Re: [PATCH v5 0/6] tpm: Support boot measurements

[Eddie James <eajames@linux.ibm.com>]

On 2/21/23 23:36, Joel Stanley wrote:
> On Thu, 2 Feb 2023 at 17:08, Eddie James <eajames@linux.ibm.com> wrote:
>> This series adds support for measuring the boot images more generically
>> than the existing EFI support. Several EFI functions have been moved to
>> the TPM layer. The series includes optional measurement from the bootm
>> command.
>> A new test case has been added for the bootm measurement to test the new
>> path, and the sandbox TPM2 driver has been updated to support this use
>> case.
>> This series is based on Ilias' auto-startup series:
>> https://lore.kernel.org/u-boot/20230126081844.591148-1-ilias.apalodimas@linaro.org/
> Nice work Eddie. It looks like you're closing in on the issues Ilias
> and Simon have.
>
> I did some testing and found some missing dependencies from running
> 'make check':
>
> sandbox_spl: +make O=/home/joel/dev/u-boot/upstream/build-sandbox_spl
> -s sandbox_spl_defconfig
> +make O=/home/joel/dev/u-boot/upstream/build-sandbox_spl -s -j8
> /usr/bin/ld: warning: test/overlay/test-fdt-overlay-stacked.dtb.o:
> missing .note.GNU-stack section implies executable stack
> /usr/bin/ld: NOTE: This behaviour is deprecated and will be removed in
> a future version of the linker
> /usr/bin/ld: /tmp/cc8cNroX.ltrans22.ltrans.o:(.data.rel+0x440):
> undefined reference to `do_ut_measurement'
> collect2: error: ld returned 1 exit status
> make[2]: *** [/home/joel/dev/u-boot/upstream/Makefile:1752: u-boot] Error 1
>
> There's a few variants of the sandbox defconfig. I'm not sure if we
> want to exclude the measurement code from those configs, or add it to
> the configs.


Thanks Joel. I feel the right thing here would be to only build the 
measurement test when CONFIG_MEASURED_BOOT is enabled, so I'll make that 
change.


>
> When fixing them up to add CONFIG_MEASURED_BOOT=y we still fail to link:
>
> sandbox_spl: +make O=/home/joel/dev/u-boot/upstream/build-sandbox_spl
> -s sandbox_spl_defconfig
> +make O=/home/joel/dev/u-boot/upstream/build-sandbox_spl -s -j8
> /usr/bin/ld: warning: test/overlay/test-fdt-overlay-stacked.dtb.o:
> missing .note.GNU-stack section implies executable stack
> /usr/bin/ld: NOTE: This behaviour is deprecated and will be removed in
> a future version of the linker
> /usr/bin/ld: /tmp/ccRuOSFi.ltrans17.ltrans.o: in function `tcg2_create_digest':
> /home/joel/dev/u-boot/upstream/build-sandbox_spl/../lib/tpm-v2.c:112:
> undefined reference to `sha512_starts'
> /usr/bin/ld: /home/joel/dev/u-boot/upstream/build-sandbox_spl/../lib/tpm-v2.c:113:
> undefined reference to `sha512_update'
> /usr/bin/ld: /home/joel/dev/u-boot/upstream/build-sandbox_spl/../lib/tpm-v2.c:114:
> undefined reference to `sha512_finish'
> /usr/bin/ld: /home/joel/dev/u-boot/upstream/build-sandbox_spl/../lib/tpm-v2.c:106:
> undefined reference to `sha384_starts'
> /usr/bin/ld: /home/joel/dev/u-boot/upstream/build-sandbox_spl/../lib/tpm-v2.c:107:
> undefined reference to `sha384_update'
> /usr/bin/ld: /home/joel/dev/u-boot/upstream/build-sandbox_spl/../lib/tpm-v2.c:108:
> undefined reference to `sha384_finish'
> collect2: error: ld returned 1 exit status
>
> This sorted that out for me:
>
> --- a/lib/Kconfig
> +++ b/lib/Kconfig
> @@ -411,6 +411,8 @@ config TPM
>          bool "Trusted Platform Module (TPM) Support"
>          depends on DM
>          imply DM_RNG
> +       select SHA512
> +       select SHA384
>
> The tree I tested with is here:
> https://github.com/shenki/u-boot/commits/measured-boot


Thanks, I'll select those.

Eddie


>
> Cheers,
>
> Joel
>
>> Changes since v4:
>>   - Remove tcg2_measure_event function and check for NULL data in
>>     tcg2_measure_data
>>   - Use tpm_auto_startup
>>   - Fix efi_tcg2.c compilation for removing tcg2_pcr_read function
>>   - Change PCR indexes for initrd and dtb
>>   - Drop u8 casting in measurement test
>>   - Use bullets in documentation
>>
>> Changes since v3:
>>   - Reordered headers
>>   - Refactored more of EFI code into common code
>>      Removed digest_info structure and instead used the common alg_to_mask
>>        and alg_to_len
>>      Improved event log parsing in common code to get it equivalent to EFI
>>        Common code now extends PCR if previous bootloader stage couldn't
>>        No need to allocate memory in the common code, so EFI copies the
>>        discovered buffer like it did before
>>      Rename efi measure_event function
>>
>> Changes since v2:
>>   - Add documentation.
>>   - Changed reserved memory address to the top of the RAM for sandbox dts.
>>   - Add measure state to booti and bootz.
>>   - Skip measurement for EFI images that should be measured
>>
>> Changes since v1:
>>   - Refactor TPM layer functions to allow EFI system to use them, and
>>     remove duplicate EFI functions.
>>   - Add test case
>>   - Drop #ifdefs for bootm
>>   - Add devicetree measurement config option
>>   - Update sandbox TPM driver
>>
>> Eddie James (6):
>>    tpm: Fix spelling for tpmu_ha union
>>    tpm: Support boot measurements
>>    bootm: Support boot measurement
>>    tpm: sandbox: Update for needed TPM2 capabilities
>>    test: Add sandbox TPM boot measurement
>>    doc: Add measured boot documentation
>>
>>   arch/sandbox/dts/sandbox.dtsi  |   14 +
>>   arch/sandbox/dts/test.dts      |   13 +
>>   boot/Kconfig                   |   23 +
>>   boot/bootm.c                   |   70 +++
>>   cmd/booti.c                    |    1 +
>>   cmd/bootm.c                    |    2 +
>>   cmd/bootz.c                    |    1 +
>>   configs/sandbox_defconfig      |    1 +
>>   doc/usage/index.rst            |    1 +
>>   doc/usage/measured_boot.rst    |   23 +
>>   drivers/tpm/tpm2_tis_sandbox.c |  100 +++-
>>   include/bootm.h                |    2 +
>>   include/efi_tcg2.h             |   44 --
>>   include/image.h                |    1 +
>>   include/test/suites.h          |    1 +
>>   include/tpm-v2.h               |  246 +++++++-
>>   lib/efi_loader/efi_tcg2.c      | 1010 +++-----------------------------
>>   lib/tpm-v2.c                   |  771 ++++++++++++++++++++++++
>>   test/boot/Makefile             |    1 +
>>   test/boot/measurement.c        |   66 +++
>>   test/cmd_ut.c                  |    2 +
>>   21 files changed, 1383 insertions(+), 1010 deletions(-)
>>   create mode 100644 doc/usage/measured_boot.rst
>>   create mode 100644 test/boot/measurement.c
>>
>> --
>> 2.31.1
>>