From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wr1-f67.google.com (mail-wr1-f67.google.com [209.85.221.67]) by mx.groups.io with SMTP id smtpd.web10.11080.1586181538707976559 for ; Mon, 06 Apr 2020 06:58:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@nuviainc-com.20150623.gappssmtp.com header.s=20150623 header.b=pcVyFCoL; spf=pass (domain: nuviainc.com, ip: 209.85.221.67, mailfrom: leif@nuviainc.com) Received: by mail-wr1-f67.google.com with SMTP id 31so377099wre.5 for ; Mon, 06 Apr 2020 06:58:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nuviainc-com.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=IhBsv/KFm+zmZheWxJdBqtd2ehF2nb3OZWsJg+aIqB4=; b=pcVyFCoLK2xnuLe7WYAvSOpES2Mev4nsH5znqwu05MPw1P87kmo6quP98rcuACCw2w QRgvuNdaiqJw9/g9N7bOSuVs9IuCuHlrsMOGH/Ez6l9tsm4z/iQiyNqfYHWfevCMmB+7 7ElQgncwtbvashiJfIFMuKmveX2iEGDfEYXnPe2rJN+lSgTY6SqaQjue9CB7Z2OMf4W0 IdASeSxbTp7M6LeHY+1iOVh3KSN7a/4FdBugI9ON8/vnx8HbstCIUHSumAUcaG+4Zj01 0u2qSICwhZrUh6VmmFgbNbS5PXR3vp2uJUTgFwrxJsM6yVIkopLKL/fBQdGExxJPPr6i C3Lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=IhBsv/KFm+zmZheWxJdBqtd2ehF2nb3OZWsJg+aIqB4=; b=TgQrkpJUT80wcgRPNHLS4R2Op3oFCtNYKPtVck+2C86tZBd2NhmzDFjvSqQfUG23sp mNr2JoK/9ZbTyGvflLN708Xr4N+gWZVLmY7FPA9yOmYZ4z+Dtq+J5VeOtA4DcLV7wE1/ g2KcxvLTbo0dRlq8pbIbcWN9VoJ2cd67No9m4vGIi241p3fzpA3ka4Qhzvs1Irxgvm/T cg0mIV3/Cmu1dTFscZEozv29PaFoMp3WE8bjqeEPLpg/Y8UrsC5dCSG20dZIy4K/WJIa DAdJMjJ4DvWeztteR7l6oN5SltnTuhldDXF/+J240J+qMnrMxHsVv/aSTqiY7GDUH5Ch FWnA== X-Gm-Message-State: AGi0PuaGEe/abyBKI0Alzv1GD/bKFpGTPXfGgp38iYb8pxtoiRrjPGpt eRBZMu9S6s3S6UqgJTNZRcm/Aw== X-Google-Smtp-Source: APiQypJQsZFgaUa3etilaqfb1qgjcc9DzzJI6RrOB5VqRwsu3El+7/EZSZ+iR1pO7D6jwpLMhnK++A== X-Received: by 2002:a5d:4592:: with SMTP id p18mr7738279wrq.357.1586181537186; Mon, 06 Apr 2020 06:58:57 -0700 (PDT) Return-Path: Received: from vanye ([2001:470:1f09:12f0:b26e:bfff:fea9:f1b8]) by smtp.gmail.com with ESMTPSA id b7sm27368660wrn.67.2020.04.06.06.58.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Apr 2020 06:58:56 -0700 (PDT) Date: Mon, 6 Apr 2020 14:58:54 +0100 From: "Leif Lindholm" To: Ard Biesheuvel Cc: devel@edk2.groups.io, masahisa.kojima@linaro.org Subject: Re: [PATCH edk2-platforms 1/1] DeveloperBox: implement measured boot Message-ID: <20200406135854.GH14075@vanye> References: <20200304072543.6718-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 In-Reply-To: <20200304072543.6718-1-ard.biesheuvel@linaro.org> User-Agent: Mutt/1.10.1 (2018-07-13) Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Mar 04, 2020 at 08:25:43 +0100, Ard Biesheuvel wrote: > Enable the various components, library class resolutions and PCD defaults > to enable measured boot based on a version 2 TPM. The TPM is exposed as > having a memory mapped TIS frame, which is accomplished using the SPI > command sequencer that is available on this platform. Note that this > requires SCP firmware support. Ideally, I'd like to see the corresponding SCP firmware added to edk2-non-osi, but...: Reviewed-by: Leif Lindholm Apologies for tardiness. > Signed-off-by: Ard Biesheuvel > --- > Platform/Socionext/DeveloperBox/DeveloperBox.dsc | 91 ++++++++++++++++++++ > Platform/Socionext/DeveloperBox/DeveloperBox.fdf | 11 +++ > Silicon/Socionext/SynQuacer/DeviceTree/DeveloperBox.dts | 4 + > Silicon/Socionext/SynQuacer/DeviceTree/SynQuacer.dtsi | 7 ++ > Silicon/Socionext/SynQuacer/Include/Platform/MemoryMap.h | 4 + > Silicon/Socionext/SynQuacer/Library/SynQuacerMemoryInitPeiLib/SynQuacerMemoryInitPeiLib.c | 3 + > 6 files changed, 120 insertions(+) > > diff --git a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc > index 9f8cb68cdd26..cddd34e65389 100644 > --- a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc > +++ b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc > @@ -24,6 +24,7 @@ [Defines] > > DEFINE DEBUG_ON_UART1 = FALSE > DEFINE SECURE_BOOT_ENABLE = FALSE > + DEFINE TPM2_ENABLE = FALSE > DEFINE X64EMU_ENABLE = FALSE > > !include Platform/Socionext/DeveloperBox/DeveloperBox.dsc.inc > @@ -38,6 +39,16 @@ [LibraryClasses] > PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf > !endif > > +!if $(TPM2_ENABLE) == TRUE > + Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf > + Tcg2PhysicalPresenceLib|SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf > + Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf > + TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf > +!else > + Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf > + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf > +!endif > + > [LibraryClasses.common.SEC] > PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf > BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf > @@ -60,6 +71,19 @@ [LibraryClasses.common.PEIM] > PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf > MemoryInitPeiLib|Silicon/Socionext/SynQuacer/Library/SynQuacerMemoryInitPeiLib/SynQuacerMemoryInitPeiLib.inf > PlatformPeiLib|Silicon/Socionext/SynQuacer/Library/SynQuacerPlatformPeiLib/SynQuacerPlatformPeiLib.inf > + ResetSystemLib|MdeModulePkg/Library/PeiResetSystemLib/PeiResetSystemLib.inf > + > +!if $(TPM2_ENABLE) == TRUE > + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf > + Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf > + > + Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf > + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf > + Tcg2PhysicalPresenceLib|SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf > + Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf > + > + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > +!endif > > [LibraryClasses.common.DXE_CORE] > PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf > @@ -92,6 +116,10 @@ [LibraryClasses.common.DXE_DRIVER] > PciHostBridgeLib|Silicon/Socionext/SynQuacer/Library/SynQuacerPciHostBridgeLib/SynQuacerPciHostBridgeLib.inf > NonDiscoverableDeviceRegistrationLib|MdeModulePkg/Library/NonDiscoverableDeviceRegistrationLib/NonDiscoverableDeviceRegistrationLib.inf > > +!if $(TPM2_ENABLE) == TRUE > + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf > +!endif > + > [LibraryClasses.common.UEFI_APPLICATION] > PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf > HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf > @@ -183,13 +211,33 @@ [PcdsFixedAtBuild] > gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04 > gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04 > > +!if $(TPM2_ENABLE) == TRUE > + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x10000000 > +!endif > + > [PcdsDynamicExDefault.common.DEFAULT] > gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100 > gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0xf7, 0x89, 0x9b, 0xe9, 0x20, 0xc1, 0x25, 0x4b, 0x4d, 0xb1, 0x83, 0x94, 0xed, 0xb0, 0xb4, 0xf5} > > +!if $(TPM2_ENABLE) == TRUE > + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} > + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy|1 > + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy|1 > + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy|1 > + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy|1 > + gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy|1 > + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|3 > + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap|3 > +!endif > + > [PcdsDynamicHii] > gSynQuacerTokenSpaceGuid.PcdPlatformSettings|L"SynQuacerPlatformSettings"|gSynQuacerPlatformFormSetGuid|0x0|0x0|NV,BS > > +!if $(TPM2_ENABLE) == TRUE > + gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS > + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS > +!endif > + > ################################################################################ > # > # Components Section - list of all EDK II Modules needed by this Platform > @@ -217,6 +265,30 @@ [Components.common] > NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf > } > > +!if $(TPM2_ENABLE) == TRUE > + MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf { > + > + ResetSystemLib|ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.inf > + } > + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf > + SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf { > + > + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf > + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf > + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf > + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf > + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf > + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf > + > + gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8048004F > + } > + > + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf { > + > + gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8048004F > + } > +!endif > + > # > # DXE > # > @@ -245,6 +317,9 @@ [Components.common] > > !if $(SECURE_BOOT_ENABLE) == TRUE > NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf > +!endif > +!if $(TPM2_ENABLE) == TRUE > + NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf > !endif > } > ArmPkg/Drivers/TimerDxe/TimerDxe.inf > @@ -302,6 +377,22 @@ [Components.common] > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf > !endif > > +!if $(TPM2_ENABLE) == TRUE > + SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { > + > + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf > + NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf > + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf > + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf > + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf > + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf > + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf > + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf > + > + gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8048004F > + } > +!endif > + > # > # UEFI application (Shell Embedded Boot Loader) > # > diff --git a/Platform/Socionext/DeveloperBox/DeveloperBox.fdf b/Platform/Socionext/DeveloperBox/DeveloperBox.fdf > index da9290fd92a2..5dd5e4b5c0c1 100644 > --- a/Platform/Socionext/DeveloperBox/DeveloperBox.fdf > +++ b/Platform/Socionext/DeveloperBox/DeveloperBox.fdf > @@ -130,6 +130,11 @@ [FV.FvMain] > INF SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf > !endif > > +!if $(TPM2_ENABLE) == TRUE > + INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf > + INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf > +!endif > + > # > # UEFI applications > # > @@ -293,6 +298,12 @@ [FV.FVMAIN_COMPACT] > INF RuleOverride = FMP_IMAGE_DESC Platform/Socionext/DeveloperBox/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf > INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf > > +!if $(TPM2_ENABLE) == TRUE > + INF MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf > + INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf > + INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf > +!endif > + > FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 { > SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF PROCESSING_REQUIRED = TRUE { > SECTION FV_IMAGE = FVMAIN > diff --git a/Silicon/Socionext/SynQuacer/DeviceTree/DeveloperBox.dts b/Silicon/Socionext/SynQuacer/DeviceTree/DeveloperBox.dts > index c4bdae258c3c..e77a372393fb 100644 > --- a/Silicon/Socionext/SynQuacer/DeviceTree/DeveloperBox.dts > +++ b/Silicon/Socionext/SynQuacer/DeviceTree/DeveloperBox.dts > @@ -27,6 +27,10 @@ > }; > }; > > +&tpm { > + status = "okay"; > +}; > + > &gpio { > gpio-line-names = "DSW3-PIN1", "DSW3-PIN2", "DSW3-PIN3", "DSW3-PIN4", > "DSW3-PIN5", "DSW3-PIN6", "DSW3-PIN7", "DSW3-PIN8", > diff --git a/Silicon/Socionext/SynQuacer/DeviceTree/SynQuacer.dtsi b/Silicon/Socionext/SynQuacer/DeviceTree/SynQuacer.dtsi > index b11e4303edd8..2ee3821fca0b 100644 > --- a/Silicon/Socionext/SynQuacer/DeviceTree/SynQuacer.dtsi > +++ b/Silicon/Socionext/SynQuacer/DeviceTree/SynQuacer.dtsi > @@ -553,6 +553,7 @@ > socionext,set-aces; > #address-cells = <1>; > #size-cells = <0>; > + status = "disabled"; > }; > > clk_i2c: i2c_pclk { > @@ -573,6 +574,12 @@ > #size-cells = <0>; > }; > > + tpm: tpm_tis@10000000 { > + compatible = "socionext,synquacer-tpm-mmio"; > + reg = <0x0 0x10000000 0x0 0x5000>; > + status = "disabled"; > + }; > + > firmware { > optee { > compatible = "linaro,optee-tz"; > diff --git a/Silicon/Socionext/SynQuacer/Include/Platform/MemoryMap.h b/Silicon/Socionext/SynQuacer/Include/Platform/MemoryMap.h > index 29c5f73f2057..a7a4232eb864 100644 > --- a/Silicon/Socionext/SynQuacer/Include/Platform/MemoryMap.h > +++ b/Silicon/Socionext/SynQuacer/Include/Platform/MemoryMap.h > @@ -82,4 +82,8 @@ > #define SYNQUACER_SPI1_BASE 0x54810000 > #define SYNQUACER_SPI1_SIZE SIZE_4KB > > +// SPI controller #1 MMIO Region > +#define SYNQUACER_SPI1_MMIO_BASE 0x10000000 > +#define SYNQUACER_SPI1_MMIO_SIZE SIZE_1MB > + > #endif > diff --git a/Silicon/Socionext/SynQuacer/Library/SynQuacerMemoryInitPeiLib/SynQuacerMemoryInitPeiLib.c b/Silicon/Socionext/SynQuacer/Library/SynQuacerMemoryInitPeiLib/SynQuacerMemoryInitPeiLib.c > index 3da32ea6816a..2db88ec53926 100644 > --- a/Silicon/Socionext/SynQuacer/Library/SynQuacerMemoryInitPeiLib/SynQuacerMemoryInitPeiLib.c > +++ b/Silicon/Socionext/SynQuacer/Library/SynQuacerMemoryInitPeiLib/SynQuacerMemoryInitPeiLib.c > @@ -115,6 +115,9 @@ STATIC CONST ARM_MEMORY_REGION_DESCRIPTOR mVirtualMemoryTable[] = { > > // DesignWare FUART > ARM_DEVICE_REGION (SYNQUACER_UART1_BASE, SYNQUACER_UART1_SIZE), > + > + // SPI#1 MMIO > + ARM_DEVICE_REGION (SYNQUACER_SPI1_MMIO_BASE, SYNQUACER_SPI1_MMIO_SIZE), > }; > > STATIC > -- > 2.17.1 >