TXT support: update after review

Reviewed on TrenchBoot/grub#16 Signed-off-by: Krystian Hebel <[email protected]>
3mdeb · Feb 21, 2024 · 98414de · 98414de
1 parent 2d05df9
commit 98414de
Show file tree

Hide file tree

Showing 20 changed files with 240 additions and 218 deletions.
diff --git a/1100-i386-msr-Merge-rdmsr.h-and-wrmsr.h-into-msr.h.patch b/1100-i386-msr-Merge-rdmsr.h-and-wrmsr.h-into-msr.h.patch
@@ -1,4 +1,4 @@
-From 1614664a12563b23b2efd3b0c7b59a9c4ad10484 Mon Sep 17 00:00:00 2001
+From b965e567652ec8eb8bde2cd6f79b4ef02fdb0fa4 Mon Sep 17 00:00:00 2001
 From: Daniel Kiper <[email protected]>
 Date: Tue, 17 Dec 2019 17:51:29 +0100
 Subject: [PATCH] i386/msr: Merge rdmsr.h and wrmsr.h into msr.h

diff --git a/1101-i386-msr-Rename-grub_msr_read-and-grub_msr_write.patch b/1101-i386-msr-Rename-grub_msr_read-and-grub_msr_write.patch
@@ -1,4 +1,4 @@
-From bb8fe14ea78fbd7ad92b3d53c69e3b961eb8ccdd Mon Sep 17 00:00:00 2001
+From 462af28050122f87412237abd8000f3667a5d3be Mon Sep 17 00:00:00 2001
 From: Daniel Kiper <[email protected]>
 Date: Tue, 17 Dec 2019 20:02:37 +0100
 Subject: [PATCH] i386/msr: Rename grub_msr_read() and grub_msr_write()

diff --git a/1102-i386-msr-Extract-and-improve-MSR-support-detection-c.patch b/1102-i386-msr-Extract-and-improve-MSR-support-detection-c.patch
@@ -1,4 +1,4 @@
-From e0f617c89e3a03cba4b5e48ffac8ef76cc7c0838 Mon Sep 17 00:00:00 2001
+From 52d63e5e45eaf8df9a81a453459fd89fbf898969 Mon Sep 17 00:00:00 2001
 From: Daniel Kiper <[email protected]>
 Date: Sat, 25 Apr 2020 16:43:52 +0200
 Subject: [PATCH] i386/msr: Extract and improve MSR support detection code

diff --git a/1103-i386-memory-Rename-PAGE_SHIFT-to-GRUB_PAGE_SHIFT.patch b/1103-i386-memory-Rename-PAGE_SHIFT-to-GRUB_PAGE_SHIFT.patch
@@ -1,4 +1,4 @@
-From 938357ec4fd8a8522fc55d3d050eff1f2235407d Mon Sep 17 00:00:00 2001
+From 7d5c059815a34eb170f4e8912cb742a9e69b6e45 Mon Sep 17 00:00:00 2001
 From: Daniel Kiper <[email protected]>
 Date: Wed, 20 Nov 2019 12:40:42 +0100
 Subject: [PATCH] i386/memory: Rename PAGE_SHIFT to GRUB_PAGE_SHIFT

diff --git a/1104-i386-memory-Rename-PAGE_SIZE-to-GRUB_PAGE_SIZE-and-m.patch b/1104-i386-memory-Rename-PAGE_SIZE-to-GRUB_PAGE_SIZE-and-m.patch
@@ -1,4 +1,4 @@
-From 4e9a66d61b076b01826af440f581bb0c26c58431 Mon Sep 17 00:00:00 2001
+From 881d5870cbf72f7b35282de1addb107ac3b8100b Mon Sep 17 00:00:00 2001
 From: Daniel Kiper <[email protected]>
 Date: Wed, 20 Nov 2019 12:52:16 +0100
 Subject: [PATCH] i386/memory: Rename PAGE_SIZE to GRUB_PAGE_SIZE and make it

