Tech review and added context to CCA BootSync LP#3469
Conversation
e3b038c to
5e51020
Compare
anta5010
left a comment
There was a problem hiding this comment.
LGTM, just a few small comments
| - Understand how Arm CCA Boot Sync can be used for defining UEFI variables, enabling Secure Boot and share secure data with Arm CCA Realms. | ||
| - Lanch Arm CCA Realms with Secure Boot enabled and encrypted file system using an Armv9-A AEM Base Fixed Virtual Platform (FVP) with RME support. | ||
| - Explain why BootSync is needed before the Realm guest operating system has networking. | ||
| - Describe how the Boot Sync Blocks protocol uses key exchange, attestation, and Boot Information Blocks. |
There was a problem hiding this comment.
Realm Host Interface specification includes "Boot Injection" appendix which names the protocol as "BIB protocol"
I think this LP should use two difference terms:
- BootSync - when we describe a workflow
- BIB protocol (or maybe Boot Injection protocol) - when we mention the protocol used for BootSync
| --- | ||
| # User change | ||
| title: "Overview of Arm CCA BootSync and Boot Injection protocol" | ||
| title: "Overview of Arm CCA BootSync and Boot Sync Blocks protocol" |
|
|
||
| ## BootSync protocol stages | ||
|
|
||
| The BSB protocol has three logical stages: |
| 2. Attestation lets the Realm guest firmware request an attestation report from the RMM. The binding key from the secure session is used as challenge data, so the User Context can bind the attestation evidence to this BootSync exchange. | ||
| 3. Boot Information Blocks release the requested boot data after attestation succeeds. In this Learning Path, those blocks are represented by files whose names begin with the Realm Personalization Value (RPV), such as `ARMCCA01_VAR.dat` and `ARMCCA01_SEC.dat`. | ||
|
|
||
| The RPV is important because one User Context service can support multiple Realms. A Realm launched with `--realm-pv ARMCCA01` requests files that start with `ARMCCA01`. If the matching files are missing, BootSync can establish a session and complete attestation, but it cannot provide the requested boot information. |
There was a problem hiding this comment.
This paragraph and the point 3 above are very implementation specific and not covered by any specs. Maybe we'd better move this information into the workflow page where we manage these files.
|
|
||
| The exercises intentionally show both failure and success cases: | ||
|
|
||
| - First, you launch a Realm without the variable data file. This demonstrates that the firmware can ask for BootSync data and that the User Context reports a missing `ARMCCA01_VAR.dat` file. |
There was a problem hiding this comment.
Maybe remove the file name details as well. something like
- First, you launch a Realm without injection any boot data. This demonstrates that the firmware can run successful attestation and ask for BootSync data.
| When the script starts for the first time, it generates Secure Boot signing certificates and creates a Provisioning Data file. | ||
| The Provisioning Data is a binary file generated by [GenPd.py](https://gitlab.arm.com/linux-arm/edk2-cca/-/blob/cca/4441_measured_boot_v1/ArmVirtPkg/ArmCcaBootSync/Scripts/GenPd.py) script. | ||
| The file contains EFI variables defintions required for enabling SecureBoot. | ||
| The file contains UEFI variable definitions required for enabling Secure Boot. |
There was a problem hiding this comment.
The file contains EFI variables definitions required for enabling UEFI Secure Boot
| ``` | ||
|
|
||
| Using `efivar` utility you can check EFI variables to confirm that Secure Boot is not enabled: | ||
| Use the `efivar` utility to check the Secure Boot UEFI variable. A value of `0` confirms that Secure Boot is not enabled: |
| ``` | ||
|
|
||
| Start User Context service: | ||
| Start the User Context service again so it can load the new `ARMCCA01_VAR.dat` and `ARMCCA01_SEC.dat` files: |
There was a problem hiding this comment.
The service doesn't load files when starts. It checks their existence only when is asked for bootsync data.
Maybe just:
- Relaunch User Context service
| ``` | ||
|
|
||
| Using `efivar` utility you can check EFI variables to confirm that Secure Boot is enabled: | ||
| Use `efivar` to check the Secure Boot UEFI variable. A value of `1` confirms that Secure Boot is enabled: |
There was a problem hiding this comment.
EFI variable and UEFI Secure Boot
| ``` | ||
|
|
||
| Start User Context service: | ||
| Start the User Context service again so it reloads the updated Secret Data file: |
There was a problem hiding this comment.
Relaunch the User Context service
Before submitting a pull request for a new Learning Path, please review Create a Learning Path
Please do not include any confidential information in your contribution. This includes confidential microarchitecture details and unannounced product information.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of the Creative Commons Attribution 4.0 International License.