From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Xu, Min M" <min.m.xu@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>,
"kraxel@redhat.com" <kraxel@redhat.com>
Cc: "Aktas, Erdem" <erdemaktas@google.com>,
James Bottomley <jejb@linux.ibm.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Michael Roth <michael.roth@amd.com>
Subject: Re: [edk2-devel] [PATCH V3 3/9] OvmfPkg/IntelTdx: Add SecTdxHelperLib
Date: Thu, 26 Jan 2023 02:01:53 +0000 [thread overview]
Message-ID: <MW4PR11MB58726246752FA78EAE3877288CCF9@MW4PR11MB5872.namprd11.prod.outlook.com> (raw)
In-Reply-To: <PH0PR11MB5064F75C8F3A17B3741E7896C5CF9@PH0PR11MB5064.namprd11.prod.outlook.com>
Hey
I don't think it is a good idea to define a context size here, because that will assume the openssl implementation. Please don't do that.
Could you please just use Sha384HashAll() API, if you don't like to allocate memory?
Thank you
Yao, Jiewen
> -----Original Message-----
> From: Xu, Min M <min.m.xu@intel.com>
> Sent: Thursday, January 26, 2023 9:57 AM
> To: devel@edk2.groups.io; kraxel@redhat.com
> Cc: Aktas, Erdem <erdemaktas@google.com>; James Bottomley
> <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky
> <thomas.lendacky@amd.com>; Michael Roth <michael.roth@amd.com>
> Subject: RE: [edk2-devel] [PATCH V3 3/9] OvmfPkg/IntelTdx: Add
> SecTdxHelperLib
>
> On January 25, 2023 8:16 PM, Gerd Hoffmann wrote:
> > > +//
> > > +// SHA512_CTX is defined in <openssl/sha.h> and its size is 216 bytes.
> > > +// It can be built successfully with GCC5 compiler but failed with VS2019.
> > > +// The error code showed in VS2019 is that "openssl/sha.h" cannot be
> found.
> > > +// To overcome this error SHA512_CTX_SIZE is defined.
> > > +//
> > > +#define SHA512_CTX_SIZ 216
> >
> > There is Sha384GetContextSize()
> >
> HashAndExtendToRtmr is designed to be run in very early stage and at that stage
> Memory allocation service is not ready. So we have to declare an array with size
> of SHA512_CTX_SIZE(216).
>
> Variable-length automatic arrays are allowed in C99.
> https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html So if ovmf is built with
> GCC, then the code below works:
> UINT8 Sha384Ctx[Sha384GetContextSize ()];
>
> But unfortunately it is not supported in VS series. (I test it with VS2017)
> Building ...
> tdvf2\EmbeddedPkg\Library\PrePiMemoryAllocationLib\PrePiMemoryAllocation
> Lib.inf [X64]
> tdvf2\OvmfPkg\IntelTdx\TdxHelperLib\SecTdxHelper.c(839): error C2057:
> expected constant expression
> tdvf2\OvmfPkg\IntelTdx\TdxHelperLib\SecTdxHelper.c(839): error C2466:
> cannot allocate an array of constant size 0
> tdvf2\OvmfPkg\IntelTdx\TdxHelperLib\SecTdxHelper.c(839): error C2133:
> 'Sha384Ctx': unknown size
>
> So Sha384GetContextSize() cannot be used here.
>
> Thanks
> Min
next prev parent reply other threads:[~2023-01-26 2:02 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-25 2:23 [PATCH V3 0/9] Enable Tdx measurement in OvmfPkgX64 Min Xu
2023-01-25 2:23 ` [PATCH V3 1/9] OvmfPkg: Add Tdx measurement data structure in WorkArea Min Xu
2023-01-25 2:23 ` [PATCH V3 2/9] OvmfPkg/IntelTdx: Add TdxHelperLibNull Min Xu
2023-01-25 2:23 ` [PATCH V3 3/9] OvmfPkg/IntelTdx: Add SecTdxHelperLib Min Xu
2023-01-25 12:16 ` Gerd Hoffmann
2023-01-26 1:56 ` [edk2-devel] " Min Xu
2023-01-26 2:01 ` Yao, Jiewen [this message]
2023-01-26 2:08 ` Min Xu
2023-01-25 2:23 ` [PATCH V3 4/9] OvmfPkg/IntelTdx: Update tdx measurement in SEC phase Min Xu
2023-01-25 2:23 ` [PATCH V3 5/9] OvmfPkg/TdxHelperLib: Implement TdxHelperBuildGuidHobForTdxMeasurement Min Xu
2023-01-25 12:22 ` Gerd Hoffmann
2023-01-26 1:58 ` Min Xu
2023-01-26 7:09 ` Min Xu
2023-01-26 7:50 ` Gerd Hoffmann
2023-01-25 2:23 ` [PATCH V3 6/9] OvmfPkg: Enable Tdx measurement in OvmfPkgX64 Min Xu
2023-01-25 2:23 ` [PATCH V3 7/9] OvmfPkg/IntelTdx: Add PeiTdxHelperLib Min Xu
2023-01-25 2:23 ` [PATCH V3 8/9] OvmfPkg/PlatformPei: Build GuidHob for Tdx measurement Min Xu
2023-01-25 2:23 ` [PATCH V3 9/9] OvmfPkg/TdxHelperLib: Implement TdxHelperProcessTdHob Min Xu
2023-01-25 12:24 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=MW4PR11MB58726246752FA78EAE3877288CCF9@MW4PR11MB5872.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox