HP BIOS Configuration driver purpose is to provide a driver supporting
the latest sysfs class firmware attributes framework allowing the user
to change BIOS settings and security solutions on HP Inc.’s commercial
notebooks.
Many features of HP Commercial notebooks can be managed using Windows
Management Instrumentation (WMI). WMI is an implementation of Web-Based
Enterprise Management (WBEM) that provides a standards-based interface
for changing and monitoring system settings. HP BIOSCFG driver provides
a native Linux solution and the exposed features facilitates the
migration to Linux environments.
The Linux security features to be provided in hp-bioscfg driver enables
managing the BIOS settings and security solutions via sysfs, a virtual
filesystem that can be used by user-mode applications. The new
documentation cover HP-specific firmware sysfs attributes such Secure
Platform Management and Sure Start. Each section provides security
feature description and identifies sysfs directories and files exposed
by the driver.
Many HP Commercial notebooks include a feature called Secure Platform
Management (SPM), which replaces older password-based BIOS settings
management with public key cryptography. PC secure product management
begins when a target system is provisioned with cryptographic keys
that are used to ensure the integrity of communications between system
management utilities and the BIOS.
HP Commercial notebooks have several BIOS settings that control its
behaviour and capabilities, many of which are related to security.
To prevent unauthorized changes to these settings, the system can
be configured to use a cryptographic signature-based authorization
string that the BIOS will use to verify authorization to modify the
setting.
Linux Security components are under development and not published yet.
The only linux component is the driver (hp bioscfg) at this time.
Other published security components are under Windows.
Signed-off-by: Jorge Lopez <[email protected]>
---
Based on the latest platform-drivers-x86.git/for-next
History
Version 10
Break down changes to single files per patch
Removed SPM/statusbin support
Patches
Documentation
biosattr-interface
bioscfg
int-attributes
ordered-attributes
passwdobj-attributes
string-attributes
bioscfg-h
enum-attributes
passwdattr-interface
spmobj-attributes
surestart-attributes
Makefile ../hp/Makefile ../hp/Kconfig
MAINTAINERS
Version 9
Includes only sysfs-class-firmware-attributes documentation
Version 8
Includes only sysfs-class-firmware-attributes documentation
Version 7
Includes only sysfs-class-firmware-attributes documentation
Version 6
Breaks down the changes into 4 patches
SureAdmin-attributes was removed
Version 5
Remove version 4 patch 1
Address review changes proposed in Version 4
Reorganize all patches number and file order
Jorge Lopez (14):
HP BIOSCFG driver - Documentation
HP BIOSCFG driver - biosattr-interface
HP BIOSCFG driver - bioscfg
HP BIOSCFG driver - int-attributes
HP BIOSCFG driver - ordered-attributes
HP BIOSCFG driver - passwdobj-attributes
HP BIOSCFG driver - string-attributes
HP BIOSCFG driver - bioscfg-h
HP BIOSCFG driver - enum-attributes
HP BIOSCFG driver - passwdattr-interface
HP BIOSCFG driver - spmobj-attributes
HP BIOSCFG driver - surestart-attributes
HP BIOSCFG driver - Makefile
HP BIOSCFG driver - MAINTAINERS
.../testing/sysfs-class-firmware-attributes | 98 +-
MAINTAINERS | 6 +
drivers/platform/x86/hp/Kconfig | 16 +
drivers/platform/x86/hp/Makefile | 1 +
drivers/platform/x86/hp/hp-bioscfg/Makefile | 13 +
.../x86/hp/hp-bioscfg/biosattr-interface.c | 305 ++++++
drivers/platform/x86/hp/hp-bioscfg/bioscfg.c | 961 ++++++++++++++++++
drivers/platform/x86/hp/hp-bioscfg/bioscfg.h | 613 +++++++++++
.../x86/hp/hp-bioscfg/enum-attributes.c | 543 ++++++++++
.../x86/hp/hp-bioscfg/int-attributes.c | 474 +++++++++
.../x86/hp/hp-bioscfg/ordered-attributes.c | 563 ++++++++++
.../x86/hp/hp-bioscfg/passwdattr-interface.c | 51 +
.../x86/hp/hp-bioscfg/passwdobj-attributes.c | 668 ++++++++++++
.../x86/hp/hp-bioscfg/spmobj-attributes.c | 405 ++++++++
.../x86/hp/hp-bioscfg/string-attributes.c | 451 ++++++++
.../x86/hp/hp-bioscfg/surestart-attributes.c | 130 +++
16 files changed, 5296 insertions(+), 2 deletions(-)
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/Makefile
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/biosattr-interface.c
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/bioscfg.c
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/bioscfg.h
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/enum-attributes.c
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/int-attributes.c
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/ordered-attributes.c
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/passwdattr-interface.c
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/passwdobj-attributes.c
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/spmobj-attributes.c
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/string-attributes.c
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/surestart-attributes.c
--
2.34.1
HP BIOS Configuration driver purpose is to provide a driver supporting
the latest sysfs class firmware attributes framework allowing the user
to change BIOS settings and security solutions on HP Inc.’s commercial
notebooks.
