From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.47]) by mx.groups.io with SMTP id smtpd.web10.6787.1628003411037554826 for ; Tue, 03 Aug 2021 08:10:11 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=IYPTV1JQ; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.243.47, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IfmzLDRaBomKG+M/YnSZeHh8W2VEQh8OhQGB6SS70vgZK98lmj02UtPsZo8KpHJRl3otFDc5rqd7W4BOFii3OK6V0c8512QfCZh/YeeW4SVq9UEFMaxU96nCfFZ4XobZnrPm5cZVQbV9DY4DwL1lxJytIXPbjATIIIzCJj5oRXLjwaLFI6M6gNDGzZ99A1LCNQoLEaDkRQtte1F8+6WV2UP0nlM1WfF6F4LWyu3XzpfRUIIsU01lJiC3hnFHcN64k2CINtP9wMCxhC2rk9lXqILSWfRXoUPrePg0qrT6x8viMQKTM5CLL6ETuUHPCdM5rYeQO2s39OdPKfMhTQ2YTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=j/IHnxBmhO1YmE+LYX0+NVZ1QZvmWzIRk0CxZlubKEY=; b=MatwAlmwDAnSY2O/R5tBnBFrG7NhV7Vd1G7BYooov1D04QTmAOVw5cPSia536yoxvI1F/T25K8j010XVFJ+r+4+4uLhiFn6aSsq9IuXeir4lYaAV/RQwD3O41V+2rFZ5+7lohYnmWb5lFcA8LR2ZPjeSpXLvUFaqTvL1J1YtyGsweI+5cHAt/EOJkrYh3Q6HgOjuTj+amaX35wgfn5QbYK7l8bC/wYW2JND2exYAWROw0F/r/Dm+XhdzYmSR3zEOfmKeyUO2R1Xf+6EAUi9FeS6zH/ZUcmbUYqbwSxtqePPV8fmu6QBvqNQJchS5XrvC2P+b+Z2TzFFTcjUc9IA0OQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=j/IHnxBmhO1YmE+LYX0+NVZ1QZvmWzIRk0CxZlubKEY=; b=IYPTV1JQ/ZhOhMZNCGcUhpTovXGB6ja1piCrqk1VJrsLZPAPMA8Kx+o74h6ym3T2UUmgJZ5EoJfxmOhALUo0hW2FAfTFijlJkWIRL0KqmkytQyNN+uDldxL7duTkJU7Qjd/200cVjJ+VzgrVtz2zHqsSHIPGhXitVPueX/UB5nQ= Authentication-Results: amd.com; dkim=none (message not signed) header.d=none;amd.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2829.namprd12.prod.outlook.com (2603:10b6:805:e8::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.25; Tue, 3 Aug 2021 15:10:09 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::a8a9:2aac:4fd1:88fa]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::a8a9:2aac:4fd1:88fa%3]) with mapi id 15.20.4373.026; Tue, 3 Aug 2021 15:10:09 +0000 Cc: brijesh.singh@amd.com, devel@edk2.groups.io, James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Eric Dong , Ray Ni , Rahul Kumar , Michael D Kinney , Liming Gao , Zhiguang Liu , Michael Roth Subject: Re: [RFC PATCH v5 07/28] OvmfPkg/ResetVector: pre-validate the data pages used in SEC phase To: Erdem Aktas References: <20210630125321.30278-1-brijesh.singh@amd.com> <20210630125321.30278-8-brijesh.singh@amd.com> From: "Brijesh Singh" Message-ID: <4437e8cf-0ab5-6948-4a7e-a9780ad6973d@amd.com> Date: Tue, 3 Aug 2021 10:10:07 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 In-Reply-To: X-ClientProxiedBy: SA0PR11CA0116.namprd11.prod.outlook.com (2603:10b6:806:d1::31) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.236.31.95] (165.204.77.1) by SA0PR11CA0116.namprd11.prod.outlook.com (2603:10b6:806:d1::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4394.15 via Frontend Transport; Tue, 3 Aug 2021 15:10:08 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 