diff options
Diffstat (limited to 'src/security')
| -rw-r--r-- | src/security/tpm/tspi/tspi.c | 3 | ||||
| -rw-r--r-- | src/security/vboot/misc.h | 14 | ||||
| -rw-r--r-- | src/security/vboot/mrc_cache_hash_tpm.c | 40 | ||||
| -rw-r--r-- | src/security/vboot/tpm_common.c | 3 |
4 files changed, 29 insertions, 31 deletions
diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c index 891f915327..7bf8d6c293 100644 --- a/src/security/tpm/tspi/tspi.c +++ b/src/security/tpm/tspi/tspi.c @@ -266,7 +266,8 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, digest_len = vb2_digest_size(TPM_MEASURE_ALGO); assert(digest_len <= sizeof(digest)); - if (vb2_digest_init(&ctx, TPM_MEASURE_ALGO)) { + if (vb2_digest_init(&ctx, vboot_hwcrypto_allowed(), TPM_MEASURE_ALGO, + region_device_sz(rdev))) { printk(BIOS_ERR, "TPM: Error initializing hash.\n"); return TPM_E_HASH_ERROR; } diff --git a/src/security/vboot/misc.h b/src/security/vboot/misc.h index c39af08f1b..8310647760 100644 --- a/src/security/vboot/misc.h +++ b/src/security/vboot/misc.h @@ -87,4 +87,18 @@ static inline int vboot_logic_executed(void) } } +static inline bool vboot_hwcrypto_allowed(void) +{ + /* When not using vboot firmware verification, HW crypto is always allowed. */ + if (!CONFIG(VBOOT)) + return 1; + + /* Before vboot runs we can't check for HW crypto, so err on the side of caution. */ + if (!vboot_logic_executed()) + return 0; + + /* Otherwise, vboot can decide. */ + return vb2api_hwcrypto_allowed(vboot_get_context()); +} + #endif /* __VBOOT_MISC_H__ */ diff --git a/src/security/vboot/mrc_cache_hash_tpm.c b/src/security/vboot/mrc_cache_hash_tpm.c index 77c23f63e4..f67eae48cb 100644 --- a/src/security/vboot/mrc_cache_hash_tpm.c +++ b/src/security/vboot/mrc_cache_hash_tpm.c @@ -2,27 +2,16 @@ #include <security/vboot/antirollback.h> #include <program_loading.h> -#include <security/vboot/vboot_common.h> #include <vb2_api.h> #include <security/tpm/tss.h> +#include <security/vboot/misc.h> #include <security/vboot/mrc_cache_hash_tpm.h> #include <console/console.h> #include <string.h> void mrc_cache_update_hash(uint32_t index, const uint8_t *data, size_t size) { - uint8_t data_hash[VB2_SHA256_DIGEST_SIZE]; - static const uint8_t dead_hash[VB2_SHA256_DIGEST_SIZE] = { - 0xba, 0xad, 0xda, 0x1a, /* BAADDA1A */ - 0xde, 0xad, 0xde, 0xad, /* DEADDEAD */ - 0xde, 0xad, 0xda, 0x1a, /* DEADDA1A */ - 0xba, 0xad, 0xba, 0xad, /* BAADBAAD */ - 0xba, 0xad, 0xda, 0x1a, /* BAADDA1A */ - 0xde, 0xad, 0xde, 0xad, /* DEADDEAD */ - 0xde, 0xad, 0xda, 0x1a, /* DEADDA1A */ - 0xba, 0xad, 0xba, 0xad, /* BAADBAAD */ - }; - const uint8_t *hash_ptr = data_hash; + struct vb2_hash hash; /* Initialize TPM driver. */ if (tlcl_lib_init() != VB2_SUCCESS) { @@ -31,8 +20,8 @@ void mrc_cache_update_hash(uint32_t index, const uint8_t *data, size_t size) } /* Calculate hash of data generated by MRC. */ - if (vb2_digest_buffer(data, size, VB2_HASH_SHA256, data_hash, - sizeof(data_hash))) { + if (vb2_hash_calculate(vboot_hwcrypto_allowed(), data, size, + VB2_HASH_SHA256, &hash)) { printk(BIOS_ERR, "MRC: SHA-256 calculation failed for data. " "Not updating TPM hash space.\n"); /* @@ -40,13 +29,13 @@ void mrc_cache_update_hash(uint32_t index, const uint8_t *data, size_t size) * currently stored in TPM hash space is no longer * valid. If we are not able to calculate hash of the * data being updated, reset all the bits in TPM hash - * space to pre-defined hash pattern. + * space to zero to invalidate it. */ - hash_ptr = dead_hash; + memset(hash.raw, 0, VB2_SHA256_DIGEST_SIZE); } /* Write hash of data to TPM space. */ - if (antirollback_write_space_mrc_hash(index, hash_ptr, VB2_SHA256_DIGEST_SIZE) + if (antirollback_write_space_mrc_hash(index, hash.sha256, sizeof(hash.sha256)) != TPM_SUCCESS) { printk(BIOS_ERR, "MRC: Could not save hash to TPM.\n"); return; @@ -57,15 +46,7 @@ void mrc_cache_update_hash(uint32_t index, const uint8_t *data, size_t size) int mrc_cache_verify_hash(uint32_t index, const uint8_t *data, size_t size) { - uint8_t data_hash[VB2_SHA256_DIGEST_SIZE]; - uint8_t tpm_hash[VB2_SHA256_DIGEST_SIZE]; - - /* Calculate hash of data read from MRC_CACHE. */ - if (vb2_digest_buffer(data, size, VB2_HASH_SHA256, data_hash, - sizeof(data_hash))) { - printk(BIOS_ERR, "MRC: SHA-256 calculation failed for data.\n"); - return 0; - } + struct vb2_hash tpm_hash = { .algo = VB2_HASH_SHA256 }; /* Initialize TPM driver. */ if (tlcl_lib_init() != VB2_SUCCESS) { @@ -74,13 +55,14 @@ int mrc_cache_verify_hash(uint32_t index, const uint8_t *data, size_t size) } /* Read hash of MRC data saved in TPM. */ - if (antirollback_read_space_mrc_hash(index, tpm_hash, sizeof(tpm_hash)) + if (antirollback_read_space_mrc_hash(index, tpm_hash.sha256, sizeof(tpm_hash.sha256)) != TPM_SUCCESS) { printk(BIOS_ERR, "MRC: Could not read hash from TPM.\n"); return 0; } - if (memcmp(tpm_hash, data_hash, sizeof(tpm_hash))) { + /* Calculate hash of data read from MRC_CACHE and compare. */ + if (vb2_hash_verify(vboot_hwcrypto_allowed(), data, size, &tpm_hash)) { printk(BIOS_ERR, "MRC: Hash comparison failed.\n"); return 0; } diff --git a/src/security/vboot/tpm_common.c b/src/security/vboot/tpm_common.c index 7fb2a9d3c5..e67cc01322 100644 --- a/src/security/vboot/tpm_common.c +++ b/src/security/vboot/tpm_common.c @@ -1,8 +1,9 @@ /* SPDX-License-Identifier: GPL-2.0-only */ #include <security/tpm/tspi.h> -#include <vb2_api.h> #include <security/vboot/tpm_common.h> +#include <vb2_api.h> +#include <vb2_sha.h> #define TPM_PCR_BOOT_MODE "VBOOT: boot mode" #define TPM_PCR_GBB_HWID_NAME "VBOOT: GBB HWID" |