mbox series

[v5,0/6] tpm: Preserve TPM measurement log across kexec (ppc64)

Message ID 20220706152329.665636-1-stefanb@linux.ibm.com
Headers show
Series tpm: Preserve TPM measurement log across kexec (ppc64) | expand

Message

Stefan Berger July 6, 2022, 3:23 p.m. UTC 
The of-tree subsystem does not currently preserve the IBM vTPM 1.2 and
vTPM 2.0 measurement logs across a kexec on PowerVM and PowerKVM. This
series fixes this for the kexec_file_load() syscall using the flattened
device tree (fdt) to carry the TPM measurement log's buffer across kexec.

   Stefan

v5:
 - Rebased on 1 more patch that would otherwise create merge conflicts

v4:
 - Rebased on 2 patches that would otherwise create merge conflicts;
   posting these patches in this series with several tags removed so
   krobot can test the series already
 - Changes to individual patches documented in patch descripitons

v3:
 - Moved TPM Open Firmware related function to drivers/char/tpm/eventlog/tpm_of.c

v2:
 - rearranged patches
 - fixed compilation issues for x86

Jonathan McDowell (1):
  x86/kexec: Carry forward IMA measurement log on kexec

Palmer Dabbelt (1):
  drivers: of: kexec ima: Support 32-bit platforms

Stefan Berger (3):
  tpm: of: Make of-tree specific function commonly available
  of: kexec: Refactor IMA buffer related functions to make them reusable
  tpm/kexec: Duplicate TPM measurement log in of-tree for kexec

Vaibhav Jain (1):
  of: check previous kernel's ima-kexec-buffer against memory bounds

 arch/x86/Kconfig                      |   1 +
 arch/x86/include/uapi/asm/bootparam.h |   9 +
 arch/x86/kernel/e820.c                |   6 +-
 arch/x86/kernel/kexec-bzimage64.c     |  42 +++-
 arch/x86/kernel/setup.c               |  63 +++++
 drivers/char/tpm/eventlog/of.c        |  31 +--
 drivers/of/kexec.c                    | 341 ++++++++++++++++++++++----
 include/linux/ima.h                   |   5 +
 include/linux/kexec.h                 |   6 +
 include/linux/of.h                    |  10 +-
 include/linux/tpm.h                   |  27 ++
 kernel/kexec_file.c                   |   6 +
 security/integrity/ima/ima_kexec.c    |   2 +-
 13 files changed, 467 insertions(+), 82 deletions(-)


base-commit: 03c765b0e3b4cb5063276b086c76f7a612856a9a

Comments

Jarkko Sakkinen July 11, 2022, 3:04 a.m. UTC | #1 
On Wed, Jul 06, 2022 at 11:23:27AM -0400, Stefan Berger wrote:
> Simplify tpm_read_log_of() by moving reusable parts of the code into
> an inline function that makes it commonly available so it can be
> used also for kexec support. Call the new of_tpm_get_sml_parameters()
> function from the TPM Open Firmware driver.
> 
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> Cc: Jarkko Sakkinen <jarkko@kernel.org>
> Cc: Jason Gunthorpe <jgg@ziepe.ca>
> Cc: Rob Herring <robh+dt@kernel.org>
> Cc: Frank Rowand <frowand.list@gmail.com>
> 
> ---
> v4:
>  - converted to inline function
> ---
>  drivers/char/tpm/eventlog/of.c | 31 +++++--------------------------
>  include/linux/tpm.h            | 27 +++++++++++++++++++++++++++
>  2 files changed, 32 insertions(+), 26 deletions(-)
> 
> diff --git a/drivers/char/tpm/eventlog/of.c b/drivers/char/tpm/eventlog/of.c
> index a9ce66d09a75..f9462d19632e 100644
> --- a/drivers/char/tpm/eventlog/of.c
> +++ b/drivers/char/tpm/eventlog/of.c
> @@ -12,6 +12,7 @@
>  
>  #include <linux/slab.h>
>  #include <linux/of.h>
> +#include <linux/tpm.h>
>  #include <linux/tpm_eventlog.h>
>  
>  #include "../tpm.h"
> @@ -20,11 +21,10 @@
>  int tpm_read_log_of(struct tpm_chip *chip)
>  {
>  	struct device_node *np;
> -	const u32 *sizep;
> -	const u64 *basep;
>  	struct tpm_bios_log *log;
>  	u32 size;
>  	u64 base;
> +	int ret;
>  
>  	log = &chip->log;
>  	if (chip->dev.parent && chip->dev.parent->of_node)
> @@ -35,30 +35,9 @@ int tpm_read_log_of(struct tpm_chip *chip)
>  	if (of_property_read_bool(np, "powered-while-suspended"))
>  		chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
>  
> -	sizep = of_get_property(np, "linux,sml-size", NULL);
> -	basep = of_get_property(np, "linux,sml-base", NULL);
> -	if (sizep == NULL && basep == NULL)
> -		return -ENODEV;
> -	if (sizep == NULL || basep == NULL)
> -		return -EIO;
> -
> -	/*
> -	 * For both vtpm/tpm, firmware has log addr and log size in big
> -	 * endian format. But in case of vtpm, there is a method called
> -	 * sml-handover which is run during kernel init even before
> -	 * device tree is setup. This sml-handover function takes care
> -	 * of endianness and writes to sml-base and sml-size in little
> -	 * endian format. For this reason, vtpm doesn't need conversion
> -	 * but physical tpm needs the conversion.
> -	 */
> -	if (of_property_match_string(np, "compatible", "IBM,vtpm") < 0 &&
> -	    of_property_match_string(np, "compatible", "IBM,vtpm20") < 0) {
> -		size = be32_to_cpup((__force __be32 *)sizep);
> -		base = be64_to_cpup((__force __be64 *)basep);
> -	} else {
> -		size = *sizep;
> -		base = *basep;
> -	}
> +	ret = of_tpm_get_sml_parameters(np, &base, &size);
> +	if (ret < 0)
> +		return ret;
>  
>  	if (size == 0) {
>  		dev_warn(&chip->dev, "%s: Event log area empty\n", __func__);
> diff --git a/include/linux/tpm.h b/include/linux/tpm.h
> index dfeb25a0362d..b3dff255bc58 100644
> --- a/include/linux/tpm.h
> +++ b/include/linux/tpm.h
> @@ -460,4 +460,31 @@ static inline struct tpm_chip *tpm_default_chip(void)
>  	return NULL;
>  }
>  #endif
> +
> +#ifdef CONFIG_OF
> +static inline int of_tpm_get_sml_parameters(struct device_node *np,
> +					    u64 *base, u32 *size)
> +{
> +	const u32 *sizep;
> +	const u64 *basep;
> +
> +	sizep = of_get_property(np, "linux,sml-size", NULL);
> +	basep = of_get_property(np, "linux,sml-base", NULL);
> +	if (sizep == NULL && basep == NULL)
> +		return -ENODEV;
> +	if (sizep == NULL || basep == NULL)
> +		return -EIO;
> +
> +	if (of_property_match_string(np, "compatible", "IBM,vtpm") < 0 &&
> +	    of_property_match_string(np, "compatible", "IBM,vtpm20") < 0) {
> +		*size = be32_to_cpup((__force __be32 *)sizep);
> +		*base = be64_to_cpup((__force __be64 *)basep);
> +	} else {
> +		*size = *sizep;
> +		*base = *basep;
> +	}
> +	return 0;
> +}
> +#endif
> +
>  #endif
> -- 
> 2.35.1
> 


Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>

BR, Jarkko
Stefan Berger July 15, 2022, 4:01 p.m. UTC | #2 
On 7/10/22 23:04, Jarkko Sakkinen wrote:
> On Wed, Jul 06, 2022 at 11:23:27AM -0400, Stefan Berger wrote:
>> Simplify tpm_read_log_of() by moving reusable parts of the code into
>> an inline function that makes it commonly available so it can be
>> used also for kexec support. Call the new of_tpm_get_sml_parameters()
>> function from the TPM Open Firmware driver.
>>
>> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
>> Cc: Jarkko Sakkinen <jarkko@kernel.org>
>> Cc: Jason Gunthorpe <jgg@ziepe.ca>
>> Cc: Rob Herring <robh+dt@kernel.org>
>> Cc: Frank Rowand <frowand.list@gmail.com>
>>
>> ---
>> v4:
>>   - converted to inline function
>> ---
>>   drivers/char/tpm/eventlog/of.c | 31 +++++--------------------------
>>   include/linux/tpm.h            | 27 +++++++++++++++++++++++++++
>>   2 files changed, 32 insertions(+), 26 deletions(-)
>>
>> diff --git a/drivers/char/tpm/eventlog/of.c b/drivers/char/tpm/eventlog/of.c
>> index a9ce66d09a75..f9462d19632e 100644
>> --- a/drivers/char/tpm/eventlog/of.c
>> +++ b/drivers/char/tpm/eventlog/of.c
>> @@ -12,6 +12,7 @@
>>   
>>   #include <linux/slab.h>
>>   #include <linux/of.h>
>> +#include <linux/tpm.h>
>>   #include <linux/tpm_eventlog.h>
>>   
>>   #include "../tpm.h"
>> @@ -20,11 +21,10 @@
>>   int tpm_read_log_of(struct tpm_chip *chip)
>>   {
>>   	struct device_node *np;
>> -	const u32 *sizep;
>> -	const u64 *basep;
>>   	struct tpm_bios_log *log;
>>   	u32 size;
>>   	u64 base;
>> +	int ret;
>>   
>>   	log = &chip->log;
>>   	if (chip->dev.parent && chip->dev.parent->of_node)
>> @@ -35,30 +35,9 @@ int tpm_read_log_of(struct tpm_chip *chip)
>>   	if (of_property_read_bool(np, "powered-while-suspended"))
>>   		chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
>>   
>> -	sizep = of_get_property(np, "linux,sml-size", NULL);
>> -	basep = of_get_property(np, "linux,sml-base", NULL);
>> -	if (sizep == NULL && basep == NULL)
>> -		return -ENODEV;
>> -	if (sizep == NULL || basep == NULL)
>> -		return -EIO;
>> -
>> -	/*
>> -	 * For both vtpm/tpm, firmware has log addr and log size in big
>> -	 * endian format. But in case of vtpm, there is a method called
>> -	 * sml-handover which is run during kernel init even before
>> -	 * device tree is setup. This sml-handover function takes care
>> -	 * of endianness and writes to sml-base and sml-size in little
>> -	 * endian format. For this reason, vtpm doesn't need conversion
>> -	 * but physical tpm needs the conversion.
>> -	 */


Jarkko,

  can I apply your R-b tag after putting this lost comment back into the 
inline function?
    Stefan

