2 * Copyright (C) 2005 IBM Corporation
5 * Seiji Munetoh <munetoh@jp.ibm.com>
6 * Stefan Berger <stefanb@us.ibm.com>
7 * Reiner Sailer <sailer@watson.ibm.com>
8 * Kylene Hall <kjhall@us.ibm.com>
10 * Access to the eventlog extended by the TCG BIOS of PC platform
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version
15 * 2 of the License, or (at your option) any later version.
19 #include <linux/seq_file.h>
21 #include <linux/security.h>
22 #include <linux/module.h>
23 #include <acpi/acpi.h>
24 #include <acpi/actypes.h>
25 #include <acpi/actbl.h>
28 #define TCG_EVENT_NAME_LEN_MAX 255
29 #define MAX_TEXT_EVENT 1000 /* Max event string length */
30 #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
32 enum bios_platform_class {
39 void *bios_event_log_end;
43 struct acpi_table_header hdr;
47 u32 log_max_len __attribute__ ((packed));
48 u64 log_start_addr __attribute__ ((packed));
52 u64 log_max_len __attribute__ ((packed));
53 u64 log_start_addr __attribute__ ((packed));
61 u8 pcr_value[20]; /* SHA1 */
66 enum tcpa_event_types {
77 PLATFORM_CONFIG_FLAGS,
87 static const char* tcpa_event_type_strings[] = {
98 "Platform Config Flags",
102 "IPL Partition Data",
108 struct tcpa_pc_event {
114 enum tcpa_pc_event_ids {
123 OPTION_ROM_MICROCODE = 10,
127 HOST_TABLE_OF_DEVICES,
130 static const char* tcpa_pc_event_id_strings[] = {
141 "Option ROM microcode ",
148 /* returns pointer to start of pos. entry of tcg log */
149 static void *tpm_bios_measurements_start(struct seq_file *m, loff_t *pos)
152 struct tpm_bios_log *log = m->private;
153 void *addr = log->bios_event_log;
154 void *limit = log->bios_event_log_end;
155 struct tcpa_event *event;
157 /* read over *pos measurements */
158 for (i = 0; i < *pos; i++) {
161 if ((addr + sizeof(struct tcpa_event)) < limit) {
162 if (event->event_type == 0 && event->event_size == 0)
164 addr += sizeof(struct tcpa_event) + event->event_size;
168 /* now check if current entry is valid */
169 if ((addr + sizeof(struct tcpa_event)) >= limit)
174 if ((event->event_type == 0 && event->event_size == 0) ||
175 ((addr + sizeof(struct tcpa_event) + event->event_size) >= limit))
181 static void *tpm_bios_measurements_next(struct seq_file *m, void *v,
184 struct tcpa_event *event = v;
185 struct tpm_bios_log *log = m->private;
186 void *limit = log->bios_event_log_end;
188 v += sizeof(struct tcpa_event) + event->event_size;
190 /* now check if current entry is valid */
191 if ((v + sizeof(struct tcpa_event)) >= limit)
196 if (event->event_type == 0 && event->event_size == 0)
199 if ((event->event_type == 0 && event->event_size == 0) ||
200 ((v + sizeof(struct tcpa_event) + event->event_size) >= limit))
207 static void tpm_bios_measurements_stop(struct seq_file *m, void *v)
211 static int get_event_name(char *dest, struct tcpa_event *event,
212 unsigned char * event_entry)
214 const char *name = "";
216 int i, n_len = 0, d_len = 0;
217 struct tcpa_pc_event *pc_event;
219 switch(event->event_type) {
227 case PLATFORM_CONFIG_FLAGS:
228 case TABLE_OF_DEVICES:
231 case IPL_PARTITION_DATA:
235 name = tcpa_event_type_strings[event->event_type];
