From patchwork Wed Feb 14 22:18:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ross Philipson X-Patchwork-Id: 201155 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:b825:b0:106:860b:bbdd with SMTP id da37csp23497dyb; Wed, 14 Feb 2024 14:33:45 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVJ5TxtVv0cBDwuqdMlCbtZldAgOT7axYyBLzRslo70w+U1XnR8UjWvAWlt5N2JbJIACWCZn3vmXUfHoGnkdNh/HHpK7g== X-Google-Smtp-Source: AGHT+IEZxcs1g07dAO1RFChsKhpkUF6HK0WEQueXOkRM3s10KZGerdE46hzq2tN/fR7Qfa/5H1cQ X-Received: by 2002:a25:ae56:0:b0:dcc:cadf:3376 with SMTP id g22-20020a25ae56000000b00dcccadf3376mr3415974ybe.18.1707950025440; Wed, 14 Feb 2024 14:33:45 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707950025; cv=pass; d=google.com; s=arc-20160816; b=Bvu5RMPMZASkx2W2MEJny2buNgCbM+rshiBD2putg4hwmF5CS4bL13cYPTZc6OUWTh yCqd8sbxlbCuQeqiklZZR4BIgJDTeCmd7uuxXAPl2HCpNg9WQmz0zjfHYnvhXD4x0Itx AbIzIIVW51hQY2cCJbrbJx41xgAQCZ0yGT2sEZv5vkODtjZpQ8IpBXr0t6pOtSIsongZ duTHudKo3NccdLrDJ6WtZnRCO4otno5EYwQCeJpHg/erM4OEZm0ZO6fjc//HAWpmZFzx 41XJyzxTlLkjZAOmB+20r4dSe+UFuESj5r5xJab1qB0+3Usw47XU0tfX/Md3PBtZl+2g lbow== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=3XE3IR91aM87j2ateTG+UV/PlVF7Sh+N8kA1KV+FQ+g=; fh=8Yi9ekhrsZFPoQwI1mqYNWqkTm1Q3iUHpkig+/9/fSE=; b=WEzD0oJB2mgZIg7b/I3X7bUKX0hFDRYxUUfCNNqfNNphTX3UtdkFR+Zd3rqwS98Us3 NbmZru4aJVI7oyiR/HmFVBAeMWBDEdPxVG31y590+Cpqp6mFWWsNiMpbwCtytO78777b F1jmvfXSYh6Ap5ZALLbmhuod6EatB0JjdQ/5uM1ALAeLZIPqWBfTKE4M7MNyfuZgjAPT f19R2B1H04kNLWNEmUvS5CW0QSIqig9oRNh+FndODSppDTmRzvSIWwra2nlcW6jrdUR3 1Mw0e9CatDIsYPuD88jVs5qMrXIdBk3EhOeNdDdz6SERGZEw3MZMHWTHRzdk1QVmI6Sf rv+Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-11-20 header.b=kGgapvyY; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-kernel+bounces-66047-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-66047-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id z6-20020ae9c106000000b00787163b71e7si82240qki.517.2024.02.14.14.33.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 14:33:45 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-66047-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-11-20 header.b=kGgapvyY; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-kernel+bounces-66047-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-66047-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 2E8111C21D35 for ; Wed, 14 Feb 2024 22:33:45 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 74315145B12; Wed, 14 Feb 2024 22:32:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="kGgapvyY" Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 629F82E62F; Wed, 14 Feb 2024 22:32:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707949932; cv=none; b=QJhaisKdmMAFhquQbufFptoPE0P+T7Zw8jIMuzBGPFy6WebpHQi0vSh2bwoW33PHI7/UWL63z8e+lkDGIiJYrJgQ1Y+FBhJW5btCIPud+juQn7yYy8mxf6tRrpCKLqYG7g5T7NCC2mZxrt2L79XQWb4W0yE715us63nZSMH/VHk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707949932; c=relaxed/simple; bh=Lyz5ElM/kHA1c+RS76M5rWC7GU7OtJsR6vqzYFRjdZM=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=UIOfiMbv843y5OW742dTF6zfhZHnk8ptSqR1Jh7S75/7aWhE042yZF1RnAxTXKXg2wDN2VP7EMWPCyxcQR2mufOnQe4FjcT1sy3ZuGTXS0Ik2u2KveW+BwpO6EFQqxlV3hB6zglI44gh5+Jpe926uv+7ybJd9r0nrIVxmq+Twc8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=kGgapvyY; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Received: from pps.filterd (m0333521.