From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 59F3A94169C for ; Wed, 26 Jun 2024 14:33:29 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=LbJQ3JODBYYi9yRHZIQz+bBsXtfqRPzb6fyGMVGVVI4=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:User-Agent:Subject:To:CC:References:From:In-Reply-To:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1719412409; v=1; b=ncYZ1jCraSikuThbKZwNJ8bpffhnw2aIjQBW9Czhf/FarDg/JwYbCbJZL28SpwzpHPMe/L1c DLFReH6XtvCBswU3lMcnNJXCQcOPKALWrYDK7QKsyg3o16+/spXjxY6QZCCeptU4fJwuOI4CfV3 WHgiuudnww7bZD+at3kx2xgor+lAROpq85MGxdYr4Hxmv+B6UOBhl5jLs1gBhcco49YsN+tPm0a DYdHasiUi8B98EDkrQqVQBChmmTwAyYYsKKE0PxylOYkT+ivAnwKWsaxNxZRmQK5Zd4+yqvh4KW Hoa8CJbGkK/HQVQbv4SSw78jKH0SkxDpIUn0QMgWi5vjA== X-Received: by 127.0.0.2 with SMTP id XtscYY7687511xO06yWPsrYZ; Wed, 26 Jun 2024 07:33:27 -0700 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.66]) by mx.groups.io with SMTP id smtpd.web10.28332.1719412402164585720 for ; Wed, 26 Jun 2024 07:33:22 -0700 X-Received: from IA1PR12MB6460.namprd12.prod.outlook.com (2603:10b6:208:3a8::13) by MW6PR12MB8661.namprd12.prod.outlook.com (2603:10b6:303:23f::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7698.32; Wed, 26 Jun 2024 14:33:19 +0000 X-Received: from IA1PR12MB6460.namprd12.prod.outlook.com ([fe80::c819:8fc0:6563:aadf]) by IA1PR12MB6460.namprd12.prod.outlook.com ([fe80::c819:8fc0:6563:aadf%4]) with mapi id 15.20.7698.025; Wed, 26 Jun 2024 14:33:19 +0000 Message-ID: Date: Wed, 26 Jun 2024 20:03:10 +0530 User-Agent: Mozilla Thunderbird Subject: Re: [edk2-devel] [PATCH 0/2] AmdSev: Harden SEV Kernel hashes verifier To: Tobin Feldman-Fitzthum , devel@edk2.groups.io CC: dov.murik@gmail.com, james.bottomley@hansenpartnership.com, thomas.lendacky@amd.com, tobin@ibm.com References: <5618d3f0-827f-49f4-b1a7-6a47fac50550@amd.com> From: "Aithal, Srikanth via groups.io" In-Reply-To: X-ClientProxiedBy: BMXP287CA0007.INDP287.PROD.OUTLOOK.COM (2603:1096:b00:2c::14) To IA1PR12MB6460.namprd12.prod.outlook.com (2603:10b6:208:3a8::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: IA1PR12MB6460:EE_|MW6PR12MB8661:EE_ X-MS-Office365-Filtering-Correlation-Id: 75c426c0-621f-40e1-02f0-08dc95ecec30 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?qAxDR+EL439olRwP99omeElAX2ozK+MmI3t2pABVh3yjGv/gqZhYgkuc9Iv4?= =?us-ascii?Q?kA+fafmkt4UiMa09KcO7IL+ZnLGzHq+65CLleN1yRHqNoG/P2hhskNERkVAR?= =?us-ascii?Q?1VwSJNrxaiB9rLY7Hk/7EuDTHXeU2i6/73VgeOgfmtaCJtlkWebitKdairlT?= =?us-ascii?Q?53e5963Kuf8FoyysmrXPEJa6ha1l0eu2Q5983jsuL1H9nalBVALa7RLQc+9j?= =?us-ascii?Q?pHj4z9pwkgE4SJW1cFu1cK7nGubQhsJ5GUgAmiGOyJ2+gl3/oHrkWfMa9kpA?= =?us-ascii?Q?eKh6Zs5UDr3AncuWZ7FNPWAo2j1rDxDXct5Ot/ui1Nr62dNY1uI8EgqZu2Yl?= =?us-ascii?Q?2Qnfb1ZCkn9qjrjOwsnDzNNcc1bGeAauoXQqI+aCfWbiK2hudGyUVc82LDad?= =?us-ascii?Q?9buAj/CmaTvf3heORx2gm51QRi5YztBr2B0WjjpS8hZcrQS96vs/TSPeULkd?= =?us-ascii?Q?GdR0BuilUsgpronVDmgVwLmp2gavhYi/tc5NYdNWXUAasgutV/O8rjN56f/s?= =?us-ascii?Q?4xNc9NkBHWHAcd94TsKsK9vA7VDJdWBIQKGJF8KP+OuzcPIEM6BkB/HUJnJZ?= =?us-ascii?Q?lYWOMcfraG0T35dQjRCxviDmawvy+PIKrGm5bxQsm1J97diwwoDL4P4ibB+r?= =?us-ascii?Q?x8wSvVlJVB/wy39HlHiZiXQoNw52rpfzoXyK0WZea5drX2wa7Vr59AHfAYt2?= =?us-ascii?Q?fy1rQc1ZqB4A2wq7rE3RWtasRH8MzdaPveo+gscljb/Lfat3Dfd9OGzE+nPx?= =?us-ascii?Q?OBn5EMRsuR8oAkEAUgPN0a18FS7hZ7TsXh6UN/mUOUdUmI3K+BvFm5nN9Aj0?= =?us-ascii?Q?KA6avp7ACUXomdHpezZUkk6ednSZR/+cPMI1LvUgCyBJJQ/1DpAms9dhyOln?= =?us-ascii?Q?CMjawwd3I2Hfb7EG/HjzCi1Cr9KawMjjITbLE4mSTDU5tpDnvoVO/EjOiO0B?= =?us-ascii?Q?lXApoAsi9ulgYhuQC0E0kisQVTzcv5EppjFHwjNYLcC13mftYKewt6P2uUqr?= =?us-ascii?Q?7NYx3LbYHyI2ul0nhcax6G99gmjTvR27iOpeAyyIQmb3sWg7e+2cxE6SnbqV?= =?us-ascii?Q?W7ml6l8JQKop2z9JwXzqdyeRYgSCl61nOSm7tEMcd58w9zaIh3mIzZg6MCnz?= =?us-ascii?Q?5Laa75jW+YK5mXQp19ttXXnNZ1fbWn0mZN6edlhpSlg82zK6rKsYSm0lFwS4?= =?us-ascii?Q?aQzUL5OUlBYBEy4/Rb4TsT69Qm11/0+ymNdCIO9OygU7vhERgiuLeIxUk189?= =?us-ascii?Q?CdesU1HDw7t0xjdAMoLUNVjlldflNk8e95s6ZTSx93pY7iiyJcntkHczZB+H?= =?us-ascii?Q?HY5G0TpAhmpP38/t7svcTkjH?= X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?9fiqO77ShhyS4K9pyOVwfH07nainEmWcVkw2eyOvnschNSFzMX6ic2EAoD66?= =?us-ascii?Q?PaFJm003DSgGb76aJllpTW/RMIXUGzPVk9veHJ12D44m2HB8RaBHUs31GdId?= =?us-ascii?Q?2UnWD6Hy8X0sNUjbPKjdX3Db9bNgjKRo6Rg2o1IJtCTO70G3l4ziWI6xOAkP?= =?us-ascii?Q?FVUeTRglt2y/Kr7ItEefkyVmufu7AwceK8dJ4PQXOI4WiVEnDeHStYfoiuMn?= =?us-ascii?Q?GjOXqisFtNONiKpLiiJL3e/QJS7NLCggGol1YihIBP1Hfafhj/cK72E/YKA8?= =?us-ascii?Q?/+0NIGpyTdZjZOaxg2yCXOL6UnkUHa5ftK67kZaoOLb3w3NPdw07EJUb8fDx?= =?us-ascii?Q?ApGStemLc+TfzcwhqKJQJ7jGSVaZsHPwj7XxQsQ3GxQ4LYnrNcGh5smUM/iw?= =?us-ascii?Q?2SQtYCIRoaqR6gqqFSrE14XSpI0zvsDO+Umk3CqGMyLkB+QoIhdXJLDusdQd?= =?us-ascii?Q?A2BV8ojE9/yto5dExcDzUdKpOohcHgkU9+pEAG6l65t5DAoR4qCsquHGLmc+?= =?us-ascii?Q?llrrh2AFLeik6nqC/WGnCGfXRit8qt2tNPvVvNcQwjwwwDhj7WaXZH8bSBSj?= =?us-ascii?Q?TZE2pR0eIFJqBKcxEm7Eoj520Fk/e5twEoPkGHPPds+DOo5g8mNM2Wu7LqLp?= =?us-ascii?Q?stRC5ZjOBbtvtLnkChCsZiHDFKB2j3oaJrpAvlXFnv3y12v5kKFgy169orfd?= =?us-ascii?Q?wiKvHtignZXENPcK5Wt2NNeaxSeP20Toeybe3ogecJWjBwQFhfSb6YIrY/Cs?