Re: [PATCH] qemu: Extend qemu.conf with PCR banks to activate during 'TPM manufacturing'

On 10/28/21 07:04, Daniel P. Berrangé wrote: > On Wed, Oct 27, 2021 at 05:48:19PM -0400, Stefan Berger wrote: > > On 10/27/21 14:17, Marc-André Lureau wrote: > > > Hi > > > > > > On Wed, Oct 27, 2021 at 9:00 PM Stefan Berger <stefanb(a)linux.ibm.com&gt; wrote: > > > > Extend qemu.conf with a configration option swtpm_active_pcr_banks that > > > > allows a user to set a comma-separated list of PCR banks to activate > > > > during 'TPM manufacturing'. Valid PCR banks are sha1,sha256,sha384 and > > > > sha512. > > > > > > > Why not put this option in swtpm_setup.conf instead? > > That is another option but it depends on when one wants to see the effect or > > how one wants to control it. With newer libvirt or newer swtpm? > The obvious reason for putting it in swtpm_setup.conf is that it also > benefits people using swtpm in a non-libvirt scenario. > > IMHO, we should put it in swtpm_setup.conf, and *also* have a build > time option in swtpm to configure the built-in default. > > IOW, I'd expect RHEL-9 RPM swtpm.spec to pass > > %configure --default-pcr-banks=sha256 > > and then have the swtpm_setup.conf option to allow admins to override > the distro default if they need a weaker setup on a host. I now have a pending PR to swtpm that does this modulo using --enable-default-pcr-banks=sha256. The selection of the PCR banks to activate can then be done via swtpm_setup.conf active_pcr_banks = <list of PCR banks> entry, if provided, otherwise it's back to the configure line default. https://github.com/stefanberger/swtpm/pull/615

> On the libvirt side, I think we could have a domain XML config option > for PCR banks, to allow the built-in default or admin local default to > be override per-VM. Is there an example of an attribute that can only be set once in the domain XML and cannot be modified after? The choice of active PCR banks is limited to 'TPM manufacturing' time, which means swtpm_setup runs once only when the swtpm's state directory does not exist because later it would overwrite the entire state and erase all keys etc.. Later manipulations of the PCR banks would have to be done using the firmware menu, which exist in EDK2, SeaBIOS and SLOF.