[U-Boot] tpm / measured boot in u-boot
I saw Simon's write-up here: https://lwn.net/Articles/571031/, which references TPM and trusted boot support using the TPM.
I've started looking at the TPM support code in u-boot, and am trying to understand it. Before getting too far I wanted to check if there were any pointers anyone might have around any documentation or material that provides more detail on what the u-boot TPM support does and does not do. I didn't see any .txt files in u-boot.
The supports seems oriented around using commands and scripts to measure images. One specific thing I'm interested is how the u-boot script itself that takes the TPM measurements is protected against tampering.
Also, it doesn't look like TCG compliant event logs are supported.
Thanks, Stuart
Hi Stuart,
On Mon, 28 Oct 2019 at 17:27, Stuart Yoder b08248@gmail.com wrote:
I saw Simon's write-up here: https://lwn.net/Articles/571031/, which references TPM and trusted boot support using the TPM.
I've started looking at the TPM support code in u-boot, and am trying to understand it. Before getting too far I wanted to check if there were any pointers anyone might have around any documentation or material that provides more detail on what the u-boot TPM support does and does not do. I didn't see any .txt files in u-boot.
The supports seems oriented around using commands and scripts to measure images. One specific thing I'm interested is how the u-boot script itself that takes the TPM measurements is protected against tampering.
Actually verified boot does not use the TPM at all.
What do you want the TPM to do? If you want measured boot then you would need to call measure / extend before/after loading each stage.
Also, it doesn't look like TCG compliant event logs are supported.
OK, might need to be added.
Regards, Simon
On Tue, Oct 29, 2019 at 8:49 PM Simon Glass sjg@chromium.org wrote:
Hi Stuart,
On Mon, 28 Oct 2019 at 17:27, Stuart Yoder b08248@gmail.com wrote:
I saw Simon's write-up here: https://lwn.net/Articles/571031/, which references TPM and trusted boot support using the TPM.
I've started looking at the TPM support code in u-boot, and am trying to understand it. Before getting too far I wanted to check if there were any pointers anyone might have around any documentation or material that provides more detail on what the u-boot TPM support does and does not do. I didn't see any .txt files in u-boot.
The supports seems oriented around using commands and scripts to measure images. One specific thing I'm interested is how the u-boot script itself that takes the TPM measurements is protected against tampering.
Actually verified boot does not use the TPM at all.
What do you want the TPM to do? If you want measured boot then you would need to call measure / extend before/after loading each stage.
Yes, interested in the TPM for measured boot. Right, understand that you need to do the measurements and extend for each loaded image.
But, it's critical that you trust the code doing the measurements. If I understand it's the u-boot commands implemented in ./cmd/tpm-v2.c that you could use to script the measuring/extending. How do you ensure that the script doing the measurements isn't tampered with by an attacker?
Thanks, Stuart
Hi Stuart,
On Thu, 31 Oct 2019 at 09:29, Stuart Yoder b08248@gmail.com wrote:
On Tue, Oct 29, 2019 at 8:49 PM Simon Glass sjg@chromium.org wrote:
Hi Stuart,
On Mon, 28 Oct 2019 at 17:27, Stuart Yoder b08248@gmail.com wrote:
I saw Simon's write-up here: https://lwn.net/Articles/571031/, which references TPM and trusted boot support using the TPM.
I've started looking at the TPM support code in u-boot, and am trying to understand it. Before getting too far I wanted to check if there were any pointers anyone might have around any documentation or material that provides more detail on what the u-boot TPM support does and does not do. I didn't see any .txt files in u-boot.
The supports seems oriented around using commands and scripts to measure images. One specific thing I'm interested is how the u-boot script itself that takes the TPM measurements is protected against tampering.
Actually verified boot does not use the TPM at all.
What do you want the TPM to do? If you want measured boot then you would need to call measure / extend before/after loading each stage.
Yes, interested in the TPM for measured boot. Right, understand that you need to do the measurements and extend for each loaded image.
But, it's critical that you trust the code doing the measurements. If I understand it's the u-boot commands implemented in ./cmd/tpm-v2.c that you could use to script the measuring/extending. How do you ensure that the script doing the measurements isn't tampered with by an attacker?
Anything loaded must be measured. So if you are using a U-Boot script this needs to be checked. Or you could write a command that does what you want that is part of U-Boot itself.
Regards, Simon
participants (2)
-
Simon Glass -
Stuart Yoder