sandbox TPM

[Simon Glass]

Hi Heinrich,

On Mon, 30 Aug 2021 at 01:34, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
>
>
>
> On 8/30/21 8:10 AM, Ilias Apalodimas wrote:
> > On Sun, 29 Aug 2021 at 13:53, Peter Robinson <pbrobinson at gmail.com> wrote:
> >>
> >> On Sat, Aug 28, 2021 at 10:19 PM Simon Glass <sjg at chromium.org> wrote:
> >>>
> >>> Hi Heinrich,
> >>>
> >>> On Sat, 28 Aug 2021 at 06:18, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
> >>>>
> >>>> The current TPM emulation in drivers/tpm/tpm(2)_tis_sandbox.c is not
> >>>> spec compliant.
>
> @Simon
> Just have look at the bunch of TPM related error messages generated on
> the sandbox:
>
> => host bind 0 ../sandbox.img
> => load host 0:1 $kernel_addr_r EFI/grub/shimriscv64.efi
> 755200 bytes read in 5 ms (144 MiB/s)
> => bootefi $kernel_addr_r
> Scanning disk mmc2.blk...
> No valid Btrfs found
> Bad magic number for SquashFS image.
> ** Unrecognized filesystem type **
> Scanning disk mmc1.blk...
> No valid Btrfs found
> Bad magic number for SquashFS image.
> ** Unrecognized filesystem type **
> Scanning disk mmc0.blk...
> No valid Btrfs found
> Bad magic number for SquashFS image.
> ** Unrecognized filesystem type **
> Scanning disk host0...
> Found 5 disks
> Cannot install EFI_TCG2_PROTOCOL <<<<<<<<<<<<<<<<<<<<<<<<<<<
> "dfu_alt_info" env variable not defined!
> Probably dfu_alt_info not defined
> "dfu_alt_info" env variable not defined!
> Probably dfu_alt_info not defined
> Booting /EFI\grub\shimriscv64.efi
> PE image measurement failed <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> .sbat copied to 0x000000002ca7b000
> .sbat =
> sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
> shim,1,UEFI shim,shim,1,https://github.com/rhboot/shim
>
> tcg2 measurement fails(0x8000000000000007)  <<<<<<<<<<<<<<<<

OK...then I wonder what it would take to improve the sandbox TPM
driver enough for these to pass? We have to think about cost/benefit
of the amount of code we are bringing in, debugability, etc.

>
>
> >>>
> >>> Do you mean it is incomplete or that it has bugs? If it is incomplete,
> >>> what is needed by U-Boot?
> >
> >>>
> >>>>
> >>>> A TPM emulation as UNIX socket exists with
> >>>> https://github.com/stefanberger/swtpm.git. QEMU already uses this emulator.
> >>>>
> >>>> Couldn't the sandbox do the same? I think this is the fastest way to get
> >>>> a compliant sandbox TPM.
> >>>
> >>> Well we could if we need it. Are you sure it is a good idea? There is
> >>> a lot of code there. Are you thinking it would be copied into the
> >>> U-Boot tree and kept in sync with a script, perhaps? Presumably the
> >>> project would accept changes we need?
> >>
> >> qemu doesn't copy it in, why can't it just run independently as part
> >> of the CI process? The rust TPM2 bindings do that here:
> >> https://github.com/parallaxsecond/rust-tss-esapi/blob/main/tss-esapi/tests/all-fedora.sh#L13
> >
> > Keep in mind this is exposed as an MMIIO device. I did send a driver
> > for it a while back [1].  In case we decide to use this, we can
> > probably re-use that
> >
> > [1] https://lore.kernel.org/u-boot/20210707162604.84196-1-ilias.apalodimas@linaro.org/
> >
> > Regards
> > /Ilias
> >
>
> Currently we don't test measured boot. I would prefer the tests to run
> on the sandbox and not in QEMU. This makes debugging much easier.

I couldn't agree more; development also.

Regards,
Simon