From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web11.6300.1654257193321458177 for ; Fri, 03 Jun 2022 04:53:13 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=Fat3TMSD; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1654257193; x=1685793193; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=FShw1OXMzt26tOAjJuSklvG+UmScuZJgLgmO7BJIC60=; b=Fat3TMSDxRrUxilcS6FII8v/L2ngsH2AQZV71sRLLzlpIWXpNOYby+pe uW4EkyFPgQrmF75/ybzfFqAvI6tV2k/4lDzCJ/A094geFtkvhCaowAKsb /FdJITF1YE5NGV4DYzqT4QnEWFqzZTtZy6hcYaqop2isvaM+XTESTn5Fk 7w8M8PUCL1WFJRNm0XhLOTdtRmuS/uC/DincX2haleCsQ4+7g0taOEB8n n8aJbMNtxKmL3e3y1oOEmXSt1Q0yZRHMsRB+fkWsjFoUbjknHYjFClZuV qyIsY3Xyu8N4e6UN4LiYstZsjgqxrNKjflhFwUdB74v1eeFS+vWMHffnI A==; X-IronPort-AV: E=McAfee;i="6400,9594,10366"; a="258312137" X-IronPort-AV: E=Sophos;i="5.91,274,1647327600"; d="scan'208";a="258312137" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Jun 2022 04:53:12 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.91,274,1647327600"; d="scan'208";a="563756944" Received: from orsmsx605.amr.corp.intel.com ([10.22.229.18]) by orsmga002.jf.intel.com with ESMTP; 03 Jun 2022 04:53:12 -0700 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Fri, 3 Jun 2022 04:53:12 -0700 Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Fri, 3 Jun 2022 04:53:11 -0700 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Fri, 3 Jun 2022 04:53:11 -0700 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (104.47.57.41) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Fri, 3 Jun 2022 04:53:11 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gnk0yU7mZ31biM4ajG7Ze+yHVkIivvYKvRQYXy9vkBdHVeL8hNhSeBWK9ltO7l3SSSk6uRGJe1TFWq6pay7eJU0Nx3kFofb3jgGBpJIDslheCfq13YLnTrBZHy0apK92PVtVPxurDncA5wl3OWNeCcxVUHq1yXJD9BwZwtCLvmHwexEWDQK4cmcQOGAZyFvQCEvjC1wxCY4x98B+n2sNsBLd95Foe/khvi6S6JjyGov8I+tGSA725G9SCJsJt5wvaQCT7hUF6OMw6/FrmMDINYWkGeFdvP0Ce3CL8fT0GKm5Y2VIHkj67JkJ7DjcU2cI7zZiPJkqFf8Ht3W36fgLBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=aOR8X6RiMKBynNah3lGgxUpoP07yLU5//M4avnqjIOs=; b=LePpVE5bzFeWvapcaV2kHLlVAiHjYGyoe3m9ignqbWcXGMpgovnMk+bKGRmzQGeNNkHYVJMjoreSklGWlB6c4iLrtxE4AAple2QVsnYgdqEX8kzpGCry+9YstzK+9iqAA69n5z/MYAUwO2Q2wAflWIK2MDWJ/yegdA5Swapgc7757Eg3BZHlNAC8aA3KeJ3Hwd42qbTHCiKXvpJ7b8ffK9l3CvRbKt8Bw+2tKoebeETnD61fSeW8+cD8uWvLYmT9/HBbYdMuJ01LUuRmyg3gXJgMAsfBua8BzuNqlQRZElOUjNFMarvZd9sVHKm4y1SXp4hauoELsV7NELqb0s0rWA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by CH0PR11MB5362.namprd11.prod.outlook.com (2603:10b6:610:b9::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.12; Fri, 3 Jun 2022 11:53:09 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::382e:55b8:41a6:6eff]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::382e:55b8:41a6:6eff%6]) with mapi id 15.20.5314.012; Fri, 3 Jun 2022 11:53:09 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" , "Xu, Min M" Subject: Re: [edk2-devel] [PATCH V4 0/9] Enable RTMR based measurement and measure boot for Td guest Thread-Topic: [edk2-devel] [PATCH V4 0/9] Enable RTMR based measurement and measure boot for Td guest Thread-Index: AQHYaPiQDpphITp2NU6tL+0v6P4nza09rwQQ Date: Fri, 3 Jun 2022 11:53:09 