Dasharo Enterprise roadmap for reaching fwupd HSI-4 security level

[miczyg1]

The problem you're addressing (if any)

Not all checks pass in the fwupdmgr security:

Host Security ID: HSI:0 (v1.8.15)

HSI-1
✔ CSME override:                 Locked
✔ CSME v0:16.1.25.1865:          Valid
✔ MEI key manifest:              Valid
✔ Platform debugging:            Disabled
✔ SPI BIOS region:               Locked
✔ SPI lock:                      Enabled
✔ SPI write:                     Disabled
✔ Supported CPU:                 Valid
✔ TPM empty PCRs:                Valid
✔ TPM v2.0:                      Found
✔ UEFI platform key:             Valid
✔ UEFI secure boot:              Enabled
✘ CSME manufacturing mode:       Unlocked

HSI-2
✔ IOMMU:                         Enabled
✔ Intel BootGuard:               Enabled
✔ Intel BootGuard ACM protected: Valid
✔ Intel BootGuard OTP fuse:      Valid
✔ Intel BootGuard verified boot: Valid
✔ Platform debugging:            Locked
✘ TPM PCR0 reconstruction:       Invalid

HSI-3
✔ Intel BootGuard error policy:  Valid
✔ Intel CET Enabled:             Enabled
✔ Pre-boot DMA protection:       Enabled
✔ Suspend-to-idle:               Enabled
✔ Suspend-to-ram:                Disabled

HSI-4
✔ Intel SMAP:                    Enabled
✘ Encrypted RAM:                 Not supported

Runtime Suffix -!
✔ Intel CET Active:              Supported
✔ Linux kernel:                  Untainted
✔ Linux kernel lockdown:         Enabled
✔ Linux swap:                    Encrypted
✔ fwupd plugins:                 Untainted

Describe the solution you'd like

Fix the issues to reach HSI-4:

CSME manufacturing mode: Unlocked - requires a locked flash descriptor to pass (will render ME Disabled HAP option unusable, besides HSI requires ME to be available to query the fuses and Boot Guard state)

TPM PCR0 reconstruction: Invalid will be fixed by solving #455

✘ Encrypted RAM: Not supported for some reason TME seems not to be active when Boot Guard is enabled. Needs further investigation. #464 TME not supported by the CPUs

Where is the value to a user, and who might that user be?

First professionally secured laptop with open-source firmware reaching HSI-4

Describe alternatives you've considered

No response

Additional context

No response

[miczyg1]

TME is not available on the SKUs offered by Novacustom. so HSI-4 will not be possible with current hardware.

[wessel-novacustom]

TME is not available on the SKUs offered by Novacustom. so HSI-4 will not be possible with current hardware.

We should check if upcoming models would be able to support this. Maybe @pietrushnic can check and let me know.

HSI-1/HSI-2/HSI-3 should be possible and we should probably focus on that for a next release after the hotfix release of this month.

[mkopec]

MK-TME is branded as part of vPRO Enterprise and may not be available on lower-tier SKUs. We'll know which SKUs have which features in 2 days once MTL officially launches.

[pietrushnic]

@miczyg1 I guess we can achieve HSI-2 easily, just:

✘ CSME manufacturing mode:       Unlocked

What are the consequences of locking CSME?

✘ TPM PCR0 reconstruction:       Invalid

I guess this one requires fixes in the TPM event log according to this. TPM event logs may be hard because of crossing the boundary between coreboot and UEFI payload. Solving those issues, IMHO should be part of DSP and could be scheduled for the next release - I'm not sure when it can happen, but we should build a roadmap for it. @macpijan @BeataZdunczyk cc

HSI-3 is Intel Boot Guard, and we plan to introduce that to NovaCustom, which is currently forming, so we are on track with that.

HSI-4 is not possible right now as the CPU lacks the TME feature, but we need to work on having the highest fwupd security level on upcoming models.

HSI-5? Support for TrenchBoot. The vision of that HSI level was presented during TrenchBoot Summit 2021

[miczyg1]

What are the consequences of locking CSME?

Not being able to enable HAP anymore (because all we need is to lock descriptor, not CSME). And to pass the CSME tests, one has to keep CSME enabled, otherwise the assessment of CSME status will fail (due to not being able to read CSME registers).

HSI-4 is not possible right now as the CPU lacks the TME feature, but we need to work on having the highest fwupd security level on upcoming models.

The selected MTL SKUs will not have TME. Intel reserves the TME feature only to vPro capable SKUs for MTL. Probably the same goes for ADL. So HSI-3 is max due to HW limitations. Fortunately all new laptops will have TXT capability.

We'll know which SKUs have which features in 2 days once MTL officially launches.

Please... We don't have CNDA documentation access for nothing. A little bit of searching and one can find relevant information.

[mkopec]

Please... We don't have CNDA documentation access for nothing. A little bit of searching and one can find relevant information.

I did, and I did not find the exact CPU feature matrix for each SKU. Please point me to the right doc when you find it.

[pietrushnic]

Not being able to enable HAP anymore (because all we need is to lock descriptor, not CSME). And to pass the CSME tests, one has to keep CSME enabled, otherwise the assessment of CSME status will fail (due to not being able to read CSME registers).

@wessel-novacustom is an important note for those who want to buy HSI-compatible hardware.

This issue will be very important to us in 2024.

[wessel-novacustom]

@pietrushnic Intel ME HAP disabling is a very important feature for a lot of our customers.

But we still want to become a HSI-compatible laptop vendor.

The end user should have the choice.

[miczyg1]

Which device was this HSI test ran on? @miczyg1

It was NV4x 12th Gen from Novacustom with our custom firmware which enables BootGuard (for internal use in the company).

Does anyone know the HSI level of the current implementation of dasharo on the MSI Z790-P?

It is HSI-1 max. Z790 are shipped as fused and BootGuard is not possible on these platforms.

With a compatible CPU its possible to get vPro enterprise and TME support, so in theory HSI-4 with the MSI motherboard should be possible, but I was wondering if anyone had a current HSI rating for it with dasharo.

Yes, TME is possible with proper CPU, but see above about BootGuard.

According to this, the CPUs used in the latest NovaCustom laptops (V54 and V56) should support memory encryption (not multi-key) and therefore reach HSI:4.

[wessel-novacustom]

According to this, the CPUs used in the latest NovaCustom laptops (V54 and V56) should support memory encryption (not multi-key) and therefore reach HSI:4.

That's great! We will discuss and plan this.

According to this, the CPUs used in the latest NovaCustom laptops (V54 and V56) should support memory encryption (not multi-key) and therefore reach HSI:4.

That's great! We will discuss and plan this.

Relevant: fwupd/fwupd#7180 (Scroll down)

According to this, the CPUs used in the latest NovaCustom laptops (V54 and V56) should support memory encryption (not multi-key) and therefore reach HSI:4.

That's great! We will discuss and plan this.

Hello, any updates on this? Do the latest NovaCustom devices support memory encryption?