Received: by 2002:a05:7412:1e0b:b0:fc:a2b0:25d7 with SMTP id kr11csp109554rdb; Wed, 14 Feb 2024 14:33:13 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWwyAq350ag7kdHOhB8YOsbaWThFs2Z9L5ETDcboJ2/6z/aZPDgd4oP/1FNcGNdGzhwVAllujLpeabzNRTr5kAUaNP4dlIApQ6VuE5zmg== X-Google-Smtp-Source: AGHT+IFsDctVDTT6U19cEGb96TbeDSmtpYxBPemwLCfpueDGbQXVEBZr5uiNSnU4Yeb+P1sf+zSE X-Received: by 2002:a17:902:dac6:b0:1d9:7228:b345 with SMTP id q6-20020a170902dac600b001d97228b345mr13553plx.2.1707949993210; Wed, 14 Feb 2024 14:33:13 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707949993; cv=pass; d=google.com; s=arc-20160816; b=su/4mReIAMrz+3i1K3Ky73RvqyaObU31R0QkezvHs5G6UbRVbbuulpwwi4fBHNtkTU nLkn9O8yQieic4hxVorAx0gLy4LHgyQM3V+qdilbzkiHrodhyKHRFHCa7Il6GKfxcZeF picKnL7Z9aMTYN6IJjRNpd8ASz9+3PGD1Hwk5kROQ6GAAJIgpI/Y1cpSzO+iQirQzRAj fMtiGV03Tm3ZhRmP92ldMriXQ0FaCGf7E0+mQYNrS24bEBwzybQlsSe9J9BMt0G/a3Lc gvRtMdlmLGWW0bXHAUGk3icoSYAWcxGY+91rsh/0gDGCLT96LxbpTzN51L5xfVOEqiSX D9Mw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=3XE3IR91aM87j2ateTG+UV/PlVF7Sh+N8kA1KV+FQ+g=; fh=SOWIwgEu98SKmZocUQhM9o8nivAFvKTfkPPIonv6h1U=; b=nUQwk9Mr5jw6zQT+KD5mcQtbRwZd5Wm1E4Rf9qx6hbAW0jxX8dxFhCALOJHE4PebYM qYek3qJ5lb4kpYHthgTpq/g3unyADTfLd2dC2x9X+suckojGIbgVsnU+t2H3n0ZuXs59 NCSq9BHirDFwV6SMHlXuhr5CMtL6EEh1b7uTxFUL+xgSI00TiaEBFq0S/SkK63zClOVA INVSzHsYLtmx7jSQNajk4/LxDnE1Xhrp4uqXDGUavV9eBTWZmXDXwl2jB0ns4ENV7E3R AKun43db8a4/LJKxMaxcMhlP034HcRKYW5Ys7cz/k9QgjlTS9GPvupJlkZcn/HBaIIa6 AI1w==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-11-20 header.b=kGgapvyY; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-kernel+bounces-66047-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-66047-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com X-Forwarded-Encrypted: i=2; AJvYcCX/KaWww+JP4vxlnGzgc6iB1zUtxKnljnOZZsYZwsUFnkbgXHHrcAsmMqmG/+RDylGcMBYnKiggzgsMBE4gfxUkJY8Qb76UvCmQzf2AIw== Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id t5-20020a170902e84500b001d93f31a19bsi4357149plg.345.2024.02.14.14.33.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 14:33:13 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-66047-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-11-20 header.b=kGgapvyY; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-kernel+bounces-66047-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-66047-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id D8D8E28B211 for ; Wed, 14 Feb 2024 22:33:12 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A983514533E; Wed, 14 Feb 2024 22:32:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="kGgapvyY" Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 629F82E62F; Wed, 14 Feb 2024 22:32:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707949932; cv=none; b=QJhaisKdmMAFhquQbufFptoPE0P+T7Zw8jIMuzBGPFy6WebpHQi0vSh2bwoW33PHI7/UWL63z8e+lkDGIiJYrJgQ1Y+FBhJW5btCIPud+juQn7yYy8mxf6tRrpCKLqYG7g5T7NCC2mZxrt2L79XQWb4W0yE715us63nZSMH/VHk= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707949932; c=relaxed/simple; bh=Lyz5ElM/kHA1c+RS76M5rWC7GU7OtJsR6vqzYFRjdZM=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=UIOfiMbv843y5OW742dTF6zfhZHnk8ptSqR1Jh7S75/7aWhE042yZF1RnAxTXKXg2wDN2VP7EMWPCyxcQR2mufOnQe4FjcT1sy3ZuGTXS0Ik2u2KveW+BwpO6EFQqxlV3hB6zglI44gh5+Jpe926uv+7ybJd9r0nrIVxmq+Twc8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=kGgapvyY; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Received: from pps.filterd (m0333521.