[Skiboot] [PATCH v2] libstb/trustedboot: Enable trusted_measure in fast-reboot path
ppaidipe
ppaidipe at linux.vnet.ibm.com
Fri Mar 16 16:47:59 AEDT 2018
On 2018-03-16 08:13, Claudio Carvalho wrote:
> Secure and trusted boot doesn't support fast reboot yet. I would
> accept this patch only if the failures pointed out are causing any
> harm.
>
Currently no boot harm, it's just a error message thrown to console.
And also i see secureboot verify is properly functional in fast-reboot
path.
> If we measure the same event multiple times as proposed in this patch,
> the event log and the PCRs will not have the expected values when the
> system boots up to the target OS. Consequently, remote attestation
> will fail even if the partitions measured hasn't been tampered with.
> We discussed fast reboot recently, but we did not find a solution for
> that yet. An idea that came up is that we could measure events in a
> different PCR if fast reboot is detected, but we would still need to
> make remote attestation work.
Yeah, this makes sense to record measurements in a different PCR to keep
the expected
values as it is. Can we return in first place for trusted_measure and
trustedboot_exit_boot_services
functions when we detect a fast-reboot? until remote attestation work in
place. As we are seeing
lot of error messages in console saying no TPM registered/enabled.
[ 1069.079405326,3] STB: BOOTKERNEL NOT MEASURED. Already exited from
boot services
[ 1069.087727317,3] STB: EV_SEPARATOR (pcr0) NOT MEASURED. No TPM
registered/enabled
[ 1069.091277930,3] STB: EV_SEPARATOR (pcr1) NOT MEASURED. No TPM
registered/enabled
[ 1069.094830682,3] STB: EV_SEPARATOR (pcr2) NOT MEASURED. No TPM
registered/enabled
[ 1069.099085602,3] STB: EV_SEPARATOR (pcr3) NOT MEASURED. No TPM
registered/enabled
[ 1069.102637912,3] STB: EV_SEPARATOR (pcr4) NOT MEASURED. No TPM
registered/enabled
[ 1069.106893031,3] STB: EV_SEPARATOR (pcr5) NOT MEASURED. No TPM
registered/enabled
[ 1069.110445897,3] STB: EV_SEPARATOR (pcr6) NOT MEASURED. No TPM
registered/enabled
[ 1069.113998405,3] STB: EV_SEPARATOR (pcr7) NOT MEASURED. No TPM
registered/enabled
Thanks
Pridhiviraj
>
> -- Claudio
>
>
> On 15/03/2018 09:31, Pridhiviraj Paidipeddi wrote:
>> Currently in fast-reboot path trusted measure is not functioning
>> due to the tpm_cleanup happening in full IPL which un-registers
>> all the tpms.
>>
>> It fails with below messages
>> [xxx,3] STB: BOOTKERNEL NOT MEASURED. Already exited from boot
>> services
>> [xxx,3] STB: EV_SEPARATOR (pcr0) NOT MEASURED. No TPM
>> registered/enabled
>>
>> This patch enables it by enabling the boot_services_exited flag and
>> doing the tpm_cleanup only when trusted boot mode is OFF.
>>
>> Signed-off-by: Pridhiviraj Paidipeddi <ppaidipe at linux.vnet.ibm.com>
>> ---
>> core/fast-reboot.c | 6 ++++++
>> libstb/tpm_chip.c | 1 +
>> libstb/trustedboot.c | 8 ++++----
>> libstb/trustedboot.h | 2 ++
>> 4 files changed, 13 insertions(+), 4 deletions(-)
>>
>> diff --git a/core/fast-reboot.c b/core/fast-reboot.c
>> index 0fe16cc..c7853d2 100644
>> --- a/core/fast-reboot.c
>> +++ b/core/fast-reboot.c
>> @@ -30,6 +30,7 @@
>> #include <ipmi.h>
>> #include <direct-controls.h>
>> #include <nvram.h>
>> +#include "libstb/trustedboot.h"
>>
>> /* Flag tested by the OPAL entry code */
>> static volatile bool fast_boot_release;
>> @@ -330,6 +331,11 @@ void __noreturn fast_reboot_entry(void)
>> cpu_set_sreset_enable(true);
>> cpu_set_ipi_enable(true);
>>
>> + /* We are loading the BOOTKERNEL from PNOR, in order to function
>> + * trusted_measure, enable boot services flag
>> + */
>> + boot_services_exited = false;
>> +
>> /* Start preloading kernel and ramdisk */
>> start_preload_kernel();
>>
>> diff --git a/libstb/tpm_chip.c b/libstb/tpm_chip.c
>> index 2858caf..58e5f75 100644
>> --- a/libstb/tpm_chip.c
>> +++ b/libstb/tpm_chip.c
>> @@ -313,6 +313,7 @@ int tpm_extendl(TPM_Pcr pcr,
>> void tpm_add_status_property(void) {
>> struct tpm_chip *tpm;
>> list_for_each(&tpm_list, tpm, link) {
>> + dt_check_del_prop(tpm->node, "status");
>> dt_add_property_string(tpm->node, "status",
>> tpm->enabled ? "okay" : "disabled");
>> }
>> diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c
>> index 151e4e1..0f1f50b 100644
>> --- a/libstb/trustedboot.c
>> +++ b/libstb/trustedboot.c
>> @@ -31,7 +31,7 @@
>>
>> static bool trusted_mode = false;
>> static bool trusted_init = false;
>> -static bool boot_services_exited = false;
>> +bool boot_services_exited;
>>
>> /*
>> * This maps a PCR for each resource we can measure. The PCR number
>> is
>> @@ -127,8 +127,10 @@ int trustedboot_exit_boot_services(void)
>>
>> boot_services_exited = true;
>>
>> - if (!trusted_mode)
>> + if (!trusted_mode) {
>> + tpm_cleanup();
>> goto out_free;
>> + }
>>
>> #ifdef STB_DEBUG
>> prlog(PR_NOTICE, "ev_separator.event: %s\n", ev_separator.event);
>> @@ -156,8 +158,6 @@ int trustedboot_exit_boot_services(void)
>> tpm_add_status_property();
>>
>> out_free:
>> - tpm_cleanup();
>> -
>> return (failed) ? -1 : 0;
>> }
>>
>> diff --git a/libstb/trustedboot.h b/libstb/trustedboot.h
>> index 3003c80..bb4fcb6 100644
>> --- a/libstb/trustedboot.h
>> +++ b/libstb/trustedboot.h
>> @@ -19,6 +19,8 @@
>>
>> #include <platform.h>
>>
>> +extern bool boot_services_exited;
>> +
>> void trustedboot_init(void);
>>
>> /**
More information about the Skiboot
mailing list