From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web10.13668.1674914336767550554 for ; Sat, 28 Jan 2023 05:59:25 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=jMAhuqvE; spf=pass (domain: intel.com, ip: 134.134.136.31, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1674914365; x=1706450365; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=kBrhQ4z5b84NNapHXsKKq/MWXV8vgvFVtDmkXLE7cS8=; b=jMAhuqvElCBD3PuErzjl2fo4BZ2eNjISPfh2LL5VMPoAYn5mn0KTUN9l nhhmyLm/3wnX+7FgB8fZx6qAgGDojuiQLNGdcyG+l4+CRCq7rj+5vDKlS N3INs16nFMod4nV9G1aHQpj8CpFnKjvMI2NutmPBp8HwC5nAzFeyNml2n tst3+2TXgKMVVwNA+lbT5gHyg0tFyEG1LcyiG6I3W+2xgtP0EGCRgCUgy t4VnXWAwBgmkLUipKBqqWv8ldXXAwdXEsooFCKOivIa1NTNDcqHpagfbv G+t1iuUrOq4GU9SASP65yA22sJE3GCIEKSzDv/HKwEuLmmA2rriXVEVmc Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10604"; a="389670839" X-IronPort-AV: E=Sophos;i="5.97,254,1669104000"; d="scan'208";a="389670839" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Jan 2023 05:59:25 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10604"; a="787512719" X-IronPort-AV: E=Sophos;i="5.97,254,1669104000"; d="scan'208";a="787512719" Received: from mxu9-mobl1.ccr.corp.intel.com ([10.255.31.196]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Jan 2023 05:59:22 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min M Xu , Erdem Aktas , James Bottomley , Jiewen Yao , Gerd Hoffmann , Tom Lendacky , Michael Roth Subject: [PATCH V5 11/13] OvmfPkg/OvmfPkgX64: Measure TdHob and Configuration FV in SecMain Date: Sat, 28 Jan 2023 21:58:40 +0800 Message-Id: <20230128135842.980-12-min.m.xu@intel.com> X-Mailer: git-send-email 2.29.2.windows.2 In-Reply-To: <20230128135842.980-1-min.m.xu@intel.com> References: <20230128135842.980-1-min.m.xu@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Min M Xu BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243 TdHob and Configuration FV (Cfv) are external inputs from VMM. From the security perspective, they should be measured before they're consumed. This patch measures TdHob and Cfv and stores the measurement values in WorkArea. Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Gerd Hoffmann Cc: Tom Lendacky Cc: Michael Roth Signed-off-by: Min Xu --- OvmfPkg/Sec/SecMain.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c index a27dc9406b70..4bb3b641701e 100644 --- a/OvmfPkg/Sec/SecMain.c +++ b/OvmfPkg/Sec/SecMain.c @@ -760,6 +760,19 @@ SecCoreStartupWithStack ( #if defined (TDX_GUEST_SUPPORTED) if (CcProbe () == CcGuestTypeIntelTdx) { + // + // From the security perspective all the external input should be measured before + // it is consumed. TdHob and Configuration FV (Cfv) image are passed from VMM + // and should be measured here. + // + if (EFI_ERROR (TdxHelperMeasureTdHob ())) { + CpuDeadLoop (); + } + + if (EFI_ERROR (TdxHelperMeasureCfvImage ())) { + CpuDeadLoop (); + } + // // For Td guests, the memory map info is in TdHobLib. It should be processed // first so that the memory is accepted. Otherwise access to the unaccepted -- 2.29.2.windows.2