Menu
▾
▴
[Tboot-changelog] changeset in code: Merge TBOOT_TPR_support branch into default.
|
From: Mateusz M. <mat...@in...> - 2024-09-24 07:14:49
|
changeset b6f26b413095 in /hg/p/tboot/code details: http://hg.code.sf.net/p/tboot/code/code?cmd=changeset;node=b6f26b413095 description: Merge TBOOT_TPR_support branch into default. diffstat: include/mle.h | 15 ++- tboot/common/integrity.c | 8 +- tboot/common/tboot.c | 6 +- tboot/include/integrity.h | 10 +- tboot/include/txt/heap.h | 13 ++ tboot/include/txt/txt.h | 2 + tboot/include/txt/verify.h | 8 +- tboot/txt/heap.c | 67 +++++++++++++++ tboot/txt/txt.c | 44 ++++++++- tboot/txt/verify.c | 199 +++++++++++++++++++++++++++++++++----------- 10 files changed, 300 insertions(+), 72 deletions(-) diffs (truncated from 659 to 300 lines): diff -r 2b6385a730d0 -r b6f26b413095 include/mle.h --- a/include/mle.h Wed Sep 18 06:15:46 2024 -0400 +++ b/include/mle.h Tue Sep 24 09:04:53 2024 +0200 @@ -52,7 +52,9 @@ uint32_t max_phy_addr : 1; uint32_t tcg_event_log_format: 1; uint32_t cbnt_supported : 1; - uint32_t reserved1 : 21; + uint32_t reserved1 : 3; + uint32_t tpr_support : 1; + uint32_t reserved2 : 17; }; } txt_caps_t; @@ -80,10 +82,13 @@ /* * values supported by current version of tboot */ -#define MLE_HDR_VER 0x00020001 /* 2.1 */ -#define MLE_HDR_CAPS 0x000000627 /* rlp_wake_{getsec, monitor} = 1, - ecx_pgtbl = 1, nolg = 0, da = 1 - tcg_event_log_format = 1, cbnt_supported = 1 */ +#define MLE_HDR_VER 0x00020003 /* 2.3 */ + +#define MLE_HDR_CAPS 0x000004627 /* rlp_wake_{getsec, monitor} = 1 + * ecx_pgtbl = 1, nolg = 0, da = 1 + * tcg_event_log_format = 1, cbnt_supported = 1 + * tpr_supported = 1 + */ #endif /* __MLE_H__ */ diff -r 2b6385a730d0 -r b6f26b413095 tboot/common/integrity.c --- a/tboot/common/integrity.c Wed Sep 18 06:15:46 2024 -0400 +++ b/tboot/common/integrity.c Tue Sep 24 09:04:53 2024 +0200 @@ -108,10 +108,10 @@ struct tpm_if *tpm = get_tpm(); printk(TBOOT_DETA"pre_k_s3_state:\n"); - printk(TBOOT_DETA"\t vtd_pmr_lo_base: 0x%Lx\n", g_pre_k_s3_state.vtd_pmr_lo_base); - printk(TBOOT_DETA"\t vtd_pmr_lo_size: 0x%Lx\n", g_pre_k_s3_state.vtd_pmr_lo_size); - printk(TBOOT_DETA"\t vtd_pmr_hi_base: 0x%Lx\n", g_pre_k_s3_state.vtd_pmr_hi_base); - printk(TBOOT_DETA"\t vtd_pmr_hi_size: 0x%Lx\n", g_pre_k_s3_state.vtd_pmr_hi_size); + printk(TBOOT_DETA"\t dma_protection_lo_base: 0x%Lx\n", g_pre_k_s3_state.dma_protection_lo_base); + printk(TBOOT_DETA"\t dma_protection_lo_size: 0x%Lx\n", g_pre_k_s3_state.dma_protection_lo_size); + printk(TBOOT_DETA"\t dma_protection_hi_base: 0x%Lx\n", g_pre_k_s3_state.dma_protection_hi_base); + printk(TBOOT_DETA"\t dma_protection_hi_size: 0x%Lx\n", g_pre_k_s3_state.dma_protection_hi_size); printk(TBOOT_DETA"\t pol_hash: "); print_hash(&g_pre_k_s3_state.pol_hash, tpm->cur_alg); printk(TBOOT_DETA"\t