From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1])
 by mx.groups.io with SMTP id smtpd.web12.5679.1621920690260977132
 for <devel@edk2.groups.io>;
 Mon, 24 May 2021 22:31:30 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@ibm.com header.s=pp1 header.b=sU1oCzR4;
 spf=pass (domain: linux.ibm.com, ip: 148.163.156.1, mailfrom: dovmurik@linux.ibm.com)
Received: from pps.filterd (m0187473.ppops.net [127.0.0.1])
	by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14P57uol098564;
	Tue, 25 May 2021 01:31:28 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject
 : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding; s=pp1;
 bh=vDjFtHJNlh700cWr9U3oDuBI2IsuMjDDZo5x9x7Zeqg=;
 b=sU1oCzR4hWR56GJmR3iyJQG6+zjVup3p0MetlLNvl1drzcpEK+kEccfsX+uqmpraKuDN
 W9/1gj6VhISQi/fxonwsR8PlDXAsB02QoFOymBqTOZKR+wC+8bj22xveU4P5fEWvvFWH
 i57SwtnCZd7vKdtkO5t4AjrO8DJyQYs7EGCBFU2pYCqXphot3wvv20s9tMHFl0B/cwJ9
 cKK5w0hUmQckXIq0OoHYl4DJ4GIQHELSu9qBqiKrahc9anWRy2EPqWY7DJXSpw//Ycpt
 I8dxPtYfvWwctpDHL8Kiyl1RIQLbRoeDIY8DDLnFzXNfOs1eC/YxFBrTJu+PJEWttTtL gA== 
Received: from pps.reinject (localhost [127.0.0.1])
	by mx0a-001b2d01.pphosted.com with ESMTP id 38rt5asfx1-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Tue, 25 May 2021 01:31:28 -0400
Received: from m0187473.ppops.net (m0187473.ppops.net [127.0.0.1])
	by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14P583It099387;
	Tue, 25 May 2021 01:31:27 -0400
Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131])
	by mx0a-001b2d01.pphosted.com with ESMTP id 38rt5asfwj-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Tue, 25 May 2021 01:31:27 -0400
Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1])
	by ppma01dal.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14P5S03n019752;
	Tue, 25 May 2021 05:31:26 GMT
Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23])
	by ppma01dal.us.ibm.com with ESMTP id 38psk91gm3-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Tue, 25 May 2021 05:31:26 +0000
Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106])
	by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14P5VPEL29950340
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Tue, 25 May 2021 05:31:25 GMT
Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 09F092805A;
	Tue, 25 May 2021 05:31:25 +0000 (GMT)
Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id BA93228059;
	Tue, 25 May 2021 05:31:24 +0000 (GMT)
Received: from localhost.localdomain (unknown [9.2.130.16])
	by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP;
	Tue, 25 May 2021 05:31:24 +0000 (GMT)
From: Dov Murik <dovmurik@linux.ibm.com>
To: devel@edk2.groups.io
Cc: Dov Murik <dovmurik@linux.ibm.com>,
        Tobin Feldman-Fitzthum <tobin@linux.ibm.com>,
        Tobin Feldman-Fitzthum <tobin@ibm.com>, Jim Cadden <jcadden@ibm.com>,
        James Bottomley <jejb@linux.ibm.com>,
        Hubertus Franke <frankeh@us.ibm.com>, Laszlo Ersek <lersek@redhat.com>,
        Ard Biesheuvel <ardb+tianocore@kernel.org>,
        Jordan Justen <jordan.l.justen@intel.com>,
        Ashish Kalra <ashish.kalra@amd.com>,
        Brijesh Singh <brijesh.singh@amd.com>,
        Erdem Aktas <erdemaktas@google.com>, Jiewen Yao <jiewen.yao@intel.com>,
        Min Xu <min.m.xu@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>
Subject: [PATCH v1 7/8] OvmfPkg: GenericQemuLoadImageLib: Allow verifying fw_cfg command line
Date: Tue, 25 May 2021 05:31:15 +0000
Message-Id: <20210525053116.1533673-8-dovmurik@linux.ibm.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20210525053116.1533673-1-dovmurik@linux.ibm.com>
References: <20210525053116.1533673-1-dovmurik@linux.ibm.com>
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-Proofpoint-ORIG-GUID: 2nC5U7zhfjnRxaB8vTe2zSlM4XR0U7ul
X-Proofpoint-GUID: 1s23Vl4yTy_VGWn3nPD1hSLAiRK5dxQj
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.761
 definitions=2021-05-25_02:2021-05-24,2021-05-25 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 bulkscore=0
 phishscore=0 impostorscore=0 lowpriorityscore=0 spamscore=0 malwarescore=0
 priorityscore=1501 clxscore=1015 suspectscore=0 adultscore=0 mlxscore=0
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000
 definitions=main-2105250034
Content-Transfer-Encoding: quoted-printable

From: James Bottomley <jejb@linux.ibm.com>

Add optional hook which calls a verifier with the content of the fw_cfg
command line.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ashish Kalra <ashish.kalra@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: James Bottomley <jejb@linux.ibm.com>
---
 OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c | 29 +++=
+++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLi=
b.c b/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c
index 114db7e8441f..d3067dae1425 100644
--- a/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c
+++ b/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c
@@ -51,6 +51,28 @@ STATIC CONST KERNEL_VENMEDIA_FILE_DEVPATH mKernelDeviceP=
ath =3D {
   }=0D
 };=0D
 =0D
+STATIC FW_CFG_VERIFIER mVerifier =3D NULL;=0D
+=0D
+/**=0D
+  Register a verifier for the Firmware Configuration Filesystem to use=0D
+=0D
+  @param[in]  Verifier     The verifier to register=0D
+=0D
+  @retval EFI_SUCCESS      The verifier was successfully registered=0D
+**/=0D
+EFI_STATUS=0D
+EFIAPI=0D
+RegisterFwCfgVerifier (=0D
+  IN FW_CFG_VERIFIER    Verifier=0D
+  )=0D
+{=0D
+  if (mVerifier !=3D NULL) {=0D
+    return EFI_OUT_OF_RESOURCES;=0D
+  }=0D
+  mVerifier =3D Verifier;=0D
+  return EFI_SUCCESS;=0D
+}=0D
+=0D
 /**=0D
   Download the kernel, the initial ramdisk, and the kernel command line fr=
om=0D
   QEMU's fw_cfg. The kernel will be instructed via its command line to loa=
d=0D
@@ -149,6 +171,13 @@ QemuLoadKernelImage (
       goto FreeCommandLine;=0D
     }=0D
 =0D
+    if (mVerifier !=3D NULL) {=0D
+      Status =3D mVerifier (NULL, CommandLine, CommandLineSize);=0D
+      if (EFI_ERROR (Status)) {=0D
+        goto FreeCommandLine;=0D
+      }=0D
+    }=0D
+=0D
     //=0D
     // Drop the terminating NUL, convert to UTF-16.=0D
     //=0D
--=20
2.25.1