From: Min M Xu <min.m...@intel.com>
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
>From the perspective of security any external input should be measured
and extended to some registers (TPM PCRs or TDX RTMR registers).
There are below 2 external input in a Td guest:
- TdHob
- Configuration FV (CFV)
TdHob contains the resource information passed from VMM, such as
unaccepted memory region. CFV contains the configurations, such as
secure boot variables.
TdHob and CFV should be measured and extended to RTMRs before they're
consumed. TdHob is consumed in the very early stage of boot process.
At that moment the memory service is not ready. Cfv is consumed in
PlatformPei to initialize the EmuVariableNvStore. To make the
implementation simple and clean, these 2 external input are measured
and extended to RTMRs in SEC phase. That is to say the tdx measurement
is only supported in SEC phase.
After the measurement the hash values are stored in WorkArea. Then after
the Hob service is available, these 2 measurement values are retrieved
and GuidHobs for these 2 tdx measurements are generated.
This patch defines the structure of TDX_MEASUREMENTS_DATA in
SEC_TDX_WORK_AREA to store above 2 tdx measurements. It can be extended
to store more tdx measurements if needed in the future.
Cc: Erdem Aktas <erdemak...@google.com>
Cc: James Bottomley <j...@linux.ibm.com>
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Gerd Hoffmann <kra...@redhat.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: Michael Roth <michael.r...@amd.com>
Signed-off-by: Min Xu <min.m...@intel.com>
---
OvmfPkg/Include/WorkArea.h | 25 ++++++++++++++++++++++---
1 file changed, 22 insertions(+), 3 deletions(-)
diff --git a/OvmfPkg/Include/WorkArea.h b/OvmfPkg/Include/WorkArea.h
index 6c3702b716f0..b1c7045ce18c 100644
--- a/OvmfPkg/Include/WorkArea.h
+++ b/OvmfPkg/Include/WorkArea.h
@@ -11,6 +11,7 @@
#define __OVMF_WORK_AREA_H__
#include <ConfidentialComputingGuestAttr.h>
+#include <IndustryStandard/Tpm20.h>
//
// Confidential computing work area header definition. Any change
@@ -64,13 +65,27 @@ typedef struct _SEV_WORK_AREA {
SEC_SEV_ES_WORK_AREA SevEsWorkArea;
} SEV_WORK_AREA;
+//
+// Start of TDX Specific WorkArea definition
+//
+
+#define TDX_MEASUREMENT_TDHOB_BITMASK 0x1
+#define TDX_MEASUREMENT_CFVIMG_BITMASK 0x2
+
+typedef struct _TDX_MEASUREMENTS_DATA {
+ UINT32 MeasurementsBitmap;
+ UINT8 TdHobHashValue[SHA384_DIGEST_SIZE];
+ UINT8 CfvImgHashValue[SHA384_DIGEST_SIZE];
+} TDX_MEASUREMENTS_DATA;
+
//
// The TDX work area definition
//
typedef struct _SEC_TDX_WORK_AREA {
- UINT32 PageTableReady;
- UINT32 Gpaw;
- UINT64 HobList;
+ UINT32 PageTableReady;
+ UINT32 Gpaw;
+ UINT64 HobList;
+ TDX_MEASUREMENTS_DATA TdxMeasurementsData;
} SEC_TDX_WORK_AREA;
typedef struct _TDX_WORK_AREA {
@@ -78,6 +93,10 @@ typedef struct _TDX_WORK_AREA {
SEC_TDX_WORK_AREA SecTdxWorkArea;
} TDX_WORK_AREA;
+//
+// End of TDX Specific WorkArea definition
+//
+
typedef union {
CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER Header;
SEV_WORK_AREA SevWorkArea;
--
2.29.2.windows.2
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#98846): https://edk2.groups.io/g/devel/message/98846
Mute This Topic: https://groups.io/mt/96370894/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
