2 * Copyright (C) 2005 IBM Corporation
5 * Seiji Munetoh <munetoh@jp.ibm.com>
6 * Stefan Berger <stefanb@us.ibm.com>
7 * Reiner Sailer <sailer@watson.ibm.com>
8 * Kylene Hall <kjhall@us.ibm.com>
10 * Access to the eventlog extended by the TCG BIOS of PC platform
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version
15 * 2 of the License, or (at your option) any later version.
19 #include <linux/seq_file.h>
21 #include <linux/security.h>
22 #include <linux/module.h>
23 #include <acpi/acpi.h>
24 #include <acpi/actypes.h>
25 #include <acpi/actbl.h>
28 #define TCG_EVENT_NAME_LEN_MAX 255
29 #define MAX_TEXT_EVENT 1000 /* Max event string length */
30 #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
33 struct acpi_table_header hdr;
35 u32 log_max_len __attribute__ ((packed));
36 u32 log_start_addr __attribute__ ((packed));
42 u8 pcr_value[20]; /* SHA1 */
47 enum tcpa_event_types {
58 PLATFORM_CONFIG_FLAGS,
68 static const char* tcpa_event_type_strings[] = {
79 "Platform Config Flags",
89 enum tcpa_pc_event_ids {
104 static const char* tcpa_pc_event_id_strings[] = {
114 "Option ROM microcode",
117 "S-CRTM POST Contents",
120 /* (Binary) bios measurement buffer */
121 static void *tcg_eventlog;
122 static void *tcg_eventlog_addr_limit; /* MAX */
124 /* returns pointer to start of pos. entry of tcg log */
125 static void *tpm_bios_measurements_start(struct seq_file *m, loff_t *pos)
128 void *addr = tcg_eventlog;
129 struct tcpa_event *event;
131 /* read over *pos measurements */
132 for (i = 0; i < *pos; i++) {
135 if ((addr + sizeof(struct tcpa_event)) <
136 tcg_eventlog_addr_limit) {
137 if (event->event_type == 0 && event->event_size == 0)
140 sizeof(struct tcpa_event) + event->event_size;
144 /* now check if current entry is valid */
145 if ((addr + sizeof(struct tcpa_event)) >= tcg_eventlog_addr_limit)
150 if ((event->event_type == 0 && event->event_size == 0) ||
151 ((addr + sizeof(struct tcpa_event) + event->event_size) >=
152 tcg_eventlog_addr_limit))
158 static void *tpm_bios_measurements_next(struct seq_file *m, void *v,
161 struct tcpa_event *event = v;
163 v += sizeof(struct tcpa_event) + event->event_size;
165 /* now check if current entry is valid */
166 if ((v + sizeof(struct tcpa_event)) >= tcg_eventlog_addr_limit)
171 if (event->event_type == 0 && event->event_size == 0)
174 if ((event->event_type == 0 && event->event_size == 0) ||
175 ((v + sizeof(struct tcpa_event) + event->event_size) >=
176 tcg_eventlog_addr_limit))
183 static void tpm_bios_measurements_stop(struct seq_file *m, void *v)
187 static int get_event_name(char *dest, struct tcpa_event *event,
188 unsigned char * event_entry)
190 const char *name = "";
192 int i, n_len = 0, d_len = 0;
193 u32 event_id, event_data_size;
195 switch(event->event_type) {
203 case PLATFORM_CONFIG_FLAGS:
204 case TABLE_OF_DEVICES:
207 case IPL_PARTITION_DATA:
211 name = tcpa_event_type_strings[event->event_type];
212 n_len = strlen(name);
216 if (MAX_TEXT_EVENT > event->event_size) {
218 n_len = event->event_size;
222 event_id = be32_to_cpu(event_entry);
223 event_data_size = be32_to_cpu(&event_entry[4]);
225 /* ToDo Row data -> Base64 */
232 case OPTION_ROM_EXEC:
233 case OPTION_ROM_CONFIG:
234 case OPTION_ROM_MICROCODE:
236 case S_CRTM_CONTENTS:
238 name = tcpa_pc_event_id_strings[event_id];
239 n_len = strlen(name);
243 name = tcpa_pc_event_id_strings[event_id];
244 n_len = strlen(name);
245 for (i = 0; i < 20; i++)
246 d_len += sprintf(data, "%02x",
256 return snprintf(dest, MAX_TEXT_EVENT, "[%.*s%.*s]",
257 n_len, name, d_len, data);
261 static int tpm_binary_bios_measurements_show(struct seq_file *m, void *v)
268 struct tcpa_event *event = (struct tcpa_event *) v;
269 unsigned char *event_entry =
270 (unsigned char *) (v + sizeof(struct tcpa_event));
272 eventname = kmalloc(MAX_TEXT_EVENT, GFP_KERNEL);
274 printk(KERN_ERR "%s: ERROR - No Memory for event name\n ",
279 /* 1st: PCR used is in little-endian format (4 bytes) */
280 help = le32_to_cpu(event->pcr_index);
281 memcpy(data, &help, 4);
282 for (i = 0; i < 4; i++)
283 seq_putc(m, data[i]);
285 /* 2nd: SHA1 (20 bytes) */
286 for (i = 0; i < 20; i++)
