From 7007d18e360c728250465024ad3df429a537a11c Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Mon, 1 Aug 2022 15:13:21 -0400 Subject: [PATCH 1/7] - Addition of nvmutil (nvm) from osboot project to play with gbe (Thanks @githubisnonfree!) - Addition of ifdtool from coreboot project to extract gbe - As of now, its implemented in a hacky way: - ifdtool dir is copied over ifdtool_cross at coreboot's module configure step - then initrd packing step checks for CONFIG_NVMUTIL and builds and pack ifdtool_cross/ifdtool - As a result, what is build under build/coreboot/$BOARD is coreboot's real, where build/coreboot/ content follows Makefile rules - CONFIG_NVMUTIL in board config adds both ifdtool_cross/ifdtool and nvmutil into initrd - Added CONFIG_NVMUTIL to all hotp-maximized boards (to test for size changes) Manually tested (working!): - backup rom from: `flashrom -p internal -r /tmp/backup.rom` - go to that dir: `cd /tmp` - extract gbe from ifdtool on backup.rom: `ifdtool -x backup.rom` - source shell functions: `. /etc/functions` - show current PHY mac address: `nvm showmac flashregion_3_gbe.bin` - generate mac address from sourced shell functions: `newmac=$(generate_random_mac_address)` - show new mac: `echo $newmac` - change mac from nvmtool on extracted gbe: `nvm flashregion_3_gbe.bin setmac $newmac` - insert modified gbe into backup.rom.new with ifdtool: `ifdtool -i gbe:flashregion_3_gbe.bin backup.rom` - flash back modified gbe only through flashrom: `flashrom -p internal --ifd -i gbe -w backup.rom.new` Signed-off-by: Thierry Laurion --- Makefile | 31 ++++++++++++------- .../UNTESTED_t520-hotp-maximized.config | 1 + .../UNTESTED_t530-dgpu-hotp-maximized.config | 1 + ...TED_w530-dgpu-K1000m-hotp-maximized.config | 1 + ...TED_w530-dgpu-K2000m-hotp-maximized.config | 1 + boards/nitropad-ns50/nitropad-ns50.config | 1 + boards/nitropad-nv41/nitropad-nv41.config | 1 + .../qemu-coreboot-fbwhiptail-tpm1-hotp.config | 1 + .../qemu-coreboot-fbwhiptail-tpm1.config | 1 + .../qemu-coreboot-fbwhiptail-tpm2-hotp.config | 1 + .../qemu-coreboot-fbwhiptail-tpm2.config | 1 + .../qemu-coreboot-whiptail-tpm1-hotp.config | 1 + .../qemu-coreboot-whiptail-tpm1.config | 1 + .../qemu-coreboot-whiptail-tpm2-hotp.config | 1 + .../qemu-coreboot-whiptail-tpm2.config | 1 + .../t420-hotp-maximized.config | 1 + .../t430-hotp-maximized.config | 1 + .../w530-hotp-maximized.config | 1 + .../x220-hotp-maximized.config | 1 + .../x230-hotp-maximized.config | 1 + .../x230-hotp-maximized_usb-kb.config | 1 + modules/coreboot | 1 + modules/nvmutil | 21 +++++++++++++ 23 files changed, 62 insertions(+), 11 deletions(-) create mode 100644 modules/nvmutil diff --git a/Makefile b/Makefile index 6c8bf9626..f99cac1ec 100644 --- a/Makefile +++ b/Makefile @@ -358,19 +358,19 @@ define define_module = echo -n '$($1_repo)|$($1_commit_hash)' > "$$@"; \ fi if [ ! -e "$(build)/$($1_base_dir)/.patched" ]; then \ - if [ -r patches/$($1_patch_name).patch ]; then \ + if [ -r patches/$($1_patch_name).patch ]; then \ ( git apply --verbose --reject --binary --directory build/$(CONFIG_TARGET_ARCH)/$($1_base_dir) ) \ - < patches/$($1_patch_name).patch \ - || exit 1 ; \ + < patches/$($1_patch_name).patch \ + || exit 1 ; \ fi && \ - if [ -d patches/$($1_patch_name) ] && \ - [ -r patches/$($1_patch_name) ] ; then \ - for patch in patches/$($1_patch_name)/*.patch ; do \ - echo "Applying patch file : $$$$patch " ; \ + if [ -d patches/$($1_patch_name) ] && \ + [ -r patches/$($1_patch_name) ] ; then \ + for patch in patches/$($1_patch_name)/*.patch ; do \ + echo "Applying patch file : $$$$patch " ; \ ( git apply --verbose --reject --binary --directory build/$(CONFIG_TARGET_ARCH)/$($1_base_dir) ) \ - < $$$$patch \ - || exit 1 ; \ - done ; \ + < $$$$patch \ + || exit 1 ; \ + done ; \ fi && \ touch "$(build)/$($1_base_dir)/.patched"; \ fi @@ -573,6 +573,7 @@ bin_modules-$(CONFIG_ZSTD) += zstd bin_modules-$(CONFIG_E2FSPROGS) += e2fsprogs bin_modules-$(CONFIG_EXFATPROGS) += exfatprogs bin_modules-$(CONFIG_IOTOOLS) += iotools +bin_modules-$(CONFIG_NVMUTIL) += nvmutil $(foreach m, $(bin_modules-y), \ $(call map,initrd_bin_add,$(call bins,$m)) \ @@ -584,7 +585,7 @@ $(foreach m, $(modules-y), \ ) # -# hack to build cbmem from coreboot +# hack to build cbmem and ifdtool from coreboot # this must be built *AFTER* musl, but since coreboot depends on other things # that depend on musl it should be ok. # @@ -593,11 +594,19 @@ ifeq ($(CONFIG_COREBOOT),y) $(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/cbmem/cbmem)) #$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/superiotool/superiotool)) #$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/inteltool/inteltool)) +ifeq ($(CONFIG_NVMUTIL),y) +#NVMUTIL(nvm) is applied on ifdtool extracted gbe.bin from a flashrom backup under Heads. +# We consequently need ifdtool packed under initrd with cross-compiler +# coreboot module copied ifdtool into ifdtool_cross at configure step +# so that coreboot builds its own and we ask one to be cross-build and packed here +$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/ifdtool_cross/ifdtool)) +endif endif $(COREBOOT_UTIL_DIR)/cbmem/cbmem \ $(COREBOOT_UTIL_DIR)/superiotool/superiotool \ $(COREBOOT_UTIL_DIR)/inteltool/inteltool \ +$(COREBOOT_UTIL_DIR)/ifdtool_cross/ifdtool \ : $(build)/$(coreboot_base_dir)/.canary musl-cross +$(call do,MAKE,$(notdir $@),\ $(MAKE) -C "$(dir $@)" $(CROSS_TOOLS) \ diff --git a/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config b/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config index f9061c242..2251f25f2 100644 --- a/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config +++ b/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config @@ -18,6 +18,7 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config b/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config index 0eb5f2a21..27d9bba03 100644 --- a/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config +++ b/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config @@ -21,6 +21,7 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config b/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config index b8add6500..7895773f7 100644 --- a/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config +++ b/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config @@ -21,6 +21,7 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config b/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config index 238fa8ef0..b461a51ef 100644 --- a/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config +++ b/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config @@ -21,6 +21,7 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/nitropad-ns50/nitropad-ns50.config b/boards/nitropad-ns50/nitropad-ns50.config index 9ebfc9cb1..62dec4ce7 100644 --- a/boards/nitropad-ns50/nitropad-ns50.config +++ b/boards/nitropad-ns50/nitropad-ns50.config @@ -14,6 +14,7 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/nitropad-nv41/nitropad-nv41.config b/boards/nitropad-nv41/nitropad-nv41.config index 7547ba62f..91aeee55a 100644 --- a/boards/nitropad-nv41/nitropad-nv41.config +++ b/boards/nitropad-nv41/nitropad-nv41.config @@ -14,6 +14,7 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config