[mirror_edk2.git] / OvmfPkg / Library / PeilessStartupLib / IntelTdx.c

/** @file\r
  Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
**/\r
\r
#include <PiPei.h>\r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/DebugLib.h>\r
#include <IndustryStandard/Tpm20.h>\r
#include <IndustryStandard/UefiTcgPlatform.h>\r
#include <Library/HobLib.h>\r
#include <Library/PrintLib.h>\r
#include <Library/TcgEventLogRecordLib.h>\r
#include <Library/TpmMeasurementLib.h>\r
\r
#include "PeilessStartupInternal.h"\r
\r
#pragma pack(1)\r
\r
#define HANDOFF_TABLE_DESC  "TdxTable"\r
typedef struct {\r
  UINT8                      TableDescriptionSize;\r
  UINT8                      TableDescription[sizeof (HANDOFF_TABLE_DESC)];\r
  UINT64                     NumberOfTables;\r
  EFI_CONFIGURATION_TABLE    TableEntry[1];\r
} TDX_HANDOFF_TABLE_POINTERS2;\r
\r
#pragma pack()\r
\r
#define FV_HANDOFF_TABLE_DESC  "Fv(XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX)"\r
typedef PLATFORM_FIRMWARE_BLOB2_STRUCT CFV_HANDOFF_TABLE_POINTERS2;\r
\r
/**\r
  Measure the Hoblist passed from the VMM.\r
\r
  @param[in] VmmHobList    The Hoblist pass the firmware\r
\r
  @retval EFI_SUCCESS           Fv image is measured successfully\r
                                or it has been already measured.\r
  @retval Others                Other errors as indicated\r
**/\r
EFI_STATUS\r
EFIAPI\r
MeasureHobList (\r
  IN CONST VOID  *VmmHobList\r
  )\r
{\r
  EFI_PEI_HOB_POINTERS         Hob;\r
  TDX_HANDOFF_TABLE_POINTERS2  HandoffTables;\r
  EFI_STATUS                   Status;\r
\r
  if (!TdIsEnabled ()) {\r
    ASSERT (FALSE);\r
    return EFI_UNSUPPORTED;\r
  }\r
\r
  Hob.Raw = (UINT8 *)VmmHobList;\r
\r
  //\r
  // Parse the HOB list until end of list.\r
  //\r
  while (!END_OF_HOB_LIST (Hob)) {\r
    Hob.Raw = GET_NEXT_HOB (Hob);\r
  }\r
\r
  //\r
  // Init the log event for HOB measurement\r
  //\r
\r
  HandoffTables.TableDescriptionSize = sizeof (HandoffTables.TableDescription);\r
  CopyMem (HandoffTables.TableDescription, HANDOFF_TABLE_DESC, sizeof (HandoffTables.TableDescription));\r
  HandoffTables.NumberOfTables = 1;\r
  CopyGuid (&(HandoffTables.TableEntry[0].VendorGuid), &gUefiOvmfPkgTokenSpaceGuid);\r
  HandoffTables.TableEntry[0].VendorTable = (VOID *)VmmHobList;\r
\r
  Status = TpmMeasureAndLogData (\r
             1,                                              // PCRIndex\r
             EV_EFI_HANDOFF_TABLES2,                         // EventType\r
             (VOID *)&HandoffTables,                         // EventData\r
             sizeof (HandoffTables),                         // EventSize\r
             (UINT8 *)(UINTN)VmmHobList,                     // HashData\r
             (UINTN)((UINT8 *)Hob.Raw - (UINT8 *)VmmHobList) // HashDataLen\r
             );\r
\r
  if (EFI_ERROR (Status)) {\r
    ASSERT (FALSE);\r
  }\r
\r
  return Status;\r
}\r
\r
/**\r
  Get the FvName from the FV header.\r
\r
  Causion: The FV is untrusted input.\r
\r
  @param[in]  FvBase            Base address of FV image.\r
  @param[in]  FvLength          Length of FV image.\r
\r
  @return FvName pointer\r
  @retval NULL   FvName is NOT found\r
**/\r
VOID *\r
GetFvName (\r
  IN EFI_PHYSICAL_ADDRESS  FvBase,\r
  IN UINT64                FvLength\r
  )\r
{\r
  EFI_FIRMWARE_VOLUME_HEADER      *FvHeader;\r
  EFI_FIRMWARE_VOLUME_EXT_HEADER  *FvExtHeader;\r
\r
  if (FvBase >= MAX_ADDRESS) {\r
    return NULL;\r
  }\r
\r
  if (FvLength >= MAX_ADDRESS - FvBase) {\r
    return NULL;\r
  }\r
\r
  if (FvLength < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {\r
    return NULL;\r
  }\r
\r
  FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)FvBase;\r
  if (FvHeader->ExtHeaderOffset < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {\r
    return NULL;\r
  }\r
\r
  if (FvHeader->ExtHeaderOffset + sizeof (EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {\r
    return NULL;\r
  }\r
\r
  FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + FvHeader->ExtHeaderOffset);\r
\r
  return &FvExtHeader->FvName;\r
}\r
\r
/**\r
  Measure FV image.\r
\r
  @param[in]  FvBase            Base address of FV image.\r
  @param[in]  FvLength          Length of FV image.\r
  @param[in]  PcrIndex          Index of PCR\r
\r
  @retval EFI_SUCCESS           Fv image is measured successfully\r
                                or it has been already measured.\r
  @retval EFI_OUT_OF_RESOURCES  No enough memory to log the new event.\r
  @retval EFI_DEVICE_ERROR      The command was unsuccessful.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
MeasureFvImage (\r
  IN EFI_PHYSICAL_ADDRESS  FvBase,\r
  IN UINT64                FvLength,\r
  IN UINT8                 PcrIndex\r
  )\r
{\r
  EFI_STATUS                   Status;\r
  CFV_HANDOFF_TABLE_POINTERS2  FvBlob2;\r
  VOID                         *FvName;\r
\r
  //\r
  // Init the log event for FV measurement\r
  //\r
  FvBlob2.BlobDescriptionSize = sizeof (FvBlob2.BlobDescription);\r
  CopyMem (FvBlob2.BlobDescription, FV_HANDOFF_TABLE_DESC, sizeof (FvBlob2.BlobDescription));\r
  FvName = GetFvName (FvBase, FvLength);\r
  if (FvName != NULL) {\r
    AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "Fv(%g)", FvName);\r
  }\r
\r
  FvBlob2.BlobBase   = FvBase;\r
  FvBlob2.BlobLength = FvLength;\r
\r
  Status = TpmMeasureAndLogData (\r
             1,                              // PCRIndex\r
             EV_EFI_PLATFORM_FIRMWARE_BLOB2, // EventType\r
             (VOID *)&FvBlob2,               // EventData\r
             sizeof (FvBlob2),               // EventSize\r
             (UINT8 *)(UINTN)FvBase,         // HashData\r
             (UINTN)(FvLength)               // HashDataLen\r
             );\r
\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "The FV which failed to be measured starts at: 0x%x\n", FvBase));\r
    ASSERT (FALSE);\r
  }\r
\r
  return Status;\r
}\r
Commit	Line	Data
4b0a6226 MX	1	/** @file\r
	2	Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>\r
	3	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	4	**/\r
	5	\r
	6	#include <PiPei.h>\r
	7	#include <Library/BaseLib.h>\r
	8	#include <Library/BaseMemoryLib.h>\r
	9	#include <Library/DebugLib.h>\r
ff0ffe59 MX	10	#include <IndustryStandard/Tpm20.h>\r
	11	#include <IndustryStandard/UefiTcgPlatform.h>\r
	12	#include <Library/HobLib.h>\r
	13	#include <Library/PrintLib.h>\r
d59279f8	14	#include <Library/TcgEventLogRecordLib.h>\r
ff0ffe59 MX	15	#include <Library/TpmMeasurementLib.h>\r
ff0ffe59 MX	16	\r
4b0a6226 MX	17	#include "PeilessStartupInternal.h"\r
4b0a6226 MX	18	\r
ff0ffe59 MX	19	#pragma pack(1)\r
	20	\r
	21	#define HANDOFF_TABLE_DESC "TdxTable"\r
	22	typedef struct {\r
	23	UINT8 TableDescriptionSize;\r
	24	UINT8 TableDescription[sizeof (HANDOFF_TABLE_DESC)];\r
	25	UINT64 NumberOfTables;\r
	26	EFI_CONFIGURATION_TABLE TableEntry[1];\r
	27	} TDX_HANDOFF_TABLE_POINTERS2;\r
	28	\r
ff0ffe59 MX	29	#pragma pack()\r
ff0ffe59 MX	30	\r
d59279f8 MX	31	#define FV_HANDOFF_TABLE_DESC "Fv(XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX)"\r
	32	typedef PLATFORM_FIRMWARE_BLOB2_STRUCT CFV_HANDOFF_TABLE_POINTERS2;\r
	33	\r
ff0ffe59 MX	34	/**\r
	35	Measure the Hoblist passed from the VMM.\r
	36	\r
	37	@param[in] VmmHobList The Hoblist pass the firmware\r
	38	\r
	39	@retval EFI_SUCCESS Fv image is measured successfully\r
	40	or it has been already measured.\r
	41	@retval Others Other errors as indicated\r
	42	**/\r
	43	EFI_STATUS\r
	44	EFIAPI\r
	45	MeasureHobList (\r
	46	IN CONST VOID *VmmHobList\r
	47	)\r
	48	{\r
	49	EFI_PEI_HOB_POINTERS Hob;\r
	50	TDX_HANDOFF_TABLE_POINTERS2 HandoffTables;\r
	51	EFI_STATUS Status;\r
	52	\r
	53	if (!TdIsEnabled ()) {\r
	54	ASSERT (FALSE);\r
	55	return EFI_UNSUPPORTED;\r
	56	}\r
	57	\r
	58	Hob.Raw = (UINT8 *)VmmHobList;\r
	59	\r
	60	//\r
	61	// Parse the HOB list until end of list.\r
	62	//\r
	63	while (!END_OF_HOB_LIST (Hob)) {\r
	64	Hob.Raw = GET_NEXT_HOB (Hob);\r
	65	}\r
	66	\r
	67	//\r
	68	// Init the log event for HOB measurement\r
	69	//\r
	70	\r
	71	HandoffTables.TableDescriptionSize = sizeof (HandoffTables.TableDescription);\r
	72	CopyMem (HandoffTables.TableDescription, HANDOFF_TABLE_DESC, sizeof (HandoffTables.TableDescription));\r
	73	HandoffTables.NumberOfTables = 1;\r
	74	CopyGuid (&(HandoffTables.TableEntry[0].VendorGuid), &gUefiOvmfPkgTokenSpaceGuid);\r
	75	HandoffTables.TableEntry[0].VendorTable = (VOID *)VmmHobList;\r
	76	\r
	77	Status = TpmMeasureAndLogData (\r
	78	1, // PCRIndex\r
	79	EV_EFI_HANDOFF_TABLES2, // EventType\r
	80	(VOID *)&HandoffTables, // EventData\r
	81	sizeof (HandoffTables), // EventSize\r
	82	(UINT8 *)(UINTN)VmmHobList, // HashData\r
	83	(UINTN)((UINT8 )Hob.Raw - (UINT8 )VmmHobList) // HashDataLen\r
	84	);\r
	85	\r
	86	if (EFI_ERROR (Status)) {\r
	87	ASSERT (FALSE);\r
	88	}\r
	89	\r
	90	return Status;\r
