[isar-cip-core,3/8] Include optee into u-boot

Commit Message

Schultschik, Sven Oct. 24, 2022, 12:27 p.m. UTC

From: Sven Schultschik <sven.schultschik@siemens.com>

Optee is part of u-boot In the secureboot scenario to use optee and RPMB as secure storage.

Signed-off-by: Sven Schultschik <sven.schultschik@siemens.com>
---
 recipes-bsp/u-boot/files/secure-boot.cfg.tmpl | 7 +++++++
 recipes-bsp/u-boot/u-boot-qemu-common.inc     | 2 ++
 2 files changed, 9 insertions(+)

Comments

Su, Bao Cheng Oct. 26, 2022, 7:36 a.m. UTC | #1

On Mon, 2022-10-24 at 14:27 +0200, sven.schultschik@siemens.com wrote:
> From: Sven Schultschik <sven.schultschik@siemens.com>
> 
> Optee is part of u-boot In the secureboot scenario to use optee and RPMB as secure storage.
> 
> Signed-off-by: Sven Schultschik <sven.schultschik@siemens.com>
> ---
>  recipes-bsp/u-boot/files/secure-boot.cfg.tmpl | 7 +++++++
>  recipes-bsp/u-boot/u-boot-qemu-common.inc     | 2 ++
>  2 files changed, 9 insertions(+)
> 
> diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> index 956dcbfed..8e6428238 100644
> --- a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> +++ b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> @@ -4,3 +4,10 @@ CONFIG_USE_BOOTCOMMAND=y
>  CONFIG_BOOTCOMMAND="setenv scan_dev_for_boot 'if test -e ${devtype} ${devnum}:${distro_bootpart} efi/boot/boot${EFI_ARCH}.efi; then load ${devtype} ${devnum}:${distro_bootpart} ${kernel_addr_r} efi/boot/boot${EFI_ARCH}.efi; bootefi ${kernel_addr_r} ${fdtcontroladdr}; fi'; run distro_bootcmd; echo 'EFI Boot failed!'; sleep 1000; reset"
>  CONFIG_EFI_VARIABLES_PRESEED=y
>  CONFIG_EFI_SECURE_BOOT=y
> +### OPTEE config
> +CONFIG_CMD_OPTEE_RPMB=y
> +CONFIG_MMC=y
> +CONFIG_SUPPORT_EMMC_RPMB=y
> +CONFIG_TEE=y
> +CONFIG_OPTEE=y
> +CONFIG_EFI_MM_COMM_TEE=y

According to lib/efi_loader/Makefile:

ifeq ($(CONFIG_EFI_MM_COMM_TEE),y)
obj-y += efi_variable_tee.o
else
obj-y += efi_variable.o
obj-$(CONFIG_EFI_VARIABLES_PRESEED) += efi_var_seed.o
endif

The `CONFIG_EFI_MM_COMM_TEE` conflicts with
`CONFIG_EFI_VARIABLES_PRESEED`, so you have to choose one.

- Baocheng

> diff --git a/recipes-bsp/u-boot/u-boot-qemu-common.inc b/recipes-bsp/u-boot/u-boot-qemu-common.inc
> index 0a9a15a0f..802fc5056 100644
> --- a/recipes-bsp/u-boot/u-boot-qemu-common.inc
> +++ b/recipes-bsp/u-boot/u-boot-qemu-common.inc
> @@ -13,6 +13,8 @@ require recipes-bsp/u-boot/u-boot-common.inc
>  
> 
> 
> 
>  U_BOOT_BIN = "u-boot.bin"
>  
> 
> 
> 
> +DEPENDS_append_secureboot = " optee-os-${MACHINE}"
> +
>  do_deploy[dirs] = "${DEPLOY_DIR_IMAGE}"
>  do_deploy() {
>      dpkg --fsys-tarfile "${WORKDIR}/u-boot-${MACHINE}_${PV}_${DISTRO_ARCH}.deb" | \

