lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <46609f9a-8451-4961-b307-a13512bbd92d@amd.com>
Date: Mon, 4 Nov 2024 14:51:43 +1100
From: Alexey Kardashevskiy <aik@....com>
To: Cedric Xing <cedric.xing@...el.com>,
 Dan Williams <dan.j.williams@...el.com>, Samuel Ortiz <sameo@...osinc.com>,
 James Bottomley <James.Bottomley@...senPartnership.com>,
 Lukas Wunner <lukas@...ner.de>, Dionna Amalie Glaze
 <dionnaglaze@...gle.com>, Qinkun Bao <qinkun@...gle.com>,
 Mikko Ylinen <mikko.ylinen@...ux.intel.com>,
 Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@...ux.intel.com>
Cc: linux-kernel@...r.kernel.org, linux-coco@...ts.linux.dev
Subject: Re: [PATCH RFC v2 1/2] tsm: Add TVM Measurement Register Support

On 1/11/24 03:50, Cedric Xing wrote:
> This commit extends the TSM core with support for CC measurement registers
> (MRs).
> 
> The newly added APIs are:
> 
> - `tsm_register_measurement(struct tsm_measurement *)`
>    This function allows a CC guest driver to register a set of measurement
>    registers with the TSM core.
> - `tsm_unregister_measurement(struct tsm_measurement *)`:
>    This function enables a CC guest driver to unregister a previously registered
>    set of measurement registers.
> 
> `struct tsm_measurement` has been defined to encapsulate the details of
> CC-specific MRs. It includes an array of `struct tsm_measurement_register`s and
> provides operations for reading and updating these registers. For a
> comprehensive understanding of the structure and its usage, refer to the
> detailed comments added in `include/linux/tsm.h`.
> 
> Upon successful registration of a measurement provider, the TSM core exposes
> the MRs through a directory tree in the sysfs filesystem. The root of this tree
> is located at `/sys/kernel/tsm/<MR provider>/`, with `<MR provider>` being the
> name of the measurement provider. Each MR is made accessible as either a
> file or a directory, named after the MR itself. In the former case, the file
> content is the MR value, while in the latter case there will be two files in
> the directory: `digest` and `hash_algo`. The purpose and content of these files
> are self-explanatory.
> 
> Signed-off-by: Cedric Xing <cedric.xing@...el.com>
> ---
>   drivers/virt/coco/Kconfig               |   3 +-
>   drivers/virt/coco/Makefile              |   2 +
>   drivers/virt/coco/{tsm.c => tsm-core.c} |  26 ++-
>   drivers/virt/coco/tsm-mr.c              | 374 ++++++++++++++++++++++++++++++++
>   4 files changed, 394 insertions(+), 11 deletions(-)
> 
> diff --git a/drivers/virt/coco/Kconfig b/drivers/virt/coco/Kconfig
> index d9ff676bf48d..0609622cbcb9 100644
> --- a/drivers/virt/coco/Kconfig
> +++ b/drivers/virt/coco/Kconfig
> @@ -5,7 +5,8 @@
>   
>   config TSM_REPORTS
>   	select CONFIGFS_FS
> -	tristate
> +	select CRYPTO_HASH_INFO
> +	tristate "Trusted Security Module (TSM) sysfs/configfs support"
>   
>   source "drivers/virt/coco/efi_secret/Kconfig"
>   
> diff --git a/drivers/virt/coco/Makefile b/drivers/virt/coco/Makefile
> index b69c30c1c720..8192d78dff61 100644
> --- a/drivers/virt/coco/Makefile
> +++ b/drivers/virt/coco/Makefile
> @@ -2,6 +2,8 @@
>   #
>   # Confidential computing related collateral
>   #
> +tsm-y				+= tsm-core.o tsm-mr.o
> +
>   obj-$(CONFIG_TSM_REPORTS)	+= tsm.o
>   obj-$(CONFIG_EFI_SECRET)	+= efi_secret/
>   obj-$(CONFIG_ARM_PKVM_GUEST)	+= pkvm-guest/
> diff --git a/drivers/virt/coco/tsm.c b/drivers/virt/coco/tsm-core.c
> similarity index 95%
> rename from drivers/virt/coco/tsm.c
> rename to drivers/virt/coco/tsm-core.c
> index 9432d4e303f1..92e961f21507 100644
> --- a/drivers/virt/coco/tsm.c
> +++ b/drivers/virt/coco/tsm-core.c
> @@ -1,8 +1,6 @@
>   // SPDX-License-Identifier: GPL-2.0-only
>   /* Copyright(c) 2023 Intel Corporation. All rights reserved. */
>   
> -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> -