VL measurements:\n"); diff -r 2b6385a730d0 -r b6f26b413095 tboot/common/tboot.c --- a/tboot/common/tboot.c Wed Sep 18 06:15:46 2024 -0400 +++ b/tboot/common/tboot.c Tue Sep 24 09:04:53 2024 +0200 @@ -385,7 +385,7 @@ } else { printk_init(false); } - + //TBOOT_CHANGESET is defined in CFLAGS in config.mk printk(TBOOT_INFO"*********************** TBOOT ***********************\n"); printk(TBOOT_INFO" %s\n", TBOOT_CHANGESET); printk(TBOOT_INFO"*****************************************************\n"); @@ -455,6 +455,10 @@ apply_policy(TB_ERR_ACMOD_VERIFY_FAILED); } + //We need to have g_sinit point to SINIT ACM before we can run is_tpr_supported + //This global variable decides whether PMR or TPR is used + g_tpr_support = is_tpr_supported(); + /* make TPM ready for measured launch */ if (!tpm_detect()) apply_policy(TB_ERR_TPM_NOT_READY); diff -r 2b6385a730d0 -r b6f26b413095 tboot/include/integrity.h --- a/tboot/include/integrity.h Wed Sep 18 06:15:46 2024 -0400 +++ b/tboot/include/integrity.h Tue Sep 24 09:04:53 2024 +0200 @@ -57,11 +57,11 @@ } hash_list_t; typedef struct { - /* low and high memory regions to protect w/ VT-d PMRs */ - uint64_t vtd_pmr_lo_base; - uint64_t vtd_pmr_lo_size; - uint64_t vtd_pmr_hi_base; - uint64_t vtd_pmr_hi_size; + /* low and high memory regions to protect w/ VT-d PMRs or TPRs*/ + uint64_t dma_protection_lo_base; + uint64_t dma_protection_lo_size; + uint64_t dma_protection_hi_base; + uint64_t dma_protection_hi_size; /* VL policy at time of sealing */ tb_hash_t pol_hash; /* verified launch measurements to be re-extended in DRTM PCRs diff -r 2b6385a730d0 -r b6f26b413095 tboot/include/txt/heap.h --- a/tboot/include/txt/heap.h Wed Sep 18 06:15:46 2024 -0400 +++ b/tboot/include/txt/heap.h Tue Sep 24 09:04:53 2024 +0200 @@ -233,6 +233,17 @@ uint32_t next_record_offset; } heap_event_log_ptr_elt2_1_t; +#define HEAP_EXTDATA_TYPE_TPR_REQ 13 +typedef struct __packed { + uint64_t tpr_range_base; //Physical address of the TPR base + uint64_t tpr_range_size; //Size of the requested TPR +} tpr_range_t; + +typedef struct __packed { + uint32_t tpr_cnt; //How many TPRs in the request area. Max value of tpr_cnt is HW-specific. + tpr_range_t tpr_req_arr[]; //array of tpr ranges (tpr_cnt * tpr_range_t) +} heap_tpr_req_element_t; + /* * data-passing structures contained in TXT heap: * - BIOS @@ -295,6 +306,7 @@ #define MIN_OS_SINIT_DATA_VER 4 #define MAX_OS_SINIT_DATA_VER 7 #define OS_SINIT_FLAGS_EXTPOL_MASK 0x00000001 +#define OS_SINIT_DATA_WITH_TPR_SIZE 144 //92 bytes for struct, 44 for tpr_req_elt, 8 for end elt /* * OS/loader to SINIT structure */ @@ -447,6 +459,7 @@ extern bool verify_bios_data(const txt_heap_t *txt_heap); extern void print_os_sinit_data(const os_sinit_data_t *os_sinit_data); extern void print_os_sinit_data_vtdpmr(const