From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 79261740041 for ; Wed, 8 May 2024 07:35:47 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=m67HaBc8xACtszWarfFpXf4cJYpVMAH39cBpMTIaDTw=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20240206; t=1715153746; v=1; b=39c7D/zHYqq6ovdK4B/0uOuCY0ufc5Hen6Q1INkx60gRSfJdvL9fnp4mMJBxH8F4SflJ2dMc /RSYncrSvEYLMeljJIduyI06Gd516WBBiUqgUyD+HFGgajbFcrPC8Vl25l1UAIVCOTboinNJMn+ xTsSFK2/RVe5YGBpwp/kcWqbOT1kEWxrXPLw2KbWM9TGPpCUqZKh0URM9F6z6TJVaZFR/RO3a0u 7GhUkVEHVD3BSe3pjPiqvpocJ4jeNYlkXQzeCmOoNs0SDB2KTPXQqjhDb1qFDRc7GMtmDZEuhZu YUP8uFVXd0O3OThXhE3K6Uygj26E+FQlNtQaACt/8jnCA== X-Received: by 127.0.0.2 with SMTP id 2bmXYY7687511xU38hcn63MP; Wed, 08 May 2024 00:35:46 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web10.1497.1715027274939863170 for ; Mon, 06 May 2024 13:27:54 -0700 X-Received: from pps.filterd (m0353727.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 446K7XVQ016908; Mon, 6 May 2024 20:27:53 GMT X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3xy5y8g232-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 06 May 2024 20:27:53 +0000 X-Received: from m0353727.ppops.net (m0353727.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 446KRqZo019185; Mon, 6 May 2024 20:27:52 GMT X-Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3xy5y8g230-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 06 May 2024 20:27:52 +0000 X-Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 446HjgoB005538; Mon, 6 May 2024 20:27:51 GMT X-Received: from smtprelay01.wdc07v.mail.ibm.com ([172.16.1.68]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3xx5yh0pvp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 06 May 2024 20:27:51 +0000 X-Received: from smtpav01.wdc07v.mail.ibm.com (smtpav01.wdc07v.mail.ibm.com [10.39.53.228]) by smtprelay01.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 446KRm6544892490 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 6 May 2024 20:27:50 GMT X-Received: from smtpav01.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6ECBC58055; Mon, 6 May 2024 20:27:48 +0000 (GMT) X-Received: from smtpav01.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BAAF758067; Mon, 6 May 2024 20:27:47 +0000 (GMT) X-Received: from amdrome3.watson.ibm.com (unknown [9.2.130.16]) by smtpav01.wdc07v.mail.ibm.com (Postfix) with ESMTP; Mon, 6 May 2024 20:27:47 +0000 (GMT) From: Tobin Feldman-Fitzthum To: devel@edk2.groups.io Cc: dov.murik@gmail.com, james.bottomley@hansenpartnership.com, thomas.lendacky@amd.com, tobin@ibm.com, Tobin Feldman-Fitzthum Subject: [edk2-devel] [PATCH 0/2] AmdSev: Harden SEV Kernel hashes verifier Date: Mon, 6 May 2024 20:27:34 +0000 Message-Id: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: pJxewQlvjfwi-AzgHMD4GCE92fuT-r8j X-Proofpoint-GUID: XOhVGfLEI3CcPH02_NyUtnSupdNqMTvq Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 08 May 2024 00:35:40 -0700 Resent-From: tobin@linux.ibm.com Reply-To: devel@edk2.groups.io,tobin@linux.ibm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: M6XeVptBs1FQCk1SNEkt9NmRx7686176AA= Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b="39c7D/zH"; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=ibm.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io The AmdSev package has a so-called BlobVerifier, which is meant to extend the TCB of a confidential guest (SEV or SNP) to include components provided via fw_cfg such as initrd, kernel, kernel params. This series fixes a few implementation errors in the blob verifier. One common theme is that the verifier currently fails to halt the boot when an invalid blob is detected. This can lead to a confidential guest having a launch measurement that does not reflect the guest TCB. This series could also help us move towards consolidating the AmdSev package back into the OvmfPkg although more discussion will be needed on this. Thank you for Ryan Savino at AMD for pointing out some of these issues. Tobin Feldman-Fitzthum (2): AmdSev: Rework Blob Verifier AmdSev: Halt on failed blob allocation .../BlobVerifierSevHashes.c | 56 ++++++++++++++++--- OvmfPkg/Include/Library/BlobVerifierLib.h | 14 +++-- .../BlobVerifierLibNull/BlobVerifierNull.c | 13 +++-- .../QemuKernelLoaderFsDxe.c | 9 ++- 4 files changed, 69 insertions(+), 23 deletions(-) -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118661): https://edk2.groups.io/g/devel/message/118661 Mute This Topic: https://groups.io/mt/105977013/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-