236 n_len = strlen(name);
240 if (MAX_TEXT_EVENT > event->event_size) {
242 n_len = event->event_size;
246 pc_event = (struct tcpa_pc_event *)event_entry;
248 /* ToDo Row data -> Base64 */
250 switch (pc_event->event_id) {
255 case OPTION_ROM_EXEC:
256 case OPTION_ROM_CONFIG:
258 name = tcpa_pc_event_id_strings[pc_event->event_id];
259 n_len = strlen(name);
264 case OPTION_ROM_MICROCODE:
265 case S_CRTM_CONTENTS:
267 name = tcpa_pc_event_id_strings[pc_event->event_id];
268 n_len = strlen(name);
269 for (i = 0; i < 20; i++)
270 d_len += sprintf(&data[2*i], "%02x",
271 pc_event->event_data[i]);
280 return snprintf(dest, MAX_TEXT_EVENT, "[%.*s%.*s]",
281 n_len, name, d_len, data);
285 static int tpm_binary_bios_measurements_show(struct seq_file *m, void *v)
292 struct tcpa_event *event = (struct tcpa_event *) v;
293 unsigned char *event_entry =
294 (unsigned char *) (v + sizeof(struct tcpa_event));
296 eventname = kmalloc(MAX_TEXT_EVENT, GFP_KERNEL);
298 printk(KERN_ERR "%s: ERROR - No Memory for event name\n ",
303 /* 1st: PCR used is in little-endian format (4 bytes) */
304 help = le32_to_cpu(event->pcr_index);
305 memcpy(data, &help, 4);
306 for (i = 0; i < 4; i++)
307 seq_putc(m, data[i]);
309 /* 2nd: SHA1 (20 bytes) */
310 for (i = 0; i < 20; i++)
311 seq_putc(m, event->pcr_value[i]);
313 /* 3rd: event type identifier (4 bytes) */
314 help = le32_to_cpu(event->event_type);
315 memcpy(data, &help, 4);
316 for (i = 0; i < 4; i++)
317 seq_putc(m, data[i]);
321 len += get_event_name(eventname, event, event_entry);
323 /* 4th: filename <= 255 + \'0' delimiter */
324 if (len > TCG_EVENT_NAME_LEN_MAX)
325 len = TCG_EVENT_NAME_LEN_MAX;
327 for (i = 0; i < len; i++)
328 seq_putc(m, eventname[i]);
337 static int tpm_bios_measurements_release(struct inode *inode,
340 struct seq_file *seq = file->private_data;
341 struct tpm_bios_log *log = seq->private;
344 kfree(log->bios_event_log);
348 return seq_release(inode, file);
351 static int tpm_ascii_bios_measurements_show(struct seq_file *m, void *v)
356 struct tcpa_event *event = v;
357 unsigned char *event_entry =
358 (unsigned char *) (v + sizeof(struct tcpa_event));
360 eventname = kmalloc(MAX_TEXT_EVENT, GFP_KERNEL);
362 printk(KERN_ERR "%s: ERROR - No Memory for event name\n ",
367 seq_printf(m, "%2d ", event->pcr_index);
370 for (i = 0; i < 20; i++)
371 seq_printf(m, "%02x", event->pcr_value[i]);
373 /* 3rd: event type identifier */
374 seq_printf(m, " %02x", event->event_type);
376 len += get_event_name(eventname, event, event_entry);
378 /* 4th: eventname <= max + \'0' delimiter */
379 seq_printf(m, " %s\n", eventname);
385 static struct seq_operations tpm_ascii_b_measurments_seqops = {
386 .start = tpm_bios_measurements_start,
387 .next = tpm_bios_measurements_next,
388 .stop = tpm_bios_measurements_stop,
389 .show = tpm_ascii_bios_measurements_show,
392 static struct seq_operations tpm_binary_b_measurments_seqops = {
393 .start = tpm_bios_measurements_start,
394 .next = tpm_bios_measurements_next,
395 .stop = tpm_bios_measurements_stop,
396 .show = tpm_binary_bios_measurements_show,
399 /* read binary bios log */