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 41ELj40W013828; Wed, 14 Feb 2024 22:31:39 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=corp-2023-11-20; bh=3XE3IR91aM87j2ateTG+UV/PlVF7Sh+N8kA1KV+FQ+g=; b=kGgapvyYbEg2fz9MsizIYnwJsx5jJC/986QZ/FNkpbtAPL1H/hCmsRGPiJTjHM9QF1LD pUBOv1OO2eUKjIjBL2rSz7NvnEGUmB/VSVHuwH7ftHaM4Fehj2EKKgdRHuabAoMBsqbJ ImgZJd6X07zNDsqPJJphCEoY27/RPUH4WGpkMSxaiTae/Y2My4VTJ0+GC6iZKnVT6iY6 V6SBfSDb6F/GDFGtL4mqsqLUTPSpzMEyYjBSmflItJ0l9HKkyx5dQ3iXRMF4MGxbCR94 FAgDTTGTCmn4gOEqUWMHfSPkPPLQ5juUhJvU6YcMKd1T57XAfuc3c+/JEjgOQZQtSCu3 Lw== Received: from iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta02.appoci.oracle.com [147.154.18.20]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3w91w6rprm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 14 Feb 2024 22:31:38 +0000 Received: from pps.filterd (iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 41EL5RG6000608; Wed, 14 Feb 2024 22:31:37 GMT Received: from pps.reinject (localhost [127.0.0.1]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 3w5yk9n78a-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 14 Feb 2024 22:31:37 +0000 Received: from iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 41EMVTV6004281; Wed, 14 Feb 2024 22:31:36 GMT Received: from bur-virt-x6-2-100.us.oracle.com (bur-virt-x6-2-100.us.oracle.com [10.153.92.40]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 3w5yk9n72r-7 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 14 Feb 2024 22:31:36 +0000 From: Ross Philipson To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org, linux-crypto@vger.kernel.org, kexec@lists.infradead.org, linux-efi@vger.kernel.org Cc: ross.philipson@oracle.com, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, dave.hansen@linux.intel.com, ardb@kernel.org, mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com, peterhuewe@gmx.de, jarkko@kernel.org, jgg@ziepe.ca, luto@amacapital.net, nivedita@alum.mit.edu, herbert@gondor.apana.org.au, davem@davemloft.net, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com Subject: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements Date: Wed, 14 Feb 2024 14:18:38 -0800 Message-Id: <20240214221847.2066632-7-ross.philipson@oracle.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20240214221847.2066632-1-ross.philipson@oracle.com> References: <20240214221847.2066632-1-ross.philipson@oracle.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-14_14,2024-02-14_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 phishscore=0 mlxscore=0 bulkscore=0 spamscore=0 malwarescore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2402140170 X-Proofpoint-ORIG-GUID: Ur0q8EOkTs6L7LPizte6vAclWenda5Zk X-Proofpoint-GUID: Ur0q8EOkTs6L7LPizte6vAclWenda5Zk X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1790915405711732478 X-GMAIL-MSGID: 1790915405711732478 From: "Daniel P. Smith" The SHA algorithms are necessary to measure configuration information into the TPM as early as possible before using the values. This implementation uses the established approach of #including the SHA libraries directly in the code since the compressed kernel is not uncompressed at this point. The SHA code here has its origins in the code from the main kernel: commit c4d5b9ffa31f ("crypto: sha1 - implement base layer for SHA-1") A modified version of this code was introduced to the lib/crypto/sha1.c to bring it in line with the sha256 code and allow it to be pulled into the setup kernel in the same manner as sha256 is. Signed-off-by: Daniel P. Smith Signed-off-by: Ross Philipson --- arch/x86/boot/compressed/Makefile | 2 + arch/x86/boot/compressed/early_sha1.c | 12 ++++ arch/x86/boot/compressed/early_sha256.c | 6 ++ include/crypto/sha1.h | 1 + lib/crypto/sha1.c | 81 +++++++++++++++++++++++++ 5 files changed, 102 insertions(+) create mode 100644 arch/x86/boot/compressed/early_sha1.c create mode 100644 arch/x86/boot/compressed/early_sha256.c diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile index f19c038409aa..a1b018eb9801 