diff --git a/1105-i386-memory-Define-GRUB_PAGE_MASK-constant-and-GRUB_.patch b/1105-i386-memory-Define-GRUB_PAGE_MASK-constant-and-GRUB_.patch
@@ -1,4 +1,4 @@
-From 868093de8910bd66abcde04ca928538e07366ad7 Mon Sep 17 00:00:00 2001
+From d9f97aa57e7cb90a0ed3947daba727b2f619b17b Mon Sep 17 00:00:00 2001
 From: Krystian Hebel <[email protected]>
 Date: Mon, 22 Jan 2024 13:14:39 +0100
 Subject: [PATCH] i386/memory: Define GRUB_PAGE_MASK constant and

diff --git a/1106-mmap-Add-grub_mmap_get_lowest-and-grub_mmap_get_high.patch b/1106-mmap-Add-grub_mmap_get_lowest-and-grub_mmap_get_high.patch
@@ -1,4 +1,4 @@
-From 0cfc0a5385a0847f79c9225d9dd9522ef25efaad Mon Sep 17 00:00:00 2001
+From d0570055a9451163220d28e79ba3cf89fb2c1dfa Mon Sep 17 00:00:00 2001
 From: Daniel Kiper <[email protected]>
 Date: Mon, 4 May 2020 22:34:59 +0200
 Subject: [PATCH] mmap: Add grub_mmap_get_lowest() and grub_mmap_get_highest()

diff --git a/1107-i386-tpm-Rename-tpm-module-to-tpm_verifier.patch b/1107-i386-tpm-Rename-tpm-module-to-tpm_verifier.patch
@@ -1,4 +1,4 @@
-From a14dcf40c6eddc23c90a2486eb2665433824a4e2 Mon Sep 17 00:00:00 2001
+From 01e5b0008d4031ef8612cfc387c7a66d2d4331c6 Mon Sep 17 00:00:00 2001
 From: Daniel Kiper <[email protected]>
 Date: Wed, 22 Apr 2020 21:41:24 +0200
 Subject: [PATCH] i386/tpm: Rename tpm module to tpm_verifier

diff --git a/1108-i386-tpm-Add-TPM-TIS-and-CRB-driver.patch b/1108-i386-tpm-Add-TPM-TIS-and-CRB-driver.patch
@@ -1,4 +1,4 @@
-From 8527ee439916f427443d0eb68b7eb9be031611ee Mon Sep 17 00:00:00 2001
+From c51d2529ed6bbddcc08edd74ca9e855b4ad397ff Mon Sep 17 00:00:00 2001
 From: Daniel Kiper <[email protected]>
 Date: Mon, 4 May 2020 22:30:58 +0200
 Subject: [PATCH] i386/tpm: Add TPM TIS and CRB driver

