From patchwork Thu Jul 16 14:25:20 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chun-Yi Lee X-Patchwork-Id: 6807531 X-Patchwork-Delegate: rjw@sisk.pl Return-Path: X-Original-To: patchwork-linux-pm@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 03722C05AC for ; Thu, 16 Jul 2015 14:30:45 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id E8EAA206F7 for ; Thu, 16 Jul 2015 14:30:43 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id E1511206EB for ; Thu, 16 Jul 2015 14:30:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755841AbbGPO1D (ORCPT ); Thu, 16 Jul 2015 10:27:03 -0400 Received: from mail-pd0-f170.google.com ([209.85.192.170]:35610 "EHLO mail-pd0-f170.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755788AbbGPO1B (ORCPT ); Thu, 16 Jul 2015 10:27:01 -0400 Received: by pdrg1 with SMTP id g1so45169274pdr.2; Thu, 16 Jul 2015 07:27:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=mIohXw5pzzToQhHLsVfXRX1h7tZmyEUYnsqYoEKwRG8=; b=Bpi1YPrx0fYZhfCrNOojqOCAru5P8V5fvfoXy3tSLwL0JVt0nMvIsHy4qLseODY1Oh WITst4OCtqrRssOr2LYbjuCNL9a5u/rG09Q7rLkZqkKAXMPdRZ5Ubeqj9WZl3HvSPxsM //LeZM3KVP5MQUpCJWi2MY+X1KS1Xiy5y1Pxbrrk0+qRYN5/8R2Xqh1SDDArqO491pYz yVld/s4vxIXijdkHtMmmymt29PMrp08u6cglE0PAsjBrbX3RrJXtjJBCxQcuXyL/o5ie LMF/xMmTExyM1hMSC5YZf5joVk2w/bGCMdCdPpryL3PHo7ieZR+pg/3M2i8mHGMhT6Ct vOig== X-Received: by 10.66.222.103 with SMTP id ql7mr18983649pac.144.1437056820687; Thu, 16 Jul 2015 07:27:00 -0700 (PDT) Received: from linux-rxt1.site.site ([124.11.22.254]) by smtp.gmail.com with ESMTPSA id r4sm8219910pap.8.2015.07.16.07.26.57 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 16 Jul 2015 07:27:00 -0700 (PDT) From: "Lee, Chun-Yi" X-Google-Original-From: "Lee, Chun-Yi" To: linux-kernel@vger.kernel.org Cc: linux-efi@vger.kernel.org, linux-pm@vger.kernel.org, "Rafael J. Wysocki" , Matthew Garrett , Len Brown , Pavel Machek , Josh Boyer , Vojtech Pavlik , Matt Fleming , Jiri Kosina , "H. Peter Anvin" , "Lee, Chun-Yi" Subject: [RFC PATCH 06/16] x86/efi: Generating random HMAC key for siging hibernate image Date: Thu, 16 Jul 2015 22:25:20 +0800 Message-Id: <1437056730-15247-7-git-send-email-jlee@suse.com> X-Mailer: git-send-email 1.8.4.5 In-Reply-To: <1437056730-15247-1-git-send-email-jlee@suse.com> References: <1437056730-15247-1-git-send-email-jlee@suse.com> Sender: linux-pm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-pm@vger.kernel.org X-Spam-Status: No, score=-8.1 required=5.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP This patch adds codes in EFI stub for generating and storing the HMAC key in EFI boot service variable for signing hibernate image. Per rcf2104, the length of HMAC-SHA1 hash result is 20 bytes, and it recommended the length of key the same with hash rsult, means also 20 bytes. Using longer key would not significantly increase the function strength. Due to the nvram space is limited in some UEFI machines, so using the minimal recommended length 20 bytes key that will stored in boot service variable. For generating a messy number as a 20 bytes key, the codes in EFI stub gets u32 random number five time and every random number is rolling that last u32 random number as entropy. The HMAC key stored in EFI boot service variable, the GUID is S4SignKey-fe141863-c070-478e-b8a3-878a5dc9ef21. Signed-off-by: Lee, Chun-Yi --- arch/x86/boot/compressed/eboot.c | 57 ++++++++++++++++++++++++++++++++++++++++ arch/x86/include/asm/suspend.h | 9 +++++++ include/linux/suspend.h | 3 +++ 3 files changed, 69 insertions(+) diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c index 0ffb6db..97b356f 100644 --- a/arch/x86/boot/compressed/eboot.c +++ b/arch/x86/boot/compressed/eboot.c @@ -12,6 +12,7 @@ #include #include #include +#include #include "../string.h" #include "eboot.h" @@ -1383,6 +1384,60 @@ free_mem_map: return status; } +#ifdef CONFIG_HIBERNATE_VERIFICATION +#define SWSUSP_KEY \ + ((efi_char16_t [10]) { 'S', 'W', 'S', 'U', 'S', 'P', 'K', 'e', 'y', 0 }) +#define SWSUSP_KEY_ATTRIBUTE (EFI_VARIABLE_NON_VOLATILE | \ + EFI_VARIABLE_BOOTSERVICE_ACCESS) + +static void setup_swsusp_keys(struct boot_params *params) +{ + unsigned long key_size, attributes; + struct swsusp_keys *swsusp_keys; + efi_status_t status; + + /* Allocate setup_data to carry keys */ + status = efi_call_early(allocate_pool, EFI_LOADER_DATA, + sizeof(struct swsusp_keys), &swsusp_keys); + if (status != EFI_SUCCESS) { + efi_printk(sys_table, "Failed to alloc mem for swsusp_keys\n"); + return; + } + + memset(swsusp_keys, 0, sizeof(struct swsusp_keys)); + + status = efi_call_early(get_variable, SWSUSP_KEY, &EFI_SWSUSP_GUID, + &attributes, &key_size, swsusp_keys->swsusp_key); + if (status == EFI_SUCCESS && attributes != SWSUSP_KEY_ATTRIBUTE) { + efi_printk(sys_table, "A swsusp key is not boot service variable\n"); + memset(swsusp_keys->swsusp_key, 0, SWSUSP_DIGEST_SIZE); + status = efi_call_early(set_variable, SWSUSP_KEY, + &EFI_SWSUSP_GUID, attributes, 0, NULL); + if (status == EFI_SUCCESS) { + efi_printk(sys_table, "Cleaned existing swsusp key\n"); + status = EFI_NOT_FOUND; + } + } + + if (status != EFI_SUCCESS) { + efi_printk(sys_table, "Failed to get existing swsusp key\n"); + + efi_get_random_key(sys_table, params, swsusp_keys->swsusp_key, + SWSUSP_DIGEST_SIZE); + + status = efi_call_early(set_variable, SWSUSP_KEY, + &EFI_SWSUSP_GUID, + SWSUSP_KEY_ATTRIBUTE, + SWSUSP_DIGEST_SIZE, + swsusp_keys->swsusp_key); + if (status != EFI_SUCCESS) + efi_printk(sys_table, "Failed to set swsusp key\n"); + } +} +#else +static void setup_swsusp_keys(struct boot_params *params) {} +#endif + /* * On success we return a pointer to a boot_params structure, and NULL * on failure. @@ -1420,6 +1475,8 @@ struct boot_params *efi_main(struct efi_config *c, setup_efi_pci(boot_params); + setup_swsusp_keys(boot_params); + status = efi_call_early(allocate_pool, EFI_LOADER_DATA, sizeof(*gdt), (void **)&gdt); if (status != EFI_SUCCESS) { diff --git a/arch/x86/include/asm/suspend.h b/arch/x86/include/asm/suspend.h index 2fab6c2..b0c3f68 100644 --- a/arch/x86/include/asm/suspend.h +++ b/arch/x86/include/asm/suspend.h @@ -3,3 +3,12 @@ #else # include #endif + +#ifdef CONFIG_HIBERNATE_VERIFICATION +#include + +struct swsusp_keys { + unsigned long skey_status; + u8 swsusp_key[SWSUSP_DIGEST_SIZE]; +}; +#endif diff --git a/include/linux/suspend.h b/include/linux/suspend.h index 6cd2a48..1ec7d11 100644 --- a/include/linux/suspend.h +++ b/include/linux/suspend.h @@ -328,6 +328,9 @@ struct platform_hibernation_ops { #ifdef CONFIG_HIBERNATION +#define EFI_SWSUSP_GUID \ + EFI_GUID(0xfe141863, 0xc070, 0x478e, 0xb8, 0xa3, 0x87, 0x8a, 0x5d, 0xc9, 0xef, 0x21) + /* HMAC Algorithm of Hibernate Signature */ #define SWSUSP_HMAC "hmac(sha1)" #define SWSUSP_DIGEST_SIZE 20