From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM02-DM3-obe.outbound.protection.outlook.com (NAM02-DM3-obe.outbound.protection.outlook.com [40.107.95.66])
 by mx.groups.io with SMTP id smtpd.web09.790.1626725753310912152
 for <devel@edk2.groups.io>;
 Mon, 19 Jul 2021 13:15:53 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@amd.com header.s=selector1 header.b=cRp2wZ4D;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.95.66, mailfrom: thomas.lendacky@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=BFNLb1EXh+EG4WD987b0kKnMR2Pg+kiuKBFcLQtBfsmvI0MC66BzIiMwhms+15ReBUl1eunvPqIT2pxlystDZDpzDLQ+7MSddPk5TBNuvUtAFh5WRNJNzAFVTRrmuLmo4Zeyprx9cdS4AvClio4+aAfapvpC/c73OIZ/lPbIB9DXbRyUMxwCorLdyof5S06TXXznQvNFEL6HQbwtlRrWShh458MQYhuzg2+fsg82s/y9urTTWPIFzx/WK7rAI1p1auPkLA2kknu7N9f1CkkDZQfkugYVTdp2qbvlMsDQrt9fNarOCChnUskcycYFEEh5oLvxtSxp32QRlhMx82v5CA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=PQgeDYEe/GQwkvtV+oPLPvkHFbxc5eMOFJ6Q4FU66oo=;
 b=NZYIqtqHKle0fPeeQC9kEkkTDbCSaQYSnGTNZxY+Whuh2w4htQdfRercgvDaM0y//VlsCc2n2uLgsmMgyBx4fav/TjfVVAWmvorO4N43/LFzT1xS9UrWI36R7pNSMS0cgER+mgqyeBwFsVyDuRVtG6qmoFFqje6v/cJwzwzvHqS8Tz1o8p8I/bgewYL1bn5wQbTOv9RNMcxDFewXee4+pMtD4IBe63U1XNVqaGpGRXfamOhxJqFVz2lJLuJiDEftHxEyngnZ0nZT08YpUVVVUWxE25RcKMDGlZxKvt7XRcP01b+QTySAQFosSKtJe1GF4pxVjhWD1b9H/CKtZyjgow==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=PQgeDYEe/GQwkvtV+oPLPvkHFbxc5eMOFJ6Q4FU66oo=;
 b=cRp2wZ4Dni20OfRN4MdFq0jAm8qrO5ivaX3nUEx3vQ8y0+o+WCQQEEGcpUfgy7WdQuud+8aOAJ1cpRyF+8luFV+kfNXNmWF0s7pfDg+iU/2FhGXcv1ZNXbZV1EiZQJahDeNCnxriRLNcLyw5dDf7EEXQjW+bXm6QrNBDoQ9dN2o=
Authentication-Results: intel.com; dkim=none (message not signed)
 header.d=none;intel.com; dmarc=none action=none header.from=amd.com;
Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12)
 by DM8PR12MB5493.namprd12.prod.outlook.com (2603:10b6:8:3d::10) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.23; Mon, 19 Jul
 2021 20:15:51 +0000
Received: from DM4PR12MB5229.namprd12.prod.outlook.com
 ([fe80::73:2581:970b:3208]) by DM4PR12MB5229.namprd12.prod.outlook.com
 ([fe80::73:2581:970b:3208%3]) with mapi id 15.20.4331.032; Mon, 19 Jul 2021
 20:15:51 +0000
Subject: Re: [PATCH v2 10/11] OvmfPkg: add SevHashesBlobVerifierLib
To: Dov Murik <dovmurik@linux.ibm.com>, devel@edk2.groups.io
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>,
 Tobin Feldman-Fitzthum <tobin@ibm.com>, Jim Cadden <jcadden@ibm.com>,
 James Bottomley <jejb@linux.ibm.com>, Hubertus Franke <frankeh@us.ibm.com>,
 Laszlo Ersek <lersek@redhat.com>, Ard Biesheuvel
 <ardb+tianocore@kernel.org>, Jordan Justen <jordan.l.justen@intel.com>,
 Ashish Kalra <ashish.kalra@amd.com>, Brijesh Singh <brijesh.singh@amd.com>,
