Skip to content

Add library authentication feature for MTL and LNL #8741

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lgirdwood merged 4 commits into from
Jan 26, 2024
Merged

Add library authentication feature for MTL and LNL #8741

lgirdwood merged 4 commits into from
Jan 26, 2024

Conversation

@jxstelter
Copy link
Contributor

@jxstelter jxstelter commented Jan 15, 2024

These changes will enable loadable library authentication before load.
Untrusted libraries will be not loaded.
Feature is available only on Intel platforms since it uses rom_ext module interface to
perform validation.

Signed-off-by: Jaroslaw Stelter Jaroslaw.Stelter@intel.com

@jxstelter jxstelter force-pushed the jst-prv-library-auth branch 5 times, most recently from 2875328 to fa78e53 Compare January 15, 2024 11:15
@jxstelter jxstelter marked this pull request as ready for review January 16, 2024 08:47
@jxstelter jxstelter force-pushed the jst-prv-library-auth branch from fa78e53 to 3d56f8a Compare January 16, 2024 13:48
kv2019i
kv2019i reviewed Jan 16, 2024
View reviewed changes
Copy link
Collaborator

@kv2019i kv2019i left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Not 100% sure what is the right place to put the auth headers to. This is not specific to RTOS, but is specific to targets. Platform seems the right place to put these.

lyakh
lyakh reviewed Jan 17, 2024
View reviewed changes
@jxstelter jxstelter force-pushed the jst-prv-library-auth branch from 3d56f8a to a1d1936 Compare January 17, 2024 11:18
lgirdwood
lgirdwood reviewed Jan 17, 2024
View reviewed changes
Copy link
Member

@lgirdwood lgirdwood left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The API is mostly generic but has some Intel specific flows, I think we can solve all this in the short term by renaming the header files to auth/intel.h and auth/intel_iface.h. Short term we need the fix, long term we need to look at Zephyr auth driver API as this code should really be in RTOS as a system driver.

src/library_manager/lib_manager.c
ret = auth_api_result(&ext_lib->auth_ctx);

if (ret != AUTH_IMAGE_TRUSTED) {
tr_err(&lib_manager_tr, "lib_manager_auth_proc() Untrasted library!");
Copy link
Member

@lgirdwood lgirdwood Jan 17, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

untrusted

Copy link
Collaborator

@lyakh lyakh Jan 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jxstelter can we fix the typo in a follow up?

@jxstelter jxstelter force-pushed the jst-prv-library-auth branch 4 times, most recently from ad16ee6 to a0e476d Compare January 17, 2024 13:46
kv2019i
kv2019i reviewed Jan 18, 2024
View reviewed changes
Copy link
Collaborator

@kv2019i kv2019i left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Almost there. Two things:

  1. @lgirdwood proposed a bit different approach, to keep the headers in sof/zephyr/include but rename the interface with Intel prefix. I think the current V2 version imlements the platform option cleanly (a few nits inline), but granted the interface is likely fairly Intel specific. But yeah, Liam, preference which way to go?

  2. Missing rfree on error path, Guennadi's comment.

btian1
btian1 reviewed Jan 23, 2024
View reviewed changes
@jxstelter jxstelter force-pushed the jst-prv-library-auth branch from a0e476d to 7a5f264 Compare January 23, 2024 16:21
@jxstelter
Copy link
Contributor Author

jxstelter commented Jan 23, 2024

Almost there. Two things:

  1. @lgirdwood proposed a bit different approach, to keep the headers in sof/zephyr/include but rename the interface with Intel prefix. I think the current V2 version imlements the platform option cleanly (a few nits inline), but granted the interface is likely fairly Intel specific. But yeah, Liam, preference which way to go?
  2. Missing rfree on error path, Guennadi's comment.

@lgirdwood Should I change names according to Your first review input?

kv2019i
kv2019i approved these changes Jan 23, 2024
View reviewed changes
Copy link
Collaborator

@kv2019i kv2019i left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, looks good to me!

@lgirdwood
Copy link
Member

lgirdwood commented Jan 24, 2024

Almost there. Two things:

  1. @lgirdwood proposed a bit different approach, to keep the headers in sof/zephyr/include but rename the interface with Intel prefix. I think the current V2 version imlements the platform option cleanly (a few nits inline), but granted the interface is likely fairly Intel specific. But yeah, Liam, preference which way to go?
  2. Missing rfree on error path, Guennadi's comment.

