CrptoPkg: introduce TPM library for software-based TPM implmentation #11851
Conversation
tianocore-assign-reviewers
bot
requested review from
ajfish,
ardbiesheuvel,
jyao1,
leiflindholm,
liyi77,
makubacki,
mdkinney,
samimujawar and
vishalo
LeviYeoReum
force-pushed
the
levi/3428_tpm_poc_upstream
branch
from
6f6a236 to
61ecfd8
Compare
To build TPM 2.0 Reference Implementation library, OpensslLib requires below features: - camellia - cmac - elliptic curved algorithms For thes, openssl should be configured without below two options: - no-camellia - no-cmac Therefore, remove these two option for OpensslFullLib only since TPM 2.0 Reference Library requires to use openssl built with ec This increases OpensslFullLib size -- around 16K. Except configure.py, other changed files are auto generated by configure.py Signed-off-by: Yeoreum Yun <[email protected]>
TPM 2.0 Reference Library[0] has platform interfaces which start with
prefix "__plat_" to implement software based TPM.
PlatformTpmLib is used to implment these interfaces.
When TpmLib calls "__plat_XXX()", the correspond function
"PlatformTpmLibXXX()" in PlatformTpmLib would be called.
Not all __plat_XXX interfaces are required to be implemented, and
default implementations for some interfaces can be utilised.
Here, PlatformTpmLib implements correspond __plat_XXX function in
TPM reference library files:
- Clock.c
- ExtraData.c
- Failure.c
- NVMem.c
- Unique.c
- VendorInfo.c
Note: To support to generation of platform specific endorsement seed,
the function PlatformTpmLibGetEPS() is defined in EPS.c
This platform function allows to platform specific endorsement seed
when fTPM is manufactured.
Link: https://github.com/TrustedComputingGroup/TPM [0]
Signed-off-by: Yeoreum Yun <[email protected]>
To build TPM reference library[0] with CryptoPkg,
belows are required:
- define memcpy and remove its function macro because memcpy is
used with function pointer in TPM reference library
NOTE:
See Section I-8.6.4 CopyMem(), UEFI Platform Initialization
Specification, Release 1.8A. The function prototype for
CopyMem() differs from the definition in.
- definitions of INT16_MAX/UINT16_MAX
Link: https://github.com/TrustedComputingGroup/TPM [0]
Signed-off-by: Yeoreum Yun <[email protected]>
Add build option files to build TPM reference library[0].
TpmBuildSwitches.h file is copied from TPM reference library which defines
basic options and need not to change.
These basic options are the same to original file except below options
- SIMULATION
This is turned off to disable building of the simulation layers.
- ALLOW_FORCE_FAILURE_MODE
This is turned off to disable setting failure mode forcefully
for testing.
TpmLibCompileOptions.h is used to specify additional build option if
required.
Link: https://github.com/TrustedComputingGroup/TPM [0]
Signed-off-by: Yeoreum Yun <[email protected]>
Add TPM 2.0 Reference Implementation Library [0] which could be used for implementation of software based fTPM. Links: https://github.com/TrustedComputingGroup/TPM [0] Signed-off-by: Yeoreum Yun <[email protected]>
Since TCG TPM 2.0 reference library V184, it defines IS_ALIGNED() macro in tpm_radix.h but this makes a duplication on Base.h and causes a build failure. To build TpmLib properly, copy tpm_radix.h and customise it to build TpmLib properly. Signed-off-by: Yeoreum Yun <[email protected]>
LeviYeoReum
force-pushed
the
levi/3428_tpm_poc_upstream
branch
from
61ecfd8 to
05ab49b
Compare
TpmLib is used to implemnataion of fTPM (software based TPM) using TPM 2.0 Reference Implementation Library [0]. TpmLib.c defines interfaces used for function of fTPM. TpmPlatformFunction.c is bridge layer to call PlatformTpmLib for __plat_XXX layer used by TPM reference library. Link: https://github.com/TrustedComputingGroup/TPM [0] Signed-off-by: Yeoreum Yun <[email protected]>
Add license notification for TPM reference library (https://github.com/TrustedComputingGroup/TPM) Signed-off-by: Yeoreum Yun <[email protected]>
TPM event logs from TF-A are delivered as GUIDED Hob with gEdkiiTpmEventLogDescHobGuid for measured boot support. To get this event logs, add gEdkiiTpmEventLogDescHobGuid. Signed-off-by: Yeoreum Yun <[email protected]>
When StandaloneMm uses TpmLib to implement software-based TPM, current stack size of StandaloneMm isn't enough to handle TPM command. Increase StandaloneMm's default stack size from 8KB to 16KB Signed-off-by: Yeoreum Yun <[email protected]>
LeviYeoReum
force-pushed
the
levi/3428_tpm_poc_upstream
branch
from
05ab49b to
5b4ecbf
Compare
|
I have two questions:
Thanks! |
|
hi, it is not appropriate to add tpm related feature to CryptoPkg, |
Hi. Since to build the TPM reference library, It's required to build: So, at first, I've added this into the CryptoPkg instead of SecurityPkg because I couldn't find out the way to access Do you have any idea for this? Thanks! |
|
Generally we do not allow packages outside of CryptoPkg to directly use OpenSSL. |
This is one of problem. openssl header file is directly included in TpmLib and
Because of these two reason, at first I've settled TpmLib in the CryptoPkg... Or Am I missing something in your suggestions? Thanks. |
|
Making two EDK2 submodules dependent on each other is a dangerous practice. For example, TPM might depend on OpenSSL 3.5, but EDK2 OpenSSL might need to be upgraded to 3.6, then leading to some errors. Is it possible to implement the TPM Crypto API based on BaseCryptLib to make it independent of a specific SSL library? |
Agree but... (see the below):
However, this still triggers duplicate symbol unless TCG TPM reference library calls the functions in openssl directly I don't want to modify the TCG TPM reference library source.. but try to keep as it is. One idea I think, uses a trick with Symbolic link.. (with openssl directory link and Library/Include part). |
|
@LeviYeoReum, my understanding is that you are adding a new feature - software-based TPM with an implementation detail that it directly links OpenSSL. This doesn't justify setting aside EDK II package scope and boundaries. Stepping back, I think you need to consider two options (1) reduce the upstream of this change to a level where it can be shared between platforms that need it and the dependencies like directly linking OpenSSL are controlled and maintained at that level or (2) abstract the dependencies so this can be shared more broadly, preferably with an RFC that explains how that will be accomplished. |
Hmm, anyay it seems to modify the TPM TCG submodule to use "edk2" openssl wrapper for abstraction of dependency. That why, to build TCG TPM submodule without any modification, I've located it in CryptoPkg But this requires "TCG TPM submodule" need to change the "openssl call" to "wrapper Openssl call". TBH, Nothing immediately comes to mind wihtout modify the "TCG TPM submodule" for abstration of dependency. Any thougt? |
|
Similar issues arose when introducing SPDM, FYI: |
|
If I understand the feedback from @liyi77 and @makubacki correctly, it amounts to
However, if the implementation of the library in question is as tightly coupled to OpenSSL as @LeviYeoReum claims it is (which I have no reason to doubt), I think CryptoPkg is the only reasonable place for it. Whether or not that means that the library class /definition/ (and a suitable NULL implementation) should live somewhere else (e.g., MdeModulePkg) is a thing we could discuss. But completely re-architecting how this existing piece of code interfaces with OpenSSL just to comply with our packaging rules is not the right way to go about this IMHO. @LeviYeoReum For the sake of further discussion, could you provide a high level overview of the components, their roles in the overall functionality that you are adding, and how tightly each is coupled to OpenSSL. Taking a step back, it would be good to also have some input on the desirability of this feature in combination with the use case it aims to enable, i.e., implementing a software TPM in standalone MM. To me, that sounds really useful, but perhaps there is prior art here? Or are there other concerns with the chosen approach? |
Agree with this, we can discuss the necessity of this feature first, and then see if any compromises are needed. |
|
Sorry for late answer. but at first, Let me make a brief in the github
TpmLib provides Software-based TPM via TCG TPM v2.0 Reference Library (https://github.com/TrustedComputingGroup/TPM) and this TCG TPM v2.0 Library is consist of Unfortunately, like:
TCG TPM v2.0 Library provides but it with the "header files" and clung to "build option" I think by overriding the Header file, it seems to implments with the Wrapper of openssl. The Platform Layer is implmented by PlatformTpmLib.
About prior art, Not yet. But I'll share the other use cases later. |
It does not need to fall under an Arm-specific directory. The /Features directory is a place to share vendor neutral features. Note that most of the Intel features were placed under a "Features/Intel" directory at the time because they were only tested on Intel platforms and had not been pitched for broader acceptance. It is not a requirement for a feature to be placed in a vendor-specific directory. Regardless of everything else, submodules in edk2 cause problems for consumers. It introduces dependencies that trip dependency injection and supply chain processes run at many companies because submodules are using dangerous/outdated dependencies themselves. It bloats the workspace for features that may never be used by a platform. This was and still is a problem with openssl, libspdm (which itself, uses openssl and mbedtls submodules), and others. Those are just recent examples. There is also an effort to separate OpenSSL from CryptoPkg to its own package (e.g. OpenSslPkg) that has been discussed. And the coupling introduced here would be more problematic at a time like that, because this doesn't depend on EDK II crypto which CryptoPkg exposes an abstraction for, it depends on OpenSSL. Is there a problem hosting this in the Features area of edk2-platforms? |
4 participants
Description
This patchset add TpmLib to be used for Software-based TPM driver.
TpmLib is wrapper library of [The TPM 2.0 Reference Implementation Library][1] and
[The TPM 2.0 Reference Implementation Library][1]'s platform part are implemented
with the PlatformTpmLib by each platform.
This will be used to implment [FtpmDxe driver][2] used by StandaloneMm so that
TPM funcionality can be supported with StandaloneMm
Patch #1 adds openssl build options to build TCG TPM 2.0 Reference Library
Patch #2 adds PlatformTpmLib which called by TCG TPM 2.0 Reference Library for handling platform specific functionalities
Patch #3-#8 add TpmLib used for software-based TPM.
Patch #9 adds GUID to handle event logs from TF-A
Patch #10 increses stack size for StandaloneMm when it use TpmLib.
For more, Please see the PR for [FtpmDxe driver][2]
References
[1] https://github.com/TrustedComputingGroup/TPM
[2] tianocore/edk2-platforms#919