[tpm2] meta-measured updates

[tpm2] meta-measured updates

[Trevor Woerner]

[-- Attachment #1: Type: text/plain, Size: 1472 bytes --]

Hi Philip,

My hope is that one day the OE community will have one security layer to
choose, rather than the three that we have currently.

I've looked at the three different layers and feel that meta-secure-core might
be a better one to target. With respect to its TPM2 recipes, however,
meta-secure-core (and the other, meta-security) lag behind meta-measured. As
such I've been working on some updates for meta-secure-core.

Are you still keen to fold meta-measured into something else? If not I could
prepare a set of patches for meta-measured as well.

Looking at the master commit of tpm2-tss, specifically, I've noticed a number
of changes and was hoping for your feedback.

With the tss 1.x stuff we had:
	- libtcti-device
	- libtcti-socket
	- libsapi

The new tss 2.x stuff has:
	- libtss2-esys
	- libtss2-mu
	- libtss2-sys
	- libtss2-tcti-device
	- libtss2-tcti-mssim

I'm guessing libtss2-tcti-device is the new name for the old libtcti-device.
But are there any mappings from the new stuff to the older libtcti-socket and
libsapi?

It looks like things are going to get messy. It looks like, going forward,
we're going to need to keep tpm2-tss_1.x.bb around as well as create
tpm2-tss_2.x.bb recipes with differently named PACKAGES so existing recipes
that use tss (and expect the old 1.x behaviour/API) can continue to work while
allowing new code (or updates to the old) to use the new API (?).

Best regards,
	Trevor

Re: [tpm2] meta-measured updates

[Trevor Woerner]

[-- Attachment #1: Type: text/plain, Size: 1176 bytes --]

On Wed, May 30, 2018 at 5:13 PM, Trevor Woerner <twoerner(a)gmail.com> wrote:

> Are you still keen to fold meta-measured into something else? If not I
> could
> prepare a set of patches for meta-measured as well.
>
> Looking at the master commit of tpm2-tss, specifically, I've noticed a
> number
> of changes and was hoping for your feedback.
>
> With the tss 1.x stuff we had:
>         - libtcti-device
>         - libtcti-socket
>         - libsapi
>
> The new tss 2.x stuff has:
>         - libtss2-esys
>         - libtss2-mu
>         - libtss2-sys
>         - libtss2-tcti-device
>         - libtss2-tcti-mssim
>
> I'm guessing libtss2-tcti-device is the new name for the old
> libtcti-device.
> But are there any mappings from the new stuff to the older libtcti-socket
> and
> libsapi?
>

In any case, here's a WIP of my changes:
https://github.com/twoerner/meta-secure-core/tree/contrib/twoerner/tpm2-recipe-updates/meta-tpm2/recipes-tpm

Specifically, please take a look at the _git recipes, which currently build
off the master branch of all tpm2-software's components.
What do you think of tpm2-tss/tpm2-tss_git.bb's PACKAGES?

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 1763 bytes --]

Re: [tpm2] meta-measured updates

[Roberts, William C]

[-- Attachment #1: Type: text/plain, Size: 1752 bytes --]



> -----Original Message-----
> From: tpm2 [mailto:tpm2-bounces(a)lists.01.org] On Behalf Of Trevor Woerner
> Sent: Wednesday, May 30, 2018 4:49 PM
> To: tpm2(a)lists.01.org
> Subject: Re: [tpm2] meta-measured updates
> 
> On Wed, May 30, 2018 at 5:13 PM, Trevor Woerner <twoerner(a)gmail.com
> <mailto:twoerner(a)gmail.com> > wrote:
> 
> 
> 	Are you still keen to fold meta-measured into something else? If not I
> could
> 	prepare a set of patches for meta-measured as well.
> 
> 	Looking at the master commit of tpm2-tss, specifically, I've noticed a
> number
> 	of changes and was hoping for your feedback.
> 
> 	With the tss 1.x stuff we had:
> 	        - libtcti-device
> 	        - libtcti-socket
> 	        - libsapi
> 
> 	The new tss 2.x stuff has:
> 	        - libtss2-esys

This is the new enhanced (I think its enhanced) system api 

> 	        - libtss2-mu

This is the new marshaling library

> 	        - libtss2-sys

This is the old libsapi

> 	        - libtss2-tcti-device

This is the old device tcti

> 	        - libtss2-tcti-mssim

This is the old socket tcti

> 
> 	I'm guessing libtss2-tcti-device is the new name for the old libtcti-device.
> 	But are there any mappings from the new stuff to the older libtcti-socket
> and
> 	libsapi?

See above inline comments.

