From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web12.7897.1656479766484200165 for ; Tue, 28 Jun 2022 22:16:06 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=Sqc+EeQo; spf=pass (domain: intel.com, ip: 134.134.136.31, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1656479766; x=1688015766; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=IxP6yW7eyaHps+mrcB9sDEzGoTcfYlAxJUniMLtP5Dc=; b=Sqc+EeQo73tyuzW+hMP2UUvwTtNjRL3vmiTdEM3MUSGSKZ9/aZmSDdFN P3QdpEVqTOkgroqrOTqEWAGREENlyNwc18SWxpDm9WSRCDJWahYf8Y1ec YYw6aL/IIIBqgNB3LzEjnU+VR3dz9dMNXIe4/CFfth9Cgaz/iSXe/N54H Zjyl39YZcF/QGtp8vPdZDjJ5gGq6Fk35OwOvDuxp5VKeY6G8goHadbLYZ YmqG2GGVEk01SZoe224JyzhYU4UW0h5LGSbQeovq2MHrS9+gKtk4KLH7o fxtbM4p2FmnHW4C2ElAx5E6vizQk2M0uuMVtyvgL6mDCsqbVgwtf/+XV9 A==; X-IronPort-AV: E=McAfee;i="6400,9594,10392"; a="343613685" X-IronPort-AV: E=Sophos;i="5.92,230,1650956400"; d="scan'208";a="343613685" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Jun 2022 22:16:06 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.92,230,1650956400"; d="scan'208";a="565308656" Received: from fmsmsx605.amr.corp.intel.com ([10.18.126.85]) by orsmga006.jf.intel.com with ESMTP; 28 Jun 2022 22:16:05 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Tue, 28 Jun 2022 22:16:05 -0700 Received: from fmsmsx602.amr.corp.intel.com (10.18.126.82) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Tue, 28 Jun 2022 22:16:04 -0700 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Tue, 28 Jun 2022 22:16:04 -0700 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (104.47.56.45) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Tue, 28 Jun 2022 22:16:02 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KzRTv0ZqCtbNIJhPqInjNbbN7yjojCvMbYXBIZ+36OVvD4I7q+bMMSzkKC/FAkm4C+8QD5/pMrFFyIWmf94la/REvgPBV5IqQUuYi1RyG6pI0bG7EjCFek38EHWMkvrHPuIR71FOU8c3eXnhggJmkzVPOeOYB7Qr8Sr5FVaigIkkCL5DFdD2XlW+Us57Q10nrpNOBQ+YeUp5tvXzbp96ZQ11VE/39vRvy1GmdixRg8/A16zmb3Jpf66kEqgryE2EsVRyXir6GEPhDwfg8ZHO92JGZg4neJQSJZv66W4Yk80VhP4IF4ngFG2FSw0QKuuuG+1YHKRXMAhCYgkDtGMxuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=b7GrcMnrw9piRpm9C90JBpYqIDdo3jwLReBQ/obJGUg=; b=g3tkJXAeGZ/KIxiEVeDV2bwMFSqCX4sItmy9AJHQz64SP3UPPnaT++hfeN+8YlKrTN7OGfMnsiR3XoGm/SzVtjZ/ewQK7zkMw6XbgV/Rfvr3KTmlF8tc32o4IPm6Xoh4aoktO9UZBs4sOwi4lzPk5Df1XUjSKA/pmxy5Io02+KjRCyMtphPtUTDKeKblKrBtQ6lYLTI3ZbUJfh1hcM4PShljRCHYzpt+hjVIeNodyWAAjmnnE+d2fVbfskOGn1RYoRusP80fAgnwCJv2PVflxa9bYmuJlybZ+M0ZiKL+WDMN1ZxiLOFOuCpGHKLgK0yUXW1EtBHJp5u0RRafISSVHg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by CY4PR1101MB2119.namprd11.prod.outlook.com (2603:10b6:910:20::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5373.18; Wed, 29 Jun 2022 05:16:00 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::a0ea:2e53:9c0e:9148]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::a0ea:2e53:9c0e:9148%4]) with mapi id 15.20.5395.014; Wed, 29 Jun 2022 05:16:00 +0000 From: "Min Xu" To: Gerd Hoffmann , "devel@edk2.groups.io" CC: "Aktas, Erdem" , James Bottomley , "Yao, Jiewen" , Tom Lendacky Subject: Re: [edk2-devel] [PATCH V2 1/8] OvmfPkg: Move TdxValidateCfv from PeilessStartupLib to PlatformInitLib Thread-Topic: [edk2-devel] [PATCH V2 1/8] OvmfPkg: Move TdxValidateCfv from PeilessStartupLib to PlatformInitLib Thread-Index: AQHYiQm5pKgJE3RBO06HCGg877PkXK1i1ZcAgAAQbMCAAAtNgIAC6f9Q Date: Wed, 29 Jun 2022 05:16:00 +0000 Message-ID: References: <20220627070216.z65kzpjzy5tvybsu@sirius.home.kraxel.org> <20220627084129.ijjbdbblh7xwpu6n@sirius.home.kraxel.org> In-Reply-To: <20220627084129.ijjbdbblh7xwpu6n@sirius.home.kraxel.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.500.17 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 48aee20e-0516-4076-0c4e-08da598e74d2 x-ms-traffictypediagnostic: CY4PR1101MB2119:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: FR6qFZtvqUd2Bjvyisc7hgRBCTRy3xeS/G2n9ZJJMgsQKrgSuR5boF1ZZm638mq/txxqpE/iufED+qJY5PTFK5AKb11afE+1/ctK+Y8ySczuU02KfW8NZ46sLPpQeVoZhfDU8707Oqr5h0vt/G40155eqsaJYmyloyZFusPMHeRDy3nbEsYZjw0hKq4Ul6CWQUld+XtRLl/4s1lVD3XEHnmtffZRjJSzK1PYeV2W+AHdluHBjFUBpqAGc4z6bJ/MadZr0BRfg5J/WC5F3LOYyqrKDHMJZgbRCFJTF6+XoMFTXK9UuXS1qub2INTQAbFXnQvbNDwZlgSfBkCwYrXGxv8TVYPsSY8qg/5Zzazq14VmovOyzu8lY8r/zPzW0UAQGW0XPMpPObU41w8iNjLd6mC1jsh9yf0xBwl+cejOK+DW43k+5C75av/Tx2X2LMCDoNR+tH0KgayhlPpxQSB97wfjJpOZCNvVn/47kxzwtLhrz1P8csxhQ+UuZKMxlJODRlpwPtkB/4+YyVnbeFyS/Ktpt+EnlicuZY8m5VdsbIXiNBHOJsNsXuvCCbQYuLdPuBCo1tbc+MsiWEOzMQzTltYVEwegNkOsr3Sua6+g2gh9OEv5sLLL49ruVYtEDmz/wa/VJT7aGrmXa8/JlazngbN7Y6CRq02fel5UMIV9F54//bSdyGaXuYLOnPJhDBBrmXt2VIb51YFMJ8C5g++c25/xSfFXgupFhU6iDunLpsSdBnw7T04Ie21uQ9Rp2A9eT/QsRm524uWenyC5l87eG65atuBAwEhRCFLgkdWKkpIiFDcZ1aVkgSO4isTBEAYbFhFa+JQHUng4FBqB4GdQTg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230016)(366004)(39860400002)(376002)(396003)(136003)(346002)(55016003)(33656002)(4326008)(54906003)(86362001)(110136005)(186003)(8936002)(26005)(2906002)(66446008)(478600001)(6506007)(9686003)(38070700005)(82960400001)(66476007)(52536014)(66946007)(7696005)(8676002)(71200400001)(64756008)(66556008)(41300700001)(83380400001)(122000001)(316002)(5660300002)(38100700002)(76116006)(49343001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?3ljlPGu+cHoVobbMGl/f9awOyhzc5P8vGiz1QorCecJLybFzTsaIZw2Tx2es?= =?us-ascii?Q?U+8bdhC76aG8i89PGrHIE5nCiTcHAUVHysxztu8pvk7Mi+cIjhcH7jGt5kI3?= =?us-ascii?Q?mGX1+mCj3uvHbjrgAT6e6qUGiB2G7G466rAavhkOhmXO0hhxZA/o1aH3IV2e?= =?us-ascii?Q?ScpIDyEkRZp71GE0RU+Al64cTVijNkLQkGVAYeQAxS+DWSL2zFBICBCOIdfK?= =?us-ascii?Q?DdrKBUtU0MAS8UQ8etyhz3wyYxi/9DiU3LXw+uHDNt0cWjgozRS/wMOr/v4J?= =?us-ascii?Q?s2Y0pypj/b7XGh9BikYrZ8Q/oXpCQv6XOheGu56XHGfN/XLRfcJ1sIR6h/DW?= =?us-ascii?Q?owyGhc9llstXLtNcjRrOhKY3TnwLTDtkP+8+8ewMYINpOS3jEPU3viQJd8/C?= =?us-ascii?Q?aeugYw5ou0MtVKK/6TaJaR4n31zYLHrbmkIHWCFvVlC+4ZaT/9OEJn1lTf1M?= =?us-ascii?Q?bmQNSx3VbvzkDHI5NhO/w3UrYdYh8jy962ORquImYKUApTp11bm6FJnlYu8p?= =?us-ascii?Q?ku4ILrObmd2SiAxkJmBEwAEzeZXd1BaBE/sXjSIgFNY9TfNXf/zBuCGrJCLK?= =?us-ascii?Q?EFGCTQG30ugVgGFbCnx6Vs24mvtqDLgMgyQCrg4j2u+b377nytd4Zp0rLf6c?= =?us-ascii?Q?sCstd9TwiqB6rFJFGvZrBFQhnnjWpbQD/HNFdO8/KGeoPoIj4RPwicm6ORnM?= =?us-ascii?Q?Gl8z9Pd7NzoE0FchHYpm16ILbDOfEXSOWIT8/IgxksLOP7G7XnrwAyXuOlk3?