From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <u-boot-bounces@lists.denx.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 8B375C43334
	for <u-boot@archiver.kernel.org>; Tue,  7 Jun 2022 08:42:45 +0000 (UTC)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 436C3842FC;
	Tue,  7 Jun 2022 10:42:43 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="fv3MSm33";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id F371A842FD; Tue,  7 Jun 2022 10:42:41 +0200 (CEST)
Received: from mail-wm1-x335.google.com (mail-wm1-x335.google.com
 [IPv6:2a00:1450:4864:20::335])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 9C861842F2
 for <u-boot@lists.denx.de>; Tue,  7 Jun 2022 10:42:38 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org
Received: by mail-wm1-x335.google.com with SMTP id q15so5762051wmj.2
 for <u-boot@lists.denx.de>; Tue, 07 Jun 2022 01:42:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-disposition:in-reply-to;
 bh=fSvPmVbiHcxdA7owGmdE9Vaggepdx09UX4S9jOaoCcE=;
 b=fv3MSm33sTzu5pD624g4nnmZGUYJMBm/qyD6N6uEI/xcIOCuWlnuD40py98eP4HOqU
 t10hoUJmCX1kgxYzq9jWLHEGaET2isrQR0vbsS8oRmqKyKkvrYeynj0TP6xRytpjr8LH
 PLQLgf2NBnFaUYLnBh7l6LJU2TxgrJ4AtO38jc9svEGNt4UqRSH/0qbWB+QUr24bHnCC
 I9j8Pyi1itfC1fO4jOHCxHrw1ALdyqT8j2aICMEB27jKwII8FbTKLz8wAXf0kCQ9KW9m
 nSjH0W4bjJ1rjB3Djmd4SPGmSGIx9rQZ1S6z2D91FQ0IJWDGARgKOBaNJau0JQfVcqGr
 uSlQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:references
 :mime-version:content-disposition:in-reply-to;
 bh=fSvPmVbiHcxdA7owGmdE9Vaggepdx09UX4S9jOaoCcE=;
 b=otHxXxyItDNSyWhpX0pGNn/7lrlWM+DiRqf7dpe05wbIyE8mbtTfu4ZDYCqelf0c2U
 IYMRF2KyaKg66SIfJXxo+OGgpsWzIeitQN/QsVDZWJM4yuTtnNKv1i0Uh5cIajpBlL0c
 Rknoaigio4MjsdOj8L9OpaX0SQXPIlpyakI8C+qhE9OqGck/dFWlfXJn+RQFnJDnpH5U
 cCJ3ylVIsMMMoBi60irshMks8s0Yyay5ni2sOdzYrVvge9+XqCvKSNLVQv8mAxUtaO+s
 TNOcIsW6/goWx3yy9C83nQlcgbkKBfDVnHPctdHWmf2mfnrWQtQtflrt1BF7lwG30R6B
 x76w==
X-Gm-Message-State: AOAM532x2y3R/JNs5sUtzh0jwWfOTfC78VWlc1HjXI4JRmImu0uYjsFM
 aGeSyMiQOo5NPBYQAkN9lYuQBZH3+JS3ug==
X-Google-Smtp-Source: ABdhPJw6hYIsTCASdyw5ogkjJJs65a3jf1caK+6FWLUzZSume4o+UGedfzrau4t+cINxcVjYNxdQDg==
X-Received: by 2002:a05:600c:4ed0:b0:39c:4acb:4e04 with SMTP id
 g16-20020a05600c4ed000b0039c4acb4e04mr13775307wmq.63.1654591358072; 
 Tue, 07 Jun 2022 01:42:38 -0700 (PDT)
Received: from hera (ppp089210241233.access.hol.gr. [89.210.241.233])
 by smtp.gmail.com with ESMTPSA id
 h6-20020adfa4c6000000b0020fe61acd09sm18220832wrb.12.2022.06.07.01.42.37
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 07 Jun 2022 01:42:37 -0700 (PDT)
Date: Tue, 7 Jun 2022 11:42:35 +0300
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Simon Glass <sjg@chromium.org>
Cc: U-Boot Mailing List <u-boot@lists.denx.de>
Subject: Re: [PATCH 2/8] tpm: Require a digest source when extending the PCR
Message-ID: <Yp8Pe60cXSMNYpYv@hera>
References: <20220301001125.1554442-1-sjg@chromium.org>
 <20220301001125.1554442-3-sjg@chromium.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20220301001125.1554442-3-sjg@chromium.org>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de
X-Virus-Status: Clean

On Mon, Feb 28, 2022 at 05:11:19PM -0700, Simon Glass wrote:
> This feature is used for measured boot. It is not currently supported in
> the TPM drivers, but add it to the API so that code which expects it can
> signal its request.
> 
> Signed-off-by: Simon Glass <sjg@chromium.org>
> ---
> 
>  cmd/tpm-v1.c      |  3 ++-
>  cmd/tpm_test.c    |  5 +++--
>  include/tpm_api.h |  8 +++++---
>  lib/tpm-v2.c      |  2 ++
>  lib/tpm_api.c     | 14 ++++++++++----
>  5 files changed, 22 insertions(+), 10 deletions(-)
> 
> diff --git a/cmd/tpm-v1.c b/cmd/tpm-v1.c
> index bf238a9f2e..0869b70775 100644
> --- a/cmd/tpm-v1.c
> +++ b/cmd/tpm-v1.c
> @@ -131,7 +131,8 @@ static int do_tpm_extend(struct cmd_tbl *cmdtp, int flag, int argc,
>  		return CMD_RET_FAILURE;
>  	}
>  
> -	rc = tpm_pcr_extend(dev, index, in_digest, out_digest);
> +	rc = tpm_pcr_extend(dev, index, in_digest, sizeof(in_digest),
> +			    out_digest, "test");

Where is the output value of an extended PCR needed in measured boot?
IMHO this out_digest seems pointless.  I'd be happier if we just completely
removed it and make the v2 variant look like v1 more. 

