From patchwork Thu Nov 4 17:03:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Richter X-Patchwork-Id: 1551116 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=Y47RUtdu; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=112.213.38.117; helo=lists.ozlabs.org; envelope-from=skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org; receiver=) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HlVMj2DpWz9sCD for ; Fri, 5 Nov 2021 04:03:29 +1100 (AEDT) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4HlVMj0htHz2yPM for ; Fri, 5 Nov 2021 04:03:29 +1100 (AEDT) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=Y47RUtdu; dkim-atps=neutral X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=erichte@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=Y47RUtdu; dkim-atps=neutral Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4HlVMT6l7tz2xvc for ; Fri, 5 Nov 2021 04:03:17 +1100 (AEDT) Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 1A4H1cX5005942; Thu, 4 Nov 2021 17:03:14 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=SAgcTVBaH7NZhIVxdUArmeUImq/pD5kCIE2jM205DiA=; b=Y47RUtduJvIbXe+YwLN0ZDUDi5T537sLNGZ6tiA65l9H7zcovU7lwUSO9HOuiIU88ApK NHT41ihHg9yS5g5b1jX3Wn6CgF8iBZhd1nZuOS3egznJRetQ5s4HYG1oH2K8p7c4bCg2 uIJTu9eRwrGsCgZ79qskOulkv6wX26ud4KpF6m7RxYdLOf8jbdeKOpcHbdBihPz7WW5p 37xAyBqnnxmGiJK2wXRBJdYCtWzpAVVQ7QYqXEJg0l9ZT2DxCAXgZpnjiwoZUFl42yel +euo1oRACfZX0W/f9ozxk81g/erRMSnBm4IvorGhhIVL7Dz3ZPZs7AmicU87k/yQIJyC WQ== Received: from ppma03fra.de.ibm.com (6b.4a.5195.ip4.static.sl-reverse.com [149.81.74.107]) by mx0a-001b2d01.pphosted.com with ESMTP id 3c4kdt07t6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 Nov 2021 17:03:14 +0000 Received: from pps.filterd (ppma03fra.de.ibm.com [127.0.0.1]) by ppma03fra.de.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 1A4GxNoj026242; Thu, 4 Nov 2021 17:03:12 GMT Received: from b06cxnps3074.portsmouth.uk.ibm.com (d06relay09.portsmouth.uk.ibm.com [9.149.109.194]) by ppma03fra.de.ibm.com with ESMTP id 3c0wpa7t4r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 Nov 2021 17:03:12 +0000 Received: from d06av24.portsmouth.uk.ibm.com (mk.ibm.com [9.149.105.60]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 1A4H39uw26739112 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 4 Nov 2021 17:03:09 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6ABA04204C; Thu, 4 Nov 2021 17:03:09 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A312442041; Thu, 4 Nov 2021 17:03:08 +0000 (GMT) Received: from ceres.ibmuc.com (unknown [9.160.111.35]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Thu, 4 Nov 2021 17:03:08 +0000 (GMT) From: Eric Richter To: skiboot@lists.ozlabs.org Date: Thu, 4 Nov 2021 12:03:04 -0500 Message-Id: <20211104170306.943059-2-erichte@linux.ibm.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20211104170306.943059-1-erichte@linux.ibm.com> References: <20211104170306.943059-1-erichte@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: I_UXr2PyEXnX59TvrJWgE8uktaTXNcL6 X-Proofpoint-ORIG-GUID: I_UXr2PyEXnX59TvrJWgE8uktaTXNcL6 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.0.607.475 definitions=2021-11-04_05,2021-11-03_01,2020-04-07_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 bulkscore=0 mlxlogscore=999 lowpriorityscore=0 spamscore=0 mlxscore=0 phishscore=0 malwarescore=0 priorityscore=1501 impostorscore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2111040064 Subject: [Skiboot] [PATCH v3 1/3] secvar/secboot_tpm: correctly reset the control index on secboot format X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Nick Child Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" When the SECBOOT partition is formatted, the bank hash stored in the control TPM NV index must be updated to match, or else we will immediately fail to load the freshly formatted data at the .load_bank() step. However, while the secboot_format() function does calculate and update the bank hash, it only writes the new hash for bank 0. It does not update the value for bank 1, or set the current active bank. This works as expected if the active bank bit happens to be set to 0. On the other hand, if the active bit is set to 1, the freshly formatted bank 1 will be compared against the unchanged bank hash in bank 1 at the load step, therefore causing an error. This patch fixes this issue by also setting the active bit to 0 to match the freshly calculated hash. Signed-off-by: Eric Richter Tested-by: Nick Child Reviewed-by: Daniel Axtens --- libstb/secvar/storage/secboot_tpm.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/libstb/secvar/storage/secboot_tpm.c b/libstb/secvar/storage/secboot_tpm.c index 129f674a..45373cf4 100644 --- a/libstb/secvar/storage/secboot_tpm.c +++ b/libstb/secvar/storage/secboot_tpm.c @@ -127,12 +127,15 @@ static int secboot_format(void) prlog(PR_ERR, "Bank hash failed to calculate somehow\n"); return rc; } + /* Clear bank_hash[1] anyway, to match initial zeroed bank hash state */ + memset(tpmnv_control_image->bank_hash[1], 0x00, sizeof(tpmnv_control_image->bank_hash[1])); + + tpmnv_control_image->active_bit = 0; rc = tpmnv_ops.write(SECBOOT_TPMNV_CONTROL_INDEX, - tpmnv_control_image->bank_hash[0], - SHA256_DIGEST_SIZE, - offsetof(struct tpmnv_control, - bank_hash[0])); + tpmnv_control_image, + sizeof(struct tpmnv_control), + 0); if (rc) { prlog(PR_ERR, "Could not write fresh formatted bank hashes to CONTROL index, rc=%d\n", rc); return rc; From patchwork Thu Nov 4 17:03:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Richter X-Patchwork-Id: 1551117 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=gc/yI/kT; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=112.213.38.117; helo=lists.ozlabs.org; envelope-from=skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org; receiver=) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HlVMr5FfSz9sCD for ; Fri, 5 Nov 2021 04:03:36 +1100 (AEDT) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4HlVMr4TKsz2yn2 for ; Fri, 5 Nov 2021 04:03:36 +1100 (AEDT) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=gc/yI/kT; dkim-atps=neutral X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=erichte@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=gc/yI/kT; dkim-atps=neutral Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4HlVMW1SGKz2xvc for ; Fri, 5 Nov 2021 04:03:19 +1100 (AEDT) Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 1A4H1XKk015821; Thu, 4 Nov 2021 17:03:16 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=9ZnRw4IQA1yEEi7Lv+hvqFE4Zfm/VZrvvFEEZgQzStk=; b=gc/yI/kTSCtRWVKz4JkIQUzqfHnJPlyaONy/GWqOpMXybMaoojyJaXlotSWc0X9qUx97 eLFHmoxkR8U7i4tN7+OQvf9NB7AZAbeEmP+CCOYAPAIkMlf52tbjmXMehOLtx7iqmByn D67SFUTXw/K9Xf3Wub7PGsgg/+Qz6Z4Rm5v3iLX38JpSo2nzJQ2YArRbumrxse1NQzri ADk5NNcHKcYmgYBRywKEup6w64/dGQg8N7MlQcWfbEF1ES5yYqCkSEgBxuuW+mVallmP 7T23nC713NSLMVWo4972i3Z2hEexerA8CHMjQmWsVYlEoLiwretdCE81P/m1iwnsTfIS bA== Received: from ppma05fra.de.ibm.com (6c.4a.5195.ip4.static.sl-reverse.com [149.81.74.108]) by mx0a-001b2d01.pphosted.com with ESMTP id 3c4jha1j6u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 Nov 2021 17:03:15 +0000 Received: from pps.filterd (ppma05fra.de.ibm.com [127.0.0.1]) by ppma05fra.de.