From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 018A5941E29 for ; Thu, 27 Jun 2024 22:42:31 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=E/5b+UnlcjozhBGvx5KqBZrhzWI2ElkCTs/8hRDe8p4=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:User-Agent:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1719528151; v=1; b=AZ8ZJfBUz7ERCFCollKN+81yww7W8uNd0Z1Q10gOPobUQEyzJHS2LRCx3ngK4BP+CWyeVeCD XCBDt99OWj0vo6IrKqhK0POi1KtUdYVOPbZJTaLP2yYylXfhX/OaYn4qny6zXRQoLBFzAYOaSWz gIQnAnjVCkxSYgdWgAf2ghakpYIFjapTUe88FE3o88RLSIfSLO5Hov1aK5MvjQsmcWAV4NDfnNT mNe2Y1tcBNl0A78aPciNRIS1UW1xphTB0kMlfrIUrXumzjwydvdWS7Q7gLKLs3T62V+fY7SteBR wlYME5XEUZvDOquuiRNwlbuDHH8CHJi+usJ0D7l0wIbOQ== X-Received: by 127.0.0.2 with SMTP id HFIIYY7687511x8RGQMfO6d6; Thu, 27 Jun 2024 15:42:30 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web11.33280.1719422064640577759 for ; Wed, 26 Jun 2024 10:14:24 -0700 X-Received: from pps.filterd (m0356517.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 45QEwmNM020546; Wed, 26 Jun 2024 17:14:22 GMT X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 400n7f0eqm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 26 Jun 2024 17:14:22 +0000 (GMT) X-Received: from m0356517.ppops.net (m0356517.ppops.net [127.0.0.1]) by pps.reinject (8.18.0.8/8.18.0.8) with ESMTP id 45QHEMsZ009605; Wed, 26 Jun 2024 17:14:22 GMT X-Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 400n7f0eqh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 26 Jun 2024 17:14:21 +0000 (GMT) X-Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 45QH4ZkM018131; Wed, 26 Jun 2024 17:14:21 GMT X-Received: from smtprelay02.wdc07v.mail.ibm.com ([172.16.1.69]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3yx8xue13d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 26 Jun 2024 17:14:21 +0000 X-Received: from smtpav01.dal12v.mail.ibm.com (smtpav01.dal12v.mail.ibm.com [10.241.53.100]) by smtprelay02.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 45QHEIRa29033108 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 26 Jun 2024 17:14:20 GMT X-Received: from smtpav01.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 06F5158059; Wed, 26 Jun 2024 17:14:18 +0000 (GMT) X-Received: from smtpav01.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 85E4258058; Wed, 26 Jun 2024 17:14:17 +0000 (GMT) X-Received: from [9.61.188.3] (unknown [9.61.188.3]) by smtpav01.dal12v.mail.ibm.com (Postfix) with ESMTPS; Wed, 26 Jun 2024 17:14:17 +0000 (GMT) Message-ID: <323c3d5f-a00e-4ab1-896e-673998275116@linux.ibm.com> Date: Wed, 26 Jun 2024 13:14:16 -0400 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [edk2-devel] [PATCH 0/2] AmdSev: Harden SEV Kernel hashes verifier To: "Aithal, Srikanth" , devel@edk2.groups.io Cc: dov.murik@gmail.com, james.bottomley@hansenpartnership.com, thomas.lendacky@amd.com, tobin@ibm.com References: <5618d3f0-827f-49f4-b1a7-6a47fac50550@amd.com> From: Tobin Feldman-Fitzthum In-Reply-To: X-TM-AS-GCONF: 00 X-Proofpoint-GUID: gf8Ls4UhA1f5Viy7Gv5NWbQxcgZAcT5A X-Proofpoint-ORIG-GUID: GgdOen8qAUa6yl_S97Gr9JLte2YYDAMU X-MIME-Autoconverted: from 8bit to quoted-printable by mx0a-001b2d01.pphosted.com id 45QEwmNM020546 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Thu, 27 Jun 2024 15:42:29 -0700 Resent-From: tobin@linux.ibm.com Reply-To: devel@edk2.groups.io,tobin@linux.ibm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: XWQN0bLHVGdpNLGAYGiQce5nx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=AZ8ZJfBU; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=ibm.