 Erdem Aktas <erdemaktas@google.com>, Jiewen Yao <jiewen.yao@intel.com>,
 Min Xu <min.m.xu@intel.com>
References: <20210706085501.1260662-1-dovmurik@linux.ibm.com>
 <20210706085501.1260662-11-dovmurik@linux.ibm.com>
 <1b9d824c-56e4-588c-4a48-e2962caa7d44@amd.com>
 <a4b38ebf-abd7-1c84-c4b8-d5da3d77edf8@linux.ibm.com>
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
Message-ID: <9b2745f7-1590-cdfc-921e-336480985649@amd.com>
Date: Mon, 19 Jul 2021 15:15:48 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.11.0
In-Reply-To: <a4b38ebf-abd7-1c84-c4b8-d5da3d77edf8@linux.ibm.com>
X-ClientProxiedBy: SA0PR12CA0015.namprd12.prod.outlook.com
 (2603:10b6:806:6f::20) To DM4PR12MB5229.namprd12.prod.outlook.com
 (2603:10b6:5:398::12)
Return-Path: thomas.lendacky@amd.com
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.236.30.241] (165.204.77.1) by SA0PR12CA0015.namprd12.prod.outlook.com (2603:10b6:806:6f::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.22 via Frontend Transport; Mon, 19 Jul 2021 20:15:50 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 2b253c37-bdd5-42bc-b998-08d94af200fa
X-MS-TrafficTypeDiagnostic: DM8PR12MB5493:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<DM8PR12MB54939142B517B437EC17CFAEECE19@DM8PR12MB5493.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:3968;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	4E5ZH3uA9nlBK/ki6uzl2Y7DRUpbztRgZgfCGkonHwphMEp9rAMS0iajYHuC9zfJNLSEtjY35t2XTfVyWGVtrsMYZpZgio3TssPuNNSaUvwscTvOGSjKjyE/nJclYDmx8VUnJ9+ethGTu7zdGqLSSIcvknmdBeKGIV18tbzQv3O/DZo+7pETZxgm2nslNS2aa4TLnGJ/eaStu60kSXU0bsPqV1sBlklJzguXl1KktMrPMYnLgqEcfyPfTRihDcloYaIiLdQ15MAmxbmk3VqrWVjoRAU0Yu2kXng12Z3Ko7aaHkp3uFlWcSpqkcuyMAxWticbig3KfZHHAVBgPdX7ET8wT/D4z3julbkafTpSRv7FxYzC+mHX2Ff/PL8b2eJchJMkqMV+nUMJ3o5D03AAdsQoiH8xY1T4wJrPquu+hPDgjWVOrgRN2qVPbHRvKdNHyAQUiEtpJdFjCEf+HledsGk7vw2AbuZrzOh6f/HA1rMXpKjXOx6jCQqdveKZOpOzlpycZTP3uqKL7odGsNaiB3srcffqUTcbidRXOmNNcbBqTP1w2UCl/sEUO2gRSzHiKUE4fXqkAhFjzkvlBJHsegb+NSR3l3qBzlKq1ZBLW1XtTFhVvrxW9fCgWkAklOAlo9PLpUT/l4/H35eiSb6CCJawftGfLa6CB4QvWrqrznbyVcWYInwaHKM/sTLLgga3OhQmx891aZv9xZwznQh9nlr6tYJcafApmTH/0vQ3lKt9Cj7DTgOuXHmsHRReYqjA
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(136003)(346002)(366004)(39860400002)(376002)(53546011)(83380400001)(4326008)(54906003)(2906002)(6486002)(186003)(31686004)(66946007)(8676002)(478600001)(38100700002)(5660300002)(8936002)(36756003)(316002)(7416002)(66556008)(66476007)(16576012)(86362001)(31696002)(2616005)(956004)(26005)(213903007)(43740500002)(45980500001);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
	=?utf-8?B?Vnp1dVJMT3BZbXdVVnZETytvdnFlM1FKamlMNS9nZTRJcnA2VVlGUGNVOG82?=
 =?utf-8?B?ZTJsZ3RZcG1xL1A1VkZkRUplRjltNkRHUjhNM2hsWFJxMlVrNEkxR2RlanBF?=
