From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web10.2968.1675395156718188401 for ; Thu, 02 Feb 2023 19:32:58 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=NMPKOWap; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1675395178; x=1706931178; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=KQSpRMQRq1WFEUF3+2O7jnk37kyXagfHyAaG6y+E7eI=; b=NMPKOWapCoXbUiXa7UMbpSrQIA8vcqjokxvoGmQCEtK5qbJjl8wy0O88 MwhvbMBZfwo4ZScsVLxRCpUKocaxnbVHxJQYdGt6UwrnjSERNQWiY1fHX 2EPCzEDskw9wFi8gC7ZODTgmZ3ga+xq4v8xqsOwNV/qSrWQglkNHy0LXR b2B6eTQ+ZszmImbauXivsf1vvVSEGtr64Hlw5hsSpEky4EuA89Ty4xyZt AnEgcvdjkYrP1OAOF/tTD4PE0GLv9kj9Az2abgO2zFSWgEnhJLuUfmbWK J4syWV6AldX19Ix/GdyiTc+dfBQIeZqhbrnOsodxvHAtoL6RzLFVTF72y Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10609"; a="328662908" X-IronPort-AV: E=Sophos;i="5.97,269,1669104000"; d="scan'208";a="328662908" Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Feb 2023 19:32:57 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10609"; a="911003832" X-IronPort-AV: E=Sophos;i="5.97,269,1669104000"; d="scan'208";a="911003832" Received: from mxu9-mobl1.ccr.corp.intel.com ([10.254.208.128]) by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Feb 2023 19:32:55 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min M Xu , Erdem Aktas , James Bottomley , Jiewen Yao , Gerd Hoffmann , Tom Lendacky , Michael Roth Subject: [PATCH V6 10/12] OvmfPkg/OvmfPkgX64: Measure TdHob and Configuration FV in SecMain Date: Fri, 3 Feb 2023 11:31:45 +0800 Message-Id: <20230203033147.1332-11-min.m.xu@intel.com> X-Mailer: git-send-email 2.29.2.windows.2 In-Reply-To: <20230203033147.1332-1-min.m.xu@intel.com> References: <20230203033147.1332-1-min.m.xu@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Min M Xu BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243 TdHob and Configuration FV (Cfv) are external inputs from VMM. From the security perspective, they should be measured before they're consumed. This patch measures TdHob and Cfv and stores the measurement values in WorkArea. Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Gerd Hoffmann Cc: Tom Lendacky Cc: Michael Roth Acked-by: Gerd Hoffmann Reviewed-by: Jiewen Yao Signed-off-by: Min Xu --- OvmfPkg/Sec/SecMain.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c index a27dc9406b70..4bb3b641701e 100644 --- a/OvmfPkg/Sec/SecMain.c +++ b/OvmfPkg/Sec/SecMain.c @@ -760,6 +760,19 @@ SecCoreStartupWithStack ( #if defined (TDX_GUEST_SUPPORTED) if (CcProbe () == CcGuestTypeIntelTdx) { + // + // From the security perspective all the external input should be measured before + // it is consumed. TdHob and Configuration FV (Cfv) image are passed from VMM + // and should be measured here. + // + if (EFI_ERROR (TdxHelperMeasureTdHob ())) { + CpuDeadLoop (); + } + + if (EFI_ERROR (TdxHelperMeasureCfvImage ())) { + CpuDeadLoop (); + } + // // For Td guests, the memory map info is in TdHobLib. It should be processed // first so that the memory is accepted. Otherwise access to the unaccepted -- 2.29.2.windows.2