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.6.500.17 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: cf076c44-79fb-49e2-7457-08da4557a142 x-ms-traffictypediagnostic: CH0PR11MB5362:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: tiWy23at66P2sVP5YIoViX26Q/IrerJT2kJGL4bC0U6Ot30i5K3UlPo30btMO+Q92MjjSIPtRR8JfhrlumMlWOzgO7Opm5wZA7owCBdqVEPpAHY4vwV8O33QFpGMKEB2vyACJ8phZcG9GoCQI2qNPaDwEwabDQ7OvYT31hC3fxsZPPL6s1ryieh9F2ZWSmIwj1zL9mlPMOxsWXI2ujyLz10X1ldeB9yrgsuIkweREn/CvFjr7+FNEmW0R7krCf25fWyAIzJg4SP09jlAK0iCQlk8aMWp/MSRKc19ulDfh37EMnU0Km3ndpnzpvcNsqN/l9Up6Y2/uFTEVl5Yf3SlTin0f7ub/Xk/yIJUT+/fkSg9RwmQkQyz6tYz3jXhYmvPJRj8Q8Su15/nMI5qO5C2GJOD4skEwf0pa1gwdEsacIctCucekqlIQfpH2Jiibi3vYmofCeTmgez256mkogJo8feqJSF1jlJtZFeGIOR9mharmrHt+E165wg3KbkkfuyO0yzSIFN9db1osSpLDtlNpBI8QPiwu9m7eVXOxgZF2yu+e2k6KfBsXiG0L7FXPAQAVRNtUPSj76+xE7OtFpay0cFjAuuNEHCI6jTrWG4SWEN0IBvFMCYfvFFfo6k1DobhMbdiAtZpDGSopAYWRrxc++AY5X9VABG5Nnh4OgNJ4m8dN5YEbAwozhvIcgvzXxJneVnfldZ+6kdh+zq33/S0MAcHcuf4d4oJng1bRNpwWnlDwSMOczSGz8ojUpBynbr8pVqqEYK9v1Ofo7TOPTF+B5uv1J3qUEkRLUJ/GC625L0P1PekKLxRFsou9tCddOPlmTt9MHjE/Ib+tkOYEQycFQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(966005)(8936002)(316002)(6636002)(110136005)(508600001)(186003)(71200400001)(52536014)(122000001)(55016003)(76116006)(5660300002)(19627235002)(86362001)(66556008)(64756008)(66476007)(66446008)(66946007)(8676002)(82960400001)(38070700005)(2906002)(33656002)(83380400001)(6506007)(38100700002)(7696005)(53546011)(9686003)(26005)(84970400001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?8B3Gj6TkdrEBuj+IkBGiX0f5meUNPREv6oGBhFcMSl2mjQE3Gc4D1OjiV7uv?= =?us-ascii?Q?2hMlr65i2UqBHDBnU+lrIjva88pAVFsigDN74lTgZw5SYXsbtPPcPP5tIBPQ?= =?us-ascii?Q?IYPtBI/z7Izvr29l749EN3YEN274Rak2FNHVrxGug4TG9KmNb2FPFfG1lkzO?= =?us-ascii?Q?mBwCqq6mnyH3+yWgwVp7dcchXnZnvqYIHqBD39t/WLzlRvYg8VbmvAxZgLIS?= =?us-ascii?Q?Yjgftklcvk23q0AOV9ATQoqHL6nuoECNskKwiBIOLNYV80ItzmwZzY3hUJOE?= =?us-ascii?Q?9RB6s9qhzq9Dzk5sADsiTXv2Cw10B0UWV6KUz9va/jVZJ6D0GWFJSGT4pNAX?= =?us-ascii?Q?xz5DDHHdZ2g+NPjUClXZg0mpWGIoQGNMwk59bo5oiYfJzo8Id8YyUu5ifKZo?= =?us-ascii?Q?aeSozBGopQ+11JRRgG+q+Aj7T+CiaZXPgcgWIVZH4PrYN1+0I9px/yiOG4SB?= =?us-ascii?Q?vjNuBgAw7mIKkI97UtykqannIZxryPJXtikY0ggV0XzSlbbpnWPA1i7WrykY?= =?us-ascii?Q?4RHNmBZOLHAT2NLIhdj+/kftWsxo/iGMZq7U5EpzlG7UsXK5U+Gam1YgWzCs?= =?us-ascii?Q?kJireKM5Tp3iXi1ajE0SFEoRMSRxKumkV185+IvsBQS5hiamOl0ySk9eZ5xu?= =?us-ascii?Q?wiWyFIQaBEdIuuTYl/stpaUbY4KpoDm7yRUnRYT6XU6/C05ZFpjGsbPJV71b?= =?us-ascii?Q?HELrzWFEqr9YKEdzoMTSnNPdk805rlyYWGOoDeGHDmGqKzaD07c59aYjtJSU?= =?us-ascii?Q?YZD56MZGYSRJMY4q+PY6j7tZAnGDDIWYc/Oj683ohVNYf4kf1Y56NxDanewO?= =?us-ascii?Q?7w6U426a7nenMRCGiaSmCD7nyLYUCek3hYQsfcA4e7f6TsNJEpis0vrz5fpz?= =?us-ascii?Q?MC5FRWWGs63qVsSQ4IZeKtEvsSYfqu1lkSBscUnZsytfXzHpRZWGFfpGydmJ?= =?us-ascii?Q?F1zbGqM7uX3dhsNP+5tzHmHcB9hBZqqjGgVXK3f/llfN+H4sWKFJNE0V52Ds?= =?us-ascii?Q?iAzimgRuf/N5529RJEWxe2XY1iDkrQ8FsJw0lZwP7XkZRiuM/Ln83RduBxOK?= =?us-ascii?Q?voF0Vc1+CkN/1V7I1IM8NWwNAt06TNXUt6YNs6LALNfY01P5W/UqIe9as6lQ?= =?us-ascii?Q?5JH2FMvcm1RbHJlUQ57l1uz6wXlg8J9kkz6868hMBl6y9ZO+1eWD1UlET/sz?= =?us-ascii?Q?L/SvSmHdPY6NNO4TAjWnYRtT5KcUq2+5bT2S+pW6FHc84WIhFoPlqBG9tnYL?