Jan Kiszka Oct. 26, 2022, 8:52 a.m. UTC | #2

On 26.10.22 09:36, Su, Bao Cheng wrote:
> On Mon, 2022-10-24 at 14:27 +0200, sven.schultschik@siemens.com wrote:
>> From: Sven Schultschik <sven.schultschik@siemens.com>
>>
>> Optee is part of u-boot In the secureboot scenario to use optee and RPMB as secure storage.
>>
>> Signed-off-by: Sven Schultschik <sven.schultschik@siemens.com>
>> ---
>>  recipes-bsp/u-boot/files/secure-boot.cfg.tmpl | 7 +++++++
>>  recipes-bsp/u-boot/u-boot-qemu-common.inc     | 2 ++
>>  2 files changed, 9 insertions(+)
>>
>> diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
>> index 956dcbfed..8e6428238 100644
>> --- a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
>> +++ b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
>> @@ -4,3 +4,10 @@ CONFIG_USE_BOOTCOMMAND=y
>>  CONFIG_BOOTCOMMAND="setenv scan_dev_for_boot 'if test -e ${devtype} ${devnum}:${distro_bootpart} efi/boot/boot${EFI_ARCH}.efi; then load ${devtype} ${devnum}:${distro_bootpart} ${kernel_addr_r} efi/boot/boot${EFI_ARCH}.efi; bootefi ${kernel_addr_r} ${fdtcontroladdr}; fi'; run distro_bootcmd; echo 'EFI Boot failed!'; sleep 1000; reset"
>>  CONFIG_EFI_VARIABLES_PRESEED=y
>>  CONFIG_EFI_SECURE_BOOT=y
>> +### OPTEE config
>> +CONFIG_CMD_OPTEE_RPMB=y
>> +CONFIG_MMC=y
>> +CONFIG_SUPPORT_EMMC_RPMB=y
>> +CONFIG_TEE=y
>> +CONFIG_OPTEE=y
>> +CONFIG_EFI_MM_COMM_TEE=y
> 
> According to lib/efi_loader/Makefile:
> 
> ifeq ($(CONFIG_EFI_MM_COMM_TEE),y)
> obj-y += efi_variable_tee.o
> else
> obj-y += efi_variable.o
> obj-$(CONFIG_EFI_VARIABLES_PRESEED) += efi_var_seed.o
> endif
> 
> The `CONFIG_EFI_MM_COMM_TEE` conflicts with
> `CONFIG_EFI_VARIABLES_PRESEED`, so you have to choose one.
> 

Right. When we switch this, we also need to switch the secure boot setup
procedure so that the result remains securely booted.

