fsp: tpm: support policy stored in the flash

2023-09-20 15:03:29 +00:00 · 2023-09-20 15:03:29 +00:00 · 2c4df2866b
parent bf426fb2b4
commit 2c4df2866b
6 changed files with 101 additions and 17 deletions
--- a/hal/x86_fsp_qemu_stage1.ld.in
+++ b/hal/x86_fsp_qemu_stage1.ld.in
@ -8,6 +8,7 @@ FSP_M_ORIGIN = @FSP_M_BASE@; /* default base:size 0xfffdd000:0x22000 [0xfffdd000
 FSP_S_ORIGIN = @FSP_S_BASE@; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */
 WOLFBOOT_ORIGIN = @WOLFBOOT_ORIGIN@;
 DATA_MEM_START = 0x800000; /* 8 MB */
+MAX_POLICY_SIZE = 512;

 OUTPUT_FORMAT(elf32-i386)

@ -19,21 +20,41 @@ MEMORY

 SECTIONS
 {
+    .wolfboot FLASH_START :
+    {
+        _wolfboot_flash_start = .;
+        KEEP(*(.sig_wolfboot_raw*))
+        *(.wolfboot)
+        _wolfboot_flash_end = .;
+    } > FLASH
+
+    .policy :
+    {
+        . = ALIGN(4);
+        _policy_size_u32 = .;
+        . += 4;
+        _start_policy = .;
+    	. += MAX_POLICY_SIZE;
+        _end_policy = .;
+    } > FLASH
+
+    .keystore KEYSTORE_START :
+    {
+        _start_keystore = .;
+        *(.keystore*)
+    } > FLASH
+
    .jmpto32 BOOTLOADER_JUMP32_START :
    {
       _off_boot = ABSOLUTE(.) & 0xffff;
       KEEP(*(.jmpto32))
    } > FLASH
+
    .reset_vector RESETVECTOR_START :
    {
       KEEP(*(.reset_vector))
    } > FLASH

-    .keystore KEYSTORE_START :
-    {
-        *(.keystore*)
-    } > FLASH
-
    .bootloader WOLFBOOT_ORIGIN :
    {
       KEEP(*(.boot*))
@ -65,14 +86,6 @@ SECTIONS
        _end = .;
    } > RAM

-    .wolfboot FLASH_START :
-    {
-        _wolfboot_flash_start = .;
-        KEEP(*(.sig_wolfboot_raw*))
-        *(.wolfboot)
-        _wolfboot_flash_end = .;
-    }
-
    .fsp_t FSP_T_ORIGIN :
    AT(FSP_T_ORIGIN)
    {
@ -95,7 +108,4 @@ SECTIONS
       *(.fsp_m)
       _end_fsp_m = .;
    }
-
-
-
 }
--- a/hal/x86_fsp_tgl_stage1.ld.in
+++ b/hal/x86_fsp_tgl_stage1.ld.in
@ -12,6 +12,7 @@ FIT_TABLE_PTR = 0xffffffc0;
 RESETVECTOR_START = 0xffffffec;
 DATA_MEM_START = 0x800000; /* 8 MB */
 KEYSTORE_START = 0xffffe000;
+MAX_POLICY_SIZE = 512;

 OUTPUT_FORMAT(elf32-i386)

@ -31,6 +32,16 @@ SECTIONS
        _wolfboot_flash_end = .;
    } > FLASH

+    .policy :
+    {
+        . = ALIGN(4);
+        _policy_size_u32 = .;
+        . += 4;
+        _start_policy = .;
+	    . += MAX_POLICY_SIZE;
+        _end_policy = .;
+    } > FLASH
+
    .fsps_upd FSP_S_UPD_DATA_BASE :
    {
    	KEEP(./fsp_tgl_s_upd.o(.fsps_upd))
--- a/include/stage1.h
+++ b/include/stage1.h
@ -28,10 +28,18 @@ struct stage2_parameter {
    uint32_t hobList;
    uint32_t page_table;
    uint32_t tolum;
+#ifdef WOLFBOOT_TPM_SEAL
+    uint32_t tpm_policy;
+    uint16_t tpm_policy_size;
 #endif
-};
+#endif
+} __attribute__((packed));

 /* implemented in src/boot_x86_fsp_payload.c */
 struct stage2_parameter *stage2_get_parameters();