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 41ELj40W013828; Wed, 14 Feb 2024 22:31:39 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=corp-2023-11-20; bh=3XE3IR91aM87j2ateTG+UV/PlVF7Sh+N8kA1KV+FQ+g=; b=kGgapvyYbEg2fz9MsizIYnwJsx5jJC/986QZ/FNkpbtAPL1H/hCmsRGPiJTjHM9QF1LD pUBOv1OO2eUKjIjBL2rSz7NvnEGUmB/VSVHuwH7ftHaM4Fehj2EKKgdRHuabAoMBsqbJ ImgZJd6X07zNDsqPJJphCEoY27/RPUH4WGpkMSxaiTae/Y2My4VTJ0+GC6iZKnVT6iY6 V6SBfSDb6F/GDFGtL4mqsqLUTPSpzMEyYjBSmflItJ0l9HKkyx5dQ3iXRMF4MGxbCR94 FAgDTTGTCmn4gOEqUWMHfSPkPPLQ5juUhJvU6YcMKd1T57XAfuc3c+/JEjgOQZQtSCu3 Lw== Received: from iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta02.appoci.oracle.com [147.154.18.20]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3w91w6rprm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 14 Feb 2024 22:31:38 +0000 Received: from pps.filterd (iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 41EL5RG6000608; Wed, 14 Feb 2024 22:31:37 GMT Received: from pps.reinject (localhost [127.0.0.1]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 3w5yk9n78a-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 14 Feb 2024 22:31:37 +0000 Received: from iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 41EMVTV6004281; Wed, 14 Feb 2024 22:31:36 GMT Received: from bur-virt-x6-2-100.us.oracle.com (bur-virt-x6-2-100.us.oracle.com [10.153.92.40]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 3w5yk9n72r-7 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 14 Feb 2024 22:31:36 +0000 From: Ross Philipson To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org, linux-crypto@vger.kernel.org, kexec@lists.infradead.org, linux-efi@vger.kernel.org Cc: ross.philipson@oracle.com, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, dave.hansen@linux.intel.com, ardb@kernel.org, mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com, peterhuewe@gmx.de, jarkko@kernel.org, jgg@ziepe.ca, luto@amacapital.net, nivedita@alum.mit.edu, herbert@gondor.apana.org.au, davem@davemloft.net, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com Subject: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements Date: Wed, 14 Feb 2024 14:18:38 -0800 Message-Id: <20240214221847.2066632-7-ross.philipson@oracle.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20240214221847.2066632-1-ross.philipson@oracle.com> References: <20240214221847.2066632-1-ross.philipson@oracle.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-14_14,2024-02-14_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 phishscore=0 mlxscore=0 bulkscore=0 spamscore=0 malwarescore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2402140170 X-Proofpoint-ORIG-GUID: Ur0q8EOkTs6L7LPizte6vAclWenda5Zk X-Proofpoint-GUID: Ur0q8EOkTs6L7LPizte6vAclWenda5Zk From: "Daniel P. Smith" The SHA algorithms are necessary to measure configuration information into the TPM as early as possible before using the values. This implementation uses the established approach of #including the SHA libraries directly in the code since the compressed kernel is not uncompressed at this point. The SHA code here has its origins in the code from the main kernel: commit c4d5b9ffa31f ("crypto: sha1 - implement base layer for SHA-1") A modified version of this code was introduced to the lib/crypto/sha1.c to bring it in line with the sha256 code and allow it to be pulled into the setup kernel in the same manner as sha256 is. Signed-off-by: Daniel P. Smith Signed-off-by: Ross Philipson --- arch/x86/boot/compressed/Makefile | 2 + arch/x86/boot/compressed/early_sha1.c | 12 ++++ arch/x86/boot/compressed/early_sha256.c | 6 ++ include/crypto/sha1.h | 1 + lib/crypto/sha1.c | 81 +++++++++++++++++++++++++ 5 files changed, 102 insertions(+) create mode 100644 arch/x86/boot/compressed/early_sha1.c create mode 100644 arch/x86/boot/compressed/early_sha256.c diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile index f19c038409aa..a1b018eb9801 