Why remove it?

>   #include <linux/tsm.h>
>   #include <linux/err.h>
>   #include <linux/slab.h>
> @@ -166,8 +164,9 @@ static ssize_t tsm_report_service_guid_store(struct config_item *cfg,
>   }
>   CONFIGFS_ATTR_WO(tsm_report_, service_guid);
>   
> -static ssize_t tsm_report_service_manifest_version_store(struct config_item *cfg,
> -							 const char *buf, size_t len)
> +static ssize_t
> +tsm_report_service_manifest_version_store(struct config_item *cfg,
> +					  const char *buf, size_t len)

Unrelated change usually goes to a separate preparation patch, otherwise 
too much noise.


>   {
>   	struct tsm_report *report = to_tsm_report(cfg);
>   	unsigned int val;
> @@ -187,8 +186,8 @@ static ssize_t tsm_report_service_manifest_version_store(struct config_item *cfg
>   }
>   CONFIGFS_ATTR_WO(tsm_report_, service_manifest_version);
>   
> -static ssize_t tsm_report_inblob_write(struct config_item *cfg,
> -				       const void *buf, size_t count)
> +static ssize_t tsm_report_inblob_write(struct config_item *cfg, const void *buf,
> +				       size_t count)

Unrelated change here and below.

>   {
>   	struct tsm_report *report = to_tsm_report(cfg);
>   	int rc;
> @@ -341,7 +340,8 @@ static struct configfs_attribute *tsm_report_attrs[] = {
>   	[TSM_REPORT_PRIVLEVEL_FLOOR] = &tsm_report_attr_privlevel_floor,
>   	[TSM_REPORT_SERVICE_PROVIDER] = &tsm_report_attr_service_provider,
>   	[TSM_REPORT_SERVICE_GUID] = &tsm_report_attr_service_guid,
> -	[TSM_REPORT_SERVICE_MANIFEST_VER] = &tsm_report_attr_service_manifest_version,
> +	[TSM_REPORT_SERVICE_MANIFEST_VER] =
> +		&tsm_report_attr_service_manifest_version,
>   	NULL,
>   };
>   
> @@ -383,7 +383,8 @@ static bool tsm_report_is_visible(struct config_item *item,
>   }
>   
>   static bool tsm_report_is_bin_visible(struct config_item *item,
> -				      struct configfs_bin_attribute *attr, int n)
> +				      struct configfs_bin_attribute *attr,
> +				      int n)
>   {
>   	guard(rwsem_read)(&tsm_rwsem);
>   	if (!provider.ops)
> @@ -478,6 +479,9 @@ EXPORT_SYMBOL_GPL(tsm_unregister);
>   
>   static struct config_group *tsm_report_group;
>   
> +extern int tsm_mr_init(void);
> +extern void tsm_mr_exit(void);
> +
>   static int __init tsm_init(void)
>   {
>   	struct config_group *root = &tsm_configfs.su_group;
> @@ -497,16 +501,18 @@ static int __init tsm_init(void)
>   	}
>   	tsm_report_group = tsm;
>   
> -	return 0;
> +	return tsm_mr_init();
>   }
>   module_init(tsm_init);
>   
>   static void __exit tsm_exit(void)
>   {
> +	tsm_mr_exit();
>   	configfs_unregister_default_group(tsm_report_group);
>   	configfs_unregister_subsystem(&tsm_configfs);
>   }
>   module_exit(tsm_exit);
>   
>   MODULE_LICENSE("GPL");
> -MODULE_DESCRIPTION("Provide Trusted Security Module attestation reports via configfs");
> +MODULE_DESCRIPTION(
> +	"Provide Trusted Security Module attestation reports via configfs");


Seems unrelated.

