From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:4864:20::e41; helo=mail-vs1-xe41.google.com; envelope-from=sumit.garg@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-vs1-xe41.google.com (mail-vs1-xe41.google.com [IPv6:2607:f8b0:4864:20::e41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 5640D21B02822 for ; Mon, 5 Nov 2018 02:07:40 -0800 (PST) Received: by mail-vs1-xe41.google.com with SMTP id x64so4736414vsa.5 for ; Mon, 05 Nov 2018 02:07:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=owxYg1ZWlau3MDDH/MsCg8qkTwMUVRQMBQ2ea9OxI6o=; b=KOn7q7/L/HhE+O2rxltgjIDH0kHqfnlADMa7gLic6i9n3lT/TfTAdlNUQbM8h1naqQ 8Rm0aCdcE7RWRPZ97g9lgL8Py6aOjq0CJA3Y1jQUJSEMhuVElRo+MEKjMmO9ddkjcOzm n86uzqOKwHu/3HQx8gxQM7nX0AMKev8JJrBKo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=owxYg1ZWlau3MDDH/MsCg8qkTwMUVRQMBQ2ea9OxI6o=; b=AL0fP5vCqELZ8lyDZmUZk5Irt8HP3lb87OEDl/oZ9wpjxOjCfFP6r0TqTA4so5IDYK PAYL9+lKhF2gfiFFML+QcQtmpUbU28a4CcIPSxshscbNCe3Exsqr8Tgz2fsfXStUiCfi f9ZgMasV+hPIAvmIcgtE4yAHdG3bY0yCL7bOSQYtWeqPvwtpk+Qwim3R8eeyhP0uXKCR cYbEAZ8+ZJW/5ni7u0IJqUpHZk1Wxy7KkuuWn1ZKuJL0yqY/cBA3+GWkVbbuG6f7xb1F fAEvDVXqNoExgU7gPi/GocI0BD5KoEgLo+Dnt1pWCYt93TgkaT/v796a0HskV35Noc24 0tMQ== X-Gm-Message-State: AGRZ1gJlZ1FEenhsu4SXDI66W5RUGbx23dofDqgdcq5mrG1JKVBzlaIo UoToEnBaqp4KInlBDrWhX23usitq8Bczac4tohaA5w== X-Google-Smtp-Source: AJdET5d779LvZ+LR4EeGVxbDlN2XaU4d3azWlbvg5n5RKBpQZWmWrr2olUUfZTkkfs8/VxorNWz8CNk4dVyl93uk51M= X-Received: by 2002:a67:8cc8:: with SMTP id o191mr1322246vsd.55.1541412459126; Mon, 05 Nov 2018 02:07:39 -0800 (PST) MIME-Version: 1.0 References: <20180921082542.35768-1-christopher.co@microsoft.com> <20180921082542.35768-2-christopher.co@microsoft.com> <20181031204305.mkivnbhnna4niy2g@bivouac.eciton.net> In-Reply-To: From: Sumit Garg Date: Mon, 5 Nov 2018 15:37:26 +0530 Message-ID: To: Christopher.Co@microsoft.com Cc: Leif Lindholm , edk2-devel@lists.01.org, Ard Biesheuvel , Michael D Kinney , tee-dev@lists.linaro.org Subject: Re: [PATCH edk2-platforms 01/27] Platform/Microsoft: Add OpteeClientPkg dec X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Nov 2018 10:07:40 -0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Chris, On Sat, 3 Nov 2018 at 05:25, Chris Co wrote: > > Hi Sumit, > > > -----Original Message----- > > From: Sumit Garg > > Sent: Thursday, November 1, 2018 10:24 PM > > To: Chris Co > > Cc: Leif Lindholm ; edk2-devel@lists.01.org; = Ard > > Biesheuvel ; Michael D Kinney > > ; tee-dev@lists.linaro.org > > Subject: Re: [PATCH edk2-platforms 01/27] Platform/Microsoft: Add > > OpteeClientPkg dec > > > > + OP-TEE ML. > > > > On Fri, 2 Nov 2018 at 06:11, Chris Co wr= ote: > > > > > > Hi Sumit, > > > > > > Our full OpteeClientPkg has: > > > - Our OpteeClientAPI implementation. I was monitoring the merge progr= ess > > on OpteeLib and will look into moving over now that it is available. > > > - The fTPM and AuthVar TA binaries. In our current design, the TA bin= aries > > are loaded at runtime. We could host the binaries themselves elsewhere = on > > the filesystem, but we do not want these binaries as early/pseudo TAs. = Is > > there a plan for OpteeLib to support loading full TAs? > > > > Early TAs [1] are basically full TAs only, running in Secure