From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga03.intel.com (mga03.intel.com [134.134.136.65])
 by mx.groups.io with SMTP id smtpd.web10.822.1630380587298945373
 for <devel@edk2.groups.io>;
 Mon, 30 Aug 2021 20:29:47 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=Yof0Jtk/;
 spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: min.m.xu@intel.com)
X-IronPort-AV: E=McAfee;i="6200,9189,10092"; a="218437227"
X-IronPort-AV: E=Sophos;i="5.84,365,1620716400"; 
   d="scan'208";a="218437227"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Aug 2021 20:29:46 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.84,365,1620716400"; 
   d="scan'208";a="530852064"
Received: from orsmsx605.amr.corp.intel.com ([10.22.229.18])
  by FMSMGA003.fm.intel.com with ESMTP; 30 Aug 2021 20:29:44 -0700
Received: from orsmsx609.amr.corp.intel.com (10.22.229.22) by
 ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.4; Mon, 30 Aug 2021 20:29:43 -0700
Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by
 ORSMSX609.amr.corp.intel.com (10.22.229.22) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.10; Mon, 30 Aug 2021 20:29:43 -0700
Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by
 orsmsx611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.10 via Frontend Transport; Mon, 30 Aug 2021 20:29:43 -0700
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.104)
 by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2242.10; Mon, 30 Aug 2021 20:29:43 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=C3wWGY08qUQjDz7J6R4aijpLj+ULQB17idyRwiiAa5NAXIY7zKS/cXXADMUEqwPjN/Isqrs2svOHljNHRlX24eEmWE06UE0dUOVw0jAReG0QdaBbv5WhOHFmnxPY0eZ4kuo5b+OEo5Ken6bzex47JQOGO223FfU+bvAusVl/OeaDbKd08sgbM/oHOgWgxCD2OGKcxiGsivPTb5lCXIUNqoHbygx2S+zv3CZeX+MnuVI5/YcprC9Q9APgybk0Nc2RBWNgxB3PHLVhISZTUybsK4a7qXQRz7x2Zq9hmc5N3lyIauzT8FSqrhg/1f66DpuA0FAcECK3yYocA4vOsgU4Xw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=dU+TcIXNlfGfYPuzOvh9tHkVal3ukKWns9hfrB4Rojs=;
 b=FbT87GChhSRaE5y0DxbJCFHnK9WvEoQBnPn5A5Grvumap66/EqG5VdyDeOFhIUqMtnE6Ka+B+6LI/tnyHcEULRmwUQ/gtiCt10zyKHRYHCnptdbI8tMqB06EJ6dfc+oZPHe4Hl84sHQqTVE1PYeGqveh64sTStYx72EwzvG8FJGF2qkjcHt7BpJPur0bf2nSsFCJ2nr99I09sS0XGA4EaHVJTEcxyGVWewpjIIYGFZY8n+6RIgu/7ubRuLgp4ul55Y8BvyxmK9HEGzp8vDuQm6h+9OLDJc/CZZxe3P6ZpKain7UKoLdqVGmvQoIzCyMJbDkaJ6sIFdzAd96mDq5f5A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=dU+TcIXNlfGfYPuzOvh9tHkVal3ukKWns9hfrB4Rojs=;
 b=Yof0Jtk/Y7TA8VOZMcLDbxyVXXqeZ3uE7f+Oz+kcCztQHuZstdBT5vybBT1CbGKo0ZFp+E1jCqHYYjfDEgkqhBstaR1kdd6YduxGmTkrmFghE43Z2W6HELIDX9nmQWvBKVxBqgetQc77BoUDQt/ETYM4NwzbvdNTNeJIuHn1Jgo=
Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15)
 by PH0PR11MB5047.namprd11.prod.outlook.com (2603:10b6:510:3c::18) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4457.23; Tue, 31 Aug
 2021 03:29:41 +0000
Received: from PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::c93:200e:5aeb:e11b]) by PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::c93:200e:5aeb:e11b%3]) with mapi id 15.20.4415.029; Tue, 31 Aug 2021
 03:29:41 +0000
From: "Min Xu" <min.m.xu@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "kraxel@redhat.com"
	<kraxel@redhat.com>
CC: Ard Biesheuvel <ardb+tianocore@kernel.org>, "Justen, Jordan L"
	<jordan.l.justen@intel.com>, Brijesh Singh <brijesh.singh@amd.com>, "Erdem
 Aktas" <erdemaktas@google.com>, James Bottomley <jejb@linux.ibm.com>, "Yao,
 Jiewen" <jiewen.yao@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>
Subject: Re: [edk2-devel] [PATCH V5 1/2] OvmfPkg: Introduce Tdx BFV/CFV PCDs and PcdOvmfImageSizeInKb
Thread-Topic: [edk2-devel] [PATCH V5 1/2] OvmfPkg: Introduce Tdx BFV/CFV PCDs
 and PcdOvmfImageSizeInKb
Thread-Index: AQHXnUe4YoRICQS34UKQwQm3+qtkS6uLn8GAgAFQ3+A=
Date: Tue, 31 Aug 2021 03:29:41 +0000
Message-ID: <PH0PR11MB5064F555390C7DD73AD18531C5CC9@PH0PR11MB5064.namprd11.prod.outlook.com>
References: <cover.1630289827.git.min.m.xu@intel.com>
 <77440edd1e175207dffcaaa052ce26ae71e6c66c.1630289827.git.min.m.xu@intel.com>
 <20210830070339.u47qq3g7hb4rq3xc@sirius.home.kraxel.org>
In-Reply-To: <20210830070339.u47qq3g7hb4rq3xc@sirius.home.kraxel.org>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-reaction: no-action
dlp-version: 11.5.1.3
authentication-results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1bd8b8b0-a8d5-484e-51cd-08d96c2f919c
x-ms-traffictypediagnostic: PH0PR11MB5047:
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <PH0PR11MB504729A14DC124DC8CD2429DC5CC9@PH0PR11MB5047.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /ES26kWFizP5fCIkHy6kYF2klAkIF/vV7XJu5341tjnqef66xe6MvHLlBjcRQujqG2AK9mt0qL6Nvk9wckcTHkwM3GWqGWVV96w3KuguLJvTPAKeoMeVmUMuKbJ1Ly4PJGaLC5oPRaDf1JWm4aHwzapyJgBxVKlkuCdTJvCisrdNCGbbOhNftVxY9IIw9FffaLOokhLFetGXWWl4czbsHoZjmj2koAMTCeKRVZEk/CvUJhrEdTgU21ag8h2ws/kdr11t2F8dr5jZRsrIinFsYXmjTjZQxsLJtsSaIbM+C7TGzrU9cWKJL/hbkC/A5agUTuu6yPZtzqOtGUR19LH3zow8KlZ7QUTB40zc8UCSZo3fDU/D0QOW57/sNS1Qh5v0Ssyxef6OHtpTXulD1/VLZmFTbWZTdccspRJy2Sls8DjvJxOS0f16t5GsaiuFmtRAzcfXESvwRbi0qbzOc9EzXDY6yvlfduzuu/LDUSCIOkF6+XijCJ43p+R3yjfz8CAVjz56+9FGobwTMyFZiNwVOdp+zTQSkwCBJUjnojdaSoRzPluQIH/jATEU63PRqPMF8MKaSZm0kkPZSTIrIHqfHC9ONFx/NuOxwlFmnj6yZFDSchAvrSa0jbABi88VFQWgmkgLxFNog7rSsgeLz3MbtiUHu3UY5U/g30TQyvUTm28wb/+7uSiUSeygmaFV35DjncZiYuCwEm6JK2SEFzVXQw1PyuzFNqdklv7xOrRq8eSStVopgDnE02iPcnpqrtHBvq88Jau/leVm8Rkk1C6dCMCcF/Q7mL4bKZDqaZg9o2s=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(6029001)(4636009)(136003)(346002)(39860400002)(396003)(376002)(366004)(76116006)(478600001)(6506007)(110136005)(66476007)(8676002)(64756008)(66446008)(966005)(9686003)(38070700005)(66556008)(2906002)(86362001)(33656002)(66946007)(55016002)(122000001)(71200400001)(53546011)(52536014)(8936002)(4326008)(5660300002)(186003)(54906003)(83380400001)(7696005)(26005)(38100700002)(316002);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?o3PaqhtSAlthvkWGL02Yw+at7UL1xVPcnhc3NKPd77mlwselom85PXbABDuU?=
 =?us-ascii?Q?OaGs6payUyltrh3v6CgiqEyntwuk8524LoXgnJ9Oo+ZPY3R5jVkClX0k2pWB?=
 =?us-ascii?Q?13YShLHvYvCbWwsbgXiphhrZf/jWOpYAX2y+LKTjrq6PVY+rHRDiSCY8tgEl?=
 =?us-ascii?Q?zeKeC7aVr6xTqUj8TZlYBWmMs7vtQxvV7Ff3det48CWNvZNmaQbLGIr3LBVs?=
 =?us-ascii?Q?VVFtygjTbbG8m7eBAiYaBzddHIQHcG0veoqAyBWE2q+q/P8/g9h7W6cjiiff?=
 =?us-ascii?Q?YmUXGZlBHh9+YNXCCKywtdO3z3iGcjnhE4p2Jc7DCE57Tr0FwtPIDmP58FKO?=
 =?us-ascii?Q?LcXi9IEp5vG7Yi4Mb0jkaz59DVM+7g99uYmrqxnSVWJwAZzuteFePWPGKjMr?=
 =?us-ascii?Q?GRk08rWh3D8V3nYJ1UH82f/4Rb7OujvzSe3YBjJU047LSCUnYawJKP3gpr8U?=
