From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.10555.1675328609124826651 for ; Thu, 02 Feb 2023 01:03:29 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=LiXBZEPW; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1675328609; x=1706864609; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=NBu8xIaAhAgVvhjvyrTzV6Ws6xsgO7kbiKKJ2LHCf38=; b=LiXBZEPWopCLI8vuW37ITzJM8GFSrcNSAW2PqCgicyC4GxBLMshYLZew dcs3LHBFUxFyKrbk14tAhEnbwKLZg7oDy2apRx0LDTKIwDxyE8tMstq2N ePJ7uAAL6QMn9sydA9zPROP96U6/W0a4J8G1jFusVh2Jj/k8A9QbR32Hf KEucoKnK6tVheDQzcPsk8Wx3leoy/chDyL0bKZESjvW2adhUPmbU2DYLE u7OEBN/mSd5FelA0f6yVSwwQ1iZR/WHCV/yDJQhksz4qXuJ9DJ3gGq6Vj 8Lx2QSVVznrhrjL8KsGlOWIWi+KgKkg8C16LGFymO8nSCRV+1HgpPC1AR A==; X-IronPort-AV: E=McAfee;i="6500,9779,10608"; a="328412366" X-IronPort-AV: E=Sophos;i="5.97,267,1669104000"; d="scan'208";a="328412366" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Feb 2023 01:03:28 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10608"; a="667223085" X-IronPort-AV: E=Sophos;i="5.97,267,1669104000"; d="scan'208";a="667223085" Received: from mxu9-mobl1.ccr.corp.intel.com ([10.254.209.2]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Feb 2023 01:03:26 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min M Xu , Erdem Aktas , James Bottomley , Jiewen Yao , Gerd Hoffmann , Tom Lendacky , Michael Roth Subject: [PATCH V3 1/1] OvmfPkg/AcpiPlatformDxe: Measure ACPI table from QEMU in TDVF Date: Thu, 2 Feb 2023 17:03:14 +0800 Message-Id: <20230202090314.336-1-min.m.xu@intel.com> X-Mailer: git-send-email 2.29.2.windows.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Min M Xu https://bugzilla.tianocore.org/show_bug.cgi?id=4245 QEMU provides the following three files for guest to install the ACPI tables: - etc/acpi/rsdp - etc/acpi/tables - etc/table-loader "etc/acpi/rsdp" and "etc/acpi/tables" are similar, they are only kept separate because they have different allocation requirements in SeaBIOS. Both of these fw_cfg files contain preformatted ACPI payload. "etc/acpi/rsdp" contains only the RSDP table, while "etc/acpi/tables" contains all other tables, concatenated. To be noted, the tables in these two files have been filled in by qemu, but two kinds of fields are incomplete: pointers to other tables and checksums (which depend on the pointers). "/etc/table-loader" is a linker/loader which provides the commands to "patch" the tables in "etc/acpi/tables" and then install them. "Patch" means to fill the pointers and compute the checksum. >>From the security perspective these 3 files are the raw data downloaded from qemu. They should be measured and extended before they're consumed. Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Gerd Hoffmann Cc: Tom Lendacky Cc: Michael Roth Signed-off-by: Min Xu --- OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf | 1 + OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c | 32 +++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf b/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf index 8939dde42549..3fd0483b50eb 100644 --- a/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf +++ b/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf @@ -46,6 +46,7 @@ UefiBootServicesTableLib UefiDriverEntryPoint HobLib + TpmMeasurementLib [Protocols] gEfiAcpiTableProtocolGuid # PROTOCOL ALWAYS_CONSUMED diff --git a/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c b/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c index f0d81d6fd73d..68abc34f2280 100644 --- a/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c +++ b/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c @@ -10,6 +10,7 @@ #include // EFI_ACPI_DESCRIPTION_HEADER #include // QEMU_LOADER_FNAME_SIZE +#include #include // AsciiStrCmp() #include // CopyMem() #include // DEBUG() @@ -18,6 +19,7 @@ #include // QemuFwCfgFindFile() #include // QemuFwCfgS3Enabled() #include // gBS +#include #include "AcpiPlatform.h" @@ -415,6 +417,21 @@ ProcessCmdAllocate ( (UINT64)Blob->Size, (UINT64)(UINTN)Blob->Base )); + + // + // Measure the data which is downloaded from QEMU. + // It has to be done before it is consumed. Because the data will + // be updated in the following operations. + // + TpmMeasureAndLogData ( + 1, + EV_PLATFORM_CONFIG_FLAGS, + EV_POSTCODE_INFO_ACPI_DATA, + ACPI_DATA_LEN, + (VOID *)(UINTN)Blob->Base, + Blob->Size + ); + return EFI_SUCCESS; FreeBlob: @@ -1126,6 +1143,21 @@ InstallQemuFwCfgTables ( QemuFwCfgSelectItem (FwCfgItem); QemuFwCfgReadBytes (FwCfgSize, LoaderStart); RestorePciDecoding (OriginalPciAttributes, OriginalPciAttributesCount); + + // + // Measure the "etc/table-loader" which is downloaded from QEMU. + // It has to be done before it is consumed. Because it would be + // updated in the following operations. + // + TpmMeasureAndLogData ( + 1, + EV_PLATFORM_CONFIG_FLAGS, + EV_POSTCODE_INFO_ACPI_DATA, + ACPI_DATA_LEN, + (VOID *)(UINTN)LoaderStart, + FwCfgSize + ); + LoaderEnd = LoaderStart + FwCfgSize / sizeof *LoaderEntry; AllocationsRestrictedTo32Bit = NULL; -- 2.29.2.windows.2