= =?us-ascii?Q?Xf+MuVc+9dV4HA2NA3QpYG9C8l5NmyecZVgWK19JuBCPkgiLJb1xO5fmP8Mx?= =?us-ascii?Q?/cYOrNz50dcpaZ71cab6xBS0MkXd5DYU9n9Xb/F67xWxFdpw2fhKUrEgLAr4?= =?us-ascii?Q?e+o8QBOFmXOpseXd4rrBcm9ujG9JHnvZhFRbZ1rvgQnpHqofKLmUa+Cz7KQ1?= =?us-ascii?Q?eYBdyQsp7igt8aUPeBX36iUW8kcbXHqwI9HNrKaFYBo4mzZTit6ePWAhvLZf?= =?us-ascii?Q?4wijchT5AuziRbRKvFyFik0IOuQyF1G2Jx4BGF83AIylWkdpqWSYZmrwTswj?= =?us-ascii?Q?rbhdLroaQQCuzF3ayhHA9LXugeUiiw+1udJppAjaSQaPwtQSH2fV6wVaLB8r?= =?us-ascii?Q?QVeWfSr3+0tClHCKrkhYYkDgICzpskq/TR3kx8zuyqcu62iHps5G0yO68LTd?= =?us-ascii?Q?rJvQHTUIFEU5RhD2B4QT540d3pV0cN9BEdLUP7mik7QbWs00pFhWWPCgSzWe?= =?us-ascii?Q?3lGMbwzz+A=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: cf076c44-79fb-49e2-7457-08da4557a142 X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jun 2022 11:53:09.5992 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 77RUvpzBu4/2ZBRhljHI/01j5WH+CPzMVqUyRC3kR4NzWYhStqkmEhEhCrNgUaT5RmF4RO7w9NbM1jiZOLEyEA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR11MB5362 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Merged https://github.com/tianocore/edk2/pull/2943 > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Min Xu > Sent: Monday, May 16, 2022 3:42 PM > To: devel@edk2.groups.io > Cc: Xu, Min M > Subject: [edk2-devel] [PATCH V4 0/9] Enable RTMR based measurement and > measure boot for Td guest >=20 > RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3853 >=20 > Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology > that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory > Encryption (MKTME) with a new kind of virutal machines guest called a > Trust Domain (TD). A TD is desinged to run in a CPU mode that protects th= e > confidentiality of TD memory contents and the TD's CPU state from other > software, including the hosting Virtual-Machine Monitor (VMM), unless > explicitly shared by the TD itself. >=20 > There are 2 configurations for TDVF to upstream. See below link for > the definitions of the 2 configurations. > https://edk2.groups.io/g/devel/message/76367 >=20 > This patch-set is to enable below features of Config-B in OvmfPkg. > - Enable RTMR based measurement and measured boot > - Install CC_MEASUREMENT_PROTOCOL instance in Td guest >=20 > The measurement for the other components, such as kernel image, initrd, > will be introduced in the following patch-sets. >=20 > Patch 1: > HashLibTdx provides SHA384 service and extend to RTMR registers. >=20 > Patch 2: > SecCryptLib is the cryptographic library instance for SEC. >=20 > Patch 3 - 8: > These 6 patches are related to RTMR based measurement and > CC Eventlog ACPI table. >=20 > Patch 9: > Update IntelTdxX64.dsc/IntelTdxX64.fdf to support RTMR based > measurement and measured boot. >=20 > Code at: https://github.com/mxu9/edk2/tree/tdvf_wave4.v4 >=20 > v4 changes: > - Update Rsvd field in EFI_CC_EVENTLOG_ACPI_TABLE to UINT16. > - Rebase EDK2 code base. (commit: 708620d29db8) >=20 > v3 changes: > - Refine HashLibBaseCryptoRouterTdx to HashLibTdx > - Add NULL version algorithms in SecCryptLib. > - Add SecMeasurementLib which does the measurement in SEC phase. > - Rebase EDK2 code base. (commit: 