2 * This file is part of the OpenPTS project.
4 * The Initial Developer of the Original Code is International
5 * Business Machines Corporation. Portions created by IBM
6 * Corporation are Copyright (C) 2010 International Business
7 * Machines Corporation. All Rights Reserved.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the Common Public License as published by
11 * IBM Corporation; either version 1 of the License, or (at your option)
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * Common Public License for more details.
19 * You should have received a copy of the Common Public License
20 * along with this program; if not, a copy can be viewed at
21 * http://www.opensource.org/licenses/cpl1.0.php.
27 * @author Seiji Munetoh <munetoh@users.sourceforge.jp>
29 * cleanup 2011-07-20 SM
31 * FSM Action (UML2 doActivity)
33 * functions executed at the state.
34 * setAssertion(ipl.integrity, valid)
36 * TODO need generic way to support platform specific actions
39 * vendor action => table
47 #include <tss/platform.h>
48 #include <tss/tss_defines.h>
49 #include <tss/tss_typedef.h>
50 #include <tss/tss_structs.h>
51 #include <tss/tss_error.h>
54 #include <openssl/sha.h>
62 int (*func_1)(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
63 int (*func_2)(OPENPTS_CONTEXT *ctx, char *name, char* b64digest, char *integrity); // TODO NA?
64 int (*func_3)(OPENPTS_CONTEXT *ctx);
65 int (*func_4)(OPENPTS_CONTEXT *ctx, char *name);
67 int (*func_5)(OPENPTS_CONTEXT *ctx, char *name, char *value, char *action);
69 int (*func_6)(OPENPTS_CONTEXT *ctx, char *name, char *value, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
70 int (*func_7)(OPENPTS_CONTEXT *ctx, char *value, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
72 } OPENPTS_ACTION_TABLE;
80 * action - reset PCR[pcr_index]
81 * location - startup of the FSM
83 * value - string of pcr index value, 0-23
85 int resetPCR(OPENPTS_CONTEXT *ctx, char *value) {
89 pcr_index = atoi(value);
91 DEBUG_FSM("resetPCR(%d)\n", pcr_index);
92 rc = resetTpmPcr(&ctx->tpm, pcr_index);
93 if (rc != PTS_SUCCESS) {
94 ERROR("reset PCR[%d] was failed, check the model");
95 return PTS_INTERNAL_ERROR;
98 /* Also, reset the action counter */
99 ctx->bios_action_count = 0;
109 * EventData(string) => Properties
111 * bios.pcr.N.action.C=eventdata[]
115 int addBIOSAction(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
116 TSS_PCR_EVENT *event;
121 if (eventWrapper == NULL) {
122 // TODO do not care for dummy EW
123 DEBUG("addBIOSAction() - eventWrapper is NULL\n"); // TODO is this OK?
124 // TODO define RC <-> fsm.c >> INFO:(TODO) fsm.c:986 updateFsm() - rc = 58, call updateFsm() again
125 return PTS_INTERNAL_ERROR;
128 event = eventWrapper->event;
130 ERROR("event is NULL\n");
131 return PTS_INTERNAL_ERROR;
134 /* value = eventdata */
135 value = snmalloc((char *)event->rgbEvent, event->ulEventLength);
137 ERROR("no memory\n");
138 return PTS_INTERNAL_ERROR;
142 // ctx->bios_action_count is reset by resetPCR()
143 snprintf(name, BUF_SIZE, "bios.pcr.%d.action.%d", event->ulPcrIndex, ctx->bios_action_count);
144 ctx->bios_action_count++;
147 DEBUG_FSM("[FSM] addBIOSAction() - '%s' = '%s'\n", name, value);
149 updateProperty(ctx, name, value);
158 * addBIOSSpecificProperty
163 * EventID Descriptions PTS structure Properties
164 * -----------------------------------------------------------------------------------------
165 * 0x0001 SMBIOS structure # => conf->smbios bios.smbios=base64
166 * 0x0003 POST BIOS ROM Strings # => conf->post_bios_rom_string bios.post.rom.string=string
167 * 0x0004 ESCD, hash of ESCD data # => conf->
168 * 0x0005 CMOS, raw CMOS data # => conf->
169 * 0x0006 NVRAM, raw NVRAM data # =>
170 * 0x0007 Option ROM execute # =>
173 int addBIOSSpecificProperty(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
174 TSS_PCR_EVENT *event;
179 if (eventWrapper == NULL) {
180 ERROR("addBIOSSpecificProperty- eventWrapper is NULL\n");
181 return PTS_INTERNAL_ERROR; // -1
183 event = eventWrapper->event;
185 if (event->eventType != 0x06) {
186 ERROR("addBIOSSpecificProperty - bad event type 0x%x !- 0x06\n", event->eventType);
187 return PTS_INTERNAL_ERROR; // -1
190 // DEBUG("event data size = %d\n", event->ulEventLength);
191 // printHex("", event->rgbEvent, event->ulEventLength, "\n");
193 event_id = byte2uint32(&event->rgbEvent[0]);
194 event_length = byte2uint32(&event->rgbEvent[4]);
196 // DEBUG("event data size = %d, id = 0x%x, len %d,\n", event->ulEventLength, event_id, event_length);
205 // bios.smbios=base64()
206 ctx->conf->smbios_length = event_length;
207 ctx->conf->smbios = &event->rgbEvent[8];
211 //(unsigned char *)b64,
212 (unsigned char *)ctx->conf->smbios,
213 ctx->conf->smbios_length,
216 ERROR("encodeBase64 fail");
219 if (buf_len > BUF_SIZE) {
220 ERROR("SMBIOS size = %d\n", buf_len); // Thinkpad X200 => 3324
221 updateProperty(ctx, "bios.smbios", "too big");
223 updateProperty(ctx, "bios.smbios", buf);
230 // DEBUG("EventID 0x%x TBD\n", event_id);
231 // DEBUG("event data size = %d, id = 0x%x, len %d,\n", event->ulEventLength, event_id, event_length);
235 return PTS_SUCCESS; // -1;
246 int validateMBR(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
247 TSS_PCR_EVENT *event;
249 if (eventWrapper == NULL) {
250 ERROR("eventWrapper is NULL\n");
251 return PTS_INTERNAL_ERROR; // -1;
254 event = eventWrapper->event;
257 ERROR("event is NULL\n");
258 return PTS_INTERNAL_ERROR; // -1;
261 TODO("validateMBR - NA\n");
268 * validate Eltorito Boot Image
270 * IPL measurement is deffent by BIOS
272 * 1) 512 bytes of BootImage(stage2_eltorito) - Panasonic?
273 * 2) 2048 bytes of BootImage(stage2_eltorito) - HP?
274 * 3) Unknown method by IBM/Lenovo (bug)
276 * IntegrationTest - check_ir check_rm
277 * Data - ThinkpadX31_Knoppix511 - IBM/Lenovo
279 int validateEltoritoBootImage(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
280 TSS_PCR_EVENT *event;
282 // DEBUG("validateEltoritoBootImage - NA\n");
284 if (eventWrapper == NULL) {
285 ERROR("eventWrapper is NULL\n");
286 return PTS_INTERNAL_ERROR; // -1;
289 event = eventWrapper->event;
291 ERROR("event is NULL\n");
292 return PTS_INTERNAL_ERROR; // -1;
295 updateProperty(ctx, "ipl.eltorito.integrity", "unknown");
297 return PTS_SUCCESS; // -1;
301 * set Module Property
308 * linux.initrd.digest
310 int setModuleProperty(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
311 TSS_PCR_EVENT *event;
315 // DEBUG("setModuleProperty - NA\n");
318 if (eventWrapper == NULL) {
319 ERROR("eventWrapper is NULL\n");
320 return PTS_INTERNAL_ERROR; // -1;
323 event = eventWrapper->event;
326 ERROR("event is NULL\n");
327 return PTS_INTERNAL_ERROR; // -1;
330 /* kernel.initrd.digest = PCR => B64 digest */
332 (unsigned char *)event->rgbPcrValue,
336 ERROR("encodeBase64 fail");
337 return PTS_INTERNAL_ERROR;
339 updateProperty(ctx, "kernel.initrd.digest", buf);
342 // updateProperty(ctx, "kernel.initrd.filename", (char*)event->rgbEvent);
344 buf = malloc(event->ulEventLength + 1);
346 ERROR("no memory\n");
348 memcpy(buf, event->rgbEvent, event->ulEventLength);
349 buf[event->ulEventLength] = 0;
350 updateProperty(ctx, "kernel.initrd.filename", buf);
354 return PTS_SUCCESS; // -1;
359 * kernel comnand line -> properties
362 * kernel /vmlinuz-2.6.32.12-115.fc12.x86_64
363 * ro root=UUID=5c6fdd8c-eec9-45d6-8a51-0223fac9e153 noiswmd LANG=en_US.UTF-8
364 * SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=jp106 intel_iommu=off
365 * rhgb quiet tpm_tis.itpm=1 tpm_tis.force=1 tpm_tis.interrupts=0 ima_tcb=1
368 * linux.kernel.cmdline.ro=""
369 * linux.kernel.cmdline.ima_tcb="1"
372 * UnitTest - tests/check_action.c
375 int setLinuxKernelCmdlineAssertion(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
376 TSS_PCR_EVENT *event;
381 char value[BUF_SIZE];
383 char *saveptr = NULL;
386 DEBUG_CAL("setLinuxKernelCmdlineAssertion - start\n");
389 if (eventWrapper == NULL) {
390 ERROR("eventWrapper is NULL\n");
391 return PTS_INTERNAL_ERROR; // -1;
394 event = eventWrapper->event;
397 ERROR("event is NULL\n");
398 return PTS_INTERNAL_ERROR; // -1;
401 /* copy(malloc) strings */
402 cmdline = snmalloc((char *)event->rgbEvent, event->ulEventLength);
404 /* first string = kernel filename */
405 tp = strtok_r(cmdline, " ", &saveptr);
408 tp = strtok_r(NULL, " ", &saveptr); // TODO strtok_r
411 ep = strchr(tp, '=');
415 snprintf(name, BUF_SIZE, "linux.kernel.cmdline.%s", tp);
416 snprintf(value, BUF_SIZE, "%s", ep);
417 addProperty(ctx, name, value);
420 snprintf(name, BUF_SIZE, "linux.kernel.cmdline.%s", tp);
421 addProperty(ctx, name, "");
427 DEBUG_CAL("setLinuxKernelCmdlineAssertion - done, %d options\n", cnt);
428 // DEBUG("setLinuxKernelCmdlineAssertion event data[%d] = %s\n", event->ulEventLength, event->rgbEvent);
442 int validateKernelCmdline(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
443 TODO("validateKernelCmdline - NA\n");
444 updateProperty(ctx, "kernel.commandline", "TBD");
452 * validate IMA boot aggregate v2 (kernel 2.6.30-)
454 * aggregate = SHA1(PCR[0]+PCR[1]+..PCR[7])
456 * IntegrationTest - check_ir.c check_rm.c
457 * Data - ThinkpadX200_Fedora12 - w/ policy
460 int validateImaAggregate(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
461 TSS_PCR_EVENT *event;
464 BYTE digest[SHA1_DIGEST_SIZE];
466 // DEBUG("validateImaAggregate - NA\n");
469 if (eventWrapper == NULL) {
470 ERROR("eventWrapper is NULL\n");
471 return PTS_INTERNAL_ERROR; // -1;
474 event = eventWrapper->event;
477 ERROR("event is NULL\n");
478 return PTS_INTERNAL_ERROR; // -1;
484 /* update with PCR 0 - 7 */
485 for (i = 0; i < 8; i++) {
486 getTpmPcrValue(&ctx->tpm, i, digest);
487 SHA1_Update(&sha_ctx, digest, SHA1_DIGEST_SIZE);
491 SHA1_Final(digest, &sha_ctx);
493 /* check aggregate */
494 if (memcmp(event->rgbEvent, digest, SHA1_DIGEST_SIZE) == 0) {
496 // DEBUG("Good IMA aggregete\n");
497 updateProperty(ctx, "ima.aggregate", "valid");
500 updateProperty(ctx, "ima.aggregate", "invalid");
502 if (verbose && DEBUG_FLAG) {
504 BYTE pcr[SHA1_DIGEST_SIZE];
505 TODO("validateImaAggregate - "
506 "Wrong IMA aggregete - check FSM, "
507 "maybe it should use validateOldImaAggregate()\n");
509 for (j = 0; j < (int) event->ulPcrValueLength; j ++) {
510 printf("%02x", event->rgbPcrValue[j]);
514 for (i = 0; i < 8; i++) {
515 printf("PCR[%d] = ", i);
516 getTpmPcrValue(&ctx->tpm, i, pcr);
517 for (j = 0; j < SHA1_DIGEST_SIZE; j ++) {
518 printf("%02x", pcr[j]);
524 for (j = 0; j < SHA1_DIGEST_SIZE; j ++) {
525 printf("%02x", event->rgbEvent[j]);
527 printf(" (extended value)\n");
530 for (j = 0; j < SHA1_DIGEST_SIZE; j ++) {
531 printf("%02x", digest[j]);
533 printf(" (cal value)\n");
537 // TODO(munetoh) also check the template and pcr?
