From nobody Sun May 19 11:06:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+75568+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75568+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1621945608; cv=none; d=zohomail.com; s=zohoarc; b=CW+ZUwtwqhPbfc3x9AlF413efPk1L4mg1KAzwftK8KrX3dzKlnpdE2wPsRFFgVVgekG8RltP5tXehWGz190GKoV5MDGcum+pXTy35BJY1TC/B+iXRMqIwXRIe2j7KxipxXb1hwARKCELflffgmckJ2sk/DEsyq3xOqu6xLpUdTg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1621945608; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=+ghlnnt2fLMwCoHHsZMJlrZYu5ZZuP4FRoJOELiIBj0=; b=H2tiX5HPsiFnfeIPGREC33wfoxDH0eGvFRiktihwaRpjoU6mk4XGHyk34rkv/1XzCNWcvkLYsteVd+aYInLsDBLivHSV9J0LIn8KmYvXaN/ToQCqv3DJXaxxKmwOjd/VmKOc4fzX5WB3BLs0i3dq+af2fTDj9t/itqOuP2/SV6c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75568+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1621945608725746.572610425829; Tue, 25 May 2021 05:26:48 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id etrWYY1788612xNu9LR4wvUD; Tue, 25 May 2021 05:26:48 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web08.5733.1621920687613354704 for ; Mon, 24 May 2021 22:31:27 -0700 X-Received: from pps.filterd (m0098419.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14P54fGP172846; Tue, 25 May 2021 01:31:25 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 38rrbpc1ju-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:25 -0400 X-Received: from m0098419.ppops.net (m0098419.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14P5RYnQ049626; Tue, 25 May 2021 01:31:25 -0400 X-Received: from ppma02dal.us.ibm.com (a.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.10]) by mx0b-001b2d01.pphosted.com with ESMTP id 38rrbpc1j8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:25 -0400 X-Received: from pps.filterd (ppma02dal.us.ibm.com [127.0.0.1]) by ppma02dal.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14P5RcPc015791; Tue, 25 May 2021 05:31:24 GMT X-Received: from b01cxnp22034.gho.pok.ibm.com (b01cxnp22034.gho.pok.ibm.com [9.57.198.24]) by ppma02dal.us.ibm.com with ESMTP id 38psk91gtm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 05:31:24 +0000 X-Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106]) by b01cxnp22034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14P5VNFL35914078 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 25 May 2021 05:31:23 GMT X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 204F628059; Tue, 25 May 2021 05:31:23 +0000 (GMT) X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CED4828060; Tue, 25 May 2021 05:31:22 +0000 (GMT) X-Received: from localhost.localdomain (unknown [9.2.130.16]) by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 25 May 2021 05:31:22 +0000 (GMT) From: Dov Murik To: devel@edk2.groups.io Cc: Dov Murik , Tobin Feldman-Fitzthum , Tobin Feldman-Fitzthum , Jim Cadden , James Bottomley , Hubertus Franke , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Ashish Kalra , Brijesh Singh , Erdem Aktas , Jiewen Yao , Min Xu , Tom Lendacky Subject: [edk2-devel] [PATCH v1 1/8] OvmfPkg/AmdSev/SecretDxe: fix header comment to generic naming Date: Tue, 25 May 2021 05:31:09 +0000 Message-Id: <20210525053116.1533673-2-dovmurik@linux.ibm.com> In-Reply-To: <20210525053116.1533673-1-dovmurik@linux.ibm.com> References: <20210525053116.1533673-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 4T5qe83iJh9DRi0QB5S5ccTobrT3RDO- X-Proofpoint-ORIG-GUID: N2B1tO6uZj3L4YsvbEIVUdMlHDGSgFoN Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dovmurik@linux.ibm.com X-Gm-Message-State: cKhGNYphUq8TJVPCat1VYHiex1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1621945608; bh=WHMn4xnA3TclmVGMwNAubvi9x2JCDrZPqt6uzty8ICc=; h=Cc:Date:From:Reply-To:Subject:To; b=l/nkc5oO9fve7GhE98FLZ/DbKocEAlQ3iJK7KpmbWhmZJM4sBWS7cWCLAFBzyFdU736 56z6nT1eNcuSyFOx02+zCkiOBCpIX89wR+9NazeXsvB+qSC+95XPy5o6NgEcDF84YeQnu aQuKgLpsUz6eZKbS5fvG5bbJ9CeGe49fQEA= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: James Bottomley Commit 96201ae7bf97 ("OvmfPkg/AmdSev/SecretDxe: make secret location naming generic", 2020-12-15) replaced references to SEV with the generic term Confidential Computing, but missed the file header comment. Fix the naming in that header. Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Ashish Kalra Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Signed-off-by: James Bottomley --- OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c b/OvmfPkg/AmdSev/SecretDx= e/SecretDxe.c index 308022b5b25e..934ad207632b 100644 --- a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c +++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c @@ -1,5 +1,5 @@ /** @file - SEV Secret configuration table constructor + Confidential Computing Secret configuration table constructor =20 Copyright (C) 2020 James Bottomley, IBM Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#75568): https://edk2.groups.io/g/devel/message/75568 Mute This Topic: https://groups.io/mt/83074451/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 11:06:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+75569+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75569+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1621945614; cv=none; d=zohomail.com; s=zohoarc; b=NuIZrWEJmaPvfR4FbThIOTmxOOT4cI4kO8s7kge4aCaFTA5wSmjG/fBScr4zlgZCUFW4APrU0LphBGc2j5SiJ7GyOZa5/SHyEhCuXYWNsBrBg6d3c/1MCXZH0Bxik3S8+jDP3KED43wnX/zfPzxt+S/kqpK/TUwkPRS39I2ZHVM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1621945614; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=BUC9cZIiz4fqWtXvb/GpitmznDqs2eChvSFJ7PzCv8Q=; b=HHCk0PWvPaDgIU9/KJ/mnAijQivsruBtuYyCLxEuBvRcpUU+yGcZ9O+D3NtBBOfrkBewxz8V0M5DGgRC44huq4vUmBvGAij0s84wHtVdvk7by785Hv1Ah2xE0dPwvfeRBDR5BdWBaQ7PzmLZlJOzwN2I0/+u4l6GivTXDaZmYfc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75569+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1621945614117899.8141906492306; Tue, 25 May 2021 05:26:54 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id vwhcYY1788612xJoyHbv3rIW; Tue, 25 May 2021 05:26:53 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web08.5734.1621920688035829153 for ; Mon, 24 May 2021 22:31:28 -0700 X-Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14P57k4w098196; Tue, 25 May 2021 01:31:26 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rt5asfvw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:26 -0400 X-Received: from m0187473.ppops.net (m0187473.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14P58e2Q100803; Tue, 25 May 2021 01:31:25 -0400 X-Received: from ppma04wdc.us.ibm.com (1a.90.2fa9.ip4.static.sl-reverse.com [169.47.144.26]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rt5asfv8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:25 -0400 X-Received: from pps.filterd (ppma04wdc.us.ibm.com [127.0.0.1]) by ppma04wdc.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14P5RUKf007512; Tue, 25 May 2021 05:31:24 GMT X-Received: from b01cxnp22034.gho.pok.ibm.com (b01cxnp22034.gho.pok.ibm.com [9.57.198.24]) by ppma04wdc.us.ibm.com with ESMTP id 38psk9cdqu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 05:31:24 +0000 X-Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106]) by b01cxnp22034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14P5VNMo22151466 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 25 May 2021 05:31:23 GMT X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6CC0528060; Tue, 25 May 2021 05:31:23 +0000 (GMT) X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 28E9B2805C; Tue, 25 May 2021 05:31:23 +0000 (GMT) X-Received: from localhost.localdomain (unknown [9.2.130.16]) by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 25 May 2021 05:31:23 +0000 (GMT) From: Dov Murik To: devel@edk2.groups.io Cc: Dov Murik , Tobin Feldman-Fitzthum , Tobin Feldman-Fitzthum , Jim Cadden , James Bottomley , Hubertus Franke , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Ashish Kalra , Brijesh Singh , Erdem Aktas , Jiewen Yao , Min Xu , Tom Lendacky Subject: [edk2-devel] [PATCH v1 2/8] OvmfPkg: PlatformBootManagerLibGrub: Allow executing kernel via fw_cfg Date: Tue, 25 May 2021 05:31:10 +0000 Message-Id: <20210525053116.1533673-3-dovmurik@linux.ibm.com> In-Reply-To: <20210525053116.1533673-1-dovmurik@linux.ibm.com> References: <20210525053116.1533673-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: gCuWtYq00vD0j0WybQBy4VyzaYOWf_ut X-Proofpoint-GUID: zJukvR4VY6iwG-AWGkak09xsEzkGIRVW Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dovmurik@linux.ibm.com X-Gm-Message-State: p54OI038wp9nhob6A2w9InY1x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1621945613; bh=niPWlDXteoI34kXNz6XmgunotAUho+ForFLPvkvHbqA=; h=Cc:Date:From:Reply-To:Subject:To; b=lGGBYQtcwIpcGRBC2bWRQFyYwZE4+bid8A9kHETGYZJcpqA5Q7c3A4YfH0LfqxLQbX9 3sL7c1oIERb4WKGfQVNl5V5R9rnES+UckwrlmiOgXbIcj0iSieAa56hziJen4nPYpc8Pv hJHQ/0SZe6xsEFsn0QAke4UtEh031m9grtQ= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: James Bottomley Support QEMU's -kernel option. OvmfPkg/Library/PlatformBootManagerLibGrub/QemuKernel.c is an exact copy of OvmfPkg/Library/PlatformBootManagerLib/QemuKernel.c . Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Ashish Kalra Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Signed-off-by: James Bottomley --- OvmfPkg/AmdSev/AmdSevX64.dsc = | 1 + OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf = | 2 + OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h = | 11 +++++ OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c = | 5 ++ OvmfPkg/Library/PlatformBootManagerLibGrub/QemuKernel.c = | 50 ++++++++++++++++++++ 5 files changed, 69 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 66bbbc80cd18..f820e81fad27 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -283,6 +283,7 @@ [LibraryClasses.common.PEIM] CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuE= xceptionHandlerLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf + QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoad= ImageLib.inf PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf =20 diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManager= LibGrub.inf b/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManage= rLibGrub.inf index 9a806d17ec45..5f6f73d18470 100644 --- a/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub= .inf +++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub= .inf @@ -23,6 +23,7 @@ [Defines] =20 [Sources] BdsPlatform.c + QemuKernel.c PlatformData.c BdsPlatform.h =20 @@ -46,6 +47,7 @@ [LibraryClasses] BootLogoLib DevicePathLib PciLib + QemuLoadImageLib UefiLib PlatformBmPrintScLib Tcg2PhysicalPresenceLib diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h b/Ovm= fPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h index 748c63081920..f1d3a2906c00 100644 --- a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h +++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h @@ -172,4 +172,15 @@ PlatformInitializeConsole ( IN PLATFORM_CONSOLE_CONNECT_ENTRY *PlatformConsole ); =20 +/** + Loads and boots UEFI Linux via the FwCfg interface. + + @retval EFI_NOT_FOUND - The Linux kernel was not found + +**/ +EFI_STATUS +TryRunningQemuKernel ( + VOID + ); + #endif // _PLATFORM_SPECIFIC_BDS_PLATFORM_H_ diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c b/Ovm= fPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c index 5c92d4fc2b09..7cceeea4879c 100644 --- a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c @@ -1315,6 +1315,11 @@ PlatformBootManagerAfterConsole ( // Tcg2PhysicalPresenceLibProcessRequest (NULL); =20 + // + // Process QEMU's -kernel command line option + // + TryRunningQemuKernel (); + // // Perform some platform specific connect sequence // diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/QemuKernel.c b/Ovmf= Pkg/Library/PlatformBootManagerLibGrub/QemuKernel.c new file mode 100644 index 000000000000..c6255921779e --- /dev/null +++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/QemuKernel.c @@ -0,0 +1,50 @@ +/** @file + + Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include +#include +#include +#include + + +EFI_STATUS +TryRunningQemuKernel ( + VOID + ) +{ + EFI_STATUS Status; + EFI_HANDLE KernelImageHandle; + + Status =3D QemuLoadKernelImage (&KernelImageHandle); + if (EFI_ERROR (Status)) { + return Status; + } + + // + // Signal the EVT_SIGNAL_READY_TO_BOOT event + // + EfiSignalEventReadyToBoot(); + + REPORT_STATUS_CODE (EFI_PROGRESS_CODE, + (EFI_SOFTWARE_DXE_BS_DRIVER | EFI_SW_DXE_BS_PC_READY_TO_BOOT_EVENT)); + + // + // Start the image. + // + Status =3D QemuStartKernelImage (&KernelImageHandle); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: QemuStartKernelImage(): %r\n", __FUNCTION__, + Status)); + } + + QemuUnloadKernelImage (KernelImageHandle); + + return Status; +} --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#75569): https://edk2.groups.io/g/devel/message/75569 Mute This Topic: https://groups.io/mt/83074452/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 11:06:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+75572+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75572+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1621945617; cv=none; d=zohomail.com; s=zohoarc; b=WA61x1RH0SEwB709M2Nlj1yo+UdnQ1BK4dhUtTr94LGASKBrOysD33nTW+cZ18sg+YOtILEEZPW/0jw6rKHyjiQQRXPkdH46CsqFfEfbh+T1TLJ7foA8M9L8Z5UE6+bw/8ZoCpgUOZDsG/HWXs0oGdTh0YF+ulIHjiRAQczrqHY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1621945617; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=m7sKRKQgJfG4L5pUjv/Yr8Yc6d6U439Lrw3VGLQw3vM=; b=jkAbpmSoKCk+8px6I8MEzQXLlgYRIZvwfuMNbqiTDjNj8GQUIDQhADHDlA6WfxCM+qJoMrmiCW8Vm6em+XoafV9IvP7zsdAmTZMAGkjypU257EPjdGsrJYSLYJT4LIq+cMNJgNcvhYCiuzjmvgAAvmaPD6/5K+K77m0MC0yOXcY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75572+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1621945617016521.8889843408988; Tue, 25 May 2021 05:26:57 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id bb0iYY1788612xIAXdzXOOla; Tue, 25 May 2021 05:26:54 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web11.5675.1621920689489328976 for ; Mon, 24 May 2021 22:31:29 -0700 X-Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14P54bMA158032; Tue, 25 May 2021 01:31:27 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rryak590-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:27 -0400 X-Received: from m0098399.ppops.net (m0098399.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14P562Oh165502; Tue, 25 May 2021 01:31:26 -0400 X-Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com [169.55.91.170]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rryak57w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:25 -0400 X-Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1]) by ppma02wdc.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14P5RoWi027752; Tue, 25 May 2021 05:31:24 GMT X-Received: from b01cxnp22034.gho.pok.ibm.com (b01cxnp22034.gho.pok.ibm.com [9.57.198.24]) by ppma02wdc.us.ibm.com with ESMTP id 38psk9cdpu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 05:31:24 +0000 X-Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106]) by b01cxnp22034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14P5VNl526673534 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 25 May 2021 05:31:23 GMT X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B9CAB28064; Tue, 25 May 2021 05:31:23 +0000 (GMT) X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 74F3228059; Tue, 25 May 2021 05:31:23 +0000 (GMT) X-Received: from localhost.localdomain (unknown [9.2.130.16]) by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 25 May 2021 05:31:23 +0000 (GMT) From: Dov Murik To: devel@edk2.groups.io Cc: Dov Murik , Tobin Feldman-Fitzthum , Tobin Feldman-Fitzthum , Jim Cadden , James Bottomley , Hubertus Franke , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Ashish Kalra , Brijesh Singh , Erdem Aktas , Jiewen Yao , Min Xu , Tom Lendacky Subject: [edk2-devel] [PATCH v1 3/8] OvmfPkg/AmdSev: add a page to the MEMFD for firmware config hashes Date: Tue, 25 May 2021 05:31:11 +0000 Message-Id: <20210525053116.1533673-4-dovmurik@linux.ibm.com> In-Reply-To: <20210525053116.1533673-1-dovmurik@linux.ibm.com> References: <20210525053116.1533673-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 3aS0X-WNWUqUGWlwN3hzHTD8MO5Zpzsr X-Proofpoint-ORIG-GUID: Y_gwjytyj6PDk3uQvsGdGwWwaCYhCicA Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dovmurik@linux.ibm.com X-Gm-Message-State: fIPmpIhPVQ8qVLKFLrw2rDAFx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1621945614; bh=X38fbhH7BkUPj8y5jaq2ZabXeJNoljiQohuRQC4U9J0=; h=Cc:Date:From:Reply-To:Subject:To; b=Ywqv6SaU8+4MngsONpM9thzNuL3afUUsWNPT/YNrjCHjDWF4wz7C012ZIlkfc/DHU1i +ErXtEldfENXUI8NN9huI1bsPnrxGouDWSMOGgteKqgZ4qJyli6Ybf+7l9WOpTAhcVgB2 SbYXLIGzXidsU412XDIrqioOp2EQqBYtgB0= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: James Bottomley Reserve a page inside the MEMFD for the VMM to place an encrypted page containing GUID described hashes of firmware configurations. We do this so the page gets attested by the PSP and thus the untrusted VMM can't pass in different files from what the guest owner thinks. Declare this in the Reset Vector table using GUID 7255371f-3a3b-4b04-927b-1da6efa8d454 and a uint32_t table of a base and size value, identically to the secret block. Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Ashish Kalra Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Signed-off-by: James Bottomley --- OvmfPkg/OvmfPkg.dec | 6 ++++++ OvmfPkg/AmdSev/AmdSevX64.fdf | 3 +++ OvmfPkg/ResetVector/ResetVector.inf | 2 ++ OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 20 ++++++++++++++++++++ OvmfPkg/ResetVector/ResetVector.nasmb | 2 ++ 5 files changed, 33 insertions(+) diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec index 6ae733f6e39f..7cd29a60a436 100644 --- a/OvmfPkg/OvmfPkg.dec +++ b/OvmfPkg/OvmfPkg.dec @@ -321,6 +321,12 @@ [PcdsFixedAtBuild] gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|0x0|UINT32|0x42 gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize|0x0|UINT32|0x43 =20 + ## The base address and size of a hash table confirming allowed + # parameters to be passed in via the Qemu firmware configuration + # device + gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase|0x0|UINT32|0x47 + gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize|0x0|UINT32|0x48 + [PcdsDynamic, PcdsDynamicEx] gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10 diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index dd0030dbf189..6e1bb7723bd1 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -65,6 +65,9 @@ [FD.MEMFD] 0x00D000|0x001000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase|gUefiOvmfPkgTokenSpace= Guid.PcdOvmfSecGhcbBackupSize =20 +0x00E000|0x001000 +gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase|gUefiOvmfPkgTokenSpaceGuid= .PcdQemuHashTableSize + 0x010000|0x010000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpace= Guid.PcdOvmfSecPeiTempRamSize =20 diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/Rese= tVector.inf index dc38f68919cd..d028c92d8cfa 100644 --- a/OvmfPkg/ResetVector/ResetVector.inf +++ b/OvmfPkg/ResetVector/ResetVector.inf @@ -47,3 +47,5 @@ [Pcd] [FixedPcd] gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize + gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase + gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVe= ctor/Ia16/ResetVectorVtf0.asm index 9c0b5853a46f..7ec3c6e980c3 100644 --- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm +++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm @@ -47,7 +47,27 @@ TIMES (15 - ((guidedStructureEnd - guidedStructureStart = + 15) % 16)) DB 0 ; guidedStructureStart: =20 +; SEV Hash Table Block ; +; This describes the guest ram area where the hypervisor should +; install a table describing the hashes of certain firmware configuration +; device files that would otherwise be passed in unchecked. The current +; use is for the kernel, initrd and command line values, but others may be +; added. The data format is: +; +; base physical address (32 bit word) +; table length (32 bit word) +; +; GUID (SEV FW config hash block): 7255371f-3a3b-4b04-927b-1da6efa8d454 +; +sevFwHashBlockStart: + DD SEV_FW_HASH_BLOCK_BASE + DD SEV_FW_HASH_BLOCK_SIZE + DW sevFwHashBlockEnd - sevFwHashBlockStart + DB 0x1f, 0x37, 0x55, 0x72, 0x3b, 0x3a, 0x04, 0x4b + DB 0x92, 0x7b, 0x1d, 0xa6, 0xef, 0xa8, 0xd4, 0x54 +sevFwHashBlockEnd: + ; SEV Secret block ; ; This describes the guest ram area where the hypervisor should diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re= setVector.nasmb index 5fbacaed5f9d..8d0bab02f8cb 100644 --- a/OvmfPkg/ResetVector/ResetVector.nasmb +++ b/OvmfPkg/ResetVector/ResetVector.nasmb @@ -88,5 +88,7 @@ %define SEV_ES_AP_RESET_IP FixedPcdGet32 (PcdSevEsWorkAreaBase) %define SEV_LAUNCH_SECRET_BASE FixedPcdGet32 (PcdSevLaunchSecretBase) %define SEV_LAUNCH_SECRET_SIZE FixedPcdGet32 (PcdSevLaunchSecretSize) + %define SEV_FW_HASH_BLOCK_BASE FixedPcdGet32 (PcdQemuHashTableBase) + %define SEV_FW_HASH_BLOCK_SIZE FixedPcdGet32 (PcdQemuHashTableSize) %include "Ia16/ResetVectorVtf0.asm" =20 --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#75572): https://edk2.groups.io/g/devel/message/75572 Mute This Topic: https://groups.io/mt/83074456/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 11:06:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+75571+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75571+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1621945609; cv=none; d=zohomail.com; s=zohoarc; b=gJo/fj6ckTIW7nVcxnfl2G+6RN8Ao6RX5vcpQwXY+mHWZwW4Z8pjNbP9G06L22UMq0tRRVKoI4BMwpIiBzqERXc7vJIzG+jYHFKwbfZlJNsMrzl24VPd6+6xWyFxalmOkOinYm6OaUqmj9fd+LvcrPA07wDmIAmz0mMxcoMwgp0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1621945609; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=q2++Ze3NMJ7pH4Ib47Yv/K5Vgdk6MlXFZY89NaHjyw8=; b=KYPoPCEflCWkL9FXBKQtEtB7vS7rrvyokAyhaDHS+pOUS4a+RDaNGS3bYz3AcmbkWMTl6vNf3YQu1Xdy3XMl3LBhR2L8omwkq7RxV9pGUyz/GPzJQhJMuhk3lgus10fqAefB76D6xDj2SwhGay26fEK+af2rEX2U5eebx3BJVE4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75571+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1621945609337281.6177938529047; Tue, 25 May 2021 05:26:49 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id Juu0YY1788612xwsAF6CwLcL; Tue, 25 May 2021 05:26:48 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web09.5727.1621920689457513997 for ; Mon, 24 May 2021 22:31:29 -0700 X-Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14P53leU051071; Tue, 25 May 2021 01:31:27 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rtjy8y9g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:26 -0400 X-Received: from m0098394.ppops.net (m0098394.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14P54MBV055173; Tue, 25 May 2021 01:31:26 -0400 X-Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com [169.55.91.170]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rtjy8y8p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:26 -0400 X-Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1]) by ppma02wdc.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14P5ReRX027652; Tue, 25 May 2021 05:31:24 GMT X-Received: from b01cxnp22035.gho.pok.ibm.com (b01cxnp22035.gho.pok.ibm.com [9.57.198.25]) by ppma02wdc.us.ibm.com with ESMTP id 38psk9cdpy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 05:31:24 +0000 X-Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106]) by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14P5VOfl32637418 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 25 May 2021 05:31:24 GMT X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1226F2805A; Tue, 25 May 2021 05:31:24 +0000 (GMT) X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C25D328065; Tue, 25 May 2021 05:31:23 +0000 (GMT) X-Received: from localhost.localdomain (unknown [9.2.130.16]) by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 25 May 2021 05:31:23 +0000 (GMT) From: Dov Murik To: devel@edk2.groups.io Cc: Dov Murik , Tobin Feldman-Fitzthum , Tobin Feldman-Fitzthum , Jim Cadden , James Bottomley , Hubertus Franke , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Ashish Kalra , Brijesh Singh , Erdem Aktas , Jiewen Yao , Min Xu , Tom Lendacky Subject: [edk2-devel] [PATCH v1 4/8] OvmfPkg/QemuKernelLoaderFsDxe: Add ability to verify loaded items Date: Tue, 25 May 2021 05:31:12 +0000 Message-Id: <20210525053116.1533673-5-dovmurik@linux.ibm.com> In-Reply-To: <20210525053116.1533673-1-dovmurik@linux.ibm.com> References: <20210525053116.1533673-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: y20SaL_xzb7oM7AgNX25xVmNdAQJxA0L X-Proofpoint-ORIG-GUID: MoZ_3YB3uSNudDdIywdqbXCKMUsH4fvC Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dovmurik@linux.ibm.com X-Gm-Message-State: RWxS2bw5e8fCfbFNfnrAHO0Mx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1621945608; bh=Y1qLAVCydrnS5G8JtmIB1JqAnE77cL1i8SOtcJ8s1I4=; h=Cc:Date:From:Reply-To:Subject:To; b=njDQyyRYDoCv7pXgJjReTG/cjp1dil73zJKl7VAkOZnNbntYgbuHANbKWnJYd/eD0Bp rcPWhQN5kmP3MCfpJxoq0yPASz+F63nxeoxJNQDi7GBvTNXHqHNU1Q99UpigAc08H0Ioy kCHXghLpDv6183ooDn19Xac2Qobl3fuPMXk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: James Bottomley Allow registering a verifier which is then called for each blob passed via QEMU's fw_cfg. Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Ashish Kalra Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Signed-off-by: James Bottomley --- OvmfPkg/Include/Library/QemuFwCfgLib.h | 35 +++++++++++++++= +++++ OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c | 31 +++++++++++++++= ++ 2 files changed, 66 insertions(+) diff --git a/OvmfPkg/Include/Library/QemuFwCfgLib.h b/OvmfPkg/Include/Libra= ry/QemuFwCfgLib.h index 68002bb654e6..1095efad5878 100644 --- a/OvmfPkg/Include/Library/QemuFwCfgLib.h +++ b/OvmfPkg/Include/Library/QemuFwCfgLib.h @@ -173,5 +173,40 @@ QemuFwCfgFindFile ( OUT UINTN *Size ); =20 +/** + The verifier is used to abstract a hash verification operation when + A firmware config item is accessed via a filesystem and has some type + of integrity information passed in. + + @param[in] Name The name of the config file to verify. + @param[in] Buffer A pointer to the loaded config information. + @param[in] Size The size of the buffer. + + @retval EFI_SUCCESS The buffer verified OK. + + @retval EFI_ACCESS_DENIED The buffer failed the integrity check. + +**/ +typedef +RETURN_STATUS +(EFIAPI *FW_CFG_VERIFIER) ( + IN CONST CHAR16 *Name, + IN VOID *Buffer, + IN UINTN Size + ); + +/** + Register a verifier for the Firmware Configuration Filesystem to use + + @param[in] Verifier The verifier to register + + @retval EFI_SUCCESS The verifier was successfully registered +**/ +RETURN_STATUS +EFIAPI +RegisterFwCfgVerifier ( + IN FW_CFG_VERIFIER Verifier + ); + #endif =20 diff --git a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c b/OvmfPk= g/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c index b09ff6a3590d..9823d23d1005 100644 --- a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c +++ b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c @@ -982,6 +982,27 @@ FetchBlob ( return EFI_SUCCESS; } =20 +STATIC FW_CFG_VERIFIER mVerifier =3D NULL; + +/** + Register a verifier for the Firmware Configuration Filesystem to use + + @param[in] Verifier The verifier to register + + @retval EFI_SUCCESS The verifier was successfully registered +**/ +EFI_STATUS +EFIAPI +RegisterFwCfgVerifier ( + IN FW_CFG_VERIFIER Verifier + ) +{ + if (mVerifier !=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + mVerifier =3D Verifier; + return EFI_SUCCESS; +} =20 // // The entry point of the feature. @@ -1033,6 +1054,16 @@ QemuKernelLoaderFsDxeEntrypoint ( if (EFI_ERROR (Status)) { goto FreeBlobs; } + if (mVerifier !=3D NULL) { + Status =3D mVerifier ( + CurrentBlob->Name, + CurrentBlob->Data, + CurrentBlob->Size + ); + if (EFI_ERROR (Status)) { + goto FreeBlobs; + } + } mTotalBlobBytes +=3D CurrentBlob->Size; } KernelBlob =3D &mKernelBlob[KernelBlobTypeKernel]; --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#75571): https://edk2.groups.io/g/devel/message/75571 Mute This Topic: https://groups.io/mt/83074455/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 11:06:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+75573+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75573+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1621945616; cv=none; d=zohomail.com; s=zohoarc; b=ZTqxsCEU2H/3+r6WVEGlT2B+nyMHOg8IgCn5cFn8FzXInQkqWy952XxAJ9cK/rVSVWyD0U9q/nwHpI0YLI/JDUI64uURHiTy6nqfYTIbnOQ9todq87IkaONgpsR1LVxkhOZ+9tFyzB3AD/c3zYXTTjVslJcapsBuUZCiPepjkGg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1621945616; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=tE21Nq4WzuLV4WVhSyEndzjswuJm/9fVWk59fb/E3aA=; b=Xp3OeZlYv6TQWj+QjKY2U8Bz4tJJkg7/zh4dWzFlYlRMne/8go/qdUzeiuAgx/ymsRz7JnSkvJDEKHtoo5lnNCZ0oDXzmH/3f6uYvdgsiUz8L0EXEFFfU7u2IRCIhMHuUyZ/VrHPy6Sq8a5lr9z13mmDzk3t/0pdaVe1QD2picc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75573+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1621945616329857.2028487637687; Tue, 25 May 2021 05:26:56 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id r1AvYY1788612x53N02WAvQl; Tue, 25 May 2021 05:26:54 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web08.5735.1621920689848506006 for ; Mon, 24 May 2021 22:31:29 -0700 X-Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14P53lhn051080; Tue, 25 May 2021 01:31:27 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rtjy8y9t-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:27 -0400 X-Received: from m0098394.ppops.net (m0098394.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14P5Mun4158799; Tue, 25 May 2021 01:31:26 -0400 X-Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com [169.55.91.170]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rtjy8y8s-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:26 -0400 X-Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1]) by ppma02wdc.