From patchwork Tue Jun 25 22:02:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Richter X-Patchwork-Id: 1122336 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 45YKwZ6w7zz9s3C for ; Wed, 26 Jun 2019 08:05:34 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 45YKwZ5xdrzDqSx for ; Wed, 26 Jun 2019 08:05:34 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=erichte@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 45YKs45jywzDqB3 for ; Wed, 26 Jun 2019 08:02:32 +1000 (AEST) Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x5PM1Y5k122325 for ; Tue, 25 Jun 2019 18:02:31 -0400 Received: from e06smtp01.uk.ibm.com (e06smtp01.uk.ibm.com [195.75.94.97]) by mx0a-001b2d01.pphosted.com with ESMTP id 2tbs7jppk1-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 25 Jun 2019 18:02:30 -0400 Received: from localhost by e06smtp01.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 25 Jun 2019 23:02:28 +0100 Received: from b06cxnps4076.portsmouth.uk.ibm.com (9.149.109.198) by e06smtp01.uk.ibm.com (192.168.101.131) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Tue, 25 Jun 2019 23:02:27 +0100 Received: from d06av25.portsmouth.uk.ibm.com (d06av25.portsmouth.uk.ibm.com [9.149.105.61]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x5PM2Pme44826870 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 25 Jun 2019 22:02:25 GMT Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7345411C05C; Tue, 25 Jun 2019 22:02:25 +0000 (GMT) Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id AD8D211C052; Tue, 25 Jun 2019 22:02:24 +0000 (GMT) Received: from yorha.austin.ibm.com (unknown [9.41.178.196]) by d06av25.portsmouth.uk.ibm.com (Postfix) with ESMTP; Tue, 25 Jun 2019 22:02:24 +0000 (GMT) From: Eric Richter To: skiboot@lists.ozlabs.org Date: Tue, 25 Jun 2019 17:02:13 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190625220215.27134-1-erichte@linux.ibm.com> References: <20190625220215.27134-1-erichte@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19062522-4275-0000-0000-0000034639B8 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19062522-4276-0000-0000-000038563C50 Message-Id: <20190625220215.27134-8-erichte@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-06-25_14:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=840 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1906250173 Subject: [Skiboot] [RFC PATCH v2 7/9] secvar/backend: add edk2 headers to support edk2 derived backend X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nayna@linux.ibm.com Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" From: Nayna Jain Edk2-style support for secure variables processing requires use of EFI-like data structures. These include authentication_header_2, EFI Signature Lists and GUIDs This patch includes the header file derived from edk2-staging branch of tianocore reference implementation[1]. The data types in use are merged into one file - edk2.h. The data types in use are kept intact except change of case and corresponding basic inbuilt types to match with skiboot coding style. [1] https://github.com/tianocore/edk2-staging.git Signed-off-by: Claudio Carvalho Signed-off-by: Nayna Jain Signed-off-by: Eric Richter --- libstb/secvar/backend/edk2/edk2.h | 249 ++++++++++++++++++++++++++++++ 1 file changed, 249 insertions(+) create mode 100644 libstb/secvar/backend/edk2/edk2.h diff --git a/libstb/secvar/backend/edk2/edk2.h b/libstb/secvar/backend/edk2/edk2.h new file mode 100644 index 00000000..fc40ea68 --- /dev/null +++ b/libstb/secvar/backend/edk2/edk2.h @@ -0,0 +1,249 @@ +/* Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved. This + * program and the accompanying materials are licensed and made available + * under the terms and conditions of the 2-Clause BSD License which + * accompanies this distribution. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * This file is derived from the following files referred from edk2-staging[1] repo + * of tianocore + * + * MdePkg/Include/Guid/GlobalVariable.h + * MdePkg/Include/Guid/WinCertificate.h + * MdePkg/Include/Uefi/UefiMultiPhase.h + * MdePkg/Include/Uefi/UefiBaseType.h + * MdePkg/Include/Guid/ImageAuthentication.h + * + * [1] https://github.com/tianocore/edk2-staging + * + * Copyright 2019 IBM Corp. + */ + +#ifndef __EDK2_H__ +#define __EDK2_H__ + +#define EFI_GLOBAL_VARIABLE \ + { \ + 0x8B, 0xE4, 0xDF, 0x61, 0x93, 0xCA, 0x11, 0xd2, 0xAA, 0x0D, 0x00, 0xE0, 0x98, 0x03, 0x2B, 0x8C \ + } + + +/// +/// This identifies a signature based on an X.509 certificate. If the signature is an X.509 +/// certificate then verification of the signature of an image should validate the public +/// key certificate in the image using certificate path verification, up to this X.509 +/// certificate as a trusted root. The SignatureHeader size shall always be 0. The +/// SignatureSize may vary but shall always be 16 (size of the SignatureOwner component) + +/// the size of the certificate itself. +/// Note: This means that each certificate will normally be in a separate EFI_SIGNATURE_LIST. +/// +#define EFI_CERT_X509_GUID \ + { \ + 0xa5, 0xc0, 0x59, 0xa1, 0x94, 0xe4, 0x4a, 0xa7, 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72 \ + } + +#define EFI_CERT_TYPE_PKCS7_GUID \ + { \ + 0x4a, 0xaf, 0xd2, 0x9d, 0x68, 0xdf, 0x49, 0xee, 0x8a, 0xa9, 0x34, 0x7d, 0x37, 0x56, 0x65, 0xa7 \ + } + +#define EFI_VARIABLE_NON_VOLATILE 0x00000001 +#define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x00000002 +#define EFI_VARIABLE_RUNTIME_ACCESS 0x00000004 +/* + * This attribute is identified by the mnemonic 'HR' elsewhere in this + * specification. + */ +#define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x00000008 +/* + * Attributes of Authenticated Variable + */ +#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS 0x00000020 +#define EFI_VARIABLE_APPEND_WRITE 0x00000040 +/* + * NOTE: EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated and should be + * considered reserved. + */ +#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x00000010 + +/* + * win_certificate.w_certificate_type + */ +#define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002 + +#define SECURE_BOOT_MODE_ENABLE 1 +#define SECURE_BOOT_MODE_DISABLE 0 +/// +/// Depricated value definition for SetupMode variable +/// +#define SETUP_MODE 1 +#define USER_MODE 0 + +struct efi_guid { + u32 data1; + u16 data2; + u16 data3; + u8 data4[8]; +}; + +/* + * EFI Time Abstraction: + * Year: 1900 - 9999 + * Month: 1 - 12 + * Day: 1 - 31 + * Hour: 0 - 23 + * Minute: 0 - 59 + * Second: 0 - 59 + * Nanosecond: 0 - 999,999,999 + * TimeZone: -1440 to 1440 or 2047 + */ +struct efi_time { + u16 year; + u8 month; + u8 day; + u8 hour; + u8 minute; + u8 second; + u8 pad1; + u32 nanosecond; + s16 timezone; + u8 daylight; + u8 pad2; +}; +//*********************************************************************** +// Signature Database +//*********************************************************************** +/// +/// The format of a signature database. +/// +#pragma pack(1) + +typedef struct { + /// + /// An identifier which identifies the agent which added the signature to the list. + /// + struct efi_guid SignatureOwner; + /// + /// The format of the signature is defined by the SignatureType. + /// + unsigned char SignatureData[1]; +} EFI_SIGNATURE_DATA; + +typedef struct { + /// + /// Type of the signature. GUID signature types are defined in below. + /// + struct efi_guid SignatureType; + /// + /// Total size of the signature list, including this header. + /// + uint32_t SignatureListSize; + /// + /// Size of the signature header which precedes the array of signatures. + /// + uint32_t SignatureHeaderSize; + /// + /// Size of each signature. + /// + uint32_t SignatureSize; + /// + /// Header before the array of signatures. The format of this header is specified + /// by the SignatureType. + /// UINT8 SignatureHeader[SignatureHeaderSize]; + /// + /// An array of signatures. Each signature is SignatureSize bytes in length. + /// EFI_SIGNATURE_DATA Signatures[][SignatureSize]; + /// +} EFI_SIGNATURE_LIST; + + +/* + * The win_certificate structure is part of the PE/COFF specification. + */ +struct win_certificate { + /* + * The length of the entire certificate, including the length of the + * header, in bytes. + */ + u32 dw_length; + /* + * The revision level of the WIN_CERTIFICATE structure. The current + * revision level is 0x0200. + */ + u16 w_revision; + /* + * The certificate type. See WIN_CERT_TYPE_xxx for the UEFI certificate + * types. The UEFI specification reserves the range of certificate type + * values from 0x0EF0 to 0x0EFF. + */ + u16 w_certificate_type; + /* + * The following is the actual certificate. The format of + * the certificate depends on wCertificateType. + */ + /// UINT8 bCertificate[ANYSIZE_ARRAY]; +}; + +/* + * Certificate which encapsulates a GUID-specific digital signature + */ +struct win_certificate_uefi_guid { + /* + * This is the standard win_certificate header, where w_certificate_type + * is set to WIN_CERT_TYPE_EFI_GUID. + */ + struct win_certificate hdr; + /* + * This is the unique id which determines the format of the cert_data. + */ + struct efi_guid cert_type; + /* + * The following is the certificate data. The format of the data is + * determined by the @cert_type. If @cert_type is + * EFI_CERT_TYPE_RSA2048_SHA256_GUID, the @cert_data will be + * EFI_CERT_BLOCK_RSA_2048_SHA256 structure. + */ + u8 cert_data[1]; +}; +/* + * When the attribute EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS is set, + * then the Data buffer shall begin with an instance of a complete (and + * serialized) EFI_VARIABLE_AUTHENTICATION_2 descriptor. The descriptor shall be + * followed by the new variable value and DataSize shall reflect the combined + * size of the descriptor and the new variable value. The authentication + * descriptor is not part of the variable data and is not returned by subsequent + * calls to GetVariable(). + */ +struct efi_variable_authentication_2 { + /* + * For the TimeStamp value, components Pad1, Nanosecond, TimeZone, Daylight and + * Pad2 shall be set to 0. This means that the time shall always be expressed in GMT. + */ + struct efi_time timestamp; + /* + * Only a CertType of EFI_CERT_TYPE_PKCS7_GUID is accepted. + */ + struct win_certificate_uefi_guid auth_info; +}; + +#endif