Secdev driver #2
Open
Commits on Jun 20, 2023
-
This commit adds a hash library containing support for sha1 and sha2. Signed-off-by: Daniel P. Smith <[email protected]>
-
drivers: introduce kconfig for secdev framework
This commit adds the Kconfig for selecting the security hardware (secdev) framework. Signed-off-by: Daniel P. Smith <[email protected]>
-
drivers: import of tpm driver into security hw drivers
This commit bring in the TPM driver code from tboot, commit 4a904a6, apply Xen coding style, and integrates with Xen's build. Signed-off-by: Daniel P. Smith <[email protected]>
-
tpm: an initial abstractiong of hw interface
Tboot, from which the code came, is only concerned for x86 systems. Typically on x86 systems, the TPM is accessed using the MMIO hardware interface for which there are two ABIs, FIFO and CRB. This commit looks to refactor the hardware interface logic to enable the ability to support other hardware interfaces, such as the Mobile TPM interface typically used on Arm. Signed-off-by: Daniel P. Smith <[email protected]>
-
tpm: fixing up the time out loops
The tboot environment did not have an accurate way of tracking time outs on access to the TPM hardware. As such, it relied on counting loops and using a multiplier factor to estimate amount of time a loop would take. Now that the code is under Xen, it can use the time functions to determine an accurate(ly) time out. Signed-off-by: Daniel P. Smith <[email protected]>
-
secdev: introduce security device interfaces
Adds secdev headers. Signed-off-by: Daniel P. Smith <[email protected]>
-
This commit adds a secdev interface callable by the secdev framework to detect the tpm and extend a commandline selectable PCR with a domain's measurements. Signed-off-by: Daniel P. Smith <[email protected]>
-
tpm: move tpm2.0 primary logic
This commits move the initialization of a global primary into an commented out function. This is to reserve the logic for later use to create per domain key hierarchy. Signed-off-by: Daniel P. Smith <[email protected]>
-
secdev: introduce the security device framework
Introduces the secdev framework with TPM being the first supported device. Signed-off-by: Daniel P. Smith <[email protected]>
-
x86: add support for measuring Dom0 at boot
This commit leverages the TPM driver to measure Dom0's kernel and initrd before the domain is contstructed. Signed-off-by: Daniel P. Smith <[email protected]>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.