Patch Set 1:

Patch Set 1:

Patch Set 1:

Patch Set 1:

Patch Set 1:

Patch Set 1:

Patch Set 1:

@Subrata I tried to test this but miserably failed :D I have an unfused/uncommited SoC here. The main problem seems to be that I don't know how to create a valid Manifest.

My understanding of the process is:

  • Build coreboot bios region image
  • Create a manifest and import it to the image using the Manifest Extension Utility
  • Sign the manifest with the MEU
  • Set the bootguard policy in FIT and add the pubkey hash
  • add the signed bios image
  • Build the final image with FIT

Can you confirm/correct this, please?

In summary, BtGuard role is to verify IBB (code which initializes memory), load it into NEM and pass control to Coreboot entry point.

1)Coreboot needs to define which CBFS's constitutes IBB. bootblock, fsp-m, verstage, romstage, etc ?
2)We need to create FIT table with Type 7 entry and include those CBFS's. FIT spec is here (https://www.intel.com/content/dam/www/public/us/en/documents/guides/fit-bios-specification.pdf).
3)We need to invoke Intel BpmGen tool to create BtGuard Policy Manifest(BPM) and BtGuard Key Manifests(KM).
BpmGen tool will use above FIT table to create BPM which will contain the cumulative hash of IBB. KM will contain the hash of key which is used for signing BPM.
4)Build the final image using FIT and set appropriate BtGuard policy and the hash of the public key which was used for signing KM.

Thanks to 9elements 1) and 2) are already done if you enable Intel TXT.
3) Should be easy to implement in coreboot if there'd be some public spec.

Unfortunately, I am not aware of if there are any public specs which provides BPM/KM details.
Although, Slimboot code does contain the definitions of those data structures.
https://github.com/slimbootloader/slimbootloader/blob/5e10bd1e0761c7581d923368e4d2223f11b468a2/Silicon/CoffeelakePkg/Library/BootGuardLib/BootGuardTpmEventLogLib.c

Got it but then why isn't the document disclosed publicly. I mean the most stuff is already disclosed by slimmbootloader right ?

Also, can Intel test our CAR changes and give us feedback if Boot Guard works with it?

Well, for APL there is some document out there which describes how to enable BG with the MEU and FIT tool. For Skylake MEU does not provide signing, so there must be some other tool... but I couldn't find anything :/

@Michael : For SKL BtG enablement, you need access to BpmGen tool. Please request from your Intel rep.

So Intel wants us to a) have a proprietary blob in coreboot b) implement an opensource alternative but doesn't provide a way for testing? Well, then let's choose option c) drop FSP-T and do not implement BootGuard due to missing testing abilities.

View Change

To view, visit change 36682. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Ifac5267f8f4b820a61519fb4a497e2ce7075cc40
Gerrit-Change-Number: 36682
Gerrit-PatchSet: 1
Gerrit-Owner: Arthur Heymans <arthur@aheymans.xyz>
Gerrit-Reviewer: Aaron Durbin <adurbin@chromium.org>
Gerrit-Reviewer: Amol N Sukerkar <amol.n.sukerkar@intel.com>
Gerrit-Reviewer: Arthur Heymans <arthur@aheymans.xyz>
Gerrit-Reviewer: Julius Werner <jwerner@chromium.org>
Gerrit-Reviewer: Nico Huber <nico.h@gmx.de>
Gerrit-Reviewer: Patrick Rudolph <siro@das-labor.org>
Gerrit-Reviewer: Sachin Agrawal <sachin.agrawal@intel.com>
Gerrit-Reviewer: Subrata Banik <subrata.banik@intel.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-CC: Michael Niewöhner
Gerrit-CC: Patrick Rudolph <patrick.rudolph@9elements.com>
Gerrit-CC: Paul Menzel <paulepanter@users.sourceforge.net>
Gerrit-CC: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Gerrit-Comment-Date: Fri, 15 Nov 2019 21:57:48 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment