From nobody Sat May 4 19:39:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+83355+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+83355+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1636049230; cv=none; d=zohomail.com; s=zohoarc; b=b88wjE1URiId6T1tb/R+RVYdtWcOPOGuj2fzSG2i6K314VMzX8BhVQH0s5iPLVoqFME0ujwaWExII4wXog6kMErmDJZ+ANoJ+NU+34nQJ94ME7WNpjhtoXWz1rlng8azpDAY2AouRswS6t6mxHJ4FoAZJ0YGm/JOBbTkzGCCBzI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1636049230; h=Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Sender:Subject:To; bh=MYuVJI4nBdjP0HjJHXRCk8aNwt6sisPy1CPe3AbJOto=; b=g1DIy5NMIDlk1LdWbCtOYjOllz/g5I14fYrisJrFvRyrduTMUgrg7NkrKJluJG/BOn2rmuSieehXi/X0c8o7OFQ1mZIbqM40eRoA7AvNCfmT5ZHEY1F9NsG4Y4IwFfGZYJpktyHuXpNxSGQ9Bj6UmJ4svKNsCb/v91Ok0vqp4TE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+83355+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1636049230798906.2080411147194; Thu, 4 Nov 2021 11:07:10 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id WWtWYY1788612xVw0STOexQb; Thu, 04 Nov 2021 11:07:10 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.1414.1636049228490072481 for ; Thu, 04 Nov 2021 11:07:09 -0700 X-IronPort-AV: E=McAfee;i="6200,9189,10158"; a="232010514" X-IronPort-AV: E=Sophos;i="5.87,209,1631602800"; d="scan'208";a="232010514" X-Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Nov 2021 11:07:07 -0700 X-IronPort-AV: E=Sophos;i="5.87,209,1631602800"; d="scan'208";a="501638041" X-Received: from fm73lab177-1.amr.corp.intel.com ([10.80.209.189]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Nov 2021 11:07:06 -0700 From: "Rodrigo Gonzalez del Cueto" To: devel@edk2.groups.io Cc: Rodrigo Gonzalez del Cueto , Jian J Wang , Jiewen Yao Subject: [edk2-devel] [PATCH] Reallocate TPM Active PCRs based on platform support. Date: Thu, 4 Nov 2021 11:06:48 -0700 Message-Id: <20211104180648.1553-1-rodrigo.gonzalez.del.cueto@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,rodrigo.gonzalez.del.cueto@intel.com X-Gm-Message-State: i26UYfyPK517cD2eC0XhYW6qx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1636049230; bh=+tJmb/IKSdB6eWJ/5jgBA79mRmujS1ldDCPXF5QcYsk=; h=Cc:Date:From:Reply-To:Subject:To; b=TLzPZ1bSz3YG10sc1lCQ6UNH/DKjt/CRaC1+mMS6FhgAXPFELAHZiSXjR9P5nAU8mFG HLzICqIzBAb5yzSSb83EUqkXxQzRceNsskC9hwQYpdYW49vDsjR9PmmcxWnwkJzw8wGjf 8hy2NshVSkO0Umuy7xe4InIndJ6zG29rLGk= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1636049231663100001 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3515 In V3: Cleaned up comments, debug prints and updated patch to use the new debug ENUM definitions. - Replaced EFI_D_INFO with DEBUG_INFO. - Replaced EFI_D_VERBOSE with DEBUG_VERBOSE. In V2: Add case to RegisterHashInterfaceLib logic RegisterHashInterfaceLib needs to correctly handle registering the HashLib instance supported algorithm bitmap when PcdTpm2HashMask is set to zero. The current implementation of SyncPcrAllocationsAndPcrMask() triggers PCR bank reallocation only based on the intersection between TpmActivePcrBanks and PcdTpm2HashMask. When the software HashLibBaseCryptoRouter solution is used, no PCR bank reallocation is occurring based on the supported hashing algorithms registered by the HashLib instances. Need to have an additional check for the intersection between the TpmActivePcrBanks and the PcdTcg2HashAlgorithmBitmap populated by the HashLib instances present on the platform's