EL0 mode. > > So instead of loading TA from normal world file-system, they are linked= into a > > special data section in the OP-TEE core blob. > > > > Also I don't think loading TAs dynamically especially during boot makes= much > > sense due to following reasons: > > 1. Increased boot time. > > 2. Fixed TAs like in your case which could be linked as early TAs as we= ll. > > > > We prefer to load TAs dynamically for a more flexible servicing story. My= understanding is that Early TAs are coupled with the OP-TEE binary itself,= so to update an Early TA, a new OP-TEE binary would need to be created and= pushed. We want to avoid rolling a new OP-TEE and only update the TA binar= y in this scenario. > Are you referring to run-time updates on the device in the field? If this is the case then how do you think to update TAs, is it via some custom capsule update method? I do consider these TAs used during boot as essential secure services provided by the secure firmware (OP-TEE in this case). So these TAs should be part of firmware itself and updates for them should come through firmware capsule updates only. > > And you mentioned filesystem, are you referring to root filesystem? > > > > We have not implemented this yet, but we were thinking to have the TA bin= aries present in the EFI partition. > AFAIK, EFI partition is shared among Linux and UEFI. This provides Linux access to secure firmware TAs that could be a security concern (denial of service could be one of them). > > > - We have two client drivers: a firmware TPM TA driver and an > > authenticated variable TA driver. These talk through the tee-supplicant= to > > their respective TAs. > > > > > > > Here from tee-supplicant apart from loading TAs, what other services ar= e you > > expecting? If you are looking for secure storage via RPMB, that could b= e an > > enhancement to OpteeLib adding corresponding RPC handling here [2]. > > > > For RPC handling, we are looking for the following callback support: > - OPTEE_SMC_RPC_FUNC_ALLOC > - OPTEE_SMC_RPC_FUNC_FREE > - OPTEE_SMC_RPC_FUNC_CMD > - OPTEE_MSG_RPC_CMD_LOAD_TA Please see above comments for this. > - OPTEE_MSG_RPC_CMD_RPMB > - OPTEE_MSG_RPC_CMD_GET_TIME Can you share the usage of OPTEE_MSG_RPC_CMD_GET_TIME? AFAIK, this is used to get REE time from OP-TEE. > - OPTEE_MSG_RPC_CMD_SHM_ALLOC > - OPTEE_MSG_RPC_CMD_SHM_FREE > - OPTEE_MSG_RPC_CMD_WAIT_QUEUE I don't think we need OPTEE_MSG_RPC_CMD_WAIT_QUEUE implementation in UEFI as its a single threaded execution flow on boot core. BTW, I am not sure if I could get time to work on RPC handling anytime soon. So patches are welcome and I am happy to review them. Regards, Sumit > > Thanks, > Chris > > > [1] > > https://na01.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fgith= ub.c > > om%2FOP- > > TEE%2Foptee_os%2Fblob%2Fmaster%2Fdocumentation%2Foptee_design.md > > %23early-trusted- > > applications&data=3D02%7C01%7CChristopher.Co%40microsoft.com%7C4a > > 7d8c01e4804365f4eb08d640837a15%7C72f988bf86f141af91ab2d7cd011db47% > > 7C1%7C0%7C636767330779998429&sdata=3DyaDWw5Z6yuux1o89kxzbknVp > > b%2B1OHUagbB%2FOGS4dAcU%3D&reserved=3D0 > > [2] > > https://na01.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fgith= ub.c > > om%2Ftianocore%2Fedk2%2Fblob%2Fmaster%2FArmPkg%2FLibrary%2FOpteeL > > ib%2FOptee.c%23L147&data=3D02%7C01%7CChristopher.Co%40microsoft.c > > om%7C4a7d8c01e4804365f4eb08d640837a15%7C72f988bf86f141af91ab2d7cd > > 011db47%7C1%7C0%7C636767330779998429&sdata=3DLsplb1L7Ugd2C6cXG > > 8gBo40Ei8UQPtIA7fNEDL1t%2Fbg%3D&reserved=3D0 > > > > Regards, > > Sumit > > > > > Chris > > > > > > > -----Original Message----- > > > > From: Sumit Garg > > > > Sent: Thursday, November 1, 2018 3:55 AM > > > > To: Chris Co ; Leif Lindholm > > > > > > > > Cc: edk2-devel@lists.01.org; Ard Biesheuvel > > > > ; Michael D Kinney > > > > > > > > Subject: Re: [PATCH edk2-platforms 01/27] Platform/Microsoft: Add > > > > OpteeClientPkg dec > > > > > > > > Hi Christopher, > > > > > > > > Optee Client library has recently been merged to edk2 source code. > > > > It tries to provide a generic interface [1] to OP-TEE based trusted > > > > applications (pseudo/early). > > > > > > > > AFAIK, you don't need any platform specific hook in client interfac= e > > > > to work with upstream OP-TEE. So instead you should use Optee libra= ry. > > > > > > > > [1] > > > > https://na01.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2F= git > > > > hub.c > > > > > > om%2Ftianocore%2Fedk2%2Fblob%2Fmaster%2FArmPkg%2FInclude%2FLibrary > > > > > > %2FOpteeLib.h&data=3D02%7C01%7CChristopher.Co%40microsoft.com%7C > > > > > > c19b84ef7f8f4213424108d63fe88f66%7C72f988bf86f141af91ab2d7cd011db47 > > > > > > %7C1%7C0%7C636766665404786500&sdata=3Dm24akbKtoyCERVN77meoSU > > > > H6E%2Bpf8W2P5MF7nvU5y7I%3D&reserved=3D0 > > > > > > > > Regards, > > > > Sumit > > > > > > > > On Thu, 1 Nov 2018 at 02:13, Leif Lindholm > > wrote: > > > > > > > > > > +Sumit (just to loop you two together). Is there anything > > > > > +Microsoft > > > > > platform specific about what will go in here? > > > > > > > > > > / > > > > > Leif > > > > > > > > > > On Fri, Sep 21, 2018 at 08:25:53AM +0000, Chris Co wrote: > > > > > > On Windows IoT Core devices with ARM TrustZone capabilities, > > > > > > EDK2 runs in normal world and we use OP-TEE to execute secure > > > > > > world operations. The overall package will contain client-side > > > > > > support to invoke EDK2 services implemented as OP-TEE trusted > > > > > > applications that run in secure world. > > > > > > > > > > > > This commit adds the initial dec file to add some PCD settings > > > > > > needed by other packages. > > > > > > > > > > > > Contributed-under: TianoCore Contribution Agreement 1.1 > > > > > > Signed-off-by: Christopher Co > > > > > > Cc: Ard Biesheuvel > > > > > > Cc: Leif Lindholm > > > > > > Cc: Michael D Kinney > > > > > > --- > > > > > > Platform/Microsoft/OpteeClientPkg/OpteeClientPkg.dec | 49 > > > > > > ++++++++++++++++++++ > > > > > > 1 file changed, 49 insertions(+) > > > > > > > > > > > > diff --git > > > > > > a/Platform/Microsoft/OpteeClientPkg/OpteeClientPkg.dec > > > > > > b/Platform/Microsoft/OpteeClientPkg/OpteeClientPkg.dec > > > > > > new file mode 100644 > > > > > > index 000000000000..4752eab39ce3 > > > > > > --- /dev/null > > > > > > +++ b/Platform/Microsoft/OpteeClientPkg/OpteeClientPkg.dec > > > > > > @@ -0,0 +1,49 @@ > > > > > > +## @file > > > > > > +# > > > > > > +# OP-TEE client package > > > > > > +# > > > > > > +# OP-TEE client package contains the client-side interface to > > > > > > +invoke OP- > > > > TEE TAs. > > > > > > +# Certain EDKII services are implemented in Trusted > > > > > > +Applications running in # the secure world OP-TEE OS. > > > > > > +# > > > > > > +# Copyright (c) 2018 Microsoft Corporation. All rights reserv= ed. > > > > > > +# > > > > > > +# This program and the accompanying materials # are licensed > > > > > > +and made available under the terms and conditions of the BSD > > > > > > +License # which accompanies this distribution. The full text > > > > > > +of the license may be found at # > > > > > > +https://na01.safelinks.protection.outlook.com/?url=3Dhttp%3A%2= F%2 > > > > > > +Fope > > > > > > +nsource.org%2Flicenses%2Fbsd- > > > > license.php&data=3D02%7C01%7CChristo > > > > > > > > > > > > +pher.Co%40microsoft.com%7Cc19b84ef7f8f4213424108d63fe88f66%7C72f988 > > > > > > > > > > > > +bf86f141af91ab2d7cd011db47%7C1%7C0%7C636766665404786500&sda > > > > ta=3D1 > > > > > > > > +MxFvlsMPhk19grEexBXo5VqRd0jZaCSRjxZCi87A2w%3D&reserved=3D0 > > > > > > +# > > > > > > +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS > > IS" > > > > > > +BASIS, # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, > > > > EITHER EXPRESS OR IMPLIED. > > > > > > +# > > > > > > +## > > > > > > + > > > > > > +[Defines] > > > > > > + DEC_SPECIFICATION =3D 0x0001001A > > > > > > + PACKAGE_NAME =3D OpteeClientPkg > > > > > > + PACKAGE_GUID =3D 77416fcb-10ec-4693-bdc0- > > 1bdd74ec9595 > > > > > > + PACKAGE_VERSION =3D 0.01 > > > > > > + > > > > > > +[Includes] > > > > > > + > > > > > > +[LibraryClasses] > > > > > > + > > > > > > +[Guids] > > > > > > + gOpteeClientPkgTokenSpaceGuid =3D { 0x04ad34ca, 0xdd25, 0x= 4156, { > > > > 0x90, 0xf5, 0x16, 0xf9, 0x40, 0xd0, 0x49, 0xe3 }} > > > > > > + > > > > > > +[PcdsFixedAtBuild] > > > > > > + > > > > > > > > > > > > +gOpteeClientPkgTokenSpaceGuid.PcdTpm2AcpiBufferBase|0|UINT64|0x0000 > > > > > > +0005 > > > > > > + > > > > > > > > > > > > +gOpteeClientPkgTokenSpaceGuid.PcdTpm2AcpiBufferSize|0|UINT32|0x0000 > > > > > > +0006 > > > > > > + > > > > > > + ## The base address of the Trust Zone OpTEE OS private memor= y > > > > > > + region # This memory is manager privately by the OpTEE OS. > > > > > > + > > > > > > + > > > > > > gOpteeClientPkgTokenSpaceGuid.PcdTrustZonePrivateMemoryBase|0xDEAD > > > > > > + 1|UINT64|0x00000001 > > > > > > + > > > > > > + ## The size of the Trust Zone OpTEE OS private memory region > > > > > > + > > > > > > + > > > > gOpteeClientPkgTokenSpaceGuid.PcdTrustZonePrivateMemorySize|55|UIN > > > > > > + T64|0x00000002 > > > > > > + > > > > > > + ## The base address of the Trust Zone OpTEE OS shared memory > > > > > > + region > > > > > > + > > > > > > + > > > > > > gOpteeClientPkgTokenSpaceGuid.PcdTrustZoneSharedMemoryBase|0xDEAD2 > > > > > > + |UINT64|0x00000003 > > > > > > + > > > > > > + ## The size of the Trust Zone OpTEE OS shared memory region > > > > > > + > > > > > > + > > > > > > gOpteeClientPkgTokenSpaceGuid.PcdTrustZoneSharedMemorySize|0xAA|UI > > > > > > + NT64|0x00000004 > > > > > > -- > > > > > > 2.16.2.gvfs.1.33.gf5370f1 > > > > > >