 =?utf-8?B?dGQwSXRYTytKMEg5NUk3bktsd2lWK2t2WXBvR3FUaTFxUGFPaWRjeTRuVndH?=
 =?utf-8?B?S2ZqQitVMm4xTGNMYzlsUU8ybHdPVU1OdmtkRnF1VG9GQmo0TENEeEsrSDlJ?=
 =?utf-8?B?dHZpT3hpd3F4SVJnRFRTbFMzMDVOT1VXSUtRSlI3RU9YblJJZTJFSjg4U0pt?=
 =?utf-8?B?ZXVGMlBkSkpjQS9SMHBHNXBaVmxadG0zNmZuMVhMWU5Ga2lYdHVuVnJ1M0FV?=
 =?utf-8?B?RitWb241QzYySER2amJITCthTmUwcStWa1k0dzNHSDlWMGpLYXpMdWx2QUI0?=
 =?utf-8?B?anlCU1dlbFhjc0VLNzlRWGxPeHdjMWNsOFpkY2tPejRLenBQUlR4ZVNUM0pk?=
 =?utf-8?B?bUJMSnkyai9wL2hlWFFqekRZRzRuc0h4K0gzam1ORmhtWENHTkhKVFlyMEpW?=
 =?utf-8?B?MVRjTHZTcURMTkdDdW9ndStHNFFDMWF1WDdiUnJ4NHBEdVRkWm50OXVFQUcw?=
 =?utf-8?B?QW9ZQ0wvTnRMV3ovajEyTnFCL0l6SElEdWcycHZXQWk1MUpBUUxoQzZOS2M3?=
 =?utf-8?B?MllGcG1FQTluamRBMTB4YTF5M1Z6SU9pUzBwMFdRd3BKVTJOMElMZG56bHNK?=
 =?utf-8?B?clAyblpSL25jUlZXSUdxOHFuTDc2eXNwV2dZZGpHOVRmKzVBUzlBbVVycEhk?=
 =?utf-8?B?eS9jRE85d21aUXd0Qnd6MEtQbiszcUsxTDE2eXJ2Qkc4WUhKdWRMOHE4L3RH?=
 =?utf-8?B?TUVLMGFLWTlSc0Z0THhWRFpjeDdnYUtNTE5EWnJ1NFlFSlRoZGtNRm5XaFhM?=
 =?utf-8?B?dENHWTJmaUN0V1Qvak9YUTl2VlFhTDdNN0FyT2VrMzE0bnB0OGI1OWgwcmFW?=
 =?utf-8?B?NGN0Y0g3RUFlejIwU0MzUFQ0TFBlYlh3a0pUQm04Wmw5c2c2eWVhOGhsRkxt?=
 =?utf-8?B?VnJuN1d5Y29jUHdRN2lNZDlnS05yN292dnI1SlVOUUk2OWF1bVczQ3NDWTht?=
 =?utf-8?B?Vnc2c1JnclBZWUsvSGpDT0RSdzNaQzlQdjhHbnBkU2JPK2xFaVkzRXNIQ1ZS?=
 =?utf-8?B?K1NYd2JMQzJqTE1vRTUzWk1ZT2FZd0xld0xMdlZneTNDT2p3RllTdDBsWHlm?=
 =?utf-8?B?ZkJyb3FaM2x3MHV4Rm1aaGJLR2NmYnNpdDdZbUZ5d1lqclpiSzB5NngzZXdq?=
 =?utf-8?B?Q2hsNlhVcFJ5UTZvM2hrU3JpOUQ5WmpQOC9YRHkwTWZSNjBLNnVXMGd4UlV5?=
 =?utf-8?B?OU9Vc1d0S0xueHJPUzFyQlRseDM5OFZraDVGMmM4ZE1ibXFxaUZreUUwZW9y?=
 =?utf-8?B?Wmd1dGU2RUVxemllVWgxcGhIU2kybTQxT3orckpzMEdyTi9aVUpyRll3Vm5R?=
 =?utf-8?B?K3R2QmFQR1dJY3dQTWpSRzVrbDN4emJ2RUtTZDRUeVYweTNrTmxnUnBaU1FX?=
 =?utf-8?B?Z1VhOTAzeUorNE85eEs5aHdHejJOVFU5VmJTZVV2dEptZjY1bFdNZDlLYWQ4?=
 =?utf-8?B?eFpWVnpzNzdSS0Eycm1aQXdvcDJjdFhyQ0ZPZExYTEsvTHhMaGFZdHJrVnZh?=
 =?utf-8?B?dGNlaVNCZ2NKRS9oeVQ2Nnd0bFN4UmpubFd6TVFNMmwyLzlzVmlwS2FJUXRr?=
 =?utf-8?B?SFNMYUgwWGlsdjh2UllkYjI3RkRlaFdlbXFleVZ1d0M5YW1jbDVNYjBWWWRK?=
 =?utf-8?Q?8Q1To+YJ8Ud3mgeRFdQEJ7KuyHpjmFGFnulMSRy?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2b253c37-bdd5-42bc-b998-08d94af200fa
X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Jul 2021 20:15:51.1097
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 13i6SSKwgKTBOKlF9yLrChGy9psMFhMbR9bsvR3ltyJIE7S/3gThGqhkCdj73g2Wo2oXcjdRIg15g8nB4w1h9A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM8PR12MB5493
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit

On 7/19/21 2:47 PM, Dov Murik wrote:
> On 19/07/2021 20:28, Tom Lendacky wrote:
>> On 7/6/21 3:55 AM, Dov Murik wrote:
> 
>>> +[Defines]
>>> +  INF_VERSION                    = 0x00010005
>>> +  BASE_NAME                      = SevHashesBlobVerifierLib
> 
> But is this BASE_NAME okay?