>> -	if (of_property_match_string(np, "compatible", "IBM,vtpm") < 0 &&
>> -	    of_property_match_string(np, "compatible", "IBM,vtpm20") < 0) {
>> -		size = be32_to_cpup((__force __be32 *)sizep);
>> -		base = be64_to_cpup((__force __be64 *)basep);
>> -	} else {
>> -		size = *sizep;
>> -		base = *basep;
>> -	}
>> +	ret = of_tpm_get_sml_parameters(np, &base, &size);
>> +	if (ret < 0)
>> +		return ret;
>>   
>>   	if (size == 0) {
>>   		dev_warn(&chip->dev, "%s: Event log area empty\n", __func__);
>> diff --git a/include/linux/tpm.h b/include/linux/tpm.h
>> index dfeb25a0362d..b3dff255bc58 100644
>> --- a/include/linux/tpm.h
>> +++ b/include/linux/tpm.h
>> @@ -460,4 +460,31 @@ static inline struct tpm_chip *tpm_default_chip(void)
>>   	return NULL;
>>   }
>>   #endif
>> +
>> +#ifdef CONFIG_OF
>> +static inline int of_tpm_get_sml_parameters(struct device_node *np,
>> +					    u64 *base, u32 *size)
>> +{
>> +	const u32 *sizep;
>> +	const u64 *basep;
>> +
>> +	sizep = of_get_property(np, "linux,sml-size", NULL);
>> +	basep = of_get_property(np, "linux,sml-base", NULL);
>> +	if (sizep == NULL && basep == NULL)
>> +		return -ENODEV;
>> +	if (sizep == NULL || basep == NULL)
>> +		return -EIO;
>> +
>> +	if (of_property_match_string(np, "compatible", "IBM,vtpm") < 0 &&
>> +	    of_property_match_string(np, "compatible", "IBM,vtpm20") < 0) {
>> +		*size = be32_to_cpup((__force __be32 *)sizep);
>> +		*base = be64_to_cpup((__force __be64 *)basep);
>> +	} else {
>> +		*size = *sizep;
>> +		*base = *basep;
>> +	}
>> +	return 0;
>> +}
>> +#endif
>> +
>>   #endif
>> -- 
>> 2.35.1
>>
> 
> 
> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
> 
> BR, Jarkko
> 
> _______________________________________________
> kexec mailing list
> kexec@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/kexec
Jarkko Sakkinen July 28, 2022, 7:40 a.m. UTC | #3 
On Fri, Jul 15, 2022 at 12:01:36PM -0400, Stefan Berger wrote:
> 
> 
> On 7/10/22 23:04, Jarkko Sakkinen wrote:
> > On Wed, Jul 06, 2022 at 11:23:27AM -0400, Stefan Berger wrote:
> > > Simplify tpm_read_log_of() by moving reusable parts of the code into
> > > an inline function that makes it commonly available so it can be
> > > used also for kexec support. Call the new of_tpm_get_sml_parameters()
> > > function from the TPM Open Firmware driver.
> > > 
> > > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> > > Cc: Jarkko Sakkinen <jarkko@kernel.org>
> > > Cc: Jason Gunthorpe <jgg@ziepe.ca>
> > > Cc: Rob Herring <robh+dt@kernel.org>
> > > Cc: Frank Rowand <frowand.list@gmail.com>
> > > 
> > > ---
> > > v4:
> > >   - converted to inline function
> > > ---
> > >   drivers/char/tpm/eventlog/of.c | 31 +++++--------------------------
> > >   include/linux/tpm.h            | 27 +++++++++++++++++++++++++++
> > >   2 files changed, 32 insertions(+), 26 deletions(-)
> > > 
> > > diff --git a/drivers/char/tpm/eventlog/of.c b/drivers/char/tpm/eventlog/of.c
> > > index a9ce66d09a75..f9462d19632e 100644
> > > --- a/drivers/char/tpm/eventlog/of.c
> > > +++ b/drivers/char/tpm/eventlog/of.c
> > > @@ -12,6 +12,7 @@
> > >   #include <linux/slab.h>
> > >   #include <linux/of.h>
> > > +#include <linux/tpm.h>
> > >   #include <linux/tpm_eventlog.h>
> > >   #include "../tpm.h"
> > > @@ -20,11 +21,10 @@
> > >   int tpm_read_log_of(struct tpm_chip *chip)
> > >   {
> > >   	struct device_node *np;
> > > -	const u32 *sizep;
> > > -	const u64 *basep;
> > >   	struct tpm_bios_log *log;
> > >   	u32 size;
> > >   	u64 base;
> > > +	int ret;
> > >   	log = &chip->log;
> > >   	if (chip->dev.parent && chip->dev.parent->of_node)
> > > @@ -35,30 +35,9 @@ int tpm_read_log_of(struct tpm_chip *chip)
> > >   	if (of_property_read_bool(np, "powered-while-suspended"))
> > >   		chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
> > > -	sizep = of_get_property(np, "linux,sml-size", NULL);
> > > -	basep = of_get_property(np, "linux,sml-base", NULL);
> > > -	if (sizep == NULL && basep == NULL)
> > > -		return -ENODEV;
> > > -	if (sizep == NULL || basep == NULL)
> > > -		return -EIO;
> > > -
> > > -	/*
> > > -	 * For both vtpm/tpm, firmware has log addr and log size in big
> > > -	 * endian format. But in case of vtpm, there is a method called
> > > -	 * sml-handover which is run during kernel init even before
> > > -	 * device tree is setup. This sml-handover function takes care
> > > -	 * of endianness and writes to sml-base and sml-size in little
> > > -	 * endian format. For this reason, vtpm doesn't need conversion
> > > -	 * but physical tpm needs the conversion.
> > > -	 */
> 
> 
> Jarkko,
> 
>  can I apply your R-b tag after putting this lost comment back into the
> inline function?
>    Stefan

If there's a change I want to see the updated patch first.

BR, Jarkko