From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.58]) by mx.groups.io with SMTP id smtpd.web11.211.1626797930643279595 for ; Tue, 20 Jul 2021 09:18:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=zfTnrn1V; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.243.58, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MMeGrvLsGkNjJqADoZRD9+xsYygpA1Qubj/b5XF9Q7mZqFBO2EGcGTNWBpNYMfbN3veqM7kIuWN6EPPNTHxVlQwbE8LXR7oTLouBtOauMCkhECekyLX0vBmVfUZZwirsXdhpCpCDjJpYfBj9Pq+nli0Nk5Oi1fby9MHgxg2BSORZfkENjek8RD2nl7O+1sn2SEO6YB0YCFOuGnPpuMzWFcOnELdKyRaUFcIO7OPFETi7N/x/KVonsTnON++LJnuaX0zUp1x0AWmVktEhoEebmVTMuvzyLksl29HniBIXV3KmS9Uwbhc1F3+KQIABqqjHUMr7FmOyWNWqgmUAZ4rPDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qpQtnxnSlNHxKi42DrayyfglM5UUiSmfsTF63TaBg3o=; b=E9VP0dKfeItOzFmLCXBw6rhxWdofXjn3ut8PZfEdB7mVC+vpHGQ9gf17yxCYIohKijiYOJYZUwlsqYM82tVzzf6A4SAliiEU1T3zsanjByOZOcksoHPYvPv/9F/1RbhuZEakGFBQ3YvV0QHkrpfOApVRSsabIm00RVu8vhBvxtjUNPJOrx6zd/TCi62XkirSPJ4d8i5ywjdZyylY2gLXcZH2aqOjWYOCGcQ/EeUrAjm+4bMTd2/sEAmzl0ZORJwQSaGlOOuiPTvqEoNcW2dmkI7o+3q2huvLF7M3JCjkH6AsPinH575bgznOmGpMmQ6GUS/1W0pOARwLpqAielDlEw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qpQtnxnSlNHxKi42DrayyfglM5UUiSmfsTF63TaBg3o=; b=zfTnrn1V/bHvLxZjHRqPI7u2z4Ad8DmRFKCixMTUM8AjiFeV8J95IsN04lsYnatuGfR13ntjopl6EQuBBgOpkvvrZhJAvnp3jIK7po3+igtEVWgsJj1iNXpNIpQi6GUTw/YWQxm0TzrtKjmP+zdtFkFequtcLnoRZlNhEu/meA0= Authentication-Results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=amd.com; Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) by DM4PR12MB5150.namprd12.prod.outlook.com (2603:10b6:5:391::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.32; Tue, 20 Jul 2021 16:18:48 +0000 Received: from DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::73:2581:970b:3208]) by DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::73:2581:970b:3208%3]) with mapi id 15.20.4331.034; Tue, 20 Jul 2021 16:18:48 +0000 Subject: Re: [PATCH v3 04/11] OvmfPkg: add library class BlobVerifierLib with null implementation To: Dov Murik , devel@edk2.groups.io Cc: Tobin Feldman-Fitzthum , Tobin Feldman-Fitzthum , Jim Cadden , James Bottomley , Hubertus Franke , Ard Biesheuvel , Jordan Justen , Ashish Kalra , Brijesh Singh , Erdem Aktas , Jiewen Yao , Min Xu References: <20210720080401.3662854-1-dovmurik@linux.ibm.com> <20210720080401.3662854-5-dovmurik@linux.ibm.com> From: "Lendacky, Thomas" Message-ID: Date: Tue, 20 Jul 2021 11:18:46 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 In-Reply-To: <20210720080401.3662854-5-dovmurik@linux.ibm.com> X-ClientProxiedBy: SN4PR0201CA0006.namprd02.prod.outlook.com (2603:10b6:803:2b::16) To DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.236.30.241] (165.204.77.1) by SN4PR0201CA0006.namprd02.prod.outlook.com (2603:10b6:803:2b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.21 via Frontend Transport; Tue, 20 Jul 2021 16:18:47 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: fe14571b-23da-451e-799b-08d94b9a0e36 X-MS-TrafficTypeDiagnostic: DM4PR12MB5150: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1122; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: FKd/Ig5B0OVEfH7VZvq7oKT9FIS2ic7X6r1VtYzHqq+GkzT2kJkys9lWrabf4Q+VZ5jbIf4JPaIxGJ50PtSks841weuOxJGUwmaRhmfKWAOm1BcXMCw+W8y5g6f2ACHkUTOQdBONtFLexOQa71Vzb3nEur34GAeqek6WxpSeYnTgsxQAWKwbcpfEZEwfZ3bqcUlLvj1xL786naCnSWD/uNG8U83AP+UBdIGykK08gI5LHsvxBgDzuWGkevkMs9Dx4dXYI99LplJuZQImp3IezvCJMviuNhINcGoNYhg6ZnEYYdsD6u6aq0hYsuQAMQ0679S5KJBdOOY76r44aW8AS8A5iT+NkwiRFLfTJHmdOKxnxFL6mUlzGrC0ZN/R0DgJNK6xLo27NZwPO/ofepZ3zdhS5joY22gBShbv2M5tEIdr2pA7JexxDbmijqDZLYLr9+PoWxm03QFhm+D9hOsNCQBTAGADcd9VPBW0uZDV2l1Wn53e6Gr6BnIMp4tHgGZ/0Gy5b47CdevbmAZQU+d3zrbSD6/5c480Hf8iKV+7phxloJ9fnQQHUvkWBlaDSB0zuq4oxvF0iY5E+XgU952NqTFzz8pBjAkGXmphxXH3uy177tBByYWirMdn9Fq+Dx9yM2avAVWvcxV0veWSbFe4znrRtss/OdYsKhpW7GVoVHvkEqqaZp3uZWypRbTncGxphlJ2HaXx+LPjRxgTtjrv+eYPUkU5Yv6O2RfV8iyr5EkSQzmVLqVI6yF1m2rK03Jtn5mr8NJCA5U68voZfFWvU/Dzc8FjF8LFZf1Oux/gPfKTD+mgIQbTbVkZI1VaOkk3 X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(376002)(396003)(136003)(346002)(366004)(53546011)(6486002)(956004)(26005)(966005)(5660300002)(7416002)(8676002)(8936002)(186003)(4326008)(478600001)(316002)(83380400001)(16576012)(31696002)(54906003)(31686004)(66476007)(86362001)(2906002)(2616005)(38100700002)(66556008)(36756003)(66946007)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?MjU3UXh5UnozOVk2VlVhcS9IQUtwZXVrNnFKdnEvYlI0cEt6SGtRKzV0K1pZ?= =?utf-8?B?VTlreDJiSHVxQnRWMmw0K01NbHhSTlhPNEd5S0dERWVSeHpKVVdZeUczM0Q0?= =?utf-8?B?MHVxUHEybHRLaXpNRkhtdlBlTmNSMnlheUhvdVhKUDBFQmQrNk80dHNweWpR?= =?utf-8?B?N1Q1WVdBY1EwMUxpYkgvcnZWS0hZZmptV0pYMVZUVVEyb3lCNVJDQ1lpQ2h4?= =?utf-8?B?eGcvbkJLVzhxS1hPeFJReS8wSDBLbk81aHRrTmJtMlpETy9TdjRSMmRuK0x2?= =?utf-8?B?MmcyV1dRK2lhaGQ2Tk1ER3ltLzJKcC9Ga0JwdkZISm1leGx1TmhLVkhoUVE3?= =?utf-8?B?THA5L1RrNWxyc0hxS0VseTU5VURYL3F5U0ZKRkhDc2lzc2NnT2RJQjBCS3VY?= =?utf-8?B?SzZEbVdNaG41SVVWaUF1bE1EUkN3RmVkSHA4RkNBeWM3WEUyVk0veFl6NHE5?= =?utf-8?B?WGxHaXA2dmtsUzZVMFhkRWdIVXFqT2FqbXNmd1EwSm94emxhQUtONUlTZGhO?= =?utf-8?B?ZFowUWVSRlpOUzdtektEc1B3cUJCaXdUQVYxalRreHNhU21rNitNbkYwT2hm?= =?utf-8?B?eDhsYzRzWUQxaG9SRk1DV09tYWpDdWVXUGswUHZOTmMwQ0Q2OENHSUM3Yngv?