diff --git a/1109-i386-slaunch-Add-basic-platform-support-for-secure-l.patch b/1109-i386-slaunch-Add-basic-platform-support-for-secure-l.patch
@@ -1,4 +1,4 @@
-From f6a4ec51420020d205add6a8a95d13cd1b5a2be5 Mon Sep 17 00:00:00 2001
+From 615f29aac919a2fdaa6f9187569c8854ca1acf03 Mon Sep 17 00:00:00 2001
 From: Ross Philipson <[email protected]>
 Date: Wed, 7 Aug 2019 13:50:14 -0400
 Subject: [PATCH] i386/slaunch: Add basic platform support for secure launch
@@ -14,8 +14,8 @@ Signed-off-by: Krystian Hebel <[email protected]>
  include/grub/i386/crfr.h    | 127 ++++++++++++++++++++++++++++++++++++
  include/grub/i386/mmio.h    |  72 ++++++++++++++++++++
  include/grub/i386/msr.h     |  63 ++++++++++++++++++
- include/grub/i386/slaunch.h |  58 ++++++++++++++++
- 5 files changed, 332 insertions(+)
+ include/grub/i386/slaunch.h |  62 ++++++++++++++++++
+ 5 files changed, 336 insertions(+)
  create mode 100644 include/grub/i386/crfr.h
  create mode 100644 include/grub/i386/mmio.h
  create mode 100644 include/grub/i386/slaunch.h
@@ -342,10 +342,10 @@ index 1e838c022f41..52c923ab94ac 100644
  #endif /* GRUB_I386_MSR_H */
 diff --git a/include/grub/i386/slaunch.h b/include/grub/i386/slaunch.h
 new file mode 100644
-index 000000000000..f7160d5fab0c
+index 000000000000..7f7709cda75e
 --- /dev/null
 +++ b/include/grub/i386/slaunch.h
-@@ -0,0 +1,58 @@
+@@ -0,0 +1,62 @@
 +/*
 + *  GRUB  --  GRand Unified Bootloader
 + *  Copyright (C) 2020  Oracle and/or its affiliates.
@@ -373,6 +373,10 @@ index 000000000000..f7160d5fab0c
 +#define SLP_NONE	0
 +#define SLP_INTEL_TXT	1
 +
++/* PCRs used by Secure launch. */
++#define GRUB_SLAUNCH_CODE_PCR	17
++#define GRUB_SLAUNCH_DATA_PCR	18
++
 +#define GRUB_SLAUNCH_TPM_EVT_LOG_SIZE	(8 * GRUB_PAGE_SIZE)
 +
 +#ifndef ASM_FILE

diff --git a/1110-i386-txt-Initial-commit-of-the-Secure-Launch-Resourc.patch b/1110-i386-txt-Initial-commit-of-the-Secure-Launch-Resourc.patch
@@ -1,4 +1,4 @@
-From ad10c1df6be8ea4ac9a6346f0719983e0e04f936 Mon Sep 17 00:00:00 2001
+From 6833012da36ed4017abfe483cd09db9418490860 Mon Sep 17 00:00:00 2001
 From: Ross Philipson <[email protected]>
 Date: Mon, 9 Jan 2023 12:55:42 -0500
 Subject: [PATCH] i386/txt: Initial commit of the Secure Launch Resource Table
@@ -10,16 +10,16 @@ and parsing of SLRT.
 Signed-off-by: Ross Philipson <[email protected]>
 Signed-off-by: Sergii Dmytruk <[email protected]>
 ---
- include/grub/slr_table.h | 298 +++++++++++++++++++++++++++++++++++++++
- 1 file changed, 298 insertions(+)
+ include/grub/slr_table.h | 330 +++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 330 insertions(+)
  create mode 100644 include/grub/slr_table.h
 
