From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web09.34682.1650246222602658759 for ; Sun, 17 Apr 2022 18:43:42 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=NytSEkIq; spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1650246222; x=1681782222; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=SM8uzNf5YooYNwNUFCbT3M2T4f3+wUAYbZ1ZLCEbJ/w=; b=NytSEkIqqsAjH6aCtQYYB6h0WKpb0RqsqBkaZCkf81ExokiMYy6cbDOj 86ixDDAj80iZeCtyi+uktZkaFaIJWyzs4gzDSVORtjanjykQuau/JiHOd 1ZNzuzCdaBshRFnlhAfNJLJ7Q1RjmMb5ybj+lpyZDjjrfYvOABNwLeoMC KNYg0t74ss2Dyncx4qxN6qaDEgbjGxlHzGF4G9hdcD3NStMBV844ueK7P DFIkYgQlE1u0tw+3MC/rJuP8fnwq7jfegPuYK/m8KiniAFHBi4Nshc7c2 Tt+pXnL5BCCU/yRnD1Gr65jDYf3xAGQI0OpivPyQbIuayPv9OqHpeKdga A==; X-IronPort-AV: E=McAfee;i="6400,9594,10320"; a="262892768" X-IronPort-AV: E=Sophos;i="5.90,267,1643702400"; d="scan'208";a="262892768" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Apr 2022 18:43:41 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,267,1643702400"; d="scan'208";a="726468311" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orsmga005.jf.intel.com with ESMTP; 17 Apr 2022 18:43:41 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Sun, 17 Apr 2022 18:43:41 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Sun, 17 Apr 2022 18:43:41 -0700 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.174) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Sun, 17 Apr 2022 18:43:41 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WfGQe+EETcU3WjftmnG1K9B3R5AnVB/Cylc6Zbhg39ASiKrhv/a3ftj2cNbRMVECzMh2bZQij3bGKy6mI+69J8cZc4i0doS2EPuACKTDO6BTDJiYKABUY2puLUNRuczQpDv8TPl25SBiLTIFPxoAgrYInk0b61Fbw1ZpXeujhSEOhYdK+phwEdaV/1vc3KX8QZ/W7lvsnORK4FOoAcw+RUISqVs8/Xz4lMya36dY+FWvnPBYfkxYjujMfjdqDn7f0b6RLEZPRpmtMCA1R6amHksy1g4JbL4yC7FQYqOWI5qAxgFFX/2yY76uZ8UhNt7UKiIzCtGOa3pLJ6NRTEruWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=A3xcrgAUQ42VIBQzqCHNLrryFqGtHVsdI7mzWIIaUOU=; b=oL5c/oqcH8B0kpmtiGgESAv8mHK+p6jJQ/mEhuF1/X0HneuLZH7aVYWszYk2j9MF4MI3EyQn94gd5D/zp6nXi0sV6GnCSkeqbNHGvHoUJ6+EKHuSDFKlU48VxFXUoZMr2oIxCl8vzdPxaxM8Msnlk4xB22JvdtZuntDK5AoXaacph18J0z/NBG97aFmrHnSYr50fXAIIZHymcaRgaXfrqtptuOb6auUbQwsn2yoX8gQw6tlTZoxJi3N58KkW6J4C/pFSxbjOW0sWLvJG8ehwa1EOLOQoqr8Vf21DwBCHd1GLjFHpDp3iVDzEYVF0ZpHw++jJy5CG0OireBnVtLA9Jw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by DM6PR11MB3530.namprd11.prod.outlook.com (2603:10b6:5:72::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5164.20; Mon, 18 Apr 2022 01:43:39 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::198e:ea23:c83b:b93a]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::198e:ea23:c83b:b93a%4]) with mapi id 15.20.5164.025; Mon, 18 Apr 2022 01:43:39 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" , "Xu, Min M" CC: "Yao, Jiewen" Subject: Re: [edk2-devel] [PATCH V3 0/9] Enable RTMR based measurement and measure boot for Td guest Thread-Topic: [edk2-devel] [PATCH V3 0/9] Enable RTMR based measurement and measure boot for Td guest Thread-Index: AQHYUrdkV3dAz047V0W+BFChLdZ4E6z05d3w Date: Mon, 18 Apr 2022 01:43:39 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.6.401.20 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 04dcbe49-404f-4232-169d-08da20dcdcdc x-ms-traffictypediagnostic: DM6PR11MB3530:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: juKYOiNupEmSlAR9CMlUbCFKTqf4B4FuKi+6WrLYArVzu04t2/GtUU13vdv4cFiVml36CAWSPhKhBqvrbE6bbaZ4GqEXmSZ2/CxSpTvY0E20ECsBm2/0eDU7kwFDPpZf3JaRsdhYQKiOTMjAAYkYE6yoUtJYHRFgP1LVQdqxADSDCu6CTBhvkgBun9m2ZSbolfv5Q86GneEVYEUJRSOHw+ZpJQd37qZAU7wCKvPHG2+1sQwygHdrGscP1mkkFVhx2wEpcL0WEFa1nxlQIZgDQorsAf5cyfNPpubfH9T7cNkZii0EX9Fgm4ufgL87QrV9q7L7PMXAcnb5kOmC8O5dfkznmYFC4zi0m07bv7XyRvn6x+xInaOAbWVX0+iTAGZmrMWbX9eUTJ8HUR3yfwacE0vmkaT1s9F8BGfqtNM3IVxlAt3VLxFqHgDGmJPSp0lm+IHTlXBHB6nnTu4hkRtwG9bCtv4Ru1wQgr+TfJ/Jct4Za4oQ9iObspquqhguNF68sEBQgQec9fNAG1+SIvv0jkRdHVbmhpEyiNKRwcfDmxQgNP0TzjDwr/B9Ja9hs+f+bBWtw31QljRnr86sWd1aEtXlwt1n7w1r6Sor7cEKHSmBvMm3H+/d14XlL6TfEWgIjVoX9WKz4qz4FL/fh3Ze2lbS395DfJHIMxeFdtQMvaXm6u0ooQlm4tC/FJahoadOKm2oPfyBJo3rZRXTYS4JMcbcs5aD5Qw7As4QAjXCnIJP6vpTnHLdRgutuzsT4hRwROdH6plq9dzGMvv704yueUn+J2bJGzjKV1X/AeN0nMaH3CII/xivsIsKs073H8MAI9wYKqVNJEp4i/fSQiQw1A== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(82960400001)(84970400001)(186003)(66476007)(2906002)(83380400001)(38070700005)(38100700002)(122000001)(52536014)(8936002)(66556008)(66946007)(5660300002)(4326008)(8676002)(64756008)(107886003)(66446008)(55016003)(71200400001)(26005)(508600001)(76116006)(53546011)(6506007)(9686003)(7696005)(6636002)(316002)(966005)(110136005)(33656002)(19627235002)(86362001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?IOVyAbTQKmshqlF40I5I4MIolQ4BOBsGQNDeqE1ZGTpHPKhxyCS+fouS3FBL?= =?us-ascii?Q?96XP7tV5GRSmGA8ak3Y4zfGyTIEl0Zw8XuadjU/DudUlKVYBjxe3noR87OU0?= =?us-ascii?Q?d01jyuBPkiAxHv9qHelWqwi3MDPOa3h6tDZ2ZtVBMz2eiPdrSuITrElSuwhp?= =?us-ascii?Q?CGgBHB54haPhu5LB/aB99WSLdXg+3i3UHn8iotFZ7a5qa0vkU3vGhRwYwwHw?= =?us-ascii?Q?BvCTVoka9Yclkv7QJvoTnWsJRcw4Uxyj8H0w48MtmAe7KUiq0++ZYVuvf3/5?= =?us-ascii?Q?I/8jhDrFQcst+4k10WGdOi/bSsS3fdj7lDGmpZMCd5sbEGQ8dmECyK4gbido?= =?us-ascii?Q?UIsCvvEZxDNTZXdt5Y8ZBVVi+tW0ysdyPh5DsKj0K1b4vYHub/28jTpwo3YX?= =?us-ascii?Q?KGlMPa0FwxSOf3116zQbcAhyR3M3QvmHkhkpkmJxHMTs8BoTSoqVjJZOESYM?= =?us-ascii?Q?2KsRLphMQ3KmzcCTjmYCgI+x54fQ7nHJ3TILNWWAmqzFnZsHpiydQsCntgeo?= =?us-ascii?Q?K5it2uCFgyzVBKbk/87mRKBuWN3sOaYoCOTsUWGTd34mXx+GRV3jE7yoSTGY?= =?us-ascii?Q?PdEb39LJC5+AnNqWvWoACeKnF0Uvr4IVp7NxiFhJLteWiu9H7S8RdnQn7WGV?= =?us-ascii?Q?hpkk56q+i6c/cH9NR/VsJQc5cxVSR/zO28QDx85fmAmPagwMaMiGq/gZb8BN?= =?us-ascii?Q?kthXW3CIUUn//DuX2ckoo9f4Me4XbBRr+mxUfK6EKCweRWhhoVG9OgUaZp30?= =?us-ascii?Q?2eCoYRjt8PteuZdFse1AIKnTS4Uy3K+pqPWQxBosxxoVxZDxgD7nqiUeyNrC?= =?us-ascii?Q?ff9baBrNhw1xZ3TYb+fTpjUY/zgkp1FsuCkJ82l96CjNl9n5Chc0VblGSC3H?= =?us-ascii?Q?b1lxm5wRuPus4n/s4DGi6zS6nSN7xrRyzBs7sN3v8r9PlsVqGc3qzW5tr8Xq?= =?us-ascii?Q?ClZ/EwjfL3ThCGucXmvoXbGDkJ4biR3alDWWFfXzRi26+WsPnZcjD3/tEcTH?= =?us-ascii?Q?9FiUeRcCqH6MZ7YN4JGDGHjuPRoxHDEO8yYmuj9KtiwVwhUuIO+W40VwCplQ?= =?us-ascii?Q?Ag/RTqwPXU61+JQIsbsjykUvzvk0bLNfJbaBlJuB03Xnjw+H4e9yr6WCUPzR?= =?us-ascii?Q?YkAsZKarY5SMFlspcAqfueUy1OM9qcFCfrD6nApcoU3RCOJWbv3WwF87o6f8?= =?us-ascii?Q?NheJfyfnkGce1yGUKCsH72/6vops/883d6klDo6Bjllhns3R0jbo0JLuNdWX?