Many features of HP Commercial notebooks can be managed using Windows
Management Instrumentation (WMI). WMI is an implementation of Web-Based
Enterprise Management (WBEM) that provides a standards-based interface
for changing and monitoring system settings. HP BIOSCFG driver provides
a native Linux solution and the exposed features facilitates the
migration to Linux environments.
The Linux security features to be provided in hp-bioscfg driver enables
managing the BIOS settings and security solutions via sysfs, a virtual
filesystem that can be used by user-mode applications. The new
documentation cover HP-specific firmware sysfs attributes such Secure
Platform Management and Sure Start. Each section provides security
feature description and identifies sysfs directories and files exposed
by the driver.
Many HP Commercial notebooks include a feature called Secure Platform
Management (SPM), which replaces older password-based BIOS settings
management with public key cryptography. PC secure product management
begins when a target system is provisioned with cryptographic keys
that are used to ensure the integrity of communications between system
management utilities and the BIOS.
HP Commercial notebooks have several BIOS settings that control its
behaviour and capabilities, many of which are related to security.
To prevent unauthorized changes to these settings, the system can
be configured to use a cryptographic signature-based authorization
string that the BIOS will use to verify authorization to modify the
setting.
Linux Security components are under development and not published yet.
The only linux component is the driver (hp bioscfg) at this time.
Other published security components are under Windows.
Signed-off-by: Jorge Lopez <[email protected]>
---
Based on the latest platform-drivers-x86.git/for-next
---
.../x86/hp/hp-bioscfg/string-attributes.c | 451 ++++++++++++++++++
1 file changed, 451 insertions(+)
create mode 100644 drivers/platform/x86/hp/hp-bioscfg/string-attributes.c
diff --git a/drivers/platform/x86/hp/hp-bioscfg/string-attributes.c b/drivers/platform/x86/hp/hp-bioscfg/string-attributes.c
new file mode 100644
index 000000000000..7a14585d5506
--- /dev/null
+++ b/drivers/platform/x86/hp/hp-bioscfg/string-attributes.c
@@ -0,0 +1,451 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Functions corresponding to string type attributes under
+ * HP_WMI_BIOS_STRING_GUID for use with hp-bioscfg driver.
+ *
+ * Copyright (c) 2022 HP Development Company, L.P.
+ */
+
+#include "bioscfg.h"
+
+#define WMI_STRING_TYPE "HPBIOS_BIOSString"
+
+GET_INSTANCE_ID(string);
+
+static ssize_t current_value_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf)
+{
+ int instance_id = get_string_instance_id(kobj);
+
+ if (instance_id < 0)
+ return -EIO;
+
+ return sysfs_emit(buf, "%s\n",
+ bioscfg_drv.string_data[instance_id].current_value);
+}
+
+/*
+ * validate_string_input() -
+ * Validate input of current_value against min and max lengths
+ *
+ * @instance_id: The instance on which input is validated
+ * @buf: Input value
+ */
+static int validate_string_input(int instance_id, const char *buf)
+{
+ int in_len = strlen(buf);
+
+ /* BIOS treats it as a read only attribute */
+ if (bioscfg_drv.string_data[instance_id].common.is_readonly)
+ return -EIO;
+
+ if ((in_len < bioscfg_drv.string_data[instance_id].min_length) ||
+ (in_len > bioscfg_drv.string_data[instance_id].max_length))
+ return -ERANGE;
+
+ /*
+ * set pending reboot flag depending on
+ * "RequiresPhysicalPresence" value
+ */
+ if (bioscfg_drv.string_data[instance_id].common.requires_physical_presence)
+ bioscfg_drv.pending_reboot = true;
+ return 0;
+}
+
+static void update_string_value(int instance_id, char *attr_value)
+{
+ /* Write settings to BIOS */
+ strscpy(bioscfg_drv.string_data[instance_id].current_value,
+ attr_value,
+ sizeof(bioscfg_drv.string_data[instance_id].current_value));
+}
+
+ATTRIBUTE_S_COMMON_PROPERTY_SHOW(display_name_language_code, string);
+static struct kobj_attribute string_display_langcode =
+ __ATTR_RO(display_name_language_code);
+
+ATTRIBUTE_S_COMMON_PROPERTY_SHOW(display_name, string);
+static struct kobj_attribute string_display_name =
+ __ATTR_RO(display_name);
+
+ATTRIBUTE_PROPERTY_STORE(current_value, string);
+static struct kobj_attribute string_current_val =
+ __ATTR_RW_MODE(current_value, 0644);
+
+ATTRIBUTE_N_PROPERTY_SHOW(min_length, string);
+static struct kobj_attribute string_min_length =
+ __ATTR_RO(min_length);
+
+ATTRIBUTE_N_PROPERTY_SHOW(max_length, string);
+static struct kobj_attribute string_max_length =
+ __ATTR_RO(max_length);
+
+ATTRIBUTE_N_COMMON_PROPERTY_SHOW(prerequisites_size, string);
+static struct kobj_attribute string_prerequisites_size_val =
+ __ATTR_RO(prerequisites_size);
+
+ATTRIBUTE_V_COMMON_PROPERTY_SHOW(prerequisites, string);
+static struct kobj_attribute string_prerequisites_val =
+ __ATTR_RO(prerequisites);
+
+static ssize_t type_show(struct kobject *kobj, struct kobj_attribute *attr,
+ char *buf)
+{
+ return sysfs_emit(buf, "string\n");
+}
+static struct kobj_attribute string_type =
+ __ATTR_RO(type);
+
+static struct attribute *string_attrs[] = {
+ &string_display_langcode.attr,
+ &string_display_name.attr,
+ &string_current_val.attr,
+ &string_min_length.attr,
+ &string_max_length.attr,
+ &string_prerequisites_size_val.attr,
+ &string_prerequisites_val.attr,
+ &string_type.attr,
+ NULL
+};
+
+static const struct attribute_group string_attr_group = {
+ .attrs = string_attrs,
+};
+
+int alloc_string_data(void)
+{
+ int ret = 0;
+
+ bioscfg_drv.string_instances_count = get_instance_count(HP_WMI_BIOS_STRING_GUID);
+ bioscfg_drv.string_data = kcalloc(bioscfg_drv.string_instances_count,
+ sizeof(struct string_data), GFP_KERNEL);
+ if (!bioscfg_drv.string_data) {
+ bioscfg_drv.string_instances_count = 0;
+ ret = -ENOMEM;
+ }
+ return ret;
+}
+
+/* Expected Values types associated with each element */
+static const acpi_object_type expected_string_types[] = {
+ [NAME] = ACPI_TYPE_STRING,
+ [VALUE] = ACPI_TYPE_STRING,
+ [PATH] = ACPI_TYPE_STRING,
+ [IS_READONLY] = ACPI_TYPE_INTEGER,
+ [DISPLAY_IN_UI] = ACPI_TYPE_INTEGER,
+ [REQUIRES_PHYSICAL_PRESENCE] = ACPI_TYPE_INTEGER,
+ [SEQUENCE] = ACPI_TYPE_INTEGER,
+ [PREREQUISITES_SIZE] = ACPI_TYPE_INTEGER,
+ [PREREQUISITES] = ACPI_TYPE_STRING,
+ [SECURITY_LEVEL] = ACPI_TYPE_INTEGER,
+ [STR_MIN_LENGTH] = ACPI_TYPE_INTEGER,
+ [STR_MAX_LENGTH] = ACPI_TYPE_INTEGER
+};
+
+/*
+ * populate_string_package_data() -
+ * Populate all properties of an instance under string attribute
+ *
+ * @string_obj: ACPI object with string data
+ * @instance_id: The instance to enumerate
+ * @attr_name_kobj: The parent kernel object
+ */
+int populate_string_package_data(union acpi_object *string_obj,
+ int instance_id,
+ struct kobject *attr_name_kobj)
+{
+ bioscfg_drv.string_data[instance_id].attr_name_kobj = attr_name_kobj;
+
+ populate_string_elements_from_package(string_obj,
+ string_obj->package.count,
+ instance_id);
+
+ update_attribute_permissions(bioscfg_drv.string_data[instance_id].common.is_readonly,
+ &string_current_val);
+ friendly_user_name_update(bioscfg_drv.string_data[instance_id].common.path,
+ attr_name_kobj->name,
+ bioscfg_drv.string_data[instance_id].common.display_name,
+ sizeof(bioscfg_drv.string_data[instance_id].common.display_name));
+ return sysfs_create_group(attr_name_kobj, &string_attr_group);
+}
+
+int populate_string_elements_from_package(union acpi_object *string_obj,
+ int string_obj_count,
+ int instance_id)
+{
+ char *str_value = NULL;
+ int value_len;
+ int ret = 0;
+ u32 size = 0;
+ u32 int_value;
+ int elem = 0;
+ int reqs;
+ int eloc;
+
+ if (!string_obj)
+ return -EINVAL;
+
+ strscpy(bioscfg_drv.string_data[instance_id].common.display_name_language_code,
+ LANG_CODE_STR,
+ sizeof(bioscfg_drv.string_data[instance_id].common.display_name_language_code));
+
+ for (elem = 1, eloc = 1; elem < string_obj_count; elem++, eloc++) {
+
+ /* ONLY look at the first STRING_ELEM_CNT elements */
+ if (eloc == STRING_ELEM_CNT)
+ goto exit_string_package;
+
+ switch (string_obj[elem].type) {
+ case ACPI_TYPE_STRING:
+
+ if (elem != PREREQUISITES) {
+ ret = convert_hexstr_to_str(string_obj[elem].string.pointer,
+ string_obj[elem].string.length,
+ &str_value, &value_len);
+
+ if (ret)
+ continue;
+ }
+ break;
+ case ACPI_TYPE_INTEGER:
+ int_value = (u32)string_obj[elem].integer.value;
+ break;
+ default:
+ pr_warn("Unsupported object type [%d]\n", string_obj[elem].type);
+ continue;
+ }
+
+ /* Check that both expected and read object type match */
+ if (expected_string_types[eloc] != string_obj[elem].type) {
+ pr_err("Error expected type %d for elem %d, but got type %d instead\n",
+ expected_string_types[eloc], elem, string_obj[elem].type);
+ return -EIO;
+ }
+
+ /* Assign appropriate element value to corresponding field*/
+ switch (eloc) {
+ case VALUE:
+ strscpy(bioscfg_drv.string_data[instance_id].current_value,
+ str_value, sizeof(bioscfg_drv.string_data[instance_id].current_value));
+ break;
+ case PATH:
+ strscpy(bioscfg_drv.string_data[instance_id].common.path, str_value,
+ sizeof(bioscfg_drv.string_data[instance_id].common.path));
+ break;
+ case IS_READONLY:
+ bioscfg_drv.string_data[instance_id].common.is_readonly = int_value;
