From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1])
 by mx.groups.io with SMTP id smtpd.web08.5735.1621920689848506006
 for <devel@edk2.groups.io>;
 Mon, 24 May 2021 22:31:29 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@ibm.com header.s=pp1 header.b=PniLsL50;
 spf=pass (domain: linux.ibm.com, ip: 148.163.156.1, mailfrom: dovmurik@linux.ibm.com)
Received: from pps.filterd (m0098394.ppops.net [127.0.0.1])
	by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14P53lhn051080;
	Tue, 25 May 2021 01:31:27 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject
 : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding; s=pp1;
 bh=hQoLOe/6VtnhC1dq6E0UNUTyAGH8JJ42N4segO3rufk=;
 b=PniLsL50stm1nbMsEA02CvdpuS3Ayoi8usr9USs7YNcsnnlMFvL4YiYDw5/WCAGlkeyQ
 /1e5I4fmsiDeO1E/zazUcX9He8nlz5ijbWH6tT99zG8TY1Yykiy8BTsNUoqPneIV81JA
 rscvnh23ZMNkHPKAgl6j8L7Op6BwhS3K4vIHgP4TDoLvDUQ3D7/dLe8v4syL6UkiFr/d
 Z4r4fnLJPj13nvzp5Ms4oizxnzlfOmyUyn3t3iSov0KUzAvb6oSzsNbVzVYfVW2bX4yf
 cQ3au64U0+VhtULMze+AlgJLKAVVo8Qz27Ew7J4QYK/S9kHdpNS+qzMIKrd4VTi6qRNd Aw== 
Received: from pps.reinject (localhost [127.0.0.1])
	by mx0a-001b2d01.pphosted.com with ESMTP id 38rtjy8y9t-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Tue, 25 May 2021 01:31:27 -0400
Received: from m0098394.ppops.net (m0098394.ppops.net [127.0.0.1])
	by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14P5Mun4158799;
	Tue, 25 May 2021 01:31:26 -0400
Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com [169.55.91.170])
	by mx0a-001b2d01.pphosted.com with ESMTP id 38rtjy8y8s-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Tue, 25 May 2021 01:31:26 -0400
Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1])
	by ppma02wdc.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14P5Rf1L027660;
	Tue, 25 May 2021 05:31:25 GMT
Received: from b01cxnp22035.gho.pok.ibm.com (b01cxnp22035.gho.pok.ibm.com [9.57.198.25])
	by ppma02wdc.us.ibm.com with ESMTP id 38psk9cdq1-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Tue, 25 May 2021 05:31:25 +0000
Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106])
	by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14P5VOpf29753778
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Tue, 25 May 2021 05:31:24 GMT
Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 65E3B2805A;
	Tue, 25 May 2021 05:31:24 +0000 (GMT)
Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 1ADD628060;
	Tue, 25 May 2021 05:31:24 +0000 (GMT)
Received: from localhost.localdomain (unknown [9.2.130.16])
	by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP;
	Tue, 25 May 2021 05:31:24 +0000 (GMT)
From: Dov Murik <dovmurik@linux.ibm.com>
To: devel@edk2.groups.io
Cc: Dov Murik <dovmurik@linux.ibm.com>,
        Tobin Feldman-Fitzthum <tobin@linux.ibm.com>,
        Tobin Feldman-Fitzthum <tobin@ibm.com>, Jim Cadden <jcadden@ibm.com>,
        James Bottomley <jejb@linux.ibm.com>,
        Hubertus Franke <frankeh@us.ibm.com>, Laszlo Ersek <lersek@redhat.com>,
        Ard Biesheuvel <ardb+tianocore@kernel.org>,
        Jordan Justen <jordan.l.justen@intel.com>,
        Ashish Kalra <ashish.kalra@amd.com>,
        Brijesh Singh <brijesh.singh@amd.com>,
        Erdem Aktas <erdemaktas@google.com>, Jiewen Yao <jiewen.yao@intel.com>,
        Min Xu <min.m.xu@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>