	91	}\r
	92	\r
	93	/**\r
	94	Get the FvName from the FV header.\r
	95	\r
	96	Causion: The FV is untrusted input.\r
	97	\r
98	@param[in] FvBase Base address of FV image.\r
99	@param[in] FvLength Length of FV image.\r
100	\r
101	@return FvName pointer\r
102	@retval NULL FvName is NOT found\r
103	**/\r
104	VOID *\r
105	GetFvName (\r
106	IN EFI_PHYSICAL_ADDRESS FvBase,\r
107	IN UINT64 FvLength\r
108	)\r
109	{\r
110	EFI_FIRMWARE_VOLUME_HEADER *FvHeader;\r
111	EFI_FIRMWARE_VOLUME_EXT_HEADER *FvExtHeader;\r
112	\r
113	if (FvBase >= MAX_ADDRESS) {\r
114	return NULL;\r
115	}\r
116	\r
117	if (FvLength >= MAX_ADDRESS - FvBase) {\r
118	return NULL;\r
119	}\r
120	\r
121	if (FvLength < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {\r
122	return NULL;\r
123	}\r
124	\r
125	FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)FvBase;\r
126	if (FvHeader->ExtHeaderOffset < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {\r
127	return NULL;\r
128	}\r
129	\r
130	if (FvHeader->ExtHeaderOffset + sizeof (EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {\r
131	return NULL;\r
132	}\r
133	\r
134	FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + FvHeader->ExtHeaderOffset);\r
135	\r
136	return &FvExtHeader->FvName;\r
137	}\r
138	\r
139	/**\r
140	Measure FV image.\r
141	\r
142	@param[in] FvBase Base address of FV image.\r
143	@param[in] FvLength Length of FV image.\r
144	@param[in] PcrIndex Index of PCR\r
145	\r
146	@retval EFI_SUCCESS Fv image is measured successfully\r
147	or it has been already measured.\r
148	@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.\r
149	@retval EFI_DEVICE_ERROR The command was unsuccessful.\r
150	\r
151	**/\r
152	EFI_STATUS\r
153	EFIAPI\r
154	MeasureFvImage (\r
155	IN EFI_PHYSICAL_ADDRESS FvBase,\r
156	IN UINT64 FvLength,\r
157	IN UINT8 PcrIndex\r
158	)\r
159	{\r
d59279f8 MX	160	EFI_STATUS Status;\r
	161	CFV_HANDOFF_TABLE_POINTERS2 FvBlob2;\r
	162	VOID *FvName;\r
ff0ffe59 MX	163	\r
	164	//\r
	165	// Init the log event for FV measurement\r
	166	//\r
	167	FvBlob2.BlobDescriptionSize = sizeof (FvBlob2.BlobDescription);\r
	168	CopyMem (FvBlob2.BlobDescription, FV_HANDOFF_TABLE_DESC, sizeof (FvBlob2.BlobDescription));\r
	169	FvName = GetFvName (FvBase, FvLength);\r
	170	if (FvName != NULL) {\r
	171	AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "Fv(%g)", FvName);\r
	172	}\r
	173	\r
	174	FvBlob2.BlobBase = FvBase;\r
	175	FvBlob2.BlobLength = FvLength;\r
	176	\r
	177	Status = TpmMeasureAndLogData (\r
	178	1, // PCRIndex\r
	179	EV_EFI_PLATFORM_FIRMWARE_BLOB2, // EventType\r
	180	(VOID *)&FvBlob2, // EventData\r
	181	sizeof (FvBlob2), // EventSize\r
	182	(UINT8 *)(UINTN)FvBase, // HashData\r
	183	(UINTN)(FvLength) // HashDataLen\r
	184	);\r
	185	\r
	186	if (EFI_ERROR (Status)) {\r
	187	DEBUG ((DEBUG_ERROR, "The FV which failed to be measured starts at: 0x%x\n", FvBase));\r
	188	ASSERT (FALSE);\r
	189	}\r
	190	\r
	191	return Status;\r
	192	}\r