> diff --git a/drivers/virt/coco/tsm-mr.c b/drivers/virt/coco/tsm-mr.c
> new file mode 100644
> index 000000000000..a84e923a7782
> --- /dev/null
> +++ b/drivers/virt/coco/tsm-mr.c
> @@ -0,0 +1,374 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +/* Copyright(c) 2024 Intel Corporation. All rights reserved. */
> +
> +#include <linux/tsm.h>
> +#include <linux/shmem_fs.h>
> +#include <linux/ctype.h>
> +#include <crypto/hash_info.h>
> +#include <crypto/hash.h>
> +
> +int tsm_mr_init(void);
> +void tsm_mr_exit(void);

These two should go to drivers/virt/coco/tsm-mr.h, along with 
tsm_measurement_register and other TSM_MR_F_*.

> +
> +enum _mrdir_bin_attr_index {

Why do so many things have "_" prefix in this file?

> +	_MRDIR_BA_DIGEST,
> +	_MRDIR_BA__COUNT,

One underscore would do.

> +};
> +
> +struct _mrdir {
> +	struct kobject kobj;
> +	struct bin_attribute battrs[_MRDIR_BA__COUNT];
> +};
> +
> +struct _mr_provider {
> +	struct kset kset;
> +	struct rw_semaphore rwsem;
> +	struct bin_attribute *mrfiles;
> +	struct tsm_measurement *tmr;
> +	bool in_sync;
> +};
> +
> +static inline const struct tsm_measurement_register *
> +_mrdir_mr(const struct _mrdir *mrd)
> +{
> +	return (struct tsm_measurement_register *)mrd->battrs[_MRDIR_BA_DIGEST]
> +		.private;
> +}
> +
> +static inline struct _mr_provider *
> +_mr_to_provider(const struct tsm_measurement_register *mr, struct kobject *kobj)
> +{
> +	if (mr->mr_flags & TSM_MR_F_F)

No definition for TSM_MR_F_F (seems to come later in 2/2), how does this 
compile?