Jan

Schultschik, Sven Oct. 26, 2022, 3:27 p.m. UTC | #3

> -----Ursprüngliche Nachricht-----
> Von: Kiszka, Jan (T CED) <jan.kiszka@siemens.com>
> Gesendet: Mittwoch, 26. Oktober 2022 10:53
> An: Su, Bao Cheng (DI FA CTR IPC CN PRC4) <baocheng.su@siemens.com>;
> Schultschik, Sven (DI PA DCP R&D 2) <sven.schultschik@siemens.com>; cip-
> dev@lists.cip-project.org
> Betreff: Re: [isar-cip-core][PATCH 3/8] Include optee into u-boot
> 
> On 26.10.22 09:36, Su, Bao Cheng wrote:
> > On Mon, 2022-10-24 at 14:27 +0200, sven.schultschik@siemens.com wrote:
> >> From: Sven Schultschik <sven.schultschik@siemens.com>
> >>
> >> Optee is part of u-boot In the secureboot scenario to use optee and RPMB as
> secure storage.
> >>
> >> Signed-off-by: Sven Schultschik <sven.schultschik@siemens.com>
> >> ---
> >>  recipes-bsp/u-boot/files/secure-boot.cfg.tmpl | 7 +++++++
> >>  recipes-bsp/u-boot/u-boot-qemu-common.inc     | 2 ++
> >>  2 files changed, 9 insertions(+)
> >>
> >> diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> >> b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> >> index 956dcbfed..8e6428238 100644
> >> --- a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> >> +++ b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> >> @@ -4,3 +4,10 @@ CONFIG_USE_BOOTCOMMAND=y
> >>  CONFIG_BOOTCOMMAND="setenv scan_dev_for_boot 'if test -e ${devtype}
> ${devnum}:${distro_bootpart} efi/boot/boot${EFI_ARCH}.efi; then load
> ${devtype} ${devnum}:${distro_bootpart} ${kernel_addr_r}
> efi/boot/boot${EFI_ARCH}.efi; bootefi ${kernel_addr_r} ${fdtcontroladdr}; fi';
> run distro_bootcmd; echo 'EFI Boot failed!'; sleep 1000; reset"
> >>  CONFIG_EFI_VARIABLES_PRESEED=y
> >>  CONFIG_EFI_SECURE_BOOT=y
> >> +### OPTEE config
> >> +CONFIG_CMD_OPTEE_RPMB=y
> >> +CONFIG_MMC=y
> >> +CONFIG_SUPPORT_EMMC_RPMB=y
> >> +CONFIG_TEE=y
> >> +CONFIG_OPTEE=y
> >> +CONFIG_EFI_MM_COMM_TEE=y
> >
> > According to lib/efi_loader/Makefile:
> >
> > ifeq ($(CONFIG_EFI_MM_COMM_TEE),y)
> > obj-y += efi_variable_tee.o
> > else
> > obj-y += efi_variable.o
> > obj-$(CONFIG_EFI_VARIABLES_PRESEED) += efi_var_seed.o endif
> >
> > The `CONFIG_EFI_MM_COMM_TEE` conflicts with
> > `CONFIG_EFI_VARIABLES_PRESEED`, so you have to choose one.
> >
> 
> Right. When we switch this, we also need to switch the secure boot setup
> procedure so that the result remains securely booted.
> 
> Jan
Do you want to do those adjustments within this patch series or
do it separately?

Sven

Jan Kiszka Oct. 26, 2022, 4 p.m. UTC | #4

On 26.10.22 17:27, Schultschik, Sven (DI PA DCP R&D 2) wrote:
> 
> 
>> -----Ursprüngliche Nachricht-----
>> Von: Kiszka, Jan (T CED) <jan.kiszka@siemens.com>
>> Gesendet: Mittwoch, 26. Oktober 2022 10:53
>> An: Su, Bao Cheng (DI FA CTR IPC CN PRC4) <baocheng.su@siemens.com>;
>> Schultschik, Sven (DI PA DCP R&D 2) <sven.schultschik@siemens.com>; cip-
>> dev@lists.cip-project.org
>> Betreff: Re: [isar-cip-core][PATCH 3/8] Include optee into u-boot
>>
>> On 26.10.22 09:36, Su, Bao Cheng wrote:
>>> On Mon, 2022-10-24 at 14:27 +0200, sven.schultschik@siemens.com wrote:
>>>> From: Sven Schultschik <sven.schultschik@siemens.com>
>>>>
>>>> Optee is part of u-boot In the secureboot scenario to use optee and RPMB as
>> secure storage.
>>>>
>>>> Signed-off-by: Sven Schultschik <sven.schultschik@siemens.com>
>>>> ---
>>>>  recipes-bsp/u-boot/files/secure-boot.cfg.tmpl | 7 +++++++
>>>>  recipes-bsp/u-boot/u-boot-qemu-common.inc     | 2 ++
>>>>  2 files changed, 9 insertions(+)
>>>>
>>>> diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
>>>> b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
>>>> index 956dcbfed..8e6428238 100644
>>>> --- a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
>>>> +++ b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
>>>> @@ -4,3 +4,10 @@ CONFIG_USE_BOOTCOMMAND=y
>>>>  CONFIG_BOOTCOMMAND="setenv scan_dev_for_boot 'if test -e ${devtype}
>> ${devnum}:${distro_bootpart} efi/boot/boot${EFI_ARCH}.efi; then load
>> ${devtype} ${devnum}:${distro_bootpart} ${kernel_addr_r}
>> efi/boot/boot${EFI_ARCH}.efi; bootefi ${kernel_addr_r} ${fdtcontroladdr}; fi';
>> run distro_bootcmd; echo 'EFI Boot failed!'; sleep 1000; reset"
>>>>  CONFIG_EFI_VARIABLES_PRESEED=y
>>>>  CONFIG_EFI_SECURE_BOOT=y
>>>> +### OPTEE config
>>>> +CONFIG_CMD_OPTEE_RPMB=y
>>>> +CONFIG_MMC=y
>>>> +CONFIG_SUPPORT_EMMC_RPMB=y
>>>> +CONFIG_TEE=y
>>>> +CONFIG_OPTEE=y
>>>> +CONFIG_EFI_MM_COMM_TEE=y
>>>
>>> According to lib/efi_loader/Makefile:
>>>
>>> ifeq ($(CONFIG_EFI_MM_COMM_TEE),y)
>>> obj-y += efi_variable_tee.o
>>> else
>>> obj-y += efi_variable.o
>>> obj-$(CONFIG_EFI_VARIABLES_PRESEED) += efi_var_seed.o endif
>>>
>>> The `CONFIG_EFI_MM_COMM_TEE` conflicts with
>>> `CONFIG_EFI_VARIABLES_PRESEED`, so you have to choose one.
>>>
>>
>> Right. When we switch this, we also need to switch the secure boot setup
>> procedure so that the result remains securely booted.
>>
>> Jan
> Do you want to do those adjustments within this patch series or
> do it separately?