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 1A4GxMIG018873; Thu, 4 Nov 2021 17:03:13 GMT Received: from b06cxnps4074.portsmouth.uk.ibm.com (d06relay11.portsmouth.uk.ibm.com [9.149.109.196]) by ppma05fra.de.ibm.com with ESMTP id 3c0wpa7wh6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 Nov 2021 17:03:13 +0000 Received: from d06av24.portsmouth.uk.ibm.com (d06av24.portsmouth.uk.ibm.com [9.149.105.60]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 1A4H3AZk62521676 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 4 Nov 2021 17:03:10 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7A41D42057; Thu, 4 Nov 2021 17:03:10 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B2F014204F; Thu, 4 Nov 2021 17:03:09 +0000 (GMT) Received: from ceres.ibmuc.com (unknown [9.160.111.35]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Thu, 4 Nov 2021 17:03:09 +0000 (GMT) From: Eric Richter To: skiboot@lists.ozlabs.org Date: Thu, 4 Nov 2021 12:03:05 -0500 Message-Id: <20211104170306.943059-3-erichte@linux.ibm.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20211104170306.943059-1-erichte@linux.ibm.com> References: <20211104170306.943059-1-erichte@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: _Me0IH2gtej5a53vBDDvqVECQALUuf-3 X-Proofpoint-GUID: _Me0IH2gtej5a53vBDDvqVECQALUuf-3 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.0.607.475 definitions=2021-11-04_05,2021-11-03_01,2020-04-07_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 impostorscore=0 malwarescore=0 phishscore=0 bulkscore=0 lowpriorityscore=0 mlxlogscore=999 clxscore=1015 spamscore=0 priorityscore=1501 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2111040064 Subject: [Skiboot] [PATCH v3 2/3] secvar/secboot_tpm: unify behavior for bank hash check and secboot header check X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Nick Child Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" As the PNOR variable space cannot be locked, the data must be integrity checked when loaded to ensure it has not beeen modified by an unauthorized party. In the event that a modification has been detected (i.e. hash mismatch), we must not load in data that could potentially be compromised. However, the previous code was a bit overzealous with its reaction to detecting a compromised SECBOOT partition, and also had some inconsistencies in behavior. Case 1: SECBOOT partition cleared. .init() checks the header for the magic number and version. As neither matches, will reformat the entire partition. Now, .load_bank() will pass, as the data was just freshly reformatted (note: this also could trigger the bug addressed in the previous patch). Only variables in the TPM will be loaded by .load_bank() as the data in SECBOOT is now empty. Case 2: Bank hash mismatch. .load_bank() panics and returns an error code, causing secvar_main() to jump to the error scenario, which prevents the secvar API from being exposed. os-secure-enforcing is set unconditionally, and the user will have no API to manage or attempt to fix their system without issuing a key clear request. This patch unifies the behavior of both of these cases. Now, .init() handles checking the header AND comparing the bank hash. If either check fails, the SECBOOT partition will be reformatted. Variables in the TPM will still be loaded in the .load_bank() step, and provided the backend stores its secure boot state in the TPM, secure boot state can be preserved. Signed-off-by: Eric Richter Tested-by: Nick Child Reviewed-by: Daniel Axtens --- libstb/secvar/storage/secboot_tpm.c | 30 +++++++++++++++++++- libstb/secvar/test/secvar-test-secboot-tpm.c | 15 ---------- 2 files changed, 29 insertions(+), 16 deletions(-) diff --git a/libstb/secvar/storage/secboot_tpm.c b/libstb/secvar/storage/secboot_tpm.c index 45373cf4..ff8ea9e0 100644 --- a/libstb/secvar/storage/secboot_tpm.c +++ b/libstb/secvar/storage/secboot_tpm.c @@ -374,7 +374,9 @@ fail: return rc; } -static int secboot_tpm_load_variable_bank(struct list_head *bank) + +/* Helper to validate the current active SECBOOT bank's data against the hash stored in the TPM */ +static int compare_bank_hash(void) { char bank_hash[SHA256_DIGEST_LENGTH]; uint64_t bit = tpmnv_control_image->active_bit; @@ -394,6 +396,15 @@ static int secboot_tpm_load_variable_bank(struct list_head *bank) /* Tampered pnor space detected, abandon