= =?us-ascii?Q?sH6BF/725CvjUglR67jqJjY6/5qdB9dXBYwdhXnrSp6aKE+Xn7qDWfFV5fLd?= =?us-ascii?Q?aldUhtaQVj857sr2O+xL7/mvW/zUBkuA2aFuepYyGL98CRek/c01CzDuDUIT?= =?us-ascii?Q?rl/6ilOsLG/ZdhcdWVNtZR3aqfMVummCw4JthX55IVxpo1kQNsCo2gPbYDOD?= =?us-ascii?Q?9G5ndQ7Dr1sNymSpwJ9KQ8sBG8ErBGqgFgE3K9aJG0fYB/9lWj/XqMcvbyMX?= =?us-ascii?Q?PrtDy1v1tYwXTPJ+ywBGdYkyKAMRCcZwAYa0cDZjW47zOwz71YSRbBW8TlX9?= =?us-ascii?Q?gBxQCgT3geMs5ey/J/KNphaWWoyMFpF1utSirGed0SpVrFCDqp4eIDCjbGps?= =?us-ascii?Q?eOteB/sBziVceypqJU2reAy9nCvzQZS/ursPRYvkgrp7gtsuFfKaU9x42BHp?= =?us-ascii?Q?pIC7gDolzNIEA7Q526lFlrGJff7hGTrijJTztxuwxyX3ob0zsdtGKCbxte56?= =?us-ascii?Q?ILaPprurFT5Gl1ohJb6clXKQpGP3AN2M/9L2aQs5Cypk2zL5xnKToIot5TeR?= =?us-ascii?Q?ArmIGYySWCEDyN9QpWsCo0cR7PYXCkihABzgwOnx+EwLTrj45+kgI8302t2j?= =?us-ascii?Q?kWoDaT4bnGiy6qIDR5TSS0ijITPU4ApH4nu0DZu3R34xC4xZ6evhp0Npvn/T?= =?us-ascii?Q?VL8M6sipprrt8qLwOYbekwzoiOVOYy/L11GmEHVFMu7NH6KgFcj2PpMgbfe+?= =?us-ascii?Q?doiGUBLh7mjAkXEFi/TT7yhJNGMXPTe1W0MweEfF7JD3pm0fYrZzR7wy0xRv?= =?us-ascii?Q?oURPCNdPvbsEov332VxB5Y4RFkjyjgvvg1C/cI8i?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 75c426c0-621f-40e1-02f0-08dc95ecec30 X-MS-Exchange-CrossTenant-AuthSource: IA1PR12MB6460.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jun 2024 14:33:19.0799 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: DgHAkSnAuVs2A0f4Aoqsk9D7RfpYRIkMS3Pie+b6IJDK0jLPFwBj2/ZeESDq/Rl1PH5HUFe/m1MTZrI0aYXqEA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW6PR12MB8661 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 26 Jun 2024 07:33:22 -0700 Resent-From: srikanth.aithal@amd.com Reply-To: devel@edk2.groups.io,srikanth.aithal@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: VuA5BBsZaQ5Xyzaf25RzTJQRx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=ncYZ1jCr; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io On 6/26/2024 7:28 PM, Tobin Feldman-Fitzthum wrote: > > > On 6/26/24 4:08 AM, Aithal, Srikanth wrote: >> Hello, SEV/SEVES guest boot fails with AMDSEV OVMF package built=20 >> using upstream edk2 master [commit head:=20 >> 2fbaaa96d11ad61a9133df1728e3fe965d1457a5]. SEV/SEVES guest boot with=20 >> AMDSEV package gets stuck at below point: Plain Text 2024-06-26=20 >> 04:=E2=80=8A38: =E2=80=8A02:=E2=80=8A >> >> >> Hello, >> >> SEV/SEVES guest boot fails with AMDSEV OVMF package built using=20 >> upstream edk2 master [commit=20 >> head:=C2=A02fbaaa96d11ad61a9133df1728e3fe965d1457a5]. >> >> SEV/SEVES guest boot with AMDSEV package gets stuck at below point: >> >> Plain Text >> >> |2024-06-26 