From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wr1-f66.google.com (mail-wr1-f66.google.com [209.85.221.66]) by mx.groups.io with SMTP id smtpd.web12.3609.1578390490842357567 for ; Tue, 07 Jan 2020 01:48:11 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@linaro.org header.s=google header.b=JnhBpJv8; spf=pass (domain: linaro.org, ip: 209.85.221.66, mailfrom: ard.biesheuvel@linaro.org) Received: by mail-wr1-f66.google.com with SMTP id z7so53062931wrl.13 for ; Tue, 07 Jan 2020 01:48:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ReqU+vTwFEs146bOKAIo2idHYZgcE0/ZMbH0caK6lCo=; b=JnhBpJv8E1V3pi1zEOeZz2RTpj5gZ5deUllm/ZG3oMSSWchYc3U7Frk4T6J6kgWw0u dB+umtOpOeBdMX3YLbIFWTE+CXye4a9TiniaVrJjqz2HKNe4cUwmLfFoT4PdXDImwqbg XK4cx7cr82ax/2PhKmlnb3Rw1Vkn1oyrG6+mibpXVtCe9BBV9kmzGLyDvJVXshitdB/Y 3TDG1AtK3E42qn1u7n75MVA98pESpwLz2o9sSfzQj6EMafi78St5WWPNFEODwAkXE3MU 4x8AcGY1EbP42dhtERdent0ou6tyChicgk6Y7B0HBIq2eEZEs5v0DGK5WY6LwWpyQ+RO AuFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ReqU+vTwFEs146bOKAIo2idHYZgcE0/ZMbH0caK6lCo=; b=Jv8yP2zRHTOhwppPxjSpa1j2NCAVbPYXbDflWjcePT0WMJoTfFSdd7RAME8vPjHSXQ 3ipG10BG0NJIPsn4cM1LH7uIov5U/wQl8cjRoEqFOaL2t+d86zfePraFT/AJ2shk/6eH rDfIRfaZnaPOq07iz/tQAmPHnI2nPySs6D5DBViqTQvLCToqRKsWJi3sn/1a4Jy67mhk rFvJwkH7HkHzBtOexxg4ggEhjBvrmLek7Sb5a91bxs0nNirGMkiVy7tdXm1+l/OsaYgx 0CxetQ+Jcnap/bRa3bPsyfJzFPUuMCu6gbRl7yP+6qV/qeqXUsH4nNVA3Szd1vJl9jRU HD0A== X-Gm-Message-State: APjAAAWVlLTNz4C1QyoEK8Or4rWuD6Vc2MVVsC6pIB/3gxi/1iu4Sqxz w5zr9ewsEEkTndqfhk1RipxIdBPrGNfCpw== X-Google-Smtp-Source: APXvYqyTUI0Jfa9toOU8v6jx+qSiF/btFWdER52yzB3c6O4cFgkvqiQI63KWIWwR+2lbHXLDXzCEMg== X-Received: by 2002:a5d:50ce:: with SMTP id f14mr107877790wrt.254.1578390489014; Tue, 07 Jan 2020 01:48:09 -0800 (PST) Return-Path: Received: from localhost.localdomain ([2a01:cb1d:112:6f00:cc7e:d2b6:8b0c:cb36]) by smtp.gmail.com with ESMTPSA id u1sm25870210wmc.5.2020.01.07.01.48.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Jan 2020 01:48:07 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: lersek@redhat.com, Ard Biesheuvel Subject: [PATCH 4/4] ArmVirtPkg/ArmVirtQemu: add optional support for TPM2 measured boot Date: Tue, 7 Jan 2020 10:48:00 +0100 Message-Id: <20200107094800.4488-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200107094800.4488-1-ard.biesheuvel@linaro.org> References: <20200107094800.4488-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Duplicate the TPM2_ENABLE and TPM2_CONFIG_ENABLE build time flags that already exist in OvmfPkg, and wire them up in the .DSC and .FDF so that setting those flags produces a ArmVirtQemu build that implements measured boot using a TPM provided by QEMU and described in the device tree. Note that the TPM2 driver stack relies on a PEI phase being implemented, so there is no point in enabling this for ArmVirtQemuKernel or ArmVirtXen. Signed-off-by: Ard Biesheuvel --- ArmVirtPkg/ArmVirtQemu.dsc | 71 ++++++++++++++++++++ ArmVirtPkg/ArmVirtQemu.fdf | 5 ++ ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 10 +++ 3 files changed, 86 insertions(+) diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 7ae6702ac1f0..0a37f613ae23 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -29,6 +29,8 @@ [Defines] # DEFINE TTY_TERMINAL = FALSE DEFINE SECURE_BOOT_ENABLE = FALSE + DEFINE TPM2_ENABLE = FALSE + DEFINE TPM2_CONFIG_ENABLE = FALSE # # Network definition @@ -74,12 +76,32 @@ [LibraryClasses.common] PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridgeLib.inf +!if $(TPM2_ENABLE) == TRUE + Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf + Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf + Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf + TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf +!else + Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf +!endif + [LibraryClasses.common.PEIM] ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoPeiLib.inf +!if $(TPM2_ENABLE) == TRUE + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf + ResetSystemLib|MdeModulePkg/Library/PeiResetSystemLib/PeiResetSystemLib.inf + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +!endif + [LibraryClasses.common.DXE_DRIVER] ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf +!if $(TPM2_ENABLE) == TRUE + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +!endif + [LibraryClasses.common.UEFI_DRIVER] UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf @@ -177,6 +199,8 @@ [PcdsFixedAtBuild.common] gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|3 + gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE) + [PcdsFixedAtBuild.AARCH64] # Clearing BIT0 in this PCD prevents installing a 32-bit SMBIOS entry point, # if the entry point version is >= 3.0. AARCH64 OSes cannot assume the @@ -237,9 +261,26 @@ [PcdsDynamicDefault.common] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE +!if $(TPM2_ENABLE) == TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0 + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy|1 + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy|1 + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy|1 + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy|1 + gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy|1 + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|3 + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap|3 +!endif + [PcdsDynamicHii] gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGuid|0x0|FALSE|NV,BS +!if $(TPM2_ENABLE) == TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS +!endif + ################################################################################ # # Components Section - list of all EDK II Modules needed by this Platform @@ -295,6 +336,9 @@ [Components.common] MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf +!if $(TPM2_ENABLE) == TRUE + NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf +!endif } SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf @@ -430,6 +474,33 @@ [Components.common] MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf +!if $(TPM2_ENABLE) == TRUE + OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf + SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { + + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf + } +!if $(TPM2_CONFIG_ENABLE) == TRUE + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif + SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { + + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf + NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf + } +!endif + # # ACPI Support # diff --git a/ArmVirtPkg/ArmVirtQemu.fdf b/ArmVirtPkg/ArmVirtQemu.fdf index 2c8936a1ae15..d866e62c529b 100644 --- a/ArmVirtPkg/ArmVirtQemu.fdf +++ b/ArmVirtPkg/ArmVirtQemu.fdf @@ -113,6 +113,11 @@ [FV.FVMAIN_COMPACT] INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf +!if $(TPM2_ENABLE) == TRUE + INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf + INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +!endif + FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 { SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF PROCESSING_REQUIRED = TRUE { SECTION FV_IMAGE = FVMAIN diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc index 31f615a9d0f9..d481e4b2b8fb 100644 --- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc +++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc @@ -182,3 +182,13 @@ [FV.FvMain] # Ramdisk support # INF MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf + + # + # TPM2 support + # +!if $(TPM2_ENABLE) == TRUE + INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +!if $(TPM2_CONFIG_ENABLE) == TRUE + INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +!endif +!endif -- 2.20.1