Frans Hendriks | 7c82dbc | 2019-08-01 15:25:19 +0200 | [diff] [blame] | 1 | /* |
| 2 | * This file is part of the coreboot project. |
| 3 | * |
| 4 | * Copyright (C) 2015 Intel Corporation |
| 5 | * Copyright (C) 2018-2019 Eltan B.V. |
| 6 | * |
| 7 | * This program is free software; you can redistribute it and/or modify |
| 8 | * it under the terms of the GNU General Public License as published by |
| 9 | * the Free Software Foundation; version 2 of the License. |
| 10 | * |
| 11 | * This program is distributed in the hope that it will be useful, |
| 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 14 | * GNU General Public License for more details. |
| 15 | */ |
| 16 | |
| 17 | #ifndef MBOOT_H |
| 18 | #define MBOOT_H |
| 19 | |
| 20 | #include <arch/io.h> |
| 21 | #include <arch/acpi.h> |
| 22 | #include <string.h> |
| 23 | #include <cb_sha.h> |
| 24 | #include <console/console.h> |
| 25 | #include <cbfs.h> |
| 26 | #include <lib.h> |
| 27 | #include <boot/coreboot_tables.h> |
| 28 | #include <security/tpm/tss/tcg-2.0/tss_structures.h> |
| 29 | #include <security/tpm/tss.h> |
| 30 | #include <swab.h> |
| 31 | |
| 32 | /* TPM2 interface */ |
| 33 | #define EFI_TPM2_ACPI_TABLE_START_METHOD_TIS 6 |
| 34 | #define TPM_SHA1_160_HASH_LEN 0x14 |
| 35 | |
| 36 | /* Part 2, section 5.4: TPM_DIGEST */ |
| 37 | |
| 38 | /* Index to a PCR register */ |
| 39 | typedef uint32_t TPM_PCRINDEX; |
| 40 | typedef uint32_t TCG_EVENTTYPE; |
| 41 | typedef TPM_PCRINDEX TCG_PCRINDEX; |
| 42 | typedef int8_t TCG_DIGEST; |
| 43 | |
| 44 | /* TCG_PCR_EVENT_HDR */ |
| 45 | typedef struct { |
| 46 | TCG_PCRINDEX pcrIndex; |
| 47 | TCG_EVENTTYPE eventType; |
| 48 | TCG_DIGEST digest[TPM_SHA1_160_HASH_LEN]; |
| 49 | uint32_t eventSize; |
| 50 | } __packed TCG_PCR_EVENT_HDR; |
| 51 | |
| 52 | /* TCG_PCR_EVENT2_HDR */ |
| 53 | typedef struct { |
| 54 | TCG_PCRINDEX pcrIndex; |
| 55 | TCG_EVENTTYPE eventType; |
| 56 | TPML_DIGEST_VALUES digest; |
| 57 | uint32_t eventSize; |
| 58 | } __packed TCG_PCR_EVENT2_HDR; |
| 59 | |
| 60 | typedef uint32_t EFI_TCG2_EVENT_ALGORITHM_BITMAP; |
| 61 | |
| 62 | #define EFI_TCG2_BOOT_HASH_ALG_SHA1 0x00000001 |
| 63 | #define EFI_TCG2_BOOT_HASH_ALG_SHA256 0x00000002 |
| 64 | #define EFI_TCG2_BOOT_HASH_ALG_SHA384 0x00000004 |
| 65 | #define EFI_TCG2_BOOT_HASH_ALG_SHA512 0x00000008 |
| 66 | #define EFI_TCG2_BOOT_HASH_ALG_SM3_256 0x00000010 |
| 67 | |
| 68 | /* Standard event types */ |
| 69 | #define EV_POST_CODE ((TCG_EVENTTYPE) 0x00000001) |
| 70 | #define EV_NO_ACTION ((TCG_EVENTTYPE) 0x00000003) |
| 71 | #define EV_SEPARATOR ((TCG_EVENTTYPE) 0x00000004) |
| 72 | #define EV_S_CRTM_CONTENTS ((TCG_EVENTTYPE) 0x00000007) |
| 73 | #define EV_S_CRTM_VERSION ((TCG_EVENTTYPE) 0x00000008) |
| 74 | #define EV_CPU_MICROCODE ((TCG_EVENTTYPE) 0x00000009) |
| 75 | #define EV_TABLE_OF_DEVICES ((TCG_EVENTTYPE) 0x0000000B) |
| 76 | |
| 77 | #define MBOOT_PCR_INDEX_0 0x0 |
| 78 | #define MBOOT_PCR_INDEX_1 0x1 |
| 79 | #define MBOOT_PCR_INDEX_2 0x2 |
| 80 | #define MBOOT_PCR_INDEX_3 0x3 |
| 81 | #define MBOOT_PCR_INDEX_4 0x4 |
| 82 | #define MBOOT_PCR_INDEX_5 0x5 |
| 83 | #define MBOOT_PCR_INDEX_6 0x6 |
| 84 | #define MBOOT_PCR_INDEX_7 0x7 |
| 85 | |
| 86 | /* |
| 87 | * used to indicate a hash is provide so there is no need to perform the |
| 88 | * measurement |
| 89 | */ |
| 90 | #define MBOOT_HASH_PROVIDED (0x00000001) |
| 91 | |
| 92 | |
| 93 | int is_zero_buffer(void *buffer, unsigned int size); |
| 94 | |
| 95 | int mboot_hash_extend_log(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr, |
| 96 | uint64_t flags, uint8_t *hashData, uint32_t hashDataLen, |
| 97 | TCG_PCR_EVENT2_HDR *newEventHdr, uint8_t *eventLog, uint8_t invalid); |
| 98 | |
| 99 | void mboot_print_buffer(uint8_t *buffer, uint32_t bufferSize); |
| 100 | |
| 101 | int mb_crtm(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr); |
| 102 | |
| 103 | typedef struct { |
| 104 | const char *cbfs_name; |
| 105 | uint32_t cbfs_type; |
| 106 | uint32_t pcr; |
| 107 | TCG_EVENTTYPE eventType; |
| 108 | const char *event_msg; |
| 109 | } mboot_measure_item_t; |
| 110 | |
| 111 | int mb_measure_log_worker(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr, |
| 112 | const char *name, uint32_t type, uint32_t pcr, |
| 113 | TCG_EVENTTYPE eventType, const char *event_msg); |
| 114 | |
| 115 | int mb_measure_log_start(void); |
| 116 | void invalidate_pcrs(void); |
| 117 | |
| 118 | EFI_TCG2_EVENT_ALGORITHM_BITMAP tpm2_get_active_pcrs(void); |
| 119 | |
| 120 | int tpm2_get_capability_pcrs(TPML_PCR_SELECTION *Pcrs); |
| 121 | |
| 122 | int mb_measure(int wake_from_s3); |
| 123 | int mb_entry(int wake_from_s3); |
| 124 | |
| 125 | int log_efi_specid_event(EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrs); |
| 126 | int log_event_tcg_20_format(TCG_PCR_EVENT2_HDR *EventHdr, uint8_t *EventLog); |
| 127 | int log_event_tcg_12_format(TCG_PCR_EVENT2_HDR *EventHdr, uint8_t *EventLog); |
| 128 | |
| 129 | int get_intel_me_hash(uint8_t *hash); |
| 130 | |
| 131 | #endif /* MBOOT_H */ |