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -118,6 +118,8 @@ vmlinux-objs-$(CONFIG_EFI) += $(obj)/efi.o vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_mixed.o vmlinux-objs-$(CONFIG_EFI_STUB) += $(objtree)/drivers/firmware/efi/libstub/lib.a +vmlinux-objs-$(CONFIG_SECURE_LAUNCH) += $(obj)/early_sha1.o $(obj)/early_sha256.o + $(obj)/vmlinux: $(vmlinux-objs-y) FORCE $(call if_changed,ld) diff --git a/arch/x86/boot/compressed/early_sha1.c b/arch/x86/boot/compressed/early_sha1.c new file mode 100644 index 000000000000..0c7cf6f8157a --- /dev/null +++ b/arch/x86/boot/compressed/early_sha1.c @@ -0,0 +1,12 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (c) 2022 Apertus Solutions, LLC. + */ + +#include +#include +#include +#include +#include + +#include "../../../../lib/crypto/sha1.c" diff --git a/arch/x86/boot/compressed/early_sha256.c b/arch/x86/boot/compressed/early_sha256.c new file mode 100644 index 000000000000..54930166ffee --- /dev/null +++ b/arch/x86/boot/compressed/early_sha256.c @@ -0,0 +1,6 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (c) 2022 Apertus Solutions, LLC + */ + +#include "../../../../lib/crypto/sha256.c" diff --git a/include/crypto/sha1.h b/include/crypto/sha1.h index 044ecea60ac8..d715dd5332e1 100644 --- a/include/crypto/sha1.h +++ b/include/crypto/sha1.h @@ -42,5 +42,6 @@ extern int crypto_sha1_finup(struct shash_desc *desc, const u8 *data, #define SHA1_WORKSPACE_WORDS 16 void sha1_init(__u32 *buf); void sha1_transform(__u32 *digest, const char *data, __u32 *W); +void sha1(const u8 *data, unsigned int len, u8 *out); #endif /* _CRYPTO_SHA1_H */ diff --git a/lib/crypto/sha1.c b/lib/crypto/sha1.c index 1aebe7be9401..10152125b338 100644 --- a/lib/crypto/sha1.c +++ b/lib/crypto/sha1.c @@ -137,4 +137,85 @@ void sha1_init(__u32 *buf) } EXPORT_SYMBOL(sha1_init); +static void __sha1_transform(u32 *digest, const char *data) +{ + u32 ws[SHA1_WORKSPACE_WORDS]; + + sha1_transform(digest, data, ws); + + memzero_explicit(ws, sizeof(ws)); +} + +static void sha1_update(struct sha1_state *sctx, const u8 *data, unsigned int len) +{ + unsigned int partial = sctx->count % SHA1_BLOCK_SIZE; + + sctx->count += len; + + if (likely((partial + len) >= SHA1_BLOCK_SIZE)) { + int blocks; + + if (partial) { + int p = SHA1_BLOCK_SIZE - partial; + + memcpy(sctx->buffer + partial, data, p); + data += p; + len -= p; + + __sha1_transform(sctx->state, sctx->buffer); + } + + blocks = len / SHA1_BLOCK_SIZE; + len %= SHA1_BLOCK_SIZE; + + if (blocks) { + while (blocks--) { + __sha1_transform(sctx->state, data); + data += SHA1_BLOCK_SIZE; + } + } + partial = 0; + } + + if (len) + memcpy(sctx->buffer + partial, data, len); +} + +static void sha1_final(struct sha1_state *sctx, u8 *out) +{ + const int bit_offset = SHA1_BLOCK_SIZE - sizeof(__be64); + unsigned int partial = sctx->count % SHA1_BLOCK_SIZE; + __be64 *bits = (__be64 *)(sctx->buffer + bit_offset); + __be32 *digest = (__be32 *)out; + int i; + + sctx->buffer[partial++] = 0x80; + if (partial > bit_offset) { + memset(sctx->buffer + partial, 0x0, SHA1_BLOCK_SIZE - partial); + partial = 0; + + __sha1_transform(sctx->state, sctx->buffer); + } + + memset(sctx->buffer + partial, 0x0, bit_offset - partial); + *bits = cpu_to_be64(sctx->count << 3); + __sha1_transform(sctx->state, sctx->buffer); + + for (i = 0; i < SHA1_DIGEST_SIZE / sizeof(__be32); i++) + put_unaligned_be32(sctx->state[i], digest++); + + *sctx = (struct sha1_state){}; +} + +void sha1(const u8 *data, unsigned int len, u8 *out) +{ + struct sha1_state sctx = {0}; + + sha1_init(sctx.state); + sctx.count = 0; + sha1_update(&sctx, data, len); + sha1_final(&sctx, out); +} +EXPORT_SYMBOL(sha1); + MODULE_LICENSE("GPL");