01/28/2017 Secure Boot in OVMF and vTPM Configuration

I generally got accustomed to using English for writing. It is like more convenient for you do not need any additional software as assistance. And in most cases you will not worry about how to translate some terminology in English into Chinese . Yeah. I am just looking for some excuse for my laziness....

As an important part of my undergraduate thesis, UEFI System based Firmware IMA and Remote Attestation is supposed to be first stage of my study. for the next phase, I am looking forward to applying the machine learning based technology into the attack detection of firmware security.

(1) Enabling Secure Boot in OVMF

OK, we are to resolve the problems remained unresolved in the previous chapter.

// Guidance for Secure Boot in OVMF
* https://wiki.ubuntu.com/UEFI/EDK2
* $EDKII_HOME/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt

change path to the edk2 root path

git submodule update --init --recursive
git pull --recurse-submodules && git submodule update --recursive --remote
cd CryptoPkg/Library/OpensslLib/openssl/
git tag // Change to the version required
git checkout b2758a2292aceda93e9f44c219b94fe21bb9a650

And build OVMF with SECURE_BOOT_ENABLE tag of TRUE

build -p OvmfPkg/OvmfPkgIa32X64.dsc -t GCC5 -b RELEASE -a IA32 -a X64 -D SECURE_BOOT_ENABLE

We can successfully get a firmware device then.

(2) Install Software TPM and enable vTPM Support

If we simply run the OVMF without passing tpm device to QEMU, the output of TPM testing application:

Running UEFI Application in Shell

Still cannot find EFI_TCG_PROTOCOL with TPM support. Refer to the DSC file of Ovmf

!if $(SECURE_BOOT_ENABLE) == TRUE
  PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
  TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
  AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
!else
  TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
  AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
!endif
  VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf

------------------------------------------------------

!if $(SECURE_BOOT_ENABLE) == TRUE
  MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
    
      NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
        }
!else
  MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
!endif

---------------------------------------------------

!if $(SECURE_BOOT_ENABLE) == TRUE
  SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
!endif

I have got a TPM 2.0 chip on my host machine. But the VirtualBox might not be able to virtualize it
Also see an interesting software suite named Vagrant at

Difference between Docker and VagrantL: https://www.zhihu.com/question/32324376

It is a suite based on virtualization techniques that configure the development environment (While Docker is for configuring execution environment).

OK. Here we are to install vTPM in the Ubuntu 16.04 LTS in VirtualBox.

• install libtpms

cd libtpms
./bootstrap.sh
./configure --prefix=/usr --with-openssl
make
make install

• Install swtpm

cd swtpm
./bootstrap.sh
./configure --prefix=/usr --with-openssl
make
make check
sudo make install
cp /usr/etc/swtpm_setup.conf /etc/swtpm_setup.conf

• Startup vTPM

sudo modprobe cuse
mkdir /tmp/myvtpm0
sudo chown -R tss:root  /tmp/myvtpm0
sudo swtpm_setup --tpm-state /tmp/myvtpm0  --createek

then we got outpit like

Starting vTPM manufacturing as tss:tss @ 2018年01月28日 星期日 12时43分46秒
TPM is listening on TCP port 48173.
Successfully created EK.
Successfully authored TPM state.
Ending vTPM manufacturing @ 2018年01月28日 星期日 12时43分47秒

The SWTPM should be similar to the TPM emulator provided by TCG Group, which enables the application to communicate with the TPM with Socket model via certain TCP port.

• Map the TPM to /dev/vtpm0

sudo env TPM_PATH=/tmp/myvtpm0/ swtpm_cuse -n vtpm0

After finishing steps shown above, we can locate vtpm in /dev/ path.

(3) Run QEMU with TPM Support

To note that the QEMU install by running "sudo apt-get install qemu" cannot support vTPM.

// sse the QEMU-TPM version 
git clone https://github.com/Hecmay/vtpm-support.git
cd qemu-tpm
./configure --enable-kvm --enable-tpm --enable-sdl
make
make install

And then

qemu-system-x86_64 -display sdl -m 1024 \
-boot c -bios Build/Ovmf3264/RELEASE_GCC5/FV/OVMF.fd \
-boot menu=on -tpmdev cuse-tpm,id=tpm0,path=/dev/vtpm0 \
-device tpm-tis,tpmdev=tpm0 Build/test.img

(4) Further Modification with OVMF.dsc

Unfortunately the TPM Application still cannot locate EFI_TCG_PROTOCOL. Follow the steps:

https://github.com/tianocore/tianocore.github.io/wiki/How-to-Enable-Security#Enabling_Trusted_Compute_Module_TPM

Some tips from the debugging process

• INF file of certain module specifies the TYPE (e.g. PEIM) and the lib required by the UEFI module must be included in the [LibraryClass.PEIM] of the Pkg's DSC file.
• Please make sure the Lib with same name for different phase is different (Otherwise "error 1001 not supported")
• Modification mainly focused on [Components] && [LibraryClasses.common] of OVMF.dsc (including Lib Tpm12CommandLib/Tpm12DeviceLib/Tpm12CommLib.....etc)

After getting the OVMF with TPM driver built-in, the Shell still cannot locate EFI_TCG_PROTOCOL

(5) Whether a GRUB2 Boot Loader is compulsory

I noticed that BootManager is a built-in component of Tianocore, the functionality of which is similar to common Boot loader. So if we want to load a OS, do we still need to add additional bootloader.efi to load our OS?

Let us have a try:

sudo ../vtpm-support/qemu-tpm/x86_64-softmmu/qemu-system-x86_64 -display sdl \
-cdrom /home/hecmay/Downloads/ubuntu-16.04.3-server-amd64.iso  -m 1024 \
-boot c -bios Build/Ovmf3264/RELEASE_GCC5/FV/OVMF.fd -boot menu=on -tpmdev \
cuse-tpm,id=tpm0,path=/dev/vtpm0 -device tpm-tis,tpmdev=tpm0 Build/server.img

It seems that Bootmanager can be used as a boot loader to load Ubuntu Server.iso in the CDROM. And after the ISO file is loaded, the built-in GRUB in Ubuntu will appear.

Built-in GRUB of Ubuntu Server

But the Ubuntu will also install GRUB boot loader afterwards. This GRUB should be the one installed on the hard disk drive rather then the previous one built-in with original Ubuntu ISO.

installation of GRUB

After installing and entering the Ubuntu server with basic LAMP built-in, we can see the TPM device is actually installed. So the problem is still lied in the OVMF setting.

/dev/tpm0

links might be helpful:

• https://www.mail-archive.com/[email protected]/msg27360.html
• https://www.mail-archive.com/[email protected]/msg01564.html