qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v4] hw/misc: Add simple measurement hardware


From: Stefan Berger
Subject: Re: [Qemu-devel] [PATCH v4] hw/misc: Add simple measurement hardware
Date: Sun, 11 Sep 2016 20:05:37 -0400

Matthew Garrett <address@hidden> wrote on 08/17/2016 03:48:52 PM:

> From: Matthew Garrett <address@hidden>
> To: address@hidden
> Cc: address@hidden, address@hidden, Stefan Berger/Watson/
> address@hidden, Matthew Garrett <address@hidden>
> Date: 08/17/2016 03:49 PM
> Subject: [PATCH v4] hw/misc: Add simple measurement hardware
> 
> Trusted Boot is based around having a trusted store of measurement data 
and
> a secure communications channel between that store and an attestation
> target. In actual hardware, that's a TPM. Since the TPM can only be 
accessed
> via the host system, this in turn requires that the TPM be able to 
perform
> reasonably complicated cryptographic functions in order to demonstrate 
its
> trusted state.
> 
> In cloud environments, qemu is inherently trusted and the hypervisor
> infrastructure provides a trusted mechanism for extracting information 
from
> qemu and providing it to another system. This means we can skip the 
crypto
> and stick with the basic functionality - ie, providing a trusted store 
of
> measurement data.
> 
> This driver provides a very small subset of TPM 1.2 functionality in the
> form of a bank of registers that can store SHA1 measurements of boot
> components. Performing a write to one of these registers will append the 
new
> 20 byte hash to the 20 bytes currently stored within the register, take 
a
> SHA1 of this 40 byte value and then replace the existing register 
contents
> with the new value. This ensures that a given value can only be obtained 
by
> performing the same sequence of writes. It also adds a monitor command 
to
> allow an external agent to extract this information from the running 
system
> and provide it over a secure communications channel. Finally, it 
measures
> each of the loaded ROMs into one of the registers at reset time.
> 
> In combination with work in SeaBIOS and the kernel, this permits a fully
> measured boot in a virtualised environment without the overhead of a 
full
> TPM implementation.
> 
> This version of the implementation depends on port io, but if there's
> interest I'll add mmio as well.
> 
> Signed-off-by: Matthew Garrett <address@hidden>
> ---
> 
> Updated based on David's feedback.
> 
>  default-configs/x86_64-softmmu.mak |   1 +
>  hmp-commands-info.hx               |  14 ++
>  hmp.c                              |  16 ++
>  hmp.h                              |   1 +
>  hw/core/loader.c                   |  12 ++
>  hw/i386/acpi-build.c               |  29 +++-
>  hw/misc/Makefile.objs              |   1 +
>  hw/misc/measurements.c             | 328 ++++++++++++++++++++++++++
> +++++++++++
>  hw/misc/measurements.h             |   5 +
>  hw/tpm/tpm_tis.c                   |   5 +


There shouldn't be a change to tpm_tis.c since this is just one specific 
front end of possibly different one. I think the mutual exclusion test 
should go into more common code: tpm.c:tpm_init() 




reply via email to

[Prev in Thread] Current Thread [Next in Thread]