= =?us-ascii?Q?soEPL3pBdgVSuwMKv7bOSZk0YmKRS4OsKgW213Wik2dX+BvZGKsIE6/shPQA?= =?us-ascii?Q?7Qf8nFxvvCthvAj4O/Okkqpdtz1nvWmUYtEEsJg7O6DVdDwJl0CgJjhXy/Jk?= =?us-ascii?Q?e2ChtCBk/rKv38HJecL4x6UEdJCcIS2JpMUXsxEE29h0Hsjd1xsUyKyjGOe+?= =?us-ascii?Q?TQ0T2ztSXAb3SbAp/jtAsuv+cVDWyzB1wnUuBjnKcuS29q3jlldpHCLwlias?= =?us-ascii?Q?tEU7OzaPkCL9GmnJcTvsfT7I+ToB1Ft1GmcBhii7zelsr8JHIr0oOeVEADUJ?= =?us-ascii?Q?i3HD22yBvEu0UoQSnDFbk01//jI/yzDu8l3mWhs4K+E56uwDXubBc+NK2VXt?= =?us-ascii?Q?k85m2wAi3l+KqS5mSqHdGEDY4AaWUO5ukVD1R+CPARspGLNyMoFrDXGIrBkn?= =?us-ascii?Q?+g5199gLT1/0S9re5Zmo6mNeyErUqSKHff5q/QnYbk7xw+soDdpGJE8jc+qo?= =?us-ascii?Q?lLtXJb2jbJ+UYu7AUEHjx8U3ZcjcWxo0zVmwkjbtVI7tyvrOPi3XaxTRwBkz?= =?us-ascii?Q?gAgHXdUXGlOcD+dI6ab0dFJEIbrGx2D+kkXeBziXU3WOtN++ceqSyzY/L3pg?= =?us-ascii?Q?hHaJV3XFXoWGy8xGnpKXw344cY3ratMXBr0XZuSNlUiwcgmwIXks8RVK/BDw?= =?us-ascii?Q?Fde5egUdgL5P2txM4+n9lH9wa1OlyrVjkyq7vdWHC0zpQAr4zXXXEEUftQsj?= =?us-ascii?Q?K6r2om/dRVfohbsUXfANZDKNwig3G59RAWbItypllqTOD5pcIEYYiJsOxbOJ?= =?us-ascii?Q?/9xEn+2g2pqvZAJjMqEIVKY5XhSF2WddkU0Ec1vz?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 48aee20e-0516-4076-0c4e-08da598e74d2 X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jun 2022 05:16:00.5872 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: DARffZlf+J+CAOxPEiRzOy1PUbvqeKLkEoQ5tLP13+mtRPo9YW4Rbxv7rUY5v0elrOWJh77qztpyk/OwlK8aXA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1101MB2119 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable On June 27, 2022 4:41 PM, Gerd Hoffmann wrote: > On Mon, Jun 27, 2022 at 08:04:06AM +0000, Min Xu wrote: > > On June 27, 2022 3:02 PM, Gerd Hoffmann wrote: > > > On Sun, Jun 26, 2022 at 11:05:50AM +0800, Min Xu wrote: > > > > From: Min M Xu > > > > > > > > TdxValidateCfv validates the integrity of Configuration FV (CFV). > > > > It was implemented in PeilessStartupLib which is included in > IntelTdxX64. > > > > > > > --- a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c > > > > +++ b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c > > > > > > > +/** > > > > + Check the integrity of CFV data. > > > > + > > > > + @param[in] TdxCfvBase - A pointer to CFV header @param[in] > > > > + TdxCfvSize - CFV data size > > > > + > > > > + @retval TRUE - The CFV data is valid. > > > > + @retval FALSE - The CFV data is invalid. > > > > + > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +TdxValidateCfv ( > > > > + IN UINT8 *TdxCfvBase, > > > > + IN UINT32 TdxCfvSize > > > > + ) > > > > > > Hmm, is there anything tdx-specific in this function? > > > Looks like generic verification of varstore structure to me. > > > > > There is no tdx-specific in this function. I will rename it to somethin= g more > generic. >=20 > Also move out of IntelTdx.c please. Yes, it will be in Platform.c, together with PlatformInitEmuVariableNvStore= and PlatformReserveEmuVariableNvStore. >=20 > Does it make sense to call it right before calling > PlatformInitEmuVariableNvStore()? I think it can be called in PlatformInitEmuVariableNvStore, as it is a pre-= check before copy over the content to EmuVariableNvStore. Thanks Min