security/vboot: Add measured boot mode
* Introduce a measured boot mode into vboot. * Add hook for stage measurements in prog_loader and cbfs. * Implement and hook-up CRTM in vboot and check for suspend. Change-Id: I339a2f1051e44f36aba9f99828f130592a09355e Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Signed-off-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-on: https://review.coreboot.org/c/29547 Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
Philipp Deppenwiese
58
Documentation/security/vboot/measured_boot.md
Normal file
58
Documentation/security/vboot/measured_boot.md
Normal file
@@ -0,0 +1,58 @@
|
||||
# Measured Boot
|
||||
coreboot measured boot is implemented as Google Verified Boot extension. This
|
||||
means in order to use it, vboot needs to be available for your platform.
|
||||
|
||||
## IBB/CRTM
|
||||
The "Initial Boot Block" or "Core Root of Trust for Measurement" is the first
|
||||
code block loaded at reset vector and measured by a DRTM solution.
|
||||
In case SRTM mode is active, the IBB measures itself before measuring the next
|
||||
code block. In coreboot, cbfs files which are part of the IBB are identified
|
||||
by a metatdata tag. This makes it possible to have platform specific IBB
|
||||
measurements without hardcoding them.
|
||||
|
||||
## Known Limitations
|
||||
At the moment measuring IBB dynamically and FMAP partitions are not possible but
|
||||
will be added later to the implementation.
|
||||
|
||||
Also SoCs making use of VBOOT_RETURN_FROM_VERSTAGE are not able to use the
|
||||
measured boot extension because of platform constraints.
|
||||
|
||||
## SRTM Mode
|
||||
The "Static Root of Trust for Measurement" is the easiest way doing measurements
|
||||
by measuring code before it is loaded.
|
||||
|
||||
![][srtm]
|
||||
|
||||
[srtm]: srtm.png
|
||||
|
||||
## DRTM Mode
|
||||
The "Dynamic Root of Trust for Measurement" is realised by platform features
|
||||
like Intel TXT or Boot Guard. The features provide a way of loading a signed
|
||||
"Authenticated Code Module" aka signed blob. Most of these features are also
|
||||
a "Trusted Execution Environment", e.g. Intel TXT.
|
||||
|
||||
DRTM gives you the ability of measuring the IBB from a higher Root of Trust
|
||||
instead of doing it yourself without any hardware support.
|
||||
|
||||
## Platform Configuration Register
|
||||
Normally PCR 0-7 are reserved for firmware usage. In coreboot we use just 4 PCR
|
||||
banks in order to store the measurements. coreboot uses the SHA-1 or SHA-256
|
||||
hash algorithm depending on the TPM specification for measurements. PCR-4 to
|
||||
PCR-7 are left empty.
|
||||
|
||||
### PCR-0
|
||||
_Hash:_ SHA1
|
||||
_Description:_ Google VBoot GBB flags.
|
||||
|
||||
### PCR-1
|
||||
_Hash:_ SHA1/SHA256
|
||||
_Description:_ Google VBoot GBB HWID.
|
||||
|
||||
### PCR-2
|
||||
_Hash:_ SHA1/SHA256
|
||||
_Description:_ Core Root of Trust for Measurement which includes all stages,
|
||||
data and blobs.
|
||||
|
||||
### PCR-3
|
||||
_Hash:_ SHA1/SHA256
|
||||
_Description:_ Runtime data like hwinfo.hex or MRC cache.
|
||||
BIN
Documentation/security/vboot/srtm.png
Normal file
BIN
Documentation/security/vboot/srtm.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 20 KiB |
Reference in New Issue
Block a user