From patchwork Sun Jan 14 22:35:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Samuel Ortiz X-Patchwork-Id: 187986 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:693c:2614:b0:101:6a76:bbe3 with SMTP id mm20csp1394223dyc; Sun, 14 Jan 2024 14:37:53 -0800 (PST) X-Google-Smtp-Source: AGHT+IFQD8Gr9vOXFa64tAF2B1MxSNtU+G4/zx0NFN9pz7Qgr+Mzndr3LmXdDNgBAbRMwBEFSwZ6 X-Received: by 2002:a17:906:2341:b0:a2b:a618:7db3 with SMTP id m1-20020a170906234100b00a2ba6187db3mr1998128eja.72.1705271872917; Sun, 14 Jan 2024 14:37:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1705271872; cv=none; d=google.com; s=arc-20160816; b=qG3Wl5cwqYwge78/0mRg+TJZS5DZQiPhbAgLeM8oD8eghPnho7g9XagHnQpaMqfwLo MI0duONQF5ktlVox6VajzDC9MeDkhituVAPZHJtI74Y+PND+PXX0Svdb7z9VyQqdwXdn EZ3hDPXk3br6d6T8ix5Jbl1CA7lojOST/mglpV3OSChbKMRgy/8bQnupEf/hpiH4PkrC zxuA7R4Rn9S3mBsymohUqwACUS3cT0NwWnNu/7yQ3OToZsqdkjJd9SDIiWSoAu2shzh2 cwWZpk/KU6EPrEkgOZmsQBMYZ4pv8DnkoOKDqM2v1cSjXBtXzHhLNZy/jy5DpxNlcwzP rG/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=uyCtxuiA2VvE4Fz+oM8sGxNPZlsi0nRvVQ196H2vya4=; fh=il1A4p8Y2RU7C8awMmLfy7MVoYnl7dsy03dVseJVaq4=; b=lRViZ7zAnIsp8+A5JlO+4ADBF4pUkePhWBJOVF57jp5U9PT29VXzTBDSSVAwT8ke1L HofRel6kH9FtW1BjeqpD4Os5owxXm2aOJxkNDJwvbUXnZZDRq63re3kci/UVtyHD36wY NOhaE/7OKFWdrf9FV17A10aUIOTShrRgfy0AY+w9RanRGOqg7bvhaDciuKSqRhvpqvF6 XBAm5K9up4aagHCiO+RpnAjmcOGG6o69AcjqG8rgr12Qon5gnfQ+atakE9QpaBvv1a70 OVO8kryf2l231liyxbEEFQVELp3T46+rf0IwSiMmPHT84YZJPUVltEDLWwQ51dMcHnqD PGcA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=mkwixnRG; spf=pass (google.com: domain of linux-kernel+bounces-25549-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-25549-ouuuleilei=gmail.com@vger.kernel.org" Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id k3-20020a1709065fc300b00a2d3c29cbdasi1306551ejv.574.2024.01.14.14.37.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Jan 2024 14:37:52 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-25549-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=mkwixnRG; spf=pass (google.com: domain of linux-kernel+bounces-25549-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-25549-ouuuleilei=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 589FA1F21345 for ; Sun, 14 Jan 2024 22:37:52 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 6CEF92C849; Sun, 14 Jan 2024 22:37:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=rivosinc-com.20230601.gappssmtp.com header.i=@rivosinc-com.20230601.gappssmtp.com header.b="mkwixnRG" Received: from mail-wm1-f44.google.com (mail-wm1-f44.google.com [209.85.128.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 143D12C1A7 for ; Sun, 14 Jan 2024 22:37:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=rivosinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=rivosinc.com Received: by mail-wm1-f44.google.com with SMTP id 5b1f17b1804b1-40e779f0273so4070745e9.2 for ; Sun, 14 Jan 2024 14:37:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1705271825; x=1705876625; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=uyCtxuiA2VvE4Fz+oM8sGxNPZlsi0nRvVQ196H2vya4=; b=mkwixnRGHLCyWrXlKaXGOjATqkepOzXWLoRQ5mTi7x6NwWSxAtdWPBZzfjO8MWeEvM wd0QMaxSovlCj/zR5P2pjdW/k7Ww2q2aOXpZhgGNVXY7LBsD58QAGf1kcWsuJBb96VqZ GTuCF7Vul6oMYs7Y5AXgM+JlgtSI8MGScOyise7u992UMXLdM+SXBPOqjZPH8N4VhFvf cBAI5Y00uyuV5uj6JTA9WUAOHu0klcAaK/hJVrq+l/FeVJTVr9EhG8HUhXuwuvUyG2bq L6bmetDvXVrHBmbWYGxvAqesXQUxlQ/beTlzBEJjI+5zB21MynON9tB5/s41yQUkx5yo sFkw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705271825; x=1705876625; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uyCtxuiA2VvE4Fz+oM8sGxNPZlsi0nRvVQ196H2vya4=; b=O4ZRW+RzPtp4WtSAwEVRNiZ3leao+yMIApbbkfG9IpXlN1EkaHvLHsifQToRc72Icd I1b2591ia5JA4PR7ndQmTWgy/v04VTQKUMEd1vx/8XPlvKjjwSVXetF0a88daDEnkmmX RrgfAPt1+FvdKo0qhccTtetGLWDck69HQpjAxeIQyB8p/gy3Uy87SZDnlVUc7om/jEw/ K//FgJYRPBA6hsGPMYzED5I7Ry92+rT/wKEHqHcqWvapf5ugOnWuyJGfZX5aGZndYO3Z ai8l3XesfERpYQA5gPudhctWoE8lA4H/RyZlU5IVgUeor5MD5O/IEmlIYQGuuXo6ByVn E44w== X-Gm-Message-State: AOJu0Yw1Ps+BGrA5MU+MZLl14+ClCbgBAcpfQfixpKK8u5WYsvW2xA7L wej57eYoBHO8oeprIKIn2HOpOwHckr9CnQ== X-Received: by 2002:a1c:7503:0:b0:40e:657c:5c88 with SMTP id o3-20020a1c7503000000b0040e657c5c88mr2367018wmc.28.1705271825364; Sun, 14 Jan 2024 14:37:05 -0800 (PST) Received: from vermeer.ba.rivosinc.com (lfbn-mon-1-1176-165.w90-113.abo.wanadoo.fr. [90.113.119.165]) by smtp.gmail.com with ESMTPSA id v10-20020a5d610a000000b0033719111458sm10158693wrt.36.2024.01.14.14.37.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Jan 2024 14:37:04 -0800 (PST) From: Samuel Ortiz To: Dan Williams Cc: linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org Subject: [RFC PATCH v1 1/4] tsm: Runtime measurement register support Date: Sun, 14 Jan 2024 23:35:27 +0100 Message-ID: <20240114223532.290550-2-sameo@rivosinc.