From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
 by mx.groups.io with SMTP id smtpd.web12.26219.1653304445255775436
 for <devel@edk2.groups.io>;
 Mon, 23 May 2022 04:14:05 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=SM/a6sX1;
 spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: ardb@kernel.org)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 79C2A6126A
	for <devel@edk2.groups.io>; Mon, 23 May 2022 11:14:04 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id E1B82C385AA
	for <devel@edk2.groups.io>; Mon, 23 May 2022 11:14:03 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1653304443;
	bh=gfqSRlwbgmjutRQgMXw2/p85847yw9bjATFNX9XxlDk=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
	b=SM/a6sX1qZy8YoB8iZ+hn3OJLRQawVSqD4l37MAjUhJinmpCUt2YRjJJIVtMfm5CQ
	 xFGYL9X38OZhBPWHOk36bIjrR3xZSvB5ujcIiOEi41Qa85S9eil4B186EH1hpiH6kn
	 RwkNQsCkDgOgiruxw+mrkKhvJOPDywZYZBPnsdvP2QZlyZOEPRlsU4UJBoxD/At2SF
	 PcKv14tq/jzLIaQUeq8tclQLYD4JBrsxawLHsziKDzCJlvrcEuT04kUYKuk/MbsqiI
	 g0HJo6Zb6Ui0kOWqGdO3eE0guFv3nZjhr3fHpWBZQuO9uPlJ1GzR0y0nHzml4obtXd
	 yKccWBQlDterg==
Received: by mail-oi1-f169.google.com with SMTP id y66so11309131oia.1
        for <devel@edk2.groups.io>; Mon, 23 May 2022 04:14:03 -0700 (PDT)
X-Gm-Message-State: AOAM531p7MgUzTaTbW07JlgPKjjoxkIbsPID+qhKwYeFWoEYWwOxHSVf
	AbZaOwhCPnTCgZgNmA2qGyGPwZKknM90PwmVLv4=
X-Google-Smtp-Source: ABdhPJzTINHrTYAo7eX6aOdX71TKGoh+QqjauB+j/2M5laffhGKF31UZPZUn8Fn4qhVv2HY6gtlOhQ39xCHR9gnxNLo=
X-Received: by 2002:a05:6808:e8d:b0:322:bac0:2943 with SMTP id
 k13-20020a0568080e8d00b00322bac02943mr11159423oil.126.1653304443069; Mon, 23
 May 2022 04:14:03 -0700 (PDT)
MIME-Version: 1.0
References: <cover.1653284206.git.min.m.xu@intel.com> <16F1B1F290429BFD.18186@groups.io>
 <MW4PR11MB5872753E4C9A8D8C356A90488CD49@MW4PR11MB5872.namprd11.prod.outlook.com>
In-Reply-To: <MW4PR11MB5872753E4C9A8D8C356A90488CD49@MW4PR11MB5872.namprd11.prod.outlook.com>
From: "Ard Biesheuvel" <ardb@kernel.org>
Date: Mon, 23 May 2022 13:13:52 +0200
X-Gmail-Original-Message-ID: <CAMj1kXHaX7YA8-BeE-nu-+YAHXjn3DiD_6pvzxSCu-RmUtA_4Q@mail.gmail.com>
Message-ID: <CAMj1kXHaX7YA8-BeE-nu-+YAHXjn3DiD_6pvzxSCu-RmUtA_4Q@mail.gmail.com>
Subject: Re: [edk2-devel] [PATCH 0/4] Measure kernel blob
To: "Yao, Jiewen" <jiewen.yao@intel.com>
Cc: "devel@edk2.groups.io" <devel@edk2.groups.io>, "Xu, Min M" <min.m.xu@intel.com>, 
	Ard Biesheuvel <ardb+tianocore@kernel.org>, "Justen, Jordan L" <jordan.l.justen@intel.com>, 
	Ashish Kalra <ashish.kalra@amd.com>, Brijesh Singh <brijesh.singh@amd.com>, 
	"Aktas, Erdem" <erdemaktas@google.com>, James Bottomley <jejb@linux.ibm.com>, 
	Tom Lendacky <thomas.lendacky@amd.com>, Sami Mujawar <sami.mujawar@arm.com>, 
	Gerd Hoffmann <kraxel@redhat.com>
Content-Type: text/plain; charset="UTF-8"

Same questions here. I don't think we should use the legacy Linux EFI
handover protocol for CC implementations, and the ordinary
LoadImage/StartImage based boot sequence already incorporates TPM
measurement, of which TDX and SEV/SNP are just a specialization.

So I don't understand why we need any of this in the first place.


