-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ftpm #7054
base: master
Are you sure you want to change the base?
Ftpm #7054
Conversation
Moves the common parts of the two make macros process-subdir-srcs-y and process-subdir-gensrcs-helper into a new macro, process-file-vars. Signed-off-by: Jens Wiklander <[email protected]>
The commit cfa34d9 ("Add support for compiling in-tree TAs") added spec-srcs and spec-out-dir for special handling of user_ta_header.c when compiling in-tree TAs. However, these variables are just as relevant for out-of-tree TAs compiled via ta/mk/ta_dev_kit.mk. So as a simplification switch to use spec-srcs and spec-out-dir in that file too. Signed-off-by: Jens Wiklander <[email protected]>
Introduce the global-incdirs_ext-y variable to deal with including header files from outside of this git (optee_os.git). Signed-off-by: Jens Wiklander <[email protected]>
Introduce two new variables srcs_ext-y and srcs_ext_base-y to deal with compiling source code outside of this git (optee_os.git). srcs_ext_base-y assigns the root directory of the external source files to compile. srcs_ext-y works as srcs-y except that it's relative to the $(srcs_ext_base-y) directory. Introduce the per source file variable oname-<file name>-y to override the default output object file name. This helps to shorten and make a more sane name for the output object file name when the source file is outside optee_os source tree, for instance, a third-party library. Signed-off-by: Jens Wiklander <[email protected]>
Import initial source from https://github.com/microsoft/ms-tpm-20-ref copy initial source code from Samples/ARM32-FirmwareTPM/optee_ta/fTPM commit e9fc7b89d865 ("Fix conflicting types for `ReadVarBytes`. (OP-TEE#102)") Signed-off-by: Jens Wiklander <[email protected]>
Import TEE crypto API wrappers from https://github.com/zeschg/ms-tpm-20-ref/ from commit ea7f4b3c3f82 ("feat: exchange wolfcrypt backend with op-tee crypto api"). Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/include/TpmProfile.h to ta/ftpm/reference/include/TpmProfile.h Source directory TPMCmd/tpm to destination directory ta/ftpm src/crypt/tee/TpmToTEEHash.c -> tee/TpmToTEEHash.c src/crypt/tee/TpmToTEEMath.c -> tee/TpmToTEEMath.c src/crypt/tee/TpmToTEESupport.c -> tee/TpmToTEESupport.c src/crypt/tee/TpmToTEESym.c -> tee/TpmToTEESym.c include/TEE/TpmToTEEMath.h -> include/TEE/TpmToTEEMath.h include/TEE/TpmToTEESym.h -> include/TEE/TpmToTEESym.h include/TEE/TpmToTEEHash.h -> include/TEE/TpmToTEEHash.h Signed-off-by: Jens Wiklander <[email protected]>
Build the in-tree fTPM TA if CFG_MS_TPM_20_REF is supplied as a non-empty path. Signed-off-by: Jens Wiklander <[email protected]>
Add TA_FLAG_DEVICE_ENUM_TEE_STORAGE_PRIVATE to TA_FLAGS to enumerate the TA once secure storage is available. Signed-off-by: Jens Wiklander <[email protected]>
Removes the redundant or invalid s_NV* declarations Signed-off-by: Jens Wiklander <[email protected]>
_plat__Fail() is declared with a __noreturn since it's guaranteed to not return, but it only calls TEE_Panic() which doesn't have the same attribute. TEE_Panic() does indeed never return so add a while(true) after the TEE_Panic() so silence the warning. Signed-off-by: Jens Wiklander <[email protected]>
Fix conflicting types for _plat__NvMemoryWrite() by adding the return type used in the declaration. _plat__NvMemoryWrite() is updated to always return TRUE since that's the expectation of success in NvWrite in TPMCmd/tpm/src/subsystem/NvReserved.c in the reference implementation (ms-tpm-20-ref). Signed-off-by: Jens Wiklander <[email protected]>
Remove the mismatching _plat__Signal_PowerOn() prototype from fTPM.h. The real prototype is in ta/ftpm/platform/include/Platform_fp.h. Signed-off-by: Jens Wiklander <[email protected]>
Remove the redefinition of TA_ALL_PARAM_TYPE() from fTPM.c, it's originally defined in ta/ftpm/include/fTPM.h. Signed-off-by: Jens Wiklander <[email protected]>
Move user_ta_header_defines.h to the common include directory for fTPM. Signed-off-by: Jens Wiklander <[email protected]>
lib/libutils/isoc/include/ctype.h already declares toupper() and tolower() so remove the redundant declarations from RuntimeSupport.h. Signed-off-by: Jens Wiklander <[email protected]>
Updates the fTPM sub.mk file to make it compile the source files. Many warnings are disabled Signed-off-by: Jens Wiklander <[email protected]>
Remove the unused file RuntimeSupport.c. Signed-off-by: Jens Wiklander <[email protected]>
Remove the now unused wolfssl crypto wrapper. Signed-off-by: Jens Wiklander <[email protected]>
Remove the now unused sub.mk files. Signed-off-by: Jens Wiklander <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Comment for the commit "ftpm: import TEE crypto API wrappers"
ta/ftpm/include/TEE/TpmToTEEHash.h
Outdated
# define tpmHashStateCopy_SHA1 memcpy | ||
# define tpmHashStateExport_SHA1 memcpy | ||
# define tpmHashStateImport_SHA1 memcpy |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will not work as intended since only a TEE_OperationHandle is stored in the hash state. We'll be copying a pointer.
