search

9elements / converged-security-suite

Converged Security Suite for Intel & AMD platform security features
https://www.9esec.io
BSD 3-Clause "New" or "Revised" License
56 stars 15 forks source link

Switch pkg/intel to fiano's version #315

Closed xaionaro closed 2 years ago

xaionaro commented 2 years ago

Test Plan

unit-tests

xaionaro@void:~/go/src/github.com/9elements/converged-security-suite$ go test ./... -count=1
?       github.com/9elements/converged-security-suite/v2/cmd/cbnt-prov  [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/pcr0tool   [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/pcr0tool/commands  [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/pcr0tool/commands/diff [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/pcr0tool/commands/diff/format  [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/pcr0tool/commands/dumpfit  [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/pcr0tool/commands/dumpregisters    [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/pcr0tool/commands/dumpregisters/helpers    [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/pcr0tool/commands/printnodes   [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/pcr0tool/commands/sum  [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/txt-prov   [no test files]
?       github.com/9elements/converged-security-suite/v2/cmd/txt-suite  [no test files]
?       github.com/9elements/converged-security-suite/v2/pkg/check  [no test files]
ok      github.com/9elements/converged-security-suite/v2/pkg/diff   0.027s
ok      github.com/9elements/converged-security-suite/v2/pkg/errors 0.060s
?       github.com/9elements/converged-security-suite/v2/pkg/hwapi  [no test files]
?       github.com/9elements/converged-security-suite/v2/pkg/log    [no test files]
?       github.com/9elements/converged-security-suite/v2/pkg/mathtools  [no test files]
?       github.com/9elements/converged-security-suite/v2/pkg/ostools    [no test files]
?       github.com/9elements/converged-security-suite/v2/pkg/pcd    [no test files]
?       github.com/9elements/converged-security-suite/v2/pkg/pcd/consts [no test files]
?       github.com/9elements/converged-security-suite/v2/pkg/pcd/helpers    [no test files]
ok      github.com/9elements/converged-security-suite/v2/pkg/pcr    0.015s
?       github.com/9elements/converged-security-suite/v2/pkg/pcr/types  [no test files]
ok      github.com/9elements/converged-security-suite/v2/pkg/provisioning/cbnt  0.044s
?       github.com/9elements/converged-security-suite/v2/pkg/provisioning/txt   [no test files]
ok      github.com/9elements/converged-security-suite/v2/pkg/registers  1.354s
ok      github.com/9elements/converged-security-suite/v2/pkg/test   0.017s
ok      github.com/9elements/converged-security-suite/v2/pkg/tools  0.101s
ok      github.com/9elements/converged-security-suite/v2/pkg/tpmdetection   0.025s
?       github.com/9elements/converged-security-suite/v2/pkg/tpmeventlog    [no test files]
ok      github.com/9elements/converged-security-suite/v2/pkg/uefi   0.009s [no tests to run]
?       github.com/9elements/converged-security-suite/v2/pkg/uefi/consts    [no test files]
?       github.com/9elements/converged-security-suite/v2/pkg/uefi/ffs   [no test files]
?       github.com/9elements/converged-security-suite/v2/pkg/uefi/ffs/consts    [no test files]

pcr0tool

xaionaro@void:~/go/src/github.com/9elements/converged-security-suite$ go run ./cmd/pcr0tool/ sum ~/firmware/F09_3A10.bin > /tmp/2.txt
xaionaro@void:~/go/src/github.com/9elements/converged-security-suite$ git checkout master
Switched to branch 'master'
Your branch is up to date with 'origin/master'.
xaionaro@void:~/go/src/github.com/9elements/converged-security-suite$ go run ./cmd/pcr0tool/ sum ~/firmware/F09_3A10.bin > /tmp/1.txt
xaionaro@void:~/go/src/github.com/9elements/converged-security-suite$ diff /tmp/[12].txt