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240114223532.290550-1-sameo@rivosinc.com> References: <20240114223532.290550-1-sameo@rivosinc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1788107159324228284 X-GMAIL-MSGID: 1788107159324228284 Some confidential computing architecture (Intel TDX, ARM-CCA, RISC-V CoVE) provide the TVM (confidential computing guest) with a set of runtime measurement registers (RTMR). TVMs can extend those registers with their measurements at runtime, i.e. after the TVM initial measurements are finalized and the TVM actually runs. RTMRs are separated from the initial measurement registers set, and TSMs typically includes RTMR values into a distinct section of their signed attestion reports. We add support for extending and reading a TSM runtime measurement registers by extending the TSM ops structure with resp. an rtmr_extend() and an rtmr_read() function pointers. TSM providers/backends will implement those ops if they are capable of exposing RTMRs to their TVMs. This capability is now described by a tsm_capabilites structure, passed by the TSM provider to the TSM framework at registration time. TVMs can configure, extend and read RTMRs from the configfs-tsm interface. Signed-off-by: Samuel Ortiz --- drivers/virt/coco/tsm.c | 80 +++++++++++++++++++++++++++++++++++++++++ include/linux/tsm.h | 28 ++++++++++++++- 2 files changed, 107 insertions(+), 1 deletion(-) diff --git a/drivers/virt/coco/tsm.c b/drivers/virt/coco/tsm.c index d1c2db83a8ca..6b71650271fe 100644 --- a/drivers/virt/coco/tsm.c +++ b/drivers/virt/coco/tsm.c @@ -11,6 +11,7 @@ #include #include #include +#include static struct tsm_provider { const struct tsm_ops *ops; @@ -50,6 +51,85 @@ enum tsm_data_select { TSM_CERTS, }; +/** + * DOC: Trusted Security Module (TSM) Runtime Measurement Register (RTMR) Interface + * + * The TSM RTMR interface is a common ABI for allowing TVMs to extend + * and read measurement registers at runtime, i.e. after the TVM initial + * measurement is finalized. TSMs that support such capability will typically + * include all runtime measurement registers values into their signed + * attestation report, providing the TVM post-boot measurements to e.g. remote + * attestation services. + * + * A TVM uses the TSM RTMR configfs ABI to create all runtime measurement + * registers (RTMR) that it needs. Each created RTMR must be configured first + * before being readable and extensible. TVM configures an RTMR by setting its + * index and optionally by mapping it to one or more TCG PCR indexes. + * + * A TSM backend statically declares the number of RTMRs it supports and which + * hash algorithm must be used when extending them. This declaration is done + * through the tsm_capabilities structure, at TSM registration time (see + * tsm_register()). + */ + +/** + * struct tsm_rtmr_state - tracks the state of a TSM RTMR. + * @index: The RTMR hardware index. + * @alg: The hash algorithm used for this RTMR. + * @digest: The RTMR cached digest value. + * @cached_digest: Is the RTMR cached digest valid or not. + * @cfg: The configfs item for this RTMR. + */ +struct tsm_rtmr_state { + u32 index; + enum hash_algo alg; + u8 digest[TSM_DIGEST_MAX]; + bool cached_digest; + struct config_item cfg; +}; + +static bool is_rtmr_configured(struct tsm_rtmr_state *rtmr_state) +{ + return rtmr_state->index != U32_MAX; +} + +/** + * struct tsm_rtmrs_state - tracks the state of all RTMRs for a TSM. + * @rtmrs: The array of all created RTMRs. + * @tcg_map: A mapping between TCG PCR and RTMRs, indexed by PCR indexes. + * Entry `i` on this map points to an RTMR that covers TCG PCR[i] for the TSM + * hash algorithm. + * @group: The configfs group for a TSM RTMRs. + */ +static struct tsm_rtmrs_state { + struct tsm_rtmr_state **rtmrs; + struct tsm_rtmr_state *tcg_map[TPM2_PLATFORM_PCR]; + struct config_group *group; +} *tsm_rtmrs; + +static int tsm_rtmr_read(struct tsm_provider *tsm, u32 idx, + u8 *digest, size_t digest_size) +{ + if (tsm->ops && tsm->ops->rtmr_read) + return tsm->ops->rtmr_read(idx, digest, digest_size); + + return -ENXIO; +} + +static int tsm_rtmr_extend(struct tsm_provider *tsm, u32 idx, + const u8 *digest, size_t digest_size) +{ + if (tsm->ops && tsm->ops->rtmr_extend) + return tsm->ops->rtmr_extend(idx, digest, digest_size); + + return -ENXIO; +} + +static struct tsm_rtmr_state *to_tsm_rtmr_state(struct config_item *cfg) +{ + return container_of(cfg, struct tsm_rtmr_state, cfg); +} + static struct tsm_report *to_tsm_report(struct config_item *cfg) { struct tsm_report_state *state = diff --git a/include/linux/tsm.h b/include/linux/tsm.h index de8324a2223c..e912cd665684 100644 --- a/include/linux/tsm.h +++ b/include/linux/tsm.h @@ -2,11 +2,13 @@ #ifndef __TSM_H #define __TSM_H +#include #include #include #define TSM_INBLOB_MAX 64 #define TSM_OUTBLOB_MAX SZ_32K +#define TSM_DIGEST_MAX SHA512_DIGEST_SIZE /* * Privilege level is a nested permission concept to allow confidential @@ -42,12 +44,33 @@ struct tsm_report { u8 *auxblob; }; +#define TSM_MAX_RTMR 32 + +/** + * struct tsm_capabilities - Describes a TSM capabilities. + * @num_rtmrs: The number of Runtime Measurement Registers (RTMR) available from + * a TSM. + * @rtmr_hash_alg: The hash algorithm used to extend a runtime measurement + * register. + */ +struct tsm_capabilities { + size_t num_rtmrs; + enum hash_algo rtmr_hash_alg; +}; + /** * struct tsm_ops - attributes and operations for tsm instances * @name: tsm id reflected in /sys/kernel/config/tsm/report/$report/provider * @privlevel_floor: convey base privlevel for nested scenarios + * @capabilities: Describe the TSM capabilities, e.g. the number of available + * runtime measurement registers (see `struct tsm_capabilities`). * @report_new: Populate @report with the report blob and auxblob - * (optional), return 0 on successful population, or -errno otherwise + * (optional), return 0 on successful population, or -errno + * otherwise + * @rtmr_extend: Extend an RTMR with the provided digest. + * Return 0 on successful extension, or -errno otherwise. + * @rtmr_read: Reads the value of an RTMR. + * Return the number of bytes read or -errno for errors. * * Implementation specific ops, only one is expected to be registered at * a time i.e. only one of "sev-guest", "tdx-guest", etc. @@ -55,7 +78,10 @@ struct tsm_report { struct tsm_ops { const char *name; const unsigned int privlevel_floor; + const struct tsm_capabilities capabilities; int (*report_new)(struct tsm_report *report, void *data); + int (*rtmr_extend)(u32 idx, const u8 *digest, size_t digest_size); + ssize_t (*rtmr_read)(u32 idx, u8 *digest, size_t digest_size); }; extern const struct config_item_type tsm_report_default_type; From patchwork Sun Jan 14 22:35:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Samuel Ortiz X-Patchwork-Id: 187987 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:693c:2614:b0:101:6a76:bbe3 with SMTP id mm20csp1394264dyc; Sun, 14 Jan 2024 14:38:01 -0800 (PST) X-Google-Smtp-Source: AGHT+IGRvrR2ZzIBoloQBjjoDa/mpw3TBxhOOvj9do7VD6nLxtluys/DonHFA8yT46n5QCTWZXpX X-Received: by 2002:a05:620a:9c1:b0:783:557d:ee83 with SMTP id y1-20020a05620a09c100b00783557dee83mr2811424qky.139.1705271880533; Sun, 14 Jan 2024 14:38:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1705271880; cv=none; d=google.com; s=arc-20160816; b=tQb3l0moIkmYRcOsLNVz62EcTTuVp/ddlY6Y3BDKP7FXqf0WwGaPPMc1PPF5i5NdR4 1/LSLZ3Tx82KY0RWihEk3X9//IG0XNmsVIukNFE3dO6xzIJF5ax4IQ3aCAwZlawLsbih Hztp5mwys56B34xBXJMHGbvBd4TxmWwZ2wbycP9H4ICTzcijuw/TT9nM6ARkERhcA5lp x42lpJp4jOI+v0Gvfhpfk/DE4ERZ0wh9gGOQVhomNKht2XhFVX4IoNdPapT5sZkyR5vS GK53mUb9eWhuucB9NE37i41S4gsZAEXiXHGFabJUgkzzdyzHWob7p2R7y7UC6rRJc1ec TwhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=3ygW96R3bKlZNzEyZDoQ1g52ofKNAtoK5Eb0X+uvffE=; fh=il1A4p8Y2RU7C8awMmLfy7MVoYnl7dsy03dVseJVaq4=; b=DoWBN6pO79UqHghZjJv4bhr5yeqMrj9+zQ/YsypUjj3cm7FCVv0ftbYj7YID/ZOHvH PDnLGKCzc4TNhKwltDrYwXy7gCMAZnaTFm4qrhGTAMp+uwo/Tc1LWt0D7qmCuNof8aMm 9x/d+vVCHGHneNJ0soqfjGHFugZMLn6f8XTGLn2dxTzUxqfms/NYmD5SmaX3Brj1p4I5 PTPxhu7ehIY77l/votCGsc/NEIzOZj6flBTKIlDUCfJ+BILQam0q2j2Omd4mudxb6CNj pRy3xiItEyijWr7VeNRqIQu9KV0HIQfP7V/Qr4WizxcQba7ioYNzvmRQaH+c3lqIOf0n VgOA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=TqQDoBBe; spf=pass (google.com: domain of linux-kernel+bounces-25550-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-25550-ouuuleilei=gmail.com@vger.kernel.org" Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id f16-20020a05620a12f000b0078323d0bf09si7083724qkl.756.2024.01.14.14.38.00 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Jan 2024 14:38:00 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-25550-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=TqQDoBBe; spf=pass (google.com: domain of linux-kernel+bounces-25550-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-25550-ouuuleilei=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 47C2D1C209AE for ; Sun, 14 Jan 2024 22:38:00 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3BD342C85E; Sun, 14 Jan 2024 22:37:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=rivosinc-com.20230601.gappssmtp.com header.i=@rivosinc-com.20230601.gappssmtp.com header.b="TqQDoBBe" Received: from mail-wr1-f42.google.com (mail-wr1-f42.google.com [209.85.221.