From nobody Mon Feb 9 16:19:22 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99114+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99114+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1674778300; cv=none; d=zohomail.com; s=zohoarc; b=gVFMJmoqxvtxjHnxvvE1yrI2Quj983W7bpTVtG/GB//8+SL1S9rw+ssFu85G/AjCQt0HUOEEJwSC+1gMlJXNPNa9DSdhJePKSJCoYLbYCcG97OplRVy79bvLK9eSzZCmCal2eHR5Jkp1d3WeVXk5jEID8HPRa99Qky0nPClVIXI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1674778300; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=dFbv64Q8tGaxpYNIjS9sOkRlnJHcGCttWmH/CyDJIB0=; b=HH2Q2RO0alLa5lQaIVQbzWN0lTJdWP89GSx+X4kNA0zXK2IzyF7xfGfUO5RlXfKQYQZKPcHTFjf3PTsBe+tncQlBvvcaMjo///8cDx6mXmp2Hx60uyykvdpHVqeVgD+aYlk+YeZB0p/JsPGPfU/d2TJ98B4ZLX3k0WecA2I2z50= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99114+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1674778300537527.8530839213996; Thu, 26 Jan 2023 16:11:40 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id a5tcYY1788612xerIyJIovDR; Thu, 26 Jan 2023 16:11:40 -0800 X-Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web11.91010.1674778280571183584 for ; Thu, 26 Jan 2023 16:11:39 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10602"; a="314942401" X-IronPort-AV: E=Sophos;i="5.97,249,1669104000"; d="scan'208";a="314942401" X-Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Jan 2023 16:11:39 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10602"; a="695335743" X-IronPort-AV: E=Sophos;i="5.97,249,1669104000"; d="scan'208";a="695335743" X-Received: from mxu9-mobl1.ccr.corp.intel.com ([10.254.209.180]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Jan 2023 16:11:36 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min M Xu , Erdem Aktas , James Bottomley , Jiewen Yao , Gerd Hoffmann , Tom Lendacky , Michael Roth Subject: [edk2-devel] [PATCH V4 07/12] OvmfPkg/PeilessStartupLib: Call TdxHelperBuildGuidHobForTdxMeasurement Date: Fri, 27 Jan 2023 08:11:01 +0800 Message-Id: <20230127001106.2038-8-min.m.xu@intel.com> In-Reply-To: <20230127001106.2038-1-min.m.xu@intel.com> References: <20230127001106.2038-1-min.m.xu@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,min.m.xu@intel.com X-Gm-Message-State: I6WdDRm47OAUWTqcnMlqAeGex1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1674778300; bh=vdvfKeAdcS2ApzlHKSBbQd530js+yHk7JEnFsru3d2k=; h=Cc:Date:From:Reply-To:Subject:To; b=SZJTCeHsEJXutA3o5SrvbCHsvVNc6MnUzGzqDtesA6rb7sYQ2RgnrF5Sdd8XsQ2VCRp FZAyT0ANndaxd7pFF66EwHdF1WU+f+dAsT7bFVz15Yhikw7spO0MBgvAA8AP7aXn89cKp QNLEr3PyyNVpWljBfvTaOmDCssiNKq+go08= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1674778301258100017 Content-Type: text/plain; charset="utf-8" From: Min M Xu BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4243 TdxHelperBuildGuidHobForTdxMeasurement builds GuidHob for tdx-measurement which is measured in SEC phase. This function is exported by TdxHelperLib. It is designed to replace below functions in PeilessStartupLib: - MeasureHobList - MeasureFvImage So the codes related to above 2 functions are deleted as well. Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Gerd Hoffmann Cc: Tom Lendacky Cc: Michael Roth Signed-off-by: Min Xu --- OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 - OvmfPkg/Library/PeilessStartupLib/IntelTdx.c | 114 ------------------ .../PeilessStartupLib/PeilessStartup.c | 16 +-- .../PeilessStartupInternal.h | 36 ------ .../PeilessStartupLib/PeilessStartupLib.inf | 7 -- 5 files changed, 3 insertions(+), 173 deletions(-) diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6= 4.dsc index 920f1c6080d4..41de2e942817 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -548,11 +548,8 @@ OvmfPkg/IntelTdx/Sec/SecMain.inf { NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompre= ssLib.inf - TpmMeasurementLib|SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMea= surementLibTdx.inf NULL|OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelperLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf - HashLib|SecurityPkg/Library/HashLibTdx/HashLibTdx.inf - NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf } =20 # diff --git a/OvmfPkg/Library/PeilessStartupLib/IntelTdx.c b/OvmfPkg/Library= /PeilessStartupLib/IntelTdx.c index 8c2a031ee9c7..4bc6f5e95e63 100644 --- a/OvmfPkg/Library/PeilessStartupLib/IntelTdx.c +++ b/OvmfPkg/Library/PeilessStartupLib/IntelTdx.c @@ -32,65 +32,6 @@ typedef struct { #define FV_HANDOFF_TABLE_DESC "Fv(XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX)" typedef PLATFORM_FIRMWARE_BLOB2_STRUCT CFV_HANDOFF_TABLE_POINTERS2; =20 -/** - Measure the Hoblist passed from the VMM. - - @param[in] VmmHobList The Hoblist pass the firmware - - @retval EFI_SUCCESS Fv image is measured successfully - or it has been already measured. - @retval Others Other errors as indicated -**/ -EFI_STATUS -EFIAPI -MeasureHobList ( - IN CONST VOID *VmmHobList - ) -{ - EFI_PEI_HOB_POINTERS Hob; - TDX_HANDOFF_TABLE_POINTERS2 HandoffTables; - EFI_STATUS Status; - - if (!TdIsEnabled ()) { - ASSERT (FALSE); - return EFI_UNSUPPORTED; - } - - Hob.Raw =3D (UINT8 *)VmmHobList; - - // - // Parse the HOB list until end of list. - // - while (!END_OF_HOB_LIST (Hob)) { - Hob.Raw =3D GET_NEXT_HOB (Hob); - } - - // - // Init the log event for HOB measurement - // - - HandoffTables.TableDescriptionSize =3D sizeof (HandoffTables.TableDescri= ption); - CopyMem (HandoffTables.TableDescription, HANDOFF_TABLE_DESC, sizeof (Han= doffTables.TableDescription)); - HandoffTables.NumberOfTables =3D 1; - CopyGuid (&(HandoffTables.TableEntry[0].VendorGuid), &gUefiOvmfPkgTokenS= paceGuid); - HandoffTables.TableEntry[0].VendorTable =3D (VOID *)VmmHobList; - - Status =3D TpmMeasureAndLogData ( - 1, // PCRIndex - EV_EFI_HANDOFF_TABLES2, // EventType - (VOID *)&HandoffTables, // EventData - sizeof (HandoffTables), // EventSize - (UINT8 *)(UINTN)VmmHobList, // HashData - (UINTN)((UINT8 *)Hob.Raw - (UINT8 *)VmmHobList) // HashDataLen - ); - - if (EFI_ERROR (Status)) { - ASSERT (FALSE); - } - - return Status; -} - /** * Build GuidHob for Tdx measurement. * @@ -315,58 +256,3 @@ InternalBuildGuidHobForTdxMeasurement ( =20 return EFI_SUCCESS; } - -/** - Measure FV image. - - @param[in] FvBase Base address of FV image. - @param[in] FvLength Length of FV image. - @param[in] PcrIndex Index of PCR - - @retval EFI_SUCCESS Fv image is measured successfully - or it has been already measured. - @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event. - @retval EFI_DEVICE_ERROR The command was unsuccessful. - -**/ -EFI_STATUS -EFIAPI -MeasureFvImage ( - IN EFI_PHYSICAL_ADDRESS FvBase, - IN UINT64 FvLength, - IN UINT8 PcrIndex - ) -{ - EFI_STATUS Status; - CFV_HANDOFF_TABLE_POINTERS2 FvBlob2; - VOID *FvName; - - // - // Init the log event for FV measurement - // - FvBlob2.BlobDescriptionSize =3D sizeof (FvBlob2.BlobDescription); - CopyMem (FvBlob2.BlobDescription, FV_HANDOFF_TABLE_DESC, sizeof (FvBlob2= .BlobDescription)); - FvName =3D GetFvName (FvBase, FvLength); - if (FvName !