cbnt-prov

xaionaro@void:~/go/src/github.com/9elements/converged-security-suite$ go run ./cmd/cbnt-prov/ show-all ~/firmware/Y3DLP08.bin > /tmp/1.txt
xaionaro@void:~/go/src/github.com/9elements/converged-security-suite$ git checkout migrate/intel_to_fiano
Switched to branch 'migrate/intel_to_fiano'
Your branch is up to date with 'origin/migrate/intel_to_fiano'.
xaionaro@void:~/go/src/github.com/9elements/converged-security-suite$ go run ./cmd/cbnt-prov/ show-all ~/firmware/Y3DLP08.bin > /tmp/2.txt
xaionaro@void:~/go/src/github.com/9elements/converged-security-suite$ diff /tmp/[12].txt
1,33c1,30
< Firmware Interface Table
< ------------------------
< Type                      | Address              | Size     | Version    | Checksum valid  | Checksum
< -----------------------------------------------------------------------------------------------------
< FIT_header_entry          | 0x2020205f5449465f   | 28       | {"maj":1}  | false           | 241
< microcode_update_entry    | 0xffef8180           | 0        | {"maj":1}  | false           | 0
< microcode_update_entry    | 0xffefe580           | 0        | {"maj":1}  | false           | 0
< microcode_update_entry    | 0xfff04d80           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< skip_entry                | 0xffffffff           | 0        | {"maj":1}  | false           | 0
< startup_ACM_entry         | 0xffbc0000           | 0        | {"maj":1}  | false           | 0
< BIOS_startup_module_entry | 0xfff0b760           | 2        | {"maj":1}  | false           | 0
< BIOS_startup_module_entry | 0xffc00000           | 262144   | {"maj":1}  | false           | 0
< BIOS_policy_record        | 0x0                  | 0        | {"maj":1}  | false           | 0
< TXT_policy_record         | 0x2a050100710070     | 0        | {"maj":0}  | false           | 0
< key_manifest_record       | 0xfff0bd80           | 597      | {"maj":1}  | false           | 0
< boot_policy_manifest      | 0xfff0b800           | 941      | {"maj":1}  | false           | 0
<
---
> #   | Type                             | Address              | Size     | Version | Checksum valid  | Checksum
> ---------------------------------------------------------------------------------------------------------------
> 0   | FITHeaderEntry            (0x00) | 0x2020205f5449465f   | 28       | 0x0100  | false           | 241
> 1   | MicrocodeUpdateEntry      (0x01) | 0xffef8180           | 0        | 0x0100  | false           | 0
> 2   | MicrocodeUpdateEntry      (0x01) | 0xffefe580           | 0        | 0x0100  | false           | 0
> 3   | MicrocodeUpdateEntry      (0x01) | 0xfff04d80           | 0        | 0x0100  | false           | 0
> 4   | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 5   | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 6   | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 7   | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 8   | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 9   | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 10  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 11  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 12  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 13  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 14  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 15  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 16  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 17  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 18  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 19  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 20  | Skip                      (0x7F) | 0xffffffff           | 0        | 0x0100  | false           | 0
> 21  | SACM                      (0x02) | 0xffbc0000           | 0        | 0x0100  | false           | 0
> 22  | BIOSStartupModuleEntry    (0x07) | 0xfff0b760           | 2        | 0x0100  | false           | 0
> 23  | BIOSStartupModuleEntry    (0x07) | 0xffc00000           | 262144   | 0x0100  | false           | 0
> 24  | BIOSPolicyRecord          (0x09) | 0x0                  | 0        | 0x0100  | false           | 0
> 25  | TXTPolicyRecord           (0x0A) | 0x2a050100710070     | 0        | 0x0000  | false           | 0
> 26  | KeyManifestRecord         (0x0B) | 0xfff0bd80           | 597      | 0x0100  | false           | 0
> 27  | BootPolicyManifestRecord  (0x0C) | 0xfff0b800           | 941      | 0x0100  | false           | 0