Matthew Garrett <mj...@coreos.com> wrote on 08/17/2016 03:48:52 PM: > From: Matthew Garrett <mj...@coreos.com> > To: qemu-devel@nongnu.org > Cc: dgilb...@redhat.com, berra...@redhat.com, Stefan Berger/Watson/ > IBM@IBMUS, Matthew Garrett <mj...@coreos.com> > Date: 08/17/2016 03:49 PM > Subject: [PATCH v4] hw/misc: Add simple measurement hardware > > Trusted Boot is based around having a trusted store of measurement data and > a secure communications channel between that store and an attestation > target. In actual hardware, that's a TPM. Since the TPM can only be accessed > via the host system, this in turn requires that the TPM be able to perform > reasonably complicated cryptographic functions in order to demonstrate its > trusted state. > > In cloud environments, qemu is inherently trusted and the hypervisor > infrastructure provides a trusted mechanism for extracting information from > qemu and providing it to another system. This means we can skip the crypto > and stick with the basic functionality - ie, providing a trusted store of > measurement data. > > This driver provides a very small subset of TPM 1.2 functionality in the > form of a bank of registers that can store SHA1 measurements of boot > components. Performing a write to one of these registers will append the new > 20 byte hash to the 20 bytes currently stored within the register, take a > SHA1 of this 40 byte value and then replace the existing register contents > with the new value. This ensures that a given value can only be obtained by > performing the same sequence of writes. It also adds a monitor command to > allow an external agent to extract this information from the running system > and provide it over a secure communications channel. Finally, it measures > each of the loaded ROMs into one of the registers at reset time. > > In combination with work in SeaBIOS and the kernel, this permits a fully > measured boot in a virtualised environment without the overhead of a full > TPM implementation. > > This version of the implementation depends on port io, but if there's > interest I'll add mmio as well. > > Signed-off-by: Matthew Garrett <mj...@coreos.com> > --- > > Updated based on David's feedback. > > default-configs/x86_64-softmmu.mak | 1 + > hmp-commands-info.hx | 14 ++ > hmp.c | 16 ++ > hmp.h | 1 + > hw/core/loader.c | 12 ++ > hw/i386/acpi-build.c | 29 +++- > hw/misc/Makefile.objs | 1 + > hw/misc/measurements.c | 328 ++++++++++++++++++++++++++ > +++++++++++ > hw/misc/measurements.h | 5 + > hw/tpm/tpm_tis.c | 5 +
There shouldn't be a change to tpm_tis.c since this is just one specific front end of possibly different one. I think the mutual exclusion test should go into more common code: tpm.c:tpm_init()