Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp3965558pxk; Tue, 29 Sep 2020 10:30:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzy6km85+e59Ll1ZwlF5Y51Rk0Gtlr7t4R8MWUmy98t+4Fv+tEN4uKd3gkSgYreNgJIr9bd X-Received: by 2002:a17:906:b146:: with SMTP id bt6mr4903648ejb.287.1601400619137; Tue, 29 Sep 2020 10:30:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1601400619; cv=none; d=google.com; s=arc-20160816; b=hRu3zO9sze42OxJ1oU4f0siuqTVV5C+cjsEns3cP9DSx2jIItlaAj98B4MQ5k/bsXM y2SNLjlfhDGT7H2aqxFdOZ+KiKaRYNEN+pfAxVNDgcR7ucRigFNPeRWydGFVQvhBgu6O /hE71DHlY0kEQfRciTG/fkz5/3Yx430kiqgEKE6q7p5aE3O6VfvKbjH3lmKciv2N6Tuu qoHl4Kgzt2+prfff+Ymo0hpwVG/c4OlFSQdyCRCSRNYeHy9m0Bb0TmWgTdSfVE1kxrUX a+Zl/UwRQ3b9A3o/nOc9bEGYSMirv97QH60UCeXx60hvfgfjMHtGzmoWhkpPssae32Ye OIFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=vhk3MbInaaF/6croUvi+/zraDixQnx7wCrXOslWTtys=; b=w+kU1QEM8mcq+xfxnMzSfk1uUI+oKiHihPu9I098grFjk9ei75PJ3+u6RoVIZHBBL4 hk/WNtcgWzWQAD4+KklgrfDw9XY9Pw3ijU35+8kxwQMHajn70qu1wHZ1w1Nq0WvedoCy lm/V8a2+cGA/GSnCjGc78xz1Q1FGEw024sYHndLtB6zJ4Stdpp+ftyKNdkLHKfDVhAWY ohwlqvxFrS1pV9YoHsVh6n5AcyGdYvccvB6VQUl6kUz6rn39kn7YS1aJu/lcv5GhELtM ZiAkrRyLkh363GLmoHGZk1EMHimUBkDHwiWa06kZPDJxeOBx9/TQu2SOTD2H2jZEPJVU 3xZQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=n4MkOq3U; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ce16si3494137edb.302.2020.09.29.10.29.54; Tue, 29 Sep 2020 10:30:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=n4MkOq3U; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728557AbgI2R0u (ORCPT + 99 others); Tue, 29 Sep 2020 13:26:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36118 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727328AbgI2R0u (ORCPT ); Tue, 29 Sep 2020 13:26:50 -0400 Received: from mail-lj1-x243.google.com (mail-lj1-x243.google.com [IPv6:2a00:1450:4864:20::243]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 589B3C061755; Tue, 29 Sep 2020 10:26:48 -0700 (PDT) Received: by mail-lj1-x243.google.com with SMTP id a22so4674334ljp.13; Tue, 29 Sep 2020 10:26:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vhk3MbInaaF/6croUvi+/zraDixQnx7wCrXOslWTtys=; b=n4MkOq3UvJP9m0yc5Rtex4KtclxrWnItxqOpn6tZJzlS3ahY9sxrZ99wx/IIjkLyvA K0GqFxQHjcFt79Rjzd/Zm9P8+hgfC0QYVVFBS3iB5TCojtSzbQJOyd0rGk4g2xAykhL1 Mpwh64dBzCzV9r1Za8avYcsDcrmErdyZmkPZ9kEoUIO8LDElIUZB0ATuZbnGDNr+fYQS fMRGTlsGFAmcXPGzIlYRJpjM9y6G5KnSBPq844V0njnx82hXnbevNRGQZz0ZkAWsenvR bKCofziWQTxGJfxBozUMNCYve9GC3OKOVWJ2cqK5v8FXJ+cKBVDwL7pzd68pvgwRMTG2 wnFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vhk3MbInaaF/6croUvi+/zraDixQnx7wCrXOslWTtys=; b=WfRKpf+xKr1jnku10q+LWizcTjobYgzqxwg/MsSTHoORCKk8U4zB7RTf4RSA17I1mC 6j907yyP/WpxcHxSU4oDDKJxMGaOhWSZAdbXQMlXOKr03tBVdm87wT7UDrwpQNpBrhgg XN+QUXfiwFPiHupYV1lQoxDSPwar+sqKD29xFAzkz0VYIoACQC9f5lbcZUlU4S1RMH/w NMIsQ0jOvMDfN0Tp75Ei02S4lft5jjHJI67km4uinwl4uhL4iqXtss58V0PQWRaHVSS7 aJaUBcxh0Af83tHbS/+Y41C/MaT9GUWyN9Npb5SFdpVekU/bPFMvZIqDrignIfeITfWO sKcQ== X-Gm-Message-State: AOAM533e6CaU0nhZ/epOu1jmf6pUGOji4zQrTtOK2XQig8Ln9l2iknLI FG4Igp8uYV8x0FEHqyLnasICk9Q7fz6lHn9Owgg= X-Received: by 2002:a2e:8988:: with SMTP id c8mr1422707lji.433.1601400406761; Tue, 29 Sep 2020 10:26:46 -0700 (PDT) MIME-Version: 1.0 References: <1600959521-24158-1-git-send-email-ross.philipson@oracle.com> <1600959521-24158-4-git-send-email-ross.philipson@oracle.com> In-Reply-To: <1600959521-24158-4-git-send-email-ross.philipson@oracle.com> From: Jason Andryuk Date: Tue, 29 Sep 2020 13:26:34 -0400 Message-ID: Subject: Re: [PATCH 03/13] x86: Add early SHA support for Secure Launch early measurements To: Ross Philipson Cc: open list , x86@kernel.org, iommu@lists.linux-foundation.