+ break;
+ case DISPLAY_IN_UI:
+ bioscfg_drv.string_data[instance_id].common.display_in_ui = int_value;
+ break;
+ case REQUIRES_PHYSICAL_PRESENCE:
+ bioscfg_drv.string_data[instance_id].common.requires_physical_presence = int_value;
+ break;
+ case SEQUENCE:
+ bioscfg_drv.string_data[instance_id].common.sequence = int_value;
+ break;
+ case PREREQUISITES_SIZE:
+ bioscfg_drv.string_data[instance_id].common.prerequisites_size = int_value;
+ if (size > MAX_PREREQUISITES_SIZE)
+ pr_warn("Prerequisites size value exceeded the maximum number of elements supported or data may be malformed\n");
+ /*
+ * This HACK is needed to keep the expected
+ * element list pointing to the right obj[elem].type
+ * when the size is zero. PREREQUISITES
+ * object is omitted by BIOS when the size is
+ * zero.
+ */
+ if (int_value == 0)
+ eloc++;
+ break;
+ case PREREQUISITES:
+ size = bioscfg_drv.string_data[instance_id].common.prerequisites_size;
+
+ for (reqs = 0; reqs < size && reqs < MAX_PREREQUISITES_SIZE; reqs++) {
+ if (elem >= string_obj_count) {
+ pr_err("Error elem-objects package is too small\n");
+ return -EINVAL;
+ }
+
+ ret = convert_hexstr_to_str(string_obj[elem + reqs].string.pointer,
+ string_obj[elem + reqs].string.length,
+ &str_value, &value_len);
+
+ if (ret)
+ continue;
+
+ strscpy(bioscfg_drv.string_data[instance_id].common.prerequisites[reqs],
+ str_value,
+ sizeof(bioscfg_drv.string_data[instance_id].common.prerequisites[reqs]));
+ kfree(str_value);
+ }
+ break;
+
+ case SECURITY_LEVEL:
+ bioscfg_drv.string_data[instance_id].common.security_level = int_value;
+ break;
+ case STR_MIN_LENGTH:
+ bioscfg_drv.string_data[instance_id].min_length = int_value;
+ break;
+ case STR_MAX_LENGTH:
+ bioscfg_drv.string_data[instance_id].max_length = int_value;
+ break;
+ default:
+ pr_warn("Invalid element: %d found in String attribute or data may be malformed\n", elem);
+ break;
+ }
+
+ kfree(str_value);
+ }
+
+exit_string_package:
+ kfree(str_value);
+ return 0;
+}
+
+/*
+ * populate_string_data() -
+ * Populate all properties of an instance under string attribute
+ *
+ * @buffer_ptr: Buffer pointer
+ * @buffer_size: Buffer size
+ * @instance_id: The instance to enumerate
+ * @attr_name_kobj: The parent kernel object
+ */
+int populate_string_buffer_data(u8 *buffer_ptr, u32 *buffer_size,
+ int instance_id,
+ struct kobject *attr_name_kobj)
+{
+ bioscfg_drv.string_data[instance_id].attr_name_kobj = attr_name_kobj;
+
+ populate_string_elements_from_buffer(buffer_ptr, buffer_size,
+ instance_id);
+
+ update_attribute_permissions(bioscfg_drv.string_data[instance_id].common.is_readonly,
+ &string_current_val);
+ friendly_user_name_update(bioscfg_drv.string_data[instance_id].common.path,
+ attr_name_kobj->name,
+ bioscfg_drv.string_data[instance_id].common.display_name,
+ sizeof(bioscfg_drv.string_data[instance_id].common.display_name));
+
+ return sysfs_create_group(attr_name_kobj, &string_attr_group);
+}
+
+int populate_string_elements_from_buffer(u8 *buffer_ptr, u32 *buffer_size,
+ int instance_id)
+{
+ int ret;
+ char *dst = NULL;
+ int elem;
+ int reqs;
+ int int_value;
+ int size = 0;
+ int dst_size = *buffer_size / sizeof(u16);
+
+ dst = kcalloc(dst_size, sizeof(char), GFP_KERNEL);
+ if (!dst)
+ return -ENOMEM;
+
+ strscpy(bioscfg_drv.string_data[instance_id].common.display_name_language_code,
+ LANG_CODE_STR,
