[edk2-devel] [PATCH 0/4] ArmVirtPkg: implement measured boot for ArmVirtQemu

Ard Biesheuvel posted 4 patches 4 years, 2 months ago
Failed in applying to current master (apply log)
There is a newer version of this series
ArmVirtPkg/ArmVirtPkg.dec                            |   5 +
OvmfPkg/OvmfPkg.dec                                  |   4 +
ArmVirtPkg/ArmVirtQemu.dsc                           |  71 +++++++
ArmVirtPkg/ArmVirtQemu.fdf                           |   5 +
ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf |  15 +-
OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf             |   6 +-
ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c   | 205 +++++++++++++++++++-
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc                 |  10 +
8 files changed, 308 insertions(+), 13 deletions(-)
[edk2-devel] [PATCH 0/4] ArmVirtPkg: implement measured boot for ArmVirtQemu
Posted by Ard Biesheuvel 4 years, 2 months ago
Wire up the various existing pieces so that we can implemented measured
boot on ArmVirtQemu based on the TPM support in QEMU, just like it has
been implemented for x86 in OvmfPkg.

The main difference is that on ARM, we first need to discover the TPM base
address from the device tree provided by QEMU, as well as the PSCI method
used to perform a cold reset, so this is added to the existing implementation
of PlatformPeiLib.

The associated QEMU changes are under development in Linaro, and will be
sent out for review to the appropriate mailing list shortly.

Ard Biesheuvel (4):
  OvmfPkg/Tcg2ConfigPei: introduce a signalling PPI to depex on
  ArmVirtPkg/PlatformPeiLib: discover the TPM base address from the DT
  ArmVirtPkg/PlatformPeiLib: implement Reset2 PPI based on PSCI
  ArmVirtPkg/ArmVirtQemu: add optional support for TPM2 measured boot

 ArmVirtPkg/ArmVirtPkg.dec                            |   5 +
 OvmfPkg/OvmfPkg.dec                                  |   4 +
 ArmVirtPkg/ArmVirtQemu.dsc                           |  71 +++++++
 ArmVirtPkg/ArmVirtQemu.fdf                           |   5 +
 ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf |  15 +-
 OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf             |   6 +-
 ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c   | 205 +++++++++++++++++++-
 ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc                 |  10 +
 8 files changed, 308 insertions(+), 13 deletions(-)

-- 
2.20.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#52972): https://edk2.groups.io/g/devel/message/52972
Mute This Topic: https://groups.io/mt/69499018/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 0/4] ArmVirtPkg: implement measured boot for ArmVirtQemu
Posted by Laszlo Ersek 4 years, 2 months ago
On 01/07/20 10:47, Ard Biesheuvel wrote:
> Wire up the various existing pieces so that we can implemented measured
> boot on ArmVirtQemu based on the TPM support in QEMU, just like it has
> been implemented for x86 in OvmfPkg.
> 
> The main difference is that on ARM, we first need to discover the TPM base
> address from the device tree provided by QEMU, as well as the PSCI method
> used to perform a cold reset, so this is added to the existing implementation
> of PlatformPeiLib.
> 
> The associated QEMU changes are under development in Linaro, and will be
> sent out for review to the appropriate mailing list shortly.

We usually merge firmware patches after merging the QEMU patches. Will
that work for you in this case?

Thanks!
Laszlo

> Ard Biesheuvel (4):
>   OvmfPkg/Tcg2ConfigPei: introduce a signalling PPI to depex on
>   ArmVirtPkg/PlatformPeiLib: discover the TPM base address from the DT
>   ArmVirtPkg/PlatformPeiLib: implement Reset2 PPI based on PSCI
>   ArmVirtPkg/ArmVirtQemu: add optional support for TPM2 measured boot
> 
>  ArmVirtPkg/ArmVirtPkg.dec                            |   5 +
>  OvmfPkg/OvmfPkg.dec                                  |   4 +
>  ArmVirtPkg/ArmVirtQemu.dsc                           |  71 +++++++
>  ArmVirtPkg/ArmVirtQemu.fdf                           |   5 +
>  ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf |  15 +-
>  OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf             |   6 +-
>  ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c   | 205 +++++++++++++++++++-
>  ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc                 |  10 +
>  8 files changed, 308 insertions(+), 13 deletions(-)
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#52986): https://edk2.groups.io/g/devel/message/52986
Mute This Topic: https://groups.io/mt/69499018/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 0/4] ArmVirtPkg: implement measured boot for ArmVirtQemu
Posted by Ard Biesheuvel 4 years, 2 months ago
On Tue, 7 Jan 2020 at 12:55, Laszlo Ersek <lersek@redhat.com> wrote:
>
> On 01/07/20 10:47, Ard Biesheuvel wrote:
> > Wire up the various existing pieces so that we can implemented measured
> > boot on ArmVirtQemu based on the TPM support in QEMU, just like it has
> > been implemented for x86 in OvmfPkg.
> >
> > The main difference is that on ARM, we first need to discover the TPM base
> > address from the device tree provided by QEMU, as well as the PSCI method
> > used to perform a cold reset, so this is added to the existing implementation
> > of PlatformPeiLib.
> >
> > The associated QEMU changes are under development in Linaro, and will be
> > sent out for review to the appropriate mailing list shortly.
>
> We usually merge firmware patches after merging the QEMU patches. Will
> that work for you in this case?
>

Absolutely. I am not in any kind of rush, but I had the patches ready
so I sent them out.

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#52988): https://edk2.groups.io/g/devel/message/52988
Mute This Topic: https://groups.io/mt/69499018/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-