projects / mirror_edk2.git / blame
| Commit | Line | Data |
|---|---|---|
| 4b0a6226 MX |
1 | /** @file\r |
| 2 | Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>\r | |
| 3 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
| 4 | **/\r | |
| 5 | \r | |
| 6 | #include <PiPei.h>\r | |
| 7 | #include <Library/BaseLib.h>\r | |
| 8 | #include <Library/BaseMemoryLib.h>\r | |
| 9 | #include <Library/DebugLib.h>\r | |
| ff0ffe59 MX |
10 | #include <IndustryStandard/Tpm20.h>\r |
| 11 | #include <IndustryStandard/UefiTcgPlatform.h>\r | |
| 12 | #include <Library/HobLib.h>\r | |
| 13 | #include <Library/PrintLib.h>\r | |
| 14 | #include <Library/TpmMeasurementLib.h>\r | |
| 15 | \r | |
| 4b0a6226 MX |
16 | #include "PeilessStartupInternal.h"\r |
| 17 | \r | |
| ff0ffe59 MX |
18 | #pragma pack(1)\r |
| 19 | \r | |
| 20 | #define HANDOFF_TABLE_DESC "TdxTable"\r | |
| 21 | typedef struct {\r | |
| 22 | UINT8 TableDescriptionSize;\r | |
| 23 | UINT8 TableDescription[sizeof (HANDOFF_TABLE_DESC)];\r | |
| 24 | UINT64 NumberOfTables;\r | |
| 25 | EFI_CONFIGURATION_TABLE TableEntry[1];\r | |
| 26 | } TDX_HANDOFF_TABLE_POINTERS2;\r | |
| 27 | \r | |
| 28 | #define FV_HANDOFF_TABLE_DESC "Fv(XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX)"\r | |
| 29 | typedef struct {\r | |
| 30 | UINT8 BlobDescriptionSize;\r | |
| 31 | UINT8 BlobDescription[sizeof (FV_HANDOFF_TABLE_DESC)];\r | |
| 32 | EFI_PHYSICAL_ADDRESS BlobBase;\r | |
| 33 | UINT64 BlobLength;\r | |
| 34 | } FV_HANDOFF_TABLE_POINTERS2;\r | |
| 35 | \r | |
| 36 | #pragma pack()\r | |
| 37 | \r | |
| ff0ffe59 MX |
38 | /**\r |
| 39 | Measure the Hoblist passed from the VMM.\r | |
| 40 | \r | |
| 41 | @param[in] VmmHobList The Hoblist pass the firmware\r | |
| 42 | \r | |
| 43 | @retval EFI_SUCCESS Fv image is measured successfully\r | |
| 44 | or it has been already measured.\r | |
| 45 | @retval Others Other errors as indicated\r | |
| 46 | **/\r | |
| 47 | EFI_STATUS\r | |
| 48 | EFIAPI\r | |
| 49 | MeasureHobList (\r | |
| 50 | IN CONST VOID *VmmHobList\r | |
| 51 | )\r | |
| 52 | {\r | |
| 53 | EFI_PEI_HOB_POINTERS Hob;\r | |
| 54 | TDX_HANDOFF_TABLE_POINTERS2 HandoffTables;\r | |
| 55 | EFI_STATUS Status;\r | |
| 56 | \r | |
| 57 | if (!TdIsEnabled ()) {\r | |
| 58 | ASSERT (FALSE);\r | |
| 59 | return EFI_UNSUPPORTED;\r | |
| 60 | }\r | |
| 61 | \r | |
| 62 | Hob.Raw = (UINT8 *)VmmHobList;\r | |
| 63 | \r | |
| 64 | //\r | |
| 65 | // Parse the HOB list until end of list.\r | |
| 66 | //\r | |
| 67 | while (!END_OF_HOB_LIST (Hob)) {\r | |
| 68 | Hob.Raw = GET_NEXT_HOB (Hob);\r | |
| 69 | }\r | |
| 70 | \r | |
| 71 | //\r | |
| 72 | // Init the log event for HOB measurement\r | |
| 73 | //\r | |
| 74 | \r | |
| 75 | HandoffTables.TableDescriptionSize = sizeof (HandoffTables.TableDescription);\r | |
| 76 | CopyMem (HandoffTables.TableDescription, HANDOFF_TABLE_DESC, sizeof (HandoffTables.TableDescription));\r | |
| 77 | HandoffTables.NumberOfTables = 1;\r | |
| 78 | CopyGuid (&(HandoffTables.TableEntry[0].VendorGuid), &gUefiOvmfPkgTokenSpaceGuid);\r | |
| 79 | HandoffTables.TableEntry[0].VendorTable = (VOID *)VmmHobList;\r | |
| 80 | \r | |
| 81 | Status = TpmMeasureAndLogData (\r | |
| 82 | 1, // PCRIndex\r | |
| 83 | EV_EFI_HANDOFF_TABLES2, // EventType\r | |
| 84 | (VOID *)&HandoffTables, // EventData\r | |
| 85 | sizeof (HandoffTables), // EventSize\r | |
| 86 | (UINT8 *)(UINTN)VmmHobList, // HashData\r | |
| 87 | (UINTN)((UINT8 *)Hob.Raw - (UINT8 *)VmmHobList) // HashDataLen\r | |
| 88 | );\r | |
| 89 | \r | |
| 90 | if (EFI_ERROR (Status)) {\r | |
| 91 | ASSERT (FALSE);\r | |
| 92 | }\r | |
| 93 | \r | |
| 94 | return Status;\r | |
| 95 | }\r | |