b/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config index 677b7ac62..0ff67ad74 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config @@ -27,6 +27,7 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config b/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config index 442f06dc4..cb00b92bb 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config @@ -28,6 +28,7 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config b/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config index 2b622f431..42104a33d 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config @@ -28,6 +28,7 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config b/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config index fce10e7c6..746d7ab07 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config @@ -30,6 +30,7 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config b/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config index dc275271f..56cb0af20 100644 --- a/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config +++ b/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config @@ -27,6 +27,7 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config b/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config index 4cdd6eb8b..b931207db 100644 --- a/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config +++ b/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config @@ -28,6 +28,7 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config b/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config index 289304773..69947d0af 100644 --- a/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config +++ b/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config @@ -28,6 +28,7 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config b/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config index 82349b271..c52ae0965 100644 --- a/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config +++ b/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config @@ -30,6 +30,7 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/t420-hotp-maximized/t420-hotp-maximized.config b/boards/t420-hotp-maximized/t420-hotp-maximized.config index 12c8dac26..aadd43df5 100644 --- a/boards/t420-hotp-maximized/t420-hotp-maximized.config +++ b/boards/t420-hotp-maximized/t420-hotp-maximized.config @@ -22,6 +22,7 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/t430-hotp-maximized/t430-hotp-maximized.config b/boards/t430-hotp-maximized/t430-hotp-maximized.config index 574dcfa8c..d71f4e15c 100644 --- a/boards/t430-hotp-maximized/t430-hotp-maximized.config +++ b/boards/t430-hotp-maximized/t430-hotp-maximized.config @@ -20,6 +20,7 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/w530-hotp-maximized/w530-hotp-maximized.config b/boards/w530-hotp-maximized/w530-hotp-maximized.config index 85ce7c903..3d0350221 100644 --- a/boards/w530-hotp-maximized/w530-hotp-maximized.config +++ b/boards/w530-hotp-maximized/w530-hotp-maximized.config @@ -21,6 +21,7 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/x220-hotp-maximized/x220-hotp-maximized.config b/boards/x220-hotp-maximized/x220-hotp-maximized.config index 95dae6faf..29c933a02 100644 --- a/boards/x220-hotp-maximized/x220-hotp-maximized.config +++ b/boards/x220-hotp-maximized/x220-hotp-maximized.config @@ -22,6 +22,7 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/x230-hotp-maximized/x230-hotp-maximized.config b/boards/x230-hotp-maximized/x230-hotp-maximized.config index 3bb4d8422..846577bb8 100644 --- a/boards/x230-hotp-maximized/x230-hotp-maximized.config +++ b/boards/x230-hotp-maximized/x230-hotp-maximized.config @@ -24,6 +24,7 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config index 13c06b055..8b0531c9f 100644 --- a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config +++ b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config @@ -23,6 +23,7 @@ export CONFIG_USB_KEYBOARD=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y +CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/modules/coreboot b/modules/coreboot index 25196e24b..c015c86c8 100644 --- a/modules/coreboot +++ b/modules/coreboot @@ -138,6 +138,7 @@ $(coreboot_module)_configure := \ && $(call install_config,$(pwd)/$(CONFIG_COREBOOT_CONFIG),$(build)/$(coreboot_dir)/.config) \ && echo 'CONFIG_LOCALVERSION="$(BRAND_NAME)-$(HEADS_GIT_VERSION)"' >> $(build)/$(coreboot_dir)/.config \ && echo 'CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="$(BOARD)"' >> $(build)/$(coreboot_dir)/.config \ + && cp -TRf --remove-destination $(build)/$(coreboot_base_dir)/util/ifdtool $(build)/$(coreboot_base_dir)/util/ifdtool_cross \ && $(MAKE) olddefconfig \ -C "$(build)/$(coreboot_base_dir)" \ obj="$(build)/$(coreboot_dir)" \ diff --git a/modules/nvmutil b/modules/nvmutil new file mode 100644 index 000000000..ec3cebe6e --- /dev/null +++ b/modules/nvmutil @@ -0,0 +1,21 @@ +modules-$(CONFIG_NVMUTIL) += nvmutil + +nvmutil_depends := $(musl_dep) + +nvmutil_version := 20220815 +nvmutil_dir := nvmutil-tools-$(nvmutil_version) +nvmutil_tar := $(nvmutil_version).tar.gz +nvmutil_url := https://notabug.org/osboot/nvmutil/archive/$(nvmutil_tar) +nvmutil_hash := f990081eec798dc632b5060c5d5f4ee448a59e0a6b9214a9e78413a91b80f9e5 + +nvmutil_target := \ + $(CROSS_TOOLS) \ + CFLAGS="-I$(INSTALL)/include" \ + LDFLAGS="-L$(INSTALL)/lib" \ + +nvmutil_output := \ + nvm \ + +nvmutil_libraries := \ + +nvmutil_configure := From 5bcd6cdb3beebf4bb933604217e1c22943d12f39 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Sun, 31 Dec 2023 12:55:27 -0500 Subject: [PATCH 2/7] WiP : Add ifdtool and cbfstool to experiment from Heads with cbmem/cbfstool/ifdtool to get same cbmem -L/TPM eventlog/introspection of PRC content equivalence Signed-off-by: Thierry Laurion --- Makefile | 6 ++++-- modules/coreboot | 1 + 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index f99cac1ec..205513304 100644 --- a/Makefile +++ b/Makefile @@ -585,7 +585,7 @@ $(foreach m, $(modules-y), \ ) # -# hack to build cbmem and ifdtool from coreboot +# hack to build cbmem, cbfstool and ifdtool from coreboot # this must be built *AFTER* musl, but since coreboot depends on other things # that depend on musl it should be ok. # @@ -599,7 +599,8 @@ ifeq ($(CONFIG_NVMUTIL),y) # We consequently need ifdtool packed under initrd with cross-compiler # coreboot module copied ifdtool into ifdtool_cross at configure step # so that coreboot builds its own and we ask one to be cross-build and packed here -$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/ifdtool_cross/ifdtool)) +$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/ifdtool_cross/ifdtool)) +$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/cbfstool_cross/cbfstool)) endif endif @@ -607,6 +608,7 @@ $(COREBOOT_UTIL_DIR)/cbmem/cbmem \ $(COREBOOT_UTIL_DIR)/superiotool/superiotool \ $(COREBOOT_UTIL_DIR)/inteltool/inteltool \ $(COREBOOT_UTIL_DIR)/ifdtool_cross/ifdtool \ +$(COREBOOT_UTIL_DIR)/cbfstool_cross/cbfstool \ : $(build)/$(coreboot_base_dir)/.canary musl-cross +$(call do,MAKE,$(notdir $@),\ $(MAKE) -C "$(dir $@)" $(CROSS_TOOLS) \ diff --git a/modules/coreboot b/modules/coreboot index c015c86c8..92b385891 100644 --- a/modules/coreboot +++ b/modules/coreboot @@ -139,6 +139,7 @@ $(coreboot_module)_configure := \ && echo 'CONFIG_LOCALVERSION="$(BRAND_NAME)-$(HEADS_GIT_VERSION)"' >> $(build)/$(coreboot_dir)/.config \ && echo 'CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="$(BOARD)"' >> $(build)/$(coreboot_dir)/.config \ && cp -TRf --remove-destination $(build)/$(coreboot_base_dir)/util/ifdtool $(build)/$(coreboot_base_dir)/util/ifdtool_cross \ + && cp -TRf --remove-destination $(build)/$(coreboot_base_dir)/util/cbfstool $(build)/$(coreboot_base_dir)/util/cbfstool_cross \ && $(MAKE) olddefconfig \ -C "$(build)/$(coreboot_base_dir)" \ obj="$(build)/$(coreboot_dir)" \ From 07e3bf75f8a2acd8e65e4c46879c29c5343e7dc0 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Sun, 31 Dec 2023 12:57:36 -0500 Subject: [PATCH 3/7] WiP tpmr: add calc_pcr to simulate PCR content from reset state, measuring files/strings to arrive to same cbmem -L (TCPA/Event log content from real measured stuff) Traces: When looking at TCPA log/TPM Event log: ~ # cbmem -L coreboot TPM log: PCR-2 5622416ea417186aa1ac32b32c527ac09009fb5e SHA1 [FMAP: FMAP] PCR-2 8bbaeca78eb7e169df69d3687258318b58c8671e SHA1 [CBFS: bootblock] PCR-2 73ccefadc0a1be8184be89800e69186a260ebe40 SHA1 [CBFS: fallback/romstage] PCR-2 d697f8c98ef6f1b4aca397821e176bb48a227212 SHA1 [CBFS: fallback/postcar] PCR-2 b88302e3a46fb7fb11b92730d05c41b5f1f11bcf SHA1 [CBFS: fallback/ramstage] PCR-2 b688d567b0dfe1e1c6e4584289619a525b85cbd6 SHA1 [CBFS: bootsplash.jpg] PCR-2 9130eeb4cfe031edeabc56e6b84812d49a5a6bda SHA1 [CBFS: fallback/payload] We see that PCR2 is extended from reset state (40*0) with: FMAP (only one not under cbfs), bootblock, fallback/romstage, fallback/postcar, fallback/ramstage, bootsplash.jpg, fallback/payload cbmem permits to extract FMAP from cbmem: ~ # cbmem --rawdump $(cbmem -l | grep FMAP | awk -F " " {'print $3'}) | xxd 00000000: 5f5f 464d 4150 5f5f 0101 0000 60ff 0000 __FMAP__....`... 00000010: 0000 0000 a000 464c 4153 4800 0000 0000 ......FLASH..... 00000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000030: 0000 0000 0000 0300 0000 0800 0000 9800 ................ 00000040: 4249 4f53 0000 0000 0000 0000 0000 0000 BIOS............ 00000050: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000060: 0000 0000 0800 0002 0000 464d 4150 0000 ..........FMAP.. 00000070: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000080: 0000 0000 0000 0000 0000 0000 0002 0800 ................ 00000090: 00fe 9700 434f 5245 424f 4f54 0000 0000 ....COREBOOT.... 000000a0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 000000b0: 0000 0000 0000 ...... ~ # xxd -r cbmem.txt | sha1sum 6ecd73787c001bbc1215bd8787361e1a63b580cb - This sha1sum doesn't match reported TCPA/Event log for FMAP entry: 6ecd73787c001bbc1215bd8787361e1a63b580cb != 5622416ea417186aa1ac32b32c527ac09009fb5e FMAP extracted from cbfsutil externally from ROM image is padded with ff up to 512 bytes (this is dynamic and cannot be hardcoded magic): user@heads-tests-deb12:~/heads$ sudo cbfstool ~/heads/build/x86/qemu-coreboot-whiptail-tpm1/heads-qemu-coreboot-whiptail-tpm1-v0.2.0-1955-gfff99df-dirty.rom read -r FMAP -f xxx.bin user@heads-tests-deb12:~/heads$ xxd xxx.bin > hex.txt user@heads-tests-deb12:~/heads$ cat hex.txt 00000000: 5f5f 464d 4150 5f5f 0101 0000 60ff 0000 __FMAP__....`... 00000010: 0000 0000 a000 464c 4153 4800 0000 0000 ......FLASH..... 00000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000030: 0000 0000 0000 0300 0000 0800 0000 9800 ................ 00000040: 4249 4f53 0000 0000 0000 0000 0000 0000 BIOS............ 00000050: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000060: 0000 0000 0800 0002 0000 464d 4150 0000 ..........FMAP.. 00000070: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000080: 0000 0000 0000 0000 0000 0000 0002 0800 ................ 00000090: 00fe 9700 434f 5245 424f 4f54 0000 0000 ....COREBOOT.... 000000a0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 000000b0: 0000 0000 0000 ffff ffff ffff ffff ffff ................ 000000c0: ffff ffff ffff ffff ffff ffff ffff ffff ................ 000000d0: ffff ffff ffff ffff ffff ffff ffff ffff ................ 000000e0: ffff ffff ffff ffff ffff ffff ffff ffff ................ 000000f0: ffff ffff ffff ffff ffff ffff ffff ffff ................ 00000100: ffff ffff ffff ffff ffff ffff ffff ffff ................ 00000110: ffff ffff ffff ffff ffff ffff ffff ffff ................ 00000120: ffff ffff ffff ffff ffff ffff ffff ffff ................ 00000130: ffff ffff ffff ffff ffff ffff ffff ffff ................ 00000140: ffff ffff ffff ffff ffff ffff ffff ffff ................ 00000150: ffff ffff ffff ffff ffff ffff ffff ffff ................ 00000160: ffff ffff ffff ffff ffff ffff ffff ffff ................ 00000170: ffff ffff ffff ffff ffff ffff ffff ffff ................ 00000180: ffff ffff ffff ffff ffff ffff ffff ffff ................ 00000190: ffff ffff ffff ffff ffff ffff ffff ffff ................ 000001a0: ffff ffff ffff ffff ffff ffff ffff ffff ................ 000001b0: ffff ffff ffff ffff ffff ffff ffff ffff ................ 000001c0: ffff ffff ffff ffff ffff ffff ffff ffff ................ 000001d0: ffff ffff ffff ffff ffff ffff ffff ffff ................ 000001e0: ffff ffff ffff ffff ffff ffff ffff ffff ................ 000001f0: ffff ffff ffff ffff ffff ffff ffff ffff ................ user@heads-tests-deb12:~/heads$ xxd -r hex.txt | sha1sum 5622416ea417186aa1ac32b32c527ac09009fb5e - This matches FMAP region measured in TCPA/TPM event log for FMAP trace above: 6ecd73787c001bbc1215bd8787361e1a63b580cb = 6ecd73787c001bbc1215bd8787361e1a63b580cb It seems that coreboot measured boot code does the same as cbfstool (padding prior of measuring) instead of taking only the raw output we could replicate with cbfs.... Signed-off-by: Thierry Laurion --- initrd/bin/tpmr | 52 ++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/initrd/bin/tpmr b/initrd/bin/tpmr index e7e61ceba..3189f5730 100755 --- a/initrd/bin/tpmr +++ b/initrd/bin/tpmr @@ -228,6 +228,49 @@ replay_pcr() { # (6: LUKS header, 7: user related cbfs files loaded from cbfs-init) } +# usage: calc_pcr [ | ... ] +# Calculate PCR value to compare with CBMEM event log. +# First argument is PCR number, followed by optional +# hashes and/or files. +# Resulting PCR value is returned in binary form. +calc_pcr() { + TRACE "Under /bin/tpmr:calc_pcr" + if [ -z "$2" ]; then + echo >&2 "No PCR number passed" + return + fi + if [ "$2" -ge 8 ]; then + echo >&2 "Illegal PCR number ($2)" + return + fi + local alg="$1" + local pcr="$2" + local alg_digits=0 + # SHA-1 hashes are 40 chars + if [ "$alg" = "sha1" ]; then alg_digits=40; fi + # SHA-256 hashes are 64 chars + if [ "$alg" = "sha256" ]; then alg_digits=64; fi + shift 2 + replayed_pcr=$(extend_pcr_state $alg $(printf "%.