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org, Daniel Smith , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , luto@amacapital.net, trenchboot-devel@googlegroups.com Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Sep 24, 2020 at 11:00 AM Ross Philipson wrote: > > The SHA algorithms are necessary to measure configuration information into > the TPM as early as possible before using the values. This implementation > uses the established approach of #including the SHA libraries directly in > the code since the compressed kernel is not uncompressed at this point. > > The SHA code here has its origins in the code from the main kernel. That > code could not be pulled directly into the setup portion of the compressed > kernel because of other dependencies it pulls in. The result is this is a > modified copy of that code that still leverages the core SHA algorithms. > > Signed-off-by: Daniel P. Smith > Signed-off-by: Ross Philipson > --- > arch/x86/boot/compressed/Makefile | 4 + > arch/x86/boot/compressed/early_sha1.c | 104 ++++++++++++++++ > arch/x86/boot/compressed/early_sha1.h | 17 +++ > arch/x86/boot/compressed/early_sha256.c | 6 + > arch/x86/boot/compressed/early_sha512.c | 6 + > include/linux/sha512.h | 21 ++++ > lib/sha1.c | 4 + > lib/sha512.c | 209 ++++++++++++++++++++++++++++++++ > 8 files changed, 371 insertions(+) > create mode 100644 arch/x86/boot/compressed/early_sha1.c > create mode 100644 arch/x86/boot/compressed/early_sha1.h > create mode 100644 arch/x86/boot/compressed/early_sha256.c > create mode 100644 arch/x86/boot/compressed/early_sha512.c > create mode 100644 include/linux/sha512.h > create mode 100644 lib/sha512.c > > diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile > index ff7894f..0fd84b9 100644 > --- a/arch/x86/boot/compressed/Makefile > +++ b/arch/x86/boot/compressed/Makefile > @@ -96,6 +96,10 @@ vmlinux-objs-$(CONFIG_ACPI) += $(obj)/acpi.o > vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_thunk_$(BITS).o > efi-obj-$(CONFIG_EFI_STUB) = $(objtree)/drivers/firmware/efi/libstub/lib.a > > +vmlinux-objs-$(CONFIG_SECURE_LAUNCH) += $(obj)/early_sha1.o > +vmlinux-objs-$(CONFIG_SECURE_LAUNCH_SHA256) += $(obj)/early_sha256.o > +vmlinux-objs-$(CONFIG_SECURE_LAUNCH_SHA512) += $(obj)/early_sha512.o > + > # The compressed kernel is built with -fPIC/-fPIE so that a boot loader > # can place it anywhere in memory and it will still run. However, since > # it is executed as-is without any ELF relocation processing performed > diff --git a/arch/x86/boot/compressed/early_sha1.c b/arch/x86/boot/compressed/early_sha1.c > new file mode 100644 > index 0000000..198c46d > --- /dev/null > +++ b/arch/x86/boot/compressed/early_sha1.c > @@ -0,0 +1,104 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright (c) 2020, Oracle and/or its affiliates. > + * Copyright (c) 2020 Apertus Solutions, LLC. > + */ > + > +#include > +#include > +#include > +#include > +#include > + > +#include "early_sha1.h" > + > +#define SHA1_DISABLE_EXPORT > +#include "../../../../lib/sha1.c" > + > +/* The SHA1 implementation in lib/sha1.c was written to get the workspace > + * buffer as a parameter. This wrapper function provides a container > + * around a temporary workspace that is cleared after the transform completes. > + */ > +static void __sha_transform(u32 *digest, const char *data) > +{ > + u32 ws[SHA1_WORKSPACE_WORDS]; > + > + sha1_transform(digest, data, ws); > + > + memset(ws, 0, sizeof(ws)); > + /* > + * As this is cryptographic code, prevent the memset 0 from being > + * optimized out potentially leaving secrets in memory. > + */ > + wmb(); You can use memzero_explicit instead of open coding it. Regards, Jason