From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web11.64947.1674698949437640202 for ; Wed, 25 Jan 2023 18:09:09 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=Mx8X1CtP; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1674698949; x=1706234949; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=zkggWTygd8JF3lVdsosK7UegrZH+l1jNzp6n/1JBzTE=; b=Mx8X1CtP/yr86SeLTtISh8QdArHso7e2h5qZvh+uGM8SQV6kd1c4hDsu uxk6ungH/j0gf3yv3J5Y2KqS829XZF87mXBrPfEhbczpT23uJdb2c+PAn h9bVJXElJENTLEQMnQLlK6QLaU9bOPHQS7i5UU9UM4sky5z8Xy19MW21G Z7/Ub3c7mnZDbeBkhTS9vAoyvNuKPphybNxWP+yejuwgZ/q32EKso9wnD rgCkY6V+FRLhmN4D8zVH+mEeX7lkevVJHOZm0V0AJmWOjzzWOKd+1S26F gCPe9nFR0G8bV2IOR/B/K2xuHR6TN6z+FAMSepUTs8V9o/OMo0mH2IAJH g==; X-IronPort-AV: E=McAfee;i="6500,9779,10601"; a="310313029" X-IronPort-AV: E=Sophos;i="5.97,247,1669104000"; d="scan'208";a="310313029" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Jan 2023 18:09:08 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10601"; a="612646594" X-IronPort-AV: E=Sophos;i="5.97,247,1669104000"; d="scan'208";a="612646594" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orsmga003.jf.intel.com with ESMTP; 25 Jan 2023 18:09:08 -0800 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Wed, 25 Jan 2023 18:09:07 -0800 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16 via Frontend Transport; Wed, 25 Jan 2023 18:09:08 -0800 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.175) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.16; Wed, 25 Jan 2023 18:09:07 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BALvxr5rewJgA6xNZji2VITWXwHB/0jJUjBnyz4KK1v+H6CGeeqexalM43rpEi8eBQnSGgc0fDzi/zr+sAKEy24BwNaELZ91uGcuH4OsxP+bo56G8UiS6NquzNm6XN2juUk9ASjX4mAMzjKNkR7ANHkVmQ73rC89qAXksleZtCVJogjUoeufsydA/WX7rF7O1QOt+1iVrNOx/pY9Kg6zixbKV9dljfdocHj5St1lEg/8a5zw8FwdOPTgTtRtJ8zJ5LupBwuyl4htp7ibB6p2LJQm6o0bt9K/IsecY3KCCREeNr11C54gFhnuGxsRUfPgh9HI9yZTmICubWbbWSwcBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=URkesiryl+AsPFAHhDEXL0bkGGzRodxjHYrrgMkE640=; b=edNJWeE8CMfsJ08Jd72Nv0watHbrSn2atTBj0OHA8SYcQt9QfB+kXbfDhnuxmZtvqNlKojR4/pa/wW4icA5ZiyZ9r98nNzmsLdrRId/F18co1JSk5g5Z8Xzc15Un6CEpz9Lnbi3jB969/NYG2VwkjQShwmqGf860aciFvT0/qjQL29MbWhAKgeY4Dig6N3zAb8b+82Ne1oH1Odeejjjaay6d96WIK2ulGsWjIe8h6tklG2kI8aJLVaMjqUKMawZuWezzMu2ARGZc2HaVGQQkXvEnlu3AHJwVynDV8lbhGc24+J5U85xWqwogJborLk2f5zLkPV91ftneyP8kcAR2JQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by BN9PR11MB5258.namprd11.prod.outlook.com (2603:10b6:408:133::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6043.22; Thu, 26 Jan 2023 02:08:59 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::d87:9f99:2db2:43d1]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::d87:9f99:2db2:43d1%8]) with mapi id 15.20.6043.022; Thu, 26 Jan 2023 02:08:59 +0000 From: "Min Xu" To: "Yao, Jiewen" , "devel@edk2.groups.io" , "kraxel@redhat.com" CC: "Aktas, Erdem" , James Bottomley , Tom Lendacky , Michael Roth Subject: Re: [edk2-devel] [PATCH V3 3/9] OvmfPkg/IntelTdx: Add SecTdxHelperLib Thread-Topic: [edk2-devel] [PATCH V3 3/9] OvmfPkg/IntelTdx: Add SecTdxHelperLib Thread-Index: AQHZMGQ1Vxa9iGrGzE6/IgxvTCOmbK6vDOKAgADRFWCAABWSgIAAAcdw Date: Thu, 26 Jan 2023 02:08:59 +0000 Message-ID: References: <20230125022359.1645-1-min.m.xu@intel.com> <20230125022359.1645-4-min.m.xu@intel.com> <20230125121621.6bv7zdwt7qdahz27@sirius.home.kraxel.org> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PH0PR11MB5064:EE_|BN9PR11MB5258:EE_ x-ms-office365-filtering-correlation-id: b69adc77-39ab-470e-52a3-08daff424991 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: u9yWN02K8WwnPmmOqLY4dx2SUcVwQDZJBAE9k0R3y8nKU35WvJyPEVwQZQqME6c+T/rQjWljWF9GKAXT9lfjdsIL2ikBeUZbBa3LXdrB+2mtldAxY4ocJWMzKMyxM7LxY/+0xooeIUZMhnG2dAaDmQCFQMbvhfqJ2cKbjM1LmA8bK9Y178wriw8F9H5vJEpN5UEgTV4YiZmtJUuS+JOUvPlCm3U2RCi3IPLLJhfInSNEfcEu7H/6tMeTrC4MvU3ykoElUuJ4SzbKIw4Q8myQ8ydpQ2mA0OKAqjKOfujygQhJCE9QtgofmpcBx0aL0vXnuRjamXo257QCLYf6o/r+W5itw6P9kJeEWQZEa02hkmc2O1uW46cjgBtUMldL00qNip+ASM1o06PGWDT+KxvjBvjNE+Chx49MrrhV9eAhlvmA704P6NTlcjmFoCYhmlSe+/c+v5/zFBALEpZEUB7UBQP6Mpauc2YKI/cql1adcpl3kF5GD9rLVp29aK5+D/gwkv6em9q2LSZu6Z51GwI7uABm5tzCzPY7aGOnog/a86rO1jMmoz187owWrZ2ftzy4kn8fHXuXxKx80dJunJC8d2/ULwb6nKduH9xkPUB0aieTp04h64IakgR3HLRuSbOpfSRP3v1tzdUVvUZHIuIt7wmdfoAlkkAzlrMzcHNmvEzyJ8tZmbPbwbgHIL1Kkg0uakcMslS64rV5Blzjf7zYS9HyAlIuEdhwVPPJDJ8fsS4= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(396003)(366004)(39860400002)(346002)(136003)(376002)(451199018)(2906002)(122000001)(38100700002)(38070700005)(9686003)(186003)(26005)(6506007)(53546011)(55016003)(86362001)(83380400001)(82960400001)(66446008)(64756008)(66556008)(66476007)(8676002)(66946007)(76116006)(4326008)(52536014)(5660300002)(41300700001)(8936002)(7696005)(33656002)(71200400001)(478600001)(110136005)(316002)(966005)(54906003);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?/WSgjsRgkJFIFqeZq2y+neB7232Zj4nJHHDhEG/nxahgPOg50q0eDn9Gx86d?= =?us-ascii?Q?XAYSD6oBLN+3zb2czLbZaQsUroSyBfCA65eW1tkY+W/bh8wOfyO7THcsF/0D?= =?us-ascii?Q?+UdLGVuvnXkUkPkwlpLvjmw6JL6lDj0smF/Z7DzZa6qcYDP1Na/qoIsvJpf+?= =?us-ascii?Q?/NcQf7YqqBgCZtUUgkEDH+IxRYInBadRnw/cmTo88VoXyknh0GRjVfhNS8Tw?= =?us-ascii?Q?M/PILeoe3bvJM13QU67//+AgCrvoeWC66bQ/N8PSYgqeDUA9NE8hwh6xsP+N?= =?us-ascii?Q?tZN0hjIV5xeousre1L71V857jbAJrpwsRQ3W+OG8Zei9Rq3o39GYDHB8VTUw?= =?us-ascii?Q?y+TrtHIv96Th/CCehF+r8N72J4Nt4uygK+1ah6RNwFuBfpXKkYsHwnXNHZPM?= =?us-ascii?Q?q3URhoi4weZj+H34nFfGlKKkhR/bZbq7dXFbsMukdWhp6UaHoTVXyv1syuOo?= =?us-ascii?Q?2Vb3iTf4TLuMZsc8feNFUa3XsS9IOP/Rf981AktgPP7bDpU0jL13o/NcUqsy?= =?us-ascii?Q?VkGCmKAcaSUsAg0854Nw3snUKA0IQ42bredKF/lSNFhqrAMZvvhE32wnMhYD?= =?us-ascii?Q?xH5EpWn6LyL+OK5FNWYux3YwJq1u7s+qUxipncOMgryH+TBgXUFgZuEgkSnf?= =?us-ascii?Q?raowMgjutXYwzVi0LiRGS+a3Aj7Nx9dKIAy2mF/4qvHqcuY1aUHxLjBA4CFJ?= =?us-ascii?Q?7cnHCk11XO8dja1dtR4Rb1ovjiHf5GBBhrZ8uteQSwMVJ3f0RZieP4Rw/6Iv?= =?us-ascii?Q?3upHiLnBhBGiCBZmAmQOaa3yqa1h9QQhaCkU3cNxaPpiStvi4HHSZQaQ9hM8?= =?us-ascii?Q?WE8/HmTGiFUtCmV3MxmQRsOUzyDVZtgJSZ1lg9znMK8NBvMyfDxAaOI3AOWq?= =?us-ascii?Q?NDrIbeo80nNiswhZaY/77Wz2aBEof67ad3Y5dRYG3uNLXScwCzYXauOAjzcx?= =?us-ascii?Q?3UUImOoda4DGkzntYFlTfP82U1Nojuz2v9MOPaReMXU9Ue5MlO7pKztzSqUl?= =?us-ascii?Q?Rsq5dzNZe39n7HZFhMC7rmtPeaiDgJufQPWfZirBciLCvp5T6+VgXfuFNqiw?= =?us-ascii?Q?tJCo+7134Zcf2Aa66m6WcyHHM3Fbks/QhKBveYpohvs/hq5lzLCtif1mwEp7?= =?us-ascii?Q?zwPNGZr9DRP4pqpBR0dqxCV9ADWSqc1YYpv+zhGSOvAFu0tlC/hZbUyNLdox?= =?us-ascii?Q?fm2jvF7nDFG1TbyfU5amRu1JVOPTgCWYQLcwPl94SlL9ctCr6h91Kr6v9VkJ?= =?us-ascii?Q?sRfDb3xapUOQ2WRndLTehFCAg6+MuXOoWL6DaHeVkzoUMBnbmEamVkXrpL75?= =?us-ascii?Q?RST9PkMfBUnZ7zunef9Sw+55VDoupy67DZP41u4NiHpmej7QB+eVGfvzUDS2?= =?us-ascii?Q?ispXuWGqX0rZespGT6FhuvGDoKD9GT1P5hIXU74W+1GGLgHqYcbEC2rywn4G?= =?us-ascii?Q?LqgeuUaFvycVjL5dGXXel9W+DDRF2obMcxeT1b51nsUuH6M1c3e5/wCg2vhb?= =?us-ascii?Q?c1NCshZQGybafeCKmW6HaUbPs34e61kekUX4pNerHGASL8R25qfnFDjQNY4r?= =?us-ascii?Q?1In57vzqpRgpkx/Xpf+DzEIaiJkCDNV6NHs/AFDm?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b69adc77-39ab-470e-52a3-08daff424991 X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Jan 2023 02:08:59.2906 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 2N+9I9zztud6L5RsTktrvcWNHx0ZtjuIRAactLHx9k2DBmQi6yj3jLrJTFRkF2KxAmitVubnxTFXNOXf46MZhQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR11MB5258 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Ah, yes. We can call Sha384HashAll(). Thanks for reminder! > -----Original Message----- > From: Yao, Jiewen > Sent: Thursday, January 26, 2023 10:02 AM > To: Xu, Min M ; devel@edk2.groups.io; > kraxel@redhat.com > Cc: Aktas, Erdem ; James Bottomley > ; Tom Lendacky ; > Michael Roth > Subject: RE: [edk2-devel] [PATCH V3 3/9] OvmfPkg/IntelTdx: Add > SecTdxHelperLib >=20 > Hey > I don't think it is a good idea to define a context size here, because th= at will > assume the openssl implementation. Please don't do that. >=20 > Could you please just use Sha384HashAll() API, if you don't like to alloc= ate > memory? >=20 > Thank you > Yao, Jiewen >=20 > > -----Original Message----- > > From: Xu, Min M > > Sent: Thursday, January 26, 2023 9:57 AM > > To: devel@edk2.groups.io; kraxel@redhat.com > > Cc: Aktas, Erdem ; James Bottomley > > ; Yao, Jiewen ; Tom > Lendacky > > ; Michael Roth > > Subject: RE: [edk2-devel] [PATCH V3 3/9] OvmfPkg/IntelTdx: Add > > SecTdxHelperLib > > > > On January 25, 2023 8:16 PM, Gerd Hoffmann wrote: > > > > +// > > > > +// SHA512_CTX is defined in and its size is 216 by= tes. > > > > +// It can be built successfully with GCC5 compiler but failed with > VS2019. > > > > +// The error code showed in VS2019 is that "openssl/sha.h" cannot > > > > +be > > found. > > > > +// To overcome this error SHA512_CTX_SIZE is defined. > > > > +// > > > > +#define SHA512_CTX_SIZ 216 > > > > > > There is Sha384GetContextSize() > > > > > HashAndExtendToRtmr is designed to be run in very early stage and at > > that stage Memory allocation service is not ready. So we have to > > declare an array with size of SHA512_CTX_SIZE(216). > > > > Variable-length automatic arrays are allowed in C99. > > https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html So if ovmf is > > built with GCC, then the code below works: > > UINT8 Sha384Ctx[Sha384GetContextSize ()]; > > > > But unfortunately it is not supported in VS series. (I test it with > > VS2017) Building ... > > > tdvf2\EmbeddedPkg\Library\PrePiMemoryAllocationLib\PrePiMemoryAllocat > i > > on > > Lib.inf [X64] > > tdvf2\OvmfPkg\IntelTdx\TdxHelperLib\SecTdxHelper.c(839): error C2057: > > expected constant expression > > tdvf2\OvmfPkg\IntelTdx\TdxHelperLib\SecTdxHelper.c(839): error C2466: > > cannot allocate an array of constant size 0 > > tdvf2\OvmfPkg\IntelTdx\TdxHelperLib\SecTdxHelper.c(839): error C2133: > > 'Sha384Ctx': unknown size > > > > So Sha384GetContextSize() cannot be used here. > > > > Thanks > > Min