dmcilvaney
commented
5 years ago As for complexity, this is completely opt-in and hooked into an existing OP-TEE build system flow (gensrcs which generates source files on demand), so hopefully it won't affect any other components. I also made a point to only use the external APIs so this shouldn't be affected by changes to the internal functioning of the TA.
This is definatly a critical step in a Windows secure boot path (verifying signatures from ROM all the way to Windows), and enforcing this with the TA itself seems like the most secure method.
Allow the Authvar TA to enforce a set of default variables when it is first initialized.
These variables are defined in a JSON file, and encoded into a generated C file at compile time via a python script.
The behaviour can be turned on via
CFG_AUTHVARS_DEFAULT_VARS=y. A pair of example JSON files are included, one sets a simple NV variable, while the other provisions a set of secure boot variables.TODO: Handle partial initialization. Either set an initialization complete flag, or don't persist these writes until we ar done, or check each default variable? We don't want to get halfway through writing the variables then die. But also want these variables to be treated like normal variables once they are written.