From nobody Mon Feb 9 09:16:21 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99531+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99531+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1675395179; cv=none; d=zohomail.com; s=zohoarc; b=khVAS3ZIKhdJzz/EfgAC0Ol814kXcHeb8DFAKOq0TPCPdDnMly3MCtIpLFIM2WGqzOfVZzK9iOXWl6Pq8AvP5CZGuGXPNeZPzAxgQm0nZYQm9b5l3muaWD5mR6W1d8c9yiuat1cDytuPtmzRycfvqM1+1uXLyrY2+nTLxBvHJKc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675395179; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=wZj0YBfs9Q+vBKsWgyOTYlAUXUb5AgAxxQjcvzGSGqc=; b=RnbUCP5ObD/srtCiHUOoIIoqtg0rVc6AS+ms4lJnDmvOncjLoZBcx5NFls9QKXTL8jxkzEbxJ5YsCBH5+EhYXCd5jjyv+/aQniu4fqH0E/hBEzjR2gm8iH/RqZLhkcX/qP9g3iPtea6vYVYnpSdSQI6CD54i5WLSWh9TrfUiCpQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99531+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675395179337143.4358524749922; Thu, 2 Feb 2023 19:32:59 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id VSH0YY1788612xCuAoH8dhFE; Thu, 02 Feb 2023 19:32:58 -0800 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web10.2968.1675395156718188401 for ; Thu, 02 Feb 2023 19:32:58 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10609"; a="328662908" X-IronPort-AV: E=Sophos;i="5.97,269,1669104000"; d="scan'208";a="328662908" X-Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Feb 2023 19:32:57 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10609"; a="911003832" X-IronPort-AV: E=Sophos;i="5.97,269,1669104000"; d="scan'208";a="911003832" X-Received: from mxu9-mobl1.ccr.corp.intel.com ([10.254.208.128]) by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Feb 2023 19:32:55 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min M Xu , Erdem Aktas , James Bottomley , Jiewen Yao , Gerd Hoffmann , Tom Lendacky , Michael Roth Subject: [edk2-devel] [PATCH V6 10/12] OvmfPkg/OvmfPkgX64: Measure TdHob and Configuration FV in SecMain Date: Fri, 3 Feb 2023 11:31:45 +0800 Message-Id: <20230203033147.1332-11-min.m.xu@intel.com> In-Reply-To: <20230203033147.1332-1-min.m.xu@intel.com> References: <20230203033147.1332-1-min.m.xu@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,min.m.xu@intel.com X-Gm-Message-State: X8ihZeVptKDlStchUUb3mlHux1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675395178; bh=6Oad7cLQAcj6KdfW+kk1RJE2fw+ba7rH2rGOnphLqAM=; h=Cc:Date:From:Reply-To:Subject:To; b=RxaSM0cXlTe50DZoXvwBdw8NG8d4rd6pFkHiNV8InX5oxUhGitOEe3qZc1VlqmQjz17 hQWnbh+HsjY1yQBUUJ5KPTi+JH+zqltUWHQQ5GlLq+eouz2Z6KSDoi1d18oa0F1MIZ2T3 01M05xVP7Qdfhw2aAsIPPP7rqz2fBeb38H8= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675395180178100021 Content-Type: text/plain; charset="utf-8" From: Min M Xu BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4243 TdHob and Configuration FV (Cfv) are external inputs from VMM. From the security perspective, they should be measured before they're consumed. This patch measures TdHob and Cfv and stores the measurement values in WorkArea. Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Gerd Hoffmann Cc: Tom Lendacky Cc: Michael Roth Acked-by: Gerd Hoffmann Reviewed-by: Jiewen Yao Signed-off-by: Min Xu --- OvmfPkg/Sec/SecMain.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c index a27dc9406b70..4bb3b641701e 100644 --- a/OvmfPkg/Sec/SecMain.c +++ b/OvmfPkg/Sec/SecMain.c @@ -760,6 +760,19 @@ SecCoreStartupWithStack ( =20 #if defined (TDX_GUEST_SUPPORTED) if (CcProbe () =3D=3D CcGuestTypeIntelTdx) { + // + // From the security perspective all the external input should be meas= ured before + // it is consumed. TdHob and Configuration FV (Cfv) image are passed f= rom VMM + // and should be measured here. + // + if (EFI_ERROR (TdxHelperMeasureTdHob ())) { + CpuDeadLoop (); + } + + if (EFI_ERROR (TdxHelperMeasureCfvImage ())) { + CpuDeadLoop (); + } + // // For Td guests, the memory map info is in TdHobLib. It should be pro= cessed // first so that the memory is accepted. Otherwise access to the unacc= epted --=20 2.29.2.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99531): https://edk2.groups.io/g/devel/message/99531 Mute This Topic: https://groups.io/mt/96716615/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-