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -118,6 +118,8 @@ vmlinux-objs-$(CONFIG_EFI) += $(obj)/efi.o vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_mixed.o vmlinux-objs-$(CONFIG_EFI_STUB) += $(objtree)/drivers/firmware/efi/libstub/lib.a +vmlinux-objs-$(CONFIG_SECURE_LAUNCH) += $(obj)/early_sha1.o $(obj)/early_sha256.o + $(obj)/vmlinux: $(vmlinux-objs-y) FORCE $(call if_changed,ld) diff --git a/arch/x86/boot/compressed/early_sha1.c b/arch/x86/boot/compressed/early_sha1.c new file mode 100644 index 000000000000..0c7cf6f8157a --- /dev/null +++ b/arch/x86/boot/compressed/early_sha1.c @@ -0,0 +1,12 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (c) 2022 Apertus Solutions, LLC. + */ + +#include +#include +#include +#include +#include + +#include "../../../../lib/crypto/sha1.c" diff --git a/arch/x86/boot/compressed/early_sha256.c b/arch/x86/boot/compressed/early_sha256.c new file mode 100644 index 000000000000..54930166ffee --- /dev/null +++ b/arch/x86/boot/compressed/early_sha256.c @@ -0,0 +1,6 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (c) 2022 Apertus Solutions, LLC + */ + +#include "../../../../lib/crypto/sha256.c" diff --git a/include/crypto/sha1.h b/include/crypto/sha1.h index 044ecea60ac8..d715dd5332e1 100644 --- a/include/crypto/sha1.h +++ b/include/crypto/sha1.h @@ -42,5 +42,6 @@ extern int crypto_sha1_finup(struct shash_desc *desc, const u8 *data, #define SHA1_WORKSPACE_WORDS 16 void sha1_init(__u32 *buf); void sha1_transform(__u32 *digest, const char *data, __u32 *W); +void sha1(const u8 *data, unsigned int len, u8 *out); #endif /* _CRYPTO_SHA1_H */ diff --git a/lib/crypto/sha1.c b/lib/crypto/sha1.c index 1aebe7be9401..10152125b338 100644 --- a/lib/crypto/sha1.c +++ b/lib/crypto/sha1.c @@ -137,4 +137,85 @@ void sha1_init(__u32 *buf) } EXPORT_SYMBOL(sha1_init); +static void __sha1_transform(u32 *digest, const char *data) +{ + u32 ws[SHA1_WORKSPACE_WORDS]; + + sha1_transform(digest, data, ws); + + memzero_explicit(ws, sizeof(ws)); +} + +static void sha1_update(struct sha1_state *sctx, const u8 *data, unsigned int len) +{ + unsigned int partial = sctx->count % SHA1_BLOCK_SIZE; + + sctx->count += len; + + if (likely((partial + len) >= SHA1_BLOCK_SIZE)) { + int blocks; + + if (partial) { + int p = SHA1_BLOCK_SIZE - partial; + + memcpy(sctx->buffer + partial, data, p); + data += p; + len -= p; + + __sha1_transform(sctx->state, sctx->buffer); + } + + blocks = len / SHA1_BLOCK_SIZE; + len %= SHA1_BLOCK_SIZE; + + if (blocks) { + while (blocks--) { + __sha1_transform(sctx->state, data); + data += SHA1_BLOCK_SIZE; + } + } + partial = 0; + } + + if (len) + memcpy(sctx->buffer + partial, data, len); +} + +static void sha1_final(struct sha1_state *sctx, u8 *out) +{ + const int bit_offset = SHA1_BLOCK_SIZE - sizeof(__be64); + unsigned int partial = sctx->count % SHA1_BLOCK_SIZE; + __be64 *bits = (__be64 *)(sctx->buffer + bit_offset); + __be32 *digest = (__be32 *)out; + int i; + + sctx->buffer[partial++] = 0x80; + if (partial > bit_offset) { + memset(sctx->buffer + partial, 0x0, SHA1_BLOCK_SIZE - partial); + partial = 0; + + __sha1_transform(sctx->state, sctx->buffer); + } + + memset(sctx->buffer + partial, 0x0, bit_offset - partial); + *bits = cpu_to_be64(sctx->count << 3); + __sha1_transform(sctx->state, sctx->buffer); + + for (i = 0; i < SHA1_DIGEST_SIZE / sizeof(__be32); i++) + put_unaligned_be32(sctx->state[i], digest++); + + *sctx = (struct sha1_state){}; +} + +void sha1(const u8 *data, unsigned int len, u8 *out) +{ + struct sha1_state sctx = {0}; + + sha1_init(sctx.state); + sctx.count = 0; + sha1_update(&sctx, data, len); + sha1_final(&sctx, out); +} +EXPORT_SYMBOL(sha1); + MODULE_LICENSE("GPL"); -- 2.39.3