ia64/xen-unstable

changeset 16142:786a210e7cab

hvm: TCGBIOS fixes

Fix IPL measurement of El Torito CD boot and some eventlog formats.

The TCG BIOS extensions are described here:
https://www.trustedcomputinggroup.org/specs/PCClient/TCG_PCClientImplementationforBIOS_1-20_1-00.pdf

- fix cdrom (El Torito) boot (8.2.5.6 El Torito, p63)
tcpa_ipl() is modified to support various boot devices.
move some measurement code into cdrom_boot() function.
- fix EV_IPL (0Dh) event (10.4.1 Event Types, p76)
eventfield size should be zero
- fix EV_SEPARATOR event (3.2.2 Integrity Collection and Reporting,
p32)
change eventfield to -1 (0xFFFFFFFF) from "---------------"
- add "Returned INT 19h" event (8.2.3 Logging of Boot Events, p59)
actually, tcgbios does not call int19h, but we extend this
tentatively

Signed-off-by: Seiji Munetoh <seiji.munetoh@gmail.com>
author Keir Fraser <keir@xensource.com>
date Wed Oct 17 10:00:27 2007 +0100 (2007-10-17)
parents a38a2fdb4f1b
children 86bd91e90eec
files tools/firmware/rombios/32bit/tcgbios/tcgbios.c tools/firmware/rombios/32bitprotos.h tools/firmware/rombios/rombios.c tools/firmware/rombios/tcgbios.c
line diff
     1.1 --- a/tools/firmware/rombios/32bit/tcgbios/tcgbios.c	Tue Oct 16 17:41:33 2007 +0100
     1.2 +++ b/tools/firmware/rombios/32bit/tcgbios/tcgbios.c	Wed Oct 17 10:00:27 2007 +0100
     1.3 @@ -533,7 +533,8 @@ uint16_t tcpa_add_measurement_to_log_sim
     1.4  	memset(&pcpes, 0x0, sizeof(pcpes));
     1.5  	pcpes.pcrindex = pcrIndex;
     1.6  	pcpes.eventtype = event_type;
     1.7 -	pcpes.eventdatasize = length;
     1.8 +	/* specs: 10.4.1, EV_IPL eventfield should not contain the code.*/
     1.9 +	pcpes.eventdatasize = 0;
    1.10  
    1.11  	hleei.ipblength = 0x18;
    1.12  	hleei.reserved  = 0x0;
    1.13 @@ -570,11 +571,9 @@ static const char ev_action[][23] = {
    1.14             "Start Option ROM Scan"
    1.15  };
    1.16  
    1.17 -
    1.18 -static char evt_separator[] = "---------------";
    1.19 +static char evt_separator[] = {0xff,0xff,0xff,0xff}; 
    1.20  static char wake_event_1[]    = "Wake Event 1";
    1.21  
    1.22 -
    1.23  /*
    1.24   * Add a measurement to the list of measurements
    1.25   * pcrIndex   : PCR to be extended
    1.26 @@ -590,11 +589,10 @@ void tcpa_add_measurement(uint32_t pcrIn
    1.27  
    1.28  	switch (event_type) {
    1.29  	case EV_SEPARATOR:
    1.30 -		tcpa_add_measurement_to_log(pcrIndex,
    1.31 +		tcpa_add_measurement_to_log_simple(pcrIndex,
    1.32  		                            event_type,
    1.33 -		                            0,
    1.34  		                            evt_separator,
    1.35 -		                            strlen(evt_separator));
    1.36 +		                            4);
    1.37  	break;
    1.38  	case EV_ACTION:
    1.39  		string = ev_action[data /* event_id */];
    1.40 @@ -723,22 +721,44 @@ void tcpa_option_rom(uint32_t seg)
    1.41   * Creates two log entries
    1.42   *
    1.43   * Input parameter:
    1.44 + *  bootcd : 0: MBR of hdd, 1: boot image, 2: boot catalog of El Torito
    1.45   *  seg    : segment where the IPL data are located
    1.46 + *  off    : offset where the IPL data are located
    1.47 + *  count  : length in bytes
    1.48   */
    1.49 -void tcpa_ipl(Bit32u seg)
    1.50 +void tcpa_ipl(Bit32u bootcd,Bit32u seg,Bit32u off,Bit32u count)
    1.51  {
    1.52 -	/* specs: 8.2.5.3 */
    1.53 -	uint8_t *addr = (uint8_t *)ADDR_FROM_SEG_OFF(seg,0);
    1.54 -	/* equivalent to: dd if=/dev/hda ibs=1 count=440 | sha1sum */
    1.55 -	tcpa_add_measurement_to_log_simple(4,
    1.56 -	                                   EV_IPL,
    1.57 -	                                   addr,
    1.58 -	                                   0x1b8);
    1.59 -	/* equivalent to: dd if=/dev/hda ibs=1 count=72 skip=440 | sha1sum */
    1.60 -	tcpa_add_measurement_to_log_simple(5,
    1.61 -	                                   EV_IPL_PARTITION_DATA,
    1.62 -	                                   addr + 0x1b8,
    1.63 -	                                   0x48);
    1.64 +	uint8_t *addr = (uint8_t *)ADDR_FROM_SEG_OFF(seg,off);
    1.65 +	if (bootcd == 1) {
    1.66 +		/* specs: 8.2.5.6 El Torito */
    1.67 +		tcpa_add_measurement_to_log_simple(4,
    1.68 +						   EV_IPL,
    1.69 +						   addr,
    1.70 +						   count);
    1.71 +	}
    1.72 +	else if (bootcd == 2) { /* Boot Catalog */
    1.73 +
    1.74 +		/* specs: 8.2.5.6 El Torito */
    1.75 +		tcpa_add_measurement_to_log_simple(5,
    1.76 +						   EV_IPL_PARTITION_DATA,
    1.77 +						   addr,
    1.78 +						   count);
    1.79 +	}
    1.80 +	else {
    1.81 +		/* specs: 8.2.5.3 */
    1.82 +		/* equivalent to: dd if=/dev/hda ibs=1 count=440 | sha1sum */
    1.83 +		tcpa_add_measurement_to_log_simple(4,
    1.84 +						   EV_IPL,
    1.85 +						   addr,
    1.86 +		                                   0x1b8);
    1.87 +
    1.88 +
    1.89 +		/* equivalent to: dd if=/dev/hda ibs=1 count=72 skip=440 | sha1sum */
    1.90 +		tcpa_add_measurement_to_log_simple(5,
    1.91 +						   EV_IPL_PARTITION_DATA,
    1.92 +						   addr + 0x1b8,
    1.93 +						   0x48);
    1.94 +	}
    1.95  }
    1.96  
    1.97  void tcpa_measure_post(Bit32u from, Bit32u to)
     2.1 --- a/tools/firmware/rombios/32bitprotos.h	Tue Oct 16 17:41:33 2007 +0100
     2.2 +++ b/tools/firmware/rombios/32bitprotos.h	Wed Oct 17 10:00:27 2007 +0100
     2.3 @@ -38,7 +38,7 @@ void tcpa_wake_event( PARMS(void) );
     2.4  void tcpa_add_bootdevice( PARMS(Bit32u bootcd, Bit32u bootdrv) );
     2.5  void tcpa_start_option_rom_scan( PARMS(void) );
     2.6  void tcpa_option_rom( PARMS(Bit32u seg) );
     2.7 -void tcpa_ipl( PARMS(Bit32u seg) );
     2.8 +void tcpa_ipl( PARMS(Bit32u bootcd,Bit32u seg,Bit32u off,Bit32u count) );
     2.9  void tcpa_measure_post( PARMS(Bit32u from, Bit32u to) );
    2.10  Bit32u tcpa_initialize_tpm( PARMS(Bit32u physpres) );
    2.11  
     3.1 --- a/tools/firmware/rombios/rombios.c	Tue Oct 16 17:41:33 2007 +0100
     3.2 +++ b/tools/firmware/rombios/rombios.c	Wed Oct 17 10:00:27 2007 +0100
     3.3 @@ -3378,6 +3378,13 @@ cdrom_boot()
     3.4    // Initial/Default Entry
     3.5    if(buffer[0x20]!=0x88)return 11; // Bootable
     3.6  
     3.7 +#if BX_TCGBIOS
     3.8 +  /* specs: 8.2.3 step 5 and 8.2.5.6, measure El Torito boot catalog */
     3.9 +  /* measure 2048 bytes (one sector) */
    3.10 +  tcpa_add_bootdevice((Bit32u)1L, (Bit32u)0L); /* bootcd = 1 */
    3.11 +  tcpa_ipl((Bit32u)2L,(Bit32u)get_SS(),(Bit32u)buffer,(Bit32u)2048L);
    3.12 +#endif
    3.13 +
    3.14    write_byte(ebda_seg,&EbdaData->cdemu.media,buffer[0x21]);
    3.15    if(buffer[0x21]==0){
    3.16      // FIXME ElTorito Hardcoded. cdrom is hardcoded as device 0xE0. 
    3.17 @@ -3416,6 +3423,13 @@ cdrom_boot()
    3.18    if((error = ata_cmd_packet(device, 12, get_SS(), atacmd, 0, nbsectors*512L, ATA_DATA_IN, boot_segment,0)) != 0)
    3.19      return 12;
    3.20  
    3.21 +#if BX_TCGBIOS
    3.22 +  /* specs: 8.2.3 step 4 and 8.2.5.6, measure El Torito boot image */
    3.23 +  /* measure 1st 512 bytes  */
    3.24 +  tcpa_ipl((Bit32u)1L,(Bit32u)boot_segment,(Bit32u)0L,(Bit32u)512L);
    3.25 +#endif
    3.26 +
    3.27 +
    3.28    // Remember the media type
    3.29    switch(read_byte(ebda_seg,&EbdaData->cdemu.media)) {
    3.30      case 0x01:  // 1.2M floppy
    3.31 @@ -7686,6 +7700,7 @@ ASM_END
    3.32  
    3.33  #if BX_TCGBIOS
    3.34      tcpa_add_bootdevice((Bit32u)0L, (Bit32u)bootdrv);
    3.35 +    tcpa_ipl((Bit32u)0L,(Bit32u)bootseg,(Bit32u)0L,(Bit32u)512L); /* specs: 8.2.3 steps 4 and 5 */
    3.36  #endif
    3.37  
    3.38      /* Canonicalize bootseg:bootip */
    3.39 @@ -7706,9 +7721,6 @@ ASM_END
    3.40  
    3.41      bootdrv = (Bit8u)(status>>8);
    3.42      bootseg = read_word(ebda_seg,&EbdaData->cdemu.load_segment);
    3.43 -#if BX_TCGBIOS
    3.44 -    tcpa_add_bootdevice((Bit32u)1L, (Bit32u)0L);
    3.45 -#endif
    3.46  
    3.47      /* Canonicalize bootseg:bootip */
    3.48      bootip = (bootseg & 0x0fff) << 4;
    3.49 @@ -7724,9 +7736,6 @@ ASM_END
    3.50    default: return;
    3.51    }
    3.52  
    3.53 -#if BX_TCGBIOS
    3.54 -  tcpa_ipl((Bit32u)bootseg);               /* specs: 8.2.3 steps 4 and 5 */
    3.55 -#endif
    3.56    
    3.57    /* Jump to the boot vector */
    3.58  ASM_START
    3.59 @@ -9795,16 +9804,14 @@ post_default_ints:
    3.60  #if BX_TCGBIOS
    3.61    call _tcpa_calling_int19h          /* specs: 8.2.3 step 1 */
    3.62    call _tcpa_add_event_separators    /* specs: 8.2.3 step 2 */
    3.63 +  /* we do not call int 19h handler but keep following eventlog */
    3.64 +  call _tcpa_returned_int19h         /* specs: 8.2.3 step 3/7 */
    3.65  #endif
    3.66  
    3.67    ;; Start the boot sequence.   See the comments in int19_relocated 
    3.68    ;; for why we use INT 18h instead of INT 19h here.
    3.69    int  #0x18
    3.70  
    3.71 -#if BX_TCGBIOS
    3.72 -  call _tcpa_returned_int19h         /* specs: 8.2.3 step 3/7 */
    3.73 -#endif
    3.74 -
    3.75  .org 0xe2c3 ; NMI Handler Entry Point
    3.76  nmi:
    3.77    ;; FIXME the NMI handler should not panic
     4.1 --- a/tools/firmware/rombios/tcgbios.c	Tue Oct 16 17:41:33 2007 +0100
     4.2 +++ b/tools/firmware/rombios/tcgbios.c	Wed Oct 17 10:00:27 2007 +0100
     4.3 @@ -150,8 +150,11 @@ void
     4.4   *  seg    : segment where the IPL data are located
     4.5   */
     4.6   void
     4.7 -tcpa_ipl(seg)
     4.8 + tcpa_ipl(bootcd,seg,off,count)
     4.9 +    Bit32u bootcd;
    4.10      Bit32u seg;
    4.11 +    Bit32u off;
    4.12 +    Bit32u count;
    4.13  {
    4.14  	ASM_START
    4.15  	DoUpcall(IDX_TCPA_IPL)