microsoft / ms-tpm-20-ref

Reference implementation of the TCG Trusted Platform Module 2.0 specification.
Other
343 stars 133 forks source link

Cooperative Checkpointing Implementation #69

Closed railabouni closed 2 years ago

railabouni commented 2 years ago

Hello, while reading the fTPM article I read about "Cooperative Checkpointing". I'm wondering if it's implemented in the code and where? also, why not to use the "yielding SMCs" mentioned here: https://optee.readthedocs.io/en/latest/architecture/core.html#normal-world-invokes-op-tee-os-using-smc for fTPM services? won't this solve the issue "Cooperative Checkpointing" is trying to solve (long time in secure world while interrupts are masked for normal world)? on the effects of interrupts on "yielding SMCs": https://trustedfirmware-a.readthedocs.io/en/latest/components/exception-handling.html#effect-on-smc-calls

Thank you!

bradlitterell commented 2 years ago

I’m sorry, which fTPM article are you talking about? I am not clear on which Cooperative Checkpointing issue you are referring to, a link would be helpful.

Regarding SMCs, SMCs are ARM/OPTEE specific, while the reference code is architecture agnostic and therefore would not implement something specific about that except in the op-tee sample. As noted in the LICENSE file, and issue #62, this repo in general, and the samples in particular, are provided as-is.

However, we do review and consider pull requests to improve the samples or make them more useful to the community.

railabouni commented 2 years ago

Sorry Brad, I was referring to this article: https://www.microsoft.com/en-us/research/publication/ftpm-software-implementation-tpm-chip/

bradlitterell commented 2 years ago

Thank you for the link. Reviewing the Cooperative Checkpointing section of the fTPM paper and looking at the reference code in this repo, I do not see an obvious implementation of that feature. In particular the RSA key generation runs 100 attempts before failing (see CryptRsa.c), but I don't think that is the feature you're asking about because that takes a relatively long amount of time.

Thus, I believe the answer to your first question is "No".

As to "why" the paper mentions Cooperative Checkpointing vs. yielding SMCs, I note the paper says "Our fTPM targets several different ARM platforms ... and the minimal OS in our TEE lacks a preemptive scheduler. Therefore, ...".

Beyond that observation, I wasn't on the team that wrote the paper and could only guess.