[SLOF] [PATCH 07/16] Perform some initial measurements
Nikunj A Dadhania
nikunj at linux.vnet.ibm.com
Fri Nov 13 16:20:35 AEDT 2015
Stefan Berger <stefanb at linux.vnet.ibm.com> writes:
> On 11/12/2015 12:10 AM, Nikunj A Dadhania wrote:
>> Stefan Berger <stefanb at linux.vnet.ibm.com> writes:
>> +
>> +/*
>> + * Add a measurement regarding the boot device (CDRom, Floppy, HDD) to
>> + * the list of measurements.
>> Is network boot device supported ?
>>> It may be. I don't have a setup to test it.
>> This would help:
>>
>> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/chap-installation-server-setup.html#sect-network-boot-setup-ppc-grub2
>
> Can we add this in a separate patch?
Sure, that should be fine.
>
>
>>
>>
>>>>> + default:
>>>>> + /*
>>>>> + * equivalent to:
>>>>> + * dd if=/dev/hda ibs=1 count=440 | sha1sum
>>>>> + */
>>>>> + string = "MBR";
>>>>> + rc = tpm_add_measurement_to_log(4, EV_IPL,
>>>>> + string, strlen(string),
>>>>> + addr, 0x1b8);
>>>>> +
>>>>> + if (rc)
>>>>> + break;
>>>>> +
>>>>> + /*
>>>>> + * equivalent to:
>>>>> + * dd if=/dev/hda ibs=1 count=72 skip=440 | sha1sum
>>>>> + */
>>>>> + string = "MBR PARTITION TABLE";
>>>>> + rc = tpm_add_measurement_to_log(5, EV_IPL_PARTITION_DATA,
>>>>> + string, strlen(string),
>>>>> + addr + 0x1b8, 0x48);
>>>>> + }
>>>> We also support GPT, dont we need support for that ?
>>>> Most of the distros are moving to GPT.
>>> If I remember correctly, Fedora 22 still uses MBR. Again, I would need a
>>> setup to test this. Not sure what specs say about what to measure in
>>> that case.
>> AFAIK, Ubuntu defaults to GPT.
>
>
> I would also add GPT support in a separate patch.
Sure, that should be fine.
>
>
>>>>> +/* LIBTPM: tpm_add_bcv(void) */
>>>>> +/****************************************************/
>>>>> +PRIM(tpm_X2d_add_X2d_bcv)
>>>>> + int length = TOS.u; POP;
>>>>> + void *addr = TOS.a; POP;
>>>>> + int bootdrv = TOS.u;
>>>>> + TOS.n = tpm_add_bcv(bootdrv, addr, length);
>>>>> +MIRP
>>>>> diff --git a/lib/libtpm/tpm.in b/lib/libtpm/tpm.in
>>>>> index 32d675f..06b0672 100644
>>>>> --- a/lib/libtpm/tpm.in
>>>>> +++ b/lib/libtpm/tpm.in
>>>>> @@ -17,3 +17,6 @@ cod(tpm-start)
>>>>> cod(tpm-unassert-pp)
>>>>> cod(tpm-set-log-parameters)
>>>>> cod(tpm-get-logsize)
>>>>> +cod(tpm-add-event-separators)
>>>>> +cod(tpm-ipl)
>>>>> +cod(tpm-add-bcv)
>>>>> diff --git a/slof/fs/tpm/tpm-static.fs b/slof/fs/tpm/tpm-static.fs
>>>>> index 11e4ad5..d425693 100644
>>>>> --- a/slof/fs/tpm/tpm-static.fs
>>>>> +++ b/slof/fs/tpm/tpm-static.fs
>>>>> @@ -22,6 +22,17 @@ false VALUE vtpm-debug?
>>>>> THEN
>>>>> ;
>>>>>
>>>>> +: vtpm-add-event-separators
>>>>> + vtpm-available? IF
>>>>> + tpm-add-event-separators ( -- errcode )
>>>> Why do we ignore the error code?
>>>
>>> We can ignore the error on this level. In SeaBIOS we do the same and we
>>> do not abort the boot. In case of an error we should probably write a
>>> log entry that indicates an error, assuming that such a log entry has
>>> been defined.
>> What I am unable to understand is if this feature is for Secure booting, and
>> we ignore the errors, how is it that vTPM will ensure secured
>> images/boot?
>
> vTPM will enable trusted boot, not secure boot. We will deactivate the
> TPM in case an error occurred, which should not be happening under
> normal circumstances.
Ok, what is user expected to do when this fails ?
Regards
Nikunj
More information about the SLOF
mailing list