=3D NULL) { - AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDes= cription), "Fv(%g)", FvName); - } - - FvBlob2.BlobBase =3D FvBase; - FvBlob2.BlobLength =3D FvLength; - - Status =3D TpmMeasureAndLogData ( - 1, // PCRIndex - EV_EFI_PLATFORM_FIRMWARE_BLOB2, // EventType - (VOID *)&FvBlob2, // EventData - sizeof (FvBlob2), // EventSize - (UINT8 *)(UINTN)FvBase, // HashData - (UINTN)(FvLength) // HashDataLen - ); - - if (EFI_ERROR (Status)) { - DEBUG ((DEBUG_ERROR, "The FV which failed to be measured starts at: 0x= %x\n", FvBase)); - ASSERT (FALSE); - } - - return Status; -} diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c b/OvmfPkg/L= ibrary/PeilessStartupLib/PeilessStartup.c index 928120d183ba..164aa2d61911 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include #include @@ -139,13 +140,11 @@ PeilessStartup ( UINT32 DxeCodeSize; TD_RETURN_DATA TdReturnData; VOID *VmmHobList; - UINT8 *CfvBase; =20 Status =3D EFI_SUCCESS; BootFv =3D NULL; VmmHobList =3D NULL; SecCoreData =3D (EFI_SEC_PEI_HAND_OFF *)Context; - CfvBase =3D (UINT8 *)(UINTN)FixedPcdGet32 (PcdCfvBase); =20 ZeroMem (&PlatformInfoHob, sizeof (PlatformInfoHob)); =20 @@ -177,18 +176,9 @@ PeilessStartup ( =20 if (TdIsEnabled ()) { // - // Measure HobList + // Build GuidHob for the tdx measurements which were done in SEC phase. // - Status =3D MeasureHobList (VmmHobList); - if (EFI_ERROR (Status)) { - ASSERT (FALSE); - CpuDeadLoop (); - } - - // - // Measure Tdx CFV - // - Status =3D MeasureFvImage ((EFI_PHYSICAL_ADDRESS)(UINTN)CfvBase, Fixed= PcdGet32 (PcdCfvRawDataSize), 1); + Status =3D TdxHelperBuildGuidHobForTdxMeasurement (); if (EFI_ERROR (Status)) { ASSERT (FALSE); CpuDeadLoop (); diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupInternal.h b/O= vmfPkg/Library/PeilessStartupLib/PeilessStartupInternal.h index f56bc3578e5e..158196271962 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupInternal.h +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupInternal.h @@ -58,40 +58,4 @@ EFIAPI ConstructSecHobList ( ); =20 -/** - Measure the Hoblist passed from the VMM. - - @param[in] VmmHobList The Hoblist pass the firmware - - @retval EFI_SUCCESS Fv image is measured successfully - or it has been already measured. - @retval Others Other errors as indicated -**/ -EFI_STATUS -EFIAPI -MeasureHobList ( - IN CONST VOID *VmmHobList - ); - -/** - Measure FV image. - - @param[in] FvBase Base address of FV image. - @param[in] FvLength Length of FV image. - @param[in] PcrIndex Index of PCR - - @retval EFI_SUCCESS Fv image is measured successfully - or it has been already measured. - @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event. - @retval EFI_DEVICE_ERROR The command was unsuccessful. - -**/ -EFI_STATUS -EFIAPI -MeasureFvImage ( - IN EFI_PHYSICAL_ADDRESS FvBase, - IN UINT64 FvLength, - IN UINT8 PcrIndex - ); - #endif diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf b/Ovmf= Pkg/Library/PeilessStartupLib/PeilessStartupLib.inf index f9012ccd68d0..5be6baf2cef8 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf @@ -57,8 +57,6 @@ PrePiLib QemuFwCfgLib PlatformInitLib - HashLib - TpmMeasurementLib =20 [Guids] gEfiHobMemoryAllocModuleGuid @@ -70,9 +68,6 @@ gEfiNonCcFvGuid =20 [Pcd] - gUefiOvmfPkgTokenSpaceGuid.PcdCfvBase - gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataOffset - gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataSize gUefiOvmfPkgTokenSpaceGuid.PcdBfvBase gUefiOvmfPkgTokenSpaceGuid.PcdBfvRawDataOffset gUefiOvmfPkgTokenSpaceGuid.PcdBfvRawDataSize @@ -89,5 +84,3 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize - gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase - gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase --=20 2.29.2.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99114): https://edk2.groups.io/g/devel/message/99114 Mute This Topic: https://groups.io/mt/96556338/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-