OvmfPkg: Refactor MeaureFvImage

[mirror_edk2.git] / OvmfPkg / IntelTdx / TdxHelperLib / SecTdxHelper.c

diff --git a/OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelper.c b/OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelper.c
index 6ca6f01aff579ccd4621cdcaebff644a0b1050d7..1929093f9110d59c362f6f141cf25f2a4775c27d 100644 (file)
--- a/OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelper.c
+++ b/OvmfPkg/IntelTdx/TdxHelperLib/SecTdxHelper.c
@@ -175,7 +175,35 @@ TdxHelperMeasureCfvImage (
   VOID\r
   )\r
 {\r
-  return EFI_UNSUPPORTED;\r
+  EFI_STATUS      Status;\r
+  UINT8           Digest[SHA384_DIGEST_SIZE];\r
+  OVMF_WORK_AREA  *WorkArea;\r
+\r
+  Status = HashAndExtendToRtmr (\r
+             0,\r
+             (UINT8 *)(UINTN)PcdGet32 (PcdOvmfFlashNvStorageVariableBase),\r
+             (UINT64)PcdGet32 (PcdCfvRawDataSize),\r
+             Digest,\r
+             SHA384_DIGEST_SIZE\r
+             );\r
+\r
+  if (EFI_ERROR (Status)) {\r
+    return Status;\r
+  }\r
+\r
+  //\r
+  // This function is called in SEC phase and at that moment the Hob service\r
+  // is not available. So CfvImage measurement value is stored in workarea.\r
+  //\r
+  WorkArea = (OVMF_WORK_AREA *)FixedPcdGet32 (PcdOvmfWorkAreaBase);\r
+  if (WorkArea == NULL) {\r
+    return EFI_DEVICE_ERROR;\r
+  }\r
+\r
+  WorkArea->TdxWorkArea.SecTdxWorkArea.TdxMeasurementsData.MeasurementsBitmap |= TDX_MEASUREMENT_CFVIMG_BITMASK;\r
+  CopyMem (WorkArea->TdxWorkArea.SecTdxWorkArea.TdxMeasurementsData.CfvImgHashValue, Digest, SHA384_DIGEST_SIZE);\r
+\r
+  return EFI_SUCCESS;\r
 }\r
 \r
 /**\r