diff options
| author | Miriam Polzer <mpolzer@google.com> | 2021-11-10 12:45:28 +0100 |
|---|---|---|
| committer | Julius Werner <jwerner@chromium.org> | 2021-11-19 17:19:50 +0000 |
| commit | 7dce19080889955576f8fd197658077aced96a96 (patch) | |
| tree | 5a5d77ed9239cc7e1504d9d9293203770b2cffda /src/security | |
| parent | bef23d1f79bffbec472e1ea832eac4902c5a3d8a (diff) | |
| download | coreboot-7dce19080889955576f8fd197658077aced96a96.tar.gz coreboot-7dce19080889955576f8fd197658077aced96a96.tar.bz2 coreboot-7dce19080889955576f8fd197658077aced96a96.zip | |
security/vboot: Add NVRAM counter for TPM 2.0
Create an NVRAM counter in TPM 2.0 that survives owner clear and can be
read and written without authorization. This counter allows to seal data
with the TPM that can only be unsealed before the counter was
incremented. It will be used during Chrome OS rollback to securely carry
data across a TPM clear.
Signed-off-by: Miriam Polzer <mpolzer@google.com>
Change-Id: I511dba3b3461713ce20fb2bda9fced0fee6517e1
Reviewed-on: https://review.coreboot.org/c/coreboot/+/59097
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat (limited to 'src/security')
| -rw-r--r-- | src/security/vboot/antirollback.h | 1 | ||||
| -rw-r--r-- | src/security/vboot/secdata_tpm.c | 28 |
2 files changed, 29 insertions, 0 deletions
diff --git a/src/security/vboot/antirollback.h b/src/security/vboot/antirollback.h index a208c046100f..2297762d36f6 100644 --- a/src/security/vboot/antirollback.h +++ b/src/security/vboot/antirollback.h @@ -28,6 +28,7 @@ enum vb2_pcr_digest; /* 0x100d: Hash of MRC_CACHE training data for non-recovery boot */ #define MRC_RW_HASH_NV_INDEX 0x100d #define HASH_NV_SIZE VB2_SHA256_DIGEST_SIZE +#define ENT_ROLLBACK_COUNTER_INDEX 0x100e /* Zero-Touch Enrollment related spaces */ #define ZTE_BOARD_ID_NV_INDEX 0x3fff00 #define ZTE_RMA_SN_BITS_INDEX 0x3fff01 diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index 0bc4f839feb7..47efe2dd0092 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -116,6 +116,17 @@ static const TPMA_NV rw_space_attributes = { .TPMA_NV_WRITE_STCLEAR = 1, }; +const static TPMA_NV rw_counter_attributes = { + .TPMA_NV_AUTHWRITE = 1, + .TPMA_NV_AUTHREAD = 1, + .TPMA_NV_PPREAD = 1, + .TPMA_NV_PPWRITE = 1, + .TPMA_NV_PLATFORMCREATE = 1, + .TPMA_NV_COUNTER = 1, + .TPMA_NV_NO_DA = 1, + .TPMA_NV_WRITE_STCLEAR = 1, +}; + static const TPMA_NV fwmp_attr = { .TPMA_NV_PLATFORMCREATE = 1, .TPMA_NV_OWNERWRITE = 1, @@ -330,6 +341,15 @@ static uint32_t setup_zte_spaces(void) return rv; } +static uint32_t enterprise_rollback_create_counter(void) +{ + /* + * No need to increment the counter to initialize, this can be done later. + */ + return tlcl_define_space(ENT_ROLLBACK_COUNTER_INDEX, /*size=*/8, + rw_counter_attributes, NULL, 0); +} + static uint32_t _factory_initialize_tpm(struct vb2_context *ctx) { RETURN_ON_FAILURE(tlcl_force_clear()); @@ -363,6 +383,14 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx) CONFIG(MAINBOARD_HAS_I2C_TPM_CR50)))) RETURN_ON_FAILURE(setup_zte_spaces()); + /* + * On TPM 2.0, create a counter that survives TPM clear. This allows to + * securely lock data during enterprise rollback by binding to this + * counter's value. + */ + if (CONFIG(CHROMEOS)) + RETURN_ON_FAILURE(enterprise_rollback_create_counter()); + RETURN_ON_FAILURE(setup_firmware_space(ctx)); return TPM_SUCCESS; |