Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp92104rwd; Mon, 12 Jun 2023 10:29:34 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5a2hrFIJgGaNDLCXJgQ31DgbHVVTbULnSZuFfUROhYXjmRxWr1aq4BNxS2/kC/7GrbOpTe X-Received: by 2002:a17:90a:7acc:b0:259:548b:d385 with SMTP id b12-20020a17090a7acc00b00259548bd385mr8865428pjl.3.1686590974553; Mon, 12 Jun 2023 10:29:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686590974; cv=none; d=google.com; s=arc-20160816; b=U78t7ZrHY4oWuV+iZM6uFzkGh7fPOs11trUA/52Ctib9N+sfSIUNjPwFAol07GfRvp MoMhwLLQC8RZwl/etCjKz+Rx8aOjZ4LFiFUq7GX6xY0MJUl4hguHP+ZP4Quc3lO9ICc9 MHMJKEg9jZIfOulLMTF4uzymNncLycrycQpm5T2ZTSWzIKHUbKHVNoyv4MvHdpVxOjTH +P8I4pzw543g1ZJV4g3GyXqe9mmlq+b8gWQo83boeuaGXE8NOOHibsyupWxc8J7pGgDB VvlCjLXfT86IXZV/Va4NtkgX7PNFakAE4MwSVDVw1tYEGmiE/t/m3yQsCF2ePqUs0CLc ChVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=oZ/IrEjFcCV2x/CivdwBWaEryH9Wc7q/asiFBrPanUc=; b=0vRRpigvL4WMZqEzZ/W5jknA6Y0YTLGSN3x7L3s03Hs9SgoawBObNLl/vpx9IBGVHK fTwA2rLJE0SLkwHRQeepusNRHJL3fOR2ROE8Ikgg7MAgt0LXdh4GaHARVYWP/yYIRmlf XQfbNyGjlj5I3dpaEpn58xfyeqODByoo3cBGm5odyhsl19LyzzpJrgZySqr4NxHbwi69 6tiD068D9lXJGFsxxZuKvgSffhmjfhPCrPDhFUNHBUmEKNQl8FxaL/Uz2y/VbZBJwLqX yKpyQycgC+qXAREGMtxailLh9Zq6Snc5DXzvvGWYIJFOLrBwL9Gpubm/1sYk2+o9zwAU H6nQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=pdd96pl8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l4-20020a17090a384400b0025bfcf82dffsi714248pjf.82.2023.06.12.10.29.20; Mon, 12 Jun 2023 10:29:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=pdd96pl8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234805AbjFLRHE (ORCPT + 99 others); Mon, 12 Jun 2023 13:07:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52536 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232979AbjFLRHB (ORCPT ); Mon, 12 Jun 2023 13:07:01 -0400 Received: from mail-wm1-x32a.google.com (mail-wm1-x32a.google.com [IPv6:2a00:1450:4864:20::32a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 92E7110C9 for ; Mon, 12 Jun 2023 10:06:57 -0700 (PDT) Received: by mail-wm1-x32a.google.com with SMTP id 5b1f17b1804b1-3f7e7fc9fe6so45933485e9.3 for ; Mon, 12 Jun 2023 10:06:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1686589616; x=1689181616; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=oZ/IrEjFcCV2x/CivdwBWaEryH9Wc7q/asiFBrPanUc=; b=pdd96pl8DNCim3cK0vMZGWh18h572HgJCXrkFdWt47XV6bDajZB8GjYgHMFtouiwja gsjhT1WKucS/dsrwPMLnv4yPJDf8uIdgHCSSfnY90fafkGvFhdOM8T6wLeGl1bli/UB6 HyrplWjoYLAfnzNCJRitiRQRxllL/aeLhXkAuyEfthBfO2xVnlS8umjMZqCpq9As6dYK wIIxPlOeFmNnc2z37nfX00WvtrwEEaTJwMg432e8f9QZ8p8qkmuQR/+joF/cxkipwIwQ FF57GYv1kDM4xxNPUUp2q3fOsFqH2eYZ2Wu4foCZmOwGWjGeN3Qw55saAkl+Eldzltxp 6QNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686589616; x=1689181616; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=oZ/IrEjFcCV2x/CivdwBWaEryH9Wc7q/asiFBrPanUc=; b=LxmDFSUH2lTTrRrp5aXThIMbqHpSic1Q6BEI6UJlKDyls17+lyD/HHG9vUYzNzr0ig llAEKAiiJrYPdUd3Vq/LUR4gOTeMqgA1wX3TN+DLNOGieww9Ll1phAY/nhF/OV5N1JHl 1e9iBf+723wdGy+nWLrRmeZfCza9RZryX85Z6Gk0iUGgmpLS8snP1UVGe9XL8wCd9pMX agTE9pU9JW49PHbHDw2JCJNJG4U8hZLE81KxYAfpU9jq3FCYS7F8yD5919ITLeh9IoCT bW3gDRxb4KfnN/XGs1JHhTP3VjAebTbh+kjN4nuXzrcikd6hFjiOLjSznqjv99Ix4n1p d4Mg== X-Gm-Message-State: AC+VfDyK4yMbItjvbkw3esxrff/sqhNdB49aecpECYlKPuivDZjLNrwr P96WUaf8bSxY9QMo2X7WAO3yD+/R5cPSTEA0RhtZvw== X-Received: by 2002:a7b:c8c4:0:b0:3f6:6da:3ad1 with SMTP id f4-20020a7bc8c4000000b003f606da3ad1mr7776351wml.34.1686589615908; Mon, 12 Jun 2023 10:06:55 -0700 (PDT) MIME-Version: 1.0 References: <20220405093759.1126835-1-alex.bennee@linaro.org> <20230531191007.13460-1-shyamsaini@linux.microsoft.com> In-Reply-To: From: Jens Wiklander Date: Mon, 12 Jun 2023 19:06:45 +0200 Message-ID: Subject: Re: [PATCH v2 0/4] rpmb subsystem, uapi and virtio-rpmb driver To: "alex.bennee@linaro.org" Cc: Ilias Apalodimas , Sumit Garg , "Zhu, Bing" , Shyam Saini , "code@tyhicks.com" , "Matti.Moell@opensynergy.com" , "arnd@linaro.org" , "hmo@opensynergy.com" , "joakim.bech@linaro.org" , "linux-kernel@vger.kernel.org" , "linux-mmc@vger.kernel.org" , "linux-scsi@vger.kernel.org" , "maxim.uvarov@linaro.org" , "ruchika.gupta@linaro.org" , "Winkler, Tomas" , "ulf.hansson@linaro.org" , "Huang, Yang" , "op-tee@lists.trustedfirmware.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Alex, On Fri, Jun 2, 2023 at 10:26=E2=80=AFAM Ilias Apalodimas wrote: > > On Thu, 1 Jun 2023 at 08:49, Sumit Garg wrote: > > > > On Thu, 1 Jun 2023 at 11:02, Ilias Apalodimas > > wrote: > > > > > > Hi Bing > > > > > > On Thu, 1 Jun 2023 at 04:03, Zhu, Bing wrote: > > > > > > > > As an alternative, Is it possible to change ftpm design not to depe= nd on RPMB access at the earlier/boot stage? Because to my understanding, t= ypically PCRs don't require persistent/NV storage (for example, before RPMB= or tee-supplicant is ready, use TEE memory instead as temporary storage) > > > > > > I am not entirely sure this will solve our problem here. You are > > > right that we shouldn't depend on the supplicant to extend PCRs. But > > > what happens if an object is sealed against certain PCR values? We > > > are back to the same problem > > > > +1 > > > > Temporary storage may be a stop gap solution for some use-cases but > > having a fast path access to RPMB via kernel should be our final goal. > > I would suggest we start small with the MMC subsystem to expose RPMB > > access APIs for OP-TEE driver rather than a complete RPMB subsystem. > > I discussed with the OP-TEE maintainers about adding parts of the > supplicant in the kernel. The supplicant 'just' sends an ioctl to > store/read stuff anyway. So it would make sense to have a closer and > see if that looks reasonable. > Thanks I was trying to create a setup to test this. I've added the kernel patches on top of https://github.com/linaro-swg/linux/tree/optee. The QEMU branch is a bit dated and I had to add 3a845a214b42 target/arm: allow setting SCR_EL3.EnTP2 when FEAT_SME is implemented d4a7b0ef1a03 hw/arm/boot: set CPTR_EL3.ESM and SCR_EL3.EnTP2 when booting Linux with EL3 9745a003f878 hw/intc/arm_gicv3: fix prio masking on pmr write beeec926d24a target/arm: mark SP_EL1 with ARM_CP_EL3_NO_EL2_KEEP on top of that branch to be able to boot to the Linux kernel. I