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14P5Rf1L027660; Tue, 25 May 2021 05:31:25 GMT X-Received: from b01cxnp22035.gho.pok.ibm.com (b01cxnp22035.gho.pok.ibm.com [9.57.198.25]) by ppma02wdc.us.ibm.com with ESMTP id 38psk9cdq1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 05:31:25 +0000 X-Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106]) by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14P5VOpf29753778 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 25 May 2021 05:31:24 GMT X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 65E3B2805A; Tue, 25 May 2021 05:31:24 +0000 (GMT) X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1ADD628060; Tue, 25 May 2021 05:31:24 +0000 (GMT) X-Received: from localhost.localdomain (unknown [9.2.130.16]) by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 25 May 2021 05:31:24 +0000 (GMT) From: Dov Murik To: devel@edk2.groups.io Cc: Dov Murik , Tobin Feldman-Fitzthum , Tobin Feldman-Fitzthum , Jim Cadden , James Bottomley , Hubertus Franke , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Ashish Kalra , Brijesh Singh , Erdem Aktas , Jiewen Yao , Min Xu , Tom Lendacky Subject: [edk2-devel] [PATCH v1 5/8] OvmfPkg/AmdSev: Add library to find encrypted hashes for the FwCfg device Date: Tue, 25 May 2021 05:31:13 +0000 Message-Id: <20210525053116.1533673-6-dovmurik@linux.ibm.com> In-Reply-To: <20210525053116.1533673-1-dovmurik@linux.ibm.com> References: <20210525053116.1533673-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: RyQTjJtX8Ub9y55kfdYaf5CWEA6brvCW X-Proofpoint-ORIG-GUID: uTsHHrNlk8WDbWdAyyMhj7FOPEwoxZ7e Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dovmurik@linux.ibm.com X-Gm-Message-State: iZeMRszYr9EWdvutjkUHJczHx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1621945614; bh=/MyZ55VQ9ZIpGtkdk463KsNuYvPxkZ7Yl/Htgx38fAA=; h=Cc:Date:From:Reply-To:Subject:To; b=Q9ilgn9FvebOavup0OJYl13xIUjef8VTGVh6Wok7LcX6tvy6vVblCMjal6ZeEOWm9Kf rfq53OewzEEAn1TTmpwQzg5jEhelxvJrdGESgCAY0Sn2g9L8IUIynYHCJd43RaAMEqeuj gyDxF8Ysm6ZC4FF0G1J2oIbKxZ00ej7aLlA= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: James Bottomley The library finds and checks out the encrypted page from the memfd and installs a finder routine for GUID described hashes if it checks out OK. Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Ashish Kalra Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Signed-off-by: James Bottomley Signed-off-by: Dov Murik --- OvmfPkg/OvmfPkg.dec | 4 + OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf | 34 ++++++ OvmfPkg/AmdSev/Include/Library/SevHashFinderLib.h | 47 ++++++++ OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c | 126 +++++++= +++++++++++++ 5 files changed, 212 insertions(+) diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec index 7cd29a60a436..36f0a2cb4cf9 100644 --- a/OvmfPkg/OvmfPkg.dec +++ b/OvmfPkg/OvmfPkg.dec @@ -18,8 +18,12 @@ [Defines] [Includes] Include Csm/Include + AmdSev/Include =20 [LibraryClasses] + ## @libraryclass Functions for extracting Sev Hashes from the MEMFD + SevHashFinderLib|AmdSev/Include/Library/SevHashFinderLib.h + ## @libraryclass Access bhyve's firmware control interface. BhyveFwCtlLib|Include/Library/BhyveFwCtlLib.h =20 diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index f820e81fad27..b4484ca07614 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -118,6 +118,7 @@ [SkuIds] !include MdePkg/MdeLibs.dsc.inc =20 [LibraryClasses] + SevHashFinderLib|OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLi= b.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseAcpiTimerLib.inf ResetSystemLib|OvmfPkg/Library/ResetSystemLib/BaseResetSystemLib.inf diff --git a/OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf b= /OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf new file mode 100644 index 000000000000..79ebf51baed0 --- /dev/null +++ b/OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf @@ -0,0 +1,34 @@ +## @file +# Provides the Secure Verification services for AMD SEV firmware config +# +# Copyright (C) 2021 James Bottomley, IBM Corporation. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D SevHashFinderLib + FILE_GUID =3D d8ef4e22-991a-4134-b285-1d970cfe2ca6 + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D SevHashFinderLib + CONSTRUCTOR =3D SevHashFinderLibConstructor + +[Sources] + SevHashFinderLib.c + +[Packages] + CryptoPkg/CryptoPkg.dec + MdePkg/MdePkg.dec + OvmfPkg/OvmfPkg.dec + +[LibraryClasses] + BaseCryptLib + BaseMemoryLib + PcdLib + +[FixedPcd] + gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase + gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize diff --git a/OvmfPkg/AmdSev/Include/Library/SevHashFinderLib.h b/OvmfPkg/Am= dSev/Include/Library/SevHashFinderLib.h new file mode 100644 index 000000000000..79d5039a649b --- /dev/null +++ b/OvmfPkg/AmdSev/Include/Library/SevHashFinderLib.h @@ -0,0 +1,47 @@ +/** @file + Validate a hash against that in the Sev Hash table + + Copyright (C) 2021 James Bottomley, IBM Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef __SEV_HASH_FINDER_LIB_H__ +#define __SEV_HASH_FINDER_LIB_H__ + +/** + The Sev Hash table must be in encrypted memory and has the table + and its entries described by + + |UINT16 | + + With the whole table GUID being 9438d606-4f22-4cc9-b479-a793d411fd21 + + The current possible table entries are for the kernel, the initrd + and the cmdline: + + 4de79437-abd2-427f-b835-d5b172d2045b kernel + 44baf731-3a2f-4bd7-9af1-41e29169781d initrd + 97d02dd8-bd20-4c94-aa78-e7714d36ab2a cmdline + + The size of the entry is used to identify the hash, but the + expectation is that it will be 32 bytes of SHA-256. +**/ + +#define SEV_HASH_TABLE_GUID \ + (GUID) { 0x9438d606, 0x4f22, 0x4cc9, { 0xb4, 0x79, 0xa7, 0x93, 0xd4, 0x1= 1, 0xfd, 0x21 } } +#define SEV_KERNEL_HASH_GUID \ + (GUID) { 0x4de79437, 0xabd2, 0x427f, { 0xb8, 0x35, 0xd5, 0xb1, 0x72, 0xd= 2, 0x04, 0x5b } } +#define SEV_INITRD_HASH_GUID \ + (GUID) { 0x44baf731, 0x3a2f, 0x4bd7, { 0x9a, 0xf1, 0x41, 0xe2, 0x91, 0x6= 9, 0x78, 0x1d } } +#define SEV_CMDLINE_HASH_GUID \ + (GUID) { 0x97d02dd8, 0xbd20, 0x4c94, { 0xaa, 0x78, 0xe7, 0x71, 0x4d, 0x3= 6, 0xab, 0x2a } } + +EFI_STATUS +EFIAPI +ValidateHashEntry ( + IN CONST GUID *Guid, + IN CONST VOID *Buf, + UINT32 BufSize +); + +#endif diff --git a/OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c b/O= vmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c new file mode 100644 index 000000000000..9cb999ae8cad --- /dev/null +++ b/OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c @@ -0,0 +1,126 @@ +/** @file + SEV Hash finder library to locate the SEV encrypted hash table + + Copyright (C) 2021 James Bottomley, IBM Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include +#include +#include + +#pragma pack (1) +typedef struct { + GUID Guid; + UINT16 Len; + UINT8 Data[]; +} HASH_TABLE; +#pragma pack () + +STATIC HASH_TABLE *mHashTable; +STATIC UINT16 mHashTableSize; + +EFI_STATUS +EFIAPI +ValidateHashEntry ( + IN CONST GUID *Guid, + IN CONST VOID *Buf, + UINT32 BufSize + ) +{ + INT32 Len; + HASH_TABLE *Entry; + UINT8 Hash[SHA256_DIGEST_SIZE]; + + if (mHashTable =3D=3D NULL || mHashTableSize =3D=3D 0) { + DEBUG ((DEBUG_ERROR, + "%a: Verifier Called but no hash table discoverd in MEMFD\n", + __FUNCTION__)); + return EFI_ACCESS_DENIED; + } + + Sha256HashAll (Buf, BufSize, Hash); + + for (Entry =3D mHashTable, Len =3D 0; + Len < (INT32)mHashTableSize; + Len +=3D Entry->Len, + Entry =3D (HASH_TABLE *)((UINT8 *)Entry + Entry->Len)) { + UINTN EntrySize; + EFI_STATUS Status; + + if (!CompareGuid (&Entry->Guid, Guid)) { + continue; + } + + DEBUG ((DEBUG_INFO, "%a: Found GUID %g in table\n", __FUNCTION__, Guid= )); + + // + // Verify that the buffer's hash is identical to the hash table entry + // + EntrySize =3D Entry->Len - sizeof (Entry->Guid) - sizeof (Entry->Len); + if (EntrySize !=3D SHA256_DIGEST_SIZE) { + DEBUG ((DEBUG_ERROR, "%a: Hash has the wrong size %d !