[Tboot-changelog] changeset in tboot.hg: Add event log for PCR extends in tboot

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

changeset 36ed04bdfccf in /var/www/tboot.hg
details: tboot.hg?cmd=changeset;node=36ed04bdfccf
description:
	Add event log for PCR extends in tboot

	0x501 was created as event log type for all extends in tboot.

	Signed-off-by: Gang Wei <gan...@in...>

diffstat:

 tboot/common/integrity.c |   7 +++++++
 tboot/txt/heap.c         |   2 +-
 tboot/txt/txt.c          |  47 ++++++++++++++++++++++++++++++++++++-----------
 3 files changed, 44 insertions(+), 12 deletions(-)

diffs (113 lines):

diff -r 7aaf5e97c270 -r 36ed04bdfccf tboot/common/integrity.c

--- a/tboot/common/integrity.c	Sun Jan 15 23:16:38 2012 +0800
+++ b/tboot/common/integrity.c	Sun Jan 15 23:16:39 2012 +0800
@@ -76,6 +76,9 @@
 extern bool hash_policy(tb_hash_t *hash, uint8_t hash_alg);
 extern void apply_policy(tb_error_t error);
 
+#define EVTTYPE_TB_MEASUREMENT (0x400 + 0x101)
+extern bool evtlog_append(uint8_t pcr, tb_hash_t *hash, uint32_t type);
+
 typedef struct {
     uint8_t mac_key[VMAC_KEY_LEN/8];
     uint8_t shared_key[sizeof(_tboot_shared.s3_key)];
@@ -97,6 +100,10 @@
                      (tpm_pcr_value_t *)&g_pre_k_s3_state.vl_entries[i].hash,
                      NULL) != TPM_SUCCESS )
             return false;
+        if ( !evtlog_append(g_pre_k_s3_state.vl_entries[i].pcr,
+                            &g_pre_k_s3_state.vl_entries[i].hash,
+                            EVTTYPE_TB_MEASUREMENT) )
+            return false;
     }
 
     tpm_pcr_read(2, 17, &pcr17);
diff -r 7aaf5e97c270 -r 36ed04bdfccf tboot/txt/heap.c
--- a/tboot/txt/heap.c	Sun Jan 15 23:16:38 2012 +0800
+++ b/tboot/txt/heap.c	Sun Jan 15 23:16:39 2012 +0800
@@ -152,7 +152,7 @@
     print_hash((const tb_hash_t *)hash, TB_HALG_SHA1);
 }
 
-static void print_event(const tpm12_pcr_event_t *evt)
+void print_event(const tpm12_pcr_event_t *evt)
 {
     printk("\t\t\t Event:\n");
     printk("\t\t\t     PCRIndex: %u\n", evt->pcr_index);
diff -r 7aaf5e97c270 -r 36ed04bdfccf tboot/txt/txt.c
--- a/tboot/txt/txt.c	Sun Jan 15 23:16:38 2012 +0800
+++ b/tboot/txt/txt.c	Sun Jan 15 23:16:39 2012 +0800
@@ -85,6 +85,7 @@
 
 extern void apply_policy(tb_error_t error);
 extern void cpu_wakeup(uint32_t cpuid, uint32_t sipi_vec);
+extern void print_event(const tpm12_pcr_event_t *evt);
 
 /*
  * this is the structure whose addr we'll put in TXT heap
@@ -274,23 +275,25 @@
     return true;
 }
 
+static __data event_log_container_t *g_elog = NULL;
+
 /* should be called after os_mle_data initialized */
 static void *init_event_log(void)
 {
     os_mle_data_t *os_mle_data = get_os_mle_data_start(get_txt_heap());
-    event_log_container_t *elog =
-        (event_log_container_t *)&os_mle_data->event_log_buffer;
+    g_elog = (event_log_container_t *)&os_mle_data->event_log_buffer;
 
-    memcpy((void *)elog->signature, EVTLOG_SIGNATURE, sizeof(elog->signature));
-    elog->container_ver_major = EVTLOG_CNTNR_MAJOR_VER;
-    elog->container_ver_minor = EVTLOG_CNTNR_MINOR_VER;
-    elog->pcr_event_ver_major = EVTLOG_EVT_MAJOR_VER;
-    elog->pcr_event_ver_minor = EVTLOG_EVT_MINOR_VER;
-    elog->size = sizeof(os_mle_data->event_log_buffer);
-    elog->pcr_events_offset = sizeof(*elog);
-    elog->next_event_offset = sizeof(*elog);
+    memcpy((void *)g_elog->signature, EVTLOG_SIGNATURE,
+           sizeof(g_elog->signature));
+    g_elog->container_ver_major = EVTLOG_CNTNR_MAJOR_VER;
+    g_elog->container_ver_minor = EVTLOG_CNTNR_MINOR_VER;
+    g_elog->pcr_event_ver_major = EVTLOG_EVT_MAJOR_VER;
+    g_elog->pcr_event_ver_minor = EVTLOG_EVT_MINOR_VER;
+    g_elog->size = sizeof(os_mle_data->event_log_buffer);
+    g_elog->pcr_events_offset = sizeof(*g_elog);
+    g_elog->next_event_offset = sizeof(*g_elog);
 
-    return (void *)elog;
+    return (void *)g_elog;
 }
 
 static void init_os_sinit_ext_data(heap_ext_data_element_t* elts)
@@ -308,6 +311,28 @@
     elt->size = sizeof(*elt);
 }
 
+bool evtlog_append(uint8_t pcr, tb_hash_t *hash, uint32_t type)
+{
+    if ( g_elog == NULL )
+        return true;
+
+    tpm12_pcr_event_t *next = (tpm12_pcr_event_t *)
+                              ((void*)g_elog + g_elog->next_event_offset);
+    
+    if ( g_elog->next_event_offset + sizeof(*next) > g_elog->size )
+        return false;
+
+    next->pcr_index = pcr;
+    next->type = type;
+    memcpy(next->digest, hash, sizeof(*hash));
+    next->data_size = 0;
+
+    g_elog->next_event_offset += sizeof(*next) + next->data_size;
+
+    print_event(next);
+    return true;
+}
+
 __data uint32_t g_using_da = 0;
 
 /*


