SecTpmMeasurementLibTdx is an instance of TpmMeasurement lib in SEC phase.
It provides RTMR based measurement functions for Intel Tdx guest.

Commit a708536dce introduces SecMeasurementLibTdx which provides the same
functions. But it is not an instance of TpmMeasurementLib.
We have updated DxeTpmMeasurementLib (which is an instance of
TpmMeasurementLib) to support RTMR based measurement. To make the design
consistent, SecTpmMeasurementLibTdx is introduced. After that
SecMeasurementLibTdx is removed.

Patch #1:
 Introduce SecMeasurementLibTdx
Patch #2:
 Update OvmfPkg to support MeasureHobList/MeasureFvImage with
 SecMeasurementLibTdx.
Patch #3:
 Remove SecMeasurementLibTdx.

Code: https://github.com/mxu9/edk2/tree/secMeasurementLib.v1
  
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>

Min M Xu (3):
  Security: Add SecTpmMeasurementLibTdx
  OvmfPkg: Implement MeasureHobList/MeasureFvImage
  OvmfPkg: Delete SecMeasurementLibTdx

 OvmfPkg/Include/Library/SecMeasurementLib.h   |  46 ---
 OvmfPkg/IntelTdx/IntelTdxX64.dsc              |   2 +-
 OvmfPkg/Library/PeilessStartupLib/IntelTdx.c  | 186 ++++++++++
 .../PeilessStartupLib/PeilessStartup.c        |   1 -
 .../PeilessStartupInternal.h                  |  36 ++
 .../PeilessStartupLib/PeilessStartupLib.inf   |   2 +-
 .../SecMeasurementLib/SecMeasurementLibTdx.c  | 340 ------------------
 .../SecMeasurementLibTdx.inf                  |  30 --
 OvmfPkg/OvmfPkg.dec                           |   4 -
 .../SecTpmMeasurementLibTdx.c                 | 176 +++++++++
 .../SecTpmMeasurementLibTdx.inf               |  34 ++
 SecurityPkg/SecurityPkg.dsc                   |   2 +
 12 files changed, 436 insertions(+), 423 deletions(-)
 delete mode 100644 OvmfPkg/Include/Library/SecMeasurementLib.h
 delete mode 100644 OvmfPkg/Library/SecMeasurementLib/SecMeasurementLibTdx.c
 delete mode 100644 OvmfPkg/Library/SecMeasurementLib/SecMeasurementLibTdx.inf
 create mode 100644 SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c
 create mode 100644 SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.inf

-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#90208): https://edk2.groups.io/g/devel/message/90208
Mute This Topic: https://groups.io/mt/91551450/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

On Sun, Jun 05, 2022 at 09:02:45AM +0800, Min Xu wrote:
> SecTpmMeasurementLibTdx is an instance of TpmMeasurement lib in SEC phase.
> It provides RTMR based measurement functions for Intel Tdx guest.
> 
> Commit a708536dce introduces SecMeasurementLibTdx which provides the same
> functions. But it is not an instance of TpmMeasurementLib.
> We have updated DxeTpmMeasurementLib (which is an instance of
> TpmMeasurementLib) to support RTMR based measurement. To make the design
> consistent, SecTpmMeasurementLibTdx is introduced. After that
> SecMeasurementLibTdx is removed.

So, what is the difference?  Just make the calling convention compatible
with TpmMeasurementLib?

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#90282): https://edk2.groups.io/g/devel/message/90282
Mute This Topic: https://groups.io/mt/91551450/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

The previous patch created a new instance SecTpmMeasurementLibTdx, which is not a best idea.

If we can use the existing instance, there is no need to create a new one. Just create a new instance.