8d1a093b-aad0-418d-bd68-08d95690c888 X-MS-TrafficTypeDiagnostic: SN6PR12MB2829: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: NWGorfe/Lj2KHEUPyjjRTxVsU+plOox2PUuDLQbYLzjZs//Y67rMnrBOgR5fJQjM01k4BL58bTSkIB7sPahjyBCydr7puHme1feK9jYjbkxDnDXMWDgmb7ubo2DbEA33P8V5XHQDQ1YbivmRMh6lIivn2r0m1IWm9Y7U46+SGLLzU+cbz2yMkxsaHAlXXa51Fih2lC6Rmq+XIXBABxKjp+qd1Af6maegXju7oCsgGW7+fPJZ8kSw5ioCnOFbuOoMaRui059Kb7LBP/3orvrYAAPtX5+pM/GkP3cgfT1k/9XdRfdRq2BtVF5VKUA/4XSYh22B64Y/00Um3F3bfAkLWsHk6WAfE3/5S2xMEFRnbD6whATw0ZiNLOn9l9mf1Qajc8RTFHa1HZa/JsTXNWGoomZRla2KyiHr1MIx0OTFPdmLq1Q2/XKG+c1nkln1p6YzJjgqePCNpOvi5CCGTKY016N+93iHwkDQvjjDsk3fKB7nUzmrk2GMAzno+C2nampamtSFfp/wn80kpVZAI2t7eOxSCYqnuGSmSpjP9HC88ehe5+qJ13/ahrskaH6iaIzPUH4yi7rEFhvgMz22mesjsqglLswmFY8Gn1zoSWn76KJV/c4R3fCGAcOyxN5a6o0juazuc7nStLlnBqbiTCqJn915waizFe7z8wt6EikNSfqhcIXqmzBjcnXwwcnBggyjFH7aynsBY/6DLkcHhKNV8m3u9v3t+PQkSwjdpQUWtcETIv/PCNDBum809kEmsiQh/qBL0Z8k/z84g8Ks/PjLHA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(8676002)(83380400001)(52116002)(54906003)(8936002)(956004)(316002)(6486002)(186003)(16576012)(15650500001)(53546011)(31696002)(2616005)(6916009)(38350700002)(4326008)(31686004)(66946007)(38100700002)(7416002)(66556008)(5660300002)(66476007)(26005)(44832011)(508600001)(36756003)(2906002)(86362001)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?ZCtPTHZIQ3FtcVJId29yeXNOSGVpbDZBZkFCcHFGajRHTVFtOUNvTnl4MDhC?= =?utf-8?B?QmNZQ29hUWZOZmlRenpNQVF1amh0cWpNUkM4cHVmU0I1UEFTSklYNWxkRkJB?= =?utf-8?B?Z3ZkNGpXVU9ZUERzdmVXOHg2NkxBMFRGSkR4OGVPOTArWWE4Qi9hN0lGUytU?= =?utf-8?B?UW1xdGthVi9kcUpSdkxXZFJVZUhxZlVaVmZMcUlJZFJUdmRxamhrQmx3NjJw?= =?utf-8?B?b3VocWVaQWR6UzJZaFRTei9Ea3Vac3BYaDVQUEgzeXpoakNmRndIUnEzYU95?= =?utf-8?B?cXd0ZE9pNGNmWjdBVS9vMm9ZaFp1UE5WYnQ5WVhBdDZoaGVDZFZYbHFzNHBs?= =?utf-8?B?VG45N042MG1IZTU0ZHBlVzZsdjRrNVB0cGVLR1Y3Z1dLdnJQSFlkbXNzOUFI?= =?utf-8?B?VW9Fa1BZNjJBdC9DMlJhSjdRN1lKcE9VdEdySDl4c1RoZlBTYlEvSFRvcGdh?= =?utf-8?B?akN3QW1oUWJDeDJlaW42aXlFQ05VV2pqQ3FFZUlmWldNT2l2enpXSGhmQ1hw?= =?utf-8?B?emExMDhudytxYWxseFpnVDdjUzJVaHp1U0NRQytPN1lKbEt0M3BhYkRRTTRJ?= =?utf-8?B?b2RGZUJPM01oUkMyOWw2TW56dlRINWpQRG1BZWtwSEFsTFlGS0t2U1E0TTNp?= =?utf-8?B?K0dqVU9DSkFxMFBhV3psYTJDRWtZMDRkNXpKMWFHWEVydmlMaEE0Zk84M2o1?= =?utf-8?B?Z2FZQkFMMldXUy9pRGozY2VnSmFIQlhFUm5GeTRSanBaTnUrL2UyYUVmTjBp?= =?utf-8?B?bnVmcllHZ0dXWENPVUJQRW91b3RRWktDT3dYVmxJMDBpK3pVNDNwOU5NbDN0?= =?utf-8?B?THVZVS9sdldGVDZFUDRYNEZ6SWUvUFFDTHdvSU9hYjJPN3pUSW9aMVJxSDNh?= =?utf-8?B?NVRkRDdvVUtGVHlNNUZLbHVvYjZhSzU3TTJlQlYrRjc4RzJLKzhaemV6UVIr?= =?utf-8?B?NGFJRlFBc0p1b1l0cXdQeDlGZzM3MCtERlM0ckl0M2NJZ0lwQW1ydEFDc1NC?= =?utf-8?B?Zmh2Skp5Um84OEZNa1RrS1p6RG1Db2xzSlIxSGV0VUZKRjJHbjF3VlU4aG1Z?= =?utf-8?B?MU5FRi9GL0V0RVpmWlhVT1NScThhckdZTnlMQ0F5ZFVtbURESlgyalBtV3Ir?= =?utf-8?B?S0RQbFNOeUFiUXRBMU1kQjlOZFVKNWNKTEJtTVNORFNPL1BqNmJSN2RiVEpY?= =?utf-8?B?TERNVHA3SDJpZzdOVlIwekEvWGx6SERUVW5QcDVGU245WnA3OGNjQ3cwak43?