erebion/coreboot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coreboot/src/security/tpm/Kconfig
Ivan Kuzneczov b5581d556b drivers/mrc_cache: Measure MRC cache as runtime data 
MRC cache used to be measured as runtime data when it was resided in
CBFS before commit 82aa8338c7 ("drivers/mrc_cache: Always generate an
FMAP region"). This patch will restore this behavior for MRC cache
stored in FMAP region outside of CBFS.

Now, MRC cache will be measured at the end of
mrc_cache_load_current(), mrc_cache_current_mmap_leak() and
update_mrc_cache_by_type(), to guarantee that a tamper with the memory
(like https://badram.eu/ ) will be detected, controlled by Kconfig
option TPM_MEASURE_MRC_CACHE.

TEST=On Ivy Bridge platforms, Empty MRC cache is not measured.
     Changing DIMM causes both the old cache and new cache being
     measured, thus the runtime data measurement is changed, which
     could be used as an alarm for memory tampering. Starting from the
     second boot after changing DIMM, the runtime data measurement
     becomes stable.

Signed-off-by: Ivan Kuzneczov <ivan.kuzneczov@hardenedvault.net>
Change-Id: I0d82642c24de1b317851d0afd44985195e92c104
Reviewed-on: https://review.coreboot.org/c/coreboot/+/85605
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@gmail.com>
2025-05-10 22:50:41 +00:00

183 lines
4.4 KiB
Text
Raw Blame History

# SPDX-License-Identifier: GPL-2.0-only
source "src/security/tpm/tss/vendor/cr50/Kconfig"
menu "Trusted Platform Module"
config NO_TPM
bool
default y if !TPM1 && !TPM2
help
No TPM support. Select this option if your system doesn't have a TPM,
or if you don't want coreboot to communicate with your TPM in any way.
(If your board doesn't offer a TPM interface, this will be the only
possible option.)
config TPM1
bool "TPM 1.2"
depends on I2C_TPM || MEMORY_MAPPED_TPM || SPI_TPM || CRB_TPM
default y if MAINBOARD_HAS_TPM1
help
Select this option if your TPM uses the older TPM 1.2 protocol.
config TPM2
bool "TPM 2.0"
depends on I2C_TPM || MEMORY_MAPPED_TPM || SPI_TPM || CRB_TPM
default y if MAINBOARD_HAS_TPM2
help
Select this option if your TPM uses the newer TPM 2.0 protocol.
config TPM
bool
default y
depends on TPM1 || TPM2
config MAINBOARD_HAS_TPM1
bool
help
This option can be selected by a mainboard to represent that its TPM
always uses the 1.2 protocol, and that it should be on by default.
config MAINBOARD_HAS_TPM2
bool
help
This option can be selected by a mainboard to represent that its TPM
always uses the 2.0 protocol, and that it should be on by default.
config TPM_DEACTIVATE
bool "Deactivate TPM (for TPM1)"
default n
depends on !VBOOT
depends on TPM1
help
Deactivate TPM by issuing deactivate command.
config DEBUG_TPM
bool "Output verbose TPM debug messages"
default n
select DRIVER_TPM_DISPLAY_TIS_BYTES if I2C_TPM
depends on TPM
help
This option enables additional TPM related debug messages.
config TPM_STARTUP_IGNORE_POSTINIT
bool
help
Select this to ignore POSTINIT INVALID return codes on TPM
startup. This is useful on platforms where a previous stage
issued a TPM startup. Examples of use cases are Intel TXT
or VBOOT on the Intel Arrandale processor, which issues a
CPU-only reset during the romstage.
config TPM_MEASURED_BOOT
bool "Enable Measured Boot"
default n
select VBOOT_LIB
depends on TPM
depends on !VBOOT_RETURN_FROM_VERSTAGE
help
Enables measured boot (experimental)
config TPM_MEASURE_MRC_CACHE
bool "Measure MRC cache"
default n
depends on TPM_MEASURED_BOOT
depends on CACHE_MRC_SETTINGS
help
Measures MRC cache as runtime data to guarantee that a
tamper with the memory will be detected. The runtime data
measurement becomes stable after the second boot after
changing DIMM.
choice
prompt "TPM event log format"
depends on TPM_MEASURED_BOOT
default TPM_LOG_TPM1 if TPM1
default TPM_LOG_TPM2 if TPM2
config TPM_LOG_CB
bool "coreboot's custom format"
help
Custom coreboot-specific format of the log derived from TPM1 log format.
config TPM_LOG_TPM1
bool "TPM 1.2 format"
depends on TPM1 && !TPM2
help
Log per TPM 1.2 specification.
See "TCG PC Client Specific Implementation Specification for Conventional BIOS".
config TPM_LOG_TPM2
bool "TPM 2.0 format"
depends on TPM1 || TPM2
help
Log per TPM 2.0 specification.
See "TCG PC Client Platform Firmware Profile Specification".
endchoice
choice
prompt "TPM2 hashing algorithm"
depends on TPM_MEASURED_BOOT && TPM_LOG_TPM2
default TPM_HASH_SHA1 if TPM1
default TPM_HASH_SHA256 if TPM2
config TPM_HASH_SHA1
bool "SHA1"
config TPM_HASH_SHA256
bool "SHA256"
config TPM_HASH_SHA384
bool "SHA384"
config TPM_HASH_SHA512
bool "SHA512"
endchoice
config TPM_MEASURED_BOOT_INIT_BOOTBLOCK
bool
depends on TPM_MEASURED_BOOT && !VBOOT
help
Initialize TPM inside the bootblock instead of ramstage. This is
useful with some form of hardware assisted root of trust
measurement like Intel TXT/CBnT.
config TPM_MEASURED_BOOT_RUNTIME_DATA
string "Runtime data whitelist"
default ""
depends on TPM_MEASURED_BOOT
help
Runtime data whitelist of cbfs filenames. Needs to be a
space delimited list
config PCR_BOOT_MODE
int
default 0 if CHROMEOS
default 1
config PCR_HWID
int
default 1
config PCR_SRTM
int
default 2
config PCR_FW_VER
int
default 10
# PCR for measuring data which changes during runtime
# e.g. CMOS, NVRAM...
config PCR_RUNTIME_DATA
int
default 3
endmenu # Trusted Platform Module (tpm)
config TPM_SETUP_HIBERNATE_ON_ERR
bool
depends on EC_GOOGLE_CHROMEEC
default y
help
Select this to force a device to hibernate on the next AP shutdown when a TPM
setup error occurs. This will cause a cold boot of the system and offer an
opportunity to recover the TPM should it be hung. This is only effective if
the Z-State brings the power rail down.
Reference in a new issue View git blame Copy permalink