Feature: new uapp for uberXMHF on Raspberry Pi 3

A new uberapp (uhsign) for calculating a SHA1-HMAC on a data buffer. Where the HMAC key is protected by the hypervisor, and the calling code is attested to be allowed to perform the hypercall. The call returns with the hash value for the data using the hypervisor’s key.

Created a PR: feature-uhsign

Quick question @Cap: Does the PR selectively hook in the uhsign uapp into the micro-hypervisor? In other words, uhsign should only be included and active if explicitly specified during build (e.g., via a #ifdef#endif configuration variable)

It currently does not selectively hook in the uapp.

Ref. your PR: https://github.com/hypcode/uberxmhf/pull/2/files

Below are my comments which also include instructions on how you can selectively enable this uapp:

  1. Add the following within uxmhf-rpi3/configure.ac

     # selectively enable/disable secure boot
     AC_SUBST([ENABLE_UAPP_UHSIGN])
     AC_ARG_ENABLE([enable_uapp_uhsign],
             AS_HELP_STRING([--enable-uapp-uhsign@<:@=yes|no@:>@],
                     [enable signing uapp]),
                     , [enable_uapp_uhsign=no])
     AS_IF([test "x${enable_uapp_uhsign}" != "xno"],
           [ENABLE_UAPP_UHSIGN=y],
           [ENABLE_UAPP_UHSIGN=n])
    
  2. Change uxmhf-rpi3/Makefile.in to include the following:

    export ENABLE_UAPP_UHSIGN := @ENABLE_UAPP_UHSIGN@
    
    ######
    # refine CFLAG definitions based on uxmhf rpi3 configure options
    ######
    
    ifeq ($(ENABLE_UAPP_UHSIGN), y)
    	CFLAGS_DEFS += -D__ENABLE_UAPP_UHSIGN__
    endif
    
  3. Within uxmhf-rpi3/core/Makefile, you can wrap all your uhsign related additions using the
    ENABLE_UAPP_UHSIGN variable as below:

    ifeq ($(ENABLE_UAPP_UHSIGN), y)
    uapp-uhsign.o : ../uapps/uapp-uhsign/uapp-uhsign.c
    	$(TOOLPREFIX)gcc $(CFLAGS) ../uapps/uapp-uhsign/uapp-uhsign.c -o uapp-uhsign.o
    endif
    
    ifeq ($(ENABLE_UAPP_UHSIGN), y)
    
    core.bin: entry.o miniuart.o strlen.o subr_prf.o debug.o atags.o arm8-32.o hypvtablestubs.o hypvtable.o mmu.o hyppgtbl.o s2pgtbl.o uapi_s2pgtbl.o dmaprot.o intprot.o secboot.o bcm2837.o hyptimer.o ctxtrace.o uapp-uhcalltest.o uapp-uhsign.o uapp-utpmtest.o uapp-pa5encfs.o uapp-watchdogsup.o uapp-watchdog.o ghcall.o main.o
    ...
    
    else
    
    core.bin: entry.o miniuart.o strlen.o subr_prf.o debug.o atags.o arm8-32.o hypvtablestubs.o hypvtable.o mmu.o hyppgtbl.o s2pgtbl.o uapi_s2pgtbl.o dmaprot.o intprot.o secboot.o bcm2837.o hyptimer.o ctxtrace.o uapp-uhcalltest.o uapp-utpmtest.o uapp-pa5encfs.o uapp-watchdogsup.o uapp-watchdog.o ghcall.o main.o
    ...
    
    endif
    
  4. Within uxmhf-rpi3/core/*.c, you can wrap all your uhsign related addition using:

    #if defined (__ENABLE_UAPP_UHSIGN__)
    ... your uhsign specific code hook ...
    #endif
    
  5. uxmhf-rpi3/configure seems to be included in version control in this PR – that should not be the case since its autogenerated from configure.ac

  6. uxmhf-rpi3/rgapps/linux/rgapp-uhcallmod/ has a bunch of temporary module output files in version control within the PR (e.g., *.cmd, *.symvers, *.order, *.mod.c, *.ko, *.mod)

Let me know if you have any further questions as you revise the PR; thanks for your contribution!

Thank you! The PR now allows for the uapp to be selectively hooked into the hypervisor using --enable-uapp-uhsign when calling ./configure

PR merged into develop. Thanks!

A post was split to a new topic: New überApp leveraging überXMHF