= =?utf-8?B?aGJwTWpxUzlibW9NcTNhemFkQk44cFdZZVI3VDhtUHU1eFZOaFpCbDRsWEVO?= =?utf-8?B?ZkQzWDdTMWdXSHA1bUVCaDZNNzNxV3ZMZUNnaXlvd3kwRThCTmxKV0tZSUtr?= =?utf-8?B?eWUyWk8xNStjODBQQ2VHWWJRNEpzazNLaVIvUU95ZGh5cy9tR0x3TGlaOXpr?= =?utf-8?B?Y3FGYS9KS2xoQUsvY1gxR3hrbTk4Q3dPTjI1VnVEUUZXcXJWYkZJT2pLeldh?= =?utf-8?B?TVN6Y2l2YnYrMjRLcEhXeHpzNmNWck9SOWRvZUVkSm96RXozUGYvTGp1RkFD?= =?utf-8?B?K1c2TU1QaldaT0Uvd0hnaVB5eDVwMWF2dTdiQnU2QzB6ZHlEeXZYc3IxS3c2?= =?utf-8?B?KzVFVkFodHF2UFhrVGtWSU5XRkM1NlhlRjBaOTZUTER4SldYdXNLRjZGUkFn?= =?utf-8?B?RmFQR2VhNUl4UDFPcXI5QzBqREJJbCtRai8xZkpmZ2ozaUJNT1pNR3lnRDdT?= =?utf-8?B?dS9taU4rcHEwMm0xYmtCa0J6amJQUUE0SnpCVlo4UlpudzRHb29sL21FUmlj?= =?utf-8?B?RFYyS2psNlkzVitQeEtZUUNkK1pHTkQvQStTUzNUMWZDNDVSZ0VCT0ZlejBt?= =?utf-8?B?bGV6TzdraTNlK0VMRGtkRTZja0xZUHlyNjU5WW9mVkFWeFMzN0JKTWd4L0lT?= =?utf-8?B?UE53Tjk5bVFKaTBKUGJOb0FjVjBhbHJ4TGdWdGplbFhuM0xzR3JJOXJhSm1U?= =?utf-8?B?dlFEdXdGRW44blprVExuRjVxVzU5UVdENXRkYXNtTnA4YzhNR0xWZDhWRE1X?= =?utf-8?B?bEp0d0V3REFBOHpzU0dCUnlEYWtiZmc2SC9ycnc2dFhTbWdTMzlOZnpHODIz?= =?utf-8?B?WktkcWpNVkxuZEVGZzdNaDVmdXk3SmxwSGpGaFgvbnhYVWthcG1RTXFkV1lB?= =?utf-8?B?VnVXR2lFN00zZzhmL01uaEhsNWZyQzh2SFZVM0ZLWFpKQ1UxcE9CbEVuTHJB?= =?utf-8?B?ZElkcS9LV0VacWd1b1Z6NEc3RnUrQjBEUGpFSXZTbnl2L090VkhNcXhvMlda?= =?utf-8?B?WWxCZ1QraEtBQWJ1QStlUmJnVjhPeFA1dndsclJzQ1lYUW9aL3YyZVJKZDVq?= =?utf-8?Q?St4nxUgDHAcJ9iAQ46CdXxNI51O3VIICYEmdiQp?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: fe14571b-23da-451e-799b-08d94b9a0e36 X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jul 2021 16:18:48.6209 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ymjcSzNu1hXtMvNTsTZmQJfdDK8vxor1/9J8dc2vbz9dq/0XNHIOLsVOg/Cw5pB9OGqaqhjYBGsyG2+pJNGwzg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5150 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 7/20/21 3:03 AM, Dov Murik wrote: > BlobVerifierLib will be used to verify blobs fetching them from QEMU's > firmware config (fw_cfg) in platforms that enable such verification. > > The null implementation BlobVerifierLibNull treats all blobs as valid. > > Cc: Ard Biesheuvel > Cc: Jordan Justen > Cc: Ashish Kalra > Cc: Brijesh Singh > Cc: Erdem Aktas > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Min Xu > Cc: Tom Lendacky > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3457 > Signed-off-by: Dov Murik Reviewed-by: Tom Lendacky > --- > OvmfPkg/OvmfPkg.dec | 3 ++ > OvmfPkg/Library/BlobVerifierLib/BlobVerifierLibNull.inf | 24 +++++++++++++ > OvmfPkg/Include/Library/BlobVerifierLib.h | 38 ++++++++++++++++++++ > OvmfPkg/Library/BlobVerifierLib/BlobVerifierNull.c | 33 +++++++++++++++++ > 4 files changed, 98 insertions(+) >