[SLOF] [PATCH v7 0/8] Add vTPM 2.0 support to SLOF
Alexey Kardashevskiy
aik at ozlabs.ru
Mon Feb 17 12:06:30 AEDT 2020
On 22/01/2020 07:01, Stefan Berger wrote:
> The following series of patches adds TPM support to SLOF.
> In particular it adds the following:
>
> - TPM driver for CRQ interface
> - TPM 2.0 support; device initialization
> - TPM logging area and firmware API to transfer it to the OS
> - Some measurement code (Static Core Root Of Trust)
> - TPM menu (accessible via 't' key during boot if TPM is available)
> - Firmware API extensions following Power Firmware Doc
>
> Having a vTPM attached to a VM provides the following benefits:
>
> - enablement of trusted boot; this allow us to eventually extend the chain
> of trust from the hypervisor to the guests
> - enablement of attestation so that one can verify what software is
> running on a machine
> - provides TPM functionality to VMs, which includes a standardized
> mechanism to store keys and other blobs
> (Linux trusted keys, GNU TLS's TPM extensions)
Thanks, applied.
>
> Regards,
> Stefan
>
> v6->v7:
> - addressed reviewers' concerns
> - cleaned up FORTH code
> - Appended GPT partition measurement patch
>
> v5->v6:
> - using ?dup where possible
> - upgraded to sha256
>
> v4->v5:
> - Cut down code to only support TPM 2.0
>
> v3->v4:
> - Added TPM 2.0 support
>
> v2->v3:
> - Addressed Thomas Huth's comments.
> - Rearranged patches and merged some patches.
> - Followed some of the changes made by K. O'Connor (SeaBIOS).
>
> v1->v2:
> - Addressed Nikunj's comments
> - Since last post in August I added 3 more patches to the end of the series
> and one in 13th place.
>
> Stefan Berger (8):
> slof: Implement SLOF_get_keystroke() and SLOF_reset()
> slof: Make linker script variables accessible
> qemu: Make print_version variable accessible
> tpm: Add TPM CRQ driver implementation
> tpm: Add sha256 implementation
> tcgbios: Add TPM 2.0 support and firmware API
> tcgbios: Implement menu to clear TPM 2 and activate its PCR banks
> tcgbios: Measure the GPT table
>
> board-qemu/Makefile | 2 +-
> board-qemu/include/version.h | 19 +
> board-qemu/slof/Makefile | 13 +-
> board-qemu/slof/OF.fs | 3 +
> board-qemu/slof/tree.fs | 3 +
> board-qemu/slof/vio-vtpm-cdriver.fs | 105 +++
> board-qemu/slof/vtpm-sml.fs | 82 ++
> include/helpers.h | 4 +
> lib/Makefile | 2 +-
> lib/libtpm/Makefile | 50 +
> lib/libtpm/Readme | 57 ++
> lib/libtpm/sha256.c | 214 +++++
> lib/libtpm/sha256.h | 20 +
> lib/libtpm/tcgbios.c | 1361 +++++++++++++++++++++++++++
> lib/libtpm/tcgbios.h | 36 +
> lib/libtpm/tcgbios_int.h | 311 ++++++
> lib/libtpm/tpm.code | 171 ++++
> lib/libtpm/tpm.in | 30 +
> lib/libtpm/tpm_drivers.c | 437 +++++++++
> lib/libtpm/tpm_drivers.h | 82 ++
> slof/OF.h | 20 +
> slof/fs/packages/disk-label.fs | 31 +
> slof/fs/start-up.fs | 12 +
> slof/helpers.c | 17 +
> 24 files changed, 3077 insertions(+), 5 deletions(-)
> create mode 100644 board-qemu/include/version.h
> create mode 100644 board-qemu/slof/vio-vtpm-cdriver.fs
> create mode 100644 board-qemu/slof/vtpm-sml.fs
> create mode 100644 lib/libtpm/Makefile
> create mode 100644 lib/libtpm/Readme
> create mode 100644 lib/libtpm/sha256.c
> create mode 100644 lib/libtpm/sha256.h
> create mode 100644 lib/libtpm/tcgbios.c
> create mode 100644 lib/libtpm/tcgbios.h
> create mode 100644 lib/libtpm/tcgbios_int.h
> create mode 100644 lib/libtpm/tpm.code
> create mode 100644 lib/libtpm/tpm.in
> create mode 100644 lib/libtpm/tpm_drivers.c
> create mode 100644 lib/libtpm/tpm_drivers.h
> create mode 100644 slof/OF.h
>
--
Alexey
More information about the SLOF
mailing list