> +		return container_of(kobj, struct _mr_provider, kset.kobj);
> +	else
> +		return container_of(kobj->kset, struct _mr_provider, kset);
> +}
> +
> +static inline int _call_refresh(struct _mr_provider *pvd,
> +				const struct tsm_measurement_register *mr)
> +{
> +	int rc = pvd->tmr->refresh(pvd->tmr, mr);
> +	if (rc)
> +		pr_warn(KBUILD_MODNAME ": %s.extend(%s) failed %d\n",
> +			kobject_name(&pvd->kset.kobj), mr->mr_name, rc);
> +	return rc;
> +}
> +
> +static inline int _call_extend(struct _mr_provider *pvd,
> +			       const struct tsm_measurement_register *mr,
> +			       const u8 *data)
> +{
> +	int rc = pvd->tmr->extend(pvd->tmr, mr, data);
> +	if (rc)
> +		pr_warn(KBUILD_MODNAME ": %s.extend(%s) failed %d\n",
> +			kobject_name(&pvd->kset.kobj), mr->mr_name, rc);
> +	return rc;
> +}
> +
> +static ssize_t hash_algo_show(struct kobject *kobj, struct kobj_attribute *attr,
> +			      char *page)
> +{
> +	struct _mrdir *mrd;
> +	mrd = container_of(kobj, typeof(*mrd), kobj);
> +	return sysfs_emit(page, "%s", hash_algo_name[_mrdir_mr(mrd)->mr_hash]);
> +}
> +
> +static ssize_t _mr_read(struct file *filp, struct kobject *kobj,
> +			struct bin_attribute *attr, char *page, loff_t off,
> +			size_t count)
> +{
> +	const struct tsm_measurement_register *mr;
> +	struct _mr_provider *pvd;
> +	int rc;
> +
> +	if (off < 0 || off > attr->size)
> +		return -EINVAL;
> +
> +	count = min(count, attr->size - (size_t)off);
> +	if (!count)
> +		return count;
> +
> +	mr = (typeof(mr))attr->private;
> +	BUG_ON(mr->mr_size != attr->size);
> +
> +	pvd = _mr_to_provider(mr, kobj);
> +	rc = down_read_interruptible(&pvd->rwsem);
> +	if (rc)
> +		return rc;
> +
> +	if ((mr->mr_flags & TSM_MR_F_L) && !pvd->in_sync) {
> +		up_read(&pvd->rwsem);
> +
> +		rc = down_write_killable(&pvd->rwsem);
> +		if (rc)
> +			return rc;
> +
> +		if (!pvd->in_sync) {
> +			rc = _call_refresh(pvd, mr);
> +			pvd->in_sync = !rc;
> +		}
> +
> +		downgrade_write(&pvd->rwsem);
> +	}
> +
> +	if (!rc)
> +		memcpy(page, mr->mr_value + off, count);
> +	else
> +		pr_debug(KBUILD_MODNAME ": %s.refresh(%s)=%d\n",
> +			 kobject_name(&pvd->kset.kobj), mr->mr_name, rc);
> +
> +	up_read(&pvd->rwsem);
> +	return rc ?: count;
> +}
> +
> +static ssize_t _mr_write(struct file *filp, struct kobject *kobj,
> +			 struct bin_attribute *attr, char *page, loff_t off,
> +			 size_t count)
> +{
> +	const struct tsm_measurement_register *mr;
> +	struct _mr_provider *pvd;
> +	ssize_t rc;
> +
> +	if (off != 0 || count != attr->size)
> +		return -EINVAL;
> +
> +	mr = (typeof(mr))attr->private;
> +	BUG_ON(mr->mr_size != attr->size);
> +
> +	pvd = _mr_to_provider(mr, kobj);
> +	rc = down_write_killable(&pvd->rwsem);
> +	if (rc)
> +		return rc;
> +
> +	if (mr->mr_flags & TSM_MR_F_X)
> +		rc = _call_extend(pvd, mr, page);
> +	else
> +		memcpy(mr->mr_value, page, count);
> +
> +	if (!rc)
> +		pvd->in_sync = false;
> +
> +	up_write(&pvd->rwsem);
> +	return rc ?: count;
> +}
> +
> +static void _mrdir_release(struct kobject *kobj)
> +{
> +	struct _mrdir *mrd;
> +	mrd = container_of(kobj, typeof(*mrd), kobj);
> +	pr_debug("%s(%s)\n", __func__, kobject_name(kobj));
> +	kfree(mrd);
> +}
> +
> +static struct kobj_type _mrdir_ktype = {
> +	.release = _mrdir_release,
> +	.sysfs_ops = &kobj_sysfs_ops,
> +};
> +
> +static struct _mrdir *_mrdir_create(const struct tsm_measurement_register *mr,
> +				    struct _mr_provider *pvd)
> +{
> +	struct _mrdir *mrd __free(kfree);
> +	int rc;
> +
> +	BUG_ON(mr->mr_flags & TSM_MR_F_F);
> +	mrd = kzalloc(sizeof(*mrd), GFP_KERNEL);
> +	if (!mrd)
> +		return ERR_PTR(-ENOMEM);
> +
> +	sysfs_bin_attr_init(&mrd->battrs[_MRDIR_BA_DIGEST]);
> +	mrd->battrs[_MRDIR_BA_DIGEST].attr.name = "digest";
> +	if (mr->mr_flags & TSM_MR_F_W)
> +		mrd->battrs[_MRDIR_BA_DIGEST].attr.mode |= S_IWUSR | S_IWGRP;
> +	if (mr->mr_flags & TSM_MR_F_R)
> +		mrd->battrs[_MRDIR_BA_DIGEST].attr.mode |= S_IRUGO;
> +
> +	mrd->battrs[_MRDIR_BA_DIGEST].size = mr->mr_size;
> +	mrd->battrs[_MRDIR_BA_DIGEST].read = _mr_read;
> +	mrd->battrs[_MRDIR_BA_DIGEST].write = _mr_write;
> +	mrd->battrs[_MRDIR_BA_DIGEST].private = (void *)mr;
> +
> +	mrd->kobj.kset = &pvd->kset;
> +	rc = kobject_init_and_add(&mrd->kobj, &_mrdir_ktype, NULL, "%s",
> +				  mr->mr_name);
> +	if (rc)
> +		return ERR_PTR(rc);
> +
> +	return_ptr(mrd);
> +}
> +
> +static void _mr_provider_release(struct kobject *kobj)
> +{
> +	struct _mr_provider *pvd;
> +	pvd = container_of(kobj, typeof(*pvd), kset.kobj);
> +	pr_debug("%s(%s)\n", __func__, kobject_name(kobj));
> +	BUG_ON(!list_empty(&pvd->kset.list));

