Re: [edk2-devel] [PATCH V1 1/1] OvmfPkg/QemuBootOrderLib: Measure the etc/boot-menu-wait

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Gerd Hoffmann" <kraxel@redhat.com>
To: Ceping Sun <cepingx.sun@intel.com>
Cc: devel@edk2.groups.io, Erdem Aktas <erdemaktas@google.com>,
	 Jiewen Yao <jiewen.yao@intel.com>, Min Xu <min.m.xu@intel.com>,
	 Elena Reshetova <elena.reshetova@intel.com>
Subject: Re: [edk2-devel] [PATCH V1 1/1] OvmfPkg/QemuBootOrderLib: Measure the etc/boot-menu-wait
Date: Tue, 12 Mar 2024 12:04:08 +0100	[thread overview]
Message-ID: <jiku2uwl34byqjqfjhyprrr2xstyp46s5cjyt6ioxuxcq4hkt3@xoti5kq4j3rr> (raw)
In-Reply-To: <20240312235146.3777997-1-cepingx.sun@intel.com>

On Wed, Mar 13, 2024 at 07:51:46AM +0800, Ceping Sun wrote:
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4415
> 
> Refer to the section 8.3.4 of tdx-virtual-firmware-design-guide spec,
> OVMF would uses FW_CFG_IO_SELECTOR(0x510) and FW_CFG_IO_DATA(0x511)
> to get configuration data from QEMU. From the security perspective,
> if TDVF uses this method, configuration data must be measured into
> RTMR[0].
> 
> Currently, the etc/boot-menu-wait is using in TDVF, it required to be
> measured into RTMR[0].

That config item doesn't change the control flow.
Do we have to measure it?

> This is the first patch and will continue to be updated to measure
> additional configuration data.

What else is in the pipeline?  At least ACPI and smbios tables I assume?

I'd like to have a more complete picture first.  Also I think it makes
sense to have a single patch series implementing all of it instead of
merging it piece by piece, to avoid having multiple edk2 releases where
the measurements are changing.

Note that the current code (looking at a non-tdx build) reads several
fw_cfg items multiple times.  Entries 0 and 1 (used for probing fw_cfg
presence), 0x19 (file directory) are read most frequently.  etc/e820 is
scanned multiple times too; tvdf in tdx mode wouldn't use it though.

If we are going to measure the fw_cfg bits used by ovmf / tdvf I think
we have to:

  (1) Make sure we read + measure the data once.
  (2) Make sure we measure the fw_cfg entries in a deterministic
      order so the measurements are stable.
  (3) Cache the measured data somewhere if needed multiple times
      (or simply cache unconditionally).

We probably wouldn't measure all fw_cfg entries.  The ones used by
direct kernel boot can be skipped for example.  The kernel image will
be measured anyway before it is launched.

> +#define EV_POSTCODE_INFO_QEMU_BOOTMENU_WAIT_TIME_DATA  "QEMU BOOTMENU WAIT TIME"

"QEMU FW CFG" ?

I think it makes sense to have one name and one struct for all qemu
fw_cfg items.  Or maybe two, one for the file-name based entries and
one for the others.

take care,
  Gerd

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116677): https://edk2.groups.io/g/devel/message/116677
Mute This Topic: https://groups.io/mt/104880546/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

next prev parent reply	other threads:[~2024-03-12 11:04 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-03-12 23:51 [edk2-devel] [PATCH V1 1/1] OvmfPkg/QemuBootOrderLib: Measure the etc/boot-menu-wait sunceping
2024-03-12  7:57 ` Yao, Jiewen
2024-03-13  8:39   ` sunceping
2024-03-12 11:04 ` Gerd Hoffmann [this message]
2024-03-13  8:50   ` sunceping
2024-03-14  9:30     ` Gerd Hoffmann
2024-03-20  8:41       ` sunceping
2024-03-20 10:04         ` Gerd Hoffmann
2024-03-21  8:39           ` sunceping
2024-03-21 12:25             ` Gerd Hoffmann
2024-03-22  8:29               ` sunceping
2024-03-22  9:05                 ` Gerd Hoffmann
2024-03-26  9:08                   ` sunceping
2024-03-26 15:44                     ` Gerd Hoffmann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=jiku2uwl34byqjqfjhyprrr2xstyp46s5cjyt6ioxuxcq4hkt3@xoti5kq4j3rr \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox