system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-10-01 13:55:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

uefi: emphasize a bit that EV_IPL event logs is the past, EV_EVENT_TAG the future

Browse source
This commit is contained in:
Lennart Poettering 2024-06-24 12:18:03 +02:00 committed by Luca Boccassi
parent c53580bf2e
commit 21ab3f505a
4 changed files with 35 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/boot/efi/cpio.c
View file

@ -430,7 +430,7 @@ EFI_STATUS pack_cpio(
if (err != EFI_SUCCESS) if (err != EFI_SUCCESS)
return log_error_status(err, "Failed to pack cpio trailer: %m"); return log_error_status(err, "Failed to pack cpio trailer: %m");
err = tpm_log_event( err = tpm_log_ipl_event(
tpm_pcr, POINTER_TO_PHYSICAL_ADDRESS(buffer), buffer_size, tpm_description, ret_measured); tpm_pcr, POINTER_TO_PHYSICAL_ADDRESS(buffer), buffer_size, tpm_description, ret_measured);
if (err != EFI_SUCCESS) if (err != EFI_SUCCESS)
return log_error_status( return log_error_status(
@ -499,7 +499,7 @@ EFI_STATUS pack_cpio_literal(
if (err != EFI_SUCCESS) if (err != EFI_SUCCESS)
return log_error_status(err, "Failed to pack cpio trailer: %m"); return log_error_status(err, "Failed to pack cpio trailer: %m");
err = tpm_log_event( err = tpm_log_ipl_event(
tpm_pcr, POINTER_TO_PHYSICAL_ADDRESS(buffer), buffer_size, tpm_description, ret_measured); tpm_pcr, POINTER_TO_PHYSICAL_ADDRESS(buffer), buffer_size, tpm_description, ret_measured);
if (err != EFI_SUCCESS) if (err != EFI_SUCCESS)
return log_error_status( return log_error_status(