Subject: [PATCH v1 5/8] OvmfPkg/AmdSev: Add library to find encrypted hashes for the FwCfg device
Date: Tue, 25 May 2021 05:31:13 +0000
Message-Id: <20210525053116.1533673-6-dovmurik@linux.ibm.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20210525053116.1533673-1-dovmurik@linux.ibm.com>
References: <20210525053116.1533673-1-dovmurik@linux.ibm.com>
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-Proofpoint-GUID: RyQTjJtX8Ub9y55kfdYaf5CWEA6brvCW
X-Proofpoint-ORIG-GUID: uTsHHrNlk8WDbWdAyyMhj7FOPEwoxZ7e
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.761
 definitions=2021-05-25_02:2021-05-24,2021-05-25 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0
 priorityscore=1501 clxscore=1015 impostorscore=0 phishscore=0 adultscore=0
 bulkscore=0 lowpriorityscore=0 mlxscore=0 mlxlogscore=999 malwarescore=0
 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2104190000 definitions=main-2105250034
Content-Transfer-Encoding: quoted-printable

From: James Bottomley <jejb@linux.ibm.com>

The library finds and checks out the encrypted page from the memfd and
installs a finder routine for GUID described hashes if it checks out
OK.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ashish Kalra <ashish.kalra@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: James Bottomley <jejb@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
---
 OvmfPkg/OvmfPkg.dec                                          |   4 +
 OvmfPkg/AmdSev/AmdSevX64.dsc                                 |   1 +
 OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf |  34 ++++++
 OvmfPkg/AmdSev/Include/Library/SevHashFinderLib.h            |  47 ++++++++
 OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c   | 126 +++++++=
+++++++++++++
 5 files changed, 212 insertions(+)

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 7cd29a60a436..36f0a2cb4cf9 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -18,8 +18,12 @@ [Defines]
 [Includes]=0D
   Include=0D
   Csm/Include=0D
+  AmdSev/Include=0D
 =0D
 [LibraryClasses]=0D
+  ##  @libraryclass  Functions for extracting Sev Hashes from the MEMFD=0D
+  SevHashFinderLib|AmdSev/Include/Library/SevHashFinderLib.h=0D
+=0D
   ##  @libraryclass  Access bhyve's firmware control interface.=0D
   BhyveFwCtlLib|Include/Library/BhyveFwCtlLib.h=0D
 =0D
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index f820e81fad27..b4484ca07614 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -118,6 +118,7 @@ [SkuIds]
 !include MdePkg/MdeLibs.dsc.inc=0D
 =0D
 [LibraryClasses]=0D
+  SevHashFinderLib|OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLi=
b.inf=0D
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf=0D
   TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseAcpiTimerLib.inf=0D
   ResetSystemLib|OvmfPkg/Library/ResetSystemLib/BaseResetSystemLib.inf=0D
diff --git a/OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf b=
/OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf
new file mode 100644
index 000000000000..79ebf51baed0
--- /dev/null
+++ b/OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf
@@ -0,0 +1,34 @@
+##  @file=0D
+#  Provides the Secure Verification services for AMD SEV firmware config=0D
+#=0D
+#  Copyright (C) 2021 James Bottomley, IBM Corporation.=0D
+#=0D
+#  SPDX-License-Identifier: BSD-2-Clause-Patent=0D
+#=0D
+##=0D
+=0D
+[Defines]=0D
+  INF_VERSION                    =3D 0x00010005=0D
