From patchwork Thu Nov  4 10:45:45 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Masahisa Kojima <masahisa.kojima@linaro.org>
X-Patchwork-Id: 516795
Delivered-To: patch@linaro.org
Received: by 2002:ad5:5208:0:0:0:0:0 with SMTP id p8csp1774338iml;
 Thu, 4 Nov 2021 03:43:49 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyGboXMwliVCfhrVu6Q15TGoLBs5GZ9ru9Z1FdTaC7nOfKnSXFDFkSwUYqxFjnYdtmTqvl2
X-Received: by 2002:a05:6402:40c4:: with SMTP id
 z4mr3466837edb.362.1636022629075; 
 Thu, 04 Nov 2021 03:43:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1636022629; cv=none;
 d=google.com; s=arc-20160816;
 b=XUXN1YGQsHZ/hsJt/oV6wLFF+8PPsGP6wDMF8qcWgrCTE8XL/c16ThxG6tq1JTO5Sy
 /y0pYEJJhWmVTw2kZKrC2RPMXMT1qxUGL4/TjlRxTbIe6DGh3+aDd/pSY60UN3Z9uDAb
 gv0NX4Zc7Sf8mFwYZAsosf+p6agPidC8QagOcu54/ha2JQOZSK+XHkp7fRLXUwNq7Nm7
 g5koFgcXVIBVHGpAu16+HNxChGiE4pguzu4oZclqXMDgowGDJG1JLg2sPpypZDcjhQA7
 YpnlHPWwVg8sP3V5z4FB6Lti883O3YDpyTiqXvKvHk5dEWZAIFjIZD+jdzQTLZUYtPLg
 9Urw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:message-id:date:subject:cc:to
 :from:dkim-signature;
 bh=pKbyJcH7z37iccB+GLYu+bB6o5oST0/3kHZfI+s4Oc8=;
 b=fH3/ZHCKMijvtdPHs2EWf+c60sxW8ReKwWVKHiLre1EzUFUKKlDK8cazlmsQK+ziwH
 3wdRvIM9Xr7rv6A4/e7Q5aR6KJ5zHCowavFFY+MZROohW3IxHwxTMxY3CiPOuOzHybct
 cb2ZSjy678Tkk74lv49ZKaS1myLJwaZpYOCnND9a82sQhgPUV4IjD0VbTAa+KnNkx4F4
 ON/WpTkEa443kvHnLlI/pCx0NbMdbWHVn28RdF3oI8/bPzN8VSXxvUtKFuGavlFVcv1M
 k3rzp7iyfQij6OTqJMiWwvwElIX0W+dUgiDTeobVsPwvg46uVLEx3jdNWT/g84MV0bNM
 5yaQ==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=T1B+bmv1;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 85.214.62.61 as permitted sender)
 smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <u-boot-bounces@lists.denx.de>
Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61])
 by mx.google.com with ESMTPS id
 c1si6741030edw.384.2021.11.04.03.43.48
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 04 Nov 2021 03:43:49 -0700 (PDT)
Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 85.214.62.61 as permitted sender)
 client-ip=85.214.62.61; 
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=T1B+bmv1;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 85.214.62.61 as permitted sender)
 smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
 by phobos.denx.de (Postfix) with ESMTP id 847768369F;
 Thu,  4 Nov 2021 11:43:45 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key;
 unprotected) header.d=linaro.org header.i=@linaro.org
 header.b="T1B+bmv1"; dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 88D2683686; Thu,  4 Nov 2021 11:43:43 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS
 autolearn=ham autolearn_force=no version=3.4.2
Received: from mail-pg1-x532.google.com (mail-pg1-x532.google.com
 [IPv6:2607:f8b0:4864:20::532])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 94B6A83686
 for <u-boot@lists.denx.de>; Thu,  4 Nov 2021 11:43:39 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=masahisa.kojima@linaro.org
Received: by mail-pg1-x532.google.com with SMTP id p17so5074612pgj.2
 for <u-boot@lists.denx.de>; Thu, 04 Nov 2021 03:43:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id;
 bh=pKbyJcH7z37iccB+GLYu+bB6o5oST0/3kHZfI+s4Oc8=;
 b=T1B+bmv1KD6iCmju5tkEOK7mJGEDBzeOWBGwjiQkpjDyeuXHtO3srY79zwsBGs1JNc
 At6Lf4oYKeMuWIxRN1QAtePClrIGeOU+H8nTzs1eNpjjGexhBsYmJffo68vOg8xUncmq
 vTk8LLXDUeIandBRftzTm4zmaSTZ2eb5k7Hg9ysAq+4uCyRdkBADjRV7TqlOLKDd0CML
 3Br9ZCHWHusRbp7hioltoF2njDplHMzhdsQ+f2oDX08uQ69CFRxeY/X5fcIW6/UX+aIR
 FvxhhkqaNL7fAath/bjpxx+ZOsGNDZqNGeWv9bVdtTIEOFIqGs4WLQdU3ZELHnLDCOtT
 IJIQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:date:message-id;
 bh=pKbyJcH7z37iccB+GLYu+bB6o5oST0/3kHZfI+s4Oc8=;
 b=EZr51vDGcHmgWQdYcmd3Nro8aO8D8zddL1wxy7uMBPMkeCxFVTPiMU+eh+Qfhv0lKP
 BRrpf2qkmQbcRsNxhACXgE3Vyk/qFdPh5V5KgmrsXhysA/goJjoz9ynhAbyY/xwN2xCT
 p1LTLbdVmM8+l8DjLVg+A1Cg8d1jjQTPlK2uMMJrrKU9L2Hqk6oUx482S51wJyk5UtEa
 dJ/CWwk4mG0MiK7HzwcEni0H9BwzqskzLC2teLNwO6+sVi/O2rJbB+Qkc9aqRzdQ9JdD
 KDWONoBsr1LtTvhg1jyp4bTYpf1EPU/yDE41rEaFKTo3P6hhJ3jRHlSHXuGC9C9er+aS
 LN4Q==
X-Gm-Message-State: AOAM533mCNvLwXAPaobeSAgonEPMXzxt1fbEZIKNhXNLGcAd0RmobUDG
 jstthGQ7Sz3xidGcDat3u3LXaN3ZgPcRxQ==
X-Received: by 2002:a63:6302:: with SMTP id x2mr20798784pgb.5.1636022617833; 
 Thu, 04 Nov 2021 03:43:37 -0700 (PDT)
Received: from localhost.localdomain ([2400:2411:502:a100:82fa:5bff:fe4b:26b1])
 by smtp.gmail.com with ESMTPSA id
 d15sm4778547pfj.156.2021.11.04.03.43.36
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 04 Nov 2021 03:43:37 -0700 (PDT)
From: Masahisa Kojima <masahisa.kojima@linaro.org>
To: u-boot@lists.denx.de
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Ilias Apalodimas <ilias.apalodimas@linaro.org>,
 Simon Glass <sjg@chromium.org>,
 Masahisa Kojima <masahisa.kojima@linaro.org>
Subject: [PATCH v2 0/1] add selftest for EFI_TCG2_PROTOCOL and Measured Boot
Date: Thu,  4 Nov 2021 19:45:45 +0900
Message-Id: <20211104104546.13696-1-masahisa.kojima@linaro.org>
X-Mailer: git-send-email 2.17.1
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