On Mon, 23 May 2022 at 11:36, Yao, Jiewen <jiewen.yao@intel.com> wrote:
>
> Fix Typo for 3:
> ->BlobMeasurementLib->TpmMeasurementLib->TpmMeasurementLibTdx
> Should be: ->BlobMeasurementLib->TpmMeasurementLib->CcProtocol->Tdx
>
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, Jiewen
> > Sent: Monday, May 23, 2022 5:30 PM
> > To: Xu, Min M <min.m.xu@intel.com>; devel@edk2.groups.io
> > Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Justen, Jordan L
> > <jordan.l.justen@intel.com>; Ashish Kalra <ashish.kalra@amd.com>; Brijesh
> > Singh <brijesh.singh@amd.com>; Aktas, Erdem <erdemaktas@google.com>;
> > James Bottomley <jejb@linux.ibm.com>; Tom Lendacky
> > <thomas.lendacky@amd.com>; Sami Mujawar <sami.mujawar@arm.com>;
> > Gerd Hoffmann <kraxel@redhat.com>
> > Subject: Re: [edk2-devel] [PATCH 0/4] Measure kernel blob
> >
> > Hi
> > I am not clear about the design. Some questions:
> >
> > 1. This should be generic feature for trusted boot. Not TDX specific. Right?
> >
> > 2. Why we need BlobMeasurementLib?
> > We already have TpmMeasurementLib. Why we cannot use it?
> >
> > 3. Why we need BlobMeasurementLibTdx?
> > Even if we really need BlobMeasurementLib, the flow should be: -
> > >BlobMeasurementLib->TpmMeasurementLib->TpmMeasurementLibTdx
> >
> > 4. Why we need BlobMeasurementLibNull?
> > We already have TpmMeasurementLibNull. What is benefit to add one more
> > NULL MeasurementLib?
> >
> > Thank you
> > Yao Jiewen
> >
> > > -----Original Message-----
> > > From: Xu, Min M <min.m.xu@intel.com>
> > > Sent: Monday, May 23, 2022 1:56 PM
> > > To: devel@edk2.groups.io
> > > Cc: Xu, Min M <min.m.xu@intel.com>; Ard Biesheuvel
> > > <ardb+tianocore@kernel.org>; Justen, Jordan L <jordan.l.justen@intel.com>;
> > > Ashish Kalra <ashish.kalra@amd.com>; Brijesh Singh
> > <brijesh.singh@amd.com>;
> > > Aktas, Erdem <erdemaktas@google.com>; James Bottomley
> > > <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky
> > > <thomas.lendacky@amd.com>; Sami Mujawar <sami.mujawar@arm.com>;
> > > Gerd Hoffmann <kraxel@redhat.com>
> > > Subject: [PATCH 0/4] Measure kernel blob
> > >
> > > Kernel blobs include the kernel image, initrd, command line. These are
> > > external inputs from host VMM. In some platforms,such as Tdx environment,
> > > Host VMM is treated as un-trusted. So these external inputs should be
> > > measured.
> > >
> > > This patch-set imports a new library class (BlobMeasurementLib). It is
> > > designed to do the blob measurement, including the kernel blob
> > > measurement. In the future, it will do other blob measurement, such as
> > > measuring ACPI table which is also passed from host VMM.
> > >
> > > The code is at: https://github.com/mxu9/edk2/tree/MeasureKernelBlob.v1
> > >
> > > Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> > > Cc: Jordan Justen <jordan.l.justen@intel.com>
> > > Cc: Ashish Kalra <ashish.kalra@amd.com>
> > > Cc: Brijesh Singh <brijesh.singh@amd.com>
> > > Cc: Erdem Aktas <erdemaktas@google.com>
> > > Cc: James Bottomley <jejb@linux.ibm.com>
> > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > > Cc: Sami Mujawar <sami.mujawar@arm.com>
> > > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > > Signed-off-by: Min Xu <min.m.xu@intel.com>
> > >
> > > Min Xu (4):
> > >   OvmfPkg: Add library class BlobMeasurementLib with null implementation
> > >   OvmfPkg: Add BlobMeasurementLibNull to dsc
> > >   OvmfPkg: Implement BlobMeasurementLibTdx
> > >   OvmfPkg: Call MeasureKernelBlob after fetch from fw_cfg
> > >
> > >  ArmVirtPkg/ArmVirtQemu.dsc                    |  1 +
> > >  ArmVirtPkg/ArmVirtQemuKernel.dsc              |  1 +
> > >  OvmfPkg/AmdSev/AmdSevX64.dsc                  |  2 +
> > >  OvmfPkg/CloudHv/CloudHvX64.dsc                |  1 +
> > >  OvmfPkg/Include/Library/BlobMeasurementLib.h  | 38 ++++++++
> > >  .../BlobMeasurementLibTdx/BlobMeasurement.c   | 87
> > +++++++++++++++++++
> > >  .../BlobMeasurementLibTdx.inf                 | 30 +++++++
> > >  OvmfPkg/IntelTdx/IntelTdxX64.dsc              |  1 +
> > >  .../BlobMeasurementLibNull.c                  | 34 ++++++++
> > >  .../BlobMeasurementLibNull.inf                | 24 +++++
> > >  OvmfPkg/Microvm/MicrovmX64.dsc                |  1 +
> > >  OvmfPkg/OvmfPkg.dec                           |  3 +
> > >  OvmfPkg/OvmfPkgIa32.dsc                       |  1 +
> > >  OvmfPkg/OvmfPkgIa32X64.dsc                    |  1 +
> > >  OvmfPkg/OvmfPkgX64.dsc                        |  1 +
> > >  OvmfPkg/OvmfXen.dsc                           |  1 +
> > >  .../QemuKernelLoaderFsDxe.c                   | 13 +++
> > >  17 files changed, 240 insertions(+)
> > >  create mode 100644 OvmfPkg/Include/Library/BlobMeasurementLib.h
> > >  create mode 100644
> > > OvmfPkg/IntelTdx/BlobMeasurementLibTdx/BlobMeasurement.c
> > >  create mode 100644
> > > OvmfPkg/IntelTdx/BlobMeasurementLibTdx/BlobMeasurementLibTdx.inf
> > >  create mode 100644
> > > OvmfPkg/Library/BlobMeasurementLibNull/BlobMeasurementLibNull.c
> > >  create mode 100644
> > > OvmfPkg/Library/BlobMeasurementLibNull/BlobMeasurementLibNull.inf
> > >
> > > --
> > > 2.29.2.windows.2
> >
> >
> >
> > 
> >
>