From nobody Mon Feb 9 07:05:36 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99218+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99218+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1674914359; cv=none; d=zohomail.com; s=zohoarc; b=HQhLWocl2cy7BCi84NZxJ7Gtiw5WqLl+qfXxKIy7TIlSYIQt+te7yQTvdd6/kvLqQxCMQtzJMrIma/2j5xYP3Krkdq0wxQKpDdSHOeb1iSAo5Mb8n69fiDoVMV66I7xZvyMk8UUfmNuWJpXC+47j2xy5PZaR4Meecy6c5PnEXJU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1674914359; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=N2FE73uXpq99aLAiCmo7c+XeXA3yNdDgfP/d/rCOoNY=; b=lvF0dI/za2VM/3II8BkE6Id6PM/FqkTCdlvV+mShsUYHexcy+Y/INbp93NOsM4qWpmURBwIwrK4J32A0EqsNLehZnJgTtJta90NKxs1PgFX7OllmCNcCqNcKuMzq4B34PL5RiMweRm6KmW+N9aaiqe8NaEKjjtQzUEUGltp5Bb8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99218+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1674914359058604.6194441453999; Sat, 28 Jan 2023 05:59:19 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id sf9eYY1788612xlgZhzh9UQe; Sat, 28 Jan 2023 05:59:18 -0800 X-Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web10.13668.1674914336767550554 for ; Sat, 28 Jan 2023 05:59:18 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10604"; a="389670764" X-IronPort-AV: E=Sophos;i="5.97,254,1669104000"; d="scan'208";a="389670764" X-Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Jan 2023 05:59:17 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10604"; a="787512615" X-IronPort-AV: E=Sophos;i="5.97,254,1669104000"; d="scan'208";a="787512615" X-Received: from mxu9-mobl1.ccr.corp.intel.com ([10.255.31.196]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Jan 2023 05:59:14 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min M Xu , Erdem Aktas , James Bottomley , Jiewen Yao , Gerd Hoffmann , Tom Lendacky , Michael Roth Subject: [edk2-devel] [PATCH V5 08/13] OvmfPkg/IntelTdx: Measure TdHob and Configuration FV in SecMain Date: Sat, 28 Jan 2023 21:58:37 +0800 Message-Id: <20230128135842.980-9-min.m.xu@intel.com> In-Reply-To: <20230128135842.980-1-min.m.xu@intel.com> References: <20230128135842.980-1-min.m.xu@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,min.m.xu@intel.com X-Gm-Message-State: NRpsSACxjNf64SaW9ZFN0xv8x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1674914358; bh=QlFffVbMhte2fTDMiI4fS7spFhI2rb4O1LKMfAihGgU=; h=Cc:Date:From:Reply-To:Subject:To; b=jB5NjXQbwNvzwSUEMe+zXjFbUBG5gZ8Ji0qvsgCKzdaamSUKWQBVOMZU+E3VjD6arZu pdfPWFMJ7vhXdB+QcJHt6WP3tqDZqaC/ebipiBMnAQ7/P6vXxV8KMMrUxKQkOwWpT/QLi SI1cl5I/vUvN0FKJx6IANTppxk5/UCbFUGo= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1674914360984100001 Content-Type: text/plain; charset="utf-8" From: Min M Xu BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4243 TdHob and Configuration FV (Cfv) are external inputs from VMM. From the security perspective, they should be measured before they're consumed. This patch measures TdHob and Cfv and stores the measurement values in WorkArea. Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Gerd Hoffmann Cc: Tom Lendacky Cc: Michael Roth Signed-off-by: Min Xu --- OvmfPkg/IntelTdx/Sec/SecMain.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/OvmfPkg/IntelTdx/Sec/SecMain.c b/OvmfPkg/IntelTdx/Sec/SecMain.c index 41bd5c66ba29..ccb217b709a0 100644 --- a/OvmfPkg/IntelTdx/Sec/SecMain.c +++ b/OvmfPkg/IntelTdx/Sec/SecMain.c @@ -62,6 +62,19 @@ SecCoreStartupWithStack ( volatile UINT8 *Table; =20 if (CcProbe () =3D=3D CcGuestTypeIntelTdx) { + // + // From the security perspective all the external input should be meas= ured before + // it is consumed. TdHob and Configuration FV (Cfv) image are passed f= rom VMM + // and should be measured here. + // + if (EFI_ERROR (TdxHelperMeasureTdHob ())) { + CpuDeadLoop (); + } + + if (EFI_ERROR (TdxHelperMeasureCfvImage ())) { + CpuDeadLoop (); + } + // // For Td guests, the memory map info is in TdHobLib. It should be pro= cessed // first so that the memory is accepted. Otherwise access to the unacc= epted --=20 2.29.2.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99218): https://edk2.groups.io/g/devel/message/99218 Mute This Topic: https://groups.io/mt/96587222/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-