${alg_digits}d" 0) $@) + echo $replayed_pcr | hex2bin + DEBUG "Replayed cbmem -L clean boot state of PCR=$pcr ALG=$alg : $replayed_pcr" + # To manually introspect calculated to PCR values: + # TODO: fix the following examples with WORKING examples + # PCR-2: + # bash tpmr calc_pcr 2 <(cbmem -r 464d4150) <(cbfs --read bootblock) \ + # <(cbfs --read fallback/romstage) <(cbfs --read fallback/postcar) \ + # <(cbfs --read fallback/ramstage) <(cbfs --read bootsplash.jpg) \ + # <(cbfs --read fallback/payload) | xxd -p + # PCR-4, in case of recovery shell (bash used for process substitution): + # bash -c "tpmr calc_pcr 4 <(echo -n recovery)" | xxd -p + # PCR-4, in case of normal boot passing through kexec-select-boot: + # bash -c "tpmr calc_pcr 4 <(echo -n generic)" | xxd -p + # PCR-5, depending on which modules are loaded for given board: + # tpmr calc_pcr 5 module0.ko module1.ko module2.ko | xxd -p + # PCR-6 and PCR-7: similar to 5, but with different files passed + # (6: LUKS header, 7: user related cbfs files loaded from cbfs-init) +} + tpm2_extend() { TRACE "Under /bin/tpmr:tpm2_extend" while true; do @@ -519,7 +562,7 @@ tpm1_seal() { -of "$sealed_file" \ -hk 40000000 \ "${POLICY_ARGS[@]}" - + # try it without the TPM Owner Password first if ! tpm nv_writevalue -in "$index" -if "$sealed_file"; then # to create an nvram space we need the TPM Owner Password @@ -751,6 +794,10 @@ if [ "$CONFIG_TPM2_TOOLS" != "y" ]; then shift replay_pcr "sha1" "$@" ;; + calc_pcr) + shift + calc_pcr "sha1" "$@" + ;; counter_create) shift tpm1_counter_create "$@" @@ -796,6 +843,9 @@ pcrsize) calcfuturepcr) replay_pcr "sha256" "$@" ;; +calc_pcr) + calc_pcr "sha256" "$@" + ;; extend) tpm2_extend "$@" ;; From 6f69f89612393190f1deb3fe90c15202d054941b Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Wed, 3 Jan 2024 02:02:57 -0500 Subject: [PATCH 4/7] Makefile modules/coreboot modules/nvmutil: remove unneeded ifdutil/cbfsutil/nvmutil for this task. cbmem+cbfs is enough Signed-off-by: Thierry Laurion --- Makefile | 11 ---------- .../UNTESTED_t520-hotp-maximized.config | 1 - .../UNTESTED_t530-dgpu-hotp-maximized.config | 1 - ...TED_w530-dgpu-K1000m-hotp-maximized.config | 1 - ...TED_w530-dgpu-K2000m-hotp-maximized.config | 1 - boards/nitropad-ns50/nitropad-ns50.config | 1 - boards/nitropad-nv41/nitropad-nv41.config | 1 - .../qemu-coreboot-fbwhiptail-tpm1-hotp.config | 1 - .../qemu-coreboot-fbwhiptail-tpm1.config | 1 - .../qemu-coreboot-fbwhiptail-tpm2-hotp.config | 1 - .../qemu-coreboot-fbwhiptail-tpm2.config | 1 - .../qemu-coreboot-whiptail-tpm1-hotp.config | 1 - .../qemu-coreboot-whiptail-tpm1.config | 1 - .../qemu-coreboot-whiptail-tpm2-hotp.config | 1 - .../qemu-coreboot-whiptail-tpm2.config | 1 - .../t420-hotp-maximized.config | 1 - .../t430-hotp-maximized.config | 1 - .../w530-hotp-maximized.config | 1 - .../x220-hotp-maximized.config | 1 - .../x230-hotp-maximized.config | 1 - .../x230-hotp-maximized_usb-kb.config | 1 - modules/coreboot | 2 -- modules/nvmutil | 21 ------------------- 23 files changed, 54 deletions(-) delete mode 100644 modules/nvmutil diff --git a/Makefile b/Makefile index 205513304..bb2f09084 100644 --- a/Makefile +++ b/Makefile @@ -573,7 +573,6 @@ bin_modules-$(CONFIG_ZSTD) += zstd bin_modules-$(CONFIG_E2FSPROGS) += e2fsprogs bin_modules-$(CONFIG_EXFATPROGS) += exfatprogs bin_modules-$(CONFIG_IOTOOLS) += iotools -bin_modules-$(CONFIG_NVMUTIL) += nvmutil $(foreach m, $(bin_modules-y), \ $(call map,initrd_bin_add,$(call bins,$m)) \ @@ -594,21 +593,11 @@ ifeq ($(CONFIG_COREBOOT),y) $(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/cbmem/cbmem)) #$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/superiotool/superiotool)) #$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/inteltool/inteltool)) -ifeq ($(CONFIG_NVMUTIL),y) -#NVMUTIL(nvm) is applied on ifdtool extracted gbe.bin from a flashrom backup under Heads. -# We consequently need ifdtool packed under initrd with cross-compiler -# coreboot module copied ifdtool into ifdtool_cross at configure step -# so that coreboot builds its own and we ask one to be cross-build and packed here -$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/ifdtool_cross/ifdtool)) -$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/cbfstool_cross/cbfstool)) -endif endif $(COREBOOT_UTIL_DIR)/cbmem/cbmem \ $(COREBOOT_UTIL_DIR)/superiotool/superiotool \ $(COREBOOT_UTIL_DIR)/inteltool/inteltool \ -$(COREBOOT_UTIL_DIR)/ifdtool_cross/ifdtool \ -$(COREBOOT_UTIL_DIR)/cbfstool_cross/cbfstool \ : $(build)/$(coreboot_base_dir)/.canary musl-cross +$(call do,MAKE,$(notdir $@),\ $(MAKE) -C "$(dir $@)" $(CROSS_TOOLS) \ diff --git a/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config b/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config index 2251f25f2..f9061c242 100644 --- a/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config +++ b/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config @@ -18,7 +18,6 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config b/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config index 27d9bba03..0eb5f2a21 100644 --- a/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config +++ b/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config @@ -21,7 +21,6 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config b/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config index 7895773f7..b8add6500 100644 --- a/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config +++ b/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config @@ -21,7 +21,6 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config b/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config index b461a51ef..238fa8ef0 100644 --- a/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config +++ b/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config @@ -21,7 +21,6 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/nitropad-ns50/nitropad-ns50.config b/boards/nitropad-ns50/nitropad-ns50.config index 62dec4ce7..9ebfc9cb1 100644 --- a/boards/nitropad-ns50/nitropad-ns50.config +++ b/boards/nitropad-ns50/nitropad-ns50.config @@ -14,7 +14,6 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/nitropad-nv41/nitropad-nv41.config b/boards/nitropad-nv41/nitropad-nv41.config index 91aeee55a..7547ba62f 100644 --- a/boards/nitropad-nv41/nitropad-nv41.config +++ b/boards/nitropad-nv41/nitropad-nv41.config @@ -14,7 +14,6 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config b/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config index 0ff67ad74..677b7ac62 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config @@ -27,7 +27,6 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config b/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config index cb00b92bb..442f06dc4 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config @@ -28,7 +28,6 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config b/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config index 42104a33d..2b622f431 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config @@ -28,7 +28,6 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config b/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config index 746d7ab07..fce10e7c6 100644 --- a/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config +++ b/boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config @@ -30,7 +30,6 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config b/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config index 56cb0af20..dc275271f 100644 --- a/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config +++ b/boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config @@ -27,7 +27,6 