1

I feel very stupid asking this question, since originally I thought that I just have to enable a config statement and afterwards it runs smoothly. But I do not find the correct settings.

I have an embedded system and build a rootfs, linux kernel, u-boot, etc. using builtroot.

Now I want to implement remote attestation. Therefore I want the different steps during the boot process to extend the pcrs of my TPM 2.0 with the hash values of the next step.

I can run commands on the TPM using tpm2-tools when the system is booted.

I thought that u-boot, the kernel, etc. all got their tpm driver, so it should not be a problem for them to extend the pcr.

But how do I enable this?

Thank you so much for your answer.

alzeha
  • 31
  • 4
  • How do you enable what specifically? In order to use the TPM for attestation it will have to be enabled, owned and provisioned. Then all systems components will have to work with one another for integrity measurements. As it stands the question is way too broad. – mnistic Nov 22 '19 at 02:05
  • The TPM is owned and stuff. As I said, I can use it after boot without complication. But I would like to have this chain of trust. For this I need to say something like "Hey u-boot, pleasure measure the kernel and extend the pcr no ... with the measured value" But I do not see how this is possible... – alzeha Nov 22 '19 at 11:23
  • Has it also been provisioned with [AK and appropriate certs](https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-v2.0-Provisioning-Guidance-Published-v1r1.pdf)? The BIOS will need to perform its measurements before the bootloader handoff (see Table 1 [here](https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-v2.0-Provisioning-Guidance-Published-v1r1.pdf)). Then you can start looking for a compatible bootloader, maybe u-boot is not it? AFAIK Trusted Grub does not support TPM 2.0... – mnistic Nov 22 '19 at 14:12
  • there is a driver for TPMs in u-boot. I thought this was for this purpose? – alzeha Nov 23 '19 at 07:54
  • There may be a driver but it doesn't look like it's extending any integrity measurements. You may have to implement that yourself if you want to stay with u-boot. – mnistic Nov 23 '19 at 12:56
  • Ah ok, that's a shame :( But thank you very much for your work... – alzeha Nov 25 '19 at 09:28
  • You can extend PCRs from U-Boot, use the pcr_extend command. – Thomas Petazzoni Nov 28 '19 at 10:45
  • Yeah, thats what the driver is able to do, but how to measure the kernel (in a secure way) and ensure that the correct value is sent to the TPM? I think the implementation of this should be done by a real pro on this and not by someone who just plays around... Or? – alzeha Nov 29 '19 at 11:23

1 Answers1

2

I answer my question by myself in case there is someone with a similar problem.

The problem is solved by creating a U-Boot patch. To boot the operating system, uBoot run several steps. These are extended by my patch.

I copy the rootfs into memory, hash over it and extend a pcr with it. The following commands are needed:

$ tpm2 init // init the tpm
$ tpm2 start TPM2_SU_CLEAR // start the tpm
$ mmc read $loadaddr 0x800 0x80000 //read your rootfs 
$ hash sha256 $loadaddr *0x10000000 // hash over it 
$ tpm2 pcr_extend 4 0x10000000 // extend a pcr with the hashed value

Hopefully someone find it helpful. In case you find an error pls comment.

EDIT: added missing asterisk

alzeha
  • 31
  • 4