Well, if we leave out enabling CONFIG_EFI_MM_COMM_TEE from this series,
would that leave something testable / minimally useful behind? If not,
we need the transition to secure boot keys in RPMB already in this series.

Jan

Schultschik, Sven Nov. 7, 2022, 4:57 p.m. UTC | #5

> >>>
> >>
> >> Right. When we switch this, we also need to switch the secure boot
> >> setup procedure so that the result remains securely booted.
> >>
> >> Jan
> > Do you want to do those adjustments within this patch series or do it
> > separately?
>
> Well, if we leave out enabling CONFIG_EFI_MM_COMM_TEE from this series,
> would that leave something testable / minimally useful behind? If not, we 
> need
> the transition to secure boot keys in RPMB already in this series.
>

If we go fully on the optee rpmb solution only with the manual test patch 8/8

Else we would need to provide a
- PK, KEK and db
- a u-boot script which does on every boot such things
fatload virtio 1:1 40000000 PK.auth
setenv -e -nv -bs -rt -at -i 40000000:$filesize PK
fatload virtio 1:1 40000000 KEK.auth
setenv -e -nv -bs -rt -at -i 40000000:$filesize KEK
fatload virtio 1:1 40000000 db.auth
setenv -e -nv -bs -rt -at -i 40000000:$filesize db

Why?
The secure UEFI environment is not persistent in the patched u-boot qemu 
setting. The RPMB in u-boot is emulated as struct in memory.

Jan we could make a small talk if you want to discuss further steps.

Sven

Jan Kiszka Nov. 7, 2022, 5:50 p.m. UTC | #6

On 07.11.22 17:57, Schultschik, Sven (DI PA DCP R&D 2) wrote:
>>>>>
>>>>
>>>> Right. When we switch this, we also need to switch the secure boot
>>>> setup procedure so that the result remains securely booted.
>>>>
>>>> Jan
>>> Do you want to do those adjustments within this patch series or do it
>>> separately?
>>
>> Well, if we leave out enabling CONFIG_EFI_MM_COMM_TEE from this series,
>> would that leave something testable / minimally useful behind? If not, we 
>> need
>> the transition to secure boot keys in RPMB already in this series.
>>
> 
> If we go fully on the optee rpmb solution only with the manual test patch 8/8
> 
> Else we would need to provide a
> - PK, KEK and db
> - a u-boot script which does on every boot such things
> fatload virtio 1:1 40000000 PK.auth
> setenv -e -nv -bs -rt -at -i 40000000:$filesize PK
> fatload virtio 1:1 40000000 KEK.auth
> setenv -e -nv -bs -rt -at -i 40000000:$filesize KEK
> fatload virtio 1:1 40000000 db.auth
> setenv -e -nv -bs -rt -at -i 40000000:$filesize db
> 
> Why?
> The secure UEFI environment is not persistent in the patched u-boot qemu 
> setting. The RPMB in u-boot is emulated as struct in memory.
> 

Ouch... We need a persistent and consistent (u-boot vs. kernel) RPMB to
actually test this with realistic scenarios, I suppose.