287 seq_putc(m, event->pcr_value[i]);
289 /* 3rd: event type identifier (4 bytes) */
290 help = le32_to_cpu(event->event_type);
291 memcpy(data, &help, 4);
292 for (i = 0; i < 4; i++)
293 seq_putc(m, data[i]);
297 len += get_event_name(eventname, event, event_entry);
299 /* 4th: filename <= 255 + \'0' delimiter */
300 if (len > TCG_EVENT_NAME_LEN_MAX)
301 len = TCG_EVENT_NAME_LEN_MAX;
303 for (i = 0; i < len; i++)
304 seq_putc(m, eventname[i]);
312 static int tpm_bios_measurements_release(struct inode *inode,
319 return seq_release(inode, file);
322 static int tpm_ascii_bios_measurements_show(struct seq_file *m, void *v)
327 struct tcpa_event *event = v;
328 unsigned char *event_entry =
329 (unsigned char *) (v + sizeof(struct tcpa_event));
331 eventname = kmalloc(MAX_TEXT_EVENT, GFP_KERNEL);
333 printk(KERN_ERR "%s: ERROR - No Memory for event name\n ",
338 seq_printf(m, "%2d ", event->pcr_index);
341 for (i = 0; i < 20; i++)
342 seq_printf(m, "%02x", event->pcr_value[i]);
344 /* 3rd: event type identifier */
345 seq_printf(m, " %02x", event->event_type);
347 len += get_event_name(eventname, event, event_entry);
349 /* 4th: eventname <= max + \'0' delimiter */
350 seq_printf(m, " %s\n", eventname);
355 static struct seq_operations tpm_ascii_b_measurments_seqops = {
356 .start = tpm_bios_measurements_start,
357 .next = tpm_bios_measurements_next,
358 .stop = tpm_bios_measurements_stop,
359 .show = tpm_ascii_bios_measurements_show,
362 static struct seq_operations tpm_binary_b_measurments_seqops = {
363 .start = tpm_bios_measurements_start,
364 .next = tpm_bios_measurements_next,
365 .stop = tpm_bios_measurements_stop,
366 .show = tpm_binary_bios_measurements_show,
369 /* read binary bios log */
370 static int read_log(void)
372 struct acpi_tcpa *buff;
376 if (tcg_eventlog != NULL) {
378 "%s: ERROR - Eventlog already initialized\n",
383 /* Find TCPA entry in RSDT (ACPI_LOGICAL_ADDRESSING) */
384 status = acpi_get_firmware_table(ACPI_TCPA_SIG, 1,
385 ACPI_LOGICAL_ADDRESSING,
386 (struct acpi_table_header **)
389 if (ACPI_FAILURE(status)) {
390 printk(KERN_ERR "%s: ERROR - Could not get TCPA table\n",
395 if (buff->log_max_len == 0) {
396 printk(KERN_ERR "%s: ERROR - TCPA log area empty\n",
401 /* malloc EventLog space */
402 tcg_eventlog = kmalloc(buff->log_max_len, GFP_KERNEL);
405 ("%s: ERROR - Not enough Memory for BIOS measurements\n",
410 tcg_eventlog_addr_limit = tcg_eventlog + buff->log_max_len;
412 acpi_os_map_memory(buff->log_start_addr, buff->log_max_len, &virt);
414 memcpy(tcg_eventlog, virt, buff->log_max_len);
416 acpi_os_unmap_memory(virt, buff->log_max_len);
420 static int tpm_ascii_bios_measurements_open(struct inode *inode,
425 if ((err = read_log()))
428 /* now register seq file */
429 return seq_open(file, &tpm_ascii_b_measurments_seqops);
432 struct file_operations tpm_ascii_bios_measurements_ops = {
433 .open = tpm_ascii_bios_measurements_open,
436 .release = tpm_bios_measurements_release,
439 static int tpm_binary_bios_measurements_open(struct inode *inode,
444 if ((err = read_log()))
447 /* now register seq file */
448 return seq_open(file, &tpm_binary_b_measurments_seqops);
451 struct file_operations tpm_binary_bios_measurements_ops = {
452 .open = tpm_binary_bios_measurements_open,
455 .release = tpm_bios_measurements_release,
458 struct dentry **tpm_bios_log_setup(char *name)
460 struct dentry **ret = NULL, *tpm_dir, *bin_file, *ascii_file;
462 tpm_dir = securityfs_create_dir(name, NULL);
467 securityfs_create_file("binary_bios_measurements",
468 S_IRUSR | S_IRGRP, tpm_dir, NULL,
469 &tpm_binary_bios_measurements_ops);
474 securityfs_create_file("ascii_bios_measurements",
475 S_IRUSR | S_IRGRP, tpm_dir, NULL,
476 &tpm_ascii_bios_measurements_ops);
480 ret = kmalloc(3 * sizeof(struct dentry *), GFP_KERNEL);
491 securityfs_remove(ascii_file);
493 securityfs_remove(bin_file);
495 securityfs_remove(tpm_dir);
499 EXPORT_SYMBOL_GPL(tpm_bios_log_setup);
501 void tpm_bios_log_teardown(struct dentry **lst)
505 for (i = 0; i < 3; i++)
506 securityfs_remove(lst[i]);
508 EXPORT_SYMBOL_GPL(tpm_bios_log_teardown);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob