On Wed, Mar 25, 2020 at 12:43 PM Ross Philipson <ross.philipson@xxxxxxxxxx> wrote: > > From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx> > > The SHA algorithms are necessary to measure configuration information into > the TPM as early as possible before using the values. This implementation > uses the established approach of #including the SHA libraries directly in > the code since the compressed kernel is not uncompressed at this point. > > The SHA1 code here has its origins in the code in > include/crypto/sha1_base.h. That code could not be pulled directly into > the setup portion of the compressed kernel because of other dependencies > it pulls in. So this is a modified copy of that code that still leverages > the core SHA1 algorithm. > > Signed-off-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx> > --- > arch/x86/Kconfig | 24 +++ > arch/x86/boot/compressed/Makefile | 4 + > arch/x86/boot/compressed/early_sha1.c | 104 ++++++++++++ > arch/x86/boot/compressed/early_sha1.h | 17 ++ > arch/x86/boot/compressed/early_sha256.c | 6 + > arch/x86/boot/compressed/early_sha512.c | 6 + > include/linux/sha512.h | 21 +++ > lib/sha1.c | 4 + > lib/sha512.c | 209 ++++++++++++++++++++++++ > 9 files changed, 395 insertions(+) > create mode 100644 arch/x86/boot/compressed/early_sha1.c > create mode 100644 arch/x86/boot/compressed/early_sha1.h > create mode 100644 arch/x86/boot/compressed/early_sha256.c > create mode 100644 arch/x86/boot/compressed/early_sha512.c > create mode 100644 include/linux/sha512.h > create mode 100644 lib/sha512.c > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index 7f3406a9948b..f37057d3ce9f 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -2025,6 +2025,30 @@ config SECURE_LAUNCH > of all the modules and configuration information used for > boooting the operating system. > > +choice > + prompt "Select Secure Launch Algorithm for TPM2" > + depends on SECURE_LAUNCH > + > +config SECURE_LAUNCH_SHA1 > + bool "Secure Launch TPM2 SHA1" > + help > + When using Secure Launch and TPM2 is present, use SHA1 hash > + algorithm for measurements. > + I'm surprised this is supported at all. Why allow SHA1?