+ sizeof(bioscfg_drv.string_data[instance_id].common.display_name_language_code));
+
+ for (elem = 1; elem < 3; elem++) {
+ ret = get_string_from_buffer(&buffer_ptr, buffer_size, dst, dst_size);
+ /* Ignore. Zero length string values */
+ if (ret < 0)
+ continue;
+
+ switch (elem) {
+ case VALUE:
+ strscpy(bioscfg_drv.string_data[instance_id].current_value,
+ dst, sizeof(bioscfg_drv.string_data[instance_id].current_value));
+ break;
+ case PATH:
+ strscpy(bioscfg_drv.string_data[instance_id].common.path, dst,
+ sizeof(bioscfg_drv.string_data[instance_id].common.path));
+ break;
+ default:
+ pr_warn("Invalid element: %d found in String attribute or data may be malformed\n", elem);
+ break;
+ }
+ }
+
+ for (elem = 3; elem < STRING_ELEM_CNT; elem++) {
+ if (elem != PREREQUISITES) {
+ ret = get_integer_from_buffer((int **)&buffer_ptr,
+ buffer_size,
+ (int *)&int_value);
+ if (ret < 0)
+ continue;
+ }
+
+ switch (elem) {
+ case IS_READONLY:
+ bioscfg_drv.string_data[instance_id].common.is_readonly = int_value;
+ break;
+ case DISPLAY_IN_UI:
+ bioscfg_drv.string_data[instance_id].common.display_in_ui = int_value;
+ break;
+ case REQUIRES_PHYSICAL_PRESENCE:
+ bioscfg_drv.string_data[instance_id].common.requires_physical_presence = int_value;
+ break;
+ case SEQUENCE:
+ bioscfg_drv.string_data[instance_id].common.sequence = int_value;
+ break;
+ case PREREQUISITES_SIZE:
+ bioscfg_drv.string_data[instance_id].common.prerequisites_size = int_value;
+ if (int_value > MAX_PREREQUISITES_SIZE)
+ pr_warn("Prerequisites size value exceeded the maximum number of elements supported or data may be malformed\n");
+ break;
+
+ case PREREQUISITES:
+ size = bioscfg_drv.string_data[instance_id].common.prerequisites_size;
+ for (reqs = 0; reqs < size && reqs < MAX_PREREQUISITES_SIZE; reqs++) {
+ ret = get_string_from_buffer(&buffer_ptr, buffer_size, dst, dst_size);
+ /* Ignore. Zero length string values */
+ if (ret < 0)
+ continue;
+ strscpy(bioscfg_drv.string_data[instance_id].common.prerequisites[reqs],
+ dst,
+ sizeof(bioscfg_drv.string_data[instance_id].common.prerequisites[reqs]));
+ }
+ break;
+ case SECURITY_LEVEL:
+ bioscfg_drv.string_data[instance_id].common.security_level = int_value;
+ break;
+ case STR_MIN_LENGTH:
+ bioscfg_drv.string_data[instance_id].min_length = int_value;
+ break;
+ case STR_MAX_LENGTH:
+ bioscfg_drv.string_data[instance_id].max_length = int_value;
+ break;
+ default:
+ pr_warn("Invalid element: %d found in String attribute or data may be malformed\n", elem);
+ break;
+ }
+ }
+ kfree(dst);
+ return 0;
+}
+
+/*
+ * exit_string_attributes() - Clear all attribute data
+ *
+ * Clears all data allocated for this group of attributes
+ */
+void exit_string_attributes(void)
+{
+ int instance_id;
+
+ for (instance_id = 0; instance_id < bioscfg_drv.string_instances_count; instance_id++) {
+
+ struct kobject *attr_name_kobj = bioscfg_drv.string_data[instance_id].attr_name_kobj;
+
+ if (attr_name_kobj)
+ sysfs_remove_group(attr_name_kobj, &string_attr_group);
+ }
+ bioscfg_drv.string_instances_count = 0;
+
+ kfree(bioscfg_drv.string_data);
+ bioscfg_drv.string_data = NULL;
+}
--
2.34.1
HP BIOS Configuration driver purpose is to provide a driver supporting
the latest sysfs class firmware attributes framework allowing the user
to change BIOS settings and security solutions on HP Inc.’s commercial
notebooks.
