Received: by 2002:ac0:8845:0:0:0:0:0 with SMTP id g63csp2214536img; Wed, 27 Feb 2019 12:27:52 -0800 (PST) X-Google-Smtp-Source: AHgI3IZEs9qNX+NdnN1r8IbT6fpMRxPLTHDKq1pgjSMlR6iwgATzeTXn4glFCKGy7w4RJbKD5wmr X-Received: by 2002:a65:5142:: with SMTP id g2mr4780223pgq.149.1551299272796; Wed, 27 Feb 2019 12:27:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551299272; cv=none; d=google.com; s=arc-20160816; b=bIqOLsND8mj7OI45Nt97PgD2ctK7nTvDmBwpEkDBpOr1As7krROaTOB3mlDD1U22V2 P7EdDqy/WlDoxDn23i9W96O+c4JrQK2NDJLJYnjUEs0pc1Z84FSbunPDIRmj6+mejFv2 s8dKeWRKxmrE8tm99ovwv+iNQMBH/btm69s16nDmYOpDDCX5bSAq+QLB9fUESkPN/EQR T7yXcG8sQQd5XTgd2DxH2KXDF+9TkOwgyDY0l1dK/9bzPlkG49CWH+uVdY7eJn6ZGsWW lsgczoHDsdVvd+lpSqeqObab21Z8mnTVhFOSSRSNYsnmi2TGUoPlg3JrRK+tgQN4K647 I1mw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=jrd68x/FfHXCt7CWtZJCh8NI2YSDkYhEoPHIj9aDd98=; b=y3UHhmNVuhQcJCxBqHNuyzYUtwypN0CXqq8KAV/6zRJ8W1uJ+KzLPbdes5F4TvfCW4 lI/r7wk7NyIdUDrCmpOq//GjdO0qw2kZLDKF8Wm/BSptLY90TxPgGLJugwWd40aagsmG dxEhFFdXCgmoX4PaCtL5quJrA6MJ5/Q3Uu11+ddsKo6eGZ648C3DyDVIyUrXhwMoeMoN fsaqRAwmHScuUF8AgfpkPUh78p8R6v7FkOK9MyYR7BbbdP9bmGuS86HWtLhXB03wd19A ingTc9Sug55bz4VIfFMVYZcGBgbX8pkp40av1UtrQyvsehWABW0OdEAIrx9dRsUlhL8v 72AQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Mr+4Z61H; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t15si15096085pgv.503.2019.02.27.12.27.37; Wed, 27 Feb 2019 12:27:52 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Mr+4Z61H; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730378AbfB0U1I (ORCPT + 99 others); Wed, 27 Feb 2019 15:27:08 -0500 Received: from mail-pf1-f202.google.com ([209.85.210.202]:36169 "EHLO mail-pf1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730341AbfB0U1G (ORCPT ); Wed, 27 Feb 2019 15:27:06 -0500 Received: by mail-pf1-f202.google.com with SMTP id w16so14148182pfn.3 for ; Wed, 27 Feb 2019 12:27:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=jrd68x/FfHXCt7CWtZJCh8NI2YSDkYhEoPHIj9aDd98=; b=Mr+4Z61H4ihzxA34NS2wOMwksF4TBqoI5xQEP3vt/c9ak352gyuXdgBhX3eTgAZgEi LtDnaLQZ+o0xtLsn7yeYUSGlYcsjOA8NmRfeEZiqmnr64eDpKkmm+cTGCxZuvUdJOkJa mTZ+GczaudDIuNrq0SlU9uwBmIubvXSOpgoHU5vx+ITprhq9EkieilaV3We3ID21//d/ 1EeBA28sRf03O4oGVKmQIJX9WGBk19mcSqCZFgDcv4RZLDnjcWorDnSzAs1rJyxoIE+d FIok+G2VB41l3Wrl9TDwwchEUfl9SO1lFDQXzsHzLwk9F6QUkNjGJUocIW469A3jojsR ljog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=jrd68x/FfHXCt7CWtZJCh8NI2YSDkYhEoPHIj9aDd98=; b=ILppfCv6wkxqWikfJ/Bd9D3BwBjabCdVnpsbifrOBCMNywoGG6iM3JnM4py/KbDAx8 D1cn6kLWRh5kheam/hwVVVdPWTJ11kQ7IV+9TWUDS7z+Nd6j6Wiu26tZlZl9B6ssy9ex K3bpeJ8WV1DqIyI4he4+tV7fMLdqMRgoS4MT0QEpaYR70LmF8adsdYIpSTgV13+EGw7s U6bC9S7HAPNqtlcLCGa18h0fw/wfTCa9+90w8+ZwJwclYd6NGeTU6zSgaZY/zw0qDey+ bjY97ynzFV3Yi92aVv9zBe/4ISNOjmLirzLsYnyLm22GPKL8UIjuBy6u/fYiCoxYUs9f wiXw== X-Gm-Message-State: AHQUAuY3uE4rqgAC62+wEPWei/F3b/VbrvODV/7a4BsM36SfKwc4vi0I U0c8rtg30AEQ70it4ny/1zsFjXEMRf55SZuF9Meaqg== X-Received: by 2002:a17:902:8ec4:: with SMTP id x4mr1289915plo.124.1551299225370; Wed, 27 Feb 2019 12:27:05 -0800 (PST) Date: Wed, 27 Feb 2019 12:26:55 -0800 In-Reply-To: <20190227202658.197113-1-matthewgarrett@google.com> Message-Id: <20190227202658.197113-2-matthewgarrett@google.com> Mime-Version: 1.0 References: <20190227202658.197113-1-matthewgarrett@google.com> X-Mailer: git-send-email 2.21.0.352.gf09ad66450-goog Subject: [PATCH V5 1/4] tpm: Abstract crypto agile event size calculations From: Matthew Garrett To: linux-integrity@vger.kernel.org Cc: peterhuewe@gmx.de, jarkko.sakkinen@linux.intel.com, jgg@ziepe.ca, roberto.sassu@huawei.com, linux-efi@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, tweek@google.com, Matthew Garrett Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Matthew Garrett We need to calculate the size of crypto agile events in multiple locations, including in the EFI boot stub. The easiest way to do this is to put it in a header file as an inline and leave a wrapper to ensure we don't end up with multiple copies of it embedded in the existing code. Signed-off-by: Matthew Garrett --- drivers/char/tpm/eventlog/tpm2.c | 47 +--------------------- include/linux/tpm_eventlog.h | 68 ++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+), 