From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id AE64A7803CF for ; Fri, 22 Mar 2024 14:27:48 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=maBo38KbnvmumEWm+kwDutWPt1mf6tmx9vuOcklNJfc=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type; s=20240206; t=1711117667; v=1; b=Cgmpk2sd+M8KQKHropYlkYY30e/i0JciRctUMrExUy98nj1mxE2zt3uN6NS8jNPl34snrJYJ QafwawAiyqrPq7f6lIvy4fqFFgO1enQZqAHsgrhfoLD9H2R8HuD9y5e6JHitqG1cAZuP5ij87r+ cKIFp79l4r18fwgnHY6zp49pC6yJ3+Xob1THz2CGLDOrxvANJjBKY0/acRyuuQsp+VdLYO3nBGO plaxEHHrhzwhYcbEwBNidEwpVoLzb8DWUbEOmH0qQ9qv3tPotPecKMLBGRjvlRyp9fAqB3ACAUQ SjzrWxsBYIlNZ9ADaJLwfBAilvG38rsybJvZuMDnBiuoQ== X-Received: by 127.0.0.2 with SMTP id XLBkYY7687511xWdQxsJ1riD; Fri, 22 Mar 2024 07:27:47 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web10.14492.1711117666720780491 for ; Fri, 22 Mar 2024 07:27:46 -0700 X-Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-256-3m1IGQoUOESPXnAYSjjv3g-1; Fri, 22 Mar 2024 10:27:42 -0400 X-MC-Unique: 3m1IGQoUOESPXnAYSjjv3g-1 X-Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 640B81C07F25; Fri, 22 Mar 2024 14:27:42 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.192.134]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4B6CFC37A85; Fri, 22 Mar 2024 14:27:41 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 0908E1801A91; Fri, 22 Mar 2024 15:27:36 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Oliver Steffen , Konstantin Kostiuk , Ard Biesheuvel , Jiewen Yao , Gerd Hoffmann Subject: [edk2-devel] [PATCH 1/4] OvmfPkg: Add VirtHstiDxe driver Date: Fri, 22 Mar 2024 15:27:32 +0100 Message-ID: <20240322142735.1749388-2-kraxel@redhat.com> In-Reply-To: <20240322142735.1749388-1-kraxel@redhat.com> References: <20240322142735.1749388-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 22 Mar 2024 07:27:46 -0700 Reply-To: devel@edk2.groups.io,kraxel@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: rlC7Ug1mnUIBpLBhT8f0KS8Xx7686176AA= Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII"; x-default=true X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=Cgmpk2sd; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io From: Konstantin Kostiuk The driver supports qemu machine types 'pc' and 'q35'. This patch adds some helper functions to manage the bitmasks. The implemented features depend on both OVMF build configuration and qemu VM configuration. For q35 a single security feature is supported and checked: In SMM-enabled builds the driver will verify smram is properly locked. That test should never fail. Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Konstantin Kostiuk Initial-patch-by: Konstantin Kostiuk Signed-off-by: Gerd Hoffmann --- OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf | 50 ++++++++ OvmfPkg/VirtHstiDxe/VirtHstiDxe.h | 67 +++++++++++ OvmfPkg/VirtHstiDxe/QemuPC.c | 38 +++++++ OvmfPkg/VirtHstiDxe/QemuQ35.c | 58 ++++++++++ OvmfPkg/VirtHstiDxe/VirtHstiDxe.c | 169 ++++++++++++++++++++++++++++ 5 files changed, 382 insertions(+) create mode 100644 OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf create mode 100644 OvmfPkg/VirtHstiDxe/VirtHstiDxe.h create mode 100644 OvmfPkg/VirtHstiDxe/QemuPC.c create mode 100644 OvmfPkg/VirtHstiDxe/QemuQ35.c create mode 100644 OvmfPkg/VirtHstiDxe/VirtHstiDxe.c diff --git a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf new file mode 100644 index 000000000000..8c63ff6a8953 --- /dev/null +++ b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf @@ -0,0 +1,50 @@ +## @file +# Component description file for Virt Hsti Driver +# +# Copyright (c) 2017, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation.