@lgirdwood Should I change names according to Your first review input?

Yeah - just for the implementation side with Intel IP code. I think the interface is quite generic so hopefully can be lifted into Zephyr in the future without too many changes.

@jxstelter
platform: ace: Add authentication interface
fba1f17 
For ACE platforms library authentication could be done using external
entity - rom_ext. This module reside in L3 memory space and provides
verification functionality. Following code expose that API to SOF.

Signed-off-by: Jaroslaw Stelter <Jaroslaw.Stelter@intel.com>
@jxstelter
library_manager: auth: Add library authentication mechanizm
64a132a 
This patch adds usage of authentication API to check
library signature. If feature enabled it will block loading of
library without valid signature.

Signed-off-by: Jaroslaw Stelter <Jaroslaw.Stelter@intel.com>
@jxstelter
mtl: conf: Enable library authentication on MTL
abb49d5 
This enables library authentication on MTL platforms.

Signed-off-by: Jaroslaw Stelter <Jaroslaw.Stelter@intel.com>
@jxstelter
lnl: conf: Enable Library authentication on LNL
55a520a 
This enables library authentication on LNL platforms.

Signed-off-by: Jaroslaw Stelter <Jaroslaw.Stelter@intel.com>
@jxstelter jxstelter force-pushed the jst-prv-library-auth branch from 7a5f264 to 55a520a Compare January 25, 2024 14:18
kv2019i
kv2019i approved these changes Jan 25, 2024
View reviewed changes
Copy link
Collaborator

@kv2019i kv2019i left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Refresh +1

@kv2019i kv2019i mentioned this pull request Jan 26, 2024
Merged
lyakh
lyakh approved these changes Jan 26, 2024
View reviewed changes
src/library_manager/lib_manager.c
man_tmp_buffer = (__sparse_force void __sparse_cache *)
rballoc_align(0, SOF_MEM_CAPS_DMA,
MAN_MAX_SIZE_V1_8, dma_ext->addr_align);
MAN_MAX_SIZE_V1_8, CONFIG_MM_DRV_PAGE_SIZE);
Copy link
Collaborator

@lyakh lyakh Jan 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how is this related? Can we add a comment in a follow-up? Or, if this wasn't intended, revert this

Copy link
Contributor Author

@jxstelter jxstelter Jan 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Authentication engine in ROM_EXT requires page aligned buffer. Otherwise it fails.

lyakh
lyakh reviewed Jan 26, 2024
View reviewed changes
src/library_manager/lib_manager.c
struct ext_library *ext_lib = ext_lib_get();
int ret;

ret = auth_api_init_auth_proc(&ext_lib->auth_ctx, buffer_data, buffer_size, phase);
Copy link
Collaborator

@lyakh lyakh Jan 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this also needed in the LAST stage? A bit asymmetric

Copy link
Contributor Author

@jxstelter jxstelter Jan 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is how reference code uses this API.

@lgirdwood lgirdwood merged commit 17b3b01 into thesofproject:main Jan 26, 2024
@lgirdwood
Copy link
Member

lgirdwood commented Jan 26, 2024

Merging now as it fixes an issue. We can now start to look at how "authentication drivers" can upstream into Zephyr in the long term. @nashif @teburd @ceolin fyi.

@jsarha jsarha mentioned this pull request Feb 12, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lyakh lyakh lyakh approved these changes

@btian1 btian1 btian1 left review comments

@lgirdwood lgirdwood lgirdwood approved these changes

@kv2019i kv2019i kv2019i approved these changes

@iuliana-prodan iuliana-prodan Awaiting requested review from iuliana-prodan

@dbaluta dbaluta Awaiting requested review from dbaluta dbaluta is a code owner

@abonislawski abonislawski Awaiting requested review from abonislawski

@plbossart plbossart Awaiting requested review from plbossart plbossart is a code owner

@mmaka1 mmaka1 Awaiting requested review from mmaka1 mmaka1 is a code owner

@lbetlej lbetlej Awaiting requested review from lbetlej lbetlej is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@jxstelter @lgirdwood @lyakh @btian1 @kv2019i