From: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: James Bottomley <James.Bottomley@hansenpartnership.com>,
linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, "Yao,
Jiewen" <jiewen.yao@intel.com>, "Lu, Ken" <ken.lu@intel.com>
Subject: Re: [PATCH v1] efi/libstub: Add Confidential Computing (CC) measurement support
Date: Mon, 5 Feb 2024 12:13:40 -0800 [thread overview]
Message-ID: <7241153a-626d-4ea5-ab9e-d6842b662064@linux.intel.com> (raw)
In-Reply-To: <CAMj1kXF_02CO9C61N4uL6Z03Gtf5VmiqoCbk8beL4vd4PDHc0w@mail.gmail.com>
On 2/4/24 2:03 PM, Ard Biesheuvel wrote:
> On Sun, 4 Feb 2024 at 21:28, Kuppuswamy Sathyanarayanan
> <sathyanarayanan.kuppuswamy@linux.intel.com> wrote:
>> +Jiewen & Ken (RTMR firmware owner)
>>
>> On 2/3/24 10:46 PM, James Bottomley wrote:
>>> On Sat, 2024-02-03 at 07:57 +0000, Kuppuswamy Sathyanarayanan wrote:
>>>> If the virtual firmware implements TPM support, TCG2 protocol will be
>>>> used for kernel measurements and event logging support. But in CC
>>>> environment, not all platforms support or enable the TPM feature.
>>>> UEFI specification [1] exposes protocol and interfaces used for
>>>> kernel measurements in CC platforms without TPM support.
>>>>
>>>> Currently, the efi-stub only supports the kernel related measurements
>>>> for the platform that supports TCG2 protocol. So, extend it add
>>>> CC measurement protocol (EFI_CC_MEASUREMENT_PROTOCOL) and event
>>>> logging support. Event logging format in the CC environment is the
>>>> same as TCG2.
>>> Why do we have to do this anymore? Given that you're already pushing
>>> patches that map RTMRs to TPM PCRs:
>>>
>>> https://lore.kernel.org/lkml/20240128212532.2754325-4-sameo@rivosinc.com/
>> IMHO, I am not sure whether we need this mapping support . I have already
>> mentioned the same comment in [1]. If we support extension and logging
>> via configFS ABI, why again support PCR mapping?
>>
>> https://lore.kernel.org/lkml/2bd7c80b-9cd8-4450-a410-c3739d224167@linux.intel.com/ [1]
>>
>>> Can't you just add a stub TCG2 driver to EFI that exposes only the
>>> ability to log and measure using this mapping? That way all our
>>> existing code will "just work" without the need to understand anything
>>> about confidential computing or add new code to do the measurement?
>> I am not familiar with the EFI implementation, but I think a new protocol
>> is added to handle future CC extensions (which could deviate from
>> TCG2) and to support platforms that does not support or enable TPM
>> feature. So modifying the TCG2 driver in EFI may not work for the
>> above-mentioned cases. I think the EFI driver part of this support
>> is already merged.
>>
>> Jiewen/Ken may have more comments about this proposal.
>>
> I don't think it is sufficient to wire up the CC protocol here. There
> is more code in drivers/firmware/efi/libstub/tpm.c that deals with the
> event log.
>
> Given that the EFI CC protocol was specifically designed to act as a
> substitute for the TCG2 protocol, I would expect all occurrences of
> TCG2 protocol invocations to be handled accordingly.
>
> So I think the approach here should be to provide a local wrapper
> around get_event_log() and hash_log_extend_event() that is backed by
> either the TCG2 protocol of the EFI cc protocol, and all current
> callers invoke this wrapper rather than the TCG2 protocol directly.
Ah, I missed that part. Thanks for pointing out. I will fix this in
next version.
--
Sathyanarayanan Kuppuswamy
Linux Kernel Developer
next prev parent reply other threads:[~2024-02-05 20:13 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-03 7:57 [PATCH v1] efi/libstub: Add Confidential Computing (CC) measurement support Kuppuswamy Sathyanarayanan
2024-02-03 16:59 ` Ard Biesheuvel
2024-02-03 22:44 ` Kuppuswamy Sathyanarayanan
2024-02-04 6:46 ` James Bottomley
2024-02-04 20:27 ` Kuppuswamy Sathyanarayanan
2024-02-04 22:03 ` Ard Biesheuvel
2024-02-05 20:13 ` Kuppuswamy Sathyanarayanan [this message]
2024-02-05 8:20 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7241153a-626d-4ea5-ab9e-d6842b662064@linux.intel.com \
--to=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ardb@kernel.org \
--cc=jiewen.yao@intel.com \
--cc=ken.lu@intel.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).