542 * validate IMA boot aggregate v1 (kernel -2.6.29)
544 * aggregate = SHA1(PCR[0]+PCR[1]+..PCR[7])
546 * IntegrationTest - check_ir.c check_rm.c
547 * Data - ThinkpadX31_Knoppix511
549 int validateOldImaAggregate(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
550 TSS_PCR_EVENT *event;
553 BYTE digest[SHA1_DIGEST_SIZE];
555 // DEBUG("validateOldImaAggregate - NA\n");
558 if (eventWrapper == NULL) {
559 ERROR("eventWrapper is NULL\n");
560 return PTS_INTERNAL_ERROR; // -1;
563 event = eventWrapper->event;
565 ERROR("event is NULL\n");
566 return PTS_INTERNAL_ERROR; // -1;
572 /* update with PCR 0 - 7 */
573 for (i = 0; i < 8; i++) {
574 getTpmPcrValue(&ctx->tpm, i, digest);
575 SHA1_Update(&sha_ctx, digest, SHA1_DIGEST_SIZE);
579 SHA1_Final(digest, &sha_ctx);
581 /* check aggregate */
582 if (memcmp(event->rgbPcrValue, digest, SHA1_DIGEST_SIZE) == 0) {
584 updateProperty(ctx, "ima.aggregate", "valid");
587 updateProperty(ctx, "ima.aggregate", "invalids");
589 // TODO(munetoh) also check the eventdata string?
595 * ima.0.name=/XX/XX/XX << AIDE or IMA
596 * ima.0.integrity=valid/invalid/unknown
597 * ima.0.digest=base64
599 int updateImaProperty(OPENPTS_CONTEXT *ctx, char* name, char* b64digest, char *integrity) {
603 snprintf(prop_name, sizeof(prop_name), "ima.%d.integrty", ctx->ima_count);
604 updateProperty(ctx, prop_name, integrity);
607 snprintf(prop_name, sizeof(prop_name), "ima.%d.name", ctx->ima_count);
608 updateProperty(ctx, prop_name, name);
611 snprintf(prop_name, sizeof(prop_name), "ima.%d.digest", ctx->ima_count);
612 updateProperty(ctx, prop_name, b64digest);
620 * Original IMA measurement
622 * --------------------------
633 int validateImaMeasurement(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
635 TSS_PCR_EVENT *event;
638 DEBUG_CAL("validateImaMeasurement - start\n");
640 if (eventWrapper == NULL) {
641 /* Just ignore the NULL event */
642 // TODO(munetoh) Detect LOOP
643 // DEBUG("validateImaMeasurement - eventWrapper is NULL\n");
644 // DEBUG("validateImaMeasurement - eventWrapper is null\n");
645 // return 1; // => seg fault
646 return PTS_SUCCESS; // => green
653 event = eventWrapper->event;
654 if (ctx->conf->ima_validation_mode == OPENPTS_VALIDATION_MODE_AIDE) {
660 rc = checkEventByAide(ctx->aide_ctx, eventWrapper);
663 name = (char *)event->rgbEvent;
664 name += SHA1_DIGEST_SIZE;
665 name = snmalloc(name, (event->ulEventLength - SHA1_DIGEST_SIZE));
669 AIDE_METADATA *md = eventWrapper->aide_metadata;
670 DEBUG_FSM("validateImaMeasurement w/ AIDE - HIT, name=[%s]=[%s]\n",
678 (unsigned char *)md->sha1,
682 ERROR("encodeBase64 fail");
683 return PTS_INTERNAL_ERROR;
685 updateImaProperty(ctx, md->name, buf, "valid");
688 eventWrapper->status = OPENPTS_RESULT_VALID;
691 } else if (rc == 1) {
693 eventWrapper->status = OPENPTS_RESULT_IGNORE; // TODO
696 } else if (rc == 2) {
698 // DEBUG("validateImaMeasurement w/ AIDE - MISS name=[%s]\n", name);
699 // updateProperty(ctx, buf, "invalid");
702 (unsigned char *)event->rgbEvent,