+# Copyright (c) 2024, Red Hat. Inc +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = VirtHstiDxe + FILE_GUID = 60740CF3-D428-4500-80E6-04A5798241ED + MODULE_TYPE = DXE_DRIVER + VERSION_STRING = 1.0 + ENTRY_POINT = VirtHstiDxeEntrypoint + +[Sources] + VirtHstiDxe.h + VirtHstiDxe.c + QemuPC.c + QemuQ35.c + +[Packages] + MdePkg/MdePkg.dec + OvmfPkg/OvmfPkg.dec + +[LibraryClasses] + UefiDriverEntryPoint + UefiLib + BaseLib + BaseMemoryLib + MemoryAllocationLib + DebugLib + HobLib + HstiLib + PcdLib + PciLib + UefiBootServicesTableLib + +[Guids] + gUefiOvmfPkgPlatformInfoGuid + +[FeaturePcd] + gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire + +[Depex] + TRUE diff --git a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.h b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.h new file mode 100644 index 000000000000..26109bf322e9 --- /dev/null +++ b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.h @@ -0,0 +1,67 @@ +/** @file + +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#define VIRT_HSTI_SECURITY_FEATURE_SIZE 2 + +#define VIRT_HSTI_BYTE0_Q35_SMM_SMRAM_LOCK BIT0 + +typedef struct { + // ADAPTER_INFO_PLATFORM_SECURITY + UINT32 Version; + UINT32 Role; + CHAR16 ImplementationID[256]; + UINT32 SecurityFeaturesSize; + // bitfields + UINT8 SecurityFeaturesRequired[VIRT_HSTI_SECURITY_FEATURE_SIZE]; + UINT8 SecurityFeaturesImplemented[VIRT_HSTI_SECURITY_FEATURE_SIZE]; + UINT8 SecurityFeaturesVerified[VIRT_HSTI_SECURITY_FEATURE_SIZE]; + CHAR16 ErrorString[1]; +} VIRT_ADAPTER_INFO_PLATFORM_SECURITY; + +VOID +VirtHstiSetSupported ( + VIRT_ADAPTER_INFO_PLATFORM_SECURITY *VirtHsti, + IN UINT32 ByteIndex, + IN UINT8 BitMask + ); + +BOOLEAN +VirtHstiIsSupported ( + VIRT_ADAPTER_INFO_PLATFORM_SECURITY *VirtHsti, + IN UINT32 ByteIndex, + IN UINT8 BitMask + ); + +VOID +VirtHstiTestResult ( + CHAR16 *ErrorMsg, + IN UINT32 ByteIndex, + IN UINT8 BitMask + ); + +/* QemuQ35.c */ + +VIRT_ADAPTER_INFO_PLATFORM_SECURITY * +VirtHstiQemuQ35Init ( + VOID + ); + +VOID +VirtHstiQemuQ35Verify ( + VOID + ); + +/* QemuPC.c */ + +VIRT_ADAPTER_INFO_PLATFORM_SECURITY * +VirtHstiQemuPCInit ( + VOID + ); + +VOID +VirtHstiQemuPCVerify ( + VOID + ); diff --git a/OvmfPkg/VirtHstiDxe/QemuPC.c b/OvmfPkg/VirtHstiDxe/QemuPC.c new file mode 100644 index 000000000000..aa0459e8b6c6 --- /dev/null +++ b/OvmfPkg/VirtHstiDxe/QemuPC.c @@ -0,0 +1,38 @@ +/** @file + +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include + +#include +#include + +#include "VirtHstiDxe.h" + +STATIC VIRT_ADAPTER_INFO_PLATFORM_SECURITY mHstiPC = { + PLATFORM_SECURITY_VERSION_VNEXTCS, + PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE, + { L"OVMF (Qemu PC)" }, + VIRT_HSTI_SECURITY_FEATURE_SIZE, +}; + +VIRT_ADAPTER_INFO_PLATFORM_SECURITY * +VirtHstiQemuPCInit ( + VOID + ) +{ + return &mHstiPC; +} + +VOID +VirtHstiQemuPCVerify ( + VOID + ) +{ +} diff --git a/OvmfPkg/VirtHstiDxe/QemuQ35.c b/OvmfPkg/VirtHstiDxe/QemuQ35.c new file mode 100644 index 000000000000..75e9731b4a52 --- /dev/null +++ b/OvmfPkg/VirtHstiDxe/QemuQ35.c @@ -0,0 +1,58 @@ +/** @file + +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include + +#include +#include + +#include "VirtHstiDxe.h" + +STATIC VIRT_ADAPTER_INFO_PLATFORM_SECURITY mHstiQ35 = { + PLATFORM_SECURITY_VERSION_VNEXTCS, + PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE, + { L"OVMF (Qemu Q35)" }, + VIRT_HSTI_SECURITY_FEATURE_SIZE, +}; + +VIRT_ADAPTER_INFO_PLATFORM_SECURITY * +VirtHstiQemuQ35Init ( + VOID + ) +{ + if (FeaturePcdGet (PcdSmmSmramRequire)) { + VirtHstiSetSupported (&mHstiQ35, 0, VIRT_HSTI_BYTE0_Q35_SMM_SMRAM_LOCK); + } + + return &mHstiQ35; +} + +VOID +VirtHstiQemuQ35Verify ( + VOID + ) +{ + if (VirtHstiIsSupported (&mHstiQ35, 0, VIRT_HSTI_BYTE0_Q35_SMM_SMRAM_LOCK)) { + CHAR16 *ErrorMsg = NULL; + UINT8 SmramVal; + UINT8 EsmramcVal; + + SmramVal = PciRead8 (DRAMC_REGISTER_Q35 (MCH_SMRAM)); + EsmramcVal = PciRead8 (DRAMC_REGISTER_Q35 (MCH_ESMRAMC)); + + if (!(EsmramcVal & MCH_ESMRAMC_T_EN)) { + ErrorMsg = L"q35 smram access is open"; + } else if (!