From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Ard Biesheuvel <ardb+git@google.com>
Cc: linux-efi@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@linux.intel.com>
Subject: Re: [PATCH v2 1/5] efi/libstub: Fold efi_tcg2_tagged_event into efi_measured_event
Date: Fri, 8 Mar 2024 09:03:31 +0200 [thread overview]
Message-ID: <CAC_iWjLhVmAjnmAvdkr3aCZwbWhNMJwLaeQ9NsUCbcwVHhwp3g@mail.gmail.com> (raw)
In-Reply-To: <20240307162214.272314-8-ardb+git@google.com>
Hi Ard,
On Thu, 7 Mar 2024 at 18:22, Ard Biesheuvel <ardb+git@google.com> wrote:
>
> From: Ard Biesheuvel <ardb@kernel.org>
>
> In spite of the efi_ prefix, struct efi_tcg2_tagged_event is specific to
> the EFI stub, and so we can tweak it to our liking if needed, e.g., to
> accommodate the TDX variant of the TCG2 measurement protocol.
>
> In preparation for that, get rid of it entirely, and combine it with the
> efi_measured_event struct used by the measurement code.
>
> Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> ---
> drivers/firmware/efi/libstub/efi-stub-helper.c | 38 +++++++++++---------
> drivers/firmware/efi/libstub/efistub.h | 7 ----
> 2 files changed, 22 insertions(+), 23 deletions(-)
>
> diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c
> index bfa30625f5d0..186ced8371ac 100644
> --- a/drivers/firmware/efi/libstub/efi-stub-helper.c
> +++ b/drivers/firmware/efi/libstub/efi-stub-helper.c
> @@ -11,6 +11,7 @@
>
> #include <linux/efi.h>
> #include <linux/kernel.h>
> +#include <linux/overflow.h>
> #include <asm/efi.h>
> #include <asm/setup.h>
>
> @@ -193,7 +194,7 @@ void efi_apply_loadoptions_quirk(const void **load_options, u32 *load_options_si
> *load_options_size = load_option_unpacked.optional_data_size;
> }
>
> -enum efistub_event {
> +enum efistub_event_type {
> EFISTUB_EVT_INITRD,
> EFISTUB_EVT_LOAD_OPTIONS,
> EFISTUB_EVT_COUNT,
> @@ -219,46 +220,51 @@ static const struct {
> },
> };
>
> +union efistub_event {
> + efi_tcg2_event_t tcg2_data;
> +};
> +
> +struct efistub_measured_event {
> + union efistub_event event_data;
> + u32 tagged_event_id;
> + u32 tagged_event_data_size;
> + u8 tagged_event_data[];
> +} __packed;
> +
> static efi_status_t efi_measure_tagged_event(unsigned long load_addr,
> unsigned long load_size,
> - enum efistub_event event)
> + enum efistub_event_type event)
> {
> + struct efistub_measured_event *evt;
> + int size = struct_size(evt, tagged_event_data,
> + events[event].event_data_len);
> efi_guid_t tcg2_guid = EFI_TCG2_PROTOCOL_GUID;
> efi_tcg2_protocol_t *tcg2 = NULL;
> efi_status_t status;
>
> efi_bs_call(locate_protocol, &tcg2_guid, NULL, (void **)&tcg2);
> if (tcg2) {
> - struct efi_measured_event {
> - efi_tcg2_event_t event_data;
> - efi_tcg2_tagged_event_t tagged_event;
> - u8 tagged_event_data[];
> - } *evt;
> - int size = sizeof(*evt) + events[event].event_data_len;
> -
> status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size,
> (void **)&evt);
> if (status != EFI_SUCCESS)
> goto fail;
>
> - evt->event_data = (struct efi_tcg2_event){
> + evt->event_data.tcg2_data = (struct efi_tcg2_event){
> .event_size = size,
> - .event_header.header_size = sizeof(evt->event_data.event_header),
> + .event_header.header_size = sizeof(evt->event_data.tcg2_data.event_header),
> .event_header.header_version = EFI_TCG2_EVENT_HEADER_VERSION,
> .event_header.pcr_index = events[event].pcr_index,
> .event_header.event_type = EV_EVENT_TAG,
> };
>
> - evt->tagged_event = (struct efi_tcg2_tagged_event){
> - .tagged_event_id = events[event].event_id,
> - .tagged_event_data_size = events[event].event_data_len,
> - };
> + evt->tagged_event_id = events[event].event_id;
> + evt->tagged_event_data_size = events[event].event_data_len;
>
> memcpy(evt->tagged_event_data, events[event].event_data,
> events[event].event_data_len);
>
> status = efi_call_proto(tcg2, hash_log_extend_event, 0,
> - load_addr, load_size, &evt->event_data);
> + load_addr, load_size, &evt->event_data.tcg2_data);
> efi_bs_call(free_pool, evt);
>
> if (status != EFI_SUCCESS)
> diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
> index c04b82ea40f2..dae635cc3d4f 100644
> --- a/drivers/firmware/efi/libstub/efistub.h
> +++ b/drivers/firmware/efi/libstub/efistub.h
> @@ -843,14 +843,7 @@ struct efi_tcg2_event {
> /* u8[] event follows here */
> } __packed;
>
> -struct efi_tcg2_tagged_event {
> - u32 tagged_event_id;
> - u32 tagged_event_data_size;
> - /* u8 tagged event data follows here */
> -} __packed;
> -
> typedef struct efi_tcg2_event efi_tcg2_event_t;
> -typedef struct efi_tcg2_tagged_event efi_tcg2_tagged_event_t;
> typedef union efi_tcg2_protocol efi_tcg2_protocol_t;
>
> union efi_tcg2_protocol {
> --
> 2.44.0.278.ge034bb2e1d-goog
>
next prev parent reply other threads:[~2024-03-08 7:04 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-07 16:22 [PATCH v2 0/5] efi/libstub: Fall back to CC proto for measurement Ard Biesheuvel
2024-03-07 16:22 ` [PATCH v2 1/5] efi/libstub: Fold efi_tcg2_tagged_event into efi_measured_event Ard Biesheuvel
2024-03-08 7:03 ` Ilias Apalodimas [this message]
2024-03-07 16:22 ` [PATCH v2 2/5] efi/tpm: Use symbolic GUID name from spec for final events table Ard Biesheuvel
2024-03-07 16:38 ` Kuppuswamy Sathyanarayanan
2024-03-08 6:16 ` Ilias Apalodimas
2024-03-07 16:22 ` [PATCH v2 3/5] efi/libstub: Add Confidential Computing (CC) measurement typedefs Ard Biesheuvel
2024-03-07 16:22 ` [PATCH v2 4/5] efi/libstub: Measure into CC protocol if TCG2 protocol is absent Ard Biesheuvel
2024-03-07 16:22 ` [PATCH v2 5/5] efi/libstub: Add get_event_log() support for CC platforms Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAC_iWjLhVmAjnmAvdkr3aCZwbWhNMJwLaeQ9NsUCbcwVHhwp3g@mail.gmail.com \
--to=ilias.apalodimas@linaro.org \
--cc=ardb+git@google.com \
--cc=ardb@kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).