From: Ard Biesheuvel <ardb@kernel.org>
To: linux-efi@vger.kernel.org
Cc: Ard Biesheuvel <ardb@kernel.org>, Peter Jones <pjones@redhat.com>,
Leif Lindholm <leif@nuviainc.com>,
Arvind Sankar <nivedita@alum.mit.edu>,
Matthew Garrett <mjg59@google.com>,
Daniel Kiper <daniel.kiper@oracle.com>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>
Subject: [RFC PATCH 5/7] efi/libstub: add prototype of efi_tcg2_protocol::hash_log_extend_event()
Date: Mon, 2 Nov 2020 18:06:32 +0100 [thread overview]
Message-ID: <20201102170634.20575-6-ardb@kernel.org> (raw)
In-Reply-To: <20201102170634.20575-1-ardb@kernel.org>
Define the right prototype for efi_tcg2_protocol::hash_log_extend_event()
so we can start using it to measure the initrd into the TPM if it was
loaded by the EFI stub itself.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
arch/x86/include/asm/efi.h | 4 ++++
drivers/firmware/efi/libstub/efistub.h | 22 +++++++++++++++++++-
2 files changed, 25 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
index b921b593e0a3..73316cd67086 100644
--- a/arch/x86/include/asm/efi.h
+++ b/arch/x86/include/asm/efi.h
@@ -303,6 +303,10 @@ static inline u32 efi64_convert_status(efi_status_t status)
#define __efi64_argmap_query_mode(gop, mode, size, info) \
((gop), (mode), efi64_zero_upper(size), efi64_zero_upper(info))
+/* TCG2 protocol */
+#define __efi64_argmap_hash_log_extend_event(prot, fl, addr, size, ev) \
+ ((prot), (fl), 0ULL, (u64)(addr), 0ULL, (u64)(size), 0ULL, ev)
+
/*
* The macros below handle the plumbing for the argument mapping. To add a
* mapping for a specific EFI method, simply define a macro
diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
index 2c621bf4760f..c96085133648 100644
--- a/drivers/firmware/efi/libstub/efistub.h
+++ b/drivers/firmware/efi/libstub/efistub.h
@@ -667,6 +667,20 @@ union apple_properties_protocol {
typedef u32 efi_tcg2_event_log_format;
+#define EFI_TCG2_EVENT_HEADER_VERSION 0x1
+
+struct efi_tcg2_event {
+ u32 event_size;
+ struct {
+ u32 header_size;
+ u16 header_version;
+ u32 pcr_index;
+ u32 event_type;
+ } event_header;
+ /* u8[] event follows here */
+} __packed;
+
+typedef struct efi_tcg2_event efi_tcg2_event_t;
typedef union efi_tcg2_protocol efi_tcg2_protocol_t;
union efi_tcg2_protocol {
@@ -677,7 +691,11 @@ union efi_tcg2_protocol {
efi_physical_addr_t *,
efi_physical_addr_t *,
efi_bool_t *);
- void *hash_log_extend_event;
+ efi_status_t (__efiapi *hash_log_extend_event)(efi_tcg2_protocol_t *,
+ u64,
+ efi_physical_addr_t,
+ u64,
+ const efi_tcg2_event_t *);
void *submit_command;
void *get_active_pcr_banks;
void *set_active_pcr_banks;
@@ -857,4 +875,6 @@ efi_enable_reset_attack_mitigation(void) { }
void efi_retrieve_tpm2_eventlog(void);
+void efi_tpm_measure_initrd(unsigned long addr, unsigned long size);
+
#endif
--
2.17.1
next prev parent reply other threads:[~2020-11-02 17:07 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-02 17:06 [RFC PATCH 0/7] efi/libstub: measurement initrd data loaded by the EFI stub Ard Biesheuvel
2020-11-02 17:06 ` [RFC PATCH 1/7] efi/libstub: whitespace cleanup Ard Biesheuvel
2020-11-02 17:06 ` [RFC PATCH 2/7] efi/libstub: fix prototype of efi_tcg2_protocol::get_event_log() Ard Biesheuvel
2020-11-02 17:06 ` [RFC PATCH 3/7] efi/libstub: x86/mixed: increase supported argument count Ard Biesheuvel
2020-11-02 17:06 ` [RFC PATCH 4/7] efi/libstub: move TPM related prototypes into efistub.h Ard Biesheuvel
2020-11-02 17:06 ` Ard Biesheuvel [this message]
2020-11-02 17:06 ` [RFC PATCH 6/7] efi/libstub: consolidate initrd handling across architectures Ard Biesheuvel
2020-11-02 17:06 ` [RFC PATCH 7/7] efi/libstub: measure loaded initrd info into the TPM Ard Biesheuvel
2020-11-03 21:45 ` James Bottomley
2020-11-02 19:39 ` [RFC PATCH 0/7] efi/libstub: measurement initrd data loaded by the EFI stub Matthew Garrett
2020-11-02 20:24 ` Ard Biesheuvel
2020-11-02 20:26 ` Matthew Garrett
2020-11-03 21:37 ` James Bottomley
2020-11-03 22:29 ` James Bottomley
2020-11-03 5:51 ` Ilias Apalodimas
2020-11-03 8:18 ` Ard Biesheuvel
2020-11-03 21:22 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201102170634.20575-6-ardb@kernel.org \
--to=ardb@kernel.org \
--cc=daniel.kiper@oracle.com \
--cc=ilias.apalodimas@linaro.org \
--cc=leif@nuviainc.com \
--cc=linux-efi@vger.kernel.org \
--cc=mjg59@google.com \
--cc=nivedita@alum.mit.edu \
--cc=pjones@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.