Hi all,
Recently, I posted TpmLib[0], a wrapper library for the TCG TPM 2.0 Reference
Library[1],
intended for use with the software-based TPM driver in StandaloneMm[2].
This enables the following use cases:
- End-to-end measured boot
- Integration with certain kernel subsystems (e.g., IMA)
- Support for the fTPM feature in the Arm CCA software stack
Overviews
==============
Below diagram explains briefly how TpmLib will be used:
UEFI (Normal world) | Secure World
-------------------------------------------------------------------
+-----------------+ | +-----------+ +----------+
| Tcg2Pei/Tcg2Dxe| | | FtpmDxe |<---->| TpmLib |
+-----------------+ | +-----------+ +----------+
| | |
| | ----------
| | |
| | |
| | +------------------+
| | | StandaloneMmCpu |
| | +------------------+
| | |
| | |
| | |
+----------------------+ | +----------------------------+
| Tpm2InstanceFfaLib |<---------->| StandaloneMmCoreEntryPoint |
+----------------------+ . | (Misc Service) |
. +----------------------------+
.
Communicate via CRB over FF-A [3]
When UEFI issues a TPM command through Tpm2InstanceFfaLib,
in accordance with the TPM Service Command Response Buffer Interface over FF-A
specification[3],
the request is received by FtpmDxe[2], a driver running in StandaloneMm[2].
FtpmDxe then invokes TpmLib[0], a wrapper around the TPM 2.0 Reference
Library[1],
to process the TPM command correctly.
and when linux boots, the FtpmDxe[2] will communicate with tpm_crb_ffa
driver[4]:
UEFI (Normal world) | Secure World
-------------------------------------------------------------------
|
+----------------------+ | +-----------+ +----------+
| TPM infra-structure | | | FtpmDxe |<---->| TpmLib |
+----------------------+ | +-----------+ +----------+
| | |
| | ----------
| | |
| | |
| | +------------------+
| | | StandaloneMmCpu |
| | +------------------+
| | |
| | |
| | |
+----------------------+ | +----------------------------+
| tpm_crb_ffa driver |<---------->| StandaloneMmCoreEntryPoint |
+----------------------+ . | (Misc Service) |
. +----------------------------+
.
Communicate via CRB over FF-A [3]
The tpm_crb_ffa_driver[4] also issues TPM command requests in accordance with
the
TPM Service Command Response Buffer Interface over FF-A specification[3].
Following the same flow described above, FtpmDxe[2] receives the TPM request
and dispatches it to TpmLib[0], which processes the command using
the TCG TPM 2.0 Reference Library[1].
How TpmLib works
================
The core of TpmLib[0] is TCG TPM 2.0 Library[1] and it consists of:
+----------------+
| TCG TPM LIB |
+----------------+
|
|
-------------------------------------
| |
+----------------------------+ +-------------------------+
| Crypto / BigInt Library | | Platform Layer |
| (openssl or worfssl) | | (TPMCmd/Platform/src) |
+----------------------------+ +-------------------------+
Current implementation uses openssl for crypto and bigint for TCG TPM
library[1].
Platfrom Layer (generating Endorsement Platform Seed, NV storage for TPM and
etc)
is implemented via PlatformTpmLib[2] which is platform specific library as its
name.
When TCG TPM library calls platform specific functions (_plat_XXX),
the bridge layer of TpmLib (TpmPlatformFunctions.c) is called, and
it dispatches to correspondant function in PlatformTpmLib[2].
+----------------------+
| Driver |
| (FtpmDxe - StMM) |
+----------------------+
|
+---------------+ +---------------+ crypto/BigInt
+-------------+
| TpmLib | ------------------> | TCG TPM Lib |
-----------------------> | Openssl |
+---------------+ +---------------+ |
+-------------+
|
|
|
|
+--------------------------------+
+-----------------------------+
| PlatformTpmLib | <---------------- | Platform
Layer |
| (via TpmPlatformFunctions.c | | (via
TpmPlatformFunctions.c)|
+--------------------------------+
+-----------------------------+
Open to discuss
===============
Since TCG TPM 2.0 Reference Library[1]:
- Depend on openssl library using openssl header directly.
- Use standard header files (e.x) stdio.h, stdlib.h and etc.
- Use stadard functions (e.x) memcpy, memset, malloc and etc.
TpmLib is located in CryptoPkg to use openssl and
CrtWrapper defined in CryptoPkg.
However, this makes TpmLib locate in improper place
(It might be good to locate at SecurityPkg).
Futhermore, if new submodule requires the CrtWrapper or
implmented tightly with openssl, There's no other choice to
locate it into CryptoPkg in current edk2 structure.
If TpmLib is still fine to locate CryptoPkg, I'll keep this in there.
However, It could be a *bad example* for a submodule to be added
in the future which tighly coupled with openssl though
it's not related to "CryptoPkg".
To solve this, I think it would be good:
- Make the CrtWrapper as a independent Library.
so that it could be used to submodule build.
- Make the openssl as independent package with
its header file (openssl/xxx) can be used to submodule build.
But, I'm not sure this would be good.
Also, I wonder how to settle TpmLib properly.
If it's still fine to locate in CryptoPkg, it doesn't matter
But, some additional works're required
I'm not sure I should wait for them to be finished and rebase it
or at first move the TpmLib to "edk2-platform" and move it to edk2
after finish some additional works.
Thank you for reading through this lengthy email.
I welcome any feedback or suggestions you may have.
References
===============
[0] https://github.com/tianocore/edk2/pull/11851
[1] https://github.com/TrustedComputingGroup/TPM
[2] https://github.com/tianocore/edk2-platforms/pull/919
[3] https://developer.arm.com/documentation/den0138/latest/
[4] https://elixir.bootlin.com/linux/v6.18/source/drivers/char/tpm/tpm_crb_ffa.c
--
Sincerely,
Yeoreum Yun
IMPORTANT NOTICE: The contents of this email and any attachments are
confidential and may also be privileged. If you are not the intended recipient,
please notify the sender immediately and do not disclose the contents to any
other person, use it for any purpose, or store or copy the information in any
medium. Thank you.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#121718): https://edk2.groups.io/g/devel/message/121718
Mute This Topic: https://groups.io/mt/116726929/21656
Group Owner: [email protected]
Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
