[PATCH 1/5] drivers: security: Add security devices to driver model

Ilias Apalodimas ilias.apalodimas at linaro.org
Wed Aug 16 15:14:12 CEST 2023


Hi Sean

On Sat, 12 Aug 2023 at 03:28, <seanedmond at linux.microsoft.com> wrote:
>
> From: Stephen Carlson <stcarlso at linux.microsoft.com>
>
> Security devices currently implement operations to store an OS
> anti-rollback monotonic counter. Existing devices such as the Trusted
> Platform Module (TPM) already support this operation, but this uclass
> provides abstraction for current and future devices that may support
> different features.
>
> - New Driver Model uclass UCLASS_SECURITY.
> - New config CONFIG_DM_SECURITY to enable security device support.
> - New driver sandbox_security matching "security,sandbox", enabled with
>   new config CONFIG_SECURITY_SANDBOX.
>

[...]

>
>  source "drivers/scsi/Kconfig"
>
> +source "drivers/security/Kconfig"
> +
>  source "drivers/serial/Kconfig"
>
>  source "drivers/smem/Kconfig"
> diff --git a/drivers/Makefile b/drivers/Makefile
> index efc2a4afb2..b670aae5fd 100644
> --- a/drivers/Makefile
> +++ b/drivers/Makefile
> @@ -98,6 +98,7 @@ obj-$(CONFIG_PCH) += pch/
>  obj-$(CONFIG_DM_REBOOT_MODE) += reboot-mode/
>  obj-y += rtc/
>  obj-y += scsi/
> +obj-y += security/
>  obj-y += sound/
>  obj-y += spmi/
>  obj-y += watchdog/
> diff --git a/drivers/security/Kconfig b/drivers/security/Kconfig
> new file mode 100644
> index 0000000000..f7af5c4e78
> --- /dev/null
> +++ b/drivers/security/Kconfig
> @@ -0,0 +1,25 @@
> +config DM_SECURITY
> +       bool "Support security devices with driver model"
> +       depends on DM
> +       help
> +         This option enables support for the security uclass which supports
> +         devices intended to provide additional security features during
> +         boot. These devices might encapsulate existing features of TPM
> +         or TEE devices, but can also be dedicated security processors
> +         implemented in specific hardware.
> +
> +config SECURITY_SANDBOX
> +       bool "Enable sandbox security driver"
> +       depends on DM_SECURITY
> +       help
> +         This driver supports a simulated security device that uses volatile
> +         memory to store secure data and begins uninitialized. This
> +         implementation allows OS images with security requirements to be
> +         loaded in the sandbox environment.
> +
> +config SECURITY_TPM
> +       bool "Enable TPM security driver"
> +       depends on TPM && TPM_V2 && DM_SECURITY
> +       help
> +         This driver supports a security device based on existing TPM
> +         functionality.


I think this is generally a good idea.  But we need to define a bit
better what we consider 'security' and what is supported by this
uclass.  One example would be a TPM RNG device.  We already support
that and we even use it as an RNG in certain cases.  Is this something
that we should move here?  Because atm the new class seems to only
support a rollback counter (which is fine, we might just have to pick
a different name)

[...]

Thanks
/Ilias


More information about the U-Boot mailing list