os_sinit_data_t *os_sinit_data); +extern heap_tpr_req_element_t *get_tpr_req_element(const os_sinit_data_t *os_sinit_data); #endif /* __TXT_HEAP_H__ */ diff -r 2b6385a730d0 -r b6f26b413095 tboot/include/txt/txt.h --- a/tboot/include/txt/txt.h Wed Sep 18 06:15:46 2024 -0400 +++ b/tboot/include/txt/txt.h Tue Sep 24 09:04:53 2024 +0200 @@ -61,8 +61,10 @@ extern bool txt_is_powercycle_required(void); extern void ap_wait(unsigned int cpuid); extern int get_evtlog_type(void); +extern bool is_tpr_supported(void); extern uint32_t g_using_da; +extern bool g_tpr_support; #endif /* __TXT_TXT_H__ */ diff -r 2b6385a730d0 -r b6f26b413095 tboot/include/txt/verify.h --- a/tboot/include/txt/verify.h Wed Sep 18 06:15:46 2024 -0400 +++ b/tboot/include/txt/verify.h Tue Sep 24 09:04:53 2024 +0200 @@ -36,13 +36,19 @@ #ifndef __TXT_VERIFY_H__ #define __TXT_VERIFY_H__ -extern void set_vtd_pmrs(os_sinit_data_t *os_sinit_data, +extern void set_dma_protection(os_sinit_data_t *os_sinit_data, uint64_t min_lo_ram, uint64_t max_lo_ram, uint64_t min_hi_ram, uint64_t max_hi_ram); extern bool verify_e820_map(sinit_mdr_t* mdrs_base, uint32_t num_mdrs); extern bool verify_stm(unsigned int cpuid); extern bool use_mwait(void); +typedef struct __packed { + uint64_t base; + uint64_t size; +} dma_protected_range_t; + + #endif /* __TXT_VERIFY_H__ */ diff -r 2b6385a730d0 -r b6f26b413095 tboot/txt/heap.c --- a/tboot/txt/heap.c Wed Sep 18 06:15:46 2024 -0400 +++ b/tboot/txt/heap.c Tue Sep 24 09:04:53 2024 +0200 @@ -371,6 +371,20 @@ } } +static void print_tpr_req_elt(const heap_ext_data_element_t *elt) +{ + if (elt == NULL) return; + const heap_tpr_req_element_t *tpr_req_elt = (const heap_tpr_req_element_t *) elt->data; + printk(TBOOT_DETA"\t TPR_REQ_ELEMENT:\n"); + printk(TBOOT_DETA"\t\t type: %d\n", elt->type); + printk(TBOOT_DETA"\t\t size: %u\n", elt->size); + printk(TBOOT_DETA"\t\t tpr_cnt: %u\n", tpr_req_elt->tpr_cnt); + for (uint16_t i = 0; i < tpr_req_elt->tpr_cnt; i++) { + printk(TBOOT_DETA"\t tpr_range[%u]:\n", i); + printk(TBOOT_DETA"\t\t range_base: 0x%Lx\n", tpr_req_elt->tpr_req_arr[i].tpr_range_base); + printk(TBOOT_DETA"\t\t range_size: 0x%Lx\n", tpr_req_elt->tpr_req_arr[i].tpr_range_size); + } +} static void print_ext_data_elts(const heap_ext_data_element_t elts[]) { @@ -397,6 +411,9 @@ case HEAP_EXTDATA_TYPE_TPM_EVENT_LOG_PTR_2_1: print_evt_log_ptr_elt_2_1(elt); break; + case HEAP_EXTDATA_TYPE_TPR_REQ: + print_tpr_req_elt(elt); + break; default: printk(TBOOT_WARN"\t\t unknown element: type: %u, size: %u\n", elt->type, elt->size); @@ -703,6 +720,7 @@ */ uint64_t calc_os_sinit_data_size(uint32_t version) { + uint64_t tpr_elt_size = 0; uint64_t size[] = { offsetof(os_sinit_data_t, efi_rsdt_ptr) + sizeof(uint64_t), sizeof(os_sinit_data_t) + sizeof(uint64_t), @@ -730,6 +748,14 @@ 2 * sizeof(heap_ext_data_element_t) + 4 + count*sizeof(heap_event_log_descr_t); } + //we need TPR for lo RAM and TPR for hi ram (2 TPR ranges) + //size of heap_ext_data_element_t.type and size, plus size of tpr_cnt in tpr eleemnt, + //plus size of tpr_range structure (twice) + if (g_tpr_support) { + tpr_elt_size = offsetof(heap_ext_data_element_t, data) + offsetof(heap_tpr_req_element_t, tpr_req_arr) + + (2 * sizeof(tpr_range_t)); + size[2] += tpr_elt_size; + } if ( version >= 6 ) return size[2]; @@ -745,6 +771,18 @@ printk(TBOOT_DETA"\t vtd_pmr_hi_size: 0x%Lx\n", os_sinit_data->vtd_pmr_hi_size); } +void print_os_sinit_data_tpr(const os_sinit_data_t *os_sinit_data) +{ + heap_tpr_req_element_t *tpr_elt = NULL; + if (os_sinit_data == NULL) return; + tpr_elt = get_tpr_req_element(os_sinit_data); + if (tpr_elt == NULL) return; + printk(TBOOT_DETA"\t tpr_lo_base: 0x%Lx\n", tpr_elt->tpr_req_arr[0].tpr_range_base); + printk(TBOOT_DETA"\t tpr_lo_size: 0x%Lx\n", tpr_elt->tpr_req_arr[0].tpr_range_size); + printk(TBOOT_DETA"\t tpr_hi_base: 0x%Lx\n", tpr_elt->tpr_req_arr[1].tpr_range_base); + printk(TBOOT_DETA"\t tpr_hi_size: 0x%Lx\n", tpr_elt->tpr_req_arr[1].tpr_range_size); +} + void print_os_sinit_data(const os_sinit_data_t *os_sinit_data) { printk(TBOOT_DETA"os_sinit_data (@%p, %Lx):\n", os_sinit_data, @@ -950,6 +988,35 @@ return true; } +heap_tpr_req_element_t *get_tpr_req_element(const os_sinit_data_t *os_sinit_data) { + heap_ext_data_element_t *elt = NULL; + heap_tpr_req_element_t *tpr_elt = NULL; + if (os_sinit_data == NULL) { + return NULL; + } + if (os_sinit_data->version < 6) { + //Old versions do not support heap_ext_elements + return NULL; + } + if (g_tpr_support == false) { + //TPR not supported + return NULL; + } + elt = (heap_ext_data_element_t *) &os_sinit_data->ext_data_elts; + //Walk elements to find TPR element + while (elt->type != HEAP_EXTDATA_TYPE_END) { + if (elt->type != HEAP_EXTDATA_TYPE_TPR_REQ) { + elt = (void *)elt + elt->size; + } + else { + printk(TBOOT_DETA"Found TPR req element\n"); + tpr_elt = (heap_tpr_req_element_t *) &elt->data; + break; + } + } + return tpr_elt; +} + #endif /* diff -r 2b6385a730d0 -r b6f26b413095 tboot/txt/txt.c --- a/tboot/txt/txt.c Wed Sep 18 06:15:46 2024 -0400 +++ b/tboot/txt/txt.c Tue Sep 24 09:04:53 2024 +0200 @@ -307,6 +307,7 @@ { heap_ext_data_element_t* elt = elts; heap_event_log_ptr_elt_t* evt_log; + heap_tpr_req_element_t* tpr_elt = NULL; struct tpm_if *tpm = get_tpm(); int log_type = get_evtlog_type(); @@ -334,7 +335,18 @@ g_elog_2->count * sizeof(heap_event_log_descr_t); printk(TBOOT_DETA"INTEL TXT LOG elt SIZE = %d \n", elt->size); } - + if (g_tpr_support) { + //Go to next elt + elt = (void *)elt + elt->size; + //Allocate space for 2 TPR ranges, one in LO RAM and the other in HI RAM |
