From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
 by mx.groups.io with SMTP id smtpd.web10.5700.1663763231200700755
 for <devel@edk2.groups.io>;
 Wed, 21 Sep 2022 05:27:11 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=DyUV/e1S;
 spf=pass (domain: redhat.com, ip: 170.10.129.124, mailfrom: kraxel@redhat.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1663763229;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=uild1zrOGAqYc2KPqS7im1gtDkD1grRmgiaVjr66+ao=;
	b=DyUV/e1SvTMqmhig4Hd+0QpBpSt8vU37YEB+l3c1C3XvhLNwKafpy5s9AMVVrlQVgrikqd
	pijxKSudSte6Amir3D8NNQ0i6Mi4fjyCbowTJ/35MTkRSe8h54ShdziclP+Gz6th7AWlDe
	c9WHiBbJjiXVhgbeTY6FTlMB+urqo4U=
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-257-6IDwZSJ7MQiZVrGQsd6k1Q-1; Wed, 21 Sep 2022 08:27:08 -0400
X-MC-Unique: 6IDwZSJ7MQiZVrGQsd6k1Q-1
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E199B3C0F672;
	Wed, 21 Sep 2022 12:27:07 +0000 (UTC)
Received: from sirius.home.kraxel.org (unknown [10.39.192.24])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id ADFC12024CC8;
	Wed, 21 Sep 2022 12:27:07 +0000 (UTC)
Received: by sirius.home.kraxel.org (Postfix, from userid 1000)
	id 1809F1800081; Wed, 21 Sep 2022 14:27:06 +0200 (CEST)
Date: Wed, 21 Sep 2022 14:27:06 +0200
From: "Gerd Hoffmann" <kraxel@redhat.com>
To: "Lu, Ken" <ken.lu@intel.com>
Cc: Ard Biesheuvel <ardb@kernel.org>, "Xu, Min M" <min.m.xu@intel.com>,
	Daniel Kiper <daniel.kiper@oracle.com>,
	"devel@edk2.groups.io" <devel@edk2.groups.io>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	"Aktas, Erdem" <erdemaktas@google.com>,
	James Bottomley <jejb@linux.ibm.com>,
	"Yao, Jiewen" <jiewen.yao@intel.com>
Subject: Re: [edk2-devel] measurement to command-line/initrd for loading kernel via -kernel option
Message-ID: <20220921122706.itqekzbwmjt6brns@sirius.home.kraxel.org>
References: <CAMj1kXEVvOWPdVr6VrsCGR1LnVBZvepLcVOpBXqS6zGj-h23Qw@mail.gmail.com>
 <PH0PR11MB50640586CDB43B707746038BC54D9@PH0PR11MB5064.namprd11.prod.outlook.com>
 <CAMj1kXG7OSn9ypnN4tZGPH-RhqCBZjYNy6xZ2XU2Bvpnq+0X+A@mail.gmail.com>
 <DM6PR11MB3674766FF339E5C4E3BB1551984C9@DM6PR11MB3674.namprd11.prod.outlook.com>
 <20220920132027.y4yz4ugghpilqplx@sirius.home.kraxel.org>
 <DM6PR11MB3674A579D2F63A8A26F4E1F1984C9@DM6PR11MB3674.namprd11.prod.outlook.com>
 <20220920141823.byhnbirfnl777jql@sirius.home.kraxel.org>
 <DM6PR11MB36749B88FC1F1B8413413861984C9@DM6PR11MB3674.namprd11.prod.outlook.com>
 <20220921071409.5oziya6kcfvkkkp7@sirius.home.kraxel.org>
 <BN8PR11MB3666B670948C83356604869A984F9@BN8PR11MB3666.namprd11.prod.outlook.com>
MIME-Version: 1.0
In-Reply-To: <BN8PR11MB3666B670948C83356604869A984F9@BN8PR11MB3666.namprd11.prod.outlook.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Wed, Sep 21, 2022 at 11:24:11AM +0000, Lu, Ken wrote:
> > 
> > > But either in GenericQemuLoadImageLib, it can do measurement for
> > command line and initrd, correct?
> > 
> > Yes, it could.  But why given that the linux kernel efi stub measures anyway?

> If the final decision is the measurement should be done by efi stub in
> Linux kernel.

The reference should be the workflow when you boot linux from efi shell
or using a BootNNNN entry.  Which I think is:

  (1) linux kernel is loaded + measured via Loadimage().
  (2) linux kernel is started via efi stub entry point.
  (3) linux kernel efi stub loads and measures the initrd.

Not fully sure about the command line measurement, IIRC Ard described
that in one of the replies.

> Do we also need remove today's measurement in Grub (I
> have submitted some patch for TDX in grub...)?

Those patches are perfectly fine, tpm measurement and tdx measurement
should be consistent.  In case the grub measurement workflow needs
changes to avoid double measurements (not sure this is actually the
case) those changes should apply to both tpm and tdx.

> According to Bottomley, the same measurement should not be done twice.

Yes, this is the way it should be, although the current state of affairs
is a bit messy and I think we are a bit away from that ideal.

> Or only the one who use GenericQemuLoadImageLib, will give the Linux
> kernel efi stub for measure?

I think we don't have to do anything special in GenericQemuLoadImageLib
because the lib uses Loadimage() which should handle measurement.

take care,
  Gerd