| 96 | \r | |
| 97 | /**\r | |
| 98 | Get the FvName from the FV header.\r | |
| 99 | \r | |
| 100 | Causion: The FV is untrusted input.\r | |
| 101 | \r | |
| 102 | @param[in] FvBase Base address of FV image.\r | |
| 103 | @param[in] FvLength Length of FV image.\r | |
| 104 | \r | |
| 105 | @return FvName pointer\r | |
| 106 | @retval NULL FvName is NOT found\r | |
| 107 | **/\r | |
| 108 | VOID *\r | |
| 109 | GetFvName (\r | |
| 110 | IN EFI_PHYSICAL_ADDRESS FvBase,\r | |
| 111 | IN UINT64 FvLength\r | |
| 112 | )\r | |
| 113 | {\r | |
| 114 | EFI_FIRMWARE_VOLUME_HEADER *FvHeader;\r | |
| 115 | EFI_FIRMWARE_VOLUME_EXT_HEADER *FvExtHeader;\r | |
| 116 | \r | |
| 117 | if (FvBase >= MAX_ADDRESS) {\r | |
| 118 | return NULL;\r | |
| 119 | }\r | |
| 120 | \r | |
| 121 | if (FvLength >= MAX_ADDRESS - FvBase) {\r | |
| 122 | return NULL;\r | |
| 123 | }\r | |
| 124 | \r | |
| 125 | if (FvLength < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {\r | |
| 126 | return NULL;\r | |
| 127 | }\r | |
| 128 | \r | |
| 129 | FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)FvBase;\r | |
| 130 | if (FvHeader->ExtHeaderOffset < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {\r | |
| 131 | return NULL;\r | |
| 132 | }\r | |
| 133 | \r | |
| 134 | if (FvHeader->ExtHeaderOffset + sizeof (EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {\r | |
| 135 | return NULL;\r | |
| 136 | }\r | |
| 137 | \r | |
| 138 | FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + FvHeader->ExtHeaderOffset);\r | |
| 139 | \r | |
| 140 | return &FvExtHeader->FvName;\r | |
| 141 | }\r | |
| 142 | \r | |
| 143 | /**\r | |
| 144 | Measure FV image.\r | |
| 145 | \r | |
| 146 | @param[in] FvBase Base address of FV image.\r | |
| 147 | @param[in] FvLength Length of FV image.\r | |
| 148 | @param[in] PcrIndex Index of PCR\r | |
| 149 | \r | |
| 150 | @retval EFI_SUCCESS Fv image is measured successfully\r | |
| 151 | or it has been already measured.\r | |
| 152 | @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.\r | |
| 153 | @retval EFI_DEVICE_ERROR The command was unsuccessful.\r | |
| 154 | \r | |
| 155 | **/\r | |
| 156 | EFI_STATUS\r | |
| 157 | EFIAPI\r | |
| 158 | MeasureFvImage (\r | |
| 159 | IN EFI_PHYSICAL_ADDRESS FvBase,\r | |
| 160 | IN UINT64 FvLength,\r | |
| 161 | IN UINT8 PcrIndex\r | |
| 162 | )\r | |
| 163 | {\r | |
| 164 | EFI_STATUS Status;\r | |
| 165 | FV_HANDOFF_TABLE_POINTERS2 FvBlob2;\r | |
| 166 | VOID *FvName;\r | |
| 167 | \r | |
| 168 | //\r | |
| 169 | // Init the log event for FV measurement\r | |
| 170 | //\r | |
| 171 | FvBlob2.BlobDescriptionSize = sizeof (FvBlob2.BlobDescription);\r | |
| 172 | CopyMem (FvBlob2.BlobDescription, FV_HANDOFF_TABLE_DESC, sizeof (FvBlob2.BlobDescription));\r | |
| 173 | FvName = GetFvName (FvBase, FvLength);\r | |
| 174 | if (FvName != NULL) {\r | |
| 175 | AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "Fv(%g)", FvName);\r | |
| 176 | }\r | |
| 177 | \r | |
| 178 | FvBlob2.BlobBase = FvBase;\r | |
| 179 | FvBlob2.BlobLength = FvLength;\r | |
| 180 | \r | |
| 181 | Status = TpmMeasureAndLogData (\r | |
| 182 | 1, // PCRIndex\r | |
| 183 | EV_EFI_PLATFORM_FIRMWARE_BLOB2, // EventType\r | |
| 184 | (VOID *)&FvBlob2, // EventData\r | |
| 185 | sizeof (FvBlob2), // EventSize\r | |
| 186 | (UINT8 *)(UINTN)FvBase, // HashData\r | |
| 187 | (UINTN)(FvLength) // HashDataLen\r | |
| 188 | );\r | |
| 189 | \r | |
| 190 | if (EFI_ERROR (Status)) {\r | |
| 191 | DEBUG ((DEBUG_ERROR, "The FV which failed to be measured starts at: 0x%x\n", FvBase));\r | |
| 192 | ASSERT (FALSE);\r | |
| 193 | }\r | |
| 194 | \r | |
| 195 | return Status;\r | |
| 196 | }\r |