> 
> 
> 
> In any case, here's a WIP of my changes:
> https://github.com/twoerner/meta-secure-core/tree/contrib/twoerner/tpm2-
> recipe-updates/meta-tpm2/recipes-tpm
> 
> Specifically, please take a look at the _git recipes, which currently build off the
> master branch of all tpm2-software's components.
> What do you think of tpm2-tss/tpm2-tss_git.bb <http://tpm2-tss_git.bb> 's
> PACKAGES?

Re: [tpm2] meta-measured updates

[Trevor Woerner]

[-- Attachment #1: Type: text/plain, Size: 1656 bytes --]

On Thu, May 31, 2018 at 5:14 PM, Roberts, William C <
william.c.roberts(a)intel.com> wrote:

>
>
> > -----Original Message-----
> > From: tpm2 [mailto:tpm2-bounces(a)lists.01.org] On Behalf Of Trevor
> Woerner
> > Sent: Wednesday, May 30, 2018 4:49 PM
> > To: tpm2(a)lists.01.org
> > Subject: Re: [tpm2] meta-measured updates
> >
> > On Wed, May 30, 2018 at 5:13 PM, Trevor Woerner <twoerner(a)gmail.com
> > <mailto:twoerner(a)gmail.com> > wrote:
> >
> >
> >       Are you still keen to fold meta-measured into something else? If
> not I
> > could
> >       prepare a set of patches for meta-measured as well.
> >
> >       Looking at the master commit of tpm2-tss, specifically, I've
> noticed a
> > number
> >       of changes and was hoping for your feedback.
> >
> >       With the tss 1.x stuff we had:
> >               - libtcti-device
> >               - libtcti-socket
> >               - libsapi
> >
> >       The new tss 2.x stuff has:
> >               - libtss2-esys
>
> This is the new enhanced (I think its enhanced) system api
>
> >               - libtss2-mu
>
> This is the new marshaling library
>
> >               - libtss2-sys
>
> This is the old libsapi
>
> >               - libtss2-tcti-device
>
> This is the old device tcti
>
> >               - libtss2-tcti-mssim
>
> This is the old socket tcti
>
> >
> >       I'm guessing libtss2-tcti-device is the new name for the old
> libtcti-device.
> >       But are there any mappings from the new stuff to the older
> libtcti-socket
> > and
> >       libsapi?
>
> See above inline comments.
>

Excellent, thank you! :-)

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 2466 bytes --]

Re: [tpm2] meta-measured updates

[Philip Tricca]

[-- Attachment #1: Type: text/plain, Size: 3098 bytes --]

On Wed, May 30, 2018 at 05:13:04PM -0400, Trevor Woerner wrote:
> Hi Philip,
> 
> My hope is that one day the OE community will have one security layer to
> choose, rather than the three that we have currently.

In my experience things that live in a separate "security" area rarely
get tested well. Ideally they would live as close to the upstream "core"
as possible.

> I've looked at the three different layers and feel that meta-secure-core might
> be a better one to target. With respect to its TPM2 recipes, however,
> meta-secure-core (and the other, meta-security) lag behind meta-measured. As
> such I've been working on some updates for meta-secure-core.
> 
> Are you still keen to fold meta-measured into something else? If not I could
> prepare a set of patches for meta-measured as well.

Given the above my first priority is figuring out how far upstream the
various pieces can go. I've been chatting with a few folks and have been
working up patches to yocto-kernel-cache and openembedded-core to
cleanup the kernel config fragments and integrate the resulting
kernel-module packages into packagegroup-base. With the swtpm stuff
being integrated into qemu it's now possible to test at least the
tpm-tis driver by:
1) creating a qemu machine with 'tpm-tis' added to the MACHINE_FEATURES
2) setup the swtpm daemon
3) runqemu booting core-image-base to verity the /dev/tpm* is created

After this gets reviewed and if usptream is willing I'm then hoping to
propose moving the recipes for user space bits as close to
openembedded-core as possible. I think the ideal end state would be
enabling something via COMBINED_FEATURES so that we can have
MACHINE_FEATURES and DISTRO_FEATURES working together to seamlessly pull
in the right kernel driver and TSS(2)? recipes.

Something you're willing to help test and maybe contribute a 'tested-by'
tag on patches when they get sent upstream?

> Looking at the master commit of tpm2-tss, specifically, I've noticed a number
> of changes and was hoping for your feedback.
> 
> With the tss 1.x stuff we had:
> 	- libtcti-device
> 	- libtcti-socket
> 	- libsapi
> 
> The new tss 2.x stuff has:
> 	- libtss2-esys
> 	- libtss2-mu
> 	- libtss2-sys
> 	- libtss2-tcti-device
> 	- libtss2-tcti-mssim
> 
> I'm guessing libtss2-tcti-device is the new name for the old libtcti-device.
> But are there any mappings from the new stuff to the older libtcti-socket and
> libsapi?
> 
> It looks like things are going to get messy. It looks like, going forward,
> we're going to need to keep tpm2-tss_1.x.bb around as well as create
> tpm2-tss_2.x.bb recipes with differently named PACKAGES so existing recipes
> that use tss (and expect the old 1.x behaviour/API) can continue to work while
> allowing new code (or updates to the old) to use the new API (?).