> Jan we could make a small talk if you want to discuss further steps.
> 

Can you summarize again here what options we have now? It seems we need
a proper RPMB emulation rather sooner than later.

Jan

Schultschik, Sven Nov. 10, 2022, 11:01 a.m. UTC | #7

> >
> 
> Can you summarize again here what options we have now? It seems we need a
> proper RPMB emulation rather sooner than later.
> 

Option 1:
- Keep it as it is
- CONFIG_BOOTDELAY=5
- manually set PK, KEK, db on every boot

Option 2:
- Write a small u-boot script für qemu u-boot (never done this before)
- This script runs on every boot
- This script initializes secure efi env with PK, KEK, db

Option 3: 
- Proper RPMB emulation, which takes to long for now

Jan Kiszka Nov. 10, 2022, 1:38 p.m. UTC | #8

On 10.11.22 12:01, Schultschik, Sven (DI PA DCP R&D 2) wrote:
>>>
>>
>> Can you summarize again here what options we have now? It seems we need a
>> proper RPMB emulation rather sooner than later.
>>
> 
> Option 1:
> - Keep it as it is
> - CONFIG_BOOTDELAY=5
> - manually set PK, KEK, db on every boot
> 
> Option 2:
> - Write a small u-boot script für qemu u-boot (never done this before)
> - This script runs on every boot
> - This script initializes secure efi env with PK, KEK, db

You can basically put the commands you would manually execute into
CONFIG_BOOTCOMMAND. We already have a custom string there for secure
boot, see
https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl.
Would likely qualify for separating this "special" extension for the
secure-boot.cfg.tmpl baseline.

> 
> Option 3: 
> - Proper RPMB emulation, which takes to long for now

Yes, likely. At least I did step 0.1, registered with jedec.org and
fetched the spec. It's not done over an afternoon, but possibly also
only within few weeks (with some experience with QEMU).

Jan

Patch

diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
index 956dcbfed..8e6428238 100644
--- a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
+++ b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
@@ -4,3 +4,10 @@  CONFIG_USE_BOOTCOMMAND=y
 CONFIG_BOOTCOMMAND="setenv scan_dev_for_boot 'if test -e ${devtype} ${devnum}:${distro_bootpart} efi/boot/boot${EFI_ARCH}.efi; then load ${devtype} ${devnum}:${distro_bootpart} ${kernel_addr_r} efi/boot/boot${EFI_ARCH}.efi; bootefi ${kernel_addr_r} ${fdtcontroladdr}; fi'; run distro_bootcmd; echo 'EFI Boot failed!'; sleep 1000; reset"
 CONFIG_EFI_VARIABLES_PRESEED=y
 CONFIG_EFI_SECURE_BOOT=y
+### OPTEE config
+CONFIG_CMD_OPTEE_RPMB=y
+CONFIG_MMC=y
+CONFIG_SUPPORT_EMMC_RPMB=y
+CONFIG_TEE=y
+CONFIG_OPTEE=y
+CONFIG_EFI_MM_COMM_TEE=y
diff --git a/recipes-bsp/u-boot/u-boot-qemu-common.inc b/recipes-bsp/u-boot/u-boot-qemu-common.inc
index 0a9a15a0f..802fc5056 100644
--- a/recipes-bsp/u-boot/u-boot-qemu-common.inc
+++ b/recipes-bsp/u-boot/u-boot-qemu-common.inc
@@ -13,6 +13,8 @@  require recipes-bsp/u-boot/u-boot-common.inc
 
 U_BOOT_BIN = "u-boot.bin"
 
+DEPENDS_append_secureboot = " optee-os-${MACHINE}"
+
 do_deploy[dirs] = "${DEPLOY_DIR_IMAGE}"
 do_deploy() {
     dpkg --fsys-tarfile "${WORKDIR}/u-boot-${MACHINE}_${PV}_${DISTRO_ARCH}.deb" | \