> 
> Or should it be BlobVerifierLibSevHashes ?

I guess that it should probably be BlobVerifierLibSevHashes just for
consistency, but I'm not sure whether there's a convention for BASE_NAME.

Thanks,
Tom

> 
> 
>>> +  FILE_GUID                      = 59e713b5-eff3-46a7-8d8b-46f4c004ad7b
>>> +  MODULE_TYPE                    = BASE
>>> +  VERSION_STRING                 = 1.0
>>> +  LIBRARY_CLASS                  = BlobVerifierLib
>>> +  CONSTRUCTOR                    = SevHashesBlobVerifierLibConstructor
>>> +
>>> +[Sources]
>>> +  SevHashesBlobVerifier.c
>>> +
>>> +[Packages]
>>> +  CryptoPkg/CryptoPkg.dec
>>> +  MdePkg/MdePkg.dec
>>> +  OvmfPkg/OvmfPkg.dec
>>> +
>>> +[LibraryClasses]
>>> +  BaseCryptLib
>>> +  BaseMemoryLib
>>> +  DebugLib
>>> +  PcdLib
>>> +
>>> +[FixedPcd]
>>> +  gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase
>>> +  gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize
>>> diff --git a/OvmfPkg/Library/BlobVerifierLib/SevHashesBlobVerifier.c b/OvmfPkg/Library/BlobVerifierLib/SevHashesBlobVerifier.c
>>> new file mode 100644
>>> index 000000000000..961ee29f5df3
>>> --- /dev/null
>>> +++ b/OvmfPkg/Library/BlobVerifierLib/SevHashesBlobVerifier.c
>>> @@ -0,0 +1,199 @@
>>> +/** @file
>>> +
>>> +  Blob verifier library that uses SEV hashes table.
>>> +
>>> +  Copyright (C) 2021, IBM Corporation
>>> +
>>> +  SPDX-License-Identifier: BSD-2-Clause-Patent
>>> +**/
>>> +
>>> +#include <Library/BaseCryptLib.h>
>>> +#include <Library/BaseLib.h>
>>> +#include <Library/BaseMemoryLib.h>
>>> +#include <Library/DebugLib.h>
>>> +#include <Library/BlobVerifierLib.h>
>>> +
>>> +/**
>>> +  The SEV Hashes table must be in encrypted memory and has the table
>>> +  and its entries described by
>>> +
>>> +  <GUID>|UINT16 <len>|<data>
>>> +
>>> +  With the whole table GUID being 9438d606-4f22-4cc9-b479-a793d411fd21
>>> +
>>> +  The current possible table entries are for the kernel, the initrd
>>> +  and the cmdline:
>>> +
>>> +  4de79437-abd2-427f-b835-d5b172d2045b  kernel
>>> +  44baf731-3a2f-4bd7-9af1-41e29169781d  initrd
>>> +  97d02dd8-bd20-4c94-aa78-e7714d36ab2a  cmdline
>>> +
>>> +  The size of the entry is used to identify the hash, but the
>>> +  expectation is that it will be 32 bytes of SHA-256.