I think Bill got all of this covered in his reply.

Philip

> 
> Best regards,
> 	Trevor
> _______________________________________________
> tpm2 mailing list
> tpm2(a)lists.01.org
> https://lists.01.org/mailman/listinfo/tpm2

Re: [tpm2] meta-measured updates

[Trevor Woerner]

[-- Attachment #1: Type: text/plain, Size: 4382 bytes --]

On Fri, Jun 1, 2018 at 7:01 PM, Philip Tricca <philip.b.tricca(a)intel.com>
wrote:

> On Wed, May 30, 2018 at 05:13:04PM -0400, Trevor Woerner wrote:
> > Hi Philip,
> >
> > My hope is that one day the OE community will have one security layer to
> > choose, rather than the three that we have currently.
>
> In my experience things that live in a separate "security" area rarely
> get tested well. Ideally they would live as close to the upstream "core"
> as possible.
>
>
If enough people can be convinced that this needs to be in core that it
ends up there one day, that would be awesome! But my gut feeling is that
there isn't quite enough interest just yet for all this security stuff to
not be in its own layer.


> > I've looked at the three different layers and feel that meta-secure-core
> might
> > be a better one to target. With respect to its TPM2 recipes, however,
> > meta-secure-core (and the other, meta-security) lag behind
> meta-measured. As
> > such I've been working on some updates for meta-secure-core.
> >
> > Are you still keen to fold meta-measured into something else? If not I
> could
> > prepare a set of patches for meta-measured as well.
>
> Given the above my first priority is figuring out how far upstream the
> various pieces can go. I've been chatting with a few folks and have been
> working up patches to yocto-kernel-cache and openembedded-core to
> cleanup the kernel config fragments and integrate the resulting
> kernel-module packages into packagegroup-base. With the swtpm stuff
> being integrated into qemu it's now possible to test at least the
> tpm-tis driver by:
> 1) creating a qemu machine with 'tpm-tis' added to the MACHINE_FEATURES
> 2) setup the swtpm daemon
> 3) runqemu booting core-image-base to verity the /dev/tpm* is created
>
>
I wasn't aware that the latest qemu had support for TPM; this is great
news! I've heard that the latest qemu also has raspberrypi emulation
support, that's something else I should investigate as well :-)


> After this gets reviewed and if usptream is willing I'm then hoping to
> propose moving the recipes for user space bits as close to
> openembedded-core as possible. I think the ideal end state would be
> enabling something via COMBINED_FEATURES so that we can have
> MACHINE_FEATURES and DISTRO_FEATURES working together to seamlessly pull
> in the right kernel driver and TSS(2)? recipes.
>
> Something you're willing to help test and maybe contribute a 'tested-by'
> tag on patches when they get sent upstream?
>
>
Absolutely! (although I might need an individual, side-channel ping to
alert me to their addition since I can't follow the various OE patch lists
in detail every day)

Currently meta-measured has one kernel option that isn't RPi-friendly. I
never said anything about it since it was easy enough to remove through
local configurations. Therefore I'm looking forward to these new fragments
to see how they'll do on non-Intel hardware.

In any case, I could imaging the kernel fragments *might* make it into
oe-core, but I doubt something like the TPM2 recipes would. Those will
probably need to find a home outside oe-core.


> > Looking at the master commit of tpm2-tss, specifically, I've noticed a
> number
> > of changes and was hoping for your feedback.
> >
> > With the tss 1.x stuff we had:
> >       - libtcti-device
> >       - libtcti-socket
> >       - libsapi
> >
> > The new tss 2.x stuff has:
> >       - libtss2-esys
> >       - libtss2-mu
> >       - libtss2-sys
> >       - libtss2-tcti-device
> >       - libtss2-tcti-mssim
> >
> > I'm guessing libtss2-tcti-device is the new name for the old
> libtcti-device.
> > But are there any mappings from the new stuff to the older
> libtcti-socket and
> > libsapi?
> >
> > It looks like things are going to get messy. It looks like, going
> forward,
> > we're going to need to keep tpm2-tss_1.x.bb around as well as create
> > tpm2-tss_2.x.bb recipes with differently named PACKAGES so existing
> recipes
> > that use tss (and expect the old 1.x behaviour/API) can continue to work
> while
> > allowing new code (or updates to the old) to use the new API (?).
>
> I think Bill got all of this covered in his reply.
>
>
Yes, and he did an excellent job; thank you!

PS: how was the security summit?

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 5728 bytes --]