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io On 6/26/24 10:33 AM, Aithal, Srikanth wrote: >=20 > On 6/26/2024 7:28 PM, Tobin Feldman-Fitzthum wrote: >> >> >> On 6/26/24 4:08 AM, Aithal, Srikanth wrote: >>> Hello, SEV/SEVES guest boot fails with AMDSEV OVMF package built=20 >>> using upstream edk2 master [commit head:=20 >>> 2fbaaa96d11ad61a9133df1728e3fe965d1457a5]. SEV/SEVES guest boot with=20 >>> AMDSEV package gets stuck at below point: Plain Text 2024-06-26 04:=20 >>> =E2=80=8A38: =E2=80=8A02:=E2=80=8A >>> >>> >>> Hello, >>> >>> SEV/SEVES guest boot fails with AMDSEV OVMF package built using=20 >>> upstream edk2 master [commit=20 >>> head:=C2=A02fbaaa96d11ad61a9133df1728e3fe965d1457a5]. >>> >>> SEV/SEVES guest boot with AMDSEV package gets stuck at below point: >>> >>> Plain Text >>> >>> |2024-06-26 04:38:02: FetchBlob: loading 14332416 bytes for "kernel"=20 >>> 2024-06-26 04:38:02: Select Item: 0x18 2024-06-26 04:38:02: Select=20 >>> Item: 0x11 2024-06-26 04:38:02: VerifyBlob: Found GUID=20 >>> 4DE79437-ABD2-427F-B835-D5B172D2045B in table 2024-06-26 04:38:02:=20 >>> VerifyBlob: Hash comparison succeeded for "kernel" 2024-06-26=20 >>> 04:38:02: Select Item: 0xB 2024-06-26 04:38:02: VerifyBlob: Found=20 >>> GUID 44BAF731-3A2F-4BD7-9AF1-41E29169781D in table 2024-06-26=20 >>> 04:38:02: VerifyBlob: Blob Specified in Hash Table was not Provided=20 >>> --> Hung here | >>> >> Can you send qemu command that produces this case? >> It looks like what is happening is that the initrd is specified in the= =20 >> hash table, but is not provided to the guest. >> You might try with and without the -initrd option and compare. >> It's possible that when -initrd is not provided, QEMU will still put=20 >> something in the table, which this patch might not account for. >> >> -Tobin > my qemu command line to recreate the issue: >=20 > qemu-system-x86_64 \ > -machine q35,confidential-guest-support=3Dsev0,vmport=3Doff \ > -object sev-guest,id=3Dsev0,cbitpos=3D51,reduced-phys-bits=3D1,kernel-has= hes=3Don \ > -name guest=3Dvm,debug-threads=3Don \ > -drive=20 > if=3Dpflash,format=3Draw,unit=3D0,file=3D/VT_BUILD/OVMF_AmdSev/OVMF.fd,re= adonly \ > -cpu host \ > -m 4096 \ > -kernel '/VT_BUILD/usr/local/bzImage' \ > -append 'root=3D/dev/sda rw console=3DttyS0,115200n8=20 > earlyprintk=3DttyS0,115200 net.ifnames=3D0 biosdevname=3D0 movable_node= =20 > swiotlb=3D65536' \ > -smp 1,cores=3D1,threads=3D1,dies=3D1,sockets=3D1 \ > -drive=20 > file=3D/VT_BUILD/images/22.04-server.qcow2,index=3D0,media=3Ddisk,format= =3Dqcow2 \ > --enable-kvm \ > --nographic >=20 >=20 > Yes, if I pass -initrd explicitly the Hash verify step passes properly >=20 > FetchBlob: loading 14332416 bytes for "kernel" > Select Item: 0x18 > Select Item: 0x11 > VerifyBlob: Found GUID 4DE79437-ABD2-427F-B835-D5B172D2045B in table > VerifyBlob: Hash comparison