From patchwork Fri Jun 14 12:14:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilias Apalodimas X-Patchwork-Id: 804152 Delivered-To: patch@linaro.org Received: by 2002:a5d:6545:0:b0:35b:5a80:51b4 with SMTP id z5csp278362wrv; Fri, 14 Jun 2024 05:14:20 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVfZpB1E3BDtWEy3AbJ3KkqMm8xr79brgeJt9x85L6oiKu/6Zgj/fplYhqVgM9dFXiO6g/w2FPbqxmH+IyxhXdP X-Google-Smtp-Source: AGHT+IG1JkVU1wR9iLSyhDfJnenOWESiv07g3JS/w0al9l//1R17c07z8AJw9lAqFXHYJ/JWzWw2 X-Received: by 2002:a17:906:2e94:b0:a6e:d339:c09c with SMTP id a640c23a62f3a-a6f60dc50dfmr199381466b.48.1718367259870; Fri, 14 Jun 2024 05:14:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1718367259; cv=none; d=google.com; s=arc-20160816; b=pQLUyIu6WOUivpham6FBfXhzGo6i6OmvMqA79wBmm1p42mr0YcSsG1a3JbgjdwQxuL ze11VvjWv6uKMwoLL/z9nDuFpcg/c3EDabhZFbyLI4gPY4n9vxtFy62JvLQ1/2vDP9xi acEbWAUhiX7NVxQPe6nSK2TrxaGoStf+exylbBDNdRIm23x9w6b0f3OLqXH6aAxJH7ED o5Q1VHjSUxAYtnuhd/ITMbD38ejG3EAM8JDdo1FOZhPRhC0cwrytdcubFJC6VMXnAGAg LrRrmAD9aaFe9J9ddFo4+usC63ZQoPVNCncOwBFL2E4Wk96SPPVAWZdcD2cgbWT6YvEb BAUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature; bh=xK7vL0jPjFD9RiwkpQoc1PmvMEUlR7DyBTLQ20rsSc4=; fh=zyMpFNWdCAGPvSD4DdOr/CkEcXPgX1r0n7h2eDLCNII=; b=cI9Rp5KKkbZRjufQzzAJOaiab5jfV/aBJPwv8QMGSt/SbrN1rIqYZnmQX97xm2ZE6e mIfoRAFz+j8e6+BCeC4wN06oQM+KFi2WAXe1H7zAwj806k26CkRliCt2ba18Fgnfzd0/ zKPaaZWPedwMFLXMgDxBiTediR6nEepIg7s5FUyR02zdp7DvVEaZ3YqQ0E9zD/Az35R3 Xx2t9PkGDruvxj5dUPeKIU+FtZuvAnJnIqb4iaKjp6ngcxJfk5ylzDrbze8fd/H/TT0C Tvb6KYCRa6VJpiBFrT5ez+QDXZZ+uJBb6dqIBpCaZPgeQ8M1e7lIsBe6xb4DVkf4p/ba hXGQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ZqrcZ8nS; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id a640c23a62f3a-a6f56e25b17si166702466b.700.2024.06.14.05.14.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jun 2024 05:14:19 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ZqrcZ8nS; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id DD08888897; Fri, 14 Jun 2024 14:14:18 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="ZqrcZ8nS"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 8D32F8891B; Fri, 14 Jun 2024 14:14:17 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com [IPv6:2a00:1450:4864:20::32b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 2AABE881BF for ; Fri, 14 Jun 2024 14:14:15 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wm1-x32b.google.com with SMTP id 5b1f17b1804b1-4218180a122so15280655e9.1 for ; Fri, 14 Jun 2024 05:14:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1718367254; x=1718972054; darn=lists.denx.de; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=xK7vL0jPjFD9RiwkpQoc1PmvMEUlR7DyBTLQ20rsSc4=; b=ZqrcZ8nSqaOyVAaf4vSgTZLlU5IwZVYXweZNaDYemPrGlbULsYKTw/buYa3yXTj24U sX4RRJufgfDyYrti6GAyhu7jAjlv+4gOoCqR97WMbwrP411rO/FAgVupXOtR37kYOcgA MTSC4Adxlzs077q6SWcuW5x+8GcyErdGlFzM/4tm+KJ5XeRH1sBK9Er9Ag/GSuefKf9v WfwFHS0S6vN9bQzPJ+CTB3r3OXohWC1070qwj1Vdoi3lSdWL3FKkX4NGmZLl02L6QF1L KGS9oBWPqhFH0rzSEaB2As7N8sLuf8Slxr7me7aF+BjkKKNqCdGZlBIjHdaQero8M3JH t7dQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718367254; x=1718972054; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=xK7vL0jPjFD9RiwkpQoc1PmvMEUlR7DyBTLQ20rsSc4=; b=Z6wrNHOTeHFi3w4WnCskQIXLCZUufVb0v1DQNnxJie9+KVy+A7glufvIMz2THnW03D pMzQkV1hcG4lCmA0xxtnuEYbwCE8/TW+nS0t1DzZ/ARIqX2TUB6MC21siTWdYgIrjMBX LsR2T6/sTqbwlkoeQKCT0yT0RduIFY4hezv+9OytKvv/M90viWw/jppXnSvM1JjXddw+ chpQzgnBLujyogAKW9FfGf8TZzQbWZX7ZXF0AzOCdHE23FO+x3z/rGW+aKJWBnSQK5jF