-
Notifications
You must be signed in to change notification settings - Fork 96
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tpm2: configure vendor/manufacturer values #369
base: master
Are you sure you want to change the base?
tpm2: configure vendor/manufacturer values #369
Conversation
Signed-off-by: Ben Lytle <[email protected]>
I am not sure whether this flexibility will be very helpful, though: By now any change to any of the fields can cause backwards compatibility issues, such as for example with pkcs11 drivers where the name of the device goes into the pkcs11 URI and an upgrade of libtpms could then be causing the device URI not to work anymore (since the device is identified differently) and crypto to fail. If we want to make it flexible then the default values MUST all be exactly as they are now. Also, migration between differently configured libtpms could cause these types of issues. |
That's what I was afraid of.
If we make the default values the exact same as they are now, I can see one obvious issue with differing libtpms versions - |
That would be an unnecessary annoyance for any user that doesn't know why things do not work anymore. Who would be configuring libtpms with differing values than what they have been for years now? |
Completely agree.
If a different company wants to use this project to create a TPM, and brand it as something else (something like Google Cloud: https://cloud.google.com/blog/products/identity-security/virtual-trusted-platform-module-for-shielded-vms-security-in-plaintext, where they use https://sourceforge.net/projects/ibmswtpm2/). |
Is this an expressed intention from Google Cloud (or anyone else) or a hypothesis? |
src/tpm2/VendorString.h
Outdated
Define up to 4, 4-byte, vendor-specific strings. The strings must each be 4 bytes long. | ||
These values define the response for TPM_PT_VENDOR_STRING_(1-4) in TPM2_GetCapability(). */ | ||
#ifndef CONFIG_VENDOR_STRING_1 | ||
#define VENDOR_STRING_1 "fTPM" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The default here would have to be "SW "
|
||
// the less significant 32-bits of a vendor-specific value indicating the version of the firmware | ||
#define FIRMWARE_V2 (0x00163636) | ||
#ifdef CONFIG_VENDOR_STRING_2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This would have to have a default of " TPM".
src/tpm2/VendorString.h
Outdated
#define _STRINGIFY(x) #x | ||
#endif | ||
#ifndef STRINGIFY | ||
#define STRINGIFY(x) _STRINGIFY(x) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These could be useful elsewhere. Move to a Utils.h?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Found it already defined in tpm_library_intern.h
src/tpm2/VendorString.h
Outdated
#error FIRMWARE_V1 is not provided. \ | ||
Please modify VendorString.h to provide a vendor specific firmware \ | ||
version | ||
#define FIRMWARE_V1 0x00000000 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also this here should go back to its previous default value. None of the existing users, like distros, should have to modify their build process and ./configure
line to get back the old default values. So all values have to default to what they were before.
I believe what Google Cloud has detailed in the article is their current vTPM solution. Other than that, it is a hypothesis. |
Signed-off-by: Ben Lytle <[email protected]>
Pull Request Test Coverage Report for Build 2762
💛 - Coveralls |
Provide a way to configure Vendor/Manufacturer values.
This also changes default vendor/manufacturer strings to be more generic (remove IBM specifics; makes IBM less liable? 😄)
Cleaned up comments that were a little confusing in VendorString.h, most likely from the Microsoft Reference code port.
I know a major concern is swtpm state and downgrading versions, and these values (at least Manufacturer, Vendor Strings, and Firmware Version) show up in the properties-fixed get capability command. What I'm not sure of is how tightly this is coupled with
the swtpm state and how it would affect earlier libtpms versions.