This patch adds the selftest for the EFI_TCG2_PROTOCOL and
Measured Boot flow.
This selftest is verified on qemu with swtpm on both 32-bit arm
and arm64.

This commit adds the pre-build binary for the PE/COFF image
measurement test for each architecture. I have tested only
on 32-bit arm and arm64.
For ia32, x86_64, riscv32 and riscv64, actual selftest behavior
is not yet tested, but the expected PCR values are calculated
on arm64 environment.

This commit covers most of the functionalities, but there are some
limitations and TODO items.

[Limitation]
- Verified actual selftest behavior only on arm and arm64.
- Tcg2 selftest must run at the beginning of the efi_selftest because
  some measurement occurs in efi_tcg2_register() and boottime->image_load().
  Need to configure the efi_selftest with "setenv efi_selftest tcg2; bootefi selftest"
- Skip ExitBootService measurement test
   - EFI application can not read PCR after calling ExitBootService
- Skip EventLog Validation
   - Measured Boot measures U-Boot version, so EventLog varies every build having
     different commit hash.
- Skip PCR[0] validation
   - PCR[0] include U-Boot version measurement, this value varies every build
     having different commit hash.
- Skip PCR[7] validation
   - Secure Boot Variables can not be updated through efi_selftest.
- The initial PCR value of PCR[17 - 22] is all 0xff. I'm not sure
  it is expected or not, but at least Secure96 and swtpm has the same initial value.

[TODO]
- GPT measurement test
- Secure Boot Variable test
- Eventlog validation

Masahisa Kojima (1):
  efi_selftest: add selftest for EFI_TCG2_PROTOCOL and Measured Boot

 lib/efi_selftest/efi_miniapp_tcg2_arm.h     | 152 ++++
 lib/efi_selftest/efi_miniapp_tcg2_arm64.h   | 207 +++++
 lib/efi_selftest/efi_miniapp_tcg2_ia32.h    | 177 ++++
 lib/efi_selftest/efi_miniapp_tcg2_riscv32.h | 173 ++++
 lib/efi_selftest/efi_miniapp_tcg2_riscv64.h | 189 ++++
 lib/efi_selftest/efi_miniapp_tcg2_x86_64.h  | 178 ++++
 lib/efi_selftest/efi_selftest_tcg2.c        | 941 +++++++++++++++++++-
 7 files changed, 2016 insertions(+), 1 deletion(-)
 create mode 100644 lib/efi_selftest/efi_miniapp_tcg2_arm.h
 create mode 100644 lib/efi_selftest/efi_miniapp_tcg2_arm64.h
 create mode 100644 lib/efi_selftest/efi_miniapp_tcg2_ia32.h
 create mode 100644 lib/efi_selftest/efi_miniapp_tcg2_riscv32.h
 create mode 100644 lib/efi_selftest/efi_miniapp_tcg2_riscv64.h
 create mode 100644 lib/efi_selftest/efi_miniapp_tcg2_x86_64.h

-- 
2.17.1