[v2] sd: Add RPMB emulation to eMMC model

[PATCH v2 0/8] sd: Add RPMB emulation to eMMC model

Posted by Jan Kiszka 3 weeks, 6 days ago

Changes in v2 [1]:
 - handle write counter expiry
 - assert() availability of QCRYPTO_HASH_ALGO_SHA256
 - add missing SPDX-License-Identifier

This closes an old gap in system integration testing for the very
complex ARM firmware stacks by adding fairly advanced Replay Protected
Memory Block (RPMB) emulation to the eMMC device model. Key programming
and message authentication are working, so is the write counter. Known
users are happy with the result. What is missing, but not only for RPMB-
related registers, is state persistence across QEMU restarts. This is OK
at this stage for most test scenarios, though, and could still be added
later on.

What can already be done with it is demonstrated in the WIP branch of
isar-cip-core at [2]: TF-A + OP-TEE + StandaloneMM TA + fTPM TA, used by
U-Boot and Linux for UEFI variable storage and TPM scenarios. If you
want to try: build qemu-arm64 target for trixie with 6.12-cip *head*
kernel, enable secure boot and disk encryption, then run

$ QEMU_PATH=/path/to/qemu-build/ ./start-qemu.sh

Deploy snakeoil keys into PK, KEK and db after first boot to enable
secure booting:

root@demo:~# cert-to-efi-sig-list PkKek-1-snakeoil.pem PK.esl
root@demo:~# sign-efi-sig-list -k PkKek-1-snakeoil.key -c PkKek-1-snakeoil.pem PK PK.esl PK.auth
root@demo:~# efi-updatevar -f PK.auth db
root@demo:~# efi-updatevar -f PK.auth KEK
root@demo:~# efi-updatevar -f PK.auth PK

Note that emulation is a bit slow in general, and specifically the
partition encryption on first boot is taking 20 min. - we should
probably reduce its size or understand if there is still something to
optimize.

Jan

[1] https://github.com/siemens/qemu/commits/queues/emmc/
[2] https://gitlab.com/cip-project/cip-core/isar-cip-core/-/commits/wip/qemu-rpmb

Cc: "Daniel P. Berrangé" <berrange@redhat.com>

Jan Kiszka (8):
  hw/sd/sdcard: Fix size check for backing block image
  hw/sd/sdcard: Add validation for boot-partition-size
  hw/sd/sdcard: Allow user-instantiated eMMC
  hw/sd/sdcard: Refactor sd_bootpart_offset
  hw/sd/sdcard: Add basic support for RPMB partition
  crypto/hmac: Allow to build hmac over multiple
    qcrypto_gnutls_hmac_bytes[v] calls
  hw/sd/sdcard: Handle RPMB MAC field
  scripts: Add helper script to generate eMMC block device images

 crypto/hmac-gcrypt.c   |   4 +-
 crypto/hmac-glib.c     |   4 +-
 crypto/hmac-gnutls.c   |   4 +-
 crypto/hmac-nettle.c   |   4 +-
 hw/sd/sd.c             | 314 ++++++++++++++++++++++++++++++++++++++---
 hw/sd/sdmmc-internal.h |  24 +++-
 hw/sd/trace-events     |   2 +
 include/crypto/hmac.h  |  12 ++
 scripts/mkemmc.sh      | 186 ++++++++++++++++++++++++
 9 files changed, 532 insertions(+), 22 deletions(-)
 create mode 100755 scripts/mkemmc.sh

-- 
2.43.0

Re: [PATCH v2 0/8] sd: Add RPMB emulation to eMMC model

Posted by Philippe Mathieu-Daudé 3 weeks, 5 days ago

Hi Jan,

On 1/9/25 07:56, Jan Kiszka wrote:

> Jan Kiszka (8):
>    hw/sd/sdcard: Fix size check for backing block image
>    hw/sd/sdcard: Add validation for boot-partition-size

>    hw/sd/sdcard: Refactor sd_bootpart_offset

>    crypto/hmac: Allow to build hmac over multiple
>      qcrypto_gnutls_hmac_bytes[v] calls
I'm queuing the 4 reviewed preparatory patches to alleviate
your series (and keep the RPMB patches in my TOREVIEW folder
-- no objection so far, I just need more testing time).

Regards,

Phil.

Re: [PATCH v2 0/8] sd: Add RPMB emulation to eMMC model

Posted by Jan Kiszka 3 weeks, 5 days ago

On 01.09.25 22:58, Philippe Mathieu-Daudé wrote:
> Hi Jan,
> 
> On 1/9/25 07:56, Jan Kiszka wrote:
> 
>> Jan Kiszka (8):
>>    hw/sd/sdcard: Fix size check for backing block image
>>    hw/sd/sdcard: Add validation for boot-partition-size
> 
>>    hw/sd/sdcard: Refactor sd_bootpart_offset
> 
>>    crypto/hmac: Allow to build hmac over multiple
>>      qcrypto_gnutls_hmac_bytes[v] calls
> I'm queuing the 4 reviewed preparatory patches to alleviate
> your series (and keep the RPMB patches in my TOREVIEW folder
> -- no objection so far, I just need more testing time).
> 

As Alex had one useful proposal for patch 2 - should I patch that on top
then?

Jan

-- 
Siemens AG, Foundational Technologies
Linux Expert Center

Re: [PATCH v2 0/8] sd: Add RPMB emulation to eMMC model

Posted by Philippe Mathieu-Daudé 3 weeks, 5 days ago

On 2/9/25 13:42, Jan Kiszka wrote:
> On 01.09.25 22:58, Philippe Mathieu-Daudé wrote:
>> Hi Jan,
>>
>> On 1/9/25 07:56, Jan Kiszka wrote:
>>
>>> Jan Kiszka (8):
>>>     hw/sd/sdcard: Fix size check for backing block image
>>>     hw/sd/sdcard: Add validation for boot-partition-size
>>
>>>     hw/sd/sdcard: Refactor sd_bootpart_offset
>>
>>>     crypto/hmac: Allow to build hmac over multiple
>>>       qcrypto_gnutls_hmac_bytes[v] calls
>> I'm queuing the 4 reviewed preparatory patches to alleviate
>> your series (and keep the RPMB patches in my TOREVIEW folder
>> -- no objection so far, I just need more testing time).
>>
> 
> As Alex had one useful proposal for patch 2 - should I patch that on top
> then?

Already taken care of ;)
https://lore.kernel.org/qemu-devel/20250902131016.84968-31-philmd@linaro.org/