=3D %d\n", + __FUNCTION__, EntrySize, SHA256_DIGEST_SIZE)); + return EFI_ACCESS_DENIED; + } + if (CompareMem (Entry->Data, Hash, EntrySize) =3D=3D 0) { + Status =3D EFI_SUCCESS; + DEBUG ((DEBUG_INFO, "%a: Hash Comparison succeeded\n", __FUNCTION__)= ); + } else { + Status =3D EFI_ACCESS_DENIED; + DEBUG ((DEBUG_ERROR, "%a: Hash Comparison Failed\n", __FUNCTION__)); + } + return Status; + } + DEBUG ((DEBUG_ERROR, "%a: Hash GUID %g not found in table\n", __FUNCTION= __, + Guid)); + return EFI_ACCESS_DENIED; +} + +/** + Register security measurement handler. + + This function always returns success, even if the table + can't be found. It only returns errors if an actual use + is made of the non-existent table because that indicates it + should have been present. + + @param ImageHandle ImageHandle of the loaded driver. + @param SystemTable Pointer to the EFI System Table. + + @retval EFI_SUCCESS The verifier tables were set up correctly +**/ +EFI_STATUS +EFIAPI +SevHashFinderLibConstructor ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + HASH_TABLE *Ptr =3D (void *)FixedPcdGet64 (PcdQemuHashTableBase); + UINT32 Size =3D FixedPcdGet32 (PcdQemuHashTableSize); + + mHashTable =3D NULL; + mHashTableSize =3D 0; + + if (Ptr =3D=3D NULL || Size =3D=3D 0) { + return EFI_SUCCESS; + } + + if (!CompareGuid (&Ptr->Guid, &SEV_HASH_TABLE_GUID)) { + return EFI_SUCCESS; + } + + DEBUG ((DEBUG_INFO, "%a: found Injected Hash in secure location\n", + __FUNCTION__)); + + mHashTable =3D (HASH_TABLE *)Ptr->Data; + mHashTableSize =3D Ptr->Len - sizeof (Ptr->Guid) - sizeof (Ptr->Len); + + DEBUG ((DEBUG_INFO, "%a: Ptr=3D%p, Size=3D%d\n", __FUNCTION__, mHashTabl= e, + mHashTableSize)); + + return EFI_SUCCESS; +} --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#75573): https://edk2.groups.io/g/devel/message/75573 Mute This Topic: https://groups.io/mt/83074457/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 11:06:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+75570+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75570+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1621945614; cv=none; d=zohomail.com; s=zohoarc; b=JsP5At2K1Jjc3RlD47VKrk8peolV/vIwc7cHZGFE5pT7xCAgowF/g1cnDTEbZh+dK0mxOXGPpSfvgvNROPiLzMrbYhoRXpTUikdR9X86j/kfMj8g8UacDU9NN1hsBYhixyEohW1S+EIRAzkYIA8AwQQBtwNL6nh8T/yETe8FAOQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1621945614; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=a3yvGl3+Q6J64gFXUswwWR31XodVCN1pulMV901k40k=; b=dycQNDCQf99RWAHcFt0Jdd+n4yHnIa9P5ciHrvQGI1sQsp9XDVMSBknXY8yh3OCeIkGUBt3EVH8IalvICCl9lxA9dRSt/xhkyOq4dg+9U7vl2ZHd+Ui85WwSrRHb5rscghrmo7X8doomIWANsUY1M4/NqpzJNOuDdKdrsA3dqD8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75570+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1621945614145858.9517127465876; Tue, 25 May 2021 05:26:54 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id EGPeYY1788612xtgHcMWt7Q0; Tue, 25 May 2021 05:26:53 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web11.5674.1621920689393294526 for ; Mon, 24 May 2021 22:31:29 -0700 X-Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14P5UViF191103; Tue, 25 May 2021 01:31:27 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 38ru5d80eg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:27 -0400 X-Received: from m0098396.ppops.net (m0098396.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14P5VQav193437; Tue, 25 May 2021 01:31:26 -0400 X-Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0a-001b2d01.pphosted.com with ESMTP id 38ru5d80dw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:26 -0400 X-Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14P5RVkA006022; Tue, 25 May 2021 05:31:25 GMT X-Received: from b01cxnp22035.gho.pok.ibm.com (b01cxnp22035.gho.pok.ibm.com [9.57.198.25]) by ppma05wdc.us.ibm.com with ESMTP id 38q65s8y6d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 05:31:25 +0000 X-Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106]) by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14P5VOjZ32899360 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 25 May 2021 05:31:24 GMT X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A82302805E; Tue, 25 May 2021 05:31:24 +0000 (GMT) X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6DED12805C; Tue, 25 May 2021 05:31:24 +0000 (GMT) X-Received: from localhost.localdomain (unknown [9.2.130.16]) by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 25 May 2021 05:31:24 +0000 (GMT) From: Dov Murik To: devel@edk2.groups.io Cc: Dov Murik , Tobin Feldman-Fitzthum , Tobin Feldman-Fitzthum , Jim Cadden , James Bottomley , Hubertus Franke , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Ashish Kalra , Brijesh Singh , Erdem Aktas , Jiewen Yao , Min Xu , Tom Lendacky Subject: [edk2-devel] [PATCH v1 6/8] OvmfPkg/AmdSev: Add firmware file plugin to verifier Date: Tue, 25 May 2021 05:31:14 +0000 Message-Id: <20210525053116.1533673-7-dovmurik@linux.ibm.com> In-Reply-To: <20210525053116.1533673-1-dovmurik@linux.ibm.com> References: <20210525053116.1533673-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 9P8qwpdWfHHqXpYf2V4xS4UTUilFI5hT X-Proofpoint-ORIG-GUID: VCeiyONcbx_9RJ1KdkI_Htj1O9_bLzyC Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dovmurik@linux.ibm.com X-Gm-Message-State: IUOIQAQjSd3gDAhxvuSyHuZFx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1621945613; bh=OzwFYwH9PUjnmpINEXSQH8ul8VeUrKoeHayKR+6ZYPA=; h=Cc:Date:From:Reply-To:Subject:To; b=aHQESf0NVyTQRCMlVic9s0QTBaFFbr8UqxfygKOqn/DArc9eY53/qRLMLmKzSuFLxoN Mxh/j5BKKDO+ec+QJag8AY+Ap5pds3MtISGlCKHnZ9rzix6SZMXoUXmXUYJ2X3+b/b/ri KXlouncKSGe3YGldpnSMnqQEYoT0DaHjXdg= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: James Bottomley Provide a library verifier that plugs into the QemuKernelLoaderFs hooks to verify the hashes against the SEV hash table (stored in encrypted memory). The verifier is enabled when SEV memory encryption is active. Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Ashish Kalra Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Signed-off-by: James Bottomley --- OvmfPkg/AmdSev/AmdSevX64.dsc | 5 +- OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.inf | 30 ++++++++= ++ OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.c | 60 ++++++++= ++++++++++++ 3 files changed, 94 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index b4484ca07614..bfb16798b3b7 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -697,7 +697,10 @@ [Components] NULL|MdeModulePkg/Library/BootManagerUiLib/BootManagerUiLib.inf NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanc= eManagerUiLib.inf } - OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf + OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf { + + NULL|OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.inf + } OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf OvmfPkg/Virtio10Dxe/Virtio10.inf OvmfPkg/VirtioBlkDxe/VirtioBlk.inf diff --git a/OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.inf b= /OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.inf new file mode 100644 index 000000000000..86d099455d55 --- /dev/null +++ b/OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.inf @@ -0,0 +1,30 @@ +## @file +# Provides the Secure Verification services for AMD SEV firmware config +# +# Copyright (C) 2021 James Bottomley, IBM Corporation. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D SevFwCfgVerifier + FILE_GUID =3D 33457c78-aae2-4511-9188-ac1fe88d03de + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DX= E_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + CONSTRUCTOR =3D SevFwCfgVerifierConstructor + +[Sources] + SevFwCfgVerifier.c + +[Packages] + MdePkg/MdePkg.dec + OvmfPkg/OvmfPkg.dec + +[LibraryClasses] + BaseLib + DebugLib + MemEncryptSevLib + SevHashFinderLib diff --git a/OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.c b/O= vmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.c new file mode 100644 index 000000000000..53b617a72aa9 --- /dev/null +++ b/OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.c @@ -0,0 +1,60 @@ +/** @file + AMD SEV Firmware Config file verifier + + Copyright (C) 2021 James Bottomley, IBM Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include +#include +#include + +STATIC EFI_STATUS +EFIAPI +SevFwCfgVerifier ( + IN CONST CHAR16 *Name, + IN VOID *Buffer, + IN UINTN Size + ) +{ + DEBUG ((DEBUG_INFO, "%a: Validating Hash of %s\n", __FUNCTION__, Name)); + + if (StrCmp (Name, L"kernel") =3D=3D 0) { + return ValidateHashEntry (&SEV_KERNEL_HASH_GUID, Buffer, Size); + } + if (StrCmp (Name, L"initrd") =3D=3D 0) { + return ValidateHashEntry (&SEV_INITRD_HASH_GUID, Buffer, Size); + } + + DEBUG ((DEBUG_ERROR, "%a: Failed to find Filename %s", __FUNCTION__, Nam= e)); + return EFI_SECURITY_VIOLATION; +} + +/** + Register security measurement handler. + + @param ImageHandle ImageHandle of the loaded driver. + @param SystemTable Pointer to the EFI System Table. + + @retval EFI_SUCCESS The handlers were registered successfully. +**/ +EFI_STATUS +EFIAPI +SevFwCfgVerifierConstructor ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + if (MemEncryptSevIsEnabled ()) { + DEBUG ((DEBUG_INFO, "Enabling hash verification of fw_cfg files")); + return RegisterFwCfgVerifier (SevFwCfgVerifier); + } else { + // + // Don't install verifier if SEV isn't enabled + // + DEBUG ((DEBUG_INFO, "NOT Enabling hash verification of fw_cfg files")); + return EFI_SUCCESS; + } +} --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#75570): https://edk2.groups.io/g/devel/message/75570 Mute This Topic: https://groups.io/mt/83074454/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 11:06:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+75574+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75574+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1621945610; cv=none; d=zohomail.com; s=zohoarc; b=Ve1Wx0hMxi+K8c7Pm+jkjYc1OM7uIfvFMq6rfCrXtnhYayV4phiyKFKn7CIVtWjVOn9yTpV2P8MNZyfckHFIr8xg3iZpzZ3QKmZZErPZwP9JVchqsp+I2JpTescllxqPLBksGcu7JKjNMzMb6RLkOvCv5ELJrRPiPfU+b6L5EOM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1621945610; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=GS5ZbEQnmn4MbgAoUlXGeQozkLd8DlRQywksIfw8OTE=; b=M5kk18Mbh//v05ockv5piiBWcOPVsfW72U3d8itWozdnG4xhq2nGTK6IC+Mu2R7lVAAMig61E+0sLK8Ypvr2lVsLF1asTUkEg0mc+jdLjgBJ4upYJTB06cLUFBczgYt5JQTy7Nz5PxACSPxmqfAQSzctgEAxcEoYvRpENZdUvx4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75574+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1621945610561216.48575223575313; Tue, 25 May 2021 05:26:50 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id jxu7YY1788612xhjvr6GvS58; Tue, 25 May 2021 05:26:50 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web12.5679.1621920690260977132 for ; Mon, 24 May 2021 22:31:30 -0700 X-Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14P57uol098564; Tue, 25 May 2021 01:31:28 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rt5asfx1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:28 -0400 X-Received: from m0187473.ppops.net (m0187473.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14P583It099387; Tue, 25 May 2021 01:31:27 -0400 X-Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rt5asfwj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:27 -0400 X-Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14P5S03n019752; Tue, 25 May 2021 05:31:26 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma01dal.us.ibm.com with ESMTP id 38psk91gm3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 05:31:26 +0000 X-Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14P5VPEL29950340 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 25 May 2021 05:31:25 GMT X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 09F092805A; Tue, 25 May 2021 05:31:25 +0000 (GMT) X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BA93228059; Tue, 25 May 2021 05:31:24 +0000 (GMT) X-Received: from localhost.localdomain (unknown [9.2.130.16]) by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 25 May 2021 05:31:24 +0000 (GMT) From: Dov Murik To: devel@edk2.groups.io Cc: Dov Murik , Tobin Feldman-Fitzthum , Tobin Feldman-Fitzthum , Jim Cadden , James Bottomley , Hubertus Franke , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Ashish Kalra , Brijesh Singh , Erdem Aktas , Jiewen Yao , Min Xu , Tom Lendacky Subject: [edk2-devel] [PATCH v1 7/8] OvmfPkg: GenericQemuLoadImageLib: Allow verifying fw_cfg command line Date: Tue, 25 May 2021 05:31:15 +0000 Message-Id: <20210525053116.1533673-8-dovmurik@linux.ibm.com> In-Reply-To: <20210525053116.1533673-1-dovmurik@linux.ibm.com> References: <20210525053116.1533673-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: 2nC5U7zhfjnRxaB8vTe2zSlM4XR0U7ul X-Proofpoint-GUID: 1s23Vl4yTy_VGWn3nPD1hSLAiRK5dxQj Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dovmurik@linux.ibm.com X-Gm-Message-State: CvcuAhruo0eeq9zd7jSlD5bYx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1621945610; bh=6QqgMrT8u6LFadXr2j1gxwIa7ms1N8U7L+rxfLuT1Qo=; h=Cc:Date:From:Reply-To:Subject:To; b=jPF396FLanZCEFFjI16oOPARkAWQ5CM0ACCpl0nawYRaKdazflKqs7uTzFMgP/8B/d0 mWRIf78eWTAh5GJLxklRfYMKEBKWH5FQlSdTentuL0iDKQX/OxBYvLKy8LyMZWaHBW3pz hoHvQPbZfJksx1mkfvW1ACe6kJVvZepWN+c= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: James Bottomley Add optional hook which calls a verifier with the content of the fw_cfg command line. Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Ashish Kalra Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Signed-off-by: James Bottomley --- OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c | 29 +++= +++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLi= b.c b/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c index 114db7e8441f..d3067dae1425 100644 --- a/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c +++ b/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c @@ -51,6 +51,28 @@ STATIC CONST KERNEL_VENMEDIA_FILE_DEVPATH mKernelDeviceP= ath =3D { } }; =20 +STATIC FW_CFG_VERIFIER mVerifier =3D NULL; + +/** + Register a verifier for the Firmware Configuration Filesystem to use + + @param[in] Verifier The verifier to register + + @retval EFI_SUCCESS The verifier was successfully registered +**/ +EFI_STATUS +EFIAPI +RegisterFwCfgVerifier ( + IN FW_CFG_VERIFIER Verifier + ) +{ + if (mVerifier !=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + mVerifier =3D Verifier; + return EFI_SUCCESS; +} + /** Download the kernel, the initial ramdisk, and the kernel command line fr= om QEMU's fw_cfg. The kernel will be instructed via its command line to load @@ -149,6 +171,13 @@ QemuLoadKernelImage ( goto FreeCommandLine; } =20 + if (mVerifier !