04:38:02: FetchBlob: loading 14332416 bytes for "kernel"=20 >> 2024-06-26 04:38:02: Select Item: 0x18 2024-06-26 04:38:02: Select=20 >> Item: 0x11 2024-06-26 04:38:02: VerifyBlob: Found GUID=20 >> 4DE79437-ABD2-427F-B835-D5B172D2045B in table 2024-06-26 04:38:02:=20 >> VerifyBlob: Hash comparison succeeded for "kernel" 2024-06-26=20 >> 04:38:02: Select Item: 0xB 2024-06-26 04:38:02: VerifyBlob: Found=20 >> GUID 44BAF731-3A2F-4BD7-9AF1-41E29169781D in table 2024-06-26=20 >> 04:38:02: VerifyBlob: Blob Specified in Hash Table was not Provided=20 >> --> Hung here | >> > Can you send qemu command that produces this case? > It looks like what is happening is that the initrd is specified in the=20 > hash table, but is not provided to the guest. > You might try with and without the -initrd option and compare. > It's possible that when -initrd is not provided, QEMU will still put=20 > something in the table, which this patch might not account for. > > -Tobin my qemu command line to recreate the issue: qemu-system-x86_64 \ -machine q35,confidential-guest-support=3Dsev0,vmport=3Doff \ -object sev-guest,id=3Dsev0,cbitpos=3D51,reduced-phys-bits=3D1,kernel-hashe= s=3Don \ -name guest=3Dvm,debug-threads=3Don \ -drive=20 if=3Dpflash,format=3Draw,unit=3D0,file=3D/VT_BUILD/OVMF_AmdSev/OVMF.fd,read= only \ -cpu host \ -m 4096 \ -kernel '/VT_BUILD/usr/local/bzImage' \ -append 'root=3D/dev/sda rw console=3DttyS0,115200n8=20 earlyprintk=3DttyS0,115200 net.ifnames=3D0 biosdevname=3D0 movable_node=20 swiotlb=3D65536' \ -smp 1,cores=3D1,threads=3D1,dies=3D1,sockets=3D1 \ -drive=20 file=3D/VT_BUILD/images/22.04-server.qcow2,index=3D0,media=3Ddisk,format=3D= qcow2 \ --enable-kvm \ --nographic Yes, if I pass -initrd explicitly the Hash verify step passes properly FetchBlob: loading 14332416 bytes for "kernel" Select Item: 0x18 Select Item: 0x11 VerifyBlob: Found GUID 4DE79437-ABD2-427F-B835-D5B172D2045B in table VerifyBlob: Hash comparison succeeded for "kernel" Select Item: 0xB FetchBlob: loading 75379943 bytes for "initrd" Select Item: 0x12 VerifyBlob: Found GUID 44BAF731-3A2F-4BD7-9AF1-41E29169781D in table VerifyBlob: Hash comparison succeeded for "initrd" Select Item: 0x14 FetchBlob: loading 120 bytes for "cmdline" Select Item: 0x15 VerifyBlob: Found GUID 97D02DD8-BD20-4C94-AA78-E7714D36AB2A in table VerifyBlob: Hash comparison succeeded for "cmdline" >> This was working until yesterday [commit head: be38c01], where we can=20 >> see boot was proceeding >> >> Plain Text >> >> |2024-06-25 03:13:23: VerifyBlob: Found GUID=20 >> 4DE79437-ABD2-427F-B835-D5B172D2045B in table 2024-06-25 03:13:23:=20 >> VerifyBlob: Hash comparison succeeded for "kernel" 2024-06-25=20 >> 03:13:23: Select Item: 0xB 2024-06-25 03:13:23: VerifyBlob: Found=20 >> GUID 44BAF731-3A2F-4BD7-9AF1-41E29169781D in table 2024-06-25=20 >> 03:13:23: VerifyBlob: Hash comparison succeeded for "initrd"=20 >> 2024-06-25 03:13:23: Select Item: 0x14 2024-06-25 03:13:23:=20 >> FetchBlob: loading 120 bytes for "cmdline" 2024-06-25 03:13:23:=20 >> Select Item: 0x15 2024-06-25 03:13:23: VerifyBlob: Found GUID=20 >> 97D02DD8-BD20-4C94-AA78-E7714D36AB2A in table 2024-06-25 03:13:23:=20 >> VerifyBlob: Hash comparison succeeded for "cmdline"| >> >> >> After this patch got merged the regression is seen. >> >> Thanks, >> >> Srikanth Aithal >> >> >> On 5/7/2024 1:57 AM, Tobin Feldman-Fitzthum via groups.io wrote: >>> The AmdSev package has a so-called BlobVerifier, which >>> is meant to extend the TCB of a confidential guest >>> (SEV or SNP) to include components provided via fw_cfg >>> such as initrd, kernel, kernel params. >>> >>> This series fixes a few implementation errors in the >>> blob verifier. One common theme is that the verifier >>> currently fails to halt the boot when an invalid blob >>> is detected. This can lead to a confidential guest >>> having a launch measurement that does not reflect the >>> guest TCB. >>> >>> This series could also help us move towards consolidating >>> the AmdSev package back into the OvmfPkg although more >>> discussion will be needed on this. >>> >>> Thank you for Ryan Savino at AMD for pointing out >>> some of these issues. >>> >>> Tobin Feldman-Fitzthum (2): >>> =C2=A0=C2=A0 AmdSev: Rework Blob Verifier >>> =C2=A0=C2=A0 AmdSev: Halt on failed blob allocation >>> >>> =C2=A0 .../BlobVerifierSevHashes.c=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 | = 56=20 >>> ++++++++++++++++--- >>> =C2=A0 OvmfPkg/Include/Library/BlobVerifierLib.h=C2=A0=C2=A0=C2=A0=C2= =A0 | 14 +++-- >>> =C2=A0 .../BlobVerifierLibNull/BlobVerifierNull.c=C2=A0=C2=A0=C2=A0 | 1= 3 +++-- >>> =C2=A0 .../QemuKernelLoaderFsDxe.c=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |= =C2=A0 9 ++- >>> =C2=A0 4 files changed, 69 insertions(+), 23 deletions(-) >>> -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119718): https://edk2.groups.io/g/devel/message/119718 Mute This Topic: https://groups.io/mt/105977013/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-