebaud Weksteen
2017-09-20  8:13   ` [PATCH v3 2/5] tpm: rename event log provider files Thiebaud Weksteen via tpmdd-devel
2017-09-26 11:10     ` Jarkko Sakkinen
2017-09-20  8:13   ` [PATCH v3 3/5] tpm: add event log format version Thiebaud Weksteen via tpmdd-devel
2017-09-20  8:13   ` [PATCH v3 4/5] efi: call get_event_log before ExitBootServices Thiebaud Weksteen via tpmdd-devel
     [not found]     ` <20170920081340.7413-5-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
2017-09-26 11:45       ` Jarkko Sakkinen
2017-09-26 12:49         ` Thiebaud Weksteen
2017-09-29 17:16           ` Jarkko Sakkinen
     [not found]             ` <20170929171617.yq4dvn66czvnebns-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
2017-10-04 10:51               ` Jarkko Sakkinen
2017-10-04 11:12                 ` Thiebaud Weksteen
2017-10-10 14:14                   ` Jarkko Sakkinen
     [not found]                     ` <20171010141419.e4uv4fkmcmpc7sdc-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
2017-10-11  1:54                       ` James Morris
2017-10-11 11:52                         ` Jarkko Sakkinen
     [not found]                           ` <20171011115254.2n4zs77ixyl2mdgm-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
2017-10-11 11:53                             ` Jarkko Sakkinen
2017-10-12 11:38                               ` Jarkko Sakkinen
     [not found]                                 ` <20171012113844.ptfynppgx3tkwe7g-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
2017-10-12 15:03                                   ` Javier Martinez Canillas
     [not found]                                     ` <CABxcv=neJZjA407pbmNesNbGY9k3VRbhawut6ewofw_UB5U1_w-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-10-13 19:47                                       ` Jarkko Sakkinen
2017-10-16 11:34                                         ` Jarkko Sakkinen
2017-10-16 11:28                             ` Jarkko Sakkinen
2017-10-16 11:49                               ` Jarkko Sakkinen
     [not found]                                 ` <20171016114946.phj3n6vyjdbpj2sj-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
2017-10-17  8:00                                   ` Thiebaud Weksteen
     [not found]                                     ` <CA+zpnLc038dv-WAE7fdD8i6DpGV3zCLEieg-KPTAvaW7yt-tLA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-10-18 15:11                                       ` Jarkko Sakkinen
2017-10-26 18:58                                       ` Jarkko Sakkinen
     [not found]                 ` <20171004105113.mcho3rlytaxfruyf-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
2017-10-04 11:20                   ` Jarkko Sakkinen
2018-03-05 15:40     ` Marc-André Lureau
2018-03-06 10:15       ` Thiebaud Weksteen
2017-09-21 15:13   ` [PATCH v3 0/5] Call GetEventLog " Jarkko Sakkinen
2017-09-26 11:17   ` [tpmdd-devel] " Javier Martinez Canillas
2017-09-20  8:13 ` [PATCH v3 5/5] tpm: parse TPM event logs based on EFI table Thiebaud Weksteen
     [not found]   ` <20170920081340.7413-6-tweek-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
2017-09-20 16:40     ` Jason Gunthorpe

tpmdd-devel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/tpmdd-devel/0 tpmdd-devel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 tpmdd-devel tpmdd-devel/ https://lore.kernel.org/tpmdd-devel \
		tpmdd-devel@lists.sourceforge.net
	public-inbox-index tpmdd-devel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/net.sourceforge.lists.tpmdd-devel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git