BIOS. Signed-off-by: Rodrigo Gonzalez del Cueto Cc: Jian J Wang Cc: Jiewen Yao --- SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c |= 6 +++++- SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c |= 6 +++++- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c |= 67 ++++++++++++++++++++++++++++++++++++++++++------------------------- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf |= 1 + 4 files changed, 53 insertions(+), 27 deletions(-) diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoR= outerDxe.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoR= outerDxe.c index 7a0f61efbb..0821159120 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDx= e.c +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDx= e.c @@ -230,13 +230,17 @@ RegisterHashInterfaceLib ( { UINTN Index; UINT32 HashMask; + UINT32 Tpm2HashMask; EFI_STATUS Status; =20 // // Check allow // HashMask =3D Tpm2GetHashMaskFromAlgo (&HashInterface->HashGuid); - if ((HashMask & PcdGet32 (PcdTpm2HashMask)) =3D=3D 0) { + Tpm2HashMask =3D PcdGet32 (PcdTpm2HashMask); + + if ((Tpm2HashMask !=3D 0) && + ((HashMask & Tpm2HashMask) =3D=3D 0)) { return EFI_UNSUPPORTED; } =20 diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoR= outerPei.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoR= outerPei.c index 42cb562f67..6ae51dbce4 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPe= i.c +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPe= i.c @@ -327,13 +327,17 @@ RegisterHashInterfaceLib ( UINTN Index; HASH_INTERFACE_HOB *HashInterfaceHob; UINT32 HashMask; + UINT32 Tpm2HashMask; EFI_STATUS Status; =20 // // Check allow // HashMask =3D Tpm2GetHashMaskFromAlgo (&HashInterface->HashGuid); - if ((HashMask & PcdGet32 (PcdTpm2HashMask)) =3D=3D 0) { + Tpm2HashMask =3D PcdGet32 (PcdTpm2HashMask); + + if ((Tpm2HashMask !=3D 0) && + ((HashMask & Tpm2HashMask) =3D=3D 0)) { return EFI_UNSUPPORTED; } =20 diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tc= g2Pei.c index 93a8803ff6..582b9377e5 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c @@ -1,7 +1,7 @@ /** @file Initialize TPM2 device and measure FVs before handing off control to DXE. =20 -Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.
Copyright (c) 2017, Microsoft Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 @@ -253,7 +253,7 @@ EndofPeiSignalNotifyCallBack ( =20 /** Make sure that the current PCR allocations, the TPM supported PCRs, - and the PcdTpm2HashMask are all in agreement. + PcdTcg2HashAlgorithmBitmap and the PcdTpm2HashMask are all in agreement. **/ VOID SyncPcrAllocationsAndPcrMask ( @@ -262,52 +262,68 @@ SyncPcrAllocationsAndPcrMask ( { EFI_STATUS Status; EFI_TCG2_EVENT_ALGORITHM_BITMAP TpmHashAlgorithmBitmap; + EFI_TCG2_EVENT_ALGORITHM_BITMAP BiosHashAlgorithmBitmap; UINT32 TpmActivePcrBanks; UINT32 NewTpmActivePcrBanks; UINT32 Tpm2PcrMask; UINT32 NewTpm2PcrMask; =20 - DEBUG ((EFI_D_ERROR, "SyncPcrAllocationsAndPcrMask!\n")); + DEBUG ((DEBUG_ERROR, "SyncPcrAllocationsAndPcrMask!