+#if defined(WOLFBOOT_TPM_SEAL)
+int stage2_get_tpm_policy(const uint8_t **policy, uint16_t *policy_size);
+#endif /* defined(WOLFBOOT_TPM_SEAL) */
+
 #endif /* STAGE1_H */
--- a/src/boot_x86_fsp.c
+++ b/src/boot_x86_fsp.c
@ -105,6 +105,9 @@ extern uint8_t _wolfboot_flash_end[];
 extern uint8_t wb_end_bss[], wb_start_bss[];
 extern uint8_t _stored_data[], _start_data[], _end_data[];
 extern uint8_t _start_bss[], _end_bss[];
+extern const uint8_t _start_policy[], _end_policy[];
+extern const uint32_t _policy_size_u32[];
+extern const uint8_t _start_keystore[];

 /* wolfboot symbols */
 extern int main(void);
@ -560,6 +563,16 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp,

    stage2_params->tolum = top_address;

+#ifdef WOLFBOOT_TPM_SEAL
+    stage2_params->tpm_policy = (uint32_t)_start_policy;
+
+    stage2_params->tpm_policy_size = *_policy_size_u32;
+    if (stage2_params->tpm_policy_size > _end_policy - _start_policy)
+        stage2_params->tpm_policy_size = 0;
+    wolfBoot_printf("setting policy @%x (%d bytes)\r\n",
+                    (uint32_t)(uintptr_t)stage2_params->tpm_policy,
+                    stage2_params->tpm_policy_size);
+#endif

    /* change_stack_and_invoke() never returns.
     *
--- a/src/boot_x86_fsp_payload.c
+++ b/src/boot_x86_fsp_payload.c
@ -90,6 +90,21 @@ struct stage2_parameter *stage2_get_parameters()
    return &_stage2_params;
 }

+#if defined(WOLFBOOT_TPM_SEAL)
+int stage2_get_tpm_policy(const uint8_t **policy, uint16_t *policy_sz)
+{
+#if defined(WOLFBOOT_FSP) && !defined(BUILD_LOADER_STAGE1)
+    struct stage2_parameter *p;
+    p = stage2_get_parameters();
+    *policy = (const uint8_t*)(uintptr_t)p->tpm_policy;
+    *policy_sz = p->tpm_policy_size;
+    return 0;
+#else
+#error "wolfBoot_get_tpm_policy is not implemented"
+#endif
+}
+#endif /* WOLFBOOT_TPM_SEAL */
+
 /**
 * @brief Perform the boot process for the given application.
 *
--- a/tools/x86_fsp/tpm_install_policy.sh
+++ b/tools/x86_fsp/tpm_install_policy.sh
@ -0,0 +1,27 @@
+#!/bin/bash
+
+set -x
+
+# variable IMAGE_FILE should be wolfboot_stage1.bin if not defined
+IMAGE_FILE=${IMAGE_FILE:-"wolfboot_stage1.bin"}
+
+# take POLICY_FILE FROM ARGUMENT 1
+POLICY_FILE="$1"
+POLICY_SZ=$(wc -c < "$POLICY_FILE")
+
+# grep stage1/loader_stage1.map for the address of the symbol _start_policy and save in the variable POLICY_START
+POLICY_START=$(grep "_start_policy" stage1/loader_stage1.map | awk '{print $1}')
+POLICY_SIZE_SYMBOL=$(grep "_policy_size_u32" stage1/loader_stage1.map | awk '{print $1}')
+
+# calculate offsets as length in bytes of IMAGE_FILE - (4GB - offset)
+IMAGE_LENGTH=$(wc -c < "$IMAGE_FILE")
+POLICY_OFF=$((IMAGE_LENGTH - (4 * 1024 * 1024 * 1024 - POLICY_START)))
+POLICY_SZ_OFF=$((IMAGE_LENGTH - (4 * 1024 * 1024 * 1024 - POLICY_SIZE_SYMBOL)))
+
+printf "%08x" $POLICY_SZ | \
+ rev  | \
+ xxd -r -p | \
+ dd conv=notrunc bs=1 seek="$POLICY_SZ_OFF" of="$IMAGE_FILE" bs=1
+
+# overwrite the content of IMAGE_FILE at offset POLICY_OFF with the content of POLICY_FILE
+dd if="$POLICY_FILE" of="$IMAGE_FILE" bs=1 seek="$POLICY_OFF" conv=notrunc