31
src/boot/efi/measure.c
View file

@ -27,6 +27,8 @@ static EFI_STATUS tpm2_measure_to_pcr_and_tagged_event_log(
assert(tcg); assert(tcg);
assert(description); assert(description);
/* New style stuff we log as EV_EVENT_TAG with a recognizable event tag. */
desc_len = strsize16(description); desc_len = strsize16(description);
event_size = offsetof(EFI_TCG2_EVENT, Event) + offsetof(EFI_TCG2_TAGGED_EVENT, Event) + desc_len; event_size = offsetof(EFI_TCG2_EVENT, Event) + offsetof(EFI_TCG2_TAGGED_EVENT, Event) + desc_len;
@ -53,7 +55,7 @@ static EFI_STATUS tpm2_measure_to_pcr_and_tagged_event_log(
&event->tcg_event); &event->tcg_event);
} }
static EFI_STATUS tpm2_measure_to_pcr_and_event_log( static EFI_STATUS tpm2_measure_to_pcr_and_ipl_event_log(
EFI_TCG2_PROTOCOL *tcg, EFI_TCG2_PROTOCOL *tcg,
uint32_t pcrindex, uint32_t pcrindex,
EFI_PHYSICAL_ADDRESS buffer, EFI_PHYSICAL_ADDRESS buffer,
@ -66,11 +68,10 @@ static EFI_STATUS tpm2_measure_to_pcr_and_event_log(
assert(tcg); assert(tcg);
assert(description); assert(description);
/* NB: We currently record everything as EV_IPL. Which sucks, because it makes it hard to /* We record older stuff as EV_IPL. Which sucks, because it makes it hard to recognize from the event
* recognize from the event log which of the events are ours. Measurement logs are kinda API hence * log which of the events are ours. Measurement logs are kinda API hence this is hard to change for
* this is hard to change for existing, established events. But for future additions, let's use * existing, established events. But for future additions, let's use EV_EVENT_TAG instead, with a tag
* EV_EVENT_TAG instead, with a tag of our choosing that makes clear what precisely we are measuring * of our choosing that makes clear what precisely we are measuring here. See above. */
* here. */
desc_len = strsize16(description); desc_len = strsize16(description);
tcg_event = xmalloc(offsetof(EFI_TCG2_EVENT, Event) + desc_len); tcg_event = xmalloc(offsetof(EFI_TCG2_EVENT, Event) + desc_len);
@ -91,7 +92,7 @@ static EFI_STATUS tpm2_measure_to_pcr_and_event_log(
tcg_event); tcg_event);
} }
static EFI_STATUS cc_measure_to_mr_and_event_log( static EFI_STATUS cc_measure_to_mr_and_ipl_event_log(
EFI_CC_MEASUREMENT_PROTOCOL *cc, EFI_CC_MEASUREMENT_PROTOCOL *cc,
uint32_t pcrindex, uint32_t pcrindex,
EFI_PHYSICAL_ADDRESS buffer, EFI_PHYSICAL_ADDRESS buffer,
@ -187,7 +188,7 @@ bool tpm_present(void) {
return tcg2_interface_check(); return tcg2_interface_check();
} }
static EFI_STATUS tcg2_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured) { static EFI_STATUS tcg2_log_ipl_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured) {
EFI_TCG2_PROTOCOL *tpm2; EFI_TCG2_PROTOCOL *tpm2;
EFI_STATUS err = EFI_SUCCESS; EFI_STATUS err = EFI_SUCCESS;
@ -195,7 +196,7 @@ static EFI_STATUS tcg2_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer,
tpm2 = tcg2_interface_check(); tpm2 = tcg2_interface_check();
if (tpm2) if (tpm2)
err = tpm2_measure_to_pcr_and_event_log(tpm2, pcrindex, buffer, buffer_size, description); err = tpm2_measure_to_pcr_and_ipl_event_log(tpm2, pcrindex, buffer, buffer_size, description);
*ret_measured = tpm2 && (err == EFI_SUCCESS); *ret_measured = tpm2 && (err == EFI_SUCCESS);
@ -210,14 +211,14 @@ static EFI_STATUS cc_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, s
cc = cc_interface_check(); cc = cc_interface_check();
if (cc) if (cc)
err = cc_measure_to_mr_and_event_log(cc, pcrindex, buffer, buffer_size, description); err = cc_measure_to_mr_and_ipl_event_log(cc, pcrindex, buffer, buffer_size, description);
*ret_measured = cc && (err == EFI_SUCCESS); *ret_measured = cc && (err == EFI_SUCCESS);
return err; return err;
} }
EFI_STATUS tpm_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured) { EFI_STATUS tpm_log_ipl_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured) {
EFI_STATUS err; EFI_STATUS err;
bool tpm_ret_measured, cc_ret_measured; bool tpm_ret_measured, cc_ret_measured;
@ -238,7 +239,7 @@ EFI_STATUS tpm_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t
if (err != EFI_SUCCESS) if (err != EFI_SUCCESS)
return err; return err;
err = tcg2_log_event(pcrindex, buffer, buffer_size, description, &tpm_ret_measured); err = tcg2_log_ipl_event(pcrindex, buffer, buffer_size, description, &tpm_ret_measured);
if (err == EFI_SUCCESS && ret_measured) if (err == EFI_SUCCESS && ret_measured)
*ret_measured = tpm_ret_measured || cc_ret_measured; *ret_measured = tpm_ret_measured || cc_ret_measured;
@ -278,13 +279,13 @@ EFI_STATUS tpm_log_tagged_event(
return err; return err;
} }
EFI_STATUS tpm_log_event_ascii(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char *description, bool *ret_measured) { EFI_STATUS tpm_log_ipl_event_ascii(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char *description, bool *ret_measured) {
_cleanup_free_ char16_t *c = NULL; _cleanup_free_ char16_t *c = NULL;
if (description) if (description)
c = xstr8_to_16(description); c = xstr8_to_16(description);
return tpm_log_event(pcrindex, buffer, buffer_size, c, ret_measured); return tpm_log_ipl_event(pcrindex, buffer, buffer_size, c, ret_measured);
} }
EFI_STATUS tpm_log_load_options(const char16_t *load_options, bool *ret_measured) { EFI_STATUS tpm_log_load_options(const char16_t *load_options, bool *ret_measured) {
@ -293,7 +294,7 @@ EFI_STATUS tpm_log_load_options(const char16_t *load_options, bool *ret_measured
/* Measures a load options string into the TPM2, i.e. the kernel command line */ /* Measures a load options string into the TPM2, i.e. the kernel command line */
err = tpm_log_event( err = tpm_log_ipl_event(
TPM2_PCR_KERNEL_CONFIG, TPM2_PCR_KERNEL_CONFIG,
POINTER_TO_PHYSICAL_ADDRESS(load_options), POINTER_TO_PHYSICAL_ADDRESS(load_options),
strsize16(load_options), strsize16(load_options),

