On 14.06.24 11:40, Ilias Apalodimas wrote:
We currently only describe the process to enable measured boot using
bootm. Describe the UEFI requirements as well which predate bootm.
Signed-off-by: Ilias Apalodimas <ilias.apalodi...@linaro.org>
---
doc/usage/measured_boot.rst | 24 ++++++++++++++++++++++--
1 file changed, 22 insertions(+), 2 deletions(-)
diff --git a/doc/usage/measured_boot.rst b/doc/usage/measured_boot.rst
index 9691904a9d8a..1b5dd1dcc438 100644
--- a/doc/usage/measured_boot.rst
+++ b/doc/usage/measured_boot.rst
@@ -7,6 +7,26 @@ U-Boot can perform a measured boot, the process of hashing
various components
of the boot process, extending the results in the TPM and logging the
component's measurement in memory for the operating system to consume.
+The functionality is available when booting via the EFI subsystem or 'bootm'
Thanks for adding a description for legacy measured boot.
@Eddie
Is it really only the bootm command? How about booti and bootz? Not
measuring there would be quite inconsistent.
Please, add a document link to doc/usage/cmd/bootm.rst.
+command.
+
+UEFI subsystem
UEFI measured boot
+--------------
+The EFI subsystem implements the `EFI TCG protocol
+<https://trustedcomputinggroup.org/resource/tcg-efi-protocol-specification/>`_
+and the `TCG PC Client Specific Platform Firmware Profile Specification
+<https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/>`_
+which defines the binaries to be measured and the corresponding PCRs used.
to be used.
+
+UEFI requirements
+~~~~~~~~~~~~~~~~~
+* A hardware TPM 2.0 supported by the U-Boot drivers
by an enabled U-Boot driver.
+* CONFIG_EFI_TCG2_PROTOCOL=y
+* CONFIG_EFI_TCG2_PROTOCOL_EVENTLOG_SIZE=y
+* optional CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB=y will measure the loaded DTB
in PCR 0
Why does this setting not default to yes?
Should EFI_TCG2_PROTOCOL_MEASURE_DTB depend on !GENERATE_ACPI_TABLE as
we won't load the device-tree in this case?
I can't find any reference to device-trees in `TCG PC Client Platform
Firmware Profile Specification`. Where is PCR 0 for the device-tree
specified? I read:
"In general, the platform firmware measures into PCR[1] the
configuration data that is associated with the code that measured into
PCR[0]".
This looks like PCR 1 should be the target for the device-tree.
Do we already measure ACPI and SMBIOS tables into PCR1 as required by
the specification.
+
+bootm
Measured legacy boot with bootm command
Please, consider in your description that the bootm command may be used
to load a FIT image with an EFI binary.
+-----
By default, U-Boot will measure the operating system (linux) image, the
initrd image, and the "bootargs" environment variable. By enabling
CONFIG_MEASURE_DEVICETREE, U-Boot will also measure the devicetree image.
@@ -15,8 +35,8 @@ The operating system typically would verify that the hashes
found in the
TPM PCRs match the contents of the event log. This can further be checked
against the hash results of previous boots.
-Requirements
-------------
+bootm requirements
This is already a sub-section of bootm. No need to repeat it.
+~~~~~~~~~~~~~~~~~~
* A hardware TPM 2.0 supported by the U-Boot drivers
by an enabled U-Boot driver.
* CONFIG_TPM=y
CONFIG_TPM_V2=y is required?
Best regards
Heinrich