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3AA3C2C1AE for ; Sun, 14 Jan 2024 22:37:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=rivosinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=rivosinc.com Received: by mail-wr1-f42.google.com with SMTP id ffacd0b85a97d-336dcebcdb9so7621386f8f.1 for ; Sun, 14 Jan 2024 14:37:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1705271826; x=1705876626; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3ygW96R3bKlZNzEyZDoQ1g52ofKNAtoK5Eb0X+uvffE=; b=TqQDoBBe8pRcfNV+XT7fPeFkJj+MAceGtC3qja1KFGZ+yOdaDAGg57kPQAKKskyBt8 SJ5a7XU5dnEcF7sBFr8Jm/9m60TppOZX9n6dYEoPGoEJBWPjbe6D0YP5iCZrfU733S0M ObwFsztD9G3Q5UPWoYZge1ia3m0tQI1qT2GzxFUsg+0a/Dy1qwLwfItT+OLwS7eTILwG 3mObtpNtNmsey0FG9y15KEGayXJMwrkiBlW90EcXZOJvPAnauRSHaHAL2kEVIqchioSp ZQ4VdU0541CsQfcyFzCUjC2Lh9Sb/YfVDIcbaJPLpRHbbPcv/2/D775c6BUYHfrfXC/7 rtQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705271826; x=1705876626; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3ygW96R3bKlZNzEyZDoQ1g52ofKNAtoK5Eb0X+uvffE=; b=epHi5xPqk2raSAHvCB1uT5yhoI2pqRjCdAsjeqA8C/q/7aXIYSeFntGpzvCkmXt9JI RkGEPoj9fmkwS0nFObQnoQ6MVF/oyep0fdZ6nyG+B62jxS/2Cro0tDTRRmah79ZGlq4l VGcnenhytMUpVXTMsHrYxyuJ4v7DvowUWm70dbyWdX6l3vQTYbWE0E4fi3/mLzT+B72q ZuRWPyYEB3gDlEysB6zxmy/ZVQ/eutPZYhe5cLEppStRP/7hcHgbkESv+jTzqRTqdiZb M0Vi2qXovLrkF9w7CoDebmz5QIRG3z2VCs98yKgq709jMYwtjmFCPjZB9SqMi8bq4DuA EUyQ== X-Gm-Message-State: AOJu0YxHc8cZ1QIwBdbFzbIJxVxeiYHh+KUaBiaWJPxXSOW/6PdhFXcy OCYxjN+O0hxQYjCVi7phaGvp0syvKZiI4AaSV2muHmShja8= X-Received: by 2002:adf:e712:0:b0:337:eec:62e3 with SMTP id c18-20020adfe712000000b003370eec62e3mr1281529wrm.17.1705271826443; Sun, 14 Jan 2024 14:37:06 -0800 (PST) Received: from vermeer.ba.rivosinc.com (lfbn-mon-1-1176-165.w90-113.abo.wanadoo.fr. [90.113.119.165]) by smtp.gmail.com with ESMTPSA id v10-20020a5d610a000000b0033719111458sm10158693wrt.36.2024.01.14.14.37.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Jan 2024 14:37:05 -0800 (PST) From: Samuel Ortiz To: Dan Williams Cc: linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org Subject: [RFC PATCH v1 2/4] tsm: Add RTMRs to the configfs-tsm hierarchy Date: Sun, 14 Jan 2024 23:35:28 +0100 Message-ID: <20240114223532.290550-3-sameo@rivosinc.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240114223532.290550-1-sameo@rivosinc.com> References: <20240114223532.290550-1-sameo@rivosinc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1788107167309951916 X-GMAIL-MSGID: 1788107167309951916 RTMRs are defined and managed by their corresponding TSM provider. As such, they can be configured through the TSM configfs root. An additional `rtmrs` directory is added by default under the `tsm` one, where each supported RTMR can be configured: mkdir /sys/kernel/config/tsm/rtmrs/rtmr0 echo 0 > /sys/kernel/config/tsm/rtmrs/rtmr0/index An RTMR can not be extended nor read before its configured by assigning it an index. It is the TSM backend responsibility and choice to map that index to a hardware RTMR. Signed-off-by: Samuel Ortiz --- drivers/virt/coco/tsm.c | 164 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 164 insertions(+) diff --git a/drivers/virt/coco/tsm.c b/drivers/virt/coco/tsm.c index 6b71650271fe..15b67d99fd54 100644 --- a/drivers/virt/coco/tsm.c +++ b/drivers/virt/coco/tsm.c @@ -419,6 +419,108 @@ static const struct config_item_type tsm_reports_type = { .ct_group_ops = &tsm_report_group_ops, }; +static ssize_t tsm_rtmr_index_store(struct config_item *cfg, + const char *buf, size_t len) +{ + struct tsm_rtmr_state *rtmr_state = to_tsm_rtmr_state(cfg); + const struct tsm_ops *ops; + unsigned int val; + int rc; + + rc = kstrtouint(buf, 0, &val); + if (rc) + return rc; + + guard(rwsem_write)(&tsm_rwsem); + + /* Index can only be configured once */ + if (is_rtmr_configured(rtmr_state)) + return -EBUSY; + + /* Check that index stays within the TSM provided capabilities */ + ops = provider.ops; + if (!ops) + return -ENOTTY; + + if (val > ops->capabilities.num_rtmrs - 1) + return -EINVAL; + + /* Check that this index is available */ + if (tsm_rtmrs->rtmrs[val]) + return -EINVAL; + + rtmr_state->index = val; + rtmr_state->alg = ops->capabilities.rtmr_hash_alg; + + tsm_rtmrs->rtmrs[val] = rtmr_state; + + return len; +} + +static ssize_t tsm_rtmr_index_show(struct config_item *cfg, + char *buf) +{ + struct tsm_rtmr_state *rtmr_state = to_tsm_rtmr_state(cfg); + + guard(rwsem_read)(&tsm_rwsem); + + /* An RTMR is not available if it has not been configured */ + if (!is_rtmr_configured(rtmr_state)) + return -ENXIO; + + return sysfs_emit(buf, "%u\n", rtmr_state->index); +} +CONFIGFS_ATTR(tsm_rtmr_, index); + +static struct configfs_attribute *tsm_rtmr_attrs[] = { + &tsm_rtmr_attr_index, + NULL, +}; + +static void tsm_rtmr_item_release(struct config_item *cfg) +{ + struct tsm_rtmr_state *state = to_tsm_rtmr_state(cfg); + + kfree(state); +} + +static struct configfs_item_operations tsm_rtmr_item_ops = { + .release = tsm_rtmr_item_release, +}; + +const struct config_item_type tsm_rtmr_type = { + .ct_owner = THIS_MODULE, + .ct_attrs = tsm_rtmr_attrs, + .ct_item_ops = &tsm_rtmr_item_ops, +}; + +static struct config_item *tsm_rtmrs_make_item(struct config_group *group, + const char *name) +{ + struct tsm_rtmr_state *state; + + guard(rwsem_read)(&tsm_rwsem); + if (!