400 static int read_log(struct tpm_bios_log *log)
402 struct acpi_tcpa *buff;
404 struct acpi_table_header *virt;
407 if (log->bios_event_log != NULL) {
409 "%s: ERROR - Eventlog already initialized\n",
414 /* Find TCPA entry in RSDT (ACPI_LOGICAL_ADDRESSING) */
415 status = acpi_get_firmware_table(ACPI_TCPA_SIG, 1,
416 ACPI_LOGICAL_ADDRESSING,
417 (struct acpi_table_header **)
420 if (ACPI_FAILURE(status)) {
421 printk(KERN_ERR "%s: ERROR - Could not get TCPA table\n",
426 switch(buff->platform_class) {
428 len = buff->server.log_max_len;
429 start = buff->server.log_start_addr;
433 len = buff->client.log_max_len;
434 start = buff->client.log_start_addr;
438 printk(KERN_ERR "%s: ERROR - TCPA log area empty\n", __func__);
442 /* malloc EventLog space */
443 log->bios_event_log = kmalloc(len, GFP_KERNEL);
444 if (!log->bios_event_log) {
445 printk("%s: ERROR - Not enough Memory for BIOS measurements\n",
450 log->bios_event_log_end = log->bios_event_log + len;
452 acpi_os_map_memory(start, len, (void *) &virt);
454 memcpy(log->bios_event_log, virt, len);
456 acpi_os_unmap_memory(virt, len);
460 static int tpm_ascii_bios_measurements_open(struct inode *inode,
464 struct tpm_bios_log *log;
465 struct seq_file *seq;
467 log = kzalloc(sizeof(struct tpm_bios_log), GFP_KERNEL);
471 if ((err = read_log(log)))
474 /* now register seq file */
475 err = seq_open(file, &tpm_ascii_b_measurments_seqops);
477 seq = file->private_data;
480 kfree(log->bios_event_log);
486 struct file_operations tpm_ascii_bios_measurements_ops = {
487 .open = tpm_ascii_bios_measurements_open,
490 .release = tpm_bios_measurements_release,
493 static int tpm_binary_bios_measurements_open(struct inode *inode,
497 struct tpm_bios_log *log;
498 struct seq_file *seq;
500 log = kzalloc(sizeof(struct tpm_bios_log), GFP_KERNEL);
504 if ((err = read_log(log)))
507 /* now register seq file */
508 err = seq_open(file, &tpm_binary_b_measurments_seqops);
510 seq = file->private_data;
513 kfree(log->bios_event_log);
519 struct file_operations tpm_binary_bios_measurements_ops = {
520 .open = tpm_binary_bios_measurements_open,
523 .release = tpm_bios_measurements_release,
526 static int is_bad(void *p)
530 if (IS_ERR(p) && (PTR_ERR(p) != -ENODEV))
535 struct dentry **tpm_bios_log_setup(char *name)
537 struct dentry **ret = NULL, *tpm_dir, *bin_file, *ascii_file;
539 tpm_dir = securityfs_create_dir(name, NULL);
544 securityfs_create_file("binary_bios_measurements",
545 S_IRUSR | S_IRGRP, tpm_dir, NULL,
546 &tpm_binary_bios_measurements_ops);
547 if (is_bad(bin_file))
551 securityfs_create_file("ascii_bios_measurements",
552 S_IRUSR | S_IRGRP, tpm_dir, NULL,
553 &tpm_ascii_bios_measurements_ops);
554 if (is_bad(ascii_file))
557 ret = kmalloc(3 * sizeof(struct dentry *), GFP_KERNEL);
568 securityfs_remove(ascii_file);
570 securityfs_remove(bin_file);
572 securityfs_remove(tpm_dir);
576 EXPORT_SYMBOL_GPL(tpm_bios_log_setup);
578 void tpm_bios_log_teardown(struct dentry **lst)
582 for (i = 0; i < 3; i++)
583 securityfs_remove(lst[i]);
585 EXPORT_SYMBOL_GPL(tpm_bios_log_teardown);
586 MODULE_LICENSE("GPL");