From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5])
 by mx.groups.io with SMTP id smtpd.web12.755.1625679494911746082
 for <devel@edk2.groups.io>;
 Wed, 07 Jul 2021 10:38:15 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@ibm.com header.s=pp1 header.b=H1z6vGf7;
 spf=pass (domain: linux.ibm.com, ip: 148.163.158.5, mailfrom: dovmurik@linux.ibm.com)
Received: from pps.filterd (m0098420.ppops.net [127.0.0.1])
	by mx0b-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 167HXHaM132492;
	Wed, 7 Jul 2021 13:38:12 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=subject : to : cc :
 references : from : message-id : date : mime-version : in-reply-to :
 content-type : content-transfer-encoding; s=pp1;
 bh=4uXzQ7z5/WIYgrM3dcgA0tl1vCMpG+zcpaXj6hg52hI=;
 b=H1z6vGf7fEHd6VOCAOZoRyMjMUjr7ka0UT5ihxVIk3quGCz0E7dFj1qAfNMkz5Pz8WcG
 GyHzSpC6SdKrYdoLHl2dtHINxb6ZEbYiRXZ7Rhp0nHwMLjRNaryYP6V1ablSWmlGmy7w
 qNLW8Eric4UdIyy45rwXX7v70lFDTm5dnJB/w/vSuWCcIsWrxwYEPEshI6bjvgYOiqS/
 pi7WRDAaHByg9y+B7hEVizFmCIlpsiHCuwZ2fuUOGkSYgJqhVD3Pno2+Pr1Y96rlkUxu
 dXg6NRiXxC3V8m8476Jgt+7/VGsGtH5WaeyzMNA+sCDMtOPNOUagcELAJuERoGRQxZa/ RQ== 
Received: from pps.reinject (localhost [127.0.0.1])
	by mx0b-001b2d01.pphosted.com with ESMTP id 39mkpw009n-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Wed, 07 Jul 2021 13:38:12 -0400
Received: from m0098420.ppops.net (m0098420.ppops.net [127.0.0.1])
	by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 167HYjg8140500;
	Wed, 7 Jul 2021 13:38:11 -0400
Received: from ppma04ams.nl.ibm.com (63.31.33a9.ip4.static.sl-reverse.com [169.51.49.99])
	by mx0b-001b2d01.pphosted.com with ESMTP id 39mkpw008v-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Wed, 07 Jul 2021 13:38:11 -0400
Received: from pps.filterd (ppma04ams.nl.ibm.com [127.0.0.1])
	by ppma04ams.nl.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 167HX1Qr009588;
	Wed, 7 Jul 2021 17:38:09 GMT
Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197])
	by ppma04ams.nl.ibm.com with ESMTP id 39jfh8sv14-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Wed, 07 Jul 2021 17:38:09 +0000
Received: from d06av22.portsmouth.uk.ibm.com (d06av22.portsmouth.uk.ibm.com [9.149.105.58])
	by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 167Hc6kg27459852
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Wed, 7 Jul 2021 17:38:06 GMT
Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id D0E324C046;
	Wed,  7 Jul 2021 17:38:06 +0000 (GMT)
Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id E7BB54C052;
	Wed,  7 Jul 2021 17:38:02 +0000 (GMT)
Received: from [9.160.33.249] (unknown [9.160.33.249])
	by d06av22.portsmouth.uk.ibm.com (Postfix) with ESMTP;
	Wed,  7 Jul 2021 17:38:02 +0000 (GMT)
Subject: Re: [PATCH 1/1] OvmfPkg/AmdSev: introduce EMBED_GRUB=FALSE to skip including Grub image
To: jejb@linux.ibm.com, devel@edk2.groups.io
Cc: Laszlo Ersek <lersek@redhat.com>,
        Ard Biesheuvel <ardb+tianocore@kernel.org>,
        Jordan Justen <jordan.l.justen@intel.com>,
        Ashish Kalra <ashish.kalra@amd.com>,
        Brijesh Singh <brijesh.singh@amd.com>,
        Erdem Aktas <erdemaktas@google.com>, Jiewen Yao <jiewen.yao@intel.com>,
        Min Xu <min.m.xu@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>,
        Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
References: <20210707104232.3071659-1-dovmurik@linux.ibm.com>
 <50cb40b9c3e13f30cd68a78fb9d7ed463ecf9aad.camel@linux.ibm.com>
From: "Dov Murik" <dovmurik@linux.ibm.com>
Message-ID: <189942c2-e118-4edd-cde3-1ab56604c12a@linux.ibm.com>
Date: Wed, 7 Jul 2021 20:38:01 +0300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
 Thunderbird/78.11.0
MIME-Version: 1.0
In-Reply-To: <50cb40b9c3e13f30cd68a78fb9d7ed463ecf9aad.camel@linux.ibm.com>
X-TM-AS-GCONF: 00
X-Proofpoint-ORIG-GUID: 0GVmdukZbRm6ZQTu9Hh2-UrPXHP7RkTm
X-Proofpoint-GUID: d7fUGDCOi6H62SvquAfJ_u_cnKo2e4AV
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.790
 definitions=2021-07-07_08:2021-07-06,2021-07-07 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 adultscore=0
 malwarescore=0 spamscore=0 suspectscore=0 impostorscore=0 phishscore=0
 mlxlogscore=999 lowpriorityscore=0 priorityscore=1501 clxscore=1015
 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2104190000 definitions=main-2107070101
X-MIME-Autoconverted: from 8bit to quoted-printable by mx0b-001b2d01.pphosted.com id 167HXHaM132492
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable



On 07/07/2021 13:51, James Bottomley wrote:
> On Wed, 2021-07-07 at 10:42 +0000, Dov Murik wrote:
>> The AmdSevX64 target includes an embedded Grub image to support
>> secure
>> (measured) boot of confidential guests with encrypted root images.
>>
>> However, it is sometimes convenient to build this target without an
>> embedded Grub.  We introduce the EMBED_GRUB setting (defaults to
>> TRUE),
>> which conditions the generation (grub.sh) and inclusion of the Grub
>> image.  Now building AmdSevX64 with -DEMBED_GRUB=3DFALSE allows it.
>>
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>> Cc: Ashish Kalra <ashish.kalra@amd.com>
>> Cc: Brijesh Singh <brijesh.singh@amd.com>
>> Cc: Erdem Aktas <erdemaktas@google.com>
>> Cc: James Bottomley <jejb@linux.ibm.com>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Tom Lendacky <thomas.lendacky@amd.com>
>> Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
>> Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
>> ---
>>  OvmfPkg/AmdSev/AmdSevX64.dsc | 16 +++++++++++++++-
>>  OvmfPkg/AmdSev/AmdSevX64.fdf |  2 ++
>>  2 files changed, 17 insertions(+), 1 deletion(-)
>>
>> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc
>> b/OvmfPkg/AmdSev/AmdSevX64.dsc
>> index 1d487befae08..ba7d6fe6b749 100644
>> --- a/OvmfPkg/AmdSev/AmdSevX64.dsc
>> +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
>> @@ -25,7 +25,6 @@ [Defines]
>>    BUILD_TARGETS                  =3D NOOPT|DEBUG|RELEASE
>>    SKUID_IDENTIFIER               =3D DEFAULT
>>    FLASH_DEFINITION               =3D OvmfPkg/AmdSev/AmdSevX64.fdf
>> -  PREBUILD                       =3D sh OvmfPkg/AmdSev/Grub/grub.sh
>> =20
>>    #
>>    # Defines for default states.  These can be changed on the command
>> line.
>> @@ -40,6 +39,19 @@ [Defines]
>>    #
>>    DEFINE BUILD_SHELL             =3D FALSE
>> =20
>> +  #
>> +  # Embed Grub into the OVMF image so they are measured together
>> when launching
>> +  # confidential guest
>> +  #
>> +  DEFINE EMBED_GRUB              =3D TRUE
>> +
>> +!if $(EMBED_GRUB) =3D=3D TRUE
>> +  #
>> +  # This step builds the grub.efi binary image if needed
>> +  #
>> +  PREBUILD                       =3D sh OvmfPkg/AmdSev/Grub/grub.sh
>> +!endif
>> +
>>    #
>>    # Device drivers
>>    #
>> @@ -784,7 +796,9 @@ [Components]
>>    }
>>  !endif
>>    OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
>> +!if $(EMBED_GRUB) =3D=3D TRUE
>>    OvmfPkg/AmdSev/Grub/Grub.inf
>> +!endif
>>  !if $(BUILD_SHELL) =3D=3D TRUE
>>    ShellPkg/Application/Shell/Shell.inf {
>>      <LibraryClasses>
>> diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf
>> b/OvmfPkg/AmdSev/AmdSevX64.fdf
>> index 9977b0f00a18..ee3d96bb813f 100644
>> --- a/OvmfPkg/AmdSev/AmdSevX64.fdf
>> +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
>> @@ -270,7 +270,9 @@ [FV.DXEFV]
>>  INF  OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellC
>> ommand.inf
>>  !endif
>>  INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
>> +!if $(EMBED_GRUB) =3D=3D TRUE
>>  INF  OvmfPkg/AmdSev/Grub/Grub.inf
>> +!endif
>>  !if $(BUILD_SHELL) =3D=3D TRUE
>>  INF  ShellPkg/Application/Shell/Shell.inf
>>  !endif
>=20
> This likely isn't enough: the boot pathway of the AmdSev package is
> stripped down and designed to fail if grub won't boot, so if you set
> EMBED_GRUB =3D false, you'll likely build a system that won't boot.  Th=
is
> would still work for the Kata use case, if the kernel and initrd are
> plumbed back in, but it won't work for the generic use case.=20

You're right.  That's why I left the default as EMBED_GRUB=3DTRUE.  And
for Kata (that is, with the edk2 patches from the "Measured SEV boot
with kernel/initrd/cmdline=E2=80=8B" series) we'll build with EMBED_GRUB=3D=
FALSE
because we don't have an encrypted disk there.


Note that currently it's a bit difficult to build with EMBED_GRUB=3DTRUE
because it expects to run grub-mkimage and include modules which are not
upstream; so for most cases user needs to prepare a special grub dir
with modules etc and also make sure that that is the one used in
grub.sh.  (To ease that pain maybe we can include grub as a git
submodule or something like that, and point it to a revision with the
modules we require.  But this might cause other dependency pain which I
might not think of.)



> I think
> the change log needs to describe the use cases so we don't end up
> getting a load of annoyed people building systems that won't work for
> them.

Yes.  Is there documentation for the different -D settings somewhere, or
should I add it to the .dsc file (and the commit log) ?



>=20
> There's also the broader question of whether this should all be
> integrated back into OvmfX64Pkg with more determination done at
> runtime, so we can build fewer separate binaries?
>=20

I'm not sure about merging in OvmfX64Pkg, but for AmdSevX64 if we build
with embedded grub then determination *is* done at runtime: if there's a
-kernel fw_cfg entry and all the measured hashes are OK, then it boots
via -kernel/-initrd; otherwise, it'll go to grub and try to boot from
encrypted disk.

-Dov