From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 521C2780091 for ; Wed, 26 Jun 2024 16:35:18 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=frW02qqLJz9pPa0p4esBD384B0w9e87GYRCOuZ4/LrQ=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:User-Agent:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1719419718; v=1; b=yNsom6iWx6A7Qm6WfM2eVAiikUtj/sFbrXxjvs7kaHE4Agyg5AkJmj+oAlgla306k+s8w0L5 D6oOiRdH+gtai2Bow/L5Toet1HHcl6Bbzc+HIqwYkyUbfka8omQRgqwJULF23pG8BuUXpKgBtnD 9CDAjPBN6q5LlKhLEwfnJGxNgBcCYjxh3RI+G04TUJk/iysapyfFcN/gl/CMtVUHPTvbZWfDlk/ dNAzLGL1mt89AkhSIcBjRR7opT/DT43VvXpnAFZ3cTanZUYs95XLc//UfTX1C+elsq3PVLuQeNf tgOK+djsPve7QZ1Zyyhvp58CfRyckbYSUap7zmM+7VCjw== X-Received: by 127.0.0.2 with SMTP id NdtnYY7687511xjAlKeaAO1M; Wed, 26 Jun 2024 09:35:16 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web10.27306.1719410305883903577 for ; Wed, 26 Jun 2024 06:58:26 -0700 X-Received: from pps.filterd (m0353728.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 45QCxNpt029393; Wed, 26 Jun 2024 13:58:24 GMT X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 400kff85qm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 26 Jun 2024 13:58:23 +0000 (GMT) X-Received: from m0353728.ppops.net (m0353728.ppops.net [127.0.0.1]) by pps.reinject (8.18.0.8/8.18.0.8) with ESMTP id 45QDtbXq019595; Wed, 26 Jun 2024 13:58:23 GMT X-Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 400kff85qj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 26 Jun 2024 13:58:23 +0000 (GMT) X-Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 45QBrbjJ000564; Wed, 26 Jun 2024 13:58:22 GMT X-Received: from smtprelay04.dal12v.mail.ibm.com ([172.16.1.6]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3yxaen4ks7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 26 Jun 2024 13:58:22 +0000 X-Received: from smtpav01.dal12v.mail.ibm.com (smtpav01.dal12v.mail.ibm.com [10.241.53.100]) by smtprelay04.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 45QDwJ3j26018368 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 26 Jun 2024 13:58:21 GMT X-Received: from smtpav01.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 560E458057; Wed, 26 Jun 2024 13:58:19 +0000 (GMT) X-Received: from smtpav01.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D8DF858059; Wed, 26 Jun 2024 13:58:18 +0000 (GMT) X-Received: from [9.61.188.3] (unknown [9.61.188.3]) by smtpav01.dal12v.mail.ibm.com (Postfix) with ESMTPS; Wed, 26 Jun 2024 13:58:18 +0000 (GMT) Message-ID: Date: Wed, 26 Jun 2024 09:58:18 -0400 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [edk2-devel] [PATCH 0/2] AmdSev: Harden SEV Kernel hashes verifier To: "Aithal, Srikanth" , devel@edk2.groups.io Cc: dov.murik@gmail.com, james.bottomley@hansenpartnership.com, thomas.lendacky@amd.com, tobin@ibm.com References: <5618d3f0-827f-49f4-b1a7-6a47fac50550@amd.com> From: Tobin Feldman-Fitzthum In-Reply-To: <5618d3f0-827f-49f4-b1a7-6a47fac50550@amd.com> X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 6HiTCbPFwn_yqBMsJp0vnSz2ZXktCxT0 X-Proofpoint-ORIG-GUID: kU5JmIEZJKbQYlYEOAUbErU6rnqkZQnz Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 26 Jun 2024 09:35:15 -0700 Resent-From: tobin@linux.ibm.com Reply-To: devel@edk2.groups.io,tobin@linux.ibm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: rXwuGQhRDwHKQnI4A0Wb2koFx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=yNsom6iW; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=ibm.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io On 6/26/24 4:08 AM, Aithal, Srikanth wrote: > Hello, SEV/SEVES guest boot fails with AMDSEV OVMF package built using=20 > upstream edk2 master [commit head:=20 > 2fbaaa96d11ad61a9133df1728e3fe965d1457a5]. SEV/SEVES guest boot with=20 > AMDSEV package gets stuck at below point: Plain Text 2024-06-26 04:=E2=80= =8A38:=20 > =E2=80=8A02:=E2=80=8A >=20 >=20 > Hello, >=20 > SEV/SEVES guest boot fails with AMDSEV OVMF package built using upstream= =20 > edk2 master [commit head:=C2=A02fbaaa96d11ad61a9133df1728e3fe965d1457a5]. >=20 > SEV/SEVES guest boot with AMDSEV package gets stuck at below point: >=20 > Plain Text >=20 > |2024-06-26 04:38:02: FetchBlob: loading 14332416 bytes for "kernel"=20 > 2024-06-26 04:38:02: Select Item: 0x18 2024-06-26 04:38:02: Select Item:= =20 > 0x11 2024-06-26 04:38:02: VerifyBlob: Found GUID=20 > 4DE79437-ABD2-427F-B835-D5B172D2045B in table 2024-06-26 04:38:02:=20 > VerifyBlob: Hash comparison succeeded for "kernel" 2024-06-26 04:38:02:= =20 > Select Item: 0xB 2024-06-26 04:38:02: VerifyBlob: Found GUID=20 > 44BAF731-3A2F-4BD7-9AF1-41E29169781D in table 2024-06-26 04:38:02:=20 > VerifyBlob: Blob Specified in Hash Table was not Provided --> Hung here | >=20 Can you send qemu command that produces this case? It looks like what is happening is that the initrd is specified in the=20 hash table, but is not provided to the guest. You might try with and without the -initrd option and compare. It's possible that when -initrd is not provided, QEMU will still put=20 something in the table, which this patch might not account for. -Tobin > This was working until yesterday [commit head: be38c01], where we can=20 > see boot was proceeding >=20 > Plain Text >=20 > |2024-06-25 03:13:23: VerifyBlob: Found GUID=20 > 4DE79437-ABD2-427F-B835-D5B172D2045B in table 2024-06-25 03:13:23:=20 > VerifyBlob: Hash comparison succeeded for "kernel" 2024-06-25 03:13:23:= =20 > Select Item: 0xB 2024-06-25 03:13:23: VerifyBlob: Found GUID=20 > 44BAF731-3A2F-4BD7-9AF1-41E29169781D in table 2024-06-25 03:13:23:=20 > VerifyBlob: Hash comparison succeeded for "initrd" 2024-06-25 03:13:23:= =20 > Select Item: 0x14 2024-06-25 03:13:23: FetchBlob: loading 120 bytes for= =20 > "cmdline" 2024-06-25 03:13:23: Select Item: 0x15 2024-06-25 03:13:23:=20 > VerifyBlob: Found GUID 97D02DD8-BD20-4C94-AA78-E7714D36AB2A in table=20 > 2024-06-25 03:13:23: VerifyBlob: Hash comparison succeeded for "cmdline"| >=20 >=20 > After this patch got merged the regression is seen. >=20 > Thanks, >=20 > Srikanth Aithal >=20 >=20 > On 5/7/2024 1:57 AM, Tobin Feldman-Fitzthum via groups.io wrote: >> The AmdSev package has a so-called BlobVerifier, which >> is meant to extend the TCB of a confidential guest >> (SEV or SNP) to include components provided via fw_cfg >> such as initrd, kernel, kernel params. >> >> This series fixes a few implementation errors in the >> blob verifier. One common theme is that the verifier >> currently fails to halt the boot when an invalid blob >> is detected. This can lead to a confidential guest >> having a launch measurement that does not reflect the >> guest TCB. >> >> This series could also help us move towards consolidating >> the AmdSev package back into the OvmfPkg although more >> discussion will be needed on this. >> >> Thank you for Ryan Savino at AMD for pointing out >> some of these issues. >> >> Tobin Feldman-Fitzthum (2): >> AmdSev: Rework Blob Verifier >> AmdSev: Halt on failed blob allocation >> >> .../BlobVerifierSevHashes.c | 56 ++++++++++++++++--- >> OvmfPkg/Include/Library/BlobVerifierLib.h | 14 +++-- >> .../BlobVerifierLibNull/BlobVerifierNull.c | 13 +++-- >> .../QemuKernelLoaderFsDxe.c | 9 ++- >> 4 files changed, 69 insertions(+), 23 deletions(-) >> -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119720): https://edk2.groups.io/g/devel/message/119720 Mute This Topic: https://groups.io/mt/105977013/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-