(provider.ops && (provider.ops->capabilities.num_rtmrs > 0))) + return ERR_PTR(-ENXIO); + + state = kzalloc(sizeof(*state), GFP_KERNEL); + if (!state) + return ERR_PTR(-ENOMEM); + state->index = U32_MAX; + + config_item_init_type_name(&state->cfg, name, &tsm_rtmr_type); + return &state->cfg; +} + +static struct configfs_group_operations tsm_rtmrs_group_ops = { + .make_item = tsm_rtmrs_make_item, +}; + +static const struct config_item_type tsm_rtmrs_type = { + .ct_owner = THIS_MODULE, + .ct_group_ops = &tsm_rtmrs_group_ops, +}; + static const struct config_item_type tsm_root_group_type = { .ct_owner = THIS_MODULE, }; @@ -433,10 +535,48 @@ static struct configfs_subsystem tsm_configfs = { .su_mutex = __MUTEX_INITIALIZER(tsm_configfs.su_mutex), }; +static int tsm_rtmr_register(const struct tsm_ops *ops) +{ + struct config_group *rtmrs_group; + + lockdep_assert_held_write(&tsm_rwsem); + + if (!ops || !ops->capabilities.num_rtmrs) + return 0; + + if (ops->capabilities.num_rtmrs > TSM_MAX_RTMR) + return -EINVAL; + + tsm_rtmrs = kzalloc(sizeof(struct tsm_rtmrs_state), GFP_KERNEL); + if (!tsm_rtmrs) + return -ENOMEM; + + tsm_rtmrs->rtmrs = kcalloc(ops->capabilities.num_rtmrs, + sizeof(struct tsm_rtmr_state *), + GFP_KERNEL); + if (!tsm_rtmrs->rtmrs) { + kfree(tsm_rtmrs); + return -ENOMEM; + } + + rtmrs_group = configfs_register_default_group(&tsm_configfs.su_group, "rtmrs", + &tsm_rtmrs_type); + if (IS_ERR(rtmrs_group)) { + kfree(tsm_rtmrs->rtmrs); + kfree(tsm_rtmrs); + return PTR_ERR(rtmrs_group); + } + + tsm_rtmrs->group = rtmrs_group; + + return 0; +} + int tsm_register(const struct tsm_ops *ops, void *priv, const struct config_item_type *type) { const struct tsm_ops *conflict; + int rc; if (!type) type = &tsm_report_default_type; @@ -450,6 +590,10 @@ int tsm_register(const struct tsm_ops *ops, void *priv, return -EBUSY; } + rc = tsm_rtmr_register(ops); + if (rc < 0) + return rc; + provider.ops = ops; provider.data = priv; provider.type = type; @@ -457,11 +601,31 @@ int tsm_register(const struct tsm_ops *ops, void *priv, } EXPORT_SYMBOL_GPL(tsm_register); +static int tsm_rtmr_unregister(const struct tsm_ops *ops) +{ + lockdep_assert_held_write(&tsm_rwsem); + + if ((ops) && (ops->capabilities.num_rtmrs > 0)) { + configfs_unregister_default_group(tsm_rtmrs->group); + kfree(tsm_rtmrs->rtmrs); + kfree(tsm_rtmrs); + } + + return 0; +} + int tsm_unregister(const struct tsm_ops *ops) { + int rc; + guard(rwsem_write)(&tsm_rwsem); if (ops != provider.ops) return -EBUSY; + + rc = tsm_rtmr_unregister(ops); + if (rc < 0) + return rc; + provider.ops = NULL; provider.data = NULL; provider.type = NULL; From patchwork Sun Jan 14 22:35:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Samuel Ortiz X-Patchwork-Id: 187988 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:693c:2614:b0:101:6a76:bbe3 with SMTP id mm20csp1394337dyc; Sun, 14 Jan 2024 14:38:16 -0800 (PST) X-Google-Smtp-Source: AGHT+IEtu4dFmqIB7wZR3stuP7FaweX5FBJpdZVoHdFKJad/NJ0QuNGNlGS3zoVI0upG6atsnZMB X-Received: by 2002:a17:90b:b17:b0:28e:1e7a:3884 with SMTP id bf23-20020a17090b0b1700b0028e1e7a3884mr876266pjb.47.1705271896318; Sun, 14 Jan 2024 14:38:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1705271896; cv=none; d=google.com; s=arc-20160816; b=0y/6Duv7FV1gS6f6gWlb83vBaPCU0rDpxDpkQ1OeXvJyGhlwv4zizcaXtfgXpQ3l4q L74QwW3enu1n0nXQJjyMS5H9b1uOSRP2r7VucKWH3EePB1D7ST6VjjRluJpxr+4ipcdV YnmeE+0gzjgheFnpewgrCOcO2RwsZDcJFtnz1vDbgiomUWtEJZrS1S8LdxRg9z1hXC0O Q1Mej8BStAZkmnSd4gxwLxYRcpXs7C6x7ix8Que1/I2z8BCO7WGa1+8JB6P3UWrokVfP //MkmYNzdskdu+7ErW7mApAeJXmYPp6h3vxcjYYPNZNHpAfhZ3eNGkRzbNPx9nEi7nNx hoMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=AlF8fFJ5lqdqj/4fKpFf4I4E1M06YT+qzoTwfOt/slo=; fh=il1A4p8Y2RU7C8awMmLfy7MVoYnl7dsy03dVseJVaq4=; b=U5djmKdj63r4RrAXzjS+yeumUTbOIYxwpKFDMDlLxX3avFBtA0whNg8MM26adACgjv fZVQs4dCRdlAg0fgvulrlmBKU8B+u+I5ebDDRA4TzviXGbxlvr3fJMkMI8NzIYillGfw T0hE7fyio40P5rAfMKfxEPWEI7nAxrNtBID9cfxqTYP/dS00H8PHSjUYcY3NNxA8smqP icKkOWABaqyf74/cVX7xfjBDQWwhHNhOpSOkGamqNPsVdm5t8O1OTA/O1Y1nBmQcIzkG KpMbrDBrAFbbGRFbAg6wL/OG6r8Dcyk0TSvmws6VKjnogUhhyV4p9H291X0ryySxbuE8 peTA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=J8+lkapW; spf=pass (google.com: domain of linux-kernel+bounces-25551-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-25551-ouuuleilei=gmail.com@vger.kernel.org" Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id y13-20020a170902b48d00b001d43cfe9773si7472286plr.651.2024.01.14.14.38.