succeeded for "kernel" > Select Item: 0xB > FetchBlob: loading 75379943 bytes for "initrd" > Select Item: 0x12 > VerifyBlob: Found GUID 44BAF731-3A2F-4BD7-9AF1-41E29169781D in table > VerifyBlob: Hash comparison succeeded for "initrd" > Select Item: 0x14 > FetchBlob: loading 120 bytes for "cmdline" > Select Item: 0x15 > VerifyBlob: Found GUID 97D02DD8-BD20-4C94-AA78-E7714D36AB2A in table > VerifyBlob: Hash comparison succeeded for "cmdline" >=20 Ok, I'll submit a little tweak this afternoon that should fix your case. -Tobin >>> This was working until yesterday [commit head: be38c01], where we can= =20 >>> see boot was proceeding >>> >>> Plain Text >>> >>> |2024-06-25 03:13:23: VerifyBlob: Found GUID=20 >>> 4DE79437-ABD2-427F-B835-D5B172D2045B in table 2024-06-25 03:13:23:=20 >>> VerifyBlob: Hash comparison succeeded for "kernel" 2024-06-25=20 >>> 03:13:23: Select Item: 0xB 2024-06-25 03:13:23: VerifyBlob: Found=20 >>> GUID 44BAF731-3A2F-4BD7-9AF1-41E29169781D in table 2024-06-25=20 >>> 03:13:23: VerifyBlob: Hash comparison succeeded for "initrd"=20 >>> 2024-06-25 03:13:23: Select Item: 0x14 2024-06-25 03:13:23:=20 >>> FetchBlob: loading 120 bytes for "cmdline" 2024-06-25 03:13:23:=20 >>> Select Item: 0x15 2024-06-25 03:13:23: VerifyBlob: Found GUID=20 >>> 97D02DD8-BD20-4C94-AA78-E7714D36AB2A in table 2024-06-25 03:13:23:=20 >>> VerifyBlob: Hash comparison succeeded for "cmdline"| >>> >>> >>> After this patch got merged the regression is seen. >>> >>> Thanks, >>> >>> Srikanth Aithal >>> >>> >>> On 5/7/2024 1:57 AM, Tobin Feldman-Fitzthum via groups.io wrote: >>>> The AmdSev package has a so-called BlobVerifier, which >>>> is meant to extend the TCB of a confidential guest >>>> (SEV or SNP) to include components provided via fw_cfg >>>> such as initrd, kernel, kernel params. >>>> >>>> This series fixes a few implementation errors in the >>>> blob verifier. One common theme is that the verifier >>>> currently fails to halt the boot when an invalid blob >>>> is detected. This can lead to a confidential guest >>>> having a launch measurement that does not reflect the >>>> guest TCB. >>>> >>>> This series could also help us move towards consolidating >>>> the AmdSev package back into the OvmfPkg although more >>>> discussion will be needed on this. >>>> >>>> Thank you for Ryan Savino at AMD for pointing out >>>> some of these issues. >>>> >>>> Tobin Feldman-Fitzthum (2): >>>> =C2=A0=C2=A0 AmdSev: Rework Blob Verifier >>>> =C2=A0=C2=A0 AmdSev: Halt on failed blob allocation >>>> >>>> =C2=A0 .../BlobVerifierSevHashes.c=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 | = 56=20 >>>> ++++++++++++++++--- >>>> =C2=A0 OvmfPkg/Include/Library/BlobVerifierLib.h=C2=A0=C2=A0=C2=A0=C2= =A0 | 14 +++-- >>>> =C2=A0 .../BlobVerifierLibNull/BlobVerifierNull.c=C2=A0=C2=A0=C2=A0 | = 13 +++-- >>>> =C2=A0 .../QemuKernelLoaderFsDxe.c=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |= =C2=A0 9 ++- >>>> =C2=A0 4 files changed, 69 insertions(+), 23 deletions(-) >>>> -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119725): https://edk2.groups.io/g/devel/message/119725 Mute This Topic: https://groups.io/mt/105977013/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-