ship */ return OPAL_PERMISSION; + return OPAL_SUCCESS; +} + + +static int secboot_tpm_load_variable_bank(struct list_head *bank) +{ + uint64_t bit = tpmnv_control_image->active_bit; + int rc; + rc = secboot_tpm_deserialize_from_buffer(bank, tpmnv_vars_image->vars, tpmnv_vars_size, SECVAR_FLAG_PROTECTED); if (rc) return rc; @@ -692,8 +703,25 @@ static int secboot_tpm_store_init(void) rc = secboot_format(); if (rc) goto error; + goto done; } + /* Verify the active bank's integrity by comparing against the hash in TPM. + * Reformat if it does not match -- we do not want to load potentially + * compromised data. + * Ideally, the backend driver should retain secure boot state in + * protected (TPM) storage, so secure boot state should be the same, albeit + * without the data in unprotected (PNOR) storage. + */ + rc = compare_bank_hash(); + if (rc == OPAL_PERMISSION) { + rc = secboot_format(); + if (rc) + goto error; + } + else if (rc) + goto error; + done: return OPAL_SUCCESS; diff --git a/libstb/secvar/test/secvar-test-secboot-tpm.c b/libstb/secvar/test/secvar-test-secboot-tpm.c index 798ca281..30885674 100644 --- a/libstb/secvar/test/secvar-test-secboot-tpm.c +++ b/libstb/secvar/test/secvar-test-secboot-tpm.c @@ -99,21 +99,6 @@ int run_test(void) ASSERT(*((uint64_t*) secboot_image->bank[0]) != 0llu); ASSERT(*((uint64_t*) secboot_image->bank[1]) != 0llu); - clear_bank_list(&variable_bank); - - // Tamper with pnor, hash check should catch this - secboot_image->bank[0][0] = ~secboot_image->bank[0][0]; - - rc = secboot_tpm_load_bank(&variable_bank, SECVAR_VARIABLE_BANK); - ASSERT(rc != OPAL_SUCCESS); // TODO: permission? - - // Fix it back... - secboot_image->bank[0][0] = ~secboot_image->bank[0][0]; - - // Should be ok again - rc = secboot_tpm_load_bank(&variable_bank, SECVAR_VARIABLE_BANK); - ASSERT(rc == OPAL_SUCCESS); - clear_bank_list(&variable_bank); free(secboot_buffer); From patchwork Thu Nov 4 17:03:06 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Richter X-Patchwork-Id: 1551118 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=gvlImShP; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=112.213.38.117; helo=lists.ozlabs.org; envelope-from=skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org; receiver=) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HlVN02Vhxz9sCD for ; Fri, 5 Nov 2021 04:03:44 +1100 (AEDT) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4HlVN01K4cz2xt9 for ; Fri, 5 Nov 2021 04:03:44 +1100 (AEDT) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=gvlImShP; dkim-atps=neutral X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=erichte@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=gvlImShP; dkim-atps=neutral Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4HlVMX2LwFz2xvc for ; Fri, 5 Nov 2021 04:03:20 +1100 (AEDT) Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 1A4H1WF4024949; Thu, 4 Nov 2021 17:03:16 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=LBw3TKwf9rGRFuNucTUf+3Rsw+uNOTED7CycBXxb2W4=; b=gvlImShPJjDQ8AEDIKy1js8q1jYNJei0mpYD2VebNV5UHDjXxk9p26Hv5awU1RdDBRq9 ehqGFRgQOc0VD9SKism8/hQ4AK1OfTn5fEPXcJtgiunwTbW8uofTDA2I2f6i9xdgAHKT C5O5yPLxPTIeYEE6Q9USwhTbO4wJZ297cvkl2F/oz8Z2sV+iqX0A/TQZcp16jwkN1M7q GAvdmCW8b98wQP2dE8wuAkpcDDX978yHF3j+mBzx4SclvzeZlxoJe4v+ppjoODn3Fam8 tW4KkDZhh7/NjrTXMZVGc1xZhALpuGWjOMtGFlRsqhzZOju+YQyLLnMLi77wsiNfcSiL Pg== Received: from ppma06ams.nl.ibm.com (66.31.33a9.ip4.static.sl-reverse.com [169.51.49.102]) by mx0a-001b2d01.pphosted.com with ESMTP id 3c4jwkh3wk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 Nov 2021 17:03:16 +0000 Received: from pps.filterd (ppma06ams.nl.ibm.com [127.0.0.1]) by ppma06ams.nl.