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Jan 2024 14:38:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-25551-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=J8+lkapW; spf=pass (google.com: domain of linux-kernel+bounces-25551-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-25551-ouuuleilei=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 1CFB82817FE for ; Sun, 14 Jan 2024 22:38:16 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DB9E12CCBA; Sun, 14 Jan 2024 22:37:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=rivosinc-com.20230601.gappssmtp.com header.i=@rivosinc-com.20230601.gappssmtp.com header.b="J8+lkapW" Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3197E2C682 for ; Sun, 14 Jan 2024 22:37:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=rivosinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=rivosinc.com Received: by mail-wr1-f53.google.com with SMTP id ffacd0b85a97d-3367632ce7bso5695599f8f.2 for ; Sun, 14 Jan 2024 14:37:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1705271827; x=1705876627; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=AlF8fFJ5lqdqj/4fKpFf4I4E1M06YT+qzoTwfOt/slo=; b=J8+lkapWekTAcxtfCxtP6RM4Z8kiqfJTUngq37Lq6x65t/ST+LSTl8ej63ZKxqXG+w 66KbRZqEWy9VqRUWvOYGa8emEa7N4tXqGhiEI/6B3qeADBBD8XO3M7W/TjRNv1uLMLUC iyzvXq7NPxIDkQwPZzHlu87KT2yqWrmmDisW0j2PWytDe1qn/FANWeUGo3HXUTDb1pMv DUgIr9zSQv66zmO2n8pn1dqoj72ZSqePSPz40CjN908C5b204f3SYhgwvxWDjzU8/8ZN 0e9X7G8rCLgvR11omgtFHg6wL4OUC421jeeMjUQY5LMq03vCfVr5smYTVhZIHu/RZDqo +T/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705271827; x=1705876627; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AlF8fFJ5lqdqj/4fKpFf4I4E1M06YT+qzoTwfOt/slo=; b=cGVUN5k7rW3hUA7169KYzc4t2Gzwjr9B1hqnR8OnV4f5coB7T96TdjgHogQS5KyXIR U/hFsnD3A1bwjIr0M6Iu2rlLCdkVw4YrPF9XEg8w3AUj78PmXH5Pgml+RBE4QE3MwUu7 72lYArlG64FWpdqm9i8kjpwlIamj63omGZH+7p+KjSPvhOgNIq6BRQPuiFeJhizfwoXT 9ARVh5A8d5PuwEujTemFPok4zwNw6vLRu7xGOaBLRRkUvQ13jSIFrkwgSDo31CBSB1MP 9bCLvKvDu6N75tCLExsw+DQirvc8kbzHKPYEw6Lpnxtv5hhdFZpDbcJ3Owyn0kI9+3SR 0gug== X-Gm-Message-State: AOJu0Yz09s5aj8vsAaHvnPlnWFw3Q9V+7qOC9jUbDYnKdGiCJZAsHW2p N+fA78rOnjemYYOHCDBb2o7X13oheEO34A== X-Received: by 2002:adf:a18b:0:b0:337:5588:801f with SMTP id u11-20020adfa18b000000b003375588801fmr2716111wru.57.1705271827555; Sun, 14 Jan 2024 14:37:07 -0800 (PST) Received: from vermeer.ba.rivosinc.com (lfbn-mon-1-1176-165.w90-113.abo.wanadoo.fr. [90.113.119.165]) by smtp.gmail.com with ESMTPSA id v10-20020a5d610a000000b0033719111458sm10158693wrt.36.2024.01.14.14.37.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Jan 2024 14:37:06 -0800 (PST) From: Samuel Ortiz To: Dan Williams Cc: linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org Subject: [RFC PATCH v1 3/4] tsm: Allow for mapping RTMRs to TCG TPM PCRs Date: Sun, 14 Jan 2024 23:35:29 +0100 Message-ID: <20240114223532.290550-4-sameo@rivosinc.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240114223532.290550-1-sameo@rivosinc.com> References: <20240114223532.290550-1-sameo@rivosinc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1788107184190559987 X-GMAIL-MSGID: 1788107184190559987 Many user space and internal kernel subsystems (e.g. the Linux IMA) expect a Root of Trust for Storage (RTS) that allows for extending and reading measurement registers that are compatible with the TCG TPM PCRs layout, e.g. a TPM. In order to allow those components to alternatively use a platform TSM as their RTS, a TVM could map the available RTMRs to one or more TCG TPM PCRs. Once configured, those PCR to RTMR mappings give the kernel TSM layer all the necessary information to be a RTS for e.g. the Linux IMA or any other components that expects a TCG compliant TPM PCRs layout. TPM PCR mappings are configured through configfs: // Create and configure 2 RTMRs mkdir /sys/kernel/config/tsm/rtmrs/rtmr0 mkdir /sys/kernel/config/tsm/rtmrs/rtmr1 echo 0 > /sys/kernel/config/tsm/rtmrs/rtmr0/index echo 1 > /sys/kernel/config/tsm/rtmrs/rtmr1/index // Map RTMR 0 to PCRs 4, 5, 6, 7 and 8 echo 4-8 > /sys/kernel/config/tsm/rtmrs/rtmr0/tcg_map // Map RTMR 1 to PCRs 16, 17 and 18 echo 16-18 > /sys/kernel/config/tsm/rtmrs/rtmr1/tcg_map Signed-off-by: Samuel Ortiz --- drivers/virt/coco/tsm.c | 60 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/drivers/virt/coco/tsm.c b/drivers/virt/coco/tsm.c index 15b67d99fd54..f35f91cb7bd3 100644 --- a/drivers/virt/coco/tsm.c +++ b/drivers/virt/coco/tsm.c @@ -472,8 +472,68 @@ static ssize_t tsm_rtmr_index_show(struct config_item *cfg, } CONFIGFS_ATTR(tsm_rtmr_, index); +static ssize_t tsm_rtmr_tcg_map_store(struct config_item *cfg, + const char *buf, size_t len) +{ + struct tsm_rtmr_state *rtmr_state = to_tsm_rtmr_state(cfg); + int i, pcrs[TPM2_PLATFORM_PCR + 1]; + + get_options(buf, ARRAY_SIZE(pcrs), pcrs); + + if (pcrs[0] > TPM2_PLATFORM_PCR - 1) + return -EINVAL; + + guard(rwsem_write)(&tsm_rwsem); + /* Check that the PCR list is valid */ + for (i = 0; i < pcrs[0]; i++) { + /* It must be a valid TPM2 PCR number */ + if (pcrs[i] > TPM2_PLATFORM_PCR - 1) + return -EINVAL; + + /* If another RTMR maps to this PCR, the list is discarded */ + if (tsm_rtmrs->tcg_map[pcrs[i + 1]] && + tsm_rtmrs->tcg_map[pcrs[i + 1]] != rtmr_state) + return -EBUSY; + } + + for (i = 0; i < pcrs[0]; i++) + tsm_rtmrs->tcg_map[pcrs[i + 1]] = rtmr_state; + + return len; +} + +static ssize_t tsm_rtmr_tcg_map_show(struct config_item *cfg, + char *buf) +{ + struct tsm_rtmr_state *rtmr_state = to_tsm_rtmr_state(cfg); + unsigned int nr_pcrs = ARRAY_SIZE(tsm_rtmrs->tcg_map), i; + unsigned long *pcr_mask; + ssize_t len; + + /* Build a bitmap mask of all PCRs that this RTMR covers */ + pcr_mask = bitmap_zalloc(nr_pcrs, GFP_KERNEL); + if (!pcr_mask) + return -ENOMEM; + + guard(rwsem_read)(&tsm_rwsem); + for (i = 0; i < nr_pcrs; i++) { + if (tsm_rtmrs->tcg_map[i] != rtmr_state) + continue; + + __set_bit(i, pcr_mask); + } + + len = bitmap_print_list_to_buf(buf, pcr_mask, nr_pcrs, 0, + nr_pcrs * 3 /* 2 ASCII digits and one comma */); + bitmap_free(pcr_mask); + + return len; +} +CONFIGFS_ATTR(tsm_rtmr_, tcg_map); + static struct configfs_attribute *tsm_rtmr_attrs[] = { &tsm_rtmr_attr_index, + &tsm_rtmr_attr_tcg_map, NULL, }; From patchwork Sun Jan 14 22:35:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Samuel Ortiz X-Patchwork-Id: 187989 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:693c:2614:b0:101:6a76:bbe3 with SMTP id mm20csp1394353dyc; Sun, 14 Jan 2024 14:38:23 -0800 (PST) X-Google-Smtp-Source: AGHT+IFDFFPte7C/xiEtJXiCrNyxCTjmgYdtuw/zEMkJRMLog6XMwKgfakutZE/qilC2HE3iCsoe X-Received: by 2002:a05:622a:148e:b0:429:bc09:c11f with SMTP id t14-20020a05622a148e00b00429bc09c11fmr7821475qtx.42.1705271902792; Sun, 14 Jan 2024 14:38:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1705271902; cv=none; d=google.com; s=arc-20160816; b=XpIBAwq/Wi74k2taxcj3rZV8iXmUhA9V43TKMmaRziWGYBUBtjOLFSwWpP8MssKcMW h+ILHrzIs1+7XylHzqoRhdyKiLAZ/WUcDs+lTPv0MFGuKbyayCgh41Z452nyF034AbDS boUuK7ymv81v1VYrjO2A3uB/ZfDGDVLLZ9bOC5sQfnbNtTLkY6CRtwzKJy5t3dGgcYbQ PcZAAEQMQztk1LzA3HpCff/tLW47f0Pk1w+P8DLyZq6HW2N8lcyBzV+LGQjl71qp3nUT tVpbujY7qekRMyOLozNduPbsVypPnTWFJh2qxWZet+Ajmc6eIp4oDZg03EDExZFgVHZw hOvw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=DErvdxXifc4ZYsfHy2kccc+/fn6lt3VcVEp4cbBEhRg=; fh=il1A4p8Y2RU7C8awMmLfy7MVoYnl7dsy03dVseJVaq4=; b=vXdSX9vfFtgQk7L05/IvpsfbmgrDUeYMtBeEsD8JmmuQnxMGhc7NNKFsqKKNe+UZ5L EgPbpCTE9vPeqCpGNHLAZNU4+XK2LHBc2p0BrfXb6ZH2Tkm+i4wfQcafOipF5ZGJM9Oz 8gBUQJw2cg0/Jp/nytSfCRZ7Fzv4lZ80U7v3QQziu0v0H5V5M/v0n4m3fyxrpfCqoxYf mwagYfEKggTqPK1Wq0kZ8E+0lI3cMf+ghFSBDoaUsDLaLitNLXKUnm6qLZD4OySSTv+b s5CDyfZ03LpR2GoVNT7X120PDYRYkZFmTyJ7Ukpg1Wh+P3GK1rPBGHJjOMjp6fwnSENj 4HRw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=zZ4jhtvz; spf=pass (google.com: domain of linux-kernel+bounces-25552-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-25552-ouuuleilei=gmail.com@vger.kernel.org" Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id i10-20020ac85c0a000000b00429a6f45c2esi7097994qti.598.2024.01.14.14.38.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Jan 2024 14:38:22 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-25552-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=zZ4jhtvz; spf=pass (google.com: domain of linux-kernel+bounces-25552-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-25552-ouuuleilei=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 6FDBB1C2093C for ; Sun, 14 Jan 2024 22:38:22 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BF6722CCDA; Sun, 14 Jan 2024 22:37:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=rivosinc-com.20230601.gappssmtp.com header.i=@rivosinc-com.20230601.gappssmtp.com header.b="zZ4jhtvz" Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4947A2C697 for ; Sun, 14 Jan 2024 22:37:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=rivosinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=rivosinc.com Received: by mail-wr1-f49.google.com with SMTP id ffacd0b85a97d-337984681bcso1917258f8f.1 for ; Sun, 14 Jan 2024 14:37:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1705271828; x=1705876628; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=DErvdxXifc4ZYsfHy2kccc+/fn6lt3VcVEp4cbBEhRg=; b=zZ4jhtvzhNCKlkyxx8t8iRqGJ378iofJI+ASlsvf9Y3+M0EP6odj2/ksAV0FVWpwfn rjE8Gx3HFRdrKXL/GMazNzJbI/SA24316ow2G1l+Z9m+KyUksIhNO4yQhRm+PLxDNvNA 0no8Co05G9qau8g/ASairON86N+q1zrJEQC8CL8IzM7wCq1gXGWzZCs0c+bIBrJeyB4m