From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.61]) by mx.groups.io with SMTP id smtpd.web11.8848.1578494727425008424 for ; Wed, 08 Jan 2020 06:45:27 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=NHMdupu5; spf=pass (domain: redhat.com, ip: 205.139.110.61, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1578494726; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=QHyJxcUxN72aqj9KmVc4mUV+YBLRUFE3r2JWIi6Eckk=; b=NHMdupu5234vXHJfRZcSKPGNPKZv5H+a3d0q8ELIkwM9znIe+azkUrKeCNhRzhgsysSWd5 8Pwjd88vB4czMTFbpNgB6cz2Ls9ZAG+ShKWbYZVmmeIs8iysprSwibyxSe9QHBk+niS9Is z1GzA3L9E1DbCYBYk0QKeNz+SFcvkjA= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-196-FCPjq9VrN0S3wVS9SBpIOg-1; Wed, 08 Jan 2020 09:45:25 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5EFA51089B7D; Wed, 8 Jan 2020 14:45:24 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-117-37.ams2.redhat.com [10.36.117.37]) by smtp.corp.redhat.com (Postfix) with ESMTP id BE1381001B28; Wed, 8 Jan 2020 14:45:20 +0000 (UTC) Subject: Re: [PATCH 4/4] ArmVirtPkg/ArmVirtQemu: add optional support for TPM2 measured boot To: Ard Biesheuvel Cc: edk2-devel-groups-io , =?UTF-8?Q?Marc-Andr=c3=a9_Lureau?= , Jiewen Yao References: <20200107094800.4488-1-ard.biesheuvel@linaro.org> <20200107094800.4488-5-ard.biesheuvel@linaro.org> <27a930b2-bbf8-a1d2-075f-6f33ce03b460@redhat.com> From: "Laszlo Ersek" Message-ID: <6408f5c9-1759-5cd8-c570-5422fcff25e5@redhat.com> Date: Wed, 8 Jan 2020 15:45:19 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-MC-Unique: FCPjq9VrN0S3wVS9SBpIOg-1 X-Mimecast-Spam-Score: 0 Content-Language: en-US Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable (CC Marc-Andr=C3=A9 and Jiewen) On 01/08/20 15:13, Ard Biesheuvel wrote: > On Tue, 7 Jan 2020 at 18:37, Laszlo Ersek wrote: >> On 01/07/20 10:48, Ard Biesheuvel wrote: >>> + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0 >>> + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy|1 >>> + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy|1 >>> + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy|1 >>> + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy|1 >>> + gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy|1 >>> + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|3 >>> + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap|3 >> >> (3) Why is it necessary to provide dynamic defaults for these? >> >> Are we missing something important in OVMF, or are these specific >> defaults that we like for ArmVirtPkg? In the latter case, I think we >> should add them with a separate patch, as the commit message here refers >> to OvmfPkg. >> >=20 > The policy ones can be dropped, but I see warnings like these >=20 > WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0xC) > WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0xD) > FinalEventsTable->NumberOfEvents - 0x3 > Size - 0x15A > SupportedEventLogs - 0x00000003 > LogFormat - 0x00000001 > LogFormat - 0x00000002 > WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0xC) > WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0xD) >=20 >=20 > if I leave PcdTpm2HashMask at its default value Hmmm. My TPM2 "knowledge" is insufficient to judge and/or explain these warnings. Jiewen, Marc-Andr=C3=A9, can you help with this perhaps? >>> +!if $(TPM2_ENABLE) =3D=3D TRUE >>> + gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"T= CG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS >>> + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gT= cg2ConfigFormSetGuid|0x8|3|NV,BS >>> +!endif >> >> (4) Same as (3) -- I don't know what these do and why we need them here, >> unlike in OvmfPkg. If they really belong here (in this patch), can you >> explain in the commit message? >> >=20 > These are related to the TPM2 ACPI table that describes the physical > presence interface to the OS, but I'm not even sure we can support > this on ARM today, given that it relies on SMIs so I can drop these > for now, I think. "PcdTcgPhysicalPresenceInterfaceVer" is used by SmmTcg2PhysicalPresenceLib, Tcg2ConfigDxe, and Tcg2Smm. None of those are inclued in either OvmfPkg or ArmVirtPkg, so I think "PcdTcgPhysicalPresenceInterfaceVer" should be dropped. ... Small correction: Tcg2ConfigDxe is included for TPM2_CONFIG_ENABLE. For me, TPM2_CONFIG_ENABLE is uncharted (and most likely: broken) territory. We added it in commit 3103389043bd because Stefan Berger really wanted it -- I insisted it be sequestered with a dedicated build flag (for "containing the damage"), and that's how we ended up with TPM2_CONFIG_ENABLE. Therefore, if we add PcdTcgPhysicalPresenceInterfaceVer *only* when TPM2_CONFIG_ENABLE is TRUE, I'm fine. (I basically don't care about TPM2_CONFIG_ENABLE=3D=3DTRUE -- I wanted the dedicated flag so I can *afford* not caring about those modules.) Regarding "PcdTpm2AcpiTableRev": it is *consumed* by Tcg2Dxe too, so we might want to set it, if we're not pleased with the default. But, as far as I understand, we still only need it to be under [PcdsDynamicHii] if we want to configure it through HII (usually: the display browser), which is again not the case unless we have TPM2_CONFIG_ENABLE. So in the end, I'd like to see both PCDs either removed, or made dependent on TPM2_CONFIG_ENABLE =3D=3D TRUE. Thanks! Laszlo