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 1A4GxCnp001984; Thu, 4 Nov 2021 17:03:14 GMT Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197]) by ppma06ams.nl.ibm.com with ESMTP id 3c0wak27v3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 Nov 2021 17:03:14 +0000 Received: from d06av24.portsmouth.uk.ibm.com (mk.ibm.com [9.149.105.60]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 1A4H3BDe66715964 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 4 Nov 2021 17:03:11 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 92F7B4204D; Thu, 4 Nov 2021 17:03:11 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C22B54203F; Thu, 4 Nov 2021 17:03:10 +0000 (GMT) Received: from ceres.ibmuc.com (unknown [9.160.111.35]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Thu, 4 Nov 2021 17:03:10 +0000 (GMT) From: Eric Richter To: skiboot@lists.ozlabs.org Date: Thu, 4 Nov 2021 12:03:06 -0500 Message-Id: <20211104170306.943059-4-erichte@linux.ibm.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20211104170306.943059-1-erichte@linux.ibm.com> References: <20211104170306.943059-1-erichte@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: x02nA3zoamAkBnZzSk6nm9eWkMNqZC4Q X-Proofpoint-ORIG-GUID: x02nA3zoamAkBnZzSk6nm9eWkMNqZC4Q X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.0.607.475 definitions=2021-11-04_05,2021-11-03_01,2020-04-07_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 priorityscore=1501 lowpriorityscore=0 malwarescore=0 bulkscore=0 spamscore=0 mlxscore=0 phishscore=0 clxscore=1015 adultscore=0 mlxlogscore=816 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2111040064 Subject: [Skiboot] [PATCH v3 3/3] secvar/edk2: store timestamp variable in protected storage X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Nick Child Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" Each signed variable update contains a timestamp -- this timestamp is checked against the previous timestamp seen for that particular variable (if any), and the update is rejected if the timestamp is not a later time than the previous. This timestamp check is intended to prevent re-use of signed update files. Currently, the code stores the timestamps in the TS variable, which is then stored in regular variable storage (typically PNOR). This patch promotes the variable to "protected storage" (typically TPM NV), so avoid this variable being accidentally cleared. This change should only come into effect when either: - initializing secvar for the first time (i.e. first boot, or after a key-clear-request) - processing any variable update Systems that already have a TS variable in PNOR will not be affected until either of the above actions are taken. Signed-off-by: Eric Richter Tested-by: Nick Child Reviewed-by: Daniel Axtens --- libstb/secvar/backend/edk2-compat-process.c | 4 +++- libstb/secvar/backend/edk2-compat.c | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/libstb/secvar/backend/edk2-compat-process.c b/libstb/secvar/backend/edk2-compat-process.c index 770c3706..d69e066f 100644 --- a/libstb/secvar/backend/edk2-compat-process.c +++ b/libstb/secvar/backend/edk2-compat-process.c @@ -45,7 +45,9 @@ int update_variable_in_bank(struct secvar *update_var, const char *data, else var->flags |= SECVAR_FLAG_VOLATILE; - if (key_equals(update_var->key, "PK") || key_equals(update_var->key, "HWKH")) + if (key_equals(update_var->key, "PK") + || key_equals(update_var->key, "HWKH") + || key_equals(update_var->key, "TS")) var->flags |= SECVAR_FLAG_PROTECTED; return 0; diff --git a/libstb/secvar/backend/edk2-compat.c b/libstb/secvar/backend/edk2-compat.c index 9e61fbc6..d7975fa2 100644 --- a/libstb/secvar/backend/edk2-compat.c +++ b/libstb/secvar/backend/edk2-compat.c @@ -89,6 +89,7 @@ static int edk2_compat_pre_process(struct list_head *variable_bank, memcpy(tsvar->key, "TS", 3); tsvar->key_len = 3; tsvar->data_size = sizeof(struct efi_time) * 4; + tsvar->flags = SECVAR_FLAG_PROTECTED; memset(tsvar->data, 0, tsvar->data_size); list_add_tail(variable_bank, &tsvar->link); }