Harsh. These days people do not like even WARN_ON :) None of these 
BUG_ONs seem bad enough to kill the system, dunno.

> +	kfree(pvd->mrfiles);
> +	kfree(pvd);
> +}
> +
> +static struct kobj_type _mr_provider_ktype = {
> +	.release = _mr_provider_release,
> +	.sysfs_ops = &kobj_sysfs_ops,
> +};
> +
> +static struct kset *_sysfs_tsm;
> +
> +static struct _mr_provider *_mr_provider_create(struct tsm_measurement *tmr)
> +{
> +	struct _mr_provider *pvd __free(kfree);
> +	int rc;
> +
> +	pvd = kzalloc(sizeof(*pvd), GFP_KERNEL);
> +	if (!pvd)
> +		return ERR_PTR(-ENOMEM);
> +
> +	if (!tmr->name || !tmr->mrs || !tmr->refresh || !tmr->extend)
> +		return ERR_PTR(-EINVAL);
> +
> +	rc = kobject_set_name(&pvd->kset.kobj, "%s", tmr->name);
> +	if (rc)
> +		return ERR_PTR(rc);
> +
> +	pvd->kset.kobj.kset = _sysfs_tsm;
> +	pvd->kset.kobj.ktype = &_mr_provider_ktype;
> +	pvd->tmr = tmr;
> +
> +	init_rwsem(&pvd->rwsem);
> +
> +	rc = kset_register(&pvd->kset);
> +	if (rc)
> +		return ERR_PTR(rc);
> +
> +	return_ptr(pvd);
> +}
> +
> +DEFINE_FREE(_unregister_measurement, struct _mr_provider *,
> +	    if (!IS_ERR_OR_NULL(_T)) tsm_unregister_measurement(_T->tmr));
> +
> +int tsm_register_measurement(struct tsm_measurement *tmr)
> +{
> +	static struct kobj_attribute _attr_hash = __ATTR_RO(hash_algo);
> +

Extra empty line not needed.

> +	struct _mr_provider *pvd __free(_unregister_measurement);
> +	int rc, nr;
> +
> +	pvd = _mr_provider_create(tmr);
> +	if (IS_ERR(pvd))
> +		return PTR_ERR(pvd);
> +
> +	nr = 0;
> +	for (int i = 0; tmr->mrs[i].mr_name; ++i) {
> +		// flat files are counted and skipped
> +		if (tmr->mrs[i].mr_flags & TSM_MR_F_F) {
> +			++nr;
> +			continue;
> +		}
> +
> +		struct _mrdir *mrd = _mrdir_create(&tmr->mrs[i], pvd);
> +		if (IS_ERR(mrd))
> +			return PTR_ERR(mrd);
> +
> +		struct attribute *attrs[] = {
> +			&_attr_hash.attr,
> +			NULL,
> +		};
> +		struct bin_attribute *battrs[_MRDIR_BA__COUNT + 1] = {};
> +		for (int j = 0; j < _MRDIR_BA__COUNT; ++j)
> +			battrs[j] = &mrd->battrs[j];

An empty line missing here.

