[SLOF] [PATCH 07/16] Perform some initial measurements

Stefan Berger stefanb at linux.vnet.ibm.com
Fri Nov 13 03:30:00 AEDT 2015 

On 11/12/2015 12:10 AM, Nikunj A Dadhania wrote:
> Stefan Berger <stefanb at linux.vnet.ibm.com> writes:
> +
> +/*
> + * Add a measurement regarding the boot device (CDRom, Floppy, HDD) to
> + * the list of measurements.
> Is network boot device supported ?
>> It may be. I don't have a setup to test it.
> This would help:
>
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/chap-installation-server-setup.html#sect-network-boot-setup-ppc-grub2

Can we add this in a separate patch?


>
>
>>>> +	default:
>>>> +		/*
>>>> +		 * equivalent to:
>>>> +		 * dd if=/dev/hda ibs=1 count=440 | sha1sum
>>>> +		 */
>>>> +		string = "MBR";
>>>> +		rc = tpm_add_measurement_to_log(4, EV_IPL,
>>>> +						string, strlen(string),
>>>> +						addr, 0x1b8);
>>>> +
>>>> +		if (rc)
>>>> +			break;
>>>> +
>>>> +		/*
>>>> +		 * equivalent to:
>>>> +		 * dd if=/dev/hda ibs=1 count=72 skip=440 | sha1sum
>>>> +		 */
>>>> +		string = "MBR PARTITION TABLE";
>>>> +		rc = tpm_add_measurement_to_log(5, EV_IPL_PARTITION_DATA,
>>>> +						string, strlen(string),
>>>> +						addr + 0x1b8, 0x48);
>>>> +	}
>>> We also support GPT, dont we need support for that ?
>>> Most of the distros are moving to GPT.
>> If I remember correctly, Fedora 22 still uses MBR. Again, I would need a
>> setup to test this. Not sure what specs say about what to measure in
>> that case.
> AFAIK, Ubuntu defaults to GPT.


I would also add GPT support in a separate patch.


>>>> +/* LIBTPM: tpm_add_bcv(void)                        */
>>>> +/****************************************************/
>>>> +PRIM(tpm_X2d_add_X2d_bcv)
>>>> +	int length = TOS.u; POP;
>>>> +	void *addr = TOS.a; POP;
>>>> +	int bootdrv = TOS.u;
>>>> +	TOS.n = tpm_add_bcv(bootdrv, addr, length);
>>>> +MIRP
>>>> diff --git a/lib/libtpm/tpm.in b/lib/libtpm/tpm.in
>>>> index 32d675f..06b0672 100644
>>>> --- a/lib/libtpm/tpm.in
>>>> +++ b/lib/libtpm/tpm.in
>>>> @@ -17,3 +17,6 @@ cod(tpm-start)
>>>>    cod(tpm-unassert-pp)
>>>>    cod(tpm-set-log-parameters)
>>>>    cod(tpm-get-logsize)
>>>> +cod(tpm-add-event-separators)
>>>> +cod(tpm-ipl)
>>>> +cod(tpm-add-bcv)
>>>> diff --git a/slof/fs/tpm/tpm-static.fs b/slof/fs/tpm/tpm-static.fs
>>>> index 11e4ad5..d425693 100644
>>>> --- a/slof/fs/tpm/tpm-static.fs
>>>> +++ b/slof/fs/tpm/tpm-static.fs
>>>> @@ -22,6 +22,17 @@ false VALUE vtpm-debug?
>>>>        THEN
>>>>    ;
>>>>
>>>> +: vtpm-add-event-separators
>>>> +    vtpm-available? IF
>>>> +        tpm-add-event-separators                  ( -- errcode )
>>> Why do we ignore the error code?
>>
>> We can ignore the error on this level. In SeaBIOS we do the same and we
>> do not abort the boot. In case of an error we should probably write a
>> log entry that indicates an error, assuming that such a log entry has
>> been defined.
> What I am unable to understand is if this feature is for Secure booting, and
> we ignore the errors, how is it that vTPM will ensure secured
> images/boot?

vTPM will enable trusted boot, not secure boot. We will deactivate the 
TPM in case an error occurred, which should not be happening under 
normal circumstances.

       Stefan

More information about the SLOF mailing list