security/tpm: Add option to init TPM in bootblock
When using a hardware assisted root of trust measurement, like Intel TXT/CBnT, the TPM init needs to happen inside the bootblock to form a proper chain of trust. Change-Id: Ifacba5d9ab19b47968b4f2ed5731ded4aac55022 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/51923 Reviewed-by: Christian Walter <christian.walter@9elements.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
		| @@ -1,3 +1,4 @@ | ||||
| bootblock-$(CONFIG_MAINBOARD_HAS_LPC_TPM) += tis.c | ||||
| verstage-$(CONFIG_MAINBOARD_HAS_LPC_TPM) += tis.c | ||||
| romstage-$(CONFIG_MAINBOARD_HAS_LPC_TPM) += tis.c | ||||
| ramstage-$(CONFIG_MAINBOARD_HAS_LPC_TPM) += tis.c | ||||
|   | ||||
| @@ -1,7 +1,8 @@ | ||||
| config TPM_INIT_RAMSTAGE | ||||
| 	bool | ||||
| 	default y if TPM1 || TPM2 | ||||
| 	depends on !VBOOT && !VENDORCODE_ELTAN_VBOOT && !VENDORCODE_ELTAN_MBOOT | ||||
| 	depends on !VBOOT && !VENDORCODE_ELTAN_VBOOT && !VENDORCODE_ELTAN_MBOOT \ | ||||
| 		&& !TPM_MEASURED_BOOT_INIT_BOOTBLOCK | ||||
| 	help | ||||
| 	  This driver automatically initializes the TPM if vboot is not used. | ||||
| 	  The TPM driver init is done during the ramstage chip init phase. | ||||
|   | ||||
| @@ -1,5 +1,6 @@ | ||||
| /* SPDX-License-Identifier: GPL-2.0-only */ | ||||
|  | ||||
| #include <acpi/acpi.h> | ||||
| #include <arch/exception.h> | ||||
| #include <bootblock_common.h> | ||||
| #include <console/console.h> | ||||
| @@ -8,6 +9,7 @@ | ||||
| #include <option.h> | ||||
| #include <post.h> | ||||
| #include <program_loading.h> | ||||
| #include <security/tpm/tspi.h> | ||||
| #include <symbols.h> | ||||
| #include <timestamp.h> | ||||
|  | ||||
| @@ -56,6 +58,11 @@ void bootblock_main_with_timestamp(uint64_t base_timestamp, | ||||
| 	bootblock_soc_init(); | ||||
| 	bootblock_mainboard_init(); | ||||
|  | ||||
| 	if (CONFIG(TPM_MEASURED_BOOT_INIT_BOOTBLOCK)) { | ||||
| 		int s3resume = acpi_is_wakeup_s3(); | ||||
| 		tpm_setup(s3resume); | ||||
| 	} | ||||
|  | ||||
| 	timestamp_add_now(TS_END_BOOTBLOCK); | ||||
|  | ||||
| 	run_romstage(); | ||||
|   | ||||
| @@ -8,6 +8,7 @@ config INTEL_CBNT_SUPPORT | ||||
| 	select INTEL_TXT | ||||
| 	# With CBnT the bootblock is set up as a CBnT IBB and needs a fixed size | ||||
| 	select FIXED_BOOTBLOCK_SIZE | ||||
| 	select TPM_MEASURED_BOOT_INIT_BOOTBLOCK if TPM_MEASURED_BOOT | ||||
| 	help | ||||
| 	  Enables Intel Converged Bootguard and Trusted Execution Technology | ||||
| 	  Support. This will enable one to add a Key Manifest (KM) and a Boot | ||||
|   | ||||
| @@ -106,6 +106,14 @@ config TPM_MEASURED_BOOT | ||||
| 	help | ||||
| 	  Enables measured boot (experimental) | ||||
|  | ||||
| config TPM_MEASURED_BOOT_INIT_BOOTBLOCK | ||||
| 	bool | ||||
| 	depends on TPM_MEASURED_BOOT && !VBOOT | ||||
| 	help | ||||
| 	  Initialize TPM inside the bootblock instead of ramstage. This is | ||||
| 	  useful with some form of hardware assisted root of trust | ||||
| 	  measurement like Intel TXT/CBnT. | ||||
|  | ||||
| config TPM_MEASURED_BOOT_RUNTIME_DATA | ||||
| 	string "Runtime data whitelist" | ||||
| 	default "" | ||||
|   | ||||
| @@ -1,5 +1,6 @@ | ||||
| /* SPDX-License-Identifier: GPL-2.0-only */ | ||||
|  | ||||
| #include <rules.h> | ||||
| #include <console/cbmem_console.h> | ||||
| #include <console/console.h> | ||||
| #include <security/tpm/tspi/crtm.h> | ||||
| @@ -104,6 +105,9 @@ static inline int tspi_tpm_is_setup(void) | ||||
| 		return vboot_logic_executed(); | ||||
| 	} | ||||
|  | ||||
| 	if (CONFIG(TPM_MEASURED_BOOT_INIT_BOOTBLOCK)) | ||||
| 		return ENV_BOOTBLOCK ? tpm_is_setup : 1; | ||||
|  | ||||
| 	if (ENV_RAMSTAGE) | ||||
| 		return tpm_is_setup; | ||||
|  | ||||
| @@ -180,7 +184,7 @@ uint32_t tpm_setup(int s3flag) | ||||
| #if CONFIG(TPM1) | ||||
| 	result = tpm1_invoke_state_machine(); | ||||
| #endif | ||||
| 	if (CONFIG(TPM_MEASURED_BOOT)) | ||||
| 	if (CONFIG(TPM_MEASURED_BOOT) && !CONFIG(TPM_MEASURED_BOOT_INIT_BOOTBLOCK)) | ||||
| 		result = tspi_measure_cache_to_pcr(); | ||||
|  | ||||
| 	tpm_is_setup = 1; | ||||
|   | ||||
		Reference in New Issue
	
	Block a user