The GP TEE Internal Core API doesn't have a function to import or export the hash state. That's a problem since the TPM implementation seems to depend on this.
We will most likely need to use a different implementation for hashes.
Separate TA_FTPM_UUID and the command IDs into ftpm_ta.h. Update user_ta_header_defines.h to include ftpm_ta.h instead of the old fTPM.h to minimize the include file dependencies. Set Microsoft copyright year to 2018 based on git history in the reference source. Add missing SPDX-License-Identifier and Linaro copyright. Signed-off-by: Jens Wiklander <[email protected]>
Remove TpmProfile.h overriding the version in the reference source. Adding the diverging defines via cppflags-y. The old TpmProfile.h included a few .h files not included in the reference TpmProfile.h, so add the missing includes the affected source files. Add SPDX-License-Identifier and add Linaro copyright for all modified files. Set Microsoft copyright year based on git history in the reference source. Signed-off-by: Jens Wiklander <[email protected]>
Enable SHA-384 and SHA-512 support for user TAs. Signed-off-by: Jens Wiklander <[email protected]>
Comments on the preliminary patches.
Some questions around commit "mk/subdir.mk: introduce srcs_ext-y and srcs_ext_base-y". |
Add and use hashlib wrappers for MbedTLS. Disabling ALG_SM3_256 since it's not supported by MbedTLS. Signed-off-by: Jens Wiklander <[email protected]>
Remove the now unused TEE internal core API based hashlib implementation. It was replaced since it doesn't support import and export of the hash state. Signed-off-by: Jens Wiklander <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For "ta_dev_kit.mk: use spec-srcs and spec-out-dir":
Acked-by: Jerome Forissier <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For "mk: introduce global-incdirs_ext-y":
Reviewed-by: Jerome Forissier <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For "mk/subdir.mk: introduce srcs_ext-y and srcs_ext_base-y":
Acked-by: Jerome Forissier <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I forgot to post my comments. Here they are...
mk/subdir.mk
Outdated
|
||
define process-subdir-srcs_ext-y | ||
ifneq ($(filter /%,$(1)),) | ||
$$(error Absolute path not supported for srcs_ext-y: $(1) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
closing parenthesis missing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, I'll fix.
@@ -123,9 +144,13 @@ endif | |||
# Process files in current directory | |||
$$(foreach g, $$(gensrcs-y), $$(eval $$(call process-subdir-gensrcs-y,$$(g)))) | |||
$$(foreach s, $$(srcs-y), $$(eval $$(call process-subdir-srcs-y,$$(s)))) | |||
$$(foreach s, $$(srcs_ext-y), $$(eval $$(call \ | |||
process-subdir-srcs_ext-y,$$(s),$$(firstword $$(srcs_ext_base-y))))) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do you use firstword
on external source base directory?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is the best action if srcs_ext_base-y
has more than one word? Error out or ignore it?
# $1 is local source file name | ||
# $2 is output file name | ||
# $3 is tree source file name | ||
oname-$(sm)-$3 := $$(if $$(oname-$1-y),$(out-dir)/$(base-prefix)/$$(oname-$1-y),$2) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where is oname-<file-name>-y
defined?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's supposed to be set in the sub.mk
file if used.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"mk/subdir.mk: refactor process-subdir-{srcs-y,gensrcs-helper}":
Reviewed-by: Jerome Forissier <[email protected]>
Addressing a comment. Signed-off-by: Jens Wiklander <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just few overall code import comments.
ta/ftpm/Makefile
Outdated
|
||
O ?= ../out/fTPM | ||
WOLF_ROOT := ../../../../external/wolfssl/ | ||
TPM_ROOT := ../../../../ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suppose these are just leftovers, can be dropped?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, I'll fix.
|
||
/* The TAFs ID implemented in this TA */ | ||
#define TA_FTPM_SUBMIT_COMMAND (0) | ||
#define TA_FTPM_EMULATE_PPI (1) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AFAICS, TA_FTPM_EMULATE_PPI
isn't being used from Linux kernel driver point of view. Also, it seems that Physical Presence Interface (PPI) specification currently implemented for ACPI based systems. So we should rather drop corresponding source code import until we see a real use-case upstream for OP-TEE based DT systems.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The primary target is OP-TEE based DT systems and the only thing we can realistically test for. However, I'm not so keen on removing features from fTPM since this is supposed to be the new upstream for the OP-TEE TA replacing the old deprecated location.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree and the git history of unmodified fTPM source import should be easily retrievable. The features which can't be tested and an interface is provided to normal world looks like a security concern to me. To be able to deploy fTPM for production use-cases, we really need to keep required bits enabled. At the very least you can disable this unused fTPM invoke command.
Update the fTPM Makefile to support building externally. Remove WolfSSL leftovers. Signed-off-by: Jens Wiklander <[email protected]>
Imports OP-TEE fTPM TA into optee_os/ta/ftpm folder.
Based on https://github.com/microsoft/ms-tpm-20-ref and
https://github.com/zeschg/ms-tpm-20-ref.git branch feat_add_tee_crypto
Depends on OP-TEE/build#780 and OP-TEE/manifest#293