19
src/boot/efi/measure.h
View file

@ -6,9 +6,20 @@
#if ENABLE_TPM #if ENABLE_TPM
bool tpm_present(void); bool tpm_present(void);
EFI_STATUS tpm_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured);
EFI_STATUS tpm_log_event_ascii(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char *description, bool *ret_measured); /* Routines for boot-time TPM PCR measurement as well as submitting an event log entry about it. The latter
* can be done with two different event log record types. For old stuff we use EV_IPL (which is legacy, and
* not great to recognize properly during PCR validation). For new stuff we use properly tagged
* EV_EVENT_TAG record. */
/* Old stuff is logged as EV_IPL */
EFI_STATUS tpm_log_ipl_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured);
EFI_STATUS tpm_log_ipl_event_ascii(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const
char *description, bool *ret_measured);
/* New stuff is logged as EV_EVENT_TAG */
EFI_STATUS tpm_log_tagged_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, uint32_t event_id, const char16_t *description, bool *ret_measured); EFI_STATUS tpm_log_tagged_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, uint32_t event_id, const char16_t *description, bool *ret_measured);
EFI_STATUS tpm_log_load_options(const char16_t *cmdline, bool *ret_measured); EFI_STATUS tpm_log_load_options(const char16_t *cmdline, bool *ret_measured);
#else #else
@ -17,13 +28,13 @@ static inline bool tpm_present(void) {
return false; return false;
} }
static inline EFI_STATUS tpm_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured) { static inline EFI_STATUS tpm_log_ipl_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured) {
if (ret_measured) if (ret_measured)
*ret_measured = false; *ret_measured = false;
return EFI_SUCCESS; return EFI_SUCCESS;
} }
static inline EFI_STATUS tpm_log_event_ascii(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char *description, bool *ret_measured) { static inline EFI_STATUS tpm_log_ipl_event_ascii(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char *description, bool *ret_measured) {
if (ret_measured) if (ret_measured)
*ret_measured = false; *ret_measured = false;
return EFI_SUCCESS; return EFI_SUCCESS;

4
src/boot/efi/stub.c
View file

@ -584,7 +584,7 @@ static EFI_STATUS run(EFI_HANDLE image) {
m = false; m = false;
/* First measure the name of the section */ /* First measure the name of the section */
(void) tpm_log_event_ascii( (void) tpm_log_ipl_event_ascii(
TPM2_PCR_KERNEL_BOOT, TPM2_PCR_KERNEL_BOOT,
POINTER_TO_PHYSICAL_ADDRESS(unified_sections[section]), POINTER_TO_PHYSICAL_ADDRESS(unified_sections[section]),
strsize8(unified_sections[section]), /* including NUL byte */ strsize8(unified_sections[section]), /* including NUL byte */
@ -594,7 +594,7 @@ static EFI_STATUS run(EFI_HANDLE image) {
sections_measured = sections_measured < 0 ? m : (sections_measured && m); sections_measured = sections_measured < 0 ? m : (sections_measured && m);
/* Then measure the data of the section */ /* Then measure the data of the section */
(void) tpm_log_event_ascii( (void) tpm_log_ipl_event_ascii(
TPM2_PCR_KERNEL_BOOT, TPM2_PCR_KERNEL_BOOT,
POINTER_TO_PHYSICAL_ADDRESS(loaded_image->ImageBase) + addrs[section], POINTER_TO_PHYSICAL_ADDRESS(loaded_image->ImageBase) + addrs[section],
szs[section], szs[section],