From nobody Sun Feb  8 23:26:58 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+89958+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+89958+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=intel.com
ARC-Seal: i=1; a=rsa-sha256; t=1653285378; cv=none;
	d=zohomail.com; s=zohoarc;
	b=OFAs39qQr49cDoH/3xGgq4ne7vMQ+tiGK7SFfKfx2g8UtXrfuZeMzuRzoniCRGWEFObV40Gisn0fGcgasCw3SWih8kJEk1q5t3UBXT69Th30EfQQD7CJkRD4PYVYB5wHziB8msGymMWWkdssAYkeC3KaWgWXL2ZD5x+XKSlgJWQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1653285378;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=hX8w8U+jRqXY/mDMW+rwSRvsKIqjgYEJw6HTSLPVdvE=;
	b=XOkqu77z829bzhRmhq4g7P8YiuUmQzy1+yFNXLbs2lIX30ZohmRPbPEs2SR7Sx44r7BYggmd8Wlvja9fbUmQq2F6R3EDU6AHCH93WZpzR62DcxRa5g8w9EUTaK96v8y2fE7zglTyuhjsNH3PW4c6SawZ1kYKZi8OXshfo2Wp5+k=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+89958+1787277+3901457@groups.io;
	dmarc=fail header.from=<min.m.xu@intel.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1653285378820396.24180245922093;
 Sun, 22 May 2022 22:56:18 -0700 (PDT)
Return-Path: <bounce+27952+89958+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id wvv5YY1788612x8uPJYU4Kp1;
 Sun, 22 May 2022 22:56:13 -0700
X-Received: from mga09.intel.com (mga09.intel.com [134.134.136.24])
 by mx.groups.io with SMTP id smtpd.web10.24058.1653285360652591392
 for <devel@edk2.groups.io>;
 Sun, 22 May 2022 22:56:12 -0700
X-IronPort-AV: E=McAfee;i="6400,9594,10355"; a="272833121"
X-IronPort-AV: E=Sophos;i="5.91,245,1647327600";
   d="scan'208";a="272833121"
X-Received: from orsmga008.jf.intel.com ([10.7.209.65])
  by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 22 May 2022 22:56:11 -0700
X-IronPort-AV: E=Sophos;i="5.91,245,1647327600";
   d="scan'208";a="600459821"
X-Received: from mxu9-mobl1.ccr.corp.intel.com ([10.249.174.148])
  by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 22 May 2022 22:56:09 -0700
From: "Min Xu" <min.m.xu@intel.com>
To: devel@edk2.groups.io
Cc: Min Xu <min.m.xu@intel.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Ashish Kalra <ashish.kalra@amd.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Erdem Aktas <erdemaktas@google.com>,
	James Bottomley <jejb@linux.ibm.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Gerd Hoffmann <kraxel@redhat.com>
Subject: [edk2-devel] [PATCH 4/4] OvmfPkg: Call MeasureKernelBlob after fetch
 from fw_cfg
Date: Mon, 23 May 2022 13:55:42 +0800
Message-Id: 
 <c27a97ab34fb80a27f409ca6be8a618cf6415277.1653284206.git.min.m.xu@intel.com>
In-Reply-To: <cover.1653284206.git.min.m.xu@intel.com>
References: <cover.1653284206.git.min.m.xu@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,min.m.xu@intel.com
X-Gm-Message-State: BsynnCXNnsmo7QHzHxHEOiAYx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1653285373;
 bh=rKqtZG8mtwf9cfPuK7tNEJQLbJQUDAbvXhevl/9gn/4=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=N7bzLcW5UDVv9nDNBl+w9niAYxl1mTzvMI2o1m+92srutONiRh098WJWc4ADPGXWWzB
 W31axW0jCh3rgPosK13ncXFORSE8Pr/Oe5BBh3xF+vOERWJwGJWCkHrxLmoTOzaaWhTcZ
 RWwlk89bhf5ZWyealG/nQBgKFVd9Wur1DGc=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1653285379103100001
Content-Type: text/plain; charset="utf-8"

In QemuKernelLoaderFsDxeEntrypoint we use FetchBlob to read the content
of the kernel/initrd/cmdline from the QEMU fw_cfg interface.  Insert a
call to MeasureKernelBlob after fetching to allow BlobMeasurementLib
implementations to add a measurement step for these blobs.

This will allow confidential computing OVMF builds to add measurement
mechanisms for these blobs that originate from an untrusted source
(QEMU).

In current platforms in OvmfPkg, only IntelTdx supports blob measurement.
So OvmfPkg/IntelTdx/IntelTdxX64.dsc is updated to use
OvmfPkg/IntelTdx/BlobMeasurementLibTdx/BlobMeasurementLibTdx.inf. Other
dsc are using the null implementation of BlobMeasurementLibNull.inf.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ashish Kalra <ashish.kalra@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 OvmfPkg/IntelTdx/IntelTdxX64.dsc                    |  1 +
 .../QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c   | 13 +++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6=
4.dsc
index 00bc1255bc4e..2887047316b6 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
@@ -611,6 +611,7 @@
   OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf {
     <LibraryClasses>
       NULL|OvmfPkg/Library/BlobVerifierLibNull/BlobVerifierLibNull.inf
+      NULL|OvmfPkg/IntelTdx/BlobMeasurementLibTdx/BlobMeasurementLibTdx.inf
   }
   OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
   OvmfPkg/Virtio10Dxe/Virtio10.inf
diff --git a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c b/OvmfPk=
g/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
index d4f3cd92255f..6720dae1d06c 100644
--- a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
+++ b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
@@ -18,6 +18,7 @@
 #include <Library/BaseLib.h>
 #include <Library/BaseMemoryLib.h>
 #include <Library/BlobVerifierLib.h>
+#include <Library/BlobMeasurementLib.h>
 #include <Library/DebugLib.h>
 #include <Library/DevicePathLib.h>
 #include <Library/MemoryAllocationLib.h>
@@ -1074,6 +1075,18 @@ QemuKernelLoaderFsDxeEntrypoint (
       goto FreeBlobs;
     }
=20
+    if ((CurrentBlob->Data > 0) && (CurrentBlob->Size > 0)) {
+      Status =3D MeasureKernelBlob (
+                 CurrentBlob->Name,
+                 sizeof (CurrentBlob->Name),
+                 CurrentBlob->Data,
+                 CurrentBlob->Size
+                 );
+      if (EFI_ERROR (Status)) {
+        goto FreeBlobs;
+      }
+    }
+
     mTotalBlobBytes +=3D CurrentBlob->Size;
   }
=20
--=20
2.29.2.windows.2



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89958): https://edk2.groups.io/g/devel/message/89958
Mute This Topic: https://groups.io/mt/91282950/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-