Bcd8XEmCK2oWnyJ8JuGor/7qQI/KbYzZ/0eBqyrQVaERf1ifPDZwLNpdAyb3oD05ULXN FxQOP7NolSFbhm+umZClZ4MRtQWXH3ybTSrOHVh8Lommzq/kLxQHcO0nL/AjHfo7kI1D ianA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705271828; x=1705876628; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DErvdxXifc4ZYsfHy2kccc+/fn6lt3VcVEp4cbBEhRg=; b=bNgTiXtHPqu24A/GWGWXWAkik9tulyouBChE50BertBnUCugJ/UL6Lu6za0SF2bGg/ qtJROoZ3xpz8TZc9PJEp8Hx1mmpm8g+DepZYz6yo/4l/GuEVaZ8enP4fI8jiU4D6EUyQ yeWZM3lUIygxzK+0WZMrw4SRCKcKh4Coqqie+2atObfMZQRMjwSpfLaS19Cscn2eP6tK i8LB8e6VUGrkEuQZ+NG3uAldiZ0CeTk8xhv++94Zru9HGq+iDIv0k+Ln2f72gz4UThTL 8eSFxlFd+phCjpGNiVGJY78TSeahwIp2Z6APpyODvq7+ObNWgEG/pr9jrp6GU55tkNdA Sduw== X-Gm-Message-State: AOJu0YwU4bq3LhBeF3e8F1wBSUwAXbgBrXZlcrDs6dnscVXQki+5YuDj AeArzPKqRR+Q0RI9hVRwXbkJObaUkZUrHlkMd60X1HidnWg= X-Received: by 2002:adf:fe89:0:b0:337:9343:2869 with SMTP id l9-20020adffe89000000b0033793432869mr1912838wrr.59.1705271828657; Sun, 14 Jan 2024 14:37:08 -0800 (PST) Received: from vermeer.ba.rivosinc.com (lfbn-mon-1-1176-165.w90-113.abo.wanadoo.fr. [90.113.119.165]) by smtp.gmail.com with ESMTPSA id v10-20020a5d610a000000b0033719111458sm10158693wrt.36.2024.01.14.14.37.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Jan 2024 14:37:07 -0800 (PST) From: Samuel Ortiz To: Dan Williams Cc: linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org Subject: [RFC PATCH v1 4/4] tsm: Allow for extending and reading configured RTMRs Date: Sun, 14 Jan 2024 23:35:30 +0100 Message-ID: <20240114223532.290550-5-sameo@rivosinc.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240114223532.290550-1-sameo@rivosinc.com> References: <20240114223532.290550-1-sameo@rivosinc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1788107191146673308 X-GMAIL-MSGID: 1788107191146673308 The whole purpose of TSM supported RTMRs is for userspace to extend them with runtime measurements and to read them back. This can be done through a binary configfs attribute for each RTMR: rtmr0=/sys/kernel/config/tsm/rtmrs/rtmr0 mkdir $rtmr0 echo 0 > $rtmr0/index dd if=software_layer_digest > $rtmr0/digest hexdump $rtmr0/digest An RTMR digest can not be extended or read before the RTMR is configured by assigning it an index. Signed-off-by: Samuel Ortiz --- drivers/virt/coco/Kconfig | 1 + drivers/virt/coco/tsm.c | 58 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) diff --git a/drivers/virt/coco/Kconfig b/drivers/virt/coco/Kconfig index 87d142c1f932..5d924bae1ed8 100644 --- a/drivers/virt/coco/Kconfig +++ b/drivers/virt/coco/Kconfig @@ -5,6 +5,7 @@ config TSM_REPORTS select CONFIGFS_FS + select CRYPTO_HASH_INFO tristate source "drivers/virt/coco/efi_secret/Kconfig" diff --git a/drivers/virt/coco/tsm.c b/drivers/virt/coco/tsm.c index f35f91cb7bd3..16fceed4bdb9 100644 --- a/drivers/virt/coco/tsm.c +++ b/drivers/virt/coco/tsm.c @@ -537,6 +537,63 @@ static struct configfs_attribute *tsm_rtmr_attrs[] = { NULL, }; +static ssize_t tsm_rtmr_digest_read(struct config_item *cfg, void *buf, + size_t count) +{ + struct tsm_rtmr_state *rtmr_state = to_tsm_rtmr_state(cfg); + int rc, digest_size = hash_digest_size[rtmr_state->alg]; + + /* configfs is asking for the digest size */ + if (!buf) + return digest_size; + + if (!is_rtmr_configured(rtmr_state)) + return -ENXIO; + + if (count > TSM_DIGEST_MAX || count < digest_size) + return -EINVAL; + + /* Read from the cached digest */ + if (rtmr_state->cached_digest) { + memcpy(buf, rtmr_state->digest, count); + return digest_size; + } + + /* Slow path, this RTMR got extended */ + guard(rwsem_write)(&tsm_rwsem); + rc = tsm_rtmr_read(&provider, rtmr_state->index, buf, count); + if (rc < 0) + return rc; + + /* Update the cached digest */ + memcpy(rtmr_state->digest, buf, count); + rtmr_state->cached_digest = true; + + return rc; +} + +static ssize_t tsm_rtmr_digest_write(struct config_item *cfg, + const void *buf, size_t count) +{ + struct tsm_rtmr_state *rtmr_state = to_tsm_rtmr_state(cfg); + + if (!is_rtmr_configured(rtmr_state)) + return -ENXIO; + + if (count > TSM_DIGEST_MAX || count < hash_digest_size[rtmr_state->alg]) + return -EINVAL; + + guard(rwsem_write)(&tsm_rwsem); + rtmr_state->cached_digest = false; + return tsm_rtmr_extend(&provider, rtmr_state->index, buf, count); +} +CONFIGFS_BIN_ATTR(tsm_rtmr_, digest, NULL, TSM_DIGEST_MAX); + +static struct configfs_bin_attribute *tsm_rtmr_bin_attrs[] = { + &tsm_rtmr_attr_digest, + NULL, +}; + static void tsm_rtmr_item_release(struct config_item *cfg) { struct tsm_rtmr_state *state = to_tsm_rtmr_state(cfg); @@ -550,6 +607,7 @@ static struct configfs_item_operations tsm_rtmr_item_ops = { const struct config_item_type tsm_rtmr_type = { .ct_owner = THIS_MODULE, + .ct_bin_attrs = tsm_rtmr_bin_attrs, .ct_attrs = tsm_rtmr_attrs, .ct_item_ops = &tsm_rtmr_item_ops, };