efi: Measure into both CC and TPM if available. (#31939)

[thirdparty/systemd.git] / src / boot / efi / measure.c

diff --git a/src/boot/efi/measure.c b/src/boot/efi/measure.c
index 2591c52f2200ee11df5692188abdcca8d2b99cd3..08a2ecdba8937e78e082f96c7842c0d6e80f0d6b 100644 (file)
--- a/src/boot/efi/measure.c
+++ b/src/boot/efi/measure.c
@@ -187,9 +187,39 @@ bool tpm_present(void) {
         return tcg2_interface_check();
 }
 
-EFI_STATUS tpm_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured) {
+static EFI_STATUS tcg2_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured) {
         EFI_TCG2_PROTOCOL *tpm2;
+        EFI_STATUS err = EFI_SUCCESS;
+
+        assert(ret_measured);
+
+        tpm2 = tcg2_interface_check();
+        if (tpm2)
+                err = tpm2_measure_to_pcr_and_event_log(tpm2, pcrindex, buffer, buffer_size, description);
+
+        *ret_measured = tpm2 && (err == EFI_SUCCESS);
+
+        return err;
+}
+
+static EFI_STATUS cc_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured) {
+        EFI_CC_MEASUREMENT_PROTOCOL *cc;
+        EFI_STATUS err = EFI_SUCCESS;
+
+        assert(ret_measured);
+
+        cc = cc_interface_check();
+        if (cc)
+                err = cc_measure_to_mr_and_event_log(cc, pcrindex, buffer, buffer_size, description);
+
+        *ret_measured = cc && (err == EFI_SUCCESS);
+
+        return err;
+}
+
+EFI_STATUS tpm_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t buffer_size, const char16_t *description, bool *ret_measured) {
         EFI_STATUS err;
+        bool tpm_ret_measured, cc_ret_measured;
 
         assert(description || pcrindex == UINT32_MAX);
 
@@ -203,27 +233,15 @@ EFI_STATUS tpm_log_event(uint32_t pcrindex, EFI_PHYSICAL_ADDRESS buffer, size_t
                 return EFI_SUCCESS;
         }
 
-        tpm2 = tcg2_interface_check();
-        if (tpm2)
-                err = tpm2_measure_to_pcr_and_event_log(tpm2, pcrindex, buffer, buffer_size, description);
-        else {
-                EFI_CC_MEASUREMENT_PROTOCOL *cc;
-
-                cc = cc_interface_check();
-                if (cc)
-                        err = cc_measure_to_mr_and_event_log(cc, pcrindex, buffer, buffer_size, description);
-                else {
-                        /* No active TPM found, so don't return an error */
-
-                        if (ret_measured)
-                                *ret_measured = false;
+        /* Measure into both CC and TPM if both are available to avoid a problem like CVE-2021-42299 */
+        err = cc_log_event(pcrindex, buffer, buffer_size, description, &cc_ret_measured);
+        if (err != EFI_SUCCESS)
+                return err;
 
-                        return EFI_SUCCESS;
-                }
-        }
+        err = tcg2_log_event(pcrindex, buffer, buffer_size, description, &tpm_ret_measured);
 
         if (err == EFI_SUCCESS && ret_measured)
-                *ret_measured = true;
+                *ret_measured = tpm_ret_measured || cc_ret_measured;
 
         return err;
 }