= =?us-ascii?Q?lngG6fWTPcwqhofI7mtTiTsM4sFKHnupOx33/iYCgSHotrDnnRpXsHrx1Wix?= =?us-ascii?Q?q/ISZ2RcqiIWMRdQNvG1tT3IeDGTXCAuCLiWrGDSiVC8BB5ZzJJHfh24WRfh?= =?us-ascii?Q?UiVBkbUffu4/S0ktDo5qHHyjMNBl7/EuztuO9xaKsV94qt+x2b5zvXBa5Xqw?= =?us-ascii?Q?2CD2+gS7g693Dpv8ml/lkM7dsyhGMtx5eR6jpDdA024T7da36lIVAHYbesLL?= =?us-ascii?Q?HO92oEu8YDv4G7AdJRgTfZU3CxYsMcOFSiRDvaP0bX2bEyk1gO90iALKlYpX?= =?us-ascii?Q?2QarIUQ3cO/faZaAFyg4BobZMoa9iuShQCqqX2OsXi1rlFVc/2QNAZbR7ruB?= =?us-ascii?Q?fTvH3f83LA37vpCikdkmMaWmoSBpvihlQZ8ElhO2uRiBlvtBLEEHYI1ntjWX?= =?us-ascii?Q?Ht6ZUKbx70HtCW0XRLy5G51hwUelGwi68qFMKD7h8oI4BWBgDdkJZvZFnPCq?= =?us-ascii?Q?D2/iheeiyQ=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 04dcbe49-404f-4232-169d-08da20dcdcdc X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Apr 2022 01:43:39.5713 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: iXnQ3i4pJbWtgHJ3TJ3B105TTUcrGj6/olnJxkOIWhoK41SSfjRRvY4q0/Hj726TWi/cC71a8Gm3q4UhHId/4Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3530 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Thanks for the update. With CCEL Rsvd changed to 2 bytes, the series reviewed-by: Jiewen Yao > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Min Xu > Sent: Monday, April 18, 2022 8:00 AM > To: devel@edk2.groups.io > Cc: Xu, Min M > Subject: [edk2-devel] [PATCH V3 0/9] Enable RTMR based measurement and > measure boot for Td guest >=20 > RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3853 >=20 > Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology > that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory > Encryption (MKTME) with a new kind of virutal machines guest called a > Trust Domain (TD). A TD is desinged to run in a CPU mode that protects th= e > confidentiality of TD memory contents and the TD's CPU state from other > software, including the hosting Virtual-Machine Monitor (VMM), unless > explicitly shared by the TD itself. >=20 > There are 2 configurations for TDVF to upstream. See below link for > the definitions of the 2 configurations. > https://edk2.groups.io/g/devel/message/76367 >=20 > This patch-set is to enable below features of Config-B in OvmfPkg. > - Enable RTMR based measurement and measured boot > - Install CC_MEASUREMENT_PROTOCOL instance in Td guest >=20 > The measurement for the other components, such as kernel image, initrd, > will be introduced in the following patch-sets. >=20 > Patch 1: > HashLibTdx provides SHA384 service and extend to RTMR registers. >=20 > Patch 2: > SecCryptLib is the cryptographic library instance for SEC. >=20 > Patch 3 - 8: > These 6 patches are related to RTMR based measurement and > CC Eventlog ACPI table. >=20 > Patch 9: > Update IntelTdxX64.dsc/IntelTdxX64.fdf to support RTMR based > measurement and measured boot. >=20 > Code at: https://github.com/mxu9/edk2/tree/tdvf_wave4.v3 >=20 > v3 changes: > - Refine HashLibBaseCryptoRouterTdx to HashLibTdx > - Add NULL version algorithms in SecCryptLib. > - Add SecMeasurementLib which does the measurement in SEC phase. > - Rebase EDK2 code base. (commit: 91a03f78ba) >=20 > v2 changes: > - Move the definition of EFI_CC_EVENT_HOB_GUID from MdePkg to > SecurityPkg. > - Update the definition of EFI_CC_EVENTLOG_ACPI_TABLE based > on below discussion: > https://edk2.groups.io/g/devel/message/87396 > https://edk2.groups.io/g/devel/message/87402 > - Update the code base to 94f905b3bf. >=20 > Min Xu (9): > Security: Add HashLibTdx > CryptoPkg: Add SecCryptLib > SecurityPkg: Add definition of EFI_CC_EVENT_HOB_GUID > OvmfPkg: Introduce SecMeasurementLib > OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV > OvmfPkg: Add PCDs for LAML/LASA field in CC EVENTLOG ACPI table > MdePkg: Define CC Measure EventLog ACPI Table > OvmfPkg/IntelTdx: Add TdTcg2Dxe > OvmfPkg/IntelTdx: Enable RTMR based measurement and measure boot >=20 > CryptoPkg/CryptoPkg.dsc | 4 + > .../Library/BaseCryptLib/Hash/CryptMd5Null.c | 163 ++ > .../Library/BaseCryptLib/Hash/CryptSha1Null.c | 166 ++ > .../BaseCryptLib/Hash/CryptSha256Null.c | 162 ++ > .../Library/BaseCryptLib/Hash/CryptSm3Null.c | 164 ++ > .../BaseCryptLib/Pk/CryptPkcs7VerifyEkuNull.c | 152 + > .../BaseCryptLib/Pk/CryptRsaBasicNull.c | 121 + > .../Library/BaseCryptLib/SecCryptLib.inf | 91 + > MdePkg/Include/Protocol/CcMeasurement.h | 21 + > OvmfPkg/Include/Library/SecMeasurementLib.h | 46 + > OvmfPkg/IntelTdx/IntelTdxX64.dsc | 16 +- > OvmfPkg/IntelTdx/IntelTdxX64.fdf | 5 + > .../IntelTdx/TdTcg2Dxe/MeasureBootPeCoff.c | 407 +++ > OvmfPkg/IntelTdx/TdTcg2Dxe/TdTcg2Dxe.c | 2489 +++++++++++++++++ > OvmfPkg/IntelTdx/TdTcg2Dxe/TdTcg2Dxe.inf | 101 + > OvmfPkg/Library/PeilessStartupLib/IntelTdx.c | 163 ++ > .../PeilessStartupLib/PeilessStartup.c | 31 + > .../PeilessStartupInternal.h | 17 + > .../PeilessStartupLib/PeilessStartupLib.inf | 8 +- > .../SecMeasurementLib/SecMeasurementLibTdx.c | 340 +++ > .../SecMeasurementLibTdx.inf | 30 + > OvmfPkg/OvmfPkg.dec | 10 + > SecurityPkg/Include/Guid/CcEventHob.h | 22 + > SecurityPkg/Library/HashLibTdx/HashLibTdx.c | 207 ++ > SecurityPkg/Library/HashLibTdx/HashLibTdx.inf | 37 + > SecurityPkg/SecurityPkg.dec | 4 + > SecurityPkg/SecurityPkg.dsc | 10 + > 27 files changed, 4984 insertions(+), 3 deletions(-) > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3Null.c > create mode 100644 > CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEkuNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasicNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf > create mode 100644 OvmfPkg/Include/Library/SecMeasurementLib.h > create mode 100644 OvmfPkg/IntelTdx/TdTcg2Dxe/MeasureBootPeCoff.c > create mode 100644 OvmfPkg/IntelTdx/TdTcg2Dxe/TdTcg2Dxe.c > create mode 100644 OvmfPkg/IntelTdx/TdTcg2Dxe/TdTcg2Dxe.inf > create mode 100644 OvmfPkg/Library/PeilessStartupLib/IntelTdx.c > create mode 100644 > OvmfPkg/Library/SecMeasurementLib/SecMeasurementLibTdx.c > create mode 100644 > OvmfPkg/Library/SecMeasurementLib/SecMeasurementLibTdx.inf > create mode 100644 SecurityPkg/Include/Guid/CcEventHob.h > create mode 100644 SecurityPkg/Library/HashLibTdx/HashLibTdx.c > create mode 100644 SecurityPkg/Library/HashLibTdx/HashLibTdx.inf >=20 > -- > 2.29.2.windows.2 >=20 >=20 >=20 >=20 >=20