+  BASE_NAME                      =3D SevHashFinderLib=0D
+  FILE_GUID                      =3D d8ef4e22-991a-4134-b285-1d970cfe2ca6=
=0D
+  MODULE_TYPE                    =3D DXE_DRIVER=0D
+  VERSION_STRING                 =3D 1.0=0D
+  LIBRARY_CLASS                  =3D SevHashFinderLib=0D
+  CONSTRUCTOR                    =3D SevHashFinderLibConstructor=0D
+=0D
+[Sources]=0D
+  SevHashFinderLib.c=0D
+=0D
+[Packages]=0D
+  CryptoPkg/CryptoPkg.dec=0D
+  MdePkg/MdePkg.dec=0D
+  OvmfPkg/OvmfPkg.dec=0D
+=0D
+[LibraryClasses]=0D
+  BaseCryptLib=0D
+  BaseMemoryLib=0D
+  PcdLib=0D
+=0D
+[FixedPcd]=0D
+  gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase=0D
+  gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize=0D
diff --git a/OvmfPkg/AmdSev/Include/Library/SevHashFinderLib.h b/OvmfPkg/Am=
dSev/Include/Library/SevHashFinderLib.h
new file mode 100644
index 000000000000..79d5039a649b
--- /dev/null
+++ b/OvmfPkg/AmdSev/Include/Library/SevHashFinderLib.h
@@ -0,0 +1,47 @@
+/** @file=0D
+  Validate a hash against that in the Sev Hash table=0D
+=0D
+  Copyright (C) 2021 James Bottomley, IBM Corporation.=0D
+  SPDX-License-Identifier: BSD-2-Clause-Patent=0D
+**/=0D
+=0D
+#ifndef __SEV_HASH_FINDER_LIB_H__=0D
+#define __SEV_HASH_FINDER_LIB_H__=0D
+=0D
+/**=0D
+  The Sev Hash table must be in encrypted memory and has the table=0D
+  and its entries described by=0D
+=0D
+  <GUID>|UINT16 <len>|<data>=0D
+=0D
+  With the whole table GUID being 9438d606-4f22-4cc9-b479-a793d411fd21=0D
+=0D
+  The current possible table entries are for the kernel, the initrd=0D
+  and the cmdline:=0D
+=0D
+  4de79437-abd2-427f-b835-d5b172d2045b  kernel=0D
+  44baf731-3a2f-4bd7-9af1-41e29169781d  initrd=0D
+  97d02dd8-bd20-4c94-aa78-e7714d36ab2a  cmdline=0D
+=0D
+  The size of the entry is used to identify the hash, but the=0D
+  expectation is that it will be 32 bytes of SHA-256.=0D
+**/=0D
+=0D
+#define SEV_HASH_TABLE_GUID \=0D
+  (GUID) { 0x9438d606, 0x4f22, 0x4cc9, { 0xb4, 0x79, 0xa7, 0x93, 0xd4, 0x1=
1, 0xfd, 0x21 } }=0D
+#define SEV_KERNEL_HASH_GUID \=0D
+  (GUID) { 0x4de79437, 0xabd2, 0x427f, { 0xb8, 0x35, 0xd5, 0xb1, 0x72, 0xd=
2, 0x04, 0x5b } }=0D
+#define SEV_INITRD_HASH_GUID \=0D
+  (GUID) { 0x44baf731, 0x3a2f, 0x4bd7, { 0x9a, 0xf1, 0x41, 0xe2, 0x91, 0x6=
9, 0x78, 0x1d } }=0D
+#define SEV_CMDLINE_HASH_GUID \=0D
+  (GUID) { 0x97d02dd8, 0xbd20, 0x4c94, { 0xaa, 0x78, 0xe7, 0x71, 0x4d, 0x3=
6, 0xab, 0x2a } }=0D
+=0D
+EFI_STATUS=0D
+EFIAPI=0D
+ValidateHashEntry (=0D
+  IN CONST GUID *Guid,=0D
+  IN CONST VOID *Buf,=0D
+  UINT32 BufSize=0D
+);=0D
+=0D
+#endif=0D
diff --git a/OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c b/O=
vmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c
new file mode 100644
index 000000000000..9cb999ae8cad
--- /dev/null
+++ b/OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c
@@ -0,0 +1,126 @@
+/** @file=0D
+  SEV Hash finder library to locate the SEV encrypted hash table=0D
+=0D
+  Copyright (C) 2021 James Bottomley, IBM Corporation.=0D
+  SPDX-License-Identifier: BSD-2-Clause-Patent=0D
+**/=0D
+=0D
+#include <PiDxe.h>=0D
+#include <Library/BaseMemoryLib.h>=0D
+#include <Library/BaseCryptLib.h>=0D
+#include <Library/DebugLib.h>=0D
+#include <Library/SevHashFinderLib.h>=0D
+=0D
+#pragma pack (1)=0D
+typedef struct {=0D
+  GUID   Guid;=0D
+  UINT16 Len;=0D
+  UINT8  Data[];=0D
