summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorVadim Bendebury <vbendeb@chromium.org>2016-07-03 15:24:23 -0700
committerMartin Roth <martinroth@google.com>2016-07-13 23:59:32 +0200
commit7ee057c700dd3481eae9a4b3ee13831798fe8ea5 (patch)
tree7f9a661e2aadb6b4f43c2256bb47b877cddf50e7 /src/lib
parent6acb9a6012de11d998716fd024a3adccbba9b5c3 (diff)
tpm2: use pcr0 dependent nvram space policy definitions
The TPM2 specification allows defining NV ram spaces in a manner that makes it impossible to remove the space until a certain PCR is in a certain state. This comes in handy when defining spaces for rollback counters: make their removal depend on PCR0 being in the default state. Then extend PCR0 to any value. This guarantees that the spaces can not be deleted. Also, there is no need t create firmware and kernel rollback spaces with different privileges: they both can be created with the same set of properties, the firmware space could be locked by the RO firmware, and the kernel space could be locked by the RW firmware thus providing necessary privilege levels. BRANCH=none BUG=chrome-os-partner:50645, chrome-os-partner:55063 TEST=with the rest of the patches applied it is possible to boot into Chrome OS maintaining two rollback counter spaces in the TPM NV ram locked at different phases of the boot process. Change-Id: I889b2c4c4831ae01c093f33c09b4d98a11d758da Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 36317f5e85107b1b2e732a5bb2a38295120560cd Original-Change-Id: I69e5ada65a5f15a8c04be9def92a8e1f4b753d9a Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/358094 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/15635 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/tpm2_tlcl.c28
1 files changed, 21 insertions, 7 deletions
diff --git a/src/lib/tpm2_tlcl.c b/src/lib/tpm2_tlcl.c
index c352a2c4a6..8412ed0784 100644
--- a/src/lib/tpm2_tlcl.c
+++ b/src/lib/tpm2_tlcl.c
@@ -248,11 +248,20 @@ uint32_t tlcl_write(uint32_t index, const void *data, uint32_t length)
return TPM_SUCCESS;
}
-uint32_t tlcl_define_space(uint32_t space_index,
- enum privilege_level priv_level, size_t space_size)
+uint32_t tlcl_define_space(uint32_t space_index, size_t space_size)
{
struct tpm2_nv_define_space_cmd nvds_cmd;
struct tpm2_response *response;
+ /*
+ * This policy digest was obtained using TPM2_PolicyPCR selecting only
+ * PCR_0 with a value of all zeros.
+ */
+ static const uint8_t pcr0_unchanged_policy[] = {
+ 0x09, 0x93, 0x3C, 0xCE, 0xEB, 0xB4, 0x41, 0x11,
+ 0x18, 0x81, 0x1D, 0xD4, 0x47, 0x78, 0x80, 0x08,
+ 0x88, 0x86, 0x62, 0x2D, 0xD7, 0x79, 0x94, 0x46,
+ 0x62, 0x26, 0x68, 0x8E, 0xEE, 0xE6, 0x6A, 0xA1
+ };
/* Prepare the define space command structure. */
memset(&nvds_cmd, 0, sizeof(nvds_cmd));
@@ -261,16 +270,21 @@ uint32_t tlcl_define_space(uint32_t space_index,
nvds_cmd.publicInfo.nvIndex = HR_NV_INDEX + space_index;
nvds_cmd.publicInfo.nameAlg = TPM_ALG_SHA256;
- /* Attributes common for all privilege levels. */
+ /* Attributes common for all NV ram spaces used by firmware. */
nvds_cmd.publicInfo.attributes.TPMA_NV_PPWRITE = 1;
nvds_cmd.publicInfo.attributes.TPMA_NV_AUTHREAD = 1;
nvds_cmd.publicInfo.attributes.TPMA_NV_PPREAD = 1;
nvds_cmd.publicInfo.attributes.TPMA_NV_PLATFORMCREATE = 1;
+ nvds_cmd.publicInfo.attributes.TPMA_NV_WRITE_STCLEAR = 1;
+ nvds_cmd.publicInfo.attributes.TPMA_NV_POLICY_DELETE = 1;
- if (priv_level == high_privilege) {
- nvds_cmd.publicInfo.attributes.TPMA_NV_WRITE_STCLEAR = 1;
- nvds_cmd.publicInfo.attributes.TPMA_NV_POLICY_DELETE = 1;
- }
+ /*
+ * Use policy digest based on default pcr0 value. This makes sure that
+ * the space can not be deleted as soon as PCR0 value has been
+ * extended from default.
+ */
+ nvds_cmd.publicInfo.authPolicy.t.buffer = pcr0_unchanged_policy;
+ nvds_cmd.publicInfo.authPolicy.t.size = sizeof(pcr0_unchanged_policy);
response = tpm_process_command(TPM2_NV_DefineSpace, &nvds_cmd);
printk(BIOS_INFO, "%s: response is %x\n",