46 deletions(-) diff --git a/drivers/char/tpm/eventlog/tpm2.c b/drivers/char/tpm/eventlog/tpm2.c index f824563fc28d..1a977bdd3bd2 100644 --- a/drivers/char/tpm/eventlog/tpm2.c +++ b/drivers/char/tpm/eventlog/tpm2.c @@ -40,52 +40,7 @@ static size_t calc_tpm2_event_size(struct tcg_pcr_event2_head *event, struct tcg_pcr_event *event_header) { - struct tcg_efi_specid_event_head *efispecid; - struct tcg_event_field *event_field; - void *marker; - void *marker_start; - u32 halg_size; - size_t size; - u16 halg; - int i; - int j; - - marker = event; - marker_start = marker; - marker = marker + sizeof(event->pcr_idx) + sizeof(event->event_type) - + sizeof(event->count); - - efispecid = (struct tcg_efi_specid_event_head *)event_header->event; - - /* Check if event is malformed. */ - if (event->count > efispecid->num_algs) - return 0; - - for (i = 0; i < event->count; i++) { - halg_size = sizeof(event->digests[i].alg_id); - memcpy(&halg, marker, halg_size); - marker = marker + halg_size; - for (j = 0; j < efispecid->num_algs; j++) { - if (halg == efispecid->digest_sizes[j].alg_id) { - marker += - efispecid->digest_sizes[j].digest_size; - break; - } - } - /* Algorithm without known length. Such event is unparseable. */ - if (j == efispecid->num_algs) - return 0; - } - - event_field = (struct tcg_event_field *)marker; - marker = marker + sizeof(event_field->event_size) - + event_field->event_size; - size = marker - marker_start; - - if ((event->event_type == 0) && (event_field->event_size == 0)) - return 0; - - return size; + return __calc_tpm2_event_size(event, event_header); } static void *tpm2_bios_measurements_start(struct seq_file *m, loff_t *pos) diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h index 81519f163211..6a86144e13f1 100644 --- a/include/linux/tpm_eventlog.h +++ b/include/linux/tpm_eventlog.h @@ -112,4 +112,72 @@ struct tcg_pcr_event2_head { struct tpm_digest digests[]; } __packed; +/** + * __calc_tpm2_event_size - calculate the size of a TPM2 event log entry + * @event: Pointer to the event whose size should be calculated + * @event_header: Pointer to the initial event containing the digest lengths + * + * The TPM2 event log format can contain multiple digests corresponding to + * separate PCR banks, and also contains a variable length of the data that + * was measured. This requires knowledge of how long each digest type is, + * and this information is contained within the first event in the log. + * + * We calculate the length by examining the number of events, and then looking + * at each event in turn to determine how much space is used for events in + * total. Once we've done this we know the offset of the data length field, + * and can calculate the total size of the event. + * + * Return: size of the event on success, <0 on failure + */ + +static inline int __calc_tpm2_event_size(struct tcg_pcr_event2_head *event, + struct tcg_pcr_event *event_header) +{ + struct tcg_efi_specid_event_head *efispecid; + struct tcg_event_field *event_field; + void *marker; + void *marker_start; + u32 halg_size; + size_t size; + u16 halg; + int i; + int j; + + marker = event; + marker_start = marker; + marker = marker + sizeof(event->pcr_idx) + sizeof(event->event_type) + + sizeof(event->count); + + efispecid = (struct tcg_efi_specid_event_head *)event_header->event; + + /* Check if event is malformed. */ + if (event->count > efispecid->num_algs) + return 0; + + for (i = 0; i < event->count; i++) { + halg_size = sizeof(event->digests[i].alg_id); + memcpy(&halg, marker, halg_size); + marker = marker + halg_size; + for (j = 0; j < efispecid->num_algs; j++) { + if (halg == efispecid->digest_sizes[j].alg_id) { + marker += + efispecid->digest_sizes[j].digest_size; + break; + } + } + /* Algorithm without known length. Such event is unparseable. */ + if (j == efispecid->num_algs) + return 0; + } + + event_field = (struct tcg_event_field *)marker; + marker = marker + sizeof(event_field->event_size) + + event_field->event_size; + size = marker - marker_start; + + if ((event->event_type == 0) && (event_field->event_size == 0)) + return 0; + + return size; +} #endif -- 2.21.0.352.gf09ad66450-goog