>  	if (!rc) {
>  		puts("PCR value after execution of the command:\n");
>  		print_byte_string(out_digest, sizeof(out_digest));
> diff --git a/cmd/tpm_test.c b/cmd/tpm_test.c
> index a3ccb12f53..b35eae81dc 100644
> --- a/cmd/tpm_test.c
> +++ b/cmd/tpm_test.c
> @@ -91,7 +91,8 @@ static int test_early_extend(struct udevice *dev)
>  	tpm_init(dev);
>  	TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
>  	TPM_CHECK(tpm_continue_self_test(dev));
> -	TPM_CHECK(tpm_pcr_extend(dev, 1, value_in, value_out));
> +	TPM_CHECK(tpm_pcr_extend(dev, 1, value_in, sizeof(value_in), value_out,
> +				 "test"));
>  	printf("done\n");
>  	return 0;
>  }
> @@ -438,7 +439,7 @@ static int test_timing(struct udevice *dev)
>  		   100);
>  	TTPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)),
>  		   100);
> -	TTPM_CHECK(tpm_pcr_extend(dev, 0, in, out), 200);
> +	TTPM_CHECK(tpm_pcr_extend(dev, 0, in, sizeof(in), out, "test"), 200);
>  	TTPM_CHECK(tpm_set_global_lock(dev), 50);
>  	TTPM_CHECK(tpm_tsc_physical_presence(dev, PHYS_PRESENCE), 100);
>  	printf("done\n");
> diff --git a/include/tpm_api.h b/include/tpm_api.h
> index 11aa14eb79..3c8e48bc25 100644
> --- a/include/tpm_api.h
> +++ b/include/tpm_api.h
> @@ -81,14 +81,16 @@ u32 tpm_nv_write_value(struct udevice *dev, u32 index, const void *data,
>   *
>   * @param dev		TPM device
>   * @param index		index of the PCR
> - * @param in_digest	160-bit value representing the event to be
> + * @param in_digest	160/256-bit value representing the event to be
>   *			recorded
> - * @param out_digest	160-bit PCR value after execution of the
> + * @param size		size of digest in bytes
> + * @param out_digest	160/256-bit PCR value after execution of the
>   *			command
> + * @param name		additional info about where the digest comes from
>   * Return: return code of the operation
>   */
>  u32 tpm_pcr_extend(struct udevice *dev, u32 index, const void *in_digest,
> -		   void *out_digest);
> +		   uint size, void *out_digest, const char *name);
>  
>  /**
>   * Issue a TPM_PCRRead command.
> diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
> index 1bf627853a..6058f2e1e4 100644
> --- a/lib/tpm-v2.c
> +++ b/lib/tpm-v2.c
> @@ -157,6 +157,8 @@ u32 tpm2_pcr_extend(struct udevice *dev, u32 index, u32 algorithm,
>  	};
>  	int ret;
>  
> +	if (!digest)
> +		return -EINVAL;
>  	/*
>  	 * Fill the command structure starting from the first buffer:
>  	 *     - the digest
> diff --git a/lib/tpm_api.c b/lib/tpm_api.c
> index 4ac4612c81..a8d3731d3a 100644
> --- a/lib/tpm_api.c
> +++ b/lib/tpm_api.c
> @@ -140,15 +140,21 @@ u32 tpm_write_lock(struct udevice *dev, u32 index)
>  }
>  
>  u32 tpm_pcr_extend(struct udevice *dev, u32 index, const void *in_digest,
> -		   void *out_digest)
> +		   uint size, void *out_digest, const char *name)
>  {
> -	if (tpm_is_v1(dev))
> +	if (tpm_is_v1(dev)) {
> +		if (size != PCR_DIGEST_LENGTH || !out_digest)
> +			return -EINVAL;
>  		return tpm1_extend(dev, index, in_digest, out_digest);
> -	else if (tpm_is_v2(dev))
> +	} else if (tpm_is_v2(dev)) {
> +		if (size != TPM2_SHA256_DIGEST_SIZE)
> +			return -EINVAL;

Why are we limiting this?  This is supposed to be dictated by the PCR bank
configuration of each hardware 

>  		return tpm2_pcr_extend(dev, index, TPM2_ALG_SHA256, in_digest,
>  				       TPM2_DIGEST_LEN);
> -	else
> +		/* @name is ignored as we do not support measured boot */
> +	} else {
>  		return -ENOSYS;
> +	}
>  }
>  
>  u32 tpm_pcr_read(struct udevice *dev, u32 index, void *data, size_t count)
> -- 
> 2.35.1.574.g5d30c73bfb-goog
> 

Thanks
/Ilias