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config b/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config index b931207db..4cdd6eb8b 100644 --- a/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config +++ b/boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config @@ -28,7 +28,6 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config b/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config index 69947d0af..289304773 100644 --- a/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config +++ b/boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config @@ -28,7 +28,6 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config b/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config index c52ae0965..82349b271 100644 --- a/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config +++ b/boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config @@ -30,7 +30,6 @@ CONFIG_QRENCODE=y CONFIG_TPMTOTP=y CONFIG_POPT=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_FLASHROM=y CONFIG_PCIUTILS=y CONFIG_UTIL_LINUX=y diff --git a/boards/t420-hotp-maximized/t420-hotp-maximized.config b/boards/t420-hotp-maximized/t420-hotp-maximized.config index aadd43df5..12c8dac26 100644 --- a/boards/t420-hotp-maximized/t420-hotp-maximized.config +++ b/boards/t420-hotp-maximized/t420-hotp-maximized.config @@ -22,7 +22,6 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/t430-hotp-maximized/t430-hotp-maximized.config b/boards/t430-hotp-maximized/t430-hotp-maximized.config index d71f4e15c..574dcfa8c 100644 --- a/boards/t430-hotp-maximized/t430-hotp-maximized.config +++ b/boards/t430-hotp-maximized/t430-hotp-maximized.config @@ -20,7 +20,6 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/w530-hotp-maximized/w530-hotp-maximized.config b/boards/w530-hotp-maximized/w530-hotp-maximized.config index 3d0350221..85ce7c903 100644 --- a/boards/w530-hotp-maximized/w530-hotp-maximized.config +++ b/boards/w530-hotp-maximized/w530-hotp-maximized.config @@ -21,7 +21,6 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/x220-hotp-maximized/x220-hotp-maximized.config b/boards/x220-hotp-maximized/x220-hotp-maximized.config index 29c933a02..95dae6faf 100644 --- a/boards/x220-hotp-maximized/x220-hotp-maximized.config +++ b/boards/x220-hotp-maximized/x220-hotp-maximized.config @@ -22,7 +22,6 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/x230-hotp-maximized/x230-hotp-maximized.config b/boards/x230-hotp-maximized/x230-hotp-maximized.config index 846577bb8..3bb4d8422 100644 --- a/boards/x230-hotp-maximized/x230-hotp-maximized.config +++ b/boards/x230-hotp-maximized/x230-hotp-maximized.config @@ -24,7 +24,6 @@ CONFIG_LINUX_E1000E=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config index 8b0531c9f..13c06b055 100644 --- a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config +++ b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config @@ -23,7 +23,6 @@ export CONFIG_USB_KEYBOARD=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y CONFIG_FLASHTOOLS=y -CONFIG_NVMUTIL=y CONFIG_GPG2=y CONFIG_KEXEC=y CONFIG_UTIL_LINUX=y diff --git a/modules/coreboot b/modules/coreboot index 92b385891..25196e24b 100644 --- a/modules/coreboot +++ b/modules/coreboot @@ -138,8 +138,6 @@ $(coreboot_module)_configure := \ && $(call install_config,$(pwd)/$(CONFIG_COREBOOT_CONFIG),$(build)/$(coreboot_dir)/.config) \ && echo 'CONFIG_LOCALVERSION="$(BRAND_NAME)-$(HEADS_GIT_VERSION)"' >> $(build)/$(coreboot_dir)/.config \ && echo 'CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="$(BOARD)"' >> $(build)/$(coreboot_dir)/.config \ - && cp -TRf --remove-destination $(build)/$(coreboot_base_dir)/util/ifdtool $(build)/$(coreboot_base_dir)/util/ifdtool_cross \ - && cp -TRf --remove-destination $(build)/$(coreboot_base_dir)/util/cbfstool $(build)/$(coreboot_base_dir)/util/cbfstool_cross \ && $(MAKE) olddefconfig \ -C "$(build)/$(coreboot_base_dir)" \ obj="$(build)/$(coreboot_dir)" \ diff --git a/modules/nvmutil b/modules/nvmutil deleted file mode 100644 index ec3cebe6e..000000000 --- a/modules/nvmutil +++ /dev/null @@ -1,21 +0,0 @@ -modules-$(CONFIG_NVMUTIL) += nvmutil - -nvmutil_depends := $(musl_dep) - -nvmutil_version := 20220815 -nvmutil_dir := nvmutil-tools-$(nvmutil_version) -nvmutil_tar := $(nvmutil_version).tar.gz -nvmutil_url := https://notabug.org/osboot/nvmutil/archive/$(nvmutil_tar) -nvmutil_hash := f990081eec798dc632b5060c5d5f4ee448a59e0a6b9214a9e78413a91b80f9e5 - -nvmutil_target := \ - $(CROSS_TOOLS) \ - CFLAGS="-I$(INSTALL)/include" \ - LDFLAGS="-L$(INSTALL)/lib" \ - -nvmutil_output := \ - nvm \ - -nvmutil_libraries := \ - -nvmutil_configure := From 2e2946386ae3b52cc66ae51aa29c97abfbd33a03 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Wed, 3 Jan 2024 02:06:15 -0500 Subject: [PATCH 5/7] bin/tpmr .ash_history: add needed functions to be able to call tpmr recalculate_firmware_pcr_from_cbfs .ash_history: add tpmr recalculate_firmware_pcr_from_cbfs but remove unneeded deprecated ways of doing things Signed-off-by: Thierry Laurion --- initrd/.ash_history | 31 +++++---------- initrd/bin/tpmr | 92 ++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 93 insertions(+), 30 deletions(-) diff --git a/initrd/.ash_history b/initrd/.ash_history index 12d10333b..0541ab0cc 100644 --- a/initrd/.ash_history +++ b/initrd/.ash_history @@ -1,24 +1,13 @@ -#mount /boot in read-only by default -mount /boot -#verify detached signature of /boot content -find /boot/kexec*.txt | gpg --verify /boot/kexec.sig - -#remove invalid kexec_* signed files -mount /dev/sda1 /boot && mount -o remount,rw /boot && rm /boot/kexec* && mount -o remount,ro /boot -#Generate keys from GPG smartcard: -mount-usb && gpg --home=/.gnupg/ --card-edit -#Copy generated public key, private_subkey, trustdb and artifacts to external media for backup: -mount -o remount,rw /media && mkdir -p /media/gpg_keys; gpg --export-secret-keys --armor email@address.com > /media/gpg_keys/private.key && gpg --export --armor email@address.com > /media/gpg_keys/public.key && gpg --export-ownertrust > /media/gpg_keys/otrust.txt && cp -r ./.gnupg/* /media/gpg_keys/ 2> /dev/null -#Insert public key and trustdb export into reproducible rom: -cbfs -o /media/coreboot.rom -a "heads/initrd/.gnupg/keys/public.key" -f /media/gpg_keys/public.key && cbfs -o /media/coreboot.rom -a "heads/initrd/.gnupg/keys/otrust.txt" -f /media/gpg_keys/otrust.txt -#Flush changes to external media: -mount -o,remount ro /media -#Flash modified reproducible rom with inserted public key and trustdb export from precedent step. Flushes actual rom's keys (-c: clean): -flash.sh -c /media/coreboot.rom -#Attest integrity of firmware as it is -seal-totp -#Verify Intel ME state: -cbmem --console | grep '^ME' -cbmem --console | less +mount /boot #mount /boot in read-only by default +find /boot/kexec*.txt | gpg --verify /boot/kexec.sig - #verify detached signature of /boot content +media-scan /dev/sdXZ #scan Y partition of X device for detached signed ISOs to boot from +mount-usb --mode rw #mount usb in read-write mode +mount-usb --mode ro #mount usb in read-only mode +flash.sh -c /media/coreboot.rom #flash coreboot.rom WITHOUT preserving user settings +flash.sh /media/coreboot.rom -p #flash coreboot.rom WITH preserving