(SmramVal & MCH_SMRAM_D_LCK)) { + ErrorMsg = L"q35 smram config is not locked"; + } + + VirtHstiTestResult (ErrorMsg, 0, VIRT_HSTI_BYTE0_Q35_SMM_SMRAM_LOCK); + } +} diff --git a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c new file mode 100644 index 000000000000..74e5e6bd9d4f --- /dev/null +++ b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c @@ -0,0 +1,169 @@ +/** @file + This file contains DXE driver for publishing empty HSTI table + +Copyright (c) 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2024, Red Hat. Inc + +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +#include "VirtHstiDxe.h" + +VOID +VirtHstiSetSupported ( + VIRT_ADAPTER_INFO_PLATFORM_SECURITY *VirtHsti, + IN UINT32 ByteIndex, + IN UINT8 BitMask + ) +{ + ASSERT (ByteIndex < VIRT_HSTI_SECURITY_FEATURE_SIZE); + VirtHsti->SecurityFeaturesRequired[ByteIndex] |= BitMask; + VirtHsti->SecurityFeaturesImplemented[ByteIndex] |= BitMask; +} + +BOOLEAN +VirtHstiIsSupported ( + VIRT_ADAPTER_INFO_PLATFORM_SECURITY *VirtHsti, + IN UINT32 ByteIndex, + IN UINT8 BitMask + ) +{ + ASSERT (ByteIndex < VIRT_HSTI_SECURITY_FEATURE_SIZE); + return VirtHsti->SecurityFeaturesImplemented[ByteIndex] & BitMask; +} + +VOID +VirtHstiTestResult ( + CHAR16 *ErrorMsg, + IN UINT32 ByteIndex, + IN UINT8 BitMask + ) +{ + EFI_STATUS Status; + + ASSERT (ByteIndex < VIRT_HSTI_SECURITY_FEATURE_SIZE); + + if (ErrorMsg) { + DEBUG ((DEBUG_ERROR, "VirtHsti: Test failed: %s\n", ErrorMsg)); + Status = HstiLibAppendErrorString ( + PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE, + NULL, + ErrorMsg + ); + ASSERT_EFI_ERROR (Status); + } else { + Status = HstiLibSetFeaturesVerified ( + PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE, + NULL, + ByteIndex, + BitMask + ); + ASSERT_EFI_ERROR (Status); + } +} + +STATIC +UINT16 +VirtHstiGetHostBridgeDevId ( + VOID + ) +{ + EFI_HOB_GUID_TYPE *GuidHob; + EFI_HOB_PLATFORM_INFO *PlatformInfo; + + GuidHob = GetFirstGuidHob (&gUefiOvmfPkgPlatformInfoGuid); + ASSERT (GuidHob); + PlatformInfo = (EFI_HOB_PLATFORM_INFO *)GET_GUID_HOB_DATA (GuidHob); + return PlatformInfo->HostBridgeDevId; +} + +STATIC +VOID +EFIAPI +VirtHstiOnReadyToBoot ( + EFI_EVENT Event, + VOID *Context + ) +{ + switch (VirtHstiGetHostBridgeDevId ()) { + case INTEL_82441_DEVICE_ID: + VirtHstiQemuPCVerify (); + break; + case INTEL_Q35_MCH_DEVICE_ID: + VirtHstiQemuQ35Verify (); + break; + default: + ASSERT (FALSE); + } + + if (Event != NULL) { + gBS->CloseEvent (Event); + } +} + +/** + The driver's entry point. + + @param[in] ImageHandle The firmware allocated handle for the EFI image. + @param[in] SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The entry point is executed successfully. + @retval other Some error occurs when executing this entry point. +**/ +EFI_STATUS +EFIAPI +VirtHstiDxeEntrypoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + VIRT_ADAPTER_INFO_PLATFORM_SECURITY *VirtHsti; + UINT16 DevId; + EFI_STATUS Status; + EFI_EVENT Event; + + DevId = VirtHstiGetHostBridgeDevId (); + switch (DevId) { + case INTEL_82441_DEVICE_ID: + VirtHsti = VirtHstiQemuPCInit (); + break; + case INTEL_Q35_MCH_DEVICE_ID: + VirtHsti = VirtHstiQemuQ35Init (); + break; + default: + DEBUG ((DEBUG_INFO, "%a: unknown platform (0x%x)\n", __func__, DevId)); + return EFI_UNSUPPORTED; + } + + Status = HstiLibSetTable (VirtHsti, sizeof (*VirtHsti)); + if (EFI_ERROR (Status)) { + if (Status != EFI_ALREADY_STARTED) { + ASSERT_EFI_ERROR (Status); + } + } + + EfiCreateEventReadyToBootEx ( + TPL_NOTIFY, + VirtHstiOnReadyToBoot, + NULL, + &Event + ); + + return EFI_SUCCESS; +} -- 2.44.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117047): https://edk2.groups.io/g/devel/message/117047 Mute This Topic: https://groups.io/mt/105086164/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-