 =?us-ascii?Q?Lx2RiEVPa5J8voVr9W28GV5lqa4KhB0fvNb62XIE1pcz+DurFTFd0YF93pmR?=
 =?us-ascii?Q?wqr7p5YvgkGHB2fA0Lp91TArXn+fXpUP8BPM6JQJHnF9yZsxsdbh5q35Gr8G?=
 =?us-ascii?Q?RkaGHcOSOo7cH0WeukF2fGnuyXk3Kca58x5CM/WdUwnlbkcp6QDOuEMtTYaK?=
 =?us-ascii?Q?7mu5KBa7UBzTOmDKJ+azrISwRQFebvFpz7NTtOy3pylRDp6S+LJHW5+2DwXF?=
 =?us-ascii?Q?61vcaJniFPkegvwdZ6FnKuGvEU2qXop+imQ5K0bF6vk25i4+xLZ1QQt7ZzAX?=
 =?us-ascii?Q?UELqxS878V90Ugi8hZ1MTAiMfmEojcktRU6cVZJKZYEFC5wvawKeq7Kas9zh?=
 =?us-ascii?Q?vG7SOPnkSby48ecc4wqWgSBOxJBIT2IysjZPQMN5HjRZudkqP9Ls1IPo+En4?=
 =?us-ascii?Q?UuyOExMOo10jzj/d+lJ7kacuH9ty0v1pOpx1n6a8/iVV8fpXw8cDwXEnPlqx?=
 =?us-ascii?Q?sCKj6G+1khQqdpblBNAAOhIvcS2F+t8TSNrxq65+zRp2vpEaKH/Ap2Q8BvZi?=
 =?us-ascii?Q?85mLrqQMB3yh8Uvz4XbrMBi3EFFXkh4tWrtRMxohJ49HVDcbyEJibzWwV2ge?=
 =?us-ascii?Q?a5jZw1SOFXCCmNtyxPIYctyxxtdo9lX7ooFsxe7/AWM0LtAdU4pNoTm7N11p?=
 =?us-ascii?Q?TmwGRR2HeY9LGhV5jFBwtdSvatDFwffJfs9zxCwaBJ3UVpO2pAmFB0MunCxZ?=
 =?us-ascii?Q?BSfVR1DuhGlZVwrZ/tFMRtabAKMTjTNsXOly3Rw7fyvOgmeosNXpT/A/A+2H?=
 =?us-ascii?Q?m4jdzokQIPqvjR8SGCSBAlvb2bkW7wFNyTtLGyNLzBcoN2C4Xxsoe58EYWXl?=
 =?us-ascii?Q?Vgve4Bk5/3xWJMZ4/Ak0eWLZ?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1bd8b8b0-a8d5-484e-51cd-08d96c2f919c
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Aug 2021 03:29:41.0843
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 49wdveDAp8gJP3UE6cYVP25+8gkXhjt0dUr0fehGxenJPuZpac9iEGHBp++hqlODRgiC+oVX2+gildDXcn1h/A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5047
Return-Path: min.m.xu@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

On Monday, August 30, 2021 3:04 PM, Gerd Hoffmann wrote:
>=20
>   Hi,
>=20
> > In practice BFV is the code part of Ovmf image. CFV is the vars part
> > of Ovmf image (exclude the SPARE part).
>=20
> Why do you exclude the spare part?
CFV includes all the provisioned data, such as UEFI Secure Boot Variable co=
ntents.
It will be measured into RTMR by TDVF. So the other parts, such as SPARE pa=
rt, is
excluded because SPARE part should not be measured.

Detailed information is in TDVF design guide Section 3.2
https://software.intel.com/content/dam/develop/external/us/en/documents/tdx=
-virtual-firmware-design-guide-rev-1.pdf
>=20
> From a security point of view I don't think it is a good idea to hard cod=
e any
> assumptions about the layout of the vars volume.
Do you mean I cannot assume the layout of VarStore?=20
At least in Ovmf the VarStore.fdf.inc defines the layout of VarStore like b=
elow.
[VARIABLE_STORE_HEADER]<--  0
[                 VAR 1                    ]
[                 VAR 2                    ]
[                 VAR n                    ]
[                                                ]  <-- VARS_LIVE_SIZE
[          NV_EVENT_LOG         ]
[          NV_FTW_WORKING  ]  <-- VARS_SIZE

>=20
> > +SET gUefiOvmfPkgTokenSpaceGuid.PcdCfvBase           =3D
> $(FW_BASE_ADDRESS)
> > +SET gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataOffset  =3D
> $(VARS_OFFSET)
> > +SET gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataSize    =3D
> $(VARS_LIVE_SIZE)
>=20
> I'd suggest to use $(VARS_SIZE) here.
As I explained above CFV only includes the provisioned data. So VARS_LIVE_S=
IZE
is used. VARS_SIZE is the whole size of VarStore.
>=20
Thanks!
Min