91a03f78ba) >=20 > v2 changes: > - Move the definition of EFI_CC_EVENT_HOB_GUID from MdePkg to > SecurityPkg. > - Update the definition of EFI_CC_EVENTLOG_ACPI_TABLE based > on below discussion: > https://edk2.groups.io/g/devel/message/87396 > https://edk2.groups.io/g/devel/message/87402 > - Update the code base to 94f905b3bf. >=20 >=20 > Min Xu (9): > Security: Add HashLibTdx > CryptoPkg: Add SecCryptLib > SecurityPkg: Add definition of EFI_CC_EVENT_HOB_GUID > OvmfPkg: Introduce SecMeasurementLib > OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV > OvmfPkg: Add PCDs for LAML/LASA field in CC EVENTLOG ACPI table > MdePkg: Define CC Measure EventLog ACPI Table > OvmfPkg/IntelTdx: Add TdTcg2Dxe > OvmfPkg/IntelTdx: Enable RTMR based measurement and measure boot >=20 > CryptoPkg/CryptoPkg.dsc | 4 + > .../Library/BaseCryptLib/Hash/CryptMd5Null.c | 163 ++ > .../Library/BaseCryptLib/Hash/CryptSha1Null.c | 166 ++ > .../BaseCryptLib/Hash/CryptSha256Null.c | 162 ++ > .../Library/BaseCryptLib/Hash/CryptSm3Null.c | 164 ++ > .../BaseCryptLib/Pk/CryptPkcs7VerifyEkuNull.c | 152 + > .../BaseCryptLib/Pk/CryptRsaBasicNull.c | 121 + > .../Library/BaseCryptLib/SecCryptLib.inf | 91 + > MdePkg/Include/Protocol/CcMeasurement.h | 21 + > OvmfPkg/Include/Library/SecMeasurementLib.h | 46 + > OvmfPkg/IntelTdx/IntelTdxX64.dsc | 16 +- > OvmfPkg/IntelTdx/IntelTdxX64.fdf | 5 + > .../IntelTdx/TdTcg2Dxe/MeasureBootPeCoff.c | 407 +++ > OvmfPkg/IntelTdx/TdTcg2Dxe/TdTcg2Dxe.c | 2489 +++++++++++++++++ > OvmfPkg/IntelTdx/TdTcg2Dxe/TdTcg2Dxe.inf | 101 + > OvmfPkg/Library/PeilessStartupLib/IntelTdx.c | 163 ++ > .../PeilessStartupLib/PeilessStartup.c | 31 + > .../PeilessStartupInternal.h | 17 + > .../PeilessStartupLib/PeilessStartupLib.inf | 8 +- > .../SecMeasurementLib/SecMeasurementLibTdx.c | 340 +++ > .../SecMeasurementLibTdx.inf | 30 + > OvmfPkg/OvmfPkg.dec | 10 + > SecurityPkg/Include/Guid/CcEventHob.h | 22 + > SecurityPkg/Library/HashLibTdx/HashLibTdx.c | 207 ++ > SecurityPkg/Library/HashLibTdx/HashLibTdx.inf | 37 + > SecurityPkg/SecurityPkg.dec | 4 + > SecurityPkg/SecurityPkg.dsc | 10 + > 27 files changed, 4984 insertions(+), 3 deletions(-) > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3Null.c > create mode 100644 > CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEkuNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasicNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf > create mode 100644 OvmfPkg/Include/Library/SecMeasurementLib.h > create mode 100644 OvmfPkg/IntelTdx/TdTcg2Dxe/MeasureBootPeCoff.c > create mode 100644 OvmfPkg/IntelTdx/TdTcg2Dxe/TdTcg2Dxe.c > create mode 100644 OvmfPkg/IntelTdx/TdTcg2Dxe/TdTcg2Dxe.inf > create mode 100644 OvmfPkg/Library/PeilessStartupLib/IntelTdx.c > create mode 100644 > OvmfPkg/Library/SecMeasurementLib/SecMeasurementLibTdx.c > create mode 100644 > OvmfPkg/Library/SecMeasurementLib/SecMeasurementLibTdx.inf > create mode 100644 SecurityPkg/Include/Guid/CcEventHob.h > create mode 100644 SecurityPkg/Library/HashLibTdx/HashLibTdx.c > create mode 100644 SecurityPkg/Library/HashLibTdx/HashLibTdx.inf >=20 > -- > 2.29.2.windows.2 >=20 >=20 >=20 >=20 >=20