> +		struct attribute_group agrp = {
> +			.attrs = attrs,
> +			.bin_attrs = battrs,
> +		};
> +		rc = sysfs_create_group(&mrd->kobj, &agrp);
> +		if (rc)
> +			return rc;
> +	}
> +
> +	if (nr > 0) {
> +		struct bin_attribute *mrfiles __free(kfree);
> +		struct bin_attribute **battrs __free(kfree);
> +
> +		mrfiles = kcalloc(sizeof(*mrfiles), nr, GFP_KERNEL);
> +		battrs = kcalloc(sizeof(*battrs), nr + 1, GFP_KERNEL);
> +		if (!battrs || !mrfiles)
> +			return -ENOMEM;
> +
> +		for (int i = 0, j = 0; tmr->mrs[i].mr_name; ++i) {
> +			if (!(tmr->mrs[i].mr_flags & TSM_MR_F_F))
> +				continue;
> +
> +			mrfiles[j].attr.name = tmr->mrs[i].mr_name;
> +			mrfiles[j].read = _mr_read;
> +			mrfiles[j].write = _mr_write;
> +			mrfiles[j].size = tmr->mrs[i].mr_size;
> +			mrfiles[j].private = (void *)&tmr->mrs[i];
> +			if (tmr->mrs[i].mr_flags & TSM_MR_F_R)
> +				mrfiles[j].attr.mode |= S_IRUGO;
> +			if (tmr->mrs[i].mr_flags & TSM_MR_F_W)
> +				mrfiles[j].attr.mode |= S_IWUSR | S_IWGRP;
> +
> +			battrs[j] = &mrfiles[j];
> +			++j;
> +
> +			BUG_ON(j > nr);
> +		}
> +
> +		struct attribute_group agrp = {
> +			.bin_attrs = battrs,
> +		};
> +		rc = sysfs_create_group(&pvd->kset.kobj, &agrp);
> +		if (rc)
> +			return rc;
> +
> +		pvd->mrfiles = no_free_ptr(mrfiles);
> +	}
> +
> +	pvd = NULL;

Is this needed for __free() machinery?


> +	return 0;
> +}
> +EXPORT_SYMBOL_GPL(tsm_register_measurement);
> +
> +static void _kset_put_children(struct kset *kset)
> +{
> +	struct kobject *p, *n;
> +	spin_lock(&kset->list_lock);
> +	list_for_each_entry_safe(p, n, &kset->list, entry) {
> +		spin_unlock(&kset->list_lock);
> +		kobject_put(p);
> +		spin_lock(&kset->list_lock);
> +	}
> +	spin_unlock(&kset->list_lock);
> +}
> +
> +int tsm_unregister_measurement(struct tsm_measurement *tmr)
> +{
> +	struct kobject *kobj = kset_find_obj(_sysfs_tsm, tmr->name);

Empty line missing. scripts/checkpatch.pl should have detected it. Thanks,

> +	if (!kobj)
> +		return -ENOENT;
> +
> +	struct _mr_provider *pvd = container_of(kobj, typeof(*pvd), kset.kobj);
> +	BUG_ON(pvd->tmr != tmr);
> +
> +	_kset_put_children(&pvd->kset);
> +	kset_unregister(&pvd->kset);
> +	kobject_put(kobj);
> +	return 0;
> +}
> +EXPORT_SYMBOL_GPL(tsm_unregister_measurement);
> +
> +int tsm_mr_init(void)
> +{
> +	_sysfs_tsm = kset_create_and_add("tsm", NULL, kernel_kobj);
> +	if (!_sysfs_tsm)
> +		return -ENOMEM;
> +	return 0;
> +}
> +
> +void tsm_mr_exit(void)
> +{
> +	kset_unregister(_sysfs_tsm);
> +}
> +
> +MODULE_LICENSE("GPL");
> +MODULE_DESCRIPTION("Provide Trusted Security Module measurements via sysfs");
> 

-- 
Alexey


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