706 ERROR("encodeBase64 fail");
707 return PTS_INTERNAL_ERROR;
709 updateImaProperty(ctx, name, buf, "unknown"); // action.c
710 eventWrapper->status = OPENPTS_RESULT_UNKNOWN;
716 hex = getHexString(event->rgbEvent, SHA1_DIGEST_SIZE);
717 addReason(ctx, "[IMA-AIDE] missing, digest(hex) = %s, name = \"%s\"", hex, name);
724 ERROR("validateImaMeasurement - checkEventByAide fail, rc - %d\n", rc);
725 eventWrapper->status = PTS_INTERNAL_ERROR; // OPENPTS_RESULT_INT_ERROR;
727 return PTS_INTERNAL_ERROR; // -1;
730 // freeAideMetadata(md);
732 } else if (ctx->conf->ima_validation_mode == OPENPTS_VALIDATION_MODE_IIDB) {
733 ERROR("validateImaMeasurementNG w/ IIDB - NA\n");
735 #else // !CONFIG_AIDE
736 if (ctx->conf->ima_validation_mode == OPENPTS_VALIDATION_MODE_IIDB) {
737 ERROR("validateImaMeasurementNG w/ IIDB - NA\n");
744 ERROR("validateImaMeasurement - ERROR\n");
745 return PTS_INTERNAL_ERROR; // -1;
750 int validateImaAggregateNG(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
751 ERROR("validateImaAggregateNG - NA\n");
752 updateProperty(ctx, "ima.aggregate", "TBD");
753 return PTS_INTERNAL_ERROR; // -1;
756 int validateImaMeasurementNG(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
757 return PTS_INTERNAL_ERROR; // -1;
766 int resetCounter(OPENPTS_CONTEXT *ctx) {
769 // DEBUG("[FSM] resetCounter()");
776 int incrementCounter(OPENPTS_CONTEXT *ctx) {
779 // DEBUG("[FSM] incrementCounter() %d => %d\n", ctx->count -1, ctx->count);
787 * Collector Start - Verifier
791 int startCollector(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
792 int rc = PTS_SUCCESS;
793 TSS_PCR_EVENT *event;
794 OPENPTS_EVENT_COLLECTOR_START *start = NULL;
798 ERROR("startCollector() - ctx is null\n");
799 return PTS_INTERNAL_ERROR;
802 if (ctx->target_conf == NULL) {
804 ERROR("startCollector() - target_conf is NULL, collector side - skip\n");
808 if (ctx->target_conf->uuid == NULL) {
810 ERROR("startCollector() - uuid is NULL\n");
815 if (eventWrapper == NULL) {
816 ERROR("startCollector() - eventWrapper is NULL\n");
817 rc = PTS_INTERNAL_ERROR;
821 event = eventWrapper->event;
823 ERROR("startCollector() - event is NULL\n");
824 rc = PTS_INTERNAL_ERROR;
828 if (event->ulEventLength != sizeof(OPENPTS_EVENT_COLLECTOR_START)) {
829 ERROR("startCollector() - Bad eventData size %d != %d\n",
830 event->ulEventLength,
831 sizeof(OPENPTS_EVENT_COLLECTOR_START));
832 rc = PTS_INTERNAL_ERROR; // TODO
837 start = (OPENPTS_EVENT_COLLECTOR_START *)event->rgbEvent;
840 // TODO if TCDS was restart, the eventlog used by PTSCD was gone.
842 /* validation - TSS version */
843 if (memcmp(&start->pts_version, &ctx->target_conf->pts_version, 4) != 0) {
844 DEBUG("startCollector() - Bad PTS version\n");
845 // rc = PTS_INTERNAL_ERROR; // TODO
849 /* validation - Collector UUID */
850 if (memcmp(&start->collector_uuid, ctx->target_conf->uuid->uuid, 16) != 0) {
851 DEBUG("startCollector() - Bad Collector UUID (Unit Testing?)\n");
852 // TODO test will stop. must be controlable?
