tablet/grub - grub - Gitea: Git with a cup of tea.... and pages of fanfiction!

tablet/grub

Fork 0

Commit Graph

Author	SHA1	Message	Date
Gary Lin	d47d261ecd	tss2: Introduce grub_tcg2_cap_pcr() This commit introduces the definition of grub_tcg2_cap_pcr(), a new function designed to enhance the security of sealed keys. Its primary purpose is to "cap" a specific PCR by extending it with an EV_SEPARATOR event. This action cryptographically alters the PCR value, making it impossible to unseal any key that was previously sealed to the original PCR state. Consequently, the sealed key remains protected against unauthorized unsealing attempts until the associated PCRs are reset to their initial configuration, typically occurring during a subsequent system boot. Signed-off-by: Gary Lin <glin@suse.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>	2025-10-11 15:43:58 +02:00
Gary Lin	35c9904df4	tss2: Add TPM2 Software Stack (TSS2) support A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to compose and submit TPM commands and parse responses. A limited number of TPM commands may be accessed via the EFI TCG2 protocol. This protocol exposes functionality that is primarily geared toward TPM usage within the context of Secure Boot. For all other TPM commands, however, such as sealing and unsealing, this protocol does not provide any help, with the exception of passthrough command submission. The SubmitCommand method allows a caller to send raw commands to the system's TPM and to receive the corresponding response. These command/response pairs are formatted using the TPM wire protocol. To construct commands in this way, and to parse the TPM's response, it is necessary to, first, possess knowledge of the various TPM structures, and, second, of the TPM wire protocol itself. As such, this patch includes implementations of various grub_tpm2_* functions (inventoried below), and logic to write and read command and response buffers, respectively, using the TPM wire protocol. Functions: - grub_tpm2_create(), - grub_tpm2_createprimary(), - grub_tpm2_evictcontrol(), - grub_tpm2_flushcontext(), - grub_tpm2_load(), - grub_tpm2_pcr_read(), - grub_tpm2_policygetdigest(), - grub_tpm2_policypcr(), - grub_tpm2_readpublic(), - grub_tpm2_startauthsession(), - grub_tpm2_unseal(), - grub_tpm2_loadexternal(), - grub_tpm2_hash(), - grub_tpm2_verifysignature(), - grub_tpm2_policyauthorize(), - grub_tpm2_testparms(). Signed-off-by: Hernan Gatta <hegatta@linux.microsoft.com> Signed-off-by: Gary Lin <glin@suse.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com>	2024-11-28 21:50:55 +01:00

Author

SHA1

Message

Date

Gary Lin

d47d261ecd

tss2: Introduce grub_tcg2_cap_pcr()

This commit introduces the definition of grub_tcg2_cap_pcr(), a new
function designed to enhance the security of sealed keys. Its primary
purpose is to "cap" a specific PCR by extending it with an EV_SEPARATOR
event. This action cryptographically alters the PCR value, making it
impossible to unseal any key that was previously sealed to the original
PCR state. Consequently, the sealed key remains protected against
unauthorized unsealing attempts until the associated PCRs are reset to
their initial configuration, typically occurring during a subsequent
system boot.

Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

2025-10-11 15:43:58 +02:00

Gary Lin

35c9904df4

tss2: Add TPM2 Software Stack (TSS2) support

A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
compose and submit TPM commands and parse responses.

A limited number of TPM commands may be accessed via the EFI TCG2
protocol. This protocol exposes functionality that is primarily geared
toward TPM usage within the context of Secure Boot. For all other TPM
commands, however, such as sealing and unsealing, this protocol does not
provide any help, with the exception of passthrough command submission.

The SubmitCommand method allows a caller to send raw commands to the
system's TPM and to receive the corresponding response. These
command/response pairs are formatted using the TPM wire protocol. To
construct commands in this way, and to parse the TPM's response, it is
necessary to, first, possess knowledge of the various TPM structures, and,
second, of the TPM wire protocol itself.

As such, this patch includes implementations of various grub_tpm2_* functions
(inventoried below), and logic to write and read command and response
buffers, respectively, using the TPM wire protocol.

Functions:
  - grub_tpm2_create(),
  - grub_tpm2_createprimary(),
  - grub_tpm2_evictcontrol(),
  - grub_tpm2_flushcontext(),
  - grub_tpm2_load(),
  - grub_tpm2_pcr_read(),
  - grub_tpm2_policygetdigest(),
  - grub_tpm2_policypcr(),
  - grub_tpm2_readpublic(),
  - grub_tpm2_startauthsession(),
  - grub_tpm2_unseal(),
  - grub_tpm2_loadexternal(),
  - grub_tpm2_hash(),
  - grub_tpm2_verifysignature(),
  - grub_tpm2_policyauthorize(),
  - grub_tpm2_testparms().

Signed-off-by: Hernan Gatta <hegatta@linux.microsoft.com>
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>

2024-11-28 21:50:55 +01:00

2 Commits