[Skiboot] [PATCH v2] libstb/trustedboot: Enable trusted_measure in fast-reboot path
Claudio Carvalho
cclaudio at linux.vnet.ibm.com
Fri Mar 16 13:43:25 AEDT 2018
Secure and trusted boot doesn't support fast reboot yet. I would accept
this patch only if the failures pointed out are causing any harm.
If we measure the same event multiple times as proposed in this patch,
the event log and the PCRs will not have the expected values when the
system boots up to the target OS. Consequently, remote attestation will
fail even if the partitions measured hasn't been tampered with. We
discussed fast reboot recently, but we did not find a solution for that
yet. An idea that came up is that we could measure events in a different
PCR if fast reboot is detected, but we would still need to make remote
attestation work.
-- Claudio
On 15/03/2018 09:31, Pridhiviraj Paidipeddi wrote:
> Currently in fast-reboot path trusted measure is not functioning
> due to the tpm_cleanup happening in full IPL which un-registers
> all the tpms.
>
> It fails with below messages
> [xxx,3] STB: BOOTKERNEL NOT MEASURED. Already exited from boot services
> [xxx,3] STB: EV_SEPARATOR (pcr0) NOT MEASURED. No TPM registered/enabled
>
> This patch enables it by enabling the boot_services_exited flag and
> doing the tpm_cleanup only when trusted boot mode is OFF.
>
> Signed-off-by: Pridhiviraj Paidipeddi <ppaidipe at linux.vnet.ibm.com>
> ---
> core/fast-reboot.c | 6 ++++++
> libstb/tpm_chip.c | 1 +
> libstb/trustedboot.c | 8 ++++----
> libstb/trustedboot.h | 2 ++
> 4 files changed, 13 insertions(+), 4 deletions(-)
>
> diff --git a/core/fast-reboot.c b/core/fast-reboot.c
> index 0fe16cc..c7853d2 100644
> --- a/core/fast-reboot.c
> +++ b/core/fast-reboot.c
> @@ -30,6 +30,7 @@
> #include <ipmi.h>
> #include <direct-controls.h>
> #include <nvram.h>
> +#include "libstb/trustedboot.h"
>
> /* Flag tested by the OPAL entry code */
> static volatile bool fast_boot_release;
> @@ -330,6 +331,11 @@ void __noreturn fast_reboot_entry(void)
> cpu_set_sreset_enable(true);
> cpu_set_ipi_enable(true);
>
> + /* We are loading the BOOTKERNEL from PNOR, in order to function
> + * trusted_measure, enable boot services flag
> + */
> + boot_services_exited = false;
> +
> /* Start preloading kernel and ramdisk */
> start_preload_kernel();
>
> diff --git a/libstb/tpm_chip.c b/libstb/tpm_chip.c
> index 2858caf..58e5f75 100644
> --- a/libstb/tpm_chip.c
> +++ b/libstb/tpm_chip.c
> @@ -313,6 +313,7 @@ int tpm_extendl(TPM_Pcr pcr,
> void tpm_add_status_property(void) {
> struct tpm_chip *tpm;
> list_for_each(&tpm_list, tpm, link) {
> + dt_check_del_prop(tpm->node, "status");
> dt_add_property_string(tpm->node, "status",
> tpm->enabled ? "okay" : "disabled");
> }
> diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c
> index 151e4e1..0f1f50b 100644
> --- a/libstb/trustedboot.c
> +++ b/libstb/trustedboot.c
> @@ -31,7 +31,7 @@
>
> static bool trusted_mode = false;
> static bool trusted_init = false;
> -static bool boot_services_exited = false;
> +bool boot_services_exited;
>
> /*
> * This maps a PCR for each resource we can measure. The PCR number is
> @@ -127,8 +127,10 @@ int trustedboot_exit_boot_services(void)
>
> boot_services_exited = true;
>
> - if (!trusted_mode)
> + if (!trusted_mode) {
> + tpm_cleanup();
> goto out_free;
> + }
>
> #ifdef STB_DEBUG
> prlog(PR_NOTICE, "ev_separator.event: %s\n", ev_separator.event);
> @@ -156,8 +158,6 @@ int trustedboot_exit_boot_services(void)
> tpm_add_status_property();
>
> out_free:
> - tpm_cleanup();
> -
> return (failed) ? -1 : 0;
> }
>
> diff --git a/libstb/trustedboot.h b/libstb/trustedboot.h
> index 3003c80..bb4fcb6 100644
> --- a/libstb/trustedboot.h
> +++ b/libstb/trustedboot.h
> @@ -19,6 +19,8 @@
>
> #include <platform.h>
>
> +extern bool boot_services_exited;
> +
> void trustedboot_init(void);
>
> /**
More information about the Skiboot
mailing list