\n")); =20 // // Determine the current TPM support and the Platform PCR mask. // Status =3D Tpm2GetCapabilitySupportedAndActivePcrs (&TpmHashAlgorithmBit= map, &TpmActivePcrBanks); + ASSERT_EFI_ERROR (Status); =20 + DEBUG ((DEBUG_INFO, "Tpm2GetCapabilitySupportedAndActivePcrs - TpmHashAl= gorithmBitmap: 0x%08x\n", TpmHashAlgorithmBitmap)); + DEBUG ((DEBUG_INFO, "Tpm2GetCapabilitySupportedAndActivePcrs - TpmActive= PcrBanks 0x%08x\n", TpmActivePcrBanks)); + Tpm2PcrMask =3D PcdGet32 (PcdTpm2HashMask); if (Tpm2PcrMask =3D=3D 0) { // - // if PcdTPm2HashMask is zero, use ActivePcr setting + // If PcdTpm2HashMask is zero, use ActivePcr setting. + // Only when PcdTpm2HashMask is initialized to 0, will it be updated t= o current Active Pcrs. // PcdSet32S (PcdTpm2HashMask, TpmActivePcrBanks); Tpm2PcrMask =3D TpmActivePcrBanks; } + DEBUG ((DEBUG_INFO, "Tpm2PcrMask 0x%08x\n", Tpm2PcrMask)); =20 // - // Find the intersection of Pcd support and TPM support. - // If banks are missing from the TPM support that are in the PCD, update= the PCD. - // If banks are missing from the PCD that are active in the TPM, realloc= ate the banks and reboot. - // - - // - // If there are active PCR banks that are not supported by the Platform = mask, - // update the TPM allocations and reboot the machine. + // The Active PCRs in the TPM need to be a strict subset of the hashing = algorithms supported by BIOS. // - if ((TpmActivePcrBanks & Tpm2PcrMask) !=3D TpmActivePcrBanks) { - NewTpmActivePcrBanks =3D TpmActivePcrBanks & Tpm2PcrMask; - - DEBUG ((EFI_D_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n"= , __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks)); + // * Find the intersection of Pcd support and TPM active PCRs. If banks = are missing from the TPM support + // that are in the PCD, update the PCD. + // * Find intersection of TPM Active PCRs and BIOS supported algorithms.= If there are active PCR banks + // that are not supported by the platform, update the TPM allocations an= d reboot. + // Note: When the HashLibBaseCryptoRouter solution is used, the hash alg= orithm support from BIOS is reported + // by Tcg2HashAlgorithmBitmap, which is populated by HashLib insta= nces at runtime. + BiosHashAlgorithmBitmap =3D PcdGet32 (PcdTcg2HashAlgorithmBitmap); + DEBUG ((DEBUG_INFO, "Tcg2HashAlgorithmBitmap: 0x%08x\n", BiosHashAlgorit= hmBitmap)); + + if (((TpmActivePcrBanks & Tpm2PcrMask) !=3D TpmActivePcrBanks) || + ((TpmActivePcrBanks & BiosHashAlgorithmBitmap) !=3D TpmActivePcrBank= s)) { + DEBUG ((DEBUG_INFO, "TpmActivePcrBanks & Tpm2PcrMask =3D 0x%08x\n", (T= pmActivePcrBanks & Tpm2PcrMask))); + DEBUG ((DEBUG_INFO, "TpmActivePcrBanks & BiosHashAlgorithmBitmap =3D 0= x%08x\n", (TpmActivePcrBanks & BiosHashAlgorithmBitmap))); + NewTpmActivePcrBanks =3D TpmActivePcrBanks; + NewTpmActivePcrBanks &=3D Tpm2PcrMask; + NewTpmActivePcrBanks &=3D BiosHashAlgorithmBitmap; + DEBUG ((DEBUG_INFO, "NewTpmActivePcrBanks 0x%08x\n", NewTpmActivePcrBa= nks)); + + DEBUG ((DEBUG_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n"= , __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks)); if (NewTpmActivePcrBanks =3D=3D 0) { - DEBUG ((EFI_D_ERROR, "%a - No viable PCRs active! Please set a less = restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); + DEBUG ((DEBUG_ERROR, "%a - No viable PCRs active! Please set a less = restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); ASSERT (FALSE); } else { + DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocateBanks (TpmHashAlgorithmBitmap: = 0x%08x, NewTpmActivePcrBanks: 0x%08x)\n", TpmHashAlgorithmBitmap, NewTpmAct= ivePcrBanks)); Status =3D Tpm2PcrAllocateBanks (NULL, (UINT32)TpmHashAlgorithmBitma= p, NewTpmActivePcrBanks); if (EFI_ERROR (Status)) { // // We can't do much here, but we hope that this doesn't happen. // - DEBUG ((EFI_D_ERROR, "%a - Failed to reallocate PCRs!