have the vhost-user-rpmb process running and connected with QEMU, but around (guessing really) when the RPMB subsystem is initializing the process dies with: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Vhost user message =3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Request: VHOST_USER_SET_VRING_ADDR (9) Flags: 0x1 Size: 40 vhost-user-rpmb-INFO: 18:58:08.312: vrpmb_process_msg: msg VHOST_USER_SET_VRING_ADDR(9) vhost_vring_addr: index: 0 flags: 0 desc_user_addr: 0x00007ff15fa91000 used_user_addr: 0x00007ff15fa91080 avail_user_addr: 0x00007ff15fa91040 log_guest_addr: 0x0000000041c91080 Setting virtq addresses: vring_desc at (nil) vring_used at (nil) vring_avail at (nil) (vhost-user-rpmb:3236474): vhost-user-rpmb-CRITICAL **: 18:58:08.312: Invalid vring_addr message Among other options, I'm starting QEMU with -machine virt,secure=3Don,mte=3Doff,gic-version=3D3,virtualization=3Dfalse to enable the secure world. Do you have an idea of what might be wrong? Where should I start looking? Thanks, Jens > > /Ilias > > > > > -Sumit > > > > > > > > Thanks > > > /Ilias > > > > > > > > Bing > > > > > > > > IPAS Security Brown Belt (https://www.credly.com/badges/69ea809f-3a= 96-4bc7-bb2f-442c1b17af26) > > > > System Software Engineering > > > > Software and Advanced Technology Group > > > > Zizhu Science Park, Shanghai, China > > > > > > > > -----Original Message----- > > > > From: Shyam Saini > > > > Sent: Thursday, June 1, 2023 3:10 AM > > > > To: alex.bennee@linaro.org > > > > Cc: code@tyhicks.com; Matti.Moell@opensynergy.com; arnd@linaro.org;= Zhu, Bing ; hmo@opensynergy.com; ilias.apalodimas@lina= ro.org; joakim.bech@linaro.org; linux-kernel@vger.kernel.org; linux-mmc@vge= r.kernel.org; linux-scsi@vger.kernel.org; maxim.uvarov@linaro.org; ruchika.= gupta@linaro.org; Winkler, Tomas ; ulf.hansson@lin= aro.org; Huang, Yang ; sumit.garg@linaro.org; jens.wi= klander@linaro.org; op-tee@lists.trustedfirmware.org > > > > Subject: [PATCH v2 0/4] rpmb subsystem, uapi and virtio-rpmb driver > > > > > > > > Hi Alex, > > > > > > > > [ Resending, Sorry for the noise ] > > > > > > > > Are you still working on it or planning to resubmit it ? > > > > > > > > [1] The current optee tee kernel driver implementation doesn't work= when IMA is used with optee implemented ftpm. > > > > > > > > The ftpm has dependency on tee-supplicant which comes once the user= space is up and running and IMA attestation happens at boot time and it re= quires to extend ftpm PCRs. > > > > > > > > But IMA can't use PCRs if ftpm use secure emmc RPMB partition. As o= ptee can only access RPMB via tee-supplicant(user space). So, there should = be a fast path to allow optee os to access the RPMB parititon without waiti= ng for user-space tee supplicant. > > > > > > > > To achieve this fast path linux optee driver and mmc driver needs s= ome work and finally it will need RPMB driver which you posted. > > > > > > > > Please let me know what's your plan on this. > > > > > > > > [1] https://optee.readthedocs.io/en/latest/architecture/secure_stor= age.html > > > > > > > > Best Regards, > > > > Shyam