 diff --git a/include/grub/slr_table.h b/include/grub/slr_table.h
 new file mode 100644
-index 000000000000..59074723b500
+index 000000000000..b6bbb0d546ff
 --- /dev/null
 +++ b/include/grub/slr_table.h
-@@ -0,0 +1,298 @@
+@@ -0,0 +1,330 @@
 +/*
 + *  GRUB  --  GRand Unified Bootloader
 + *  Copyright (C) 2023  Oracle and/or its affiliates.
@@ -43,6 +43,8 @@ index 000000000000..59074723b500
 +#ifndef GRUB_SLR_TABLE_H
 +#define GRUB_SLR_TABLE_H 1
 +
++#include <grub/safemath.h>
++
 +#define GRUB_UEFI_SLR_TABLE_GUID \
 +  { 0x877a9b2a, 0x0385, 0x45d1, { 0xa0, 0x34, 0x9d, 0xac, 0x9c, 0x9e, 0x56, 0x5f }}
 +
@@ -213,6 +215,7 @@ index 000000000000..59074723b500
 +struct grub_slr_entry_amd_info
 +{
 +  struct grub_slr_entry_hdr hdr;
++  char reserved[]; /* Reserved for future use */
 +} GRUB_PACKED;
 +
 +/*
@@ -221,14 +224,7 @@ index 000000000000..59074723b500
 +struct grub_slr_entry_arm_info
 +{
 +  struct grub_slr_entry_hdr hdr;
-+} GRUB_PACKED;
-+
-+struct grub_slr_entry_uefi_config
-+{
-+  struct grub_slr_entry_hdr hdr;
-+  grub_uint16_t revision;
-+  grub_uint16_t nr_entries;
-+  /* uefi_cfg_entries[] */
++  char reserved[]; /* Reserved for future use */
 +} GRUB_PACKED;
 +
 +struct grub_slr_uefi_cfg_entry
@@ -240,21 +236,50 @@ index 000000000000..59074723b500
 +  char evt_info[GRUB_TPM_EVENT_INFO_LENGTH];
 +} GRUB_PACKED;
 +
-+static inline void *
++struct grub_slr_entry_uefi_config
++{
++  struct grub_slr_entry_hdr hdr;
++  grub_uint16_t revision;
++  grub_uint16_t nr_entries;
++  struct grub_slr_uefi_cfg_entry uefi_cfg_entries[];
++} GRUB_PACKED;
++
++static inline grub_addr_t
 +grub_slr_end_of_entries (struct grub_slr_table *table)
 +{
-+  return (grub_uint8_t *) table + table->size;
++  return (grub_addr_t) table + table->size;
 +}
 +
 +static inline struct grub_slr_entry_hdr *
 +grub_slr_next_entry (struct grub_slr_table *table,
 +                     struct grub_slr_entry_hdr *curr)
 +{
-+  struct grub_slr_entry_hdr *next = (struct grub_slr_entry_hdr *)
-+                                    ((grub_uint8_t *) curr + curr->size);
++  grub_addr_t addr;
++  struct grub_slr_entry_hdr *next;
++
++  /* Can read the size field of current entry? */
++  if ( grub_add ((grub_addr_t) curr, sizeof(*curr), &addr) )
++    return NULL;
 +
-+  if ((void *)next >= grub_slr_end_of_entries (table))
++  /* Does current size overflow? */
++  if ( grub_add ((grub_addr_t) curr, curr->size, &addr) )
 +    return NULL;
++
++  /* Can read the size field of next entry? */
++  if ( grub_add (addr, sizeof(*next), &addr) )
++    return NULL;
++
++  /* Does next element's header fit within the table? */
++  if (addr >= grub_slr_end_of_entries (table))
++    return NULL;
++
++  next = (struct grub_slr_entry_hdr *) (addr - sizeof(*next));
++
++  /* Does next element fit within the table? */
++  if (grub_slr_end_of_entries (table) - (addr - sizeof(*next)) < next->size)
++    return NULL;
++
++  /* Is this the last element? */
 +  if (next->tag == GRUB_SLR_ENTRY_END)
 +    return NULL;
 +
@@ -287,8 +312,11 @@ index 000000000000..59074723b500
 +                    struct grub_slr_entry_hdr *entry)
 +{
 +  struct grub_slr_entry_hdr *end;
++  grub_uint32_t new_size;
 +
-+  if ((table->size + entry->size) > table->max_size)
++  if (entry->size < sizeof(*end) ||
++      grub_add (table->size, entry->size, &new_size) ||
++      new_size > table->max_size)
 +    return -1;
 +
 +  grub_memcpy ((grub_uint8_t *) table + table->size - sizeof(*end), entry, entry->size);
@@ -307,6 +335,10 @@ index 000000000000..59074723b500
 +{
 +  struct grub_slr_entry_hdr *end;
 +
++  if (max_size < sizeof(*slrt) + sizeof(*end))
++    grub_fatal ("Requested SLRT max size (%" PRIuGRUB_UINT32_T
++		" B) is too small\n", max_size);
++
 +  slrt->magic = GRUB_SLR_TABLE_MAGIC;
 +  slrt->revision = GRUB_SLR_TABLE_REVISION;
 +  slrt->architecture = architecture;

diff --git a/1111-i386-txt-Add-Intel-TXT-definitions-header-file.patch b/1111-i386-txt-Add-Intel-TXT-definitions-header-file.patch
@@ -1,21 +1,21 @@
-From a19dcf70a333c0de0e17ea1fa95c0b9ada3197ff Mon Sep 17 00:00:00 2001
+From e49d73b3f8d95c341f591f1b0f08843ed14aa1e1 Mon Sep 17 00:00:00 2001
 From: Ross Philipson <[email protected]>
 Date: Wed, 7 Aug 2019 13:53:06 -0400
 Subject: [PATCH] i386/txt: Add Intel TXT definitions header file
 
 Signed-off-by: Ross Philipson <[email protected]>
 Signed-off-by: Daniel Kiper <[email protected]>
 ---
- include/grub/i386/txt.h | 725 ++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 725 insertions(+)
+ include/grub/i386/txt.h | 703 ++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 703 insertions(+)
  create mode 100644 include/grub/i386/txt.h
 
 diff --git a/include/grub/i386/txt.h b/include/grub/i386/txt.h
 new file mode 100644
-index 000000000000..d8598e259a77
+index 000000000000..a7ddd3a66702
 --- /dev/null
 +++ b/include/grub/i386/txt.h
-@@ -0,0 +1,725 @@
+@@ -0,0 +1,703 @@
 +/*
 + *  GRUB  --  GRand Unified Bootloader
 + *  Copyright (C) 2020  Oracle and/or its affiliates.
@@ -359,8 +359,9 @@ index 000000000000..d8598e259a77
 +  grub_uint64_t reserved1;
 +  grub_uint64_t reserved2;
 +  grub_uint32_t num_logical_procs;
-+  /* Versions >= 5 with updates in version 6 */
++  /* Versions >= 3 */
 +  grub_uint32_t sinit_flags;
++  /* Versions >= 5 with updates in version 6 */
 +  grub_uint32_t mle_flags;
 +  /* Versions >= 4 */
 +  /* Ext Data Elements */
@@ -490,33 +491,33 @@ index 000000000000..d8598e259a77
 +/* TXT register and heap access */
 +
 +static inline grub_uint8_t
-+grub_txt_reg_pub_readb (grub_uint16_t reg)
++grub_txt_reg_pub_read8 (grub_uint16_t reg)
 +{
 +  return grub_read8 (GRUB_TXT_CFG_REGS_PUB + reg);
 +}
 +
 +static inline grub_uint32_t
-+grub_txt_reg_pub_readl (grub_uint16_t reg)
++grub_txt_reg_pub_read32 (grub_uint16_t reg)
 +{
 +  return grub_read32 (GRUB_TXT_CFG_REGS_PUB + reg);
 +}
 +
 +static inline grub_uint64_t
-+grub_txt_reg_pub_readq (grub_uint16_t reg)
++grub_txt_reg_pub_read64 (grub_uint16_t reg)
 +{
 +  return grub_read64 (GRUB_TXT_CFG_REGS_PUB + reg);
 +}
 +
 +static inline grub_uint8_t *
 +grub_txt_get_heap (void)
 +{
-+  return (grub_uint8_t *)(grub_addr_t) grub_txt_reg_pub_readl (GRUB_TXT_HEAP_BASE);
++  return (grub_uint8_t *)(grub_addr_t) grub_txt_reg_pub_read32 (GRUB_TXT_HEAP_BASE);
 +}
 +
 +static inline grub_uint32_t
 +grub_txt_get_heap_size (void)
 +{
-+  return grub_txt_reg_pub_readl (GRUB_TXT_HEAP_SIZE);
++  return grub_txt_reg_pub_read32 (GRUB_TXT_HEAP_SIZE);
 +}
 +
 +/*
@@ -591,9 +592,11 @@ index 000000000000..d8598e259a77
 +
 +/* Intel 64 and IA-32 Architectures Software Developer’s Manual */
 +/* Volume 2 (2A, 2B, 2C & 2D): Instruction Set Reference, A-Z */
++/* Order Number: 325383-082US December 2023 */
 +
-+/* CHAPTER 6 SAFER MODE EXTENSIONS REFERENCE */
++/* CHAPTER 7 SAFER MODE EXTENSIONS REFERENCE */
 +
++/* Table 7-2. GETSEC Leaf Functions */
 +#define GRUB_SMX_LEAF_CAPABILITIES	0
 +#define GRUB_SMX_LEAF_UNDEFINED		1
 +#define GRUB_SMX_LEAF_ENTERACCS		2
@@ -604,6 +607,7 @@ index 000000000000..d8598e259a77
 +#define GRUB_SMX_LEAF_SMCTRL		7
 +#define GRUB_SMX_LEAF_WAKEUP		8
 +
++/* Table 7-3. GETSEC Capability Result Encoding */
 +#define GRUB_SMX_CAPABILITY_CHIPSET_PRESENT	(1<<0)
 +#define GRUB_SMX_CAPABILITY_UNDEFINED		(1<<1)
 +#define GRUB_SMX_CAPABILITY_ENTERACCS		(1<<2)
@@ -627,35 +631,6 @@ index 000000000000..d8598e259a77
 +}
 +
 +static inline void
-+grub_txt_getsec_enteraccs (grub_uint32_t acm_phys_addr, grub_uint32_t acm_size)
-+{
-+  asm volatile ("getsec" :
-+                        : "a" (GRUB_SMX_LEAF_ENTERACCS),
-+                          "b" (acm_phys_addr), "c" (acm_size));
-+}
-+
-+static inline void
-+grub_txt_getsec_exitac (grub_uint32_t near_jump)
-+{
-+  asm volatile ("getsec" :
-+                        : "a" (GRUB_SMX_LEAF_EXITAC), "b" (near_jump));
-+}
-+
-+static inline void
-+grub_txt_getsec_senter (grub_uint32_t acm_phys_addr, grub_uint32_t acm_size)
-+{
-+  asm volatile ("getsec" :
-+                        : "a" (GRUB_SMX_LEAF_SENTER),
-+                          "b" (acm_phys_addr), "c" (acm_size), "d"(0));
-+}
-+
-+static inline void
-+grub_txt_getsec_sexit (void)
-+{
-+  asm volatile ("getsec" : : "a" (GRUB_SMX_LEAF_SEXIT));
-+}
-+
-+static inline void
 +grub_txt_getsec_parameters (grub_uint32_t index, grub_uint32_t *eax_out,
 +                            grub_uint32_t *ebx_out, grub_uint32_t *ecx_out)
 +{
@@ -675,7 +650,6 @@ index 000000000000..d8598e259a77
 +#define GRUB_SMX_PARAMETER_SENTER_CONTROLS	4
 +#define GRUB_SMX_PARAMETER_TXT_EXTENSIONS	5
 +
-+
 +#define GRUB_SMX_PARAMETER_MAX_VERSIONS	0x20
 +
 +#define GRUB_SMX_GET_MAX_ACM_SIZE(v)	((v) & ~(__typeof__(v))GRUB_SMX_PARAMETER_TYPE_MASK)
@@ -700,6 +674,10 @@ index 000000000000..d8598e259a77
 +#define GRUB_SMX_DEFAULT_ACM_MEMORY_TYPE GRUB_SMX_ACM_MEMORY_TYPE_UC
 +#define GRUB_SMX_DEFAULT_SENTER_CONTROLS 0x0
 +
++/*
++ * Measured Launch Environment Developer’s Guide,
++ * Table 29. OS to SINIT Data Table
++ */
 +#define GRUB_TXT_PMR_ALIGN_SHIFT	21
 +#define GRUB_TXT_PMR_ALIGN		(1 << GRUB_TXT_PMR_ALIGN_SHIFT)
 +