= =?utf-8?B?dkFqWGtSb240c2RIdTlGUkg5Yk1maDhncm4xM3dLNFZPNUJ4UFJyV25YMFhX?= =?utf-8?B?RUt1d3prOTR5VFd5Q0UwTXhpOEY2cHlVQks3MGtucnZKTS9KMEx6TGM4VFBD?= =?utf-8?B?OVU2OXMwZENRQTd1c0xIZGJ4T3o4eDROZmx0YXk3TlAxTTlIRCtwTWRtU2pV?= =?utf-8?B?cFZ3emRXVVFXNjZUTmtwMkZUd2dKR1hZOS8xV3I2QTV3cjJZbzBINUhjNFow?= =?utf-8?B?eWxsRFV5eFZlY0JQS2FvSU5OazlzcCt3cnhqRXRmaGcwdUx5MjU5NmNVRVpR?= =?utf-8?B?R2paeXR3TE9DRHZLd2poeFVYN1JINXNKRmVETVh0SmlkeGwrbDE4ZHdwLzVL?= =?utf-8?B?bFZuRHNyTEpFNWY2ZEJRa1htVHBoQUhtZjlMV1ZvSWticDhXRVZvNTRoczBF?= =?utf-8?B?OGlOQWxETjNmWHcxUG5LcTQzNUhKbU1Lb3h3c0lYTUVUaXdNN29KZXRoZ252?= =?utf-8?Q?iC3fr/6Nq957jVUyzeHcuIr+TmF6CSFbYTAPgd3?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8d1a093b-aad0-418d-bd68-08d95690c888 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Aug 2021 15:10:09.1218 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: oJLHvyDSp8aTumAFVzwptM3jXf0GlevCXvhTF4UjVc5Y/Dsr/v/l4mA4zY/nDmS5vL1HdOL1ilkDgmLKL2i8QA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2829 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit On 7/31/21 3:44 AM, Erdem Aktas wrote: > On Wed, Jun 30, 2021 at 5:54 AM Brijesh Singh wrote: >> >> a) Enhance the OVMF reset vector code to validate the pages as described >> above (go through step 2 - 3). >> OR >> b) Validate the pages during the guest creation time. The SEV firmware >> provides a command which can be used by the VMM to validate the pages >> without affecting the measurement of the launch. > > Are you referring to the PAGE_TYPE_UNMEASURED? Does it not affect the > measurement , PAGE_INFO will be still measured, right? Yes. The unmeasured here means the contents of the page is not measured but the PAGE_INFO is measured for all the pages added before the VM launch. > >> Approach #b seems much simpler; it does not require any changes to the >> OVMF reset vector code. > > I am worried about verifying the measurement. I understand the secret > page and cpuid page being part of measurement because both of them are > mentioned in the AMD SNP SPEC but now we are introducing a new > parameters (all the 4KB page addresses between SNP_HV_VALIDATED_START > and SNP_HV_VALIDATED_END) that VM owner needs to know to calculate the > measurement and verify the attestation. > The page info of both the secrets and cpuid page also need to be measured. In order to calculate the expected measurement, a caller need to know the page_info for the secrets and cpuid. To get the page_info for the CPUID and Secrets they must read the OVMF reset GUID. While at it, they can also get the the range of the unmeasured pages. I don't see that being a big issue. Having said so, as I described in the patch, its not only option. It was easier for implementation without compromising the security. > Sorry if I am overthinking or missing something here. > > -Erdem >