\n", __FUNCTI= ON__)); + DEBUG ((DEBUG_ERROR, "%a - Failed to reallocate PCRs!\n", __FUNCTI= ON__)); ASSERT_EFI_ERROR (Status); } // @@ -324,13 +340,14 @@ SyncPcrAllocationsAndPcrMask ( if ((Tpm2PcrMask & TpmHashAlgorithmBitmap) !=3D Tpm2PcrMask) { NewTpm2PcrMask =3D Tpm2PcrMask & TpmHashAlgorithmBitmap; =20 - DEBUG ((EFI_D_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to 0x%X.\= n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask)); + DEBUG ((DEBUG_ERROR, "%a - Updating PcdTpm2HashMask from 0x%X to 0x%X.= \n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask)); if (NewTpm2PcrMask =3D=3D 0) { - DEBUG ((EFI_D_ERROR, "%a - No viable PCRs supported! Please set a le= ss restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); + DEBUG ((DEBUG_ERROR, "%a - No viable PCRs supported! Please set a le= ss restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); ASSERT (FALSE); } =20 Status =3D PcdSet32S (PcdTpm2HashMask, NewTpm2PcrMask); + DEBUG ((DEBUG_ERROR, "Set PcdTpm2Hash Mask to 0x%08x\n", NewTpm2PcrMas= k)); ASSERT_EFI_ERROR (Status); } } @@ -365,7 +382,7 @@ LogHashEvent ( RetStatus =3D EFI_SUCCESS; for (Index =3D 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0= ]); Index++) { if ((SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) !=3D 0) { - DEBUG ((EFI_D_INFO, " LogFormat - 0x%08x\n", mTcg2EventInfo[Index].= LogFormat)); + DEBUG ((DEBUG_INFO, " LogFormat - 0x%08x\n", mTcg2EventInfo[Index].= LogFormat)); switch (mTcg2EventInfo[Index].LogFormat) { case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2: Status =3D GetDigestFromDigestList (TPM_ALG_SHA1, DigestList, &New= EventHdr->Digest); @@ -476,7 +493,7 @@ HashLogExtendEvent ( } =20 if (Status =3D=3D EFI_DEVICE_ERROR) { - DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status= )); + DEBUG ((DEBUG_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status= )); BuildGuidHob (&gTpmErrorHobGuid,0); REPORT_STATUS_CODE ( EFI_ERROR_CODE | EFI_ERROR_MINOR, @@ -1011,7 +1028,7 @@ PeimEntryMA ( } =20 if (GetFirstGuidHob (&gTpmErrorHobGuid) !=3D NULL) { - DEBUG ((EFI_D_ERROR, "TPM2 error!\n")); + DEBUG ((DEBUG_ERROR, "TPM2 error!\n")); return EFI_DEVICE_ERROR; } =20 @@ -1075,7 +1092,7 @@ PeimEntryMA ( for (PcrIndex =3D 0; PcrIndex < 8; PcrIndex++) { Status =3D MeasureSeparatorEventWithError (PcrIndex); if (EFI_ERROR (Status)) { - DEBUG ((EFI_D_ERROR, "Separator Event with Error not Measured. E= rror!\n")); + DEBUG ((DEBUG_ERROR, "Separator Event with Error not Measured. E= rror!\n")); } } } @@ -1106,7 +1123,7 @@ PeimEntryMA ( =20 Done: if (EFI_ERROR (Status)) { - DEBUG ((EFI_D_ERROR, "TPM2 error! Build Hob\n")); + DEBUG ((DEBUG_ERROR, "TPM2 error! Build Hob\n")); BuildGuidHob (&gTpmErrorHobGuid,0); REPORT_STATUS_CODE ( EFI_ERROR_CODE | EFI_ERROR_MINOR, diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf b/SecurityPkg/Tcg/Tcg2Pei/= Tcg2Pei.inf index 06c26a2904..17ad116126 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf @@ -86,6 +86,7 @@ ## SOMETIMES_CONSUMES ## SOMETIMES_PRODUCES gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap = ## CONSUMES =20 [Depex] gEfiPeiMasterBootModePpiGuid AND --=20 2.33.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#83355): https://edk2.groups.io/g/devel/message/83355 Mute This Topic: https://groups.io/mt/84674454/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-