853 // rc = PTS_INTERNAL_ERROR; // TODO
857 /* validation - Manifest UUID */
859 if (memcmp(&start->manifest_uuid, ctx->target_conf->rm_uuid->uuid, 16) != 0) {
860 // TODO in the test ptscd generate new RM UUID
861 DEBUG("startCollector() - Bad Manifest UUID (Unit Testing?)\n");
862 // rc = PTS_INTERNAL_ERROR; // TODO
871 // printout the example IR data to create the test case
877 start = malloc(sizeof(OPENPTS_EVENT_COLLECTOR_START));
880 return PTS_INTERNAL_ERROR;
883 printHex("OPENPTS_EVENT_COLLECTOR_START",
884 (unsigned char*)start, sizeof(OPENPTS_EVENT_COLLECTOR_START), "\n");
886 (unsigned char *)start,
887 sizeof(OPENPTS_EVENT_COLLECTOR_START),
890 ERROR("encodeBase64 fail");
891 rc = PTS_INTERNAL_ERROR;
894 ERROR("EventData: %s\n", buf);
897 memcpy(&start->pts_version, &ctx->target_conf->pts_version, 4);
898 memcpy(&start->collector_uuid, ctx->target_conf->uuid->uuid, 16);
899 memcpy(&start->manifest_uuid, ctx->target_conf->rm_uuid->uuid, 16);
901 printHex("OPENPTS_EVENT_COLLECTOR_START",
902 (unsigned char*)start, sizeof(OPENPTS_EVENT_COLLECTOR_START), "\n");
904 (unsigned char *)start,
905 sizeof(OPENPTS_EVENT_COLLECTOR_START),
908 ERROR("encodeBase64 fail");
909 rc = PTS_INTERNAL_ERROR;
912 ERROR("EventData: %s\n", buf);
923 int addIntelTxtTbootProperty(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
924 TSS_PCR_EVENT *event;
926 DEBUG_FSM("addIntelTxtTbootProperty - start\n");
929 if (eventWrapper == NULL) {
930 ERROR("addBIOSSpecificProperty- eventWrapper is NULL\n");
933 event = eventWrapper->event;
935 switch (event->eventType) {
936 case EV_TBOOT_SINIT_V6:
938 OPENPTS_EVENT_TBOOT_SINIT_V6 *data;
940 data = (OPENPTS_EVENT_TBOOT_SINIT_V6 *) event->rgbEvent;
941 buf = getHexString(data->sinit_hash, 20);
942 updateProperty(ctx, "intel.txt.tboot.sinit.hash.hex", buf);
947 case EV_TBOOT_SINIT_V7:
949 OPENPTS_EVENT_TBOOT_SINIT_V7 *data;
951 data = (OPENPTS_EVENT_TBOOT_SINIT_V7 *) event->rgbEvent;
952 buf = getHexString(data->sinit_hash, 32);
953 updateProperty(ctx, "intel.txt.tboot.sinit.hash.hex", buf);
958 case EV_TBOOT_STM_V6:
960 OPENPTS_EVENT_TBOOT_STM_V6 *data;
962 data = (OPENPTS_EVENT_TBOOT_STM_V6 *) event->rgbEvent;
963 buf = getHexString(data->bios_acm_id, 20);
964 updateProperty(ctx, "intel.txt.tboot.bios.acm.id.hex", buf);
969 case EV_TBOOT_POLCTL:
971 OPENPTS_EVENT_TBOOT_POLCTL *data;
973 data = (OPENPTS_EVENT_TBOOT_POLCTL *) event->rgbEvent;
974 buf = getHexString(data->pol_control, 4);
975 updateProperty(ctx, "intel.txt.tboot.pol.control.hex", buf);
977 buf = getHexString(data->pol_hash, 20);
978 updateProperty(ctx, "intel.txt.tboot.pol.hash.hex", buf);
983 case EV_TBOOT_MLE_HASH:
986 buf = getHexString(event->rgbPcrValue, 20);
987 updateProperty(ctx, "intel.txt.tboot.mle.hash.hex", buf);
992 case EV_TBOOT_MODULE:
994 OPENPTS_EVENT_TBOOT_MODULE *data;
1000 if (event->ulEventLength < 48) {
1002 TODO("addIntelTxtTbootProperty() bad eventdata, size = %d\n",
1003 event->ulEventLength);
1006 data = (OPENPTS_EVENT_TBOOT_MODULE *) event->rgbEvent;
1008 snprintf(name, sizeof(name),
