From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mx.groups.io with SMTP id smtpd.web11.10581.1675328732468027135 for ; Thu, 02 Feb 2023 01:05:32 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=MRzF+vz5; spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1675328732; x=1706864732; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=8QeS7SDF6gnbY5B0hceLdXDHDr3dxjI6ggtGvfDUoI8=; b=MRzF+vz5ZPm4OcgKD1XK+0M2FOkql9Ds9mlIdO44r/vlxp5Pz1ORWfCV WZtiQp8Z0pSjdfBLhcV7bMd7U9jmCX59uN81J57cCLurF6U0pwHkrcgbh d8BiAMtQG82cZ9sR3hiYXCjDlq+ca+iJbc4N/vzCPn4JoMobjR6jpAq4J Kl4Yg1WgzV/zqzfH7mhB70fkK+oX8r/v3IOgRBThnNekgf9VVRXkgmjnd xjj0GKWXxZcEGwsP3vuF3r3VbRY2C5eKbzpAq1FmJGaueAnxhdqUSZzSC d95vh2U6gigvLXggcQ+CvAVuPwzNABcGc6pJvBXutJKcXrazS8gACZEVb A==; X-IronPort-AV: E=McAfee;i="6500,9779,10608"; a="326094210" X-IronPort-AV: E=Sophos;i="5.97,267,1669104000"; d="scan'208";a="326094210" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Feb 2023 01:05:31 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10608"; a="789207132" X-IronPort-AV: E=Sophos;i="5.97,267,1669104000"; d="scan'208";a="789207132" Received: from mxu9-mobl1.ccr.corp.intel.com ([10.254.209.2]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Feb 2023 01:05:29 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min M Xu , Jiewen Yao , Jian J Wang Subject: [PATCH V1 1/1] SecurityPkg/TdTcg2Dxe: td-guest shall halt when CcMeasurement install fail Date: Thu, 2 Feb 2023 17:04:14 +0800 Message-Id: <20230202090414.20-1-min.m.xu@intel.com> X-Mailer: git-send-email 2.29.2.windows.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Min M Xu BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4335 CcMeasurement protocol is installed when it is supported in a td-guest. If the installation of the protocol failed, the guest shall go into CpuDeadLoop. Because the measurement feature is crucial to a td-guest and it shall stop running immediately at this situation. Cc: Jiewen Yao Cc: Jian J Wang Signed-off-by: Min Xu --- SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c index 59341a8c0250..b34da724ac42 100644 --- a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c +++ b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c @@ -2510,6 +2510,12 @@ DriverEntry ( // // Create event callback to install CC EventLog ACPI Table EfiCreateProtocolNotifyEvent (&gEfiAcpiTableProtocolGuid, TPL_CALLBACK, InstallAcpiTable, NULL, &Registration); + } else { + // + // Cc measurement feature is crucial to a td-guest and it shall stop running immediately + // when it is failed to be installed. + DEBUG ((DEBUG_ERROR, "%a: CcMeasurement protocol failed to be installed - %r\n", __FUNCTION__, Status)); + CpuDeadLoop (); } return Status; -- 2.29.2.windows.2