FXfEc5IYW3LCeOW9ZiYKKw9hBtKVh1r+aubNHBB8y2CGbkAdBzwl4Ql9jvzsis1kZo3B L/JQ== X-Forwarded-Encrypted: i=1; AJvYcCUlq2gWblz/v4cFlPpeNZzIfCJ4uprlNc7lxB2+bwaCiEc6nVNXWSPJTp9WpWN6emtKNVnoIrFcGUxWfxzaV95t4r1X0Q== X-Gm-Message-State: AOJu0YzLsG4c1CM7y9NyosFQ2YoaCYaXNL1xaqptRKjRSpuNKklMcdwt 48d5xF8v9WvIDDZvCXVATiyjAw3IVFe5s32PmZgqZZspD/KCPJBj7r6naKyb7Aw= X-Received: by 2002:a05:600c:33a2:b0:421:5597:ea27 with SMTP id 5b1f17b1804b1-42304828e19mr26842485e9.22.1718367254486; Fri, 14 Jun 2024 05:14:14 -0700 (PDT) Received: from localhost.localdomain (ppp046103020130.access.hol.gr. [46.103.20.130]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-422f61280f6sm59261255e9.27.2024.06.14.05.14.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jun 2024 05:14:13 -0700 (PDT) From: Ilias Apalodimas To: xypron.glpk@gmx.de Cc: Ilias Apalodimas , Tom Rini , Simon Glass , Eddie James , u-boot@lists.denx.de Subject: [PATCH v2] doc: describe UEFI measured boot Date: Fri, 14 Jun 2024 15:14:03 +0300 Message-ID: <20240614121404.16952-1-ilias.apalodimas@linaro.org> X-Mailer: git-send-email 2.45.1 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean We currently only describe the process to enable measured boot using bootm. Describe the UEFI requirements as well which predate bootm. Signed-off-by: Ilias Apalodimas --- Changes since v1: - fixed remarks from Heinrich on titling and DTB measured PCR doc/usage/measured_boot.rst | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) -- 2.45.1 diff --git a/doc/usage/measured_boot.rst b/doc/usage/measured_boot.rst index 9691904a9d8a..b5f7b05aeb02 100644 --- a/doc/usage/measured_boot.rst +++ b/doc/usage/measured_boot.rst @@ -7,19 +7,39 @@ U-Boot can perform a measured boot, the process of hashing various components of the boot process, extending the results in the TPM and logging the component's measurement in memory for the operating system to consume. +The functionality is available when booting via the EFI subsystem or 'bootm' +command. + +UEFI measured boot +------------------ +The EFI subsystem implements the `EFI TCG protocol +`_ +and the `TCG PC Client Specific Platform Firmware Profile Specification +`_ +which defines the binaries to be measured and the corresponding PCRs to be used. + +Requirements +~~~~~~~~~~~~ +* A hardware TPM 2.0 supported by an enabled U-Boot driver +* CONFIG_EFI_TCG2_PROTOCOL=y +* CONFIG_EFI_TCG2_PROTOCOL_EVENTLOG_SIZE=y +* optional CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB=y will measure the loaded DTB in PCR 1 + +Measured legacy boot with bootm command +---------------------------------------- By default, U-Boot will measure the operating system (linux) image, the initrd image, and the "bootargs" environment variable. By enabling -CONFIG_MEASURE_DEVICETREE, U-Boot will also measure the devicetree image. +CONFIG_MEASURE_DEVICETREE, U-Boot will also measure the devicetree image in PCR1. The operating system typically would verify that the hashes found in the TPM PCRs match the contents of the event log. This can further be checked against the hash results of previous boots. Requirements ------------- +~~~~~~~~~~~~ -* A hardware TPM 2.0 supported by the U-Boot drivers -* CONFIG_TPM=y +* A hardware TPM 2.0 supported by an enabled U-Boot driver +* CONFIG_TPMv2=y * CONFIG_MEASURED_BOOT=y * Device-tree configuration of the TPM device to specify the memory area for event logging. The TPM device node must either contain a phandle to