AWS Nitro Enclaves have built-in Nitro Secure Module (NSM) device which
is used for stripped down TPM functionality like attestation. This commit
adds the built-in NSM device in the nitro-enclave machine type.
In Nitro Enclaves, all the PCRs start in a known zero state and the first
16 PCRs are locked from boot and reserved. The PCR0, PCR1, PCR2 and PCR8
contain the SHA384 hashes related to the EIF file used to boot the
VM for validation.
A new optional nitro-enclave machine option 'id' has been added which will
be the enclave identifier reflected in the module-id of the NSM device.
Otherwise, the device will have a default id set.
Signed-off-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
---
hw/core/eif.c | 205 +++++++++++++++++++++++++++++++-
hw/core/eif.h | 5 +-
hw/core/meson.build | 4 +-
hw/i386/Kconfig | 1 +
hw/i386/nitro_enclave.c | 85 ++++++++++++-
include/hw/i386/nitro_enclave.h | 19 +++
6 files changed, 310 insertions(+), 9 deletions(-)
@@ -87,10 +106,46 @@ static void nitro_enclave_machine_state_init(MachineState
*machine)
nitro_enclave_devices_init(ne_state);
}
+static void nitro_enclave_machine_reset(MachineState *machine,
+ ShutdownCause reason)
+{
+ NitroEnclaveMachineClass *ne_class =
+ NITRO_ENCLAVE_MACHINE_GET_CLASS(machine);
+ NitroEnclaveMachineState *ne_state = NITRO_ENCLAVE_MACHINE(machine);
+
+ ne_class->parent_reset(machine, reason);
+
+ memset(ne_state->vnsm->pcrs, 0, sizeof(ne_state->vnsm->pcrs));
+
+ /* PCR0 */
+ ne_state->vnsm->extend_pcr(ne_state->vnsm, 0, ne_state->image_sha384,
+ SHA384_BYTE_LEN);
+ /* PCR1 */
+ ne_state->vnsm->extend_pcr(ne_state->vnsm, 1, ne_state->bootstrap_sha384,
+ SHA384_BYTE_LEN);
+ /* PCR2 */
+ ne_state->vnsm->extend_pcr(ne_state->vnsm, 2, ne_state->app_sha384,
+ SHA384_BYTE_LEN);