Many features of HP Commercial notebooks can be managed using Windows
Management Instrumentation (WMI). WMI is an implementation of Web-Based
Enterprise Management (WBEM) that provides a standards-based interface
for changing and monitoring system settings. HP BIOSCFG driver provides
a native Linux solution and the exposed features facilitates the
migration to Linux environments.
The Linux security features to be provided in hp-bioscfg driver enables
managing the BIOS settings and security solutions via sysfs, a virtual
filesystem that can be used by user-mode applications. The new
documentation cover HP-specific firmware sysfs attributes such Secure
Platform Management and Sure Start. Each section provides security
feature description and identifies sysfs directories and files exposed
by the driver.
Many HP Commercial notebooks include a feature called Secure Platform
Management (SPM), which replaces older password-based BIOS settings
management with public key cryptography. PC secure product management
begins when a target system is provisioned with cryptographic keys
that are used to ensure the integrity of communications between system
management utilities and the BIOS.
HP Commercial notebooks have several BIOS settings that control its
behaviour and capabilities, many of which are related to security.
To prevent unauthorized changes to these settings, the system can
be configured to use a cryptographic signature-based authorization
string that the BIOS will use to verify authorization to modify the
setting.
Linux Security components are under development and not published yet.
The only linux component is the driver (hp bioscfg) at this time.
Other published security components are under Windows.
Signed-off-by: Jorge Lopez <[email protected]>
---
Based on the latest platform-drivers-x86.git/for-next
---
.../testing/sysfs-class-firmware-attributes | 98 ++++++++++++++++++-
1 file changed, 96 insertions(+), 2 deletions(-)
diff --git a/Documentation/ABI/testing/sysfs-class-firmware-attributes b/Documentation/ABI/testing/sysfs-class-firmware-attributes
index 4cdba3477176..73d7b8fbc0b2 100644
--- a/Documentation/ABI/testing/sysfs-class-firmware-attributes
+++ b/Documentation/ABI/testing/sysfs-class-firmware-attributes
@@ -22,6 +22,12 @@ Description:
- integer: a range of numerical values
- string
+ HP specific types
+ -----------------
+ - ordered-list - a set of ordered list valid values
+ - sure-start - report audit logs read from BIOS
+
+
All attribute types support the following values:
current_value:
@@ -126,6 +132,44 @@ Description:
value will not be effective through sysfs until this rule is
met.
+ HP specific class extensions
+ ------------------------------
+
+ On HP systems the following additional attributes are available:
+
+ "ordered-list"-type specific properties:
+
+ elements:
+ A file that can be read to obtain the possible
+ list of values of the <attr>. Values are separated using
+ semi-colon (``;``). The order individual elements are listed
+ according to their priority. An Element listed first has the
+ highest priority. Writing the list in a different order to
+ current_value alters the priority order for the particular
+ attribute.
+
+ "sure-start"-type specific properties:
+
+ audit_log_entries:
+ A read-only file that returns the events in the log.
+ Values are separated using semi-colon (``;``)
+
+ Audit log entry format
+
+ Byte 0-15: Requested Audit Log entry (Each Audit log is 16 bytes)
+ Byte 16-127: Unused
+
+ audit_log_entry_count:
+ A read-only file that returns the number of existing audit log events available to be read.
+ Values are separated using comma (``,``)
+
+ [No of entries],[log entry size],[Max number of entries supported]
+
+ log entry size identifies audit log size for the current BIOS version.
+ The current size is 16 bytes but it can be to up to 128 bytes long
+ in future BIOS versions.
+
+
What: /sys/class/firmware-attributes/*/authentication/
Date: February 2021
KernelVersion: 5.11
@@ -206,7 +250,7 @@ Description:
Drivers may emit a CHANGE uevent when a password is set or unset
userspace may check it again.
- On Dell and Lenovo systems, if Admin password is set, then all BIOS attributes
+ On Dell, Lenovo and HP systems, if Admin password is set, then all BIOS attributes
require password validation.
On Lenovo systems if you change the Admin password the new password is not active until
the next boot.
@@ -296,6 +340,15 @@ Description:
echo "signature" > authentication/Admin/signature
echo "password" > authentication/Admin/certificate_to_password
+ HP specific class extensions
+ --------------------------------
+
+ On HP systems the following additional settings are available:
+
+ role: enhanced-bios-auth:
+ This role is specific to Secure Platform Management (SPM) attribute.
+ It requires configuring an endorsement (kek) and signing certificate (sk).
+
What: /sys/class/firmware-attributes/*/attributes/pending_reboot
Date: February 2021
@@ -311,7 +364,7 @@ Description:
== =========================================
0 All BIOS attributes setting are current
1 A reboot is necessary to get pending BIOS
- attribute changes applied
+ attribute changes applied
== =========================================
Note, userspace applications need to follow below steps for efficient
@@ -364,3 +417,44 @@ Description:
use it to enable extra debug attributes or BIOS features for testing purposes.
Note that any changes to this attribute requires a reboot for changes to take effect.
+
+
+ HP specific class extensions - Secure Platform Manager (SPM)
+ --------------------------------
+
+What: /sys/class/firmware-attributes/*/authentication/SPM/kek
+Date: March 29
+KernelVersion: 5.18
+Contact: "Jorge Lopez" <[email protected]>
+Description: 'kek' Key-Encryption-Key is a write-only file that can be used to configure the
+ RSA public key that will be used by the BIOS to verify
+ signatures when setting the signing key. When written,
+ the bytes should correspond to the KEK certificate
+ (x509 .DER format containing an OU). The size of the
+ certificate must be less than or equal to 4095 bytes.
+
+
+What: /sys/class/firmware-attributes/*/authentication/SPM/sk
+Date: March 29
+KernelVersion: 5.18
+Contact: "Jorge Lopez" <[email protected]>
+Description: 'sk' Signature Key is a write-only file that can be used to configure the RSA
+ public key that will be used by the BIOS to verify signatures
+ when configuring BIOS settings and security features. When
+ written, the bytes should correspond to the modulus of the
+ public key. The exponent is assumed to be 0x10001.
+
+
+What: /sys/class/firmware-attributes/*/authentication/SPM/status
+Date: March 29
+KernelVersion: 5.18
+Contact: "Jorge Lopez" <[email protected]>
+Description: 'status' is a read-only file that returns ASCII text in JSON format reporting
+ the status information.
+
+ "State": "not provisioned | provisioned | provisioning in progress ",
+ "Version": " Major. Minor ",
+ "Nonce": <16-bit unsigned number display in base 10>,
+ "FeaturesInUse": <16-bit unsigned number display in base 10>,
+ "EndorsementKeyMod": "<256 bytes in base64>",
+ "SigningKeyMod": "<256 bytes in base64>"
--
2.34.1