=3D NULL) { + Status =3D mVerifier (NULL, CommandLine, CommandLineSize); + if (EFI_ERROR (Status)) { + goto FreeCommandLine; + } + } + // // Drop the terminating NUL, convert to UTF-16. // --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#75574): https://edk2.groups.io/g/devel/message/75574 Mute This Topic: https://groups.io/mt/83074458/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 11:06:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+75575+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75575+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1621945611; cv=none; d=zohomail.com; s=zohoarc; b=Nf0EXR/LGNHu8VIhnrrldV+ppd1NXN+jMgZpnH5N+AVP0vgS8jzoRmylYdYaBfqyJfpYJs+fS+AiQZX7giyENCG5rJ4UzLQ/hJWM6QKlZ6H20fT8u3Tq8qvpVV/DXQ+Bs/fKfQzz2W6F/q8K2D/etnNz2MMpmiF1unu22EVpBXg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1621945611; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=zs68+SHSvusjzOO4tivPfzEXo0i1FLig3cedIXURALY=; b=B7BESDO0BHfJKlor7ShU9STfFihvaSkFn7h2ziTN3KHneh9ltEXiW8hp8UWhWB6i6xRi2FhemRE8y7LcWo2x+NNXpAWnCwNNv1IPr+tV+v341XQEYlCAjMLSbsiP7BnbCTGQArrmvFtGXdLo2dj7GcsNgkI1/r1KstdArRFX4Ok= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+75575+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1621945611020190.80185020491183; Tue, 25 May 2021 05:26:51 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id iT5oYY1788612xFdhv1etc5O; Tue, 25 May 2021 05:26:50 -0700 X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web10.5678.1621920691622584728 for ; Mon, 24 May 2021 22:31:31 -0700 X-Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14P54dAD158091; Tue, 25 May 2021 01:31:29 -0400 X-Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rryak5ac-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:28 -0400 X-Received: from m0098399.ppops.net (m0098399.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14P55N6T162383; Tue, 25 May 2021 01:31:27 -0400 X-Received: from ppma03wdc.us.ibm.com (ba.79.3fa9.ip4.static.sl-reverse.com [169.63.121.186]) by mx0a-001b2d01.pphosted.com with ESMTP id 38rryak595-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 01:31:27 -0400 X-Received: from pps.filterd (ppma03wdc.us.ibm.com [127.0.0.1]) by ppma03wdc.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14P5R8tA025079; Tue, 25 May 2021 05:31:26 GMT X-Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma03wdc.us.ibm.com with ESMTP id 38psk94fkv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 May 2021 05:31:26 +0000 X-Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14P5VP1G29884910 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 25 May 2021 05:31:25 GMT X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 54D682805A; Tue, 25 May 2021 05:31:25 +0000 (GMT) X-Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 11D212805C; Tue, 25 May 2021 05:31:25 +0000 (GMT) X-Received: from localhost.localdomain (unknown [9.2.130.16]) by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 25 May 2021 05:31:25 +0000 (GMT) From: Dov Murik To: devel@edk2.groups.io Cc: Dov Murik , Tobin Feldman-Fitzthum , Tobin Feldman-Fitzthum , Jim Cadden , James Bottomley , Hubertus Franke , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Ashish Kalra , Brijesh Singh , Erdem Aktas , Jiewen Yao , Min Xu , Tom Lendacky Subject: [edk2-devel] [PATCH v1 8/8] OvmfPkg/AmdSev: add SevQemuLoadImageLib Date: Tue, 25 May 2021 05:31:16 +0000 Message-Id: <20210525053116.1533673-9-dovmurik@linux.ibm.com> In-Reply-To: <20210525053116.1533673-1-dovmurik@linux.ibm.com> References: <20210525053116.1533673-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: jMJpPhGvaSNYq3FMIOrBGGf5_Yybhgp0 X-Proofpoint-ORIG-GUID: LcmFT4nUExCBiOVq1Oyi9yiMgEBAQGGT Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dovmurik@linux.ibm.com X-Gm-Message-State: dhzWIzZJLIdI7P7WNI7AJipvx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1621945610; bh=sSZMmZQljairp6EAuj2jbfw9+0fwffwanhpSFygief0=; h=Cc:Date:From:Reply-To:Subject:To; b=w+5JZPkI8iKQMIvSsdP7TtHS6wNtmZWimm1Vl12V2t6U3SbIbxf6Dg4VDwT5rX49yFk DKtezprdcdagPibtZu+P45soigoukw1/Q9vxEKhS+pwpZh9BSb/eq5S4H/mciCZchBo2d q4ainAsq1KZqeT37N60Jeeh+z0OZc9pUqPU= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: James Bottomley This is a wrapper library around GenericQemuLoadImageLib which activates a verifier on the command line to check its hash against the one passed in via the SEV hash table. The verifier is enabled if SEV memory encryption is active. Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Ashish Kalra Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Signed-off-by: James Bottomley --- OvmfPkg/AmdSev/AmdSevX64.dsc | 4 +- OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.inf | 30 ++= +++++++++ OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.c | 52 ++= ++++++++++++++++++ 3 files changed, 84 insertions(+), 2 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index bfb16798b3b7..9db3d993dda0 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -284,7 +284,6 @@ [LibraryClasses.common.PEIM] CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuE= xceptionHandlerLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf - QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoad= ImageLib.inf PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf =20 @@ -372,7 +371,8 @@ [LibraryClasses.common.DXE_DRIVER] PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf - QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib= .inf + GenericQemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQ= emuLoadImageLib.inf + QemuLoadImageLib|OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadI= mageLib.inf !if $(TPM_ENABLE) =3D=3D TRUE Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i= nf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf diff --git a/OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib= .inf b/OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.inf new file mode 100644 index 000000000000..b87031f4d15a --- /dev/null +++ b/OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.inf @@ -0,0 +1,30 @@ +## @file +# Provides the Secure Verification services for AMD SEV firmware config +# +# Copyright (C) 2021 James Bottomley, IBM Corporation. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 1.27 + BASE_NAME =3D SevQemuLoadImageLib + FILE_GUID =3D 7ceec418-e1e3-42fb-91c5-56abc6d3744d + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D QemuLoadImageLib|DXE_DRIVER + CONSTRUCTOR =3D SevQemuLoadImageConstructor + +[Sources] + SevQemuLoadImageLib.c + +[Packages] + MdePkg/MdePkg.dec + OvmfPkg/OvmfPkg.dec + +[LibraryClasses] + DebugLib + GenericQemuLoadImageLib + MemEncryptSevLib + SevHashFinderLib diff --git a/OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib= .c b/OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.c new file mode 100644 index 000000000000..a44d296cea78 --- /dev/null +++ b/OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.c @@ -0,0 +1,52 @@ +/** @file + AMD SEV Firmware Config file verifier + + Copyright (C) 2021 James Bottomley, IBM Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +#include +#include +#include +#include + +STATIC EFI_STATUS +EFIAPI +SevCmdLineVerifier ( + IN CONST CHAR16 *Name, + IN VOID *Buffer, + IN UINTN Size + ) +{ + DEBUG ((DEBUG_INFO, "%a: Validating Hash\n", __FUNCTION__)); + + return ValidateHashEntry (&SEV_CMDLINE_HASH_GUID, Buffer, Size); +} + +/** + Register security measurement handler. + + @param ImageHandle ImageHandle of the loaded driver. + @param SystemTable Pointer to the EFI System Table. + + @retval EFI_SUCCESS The handlers were registered successfully. +**/ +EFI_STATUS +EFIAPI +SevQemuLoadImageConstructor ( + VOID + ) +{ + if (MemEncryptSevIsEnabled ()) { + DEBUG ((DEBUG_INFO, "Enabling hash verification of fw_cfg cmdline\n")); + return RegisterFwCfgVerifier (SevCmdLineVerifier); + } else { + // + // Don't install verifier if SEV isn't enabled + // + DEBUG ((DEBUG_INFO, "NOT Enabling hash verification of fw_cfg cmdline\= n")); + return EFI_SUCCESS; + } +} --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#75575): https://edk2.groups.io/g/devel/message/75575 Mute This Topic: https://groups.io/mt/83074459/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-