| Message ID | 20180502085934.29292-26-miquel.raynal@bootlin.com |
|---|---|
| State | Changes Requested |
| Delegated to: | Simon Glass |
| Headers | show |
| Series | Introduce TPMv2.0 support | expand |
Hi Miquel, On 2 May 2018 at 02:59, Miquel Raynal <miquel.raynal@bootlin.com> wrote: > Sandbx is run in userspace. What is done in baremetal applications like > U-Boot is using an address in memory which is supposedly free to load > and store data to it. The user interaction in U-Boot's shell works like > that and it is hard to find another way to transfer a 'buffer' from one > side to the other. It is always possible to fill an environment > variable, but not that easy to use. > > Of course our Linux distributions do not allow such salvage accesses and > Sandbox will simply be killed. To avoid such scenario, it is possible, > when compiling the Sandbox driver, to allocate some memory so the > pointer that is given does not point to an unauthorized area anymore. > This just give the possibility to run all the TPM commands without > killing Sandbox. > map_sysmem() and map_to_sysmem() are supposed to handle this, assuming I understand the problem correctly. Regards, Simon
Hi Simon, On Wed, 2 May 2018 20:32:55 -0600, Simon Glass <sjg@chromium.org> wrote: > Hi Miquel, > > On 2 May 2018 at 02:59, Miquel Raynal <miquel.raynal@bootlin.com> wrote: > > Sandbx is run in userspace. What is done in baremetal applications like > > U-Boot is using an address in memory which is supposedly free to load > > and store data to it. The user interaction in U-Boot's shell works like > > that and it is hard to find another way to transfer a 'buffer' from one > > side to the other. It is always possible to fill an environment > > variable, but not that easy to use. > > > > Of course our Linux distributions do not allow such salvage accesses and > > Sandbox will simply be killed. To avoid such scenario, it is possible, > > when compiling the Sandbox driver, to allocate some memory so the > > pointer that is given does not point to an unauthorized area anymore. > > This just give the possibility to run all the TPM commands without > > killing Sandbox. > > > > map_sysmem() and map_to_sysmem() are supposed to handle this, assuming > I understand the problem correctly. Thank you very much for this, I searched a better solution to handle it, even asked on #u-boot but ended using these horrible hacks. I will drop this patch and integrate the map_*sysmem() functions as and when appropriate. Thanks, Miquèl
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index 5dde2cb307..49d67034c9 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -79,11 +79,22 @@ static int do_tpm2_pcr_extend(cmd_tbl_t *cmdtp, int flag, int argc, { u32 index = simple_strtoul(argv[1], NULL, 0); void *digest = (void *)simple_strtoul(argv[2], NULL, 0); + u32 rc; if (argc != 3) return CMD_RET_USAGE; - return report_return_code(tpm2_pcr_extend(index, digest)); +#if defined(CONFIG_TPM2_TIS_SANDBOX) + digest = calloc(1, TPM2_DIGEST_LEN); +#endif + + rc = tpm2_pcr_extend(index, digest); + +#if defined(CONFIG_TPM2_TIS_SANDBOX) + free(digest); +#endif + + return report_return_code(rc); } static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc, @@ -99,12 +110,20 @@ static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc, index = simple_strtoul(argv[1], NULL, 0); data = (void *)simple_strtoul(argv[2], NULL, 0); +#if defined(CONFIG_TPM2_TIS_SANDBOX) + data = malloc(256); +#endif + rc = tpm2_pcr_read(index, data, &updates); if (!rc) { printf("PCR #%u content (%d known updates):\n", index, updates); print_byte_string(data, TPM2_DIGEST_LEN); } +#if defined(CONFIG_TPM2_TIS_SANDBOX) + free(data); +#endif + return report_return_code(rc); } @@ -124,6 +143,10 @@ static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc, data = (void *)simple_strtoul(argv[3], NULL, 0); count = simple_strtoul(argv[4], NULL, 0); +#if defined(CONFIG_TPM2_TIS_SANDBOX) + data = malloc(256); +#endif + rc = tpm2_get_capability(capability, property, data, count); if (!rc) { printf("Capabilities read from TPM:\n"); @@ -138,6 +161,10 @@ static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc, } } +#if defined(CONFIG_TPM2_TIS_SANDBOX) + free(data); +#endif + return report_return_code(rc); }
Sandbx is run in userspace. What is done in baremetal applications like U-Boot is using an address in memory which is supposedly free to load and store data to it. The user interaction in U-Boot's shell works like that and it is hard to find another way to transfer a 'buffer' from one side to the other. It is always possible to fill an environment variable, but not that easy to use. Of course our Linux distributions do not allow such salvage accesses and Sandbox will simply be killed. To avoid such scenario, it is possible, when compiling the Sandbox driver, to allocate some memory so the pointer that is given does not point to an unauthorized area anymore. This just give the possibility to run all the TPM commands without killing Sandbox. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> --- cmd/tpm-v2.c | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-)