Thank you
Yao Jiewen

> -----Original Message-----
> From: Gerd Hoffmann <kraxel@redhat.com>
> Sent: Tuesday, June 7, 2022 6:35 PM
> To: Xu, Min M <min.m.xu@intel.com>
> Cc: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Aktas, Erdem <erdemaktas@google.com>; James
> Bottomley <jejb@linux.ibm.com>; Tom Lendacky <thomas.lendacky@amd.com>
> Subject: Re: [PATCH 0/3] Introduce SecTpmMeasurementLibTdx
> 
> On Sun, Jun 05, 2022 at 09:02:45AM +0800, Min Xu wrote:
> > SecTpmMeasurementLibTdx is an instance of TpmMeasurement lib in SEC
> phase.
> > It provides RTMR based measurement functions for Intel Tdx guest.
> >
> > Commit a708536dce introduces SecMeasurementLibTdx which provides the
> same
> > functions. But it is not an instance of TpmMeasurementLib.
> > We have updated DxeTpmMeasurementLib (which is an instance of
> > TpmMeasurementLib) to support RTMR based measurement. To make the
> design
> > consistent, SecTpmMeasurementLibTdx is introduced. After that
> > SecMeasurementLibTdx is removed.
> 
> So, what is the difference?  Just make the calling convention compatible
> with TpmMeasurementLib?
> 
> take care,
>   Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#90288): https://edk2.groups.io/g/devel/message/90288
Mute This Topic: https://groups.io/mt/91551450/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>

> -----Original Message-----
> From: Xu, Min M <min.m.xu@intel.com>
> Sent: Sunday, June 5, 2022 9:03 AM
> To: devel@edk2.groups.io
> Cc: Xu, Min M <min.m.xu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Aktas, Erdem
> <erdemaktas@google.com>; James Bottomley <jejb@linux.ibm.com>; Tom
> Lendacky <thomas.lendacky@amd.com>; Gerd Hoffmann <kraxel@redhat.com>
> Subject: [PATCH 0/3] Introduce SecTpmMeasurementLibTdx
> 
> SecTpmMeasurementLibTdx is an instance of TpmMeasurement lib in SEC phase.
> It provides RTMR based measurement functions for Intel Tdx guest.
> 
> Commit a708536dce introduces SecMeasurementLibTdx which provides the
> same
> functions. But it is not an instance of TpmMeasurementLib.
> We have updated DxeTpmMeasurementLib (which is an instance of
> TpmMeasurementLib) to support RTMR based measurement. To make the
> design
> consistent, SecTpmMeasurementLibTdx is introduced. After that
> SecMeasurementLibTdx is removed.
> 
> Patch #1:
>  Introduce SecMeasurementLibTdx
> Patch #2:
>  Update OvmfPkg to support MeasureHobList/MeasureFvImage with
>  SecMeasurementLibTdx.
> Patch #3:
>  Remove SecMeasurementLibTdx.
> 
> Code: https://github.com/mxu9/edk2/tree/secMeasurementLib.v1
> 
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Signed-off-by: Min Xu <min.m.xu@intel.com>
> 
> Min M Xu (3):
>   Security: Add SecTpmMeasurementLibTdx
>   OvmfPkg: Implement MeasureHobList/MeasureFvImage
>   OvmfPkg: Delete SecMeasurementLibTdx
> 
>  OvmfPkg/Include/Library/SecMeasurementLib.h   |  46 ---
>  OvmfPkg/IntelTdx/IntelTdxX64.dsc              |   2 +-
>  OvmfPkg/Library/PeilessStartupLib/IntelTdx.c  | 186 ++++++++++
>  .../PeilessStartupLib/PeilessStartup.c        |   1 -
>  .../PeilessStartupInternal.h                  |  36 ++
>  .../PeilessStartupLib/PeilessStartupLib.inf   |   2 +-
>  .../SecMeasurementLib/SecMeasurementLibTdx.c  | 340 ------------------
>  .../SecMeasurementLibTdx.inf                  |  30 --
>  OvmfPkg/OvmfPkg.dec                           |   4 -
>  .../SecTpmMeasurementLibTdx.c                 | 176 +++++++++
>  .../SecTpmMeasurementLibTdx.inf               |  34 ++
>  SecurityPkg/SecurityPkg.dsc                   |   2 +
>  12 files changed, 436 insertions(+), 423 deletions(-)
>  delete mode 100644 OvmfPkg/Include/Library/SecMeasurementLib.h
>  delete mode 100644
> OvmfPkg/Library/SecMeasurementLib/SecMeasurementLibTdx.c
>  delete mode 100644
> OvmfPkg/Library/SecMeasurementLib/SecMeasurementLibTdx.inf
>  create mode 100644
> SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c
>  create mode 100644
> SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.inf
> 
> --
> 2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#90213): https://edk2.groups.io/g/devel/message/90213
Mute This Topic: https://groups.io/mt/91551450/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-