1009 "intel.txt.tboot.pcr.%d.module.command.hash.hex",
1011 value = getHexString(data->command_hash, 20);
1012 updateProperty(ctx, name, value);
1015 snprintf(name, sizeof(name),
1016 "intel.txt.tboot.pcr.%d.module.file.hash.hex",
1018 value = getHexString(data->file_hash, 20);
1019 updateProperty(ctx, name, value);
1022 snprintf(name, sizeof(name),
1023 "intel.txt.tboot.pcr.%d.module.command",
1025 ptr = (BYTE *)&event->rgbEvent[40];
1026 size = *(UINT32*) ptr;
1028 value = malloc(size + 1);
1029 memcpy(value, (BYTE *)ptr, size);
1031 updateProperty(ctx, name, value);
1034 snprintf(name, sizeof(name),
1035 "intel.txt.tboot.pcr.%d.module.filename",
1038 size = *(UINT32*) ptr;
1040 value = malloc(size + 1);
1041 memcpy(value, (BYTE *)ptr, size);
1043 updateProperty(ctx, name, value);
1050 ERROR("Unknown event tupe 0x%x\n", event->eventType);
1054 /* set DRTM flag => resetPcr(1) at writeIr() */
1058 // updateProperty(ctx, "kernel.commandline", "TBD");
1066 * save counter value to property
1068 int saveCounter(OPENPTS_CONTEXT *ctx, char * name) {
1069 char buf[128]; // TODO
1071 snprintf(buf, sizeof(buf), "%d", ctx->count);
1072 addProperty(ctx, name, buf);
1074 // DEBUG("[FSM] saveCounter() %s = %s\n", name, buf);
1080 static OPENPTS_ACTION_TABLE action_table[] = {
1081 { /* FSM control - 5 */
1082 .name = "transitFSM(",
1085 .rc = OPENPTS_FSM_TRANSIT
1087 .name = "flashFSM(",
1090 .rc = OPENPTS_FSM_FLASH
1097 .name = "validateProperty(",
1100 .func_5 = validateProperty
1102 .name = "setAssertion(",
1105 .func_6 = setEventProperty // setProperty
1106 }, { /* PC BIOS - 2 */
1107 .name = "addBIOSSpecificProperty(",
1110 .func_1 = addBIOSSpecificProperty
1112 .name = "addBIOSAction(",
1115 .func_1 = addBIOSAction
1116 }, { /* Grub Legacy - 2 */
1117 .name = "validateMBR(",
1120 .func_1 = validateMBR
1122 .name = "validateEltoritoBootImage(",
1125 .func_1 = validateEltoritoBootImage
1126 }, { /* Linux - 3 */
1127 .name = "setLinuxKernelCmdlineAssertion(",
1130 .func_1 = setLinuxKernelCmdlineAssertion
1132 .name = "setModuleProperty(",
1135 .func_1 = setModuleProperty
1137 .name = "validateKernelCmdline(",
1140 .func_1 = validateKernelCmdline
1141 }, { /* Linux-IMA +5*/
1142 .name = "validateOldImaAggregate(",
1145 .func_1 = validateOldImaAggregate
1147 .name = "validateImaAggregate(",
1150 .func_1 = validateImaAggregate
1152 .name = "validateImaMeasurement(",
1155 .func_1 = validateImaMeasurement
1157 .name = "validateImaAggregateNG(",
1160 .func_1 = validateImaAggregateNG
1162 .name = "validateImaMeasurementNG(",
1165 .func_1 = validateImaMeasurementNG
1166 }, { /* counter functions +3 */
1167 .name = "resetCounter",
1170 .func_3 = resetCounter
1172 .name = "incrementCounter",
1175 .func_3 = incrementCounter
1177 .name = "saveCounter",
1180 .func_4 = saveCounter
1183 #ifdef CONFIG_AUTO_RM_UPDATE
1184 /* update function 4 */
1186 .name = "startUpdate",
1189 .func_1 = startUpdate
1191 .name = "deputyEvent",
1194 .func_1 = deputyEvent
1196 .name = "endUpdate",
1201 .name = "updateCollector",
1204 .func_1 = updateCollector
1210 .name = "addIntelTxtTbootProperty",
1213 .func_1 = addIntelTxtTbootProperty
1217 .name = "startCollector",
1220 .func_1 = startCollector
1224 #ifdef CONFIG_AUTO_RM_UPDATE
1225 #define OPENPTS_ACTION_TABLE_ARU_SIZE 4
1227 #define OPENPTS_ACTION_TABLE_ARU_SIZE 0
1231 #define OPENPTS_ACTION_TABLE_TBOOT_SIZE 1
1233 #define OPENPTS_ACTION_TABLE_TBOOT_SIZE 0
1236 #define OPENPTS_ACTION_TABLE_SIZE (5 + 2 + 2 + 3 + 5 + 3 + OPENPTS_ACTION_TABLE_ARU_SIZE + OPENPTS_ACTION_TABLE_TBOOT_SIZE + 1)
1241 * fsmUpdate() call this function
1244 * OPENPTS_FSM_SUCCESS 0
1245 * OPENPTS_FSM_FLASH flash FSM
1246 * OPENPTS_FSM_TRANSIT transit FSM
1248 * OPENPTS_FSM_MIGRATE_EVENT
1250 // #define BUF_SIZE 256
1253 OPENPTS_CONTEXT *ctx,
1255 OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
1259 char *buf = NULL; // char buf[BUF_SIZE];
1266 ERROR("doActivity - ctx is NULL\n");
1267 return PTS_INTERNAL_ERROR; // -1;
1270 if (action == NULL) {
1271 ERROR("doActivity - action is NULL\n");
1272 return PTS_INTERNAL_ERROR; // -1;
1275 if (eventWrapper == NULL) {
1276 /* NULL event, skip evaluation */
1277 // DEBUG("doActivity - eventWrapper is NULL\n");
1278 // return 1; //OPENPTS_FSM_SUCCESS;
1282 buf = smalloc(action);
1284 ERROR("doActivity - no memory\n");
1285 return PTS_FATAL; // -1;
1289 if (!strcmp((char *)action, "")) {
1293 /* check the action */
1294 for (i = 0; i < OPENPTS_ACTION_TABLE_SIZE; i++) {
1295 if (!strncmp((char *)action, action_table[i].name, action_table[i].name_len)) {
1296 // DEBUG("%s HIT, name_len=%d\n", action, action_table[i].name_len);
1297 switch (action_table[i].type) {
1299 rc = action_table[i].rc;
1303 rc = action_table[i].func_1(ctx, eventWrapper);
1308 /* Just call Action() */
1309 rc = action_table[i].func_3(ctx);
1313 // INFO("doActivity type 4 %s", action);
1314 name = &buf[action_table[i].name_len + 1]; // 11 ; 1 =
1315 name = strtok_r(name, ")", &saveptr);
1317 rc = action_table[i].func_4(ctx, name);
1320 /* Action(Name,Value,Action) */
1321 name = &buf[action_table[i].name_len];
1322 name = strtok_r(name, ", ", &saveptr);
1323 value = strtok_r(NULL, ")", &saveptr);
1326 value = trim(value);
1328 rc = action_table[i].func_5(ctx, name, value, action); // validateProperty
1331 /* Action(Name,Value,Event) */
1332 name = &buf[action_table[i].name_len];
1333 name = strtok_r(name, ", ", &saveptr);
1334 value = strtok_r(NULL, ")", &saveptr);
1337 value = trim(value);
1339 rc = action_table[i].func_6(ctx, name, value, eventWrapper); // setProperty
1342 /* Action(Value,Event) */
1343 value = &buf[action_table[i].name_len + 1]; // 11 ; 1 =
1344 value = strtok_r(value, ")", &saveptr);
1345 value = trim(value);
1346 rc = action_table[i].func_7(ctx, value, eventWrapper);
1349 ERROR("unknown OPENPTS_ACTION_TABLE func tyoe\n");
1356 ERROR("unknown action '%s'\n", action);
1357 addReason(ctx, "[FSM] Unknown action='%s'", action);
1358 rc = OPENPTS_FSM_ERROR;
1361 if (buf != NULL) free(buf);
1363 if (rc == OPENPTS_FSM_ERROR) {
1364 DEBUG("doActivity rc = %d\n", rc);