+} HASH_TABLE;=0D
+#pragma pack ()=0D
+=0D
+STATIC HASH_TABLE *mHashTable;=0D
+STATIC UINT16 mHashTableSize;=0D
+=0D
+EFI_STATUS=0D
+EFIAPI=0D
+ValidateHashEntry (=0D
+  IN CONST GUID *Guid,=0D
+  IN CONST VOID *Buf,=0D
+  UINT32 BufSize=0D
+  )=0D
+{=0D
+  INT32 Len;=0D
+  HASH_TABLE *Entry;=0D
+  UINT8 Hash[SHA256_DIGEST_SIZE];=0D
+=0D
+  if (mHashTable =3D=3D NULL || mHashTableSize =3D=3D 0) {=0D
+    DEBUG ((DEBUG_ERROR,=0D
+      "%a: Verifier Called but no hash table discoverd in MEMFD\n",=0D
+      __FUNCTION__));=0D
+    return EFI_ACCESS_DENIED;=0D
+  }=0D
+=0D
+  Sha256HashAll (Buf, BufSize, Hash);=0D
+=0D
+  for (Entry =3D mHashTable, Len =3D 0;=0D
+       Len < (INT32)mHashTableSize;=0D
+       Len +=3D Entry->Len,=0D
+       Entry =3D (HASH_TABLE *)((UINT8 *)Entry + Entry->Len)) {=0D
+    UINTN EntrySize;=0D
+    EFI_STATUS Status;=0D
+=0D
+    if (!CompareGuid (&Entry->Guid, Guid)) {=0D
+      continue;=0D
+    }=0D
+=0D
+    DEBUG ((DEBUG_INFO, "%a: Found GUID %g in table\n", __FUNCTION__, Guid=
));=0D
+=0D
+    //=0D
+    // Verify that the buffer's hash is identical to the hash table entry=
=0D
+    //=0D
+    EntrySize =3D Entry->Len - sizeof (Entry->Guid) - sizeof (Entry->Len);=
=0D
+    if (EntrySize !=3D SHA256_DIGEST_SIZE) {=0D
+      DEBUG ((DEBUG_ERROR, "%a: Hash has the wrong size %d !=3D %d\n",=0D
+        __FUNCTION__, EntrySize, SHA256_DIGEST_SIZE));=0D
+      return EFI_ACCESS_DENIED;=0D
+    }=0D
+    if (CompareMem (Entry->Data, Hash, EntrySize) =3D=3D 0) {=0D
+      Status =3D EFI_SUCCESS;=0D
+      DEBUG ((DEBUG_INFO, "%a: Hash Comparison succeeded\n", __FUNCTION__)=
);=0D
+    } else {=0D
+      Status =3D EFI_ACCESS_DENIED;=0D
+      DEBUG ((DEBUG_ERROR, "%a: Hash Comparison Failed\n", __FUNCTION__));=
=0D
+    }=0D
+    return Status;=0D
+  }=0D
+  DEBUG ((DEBUG_ERROR, "%a: Hash GUID %g not found in table\n", __FUNCTION=
__,=0D
+    Guid));=0D
+  return EFI_ACCESS_DENIED;=0D
+}=0D
+=0D
+/**=0D
+  Register security measurement handler.=0D
+=0D
+  This function always returns success, even if the table=0D
+  can't be found.  It only returns errors if an actual use=0D
+  is made of the non-existent table because that indicates it=0D
+  should have been present.=0D
+=0D
+  @param  ImageHandle   ImageHandle of the loaded driver.=0D
+  @param  SystemTable   Pointer to the EFI System Table.=0D
+=0D
+  @retval EFI_SUCCESS   The verifier tables were set up correctly=0D
+**/=0D
+EFI_STATUS=0D
+EFIAPI=0D
+SevHashFinderLibConstructor (=0D
+  IN EFI_HANDLE        ImageHandle,=0D
+  IN EFI_SYSTEM_TABLE  *SystemTable=0D
+  )=0D
+{=0D
+  HASH_TABLE *Ptr =3D (void *)FixedPcdGet64 (PcdQemuHashTableBase);=0D
+  UINT32 Size =3D FixedPcdGet32 (PcdQemuHashTableSize);=0D
+=0D
+  mHashTable =3D NULL;=0D
+  mHashTableSize =3D 0;=0D
+=0D
+  if (Ptr =3D=3D NULL || Size =3D=3D 0) {=0D
+    return EFI_SUCCESS;=0D
+  }=0D
+=0D
+  if (!CompareGuid (&Ptr->Guid, &SEV_HASH_TABLE_GUID)) {=0D
+    return EFI_SUCCESS;=0D
+  }=0D
+=0D
+  DEBUG ((DEBUG_INFO, "%a: found Injected Hash in secure location\n",=0D
+    __FUNCTION__));=0D
+=0D
+  mHashTable =3D (HASH_TABLE *)Ptr->Data;=0D
+  mHashTableSize =3D Ptr->Len - sizeof (Ptr->Guid) - sizeof (Ptr->Len);=0D
+=0D
+  DEBUG ((DEBUG_INFO, "%a: Ptr=3D%p, Size=3D%d\n", __FUNCTION__, mHashTabl=
e,=0D
+    mHashTableSize));=0D
+=0D
+  return EFI_SUCCESS;=0D
+}=0D
--=20
2.25.1