>>> +**/
>>> +
>>> +#define SEV_HASH_TABLE_GUID \
>>> +  (GUID) { 0x9438d606, 0x4f22, 0x4cc9, { 0xb4, 0x79, 0xa7, 0x93, 0xd4, 0x11, 0xfd, 0x21 } }
>>> +#define SEV_KERNEL_HASH_GUID \
>>> +  (GUID) { 0x4de79437, 0xabd2, 0x427f, { 0xb8, 0x35, 0xd5, 0xb1, 0x72, 0xd2, 0x04, 0x5b } }
>>> +#define SEV_INITRD_HASH_GUID \
>>> +  (GUID) { 0x44baf731, 0x3a2f, 0x4bd7, { 0x9a, 0xf1, 0x41, 0xe2, 0x91, 0x69, 0x78, 0x1d } }
>>> +#define SEV_CMDLINE_HASH_GUID \
>>> +  (GUID) { 0x97d02dd8, 0xbd20, 0x4c94, { 0xaa, 0x78, 0xe7, 0x71, 0x4d, 0x36, 0xab, 0x2a } }
>>> +
>>> +STATIC CONST EFI_GUID mSevKernelHashGuid = SEV_KERNEL_HASH_GUID;
>>> +STATIC CONST EFI_GUID mSevInitrdHashGuid = SEV_INITRD_HASH_GUID;
>>> +STATIC CONST EFI_GUID mSevCmdlineHashGuid = SEV_CMDLINE_HASH_GUID;
>>> +
>>> +#pragma pack (1)
>>> +typedef struct {
>>> +  GUID   Guid;
>>> +  UINT16 Len;
>>> +  UINT8  Data[];
>>> +} HASH_TABLE;
>>> +#pragma pack ()
>>> +
>>> +STATIC HASH_TABLE *mHashesTable;
>>> +STATIC UINT16 mHashesTableSize;
>>> +
>>> +STATIC
>>> +CONST GUID*
>>> +FindBlobEntryGuid (
>>> +  IN  CONST CHAR16    *BlobName
>>> +  )
>>> +{
>>> +  if (StrCmp (BlobName, L"kernel") == 0) {
>>> +    return &mSevKernelHashGuid;
>>> +  } else if (StrCmp (BlobName, L"initrd") == 0) {
>>> +    return &mSevInitrdHashGuid;
>>> +  } else if (StrCmp (BlobName, L"cmdline") == 0) {
>>> +    return &mSevCmdlineHashGuid;
>>> +  } else {
>>> +    return NULL;
>>> +  }
>>> +}
>>> +
>>> +/**
>>> +  Verify blob from an external source.
>>> +
>>> +  @param BlobName               The name of the blob
>>> +  @param Buf                    The data of the blob
>>> +  @param BufSize                The size of the blob in bytes
>>> +
>>> +  @retval EFI_SUCCESS           The blob was verified successfully.
>>> +  @retval EFI_ACCESS_DENIED     The blob could not be verified, and therefore
>>> +                                should be considered non-secure.
>>> +**/
>>> +EFI_STATUS
>>> +EFIAPI
>>> +VerifyBlob (
>>> +  IN  CONST CHAR16    *BlobName,
>>> +  IN  CONST VOID      *Buf,
>>> +  UINT32              BufSize
>>> +  )
>>> +{
>>> +  CONST GUID *Guid;
>>> +  INT32 Len;
>>
>> Any reason for this not to be a UINT16 like the struct or mHashesTableSize?
>>
> 
> Detect overflows in the `for` loop below?
> 
> If a (bad) Entry->Len is 0xffff, then adding it to Len will overflow the
> UINT16 and the Len < mHashesTableSize condition is still true.
> 
> 
>>> +  HASH_TABLE *Entry;
>>> +  UINT8 Hash[SHA256_DIGEST_SIZE];
>>> +
>>> +  if (mHashesTable == NULL || mHashesTableSize == 0) {
>>> +    DEBUG ((DEBUG_ERROR,
>>> +      "%a: Verifier called but no hashes table discoverd in MEMFD\n",
>>> +      __FUNCTION__));
>>> +    return EFI_ACCESS_DENIED;
>>> +  }
>>> +
>>> +  Guid = FindBlobEntryGuid (BlobName);
>>> +  if (Guid == NULL) {
>>> +    DEBUG ((DEBUG_ERROR, "%a: Unknown blob name \"%s\"\n", __FUNCTION__,
>>> +      BlobName));
>>> +    return EFI_ACCESS_DENIED;
>>> +  }
>>> +
>>> +  Sha256HashAll (Buf, BufSize, Hash);
>>
>> Maybe search for and find the Guid (done in the for loop below) before
>> calling Sha256HashAll?
>>
> 
> Yep; I'll move it just before CompareMem below.
> 
> Thanks,
> -Dov
> 
> 
>> Thanks,
>> Tom
>>
>>> +
>>> +  for (Entry = mHashesTable, Len = 0;
>>> +       Len < (INT32)mHashesTableSize;
>>> +       Len += Entry->Len,
>>> +       Entry = (HASH_TABLE *)((UINT8 *)Entry + Entry->Len)) {
>>> +    UINTN EntrySize;
>>> +    EFI_STATUS Status;
>>> +
>>> +    if (!CompareGuid (&Entry->Guid, Guid)) {
>>> +      continue;
>>> +    }
>>> +
>>> +    DEBUG ((DEBUG_INFO, "%a: Found GUID %g in table\n", __FUNCTION__, Guid));
>>> +
>>> +    //
>>> +    // Verify that the buffer's calculated hash is identical to the expected
>>> +    // hash table entry
>>> +    //
>>> +    EntrySize = Entry->Len - sizeof (Entry->Guid) - sizeof (Entry->Len);
>>> +    if (EntrySize != SHA256_DIGEST_SIZE) {
>>> +      DEBUG ((DEBUG_ERROR, "%a: Hash has the wrong size %d != %d\n",
>>> +        __FUNCTION__, EntrySize, SHA256_DIGEST_SIZE));
>>> +      return EFI_ACCESS_DENIED;
>>> +    }
>>> +
>>> +    if (CompareMem (Entry->Data, Hash, EntrySize) == 0) {
>>> +      Status = EFI_SUCCESS;
>>> +      DEBUG ((DEBUG_INFO, "%a: Hash comparison succeeded for \"%s\"\n",
>>> +        __FUNCTION__, BlobName));
>>> +    } else {
>>> +      Status = EFI_ACCESS_DENIED;
>>> +      DEBUG ((DEBUG_ERROR, "%a: Hash comparison failed for \"%s\"\n",
>>> +        __FUNCTION__, BlobName));
>>> +    }
>>> +    return Status;
>>> +  }
>>> +
>>> +  DEBUG ((DEBUG_ERROR, "%a: Hash GUID %g not found in table\n", __FUNCTION__,
>>> +    Guid));
>>> +  return EFI_ACCESS_DENIED;
>>> +}
>>> +
>>> +/**
>>> +  Locate the SEV hashes table.
>>> +
>>> +  This function always returns success, even if the table can't be found.  The
>>> +  subsequent VerifyBlob calls will fail if no table was found.
>>> +
>>> +  @retval RETURN_SUCCESS   The verifier tables were set up correctly
>>> +**/
>>> +RETURN_STATUS
>>> +EFIAPI
>>> +SevHashesBlobVerifierLibConstructor (
>>> +  VOID
>>> +  )
>>> +{
>>> +  HASH_TABLE *Ptr = (void *)(UINTN)FixedPcdGet64 (PcdQemuHashTableBase);
>>> +  UINT32 Size = FixedPcdGet32 (PcdQemuHashTableSize);
>>> +
>>> +  mHashesTable = NULL;
>>> +  mHashesTableSize = 0;
>>> +
>>> +  if (Ptr == NULL || Size == 0) {
>>> +    return RETURN_SUCCESS;
>>> +  }
>>> +
>>> +  if (!CompareGuid (&Ptr->Guid, &SEV_HASH_TABLE_GUID)) {
>>> +    return RETURN_SUCCESS;
>>> +  }
>>> +
>>> +  if (Ptr->Len < (sizeof Ptr->Guid + sizeof Ptr->Len)) {
>>> +    return RETURN_SUCCESS;
>>> +  }
>>> +
>>> +  DEBUG ((DEBUG_INFO, "%a: Found injected hashes table in secure location\n",
>>> +    __FUNCTION__));
>>> +
>>> +  mHashesTable = (HASH_TABLE *)Ptr->Data;
>>> +  mHashesTableSize = Ptr->Len - sizeof Ptr->Guid - sizeof Ptr->Len;
>>> +
>>> +  DEBUG ((DEBUG_VERBOSE, "%a: mHashesTable=0x%p, Size=%u\n", __FUNCTION__,
>>> +    mHashesTable, mHashesTableSize));
>>> +
>>> +  return RETURN_SUCCESS;
>>> +}
>>>