user settings +cbmem --console | grep '^ME' #view ME console +cbmem --console | less #view coreboot console +tpmr recalculate_firmware_pcr_from_cbfs #Replay coreboot TPM event log from CBFS # Reboot/power off (important for devices with no keyboard to escape recovery shell) reboot # Press Enter with this command to reboot poweroff # Press Enter with this command to power off diff --git a/initrd/bin/tpmr b/initrd/bin/tpmr index 3189f5730..40830f5d3 100755 --- a/initrd/bin/tpmr +++ b/initrd/bin/tpmr @@ -105,21 +105,29 @@ is_hash() { # initial_state - a hash value setting the initial state # files/hashes... - any number of files or hashes, state is extended once for each item extend_pcr_state() { + TRACE "Under /bin/tpmr:extend_pcr_state" local alg="$1" local state="$2" + DEBUG "Initial PCR state: $state" local next extend shift 2 + local argument=1 while [ "$#" -gt 0 ]; do + DEBUG "Extending PCR state with argument #$argument: $1" next="$1" shift if is_hash "$alg" "$next"; then extend="$next" + DEBUG "Extending PCR state with passed argument #$argument hash: $extend" else extend="$("${alg}sum" <"$next" | cut -d' ' -f1)" + DEBUG "Extending PCR state with argument #$argument file: $extend" fi state="$(echo "$state$extend" | hex2bin | "${alg}sum" | cut -d' ' -f1)" + argument=$((argument + 1)) done + DEBUG "Extended final PCR state: $state" echo "$state" } @@ -213,8 +221,10 @@ replay_pcr() { shift 2 replayed_pcr=$(extend_pcr_state $alg $(printf "%.${alg_digits}d" 0) \ $(echo "$log" | awk -v alg=$alg -v pcr=$pcr -f <(echo $AWK_PROG)) $@) - echo $replayed_pcr | hex2bin DEBUG "Replayed cbmem -L clean boot state of PCR=$pcr ALG=$alg : $replayed_pcr" + + # Output in binary form + echo $replayed_pcr | hex2bin # To manually introspect current PCR values: # PCR-2: # tpmr calcfuturepcr 2 | xxd -p @@ -228,11 +238,33 @@ replay_pcr() { # (6: LUKS header, 7: user related cbfs files loaded from cbfs-init) } -# usage: calc_pcr [ | ... ] -# Calculate PCR value to compare with CBMEM event log. -# First argument is PCR number, followed by optional -# hashes and/or files. -# Resulting PCR value is returned in binary form. + +# Read the FMAP from cbmem and pad it to the next multiple of 512 bytes to match cbfsutil/measured boot FMAP +read_and_pad_FMAP_from_cbmem() { + # Create the directory for temporary files + mkdir -p /tmp/secret/ + # Fetch the address of the FMAP in memory and write the raw FMAP data to a file + cbmem --rawdump $(cbmem -l | grep FMAP | awk -F " " {'print $3'}) >/tmp/secret/fmap.raw + # Fetch the size of the FMAP from the raw data (4 bytes at offset 8) and store it as a hexadecimal string + fmap_size_hex=$(hexdump -v -e '/1 "%02x"' -s 8 -n 4 /tmp/secret/fmap.raw) + # Rearrange the bytes in the size to little-endian format + fmap_size_le=${fmap_size_hex:6:2}${fmap_size_hex:4:2}${fmap_size_hex:2:2}${fmap_size_hex:0:2} + # Convert the size from hexadecimal to decimal + fmap_size=$((16#$fmap_size_le)) + # Calculate the next multiple of 512 that is greater than or equal to the size of the FMAP + next_multiple=$((($fmap_size + 511) / 512 * 512)) + # Calculate the number of bytes needed to fill the fmap.raw file to the next multiple of 512 + #fill_size=$(( $next_multiple - $fmap_size )) + fill_size=$(($next_multiple - $(stat -c%s /tmp/secret/fmap.raw))) + # Create a file named fill.ff filled with 'ff' of the required size + dd if=/dev/zero bs=1 count=$fill_size 2>/dev/null | tr '\0' '\377' >/tmp/secret/fill.ff + # Append the fill.ff file to the fmap.raw file, resulting in a file named fmap_filled.raw + cat /tmp/secret/fmap.raw /tmp/secret/fill.ff >/tmp/secret/fmap_filled.raw + # Caller is expected to use hash format that matches the algorithm used for the PCR + sha1sum /tmp/secret/fmap_filled.raw | awk -F " " {'print $1'} + # Removal of the tempory files in tmpfs is left to when going to recovery shell or rebooting +} + calc_pcr() { TRACE "Under /bin/tpmr:calc_pcr" if [ -z "$2" ]; then @@ -252,8 +284,9 @@ calc_pcr() { if [ "$alg" = "sha256" ]; then alg_digits=64; fi shift 2 replayed_pcr=$(extend_pcr_state $alg $(printf "%.${alg_digits}d" 0) $@) - echo $replayed_pcr | hex2bin DEBUG "Replayed cbmem -L clean boot state of PCR=$pcr ALG=$alg : $replayed_pcr" + echo $replayed_pcr + # To manually introspect calculated to PCR values: # TODO: fix the following examples with WORKING examples # PCR-2: @@ -271,6 +304,41 @@ calc_pcr() { # (6: LUKS header, 7: user related cbfs files loaded from cbfs-init) } + +# Function: recalculate_firmware_pcr_from_cbfs +# Description: This function recalculates the firmware PCR (Platform Configuration Register) values from the files measured by coreboot. +# It simulates the measurement process by passing the hashes of the files to the `calc_pcr` function. +# The function uses various `cbfs` commands to read the contents of specific files and calculates their SHA1 hashes. +# The calculated hashes are then passed to `calc_pcr` along with other necessary parameters. +# The function also outputs the PCR values for TPM PCR2 and the TPM event log reported by `cbmem -L`. +# +# Parameters: +# - $1: checksum algorithm (sha1 or sha256) +# +# Usage: recalculate_firmware_pcr_from_cbfs +# Examples: +# recalculate_firmware_pcr_from_cbfs sha1 "3E0A13C35B0244B012BE5287A3B52352CC576BAE" +# recalculate_firmware_pcr_from_cbfs sha256 "3E0A13C35B0244B012BE5287A3B52352CC576BAE" +# +# TODO: redo alternative function with files instead of hashes +recalculate_firmware_pcr_from_cbfs() +{ + TRACE "Under /bin/tpmr:recalculate_firmware_pcr_from_cbfs" + # We pass hashes of the files that are measured by coreboot, simulating the measurement process + # As of now, Heads uses coreboot custom TPM Event log format, which measures everything in PCR-2 + DO_WITH_DEBUG calc_pcr "$1" 2 \ + $(read_and_pad_FMAP_from_cbmem) \ + $(cbfs --read bootblock | sha1sum | awk -F " " {'print $1'}) \ + $(cbfs --read fallback/romstage | sha1sum | awk -F " " {'print $1'}) \ + $(cbfs --read fallback/postcar | sha1sum | awk -F " " {'print $1'}) \ + $(cbfs --read fallback/ramstage | sha1sum | awk -F " " {'print $1'}) \ + $(cbfs --read bootsplash.jpg | sha1sum | awk -F " " {'print $1'}) \ + $(cbfs --read fallback/payload | sha1sum | awk -F " " {'print $1'}) + + DEBUG "Actual TPM $(pcrs | grep PCR-02)" + DEBUG "TPM event log reported by cbmem -L: $(cbmem -L)" +} + tpm2_extend() { TRACE "Under /bin/tpmr:tpm2_extend" while true; do @@ -530,7 +598,7 @@ tpm1_seal() { pcrl="$3" #0,1,2,3,4,5,6,7 (does not include algorithm prefix) pcrf="$4" sealed_size="$5" - pass="$6" # May be empty to seal with no password + pass="$6" # May be empty to seal with no password tpm_owner_password="$7" # Owner password - will prompt if needed and not empty sealed_file="$SECRET_DIR/tpm1_seal_sealed.bin" @@ -540,7 +608,6 @@ tpm1_seal() { DEBUG "tpm1_seal arguments: file=$file index=$index pcrl=$pcrl pcrf=$pcrf sealed_size=$sealed_size pass=$(mask_param "$pass") tpm_password=$(mask_param "$tpm_password")" - # If a password was given, add it to the policy arguments if [ "$pass" ]; then POLICY_ARGS+=(-pwdd "$pass") @@ -798,6 +865,10 @@ if [ "$CONFIG_TPM2_TOOLS" != "y" ]; then shift calc_pcr "sha1" "$@" ;; + recalculate_firmware_pcr_from_cbfs) + shift + recalculate_firmware_pcr_from_cbfs "sha1" + ;; counter_create) shift tpm1_counter_create "$@" @@ -846,6 +917,9 @@ calcfuturepcr) calc_pcr) calc_pcr "sha256" "$@" ;; +recalculate_firmware_pcr_from_cbfs) + recalculate_firmware_pcr_from_cbfs "sha256" + ;; extend) tpm2_extend "$@" ;; From 223b545b9c4e4761aa879c5858643c0d067f35bd Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Wed, 3 Jan 2024 13:35:41 -0500 Subject: [PATCH 6/7] bin/tpmr:recalculate_firmware_pcr_from_cbfs Add basic TPM2 suppport Signed-off-by: Thierry Laurion --- initrd/bin/tpmr | 66 +++++++++++++++++++++++++++++++++++-------------- 1 file changed, 47 insertions(+), 19 deletions(-) diff --git a/initrd/bin/tpmr b/initrd/bin/tpmr index 40830f5d3..5abdf8f44 100755 --- a/initrd/bin/tpmr +++ b/initrd/bin/tpmr @@ -114,7 +114,6 @@ extend_pcr_state() { local argument=1 while [ "$#" -gt 0 ]; do - DEBUG "Extending PCR state with argument #$argument: $1" next="$1" shift if is_hash "$alg" "$next"; then @@ -239,29 +238,46 @@ replay_pcr() { } -# Read the FMAP from cbmem and pad it to the next multiple of 512 bytes to match cbfsutil/measured boot FMAP +# Function: read_and_pad_FMAP_from_cbmem +# Description: This function reads the FMAP (Firmware Map) from the cbmem (coreboot memory) and pads it to the next multiple of 512 bytes. +# It then calculates the checksum of the padded FMAP using the specified checksum algorithm (sha1 or sha256) and returns the checksum value. +# Parameters: +# - $1: The checksum algorithm to use (sha1 or sha256) +# Returns: +# - The checksum value of the padded FMAP +# - Returns 1 if an unknown checksum algorithm is provided read_and_pad_FMAP_from_cbmem() { + TRACE "Under /bin/tpmr:read_and_pad_FMAP_from_cbmem" + # Check if the checksum algorithm is supported and set the appropriate program + if [ "$1" == "sha1" ]; then + checksum_prog="sha1sum" + elif [ "$1" == "sha256" ]; then + checksum_prog="sha256sum" + else + echo >&2 "Unknown checksum algorithm: $1" + return 1 + fi + # Create the directory for temporary files mkdir -p /tmp/secret/ # Fetch the address of the FMAP in memory and write the raw FMAP data to a file - cbmem --rawdump $(cbmem -l | grep FMAP | awk -F " " {'print $3'}) >/tmp/secret/fmap.raw + cbmem --rawdump "$(cbmem -l | grep FMAP | awk -F " " '{print $3}')" >/tmp/secret/fmap.raw # Fetch the size of the FMAP from the raw data (4 bytes at offset 8) and store it as a hexadecimal string fmap_size_hex=$(hexdump -v -e '/1 "%02x"' -s 8 -n 4 /tmp/secret/fmap.raw) # Rearrange the bytes in the size to little-endian format - fmap_size_le=${fmap_size_hex:6:2}${fmap_size_hex:4:2}${fmap_size_hex:2:2}${fmap_size_hex:0:2} + fmap_size_le="${fmap_size_hex:6:2}${fmap_size_hex:4:2}${fmap_size_hex:2:2}${fmap_size_hex:0:2}" # Convert the size from hexadecimal to decimal - fmap_size=$((16#$fmap_size_le)) + fmap_size=$((16#"$fmap_size_le")) # Calculate the next multiple of 512 that is greater than or equal to the size of the FMAP - next_multiple=$((($fmap_size + 511) / 512 * 512)) + next_multiple=$(( (fmap_size + 511) / 512 * 512 )) # Calculate the number of bytes needed to fill the fmap.raw file to the next multiple of 512 - #fill_size=$(( $next_multiple - $fmap_size )) - fill_size=$(($next_multiple - $(stat -c%s /tmp/secret/fmap.raw))) + fill_size=$(( next_multiple - $(stat -c%s /tmp/secret/fmap.raw) )) # Create a file named fill.ff filled with 'ff' of the required size - dd if=/dev/zero bs=1 count=$fill_size 2>/dev/null | tr '\0' '\377' >/tmp/secret/fill.ff + dd if=/dev/zero bs=1 count="$fill_size" 2>/dev/null | tr '\0' '\377' >/tmp/secret/fill.ff # Append the fill.ff file to the fmap.raw file, resulting in a file named fmap_filled.raw cat /tmp/secret/fmap.raw /tmp/secret/fill.ff >/tmp/secret/fmap_filled.raw # Caller is expected to use hash format that matches the algorithm used for the PCR - sha1sum /tmp/secret/fmap_filled.raw | awk -F " " {'print $1'} + "$checksum_prog" /tmp/secret/fmap_filled.raw | awk -F " " '{print $1}' # Removal of the tempory files in tmpfs is left to when going to recovery shell or rebooting } @@ -326,16 +342,28 @@ recalculate_firmware_pcr_from_cbfs() TRACE "Under /bin/tpmr:recalculate_firmware_pcr_from_cbfs" # We pass hashes of the files that are measured by coreboot, simulating the measurement process # As of now, Heads uses coreboot custom TPM Event log format, which measures everything in PCR-2 + + if [ "$1" == "sha1" ]; then + checksum_prog="sha1sum" + PCR_STRING="PCR-2" + elif [ "$1" == "sha256" ]; then + checksum_prog="sha256sum" + PCR_STRING="2 :" + else + echo >&2 "Unknown checksum algorithm: $1" + return 1 + fi + DO_WITH_DEBUG calc_pcr "$1" 2 \ - $(read_and_pad_FMAP_from_cbmem) \ - $(cbfs --read bootblock | sha1sum | awk -F " " {'print $1'}) \ - $(cbfs --read fallback/romstage | sha1sum | awk -F " " {'print $1'}) \ - $(cbfs --read fallback/postcar | sha1sum | awk -F " " {'print $1'}) \ - $(cbfs --read fallback/ramstage | sha1sum | awk -F " " {'print $1'}) \ - $(cbfs --read bootsplash.jpg | sha1sum | awk -F " " {'print $1'}) \ - $(cbfs --read fallback/payload | sha1sum | awk -F " " {'print $1'}) - - DEBUG "Actual TPM $(pcrs | grep PCR-02)" + "$(read_and_pad_FMAP_from_cbmem "$1")" \ + "$(cbfs --read bootblock | $checksum_prog | awk -F ' ' '{print $1}')" \ + "$(cbfs --read fallback/romstage | $checksum_prog | awk -F ' ' '{print $1}')" \ + "$(cbfs --read fallback/postcar | $checksum_prog | awk -F ' ' '{print $1}')" \ + "$(cbfs --read fallback/ramstage | $checksum_prog | awk -F ' ' '{print $1}')" \ + "$(cbfs --read bootsplash.jpg | $checksum_prog | awk -F ' ' '{print $1}')" \ + "$(cbfs --read fallback/payload | $checksum_prog | awk -F ' ' '{print $1}')" + + DEBUG "Actual TPM $(pcrs | grep "$PCR_STRING")" DEBUG "TPM event log reported by cbmem -L: $(cbmem -L)" } From bf7677c4f65766a0744ac1e1b4f83a8d03c55e47 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Thu, 4 Jan 2024 12:24:12 -0500 Subject: [PATCH 7/7] WiP tpmr: unify simulated PCR output with raw/TPM event log output for comparison Buggy as of now, will reverify next week ~ # tpmr verify_coreboot_measured_boot_tpm_event_log_vs_content_measured #Valida te coreboot TPM event log against cbmem FMAP+cbfs content [ 293.267413] TRACE: Under /bin/tpmr [ 293.390454] TRACE: Under /bin/tpmr [ 293.441752] TRACE: Under /bin/tpmr:replay_pcr [ 293.551759] TRACE: Under /bin/tpmr:extend_pcr_state [ 293.574966] DEBUG: Initial PCR state: 0000000000000000000000000000000000000000000000000000000000000000 [ 293.639890] DEBUG: Extending PCR state with passed argument #1 hash: 02778dad5303b911adc8828cf5101a251a9b2a5a2b711a44159fb89a5a0b5198 [ 293.761500] DEBUG: Extending PCR state with passed argument #2 hash: 5444dba991b48df882ed1e2b85f0c90f947f6c7f8ed3dd6c91dc70dd661b66cb [ 293.899682] DEBUG: Extending PCR state with passed argument #3 hash: 13d3cacde02deff3d5e1ae2b52e5647c67046fb359b58d3899365a87a7161090 [ 294.028814] DEBUG: Extending PCR state with passed argument #4 hash: cea785e25dfdc94b8296a0a2bcc75d2f44f93543d0eb4236a0efa5add87fc97a [ 294.137824] DEBUG: Extending PCR state with passed argument #5 hash: bb2ff5833f90c09916fb972f49963653cf207cc65033276d458e00ce31d4b3d7 [ 294.259655] DEBUG: Extending PCR state with passed argument #6 hash: bc172d6c3551a44fbd6beef7ebbb2d4fa1452c46fcfdeebef1c519f13d668f1b [ 294.400277] DEBUG: Extending PCR state with passed argument #7 hash: bf037ed20105da5af9affb40353a4bccc9c8e69f2b03b81260573821ccbfa6d8 [ 294.514983] DEBUG: Extended final PCR state: ab50d5acd93870448844392a2582099650614e0c75f3b6c3f3a5f7a811ab3bca [ 294.561181] DEBUG: Replayed cbmem -L clean boot state of PCR=2 ALG=sha256 : ab50d5acd93870448844392a2582099650614e0c75f3b6c3f3a5f7a811ab3bca [ 294.699187] TRACE: Under /bin/tpmr [ 294.765450] TRACE: Under /bin/tpmr:recalculate_firmware_pcr_from_cbfs [ 294.812153] TRACE: Under /bin/tpmr:read_and_pad_FMAP_from_cbmem [ 295.853558] TRACE: Under /bin/tpmr:calc_pcr [ 295.909978] TRACE: Under /bin/tpmr:extend_pcr_state [ 295.955343] DEBUG: Initial PCR state: 0000000000000000000000000000000000000000000000000000000000000000 [ 296.036572] DEBUG: Extending PCR state with passed argument #1 hash: 02778dad5303b911adc8828cf5101a251a9b2a5a2b711a44159fb89a5a0b5198 [ 296.196037] DEBUG: Extending PCR state with passed argument #2 hash: 5444dba991b48df882ed1e2b85f0c90f947f6c7f8ed3dd6c91dc70dd661b66cb [ 296.364665] DEBUG: Extending PCR state with passed argument #3 hash: 13d3cacde02deff3d5e1ae2b52e5647c67046fb359b58d3899365a87a7161090 [ 296.528953] DEBUG: Extending PCR state with passed argument #4 hash: cea785e25dfdc94b8296a0a2bcc75d2f44f93543d0eb4236a0efa5add87fc97a [ 296.683826] DEBUG: Extending PCR state with passed argument #5 hash: bb2ff5833f90c09916fb972f49963653cf207cc65033276d458e00ce31d4b3d7 [ 296.843403] DEBUG: Extending PCR state with passed argument #6 hash: bc172d6c3551a44fbd6beef7ebbb2d4fa1452c46fcfdeebef1c519f13d668f1b [ 297.011405] DEBUG: Extending PCR state with passed argument #7 hash: bf037ed20105da5af9affb40353a4bccc9c8e69f2b03b81260573821ccbfa6d8 [ 297.142107] DEBUG: Extended final PCR state: ab50d5acd93870448844392a2582099650614e0c75f3b6c3f3a5f7a811ab3bca [ 297.200198] DEBUG: Replayed cbmem -L clean boot state of PCR=2 ALG=sha256 : ab50d5acd93870448844392a2582099650614e0c75f3b6c3f3a5f7a811ab3bca [ 297.375755] DEBUG: Original TPM PCR2 value: 2 : 0xAB50D5ACD93870448844392A2582099650614E0C75F3B6C3F3A5F7A811AB3BCA [ 297.438635] DEBUG: TPM event log reported by cbmem -L: coreboot TPM log: [ 297.472275] [ 297.514744] PCR-2 02778dad5303b911adc8828cf5101a251a9b2a5a2b711a44159fb89a5a0b5198 SHA256 [FMAP: FMAP] [ 297.559260] PCR-2 5444dba991b48df882ed1e2b85f0c90f947f6c7f8ed3dd6c91dc70dd661b66cb SHA256 [CBFS: bootblock] [ 297.594767] PCR-2 13d3cacde02deff3d5e1ae2b52e5647c67046fb359b58d3899365a87a7161090 SHA256 [CBFS: fallback/romstage] [ 297.632653] PCR-2 cea785e25dfdc94b8296a0a2bcc75d2f44f93543d0eb4236a0efa5add87fc97a SHA256 [CBFS: fallback/postcar] [ 297.688218] PCR-2 bb2ff5833f90c09916fb972f49963653cf207cc65033276d458e00ce31d4b3d7 SHA256 [CBFS: fallback/ramstage] [ 297.723743] PCR-2 bc172d6c3551a44fbd6beef7ebbb2d4fa1452c46fcfdeebef1c519f13d668f1b SHA256 [CBFS: bootsplash.jpg] [ 297.760327] PCR-2 bf037ed20105da5af9affb40353a4bccc9c8e69f2b03b81260573821ccbfa6d8 SHA256 [CBFS: fallback/payload] [ 297.823487] DEBUG: Calculated TPM PCR2 value from files: ab50d5acd93870448844392a2582099650614e0c75f3b6c3f3a5f7a811ab3bca [ 297.872171] DEBUG: Measured boot from TPM event log: ab50d5acd93870448844392a2582099650614e0c75f3b6c3f3a5f7a811ab [ 297.905953] 3bca [ 297.955757] DEBUG: Measured boot from content measured by coreboot: ab50d5acd93870448844392a2582099650614e0c75f3b6c3f3a5f7a811ab3bca Failed: TPM event log does not match content measured by coreboot [ 298.008151] !!! ERROR: TPM event log does not match content measured by coreboot !!! the 3cba on second line is weird. Close but not good enough Signed-off-by: Thierry Laurion --- initrd/.ash_history | 1 + initrd/bin/tpmr | 31 ++++++++++++++++++++++++++++--- targets/qemu.mk | 2 +- 3 files changed, 30 insertions(+), 4 deletions(-) diff --git a/initrd/.ash_history b/initrd/.ash_history index 0541ab0cc..42f495001 100644 --- a/initrd/.ash_history +++ b/initrd/.ash_history @@ -8,6 +8,7 @@ flash.sh /media/coreboot.rom -p #flash coreboot.rom WITH preserving user setting cbmem --console | grep '^ME' #view ME console cbmem --console | less #view coreboot console tpmr recalculate_firmware_pcr_from_cbfs #Replay coreboot TPM event log from CBFS +tpmr verify_coreboot_measured_boot_tpm_event_log_vs_content_measured #Validate coreboot TPM event log against cbmem FMAP+cbfs content # Reboot/power off (important for devices with no keyboard to escape recovery shell) reboot # Press Enter with this command to reboot poweroff # Press Enter with this command to power off diff --git a/initrd/bin/tpmr b/initrd/bin/tpmr index 5abdf8f44..dda72e17e 100755 --- a/initrd/bin/tpmr +++ b/initrd/bin/tpmr @@ -354,17 +354,35 @@ recalculate_firmware_pcr_from_cbfs() return 1 fi - DO_WITH_DEBUG calc_pcr "$1" 2 \ + calculated_pcr=$(calc_pcr "$1" 2 \ "$(read_and_pad_FMAP_from_cbmem "$1")" \ "$(cbfs --read bootblock | $checksum_prog | awk -F ' ' '{print $1}')" \ "$(cbfs --read fallback/romstage | $checksum_prog | awk -F ' ' '{print $1}')" \ "$(cbfs --read fallback/postcar | $checksum_prog | awk -F ' ' '{print $1}')" \ "$(cbfs --read fallback/ramstage | $checksum_prog | awk -F ' ' '{print $1}')" \ "$(cbfs --read bootsplash.jpg | $checksum_prog | awk -F ' ' '{print $1}')" \ - "$(cbfs --read fallback/payload | $checksum_prog | awk -F ' ' '{print $1}')" + "$(cbfs --read fallback/payload | $checksum_prog | awk -F ' ' '{print $1}')") - DEBUG "Actual TPM $(pcrs | grep "$PCR_STRING")" + DEBUG "Original TPM PCR2 value: $(pcrs | grep "$PCR_STRING")" DEBUG "TPM event log reported by cbmem -L: $(cbmem -L)" + DEBUG "Calculated TPM PCR2 value from files: $calculated_pcr" + echo "$calculated_pcr" +} + +verify_coreboot_measured_boot_tpm_event_log_vs_content_measured() +{ + measured_boot=$(tpmr calcfuturepcr 2 | xxd -p) + content_measured=$(tpmr recalculate_firmware_pcr_from_cbfs) + + DEBUG "Measured boot from TPM event log: $measured_boot" + DEBUG "Measured boot from content measured by coreboot: $content_measured" + + if [ "$measured_boot" == "$content_measured" ]; then + echo "Verified: TPM event log matches content measured by coreboot" + else + echo "Failed: TPM event log does not match content measured by coreboot" + die "TPM event log does not match content measured by coreboot" + fi } tpm2_extend() { @@ -897,6 +915,10 @@ if [ "$CONFIG_TPM2_TOOLS" != "y" ]; then shift recalculate_firmware_pcr_from_cbfs "sha1" ;; + verify_coreboot_measured_boot_tpm_event_log_vs_content_measured) + shift + verify_coreboot_measured_boot_tpm_event_log_vs_content_measured + ;; counter_create) shift tpm1_counter_create "$@" @@ -948,6 +970,9 @@ calc_pcr) recalculate_firmware_pcr_from_cbfs) recalculate_firmware_pcr_from_cbfs "sha256" ;; +verify_coreboot_measured_boot_tpm_event_log_vs_content_measured) + verify_coreboot_measured_boot_tpm_event_log_vs_content_measured + ;; extend) tpm2_extend "$@" ;; diff --git a/targets/qemu.mk b/targets/qemu.mk index 930afa7b3..59286a3e1 100644 --- a/targets/qemu.mk +++ b/targets/qemu.mk @@ -88,7 +88,7 @@ run: $(TPMDIR)/.manufacture $(ROOT_DISK_IMG) $(MEMORY_SIZE_FILE) $(USB_FD_IMG) -qemu-system-x86_64 -drive file="$(ROOT_DISK_IMG)",if=virtio \ --machine q35,accel=kvm:tcg \ -rtc base=utc \ - -smp "$$(nproc)" \ + -smp 1 \ -vga std \ -m "$$(cat "$(MEMORY_SIZE_FILE)")" \ -serial stdio \