]> git.proxmox.com Git - mirror_edk2.git/blob - OvmfPkg/Library/PeilessStartupLib/IntelTdx.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
OvmfPkg/PeilessStartupLib: Update the define of FV_HANDOFF_TABLE_POINTERS2
[mirror_edk2.git] / OvmfPkg / Library / PeilessStartupLib / IntelTdx.c
1 /** @file
2 Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
3 SPDX-License-Identifier: BSD-2-Clause-Patent
4 **/
5
6 #include <PiPei.h>
7 #include <Library/BaseLib.h>
8 #include <Library/BaseMemoryLib.h>
9 #include <Library/DebugLib.h>
10 #include <IndustryStandard/Tpm20.h>
11 #include <IndustryStandard/UefiTcgPlatform.h>
12 #include <Library/HobLib.h>
13 #include <Library/PrintLib.h>
14 #include <Library/TcgEventLogRecordLib.h>
15 #include <Library/TpmMeasurementLib.h>
16
17 #include "PeilessStartupInternal.h"
18
19 #pragma pack(1)
20
21 #define HANDOFF_TABLE_DESC "TdxTable"
22 typedef struct {
23 UINT8 TableDescriptionSize;
24 UINT8 TableDescription[sizeof (HANDOFF_TABLE_DESC)];
25 UINT64 NumberOfTables;
26 EFI_CONFIGURATION_TABLE TableEntry[1];
27 } TDX_HANDOFF_TABLE_POINTERS2;
28
29 #pragma pack()
30
31 #define FV_HANDOFF_TABLE_DESC "Fv(XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX)"
32 typedef PLATFORM_FIRMWARE_BLOB2_STRUCT CFV_HANDOFF_TABLE_POINTERS2;
33
34 /**
35 Measure the Hoblist passed from the VMM.
36
37 @param[in] VmmHobList The Hoblist pass the firmware
38
39 @retval EFI_SUCCESS Fv image is measured successfully
40 or it has been already measured.
41 @retval Others Other errors as indicated
42 **/
43 EFI_STATUS
44 EFIAPI
45 MeasureHobList (
46 IN CONST VOID *VmmHobList
47 )
48 {
49 EFI_PEI_HOB_POINTERS Hob;
50 TDX_HANDOFF_TABLE_POINTERS2 HandoffTables;
51 EFI_STATUS Status;
52
53 if (!TdIsEnabled ()) {
54 ASSERT (FALSE);
55 return EFI_UNSUPPORTED;
56 }
57
58 Hob.Raw = (UINT8 *)VmmHobList;
59
60 //
61 // Parse the HOB list until end of list.
62 //
63 while (!END_OF_HOB_LIST (Hob)) {
64 Hob.Raw = GET_NEXT_HOB (Hob);
65 }
66
67 //
68 // Init the log event for HOB measurement
69 //
70
71 HandoffTables.TableDescriptionSize = sizeof (HandoffTables.TableDescription);
72 CopyMem (HandoffTables.TableDescription, HANDOFF_TABLE_DESC, sizeof (HandoffTables.TableDescription));
73 HandoffTables.NumberOfTables = 1;
74 CopyGuid (&(HandoffTables.TableEntry[0].VendorGuid), &gUefiOvmfPkgTokenSpaceGuid);
75 HandoffTables.TableEntry[0].VendorTable = (VOID *)VmmHobList;
76
77 Status = TpmMeasureAndLogData (
78 1, // PCRIndex
79 EV_EFI_HANDOFF_TABLES2, // EventType
80 (VOID *)&HandoffTables, // EventData
81 sizeof (HandoffTables), // EventSize
82 (UINT8 *)(UINTN)VmmHobList, // HashData
83 (UINTN)((UINT8 *)Hob.Raw - (UINT8 *)VmmHobList) // HashDataLen
84 );
85
86 if (EFI_ERROR (Status)) {
87 ASSERT (FALSE);
88 }
89
90 return Status;
91 }
92
93 /**
94 Get the FvName from the FV header.
95
96 Causion: The FV is untrusted input.
97
98 @param[in] FvBase Base address of FV image.
99 @param[in] FvLength Length of FV image.
100
101 @return FvName pointer
102 @retval NULL FvName is NOT found
103 **/
104 VOID *
105 GetFvName (
106 IN EFI_PHYSICAL_ADDRESS FvBase,
107 IN UINT64 FvLength
108 )
109 {
110 EFI_FIRMWARE_VOLUME_HEADER *FvHeader;
111 EFI_FIRMWARE_VOLUME_EXT_HEADER *FvExtHeader;
112
113 if (FvBase >= MAX_ADDRESS) {
114 return NULL;
115 }
116
117 if (FvLength >= MAX_ADDRESS - FvBase) {
118 return NULL;
119 }
120
121 if (FvLength < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {
122 return NULL;
123 }
124
125 FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)FvBase;
126 if (FvHeader->ExtHeaderOffset < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {
127 return NULL;
128 }
129
130 if (FvHeader->ExtHeaderOffset + sizeof (EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {
131 return NULL;
132 }
133
134 FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + FvHeader->ExtHeaderOffset);
135
136 return &FvExtHeader->FvName;
137 }
138
139 /**
140 Measure FV image.
141
142 @param[in] FvBase Base address of FV image.
143 @param[in] FvLength Length of FV image.
144 @param[in] PcrIndex Index of PCR
145
146 @retval EFI_SUCCESS Fv image is measured successfully
147 or it has been already measured.
148 @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
149 @retval EFI_DEVICE_ERROR The command was unsuccessful.
150
151 **/
152 EFI_STATUS
153 EFIAPI
154 MeasureFvImage (
155 IN EFI_PHYSICAL_ADDRESS FvBase,
156 IN UINT64 FvLength,
157 IN UINT8 PcrIndex
158 )
159 {
160 EFI_STATUS Status;
161 CFV_HANDOFF_TABLE_POINTERS2 FvBlob2;
162 VOID *FvName;
163
164 //
165 // Init the log event for FV measurement
166 //
167 FvBlob2.BlobDescriptionSize = sizeof (FvBlob2.BlobDescription);
168 CopyMem (FvBlob2.BlobDescription, FV_HANDOFF_TABLE_DESC, sizeof (FvBlob2.BlobDescription));
169 FvName = GetFvName (FvBase, FvLength);
170 if (FvName != NULL) {
171 AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "Fv(%g)", FvName);
172 }
173
174 FvBlob2.BlobBase = FvBase;
175 FvBlob2.BlobLength = FvLength;
176
177 Status = TpmMeasureAndLogData (
178 1, // PCRIndex
179 EV_EFI_PLATFORM_FIRMWARE_BLOB2, // EventType
180 (VOID *)&FvBlob2, // EventData
181 sizeof (FvBlob2), // EventSize
182 (UINT8 *)(UINTN)FvBase, // HashData
183 (UINTN)(FvLength) // HashDataLen
184 );
185
186 if (EFI_ERROR (Status)) {
187 DEBUG ((DEBUG_ERROR, "The FV which failed to be measured starts at: 0x%x\n", FvBase));
188 ASSERT (FALSE);
189 }
190
191 return Status;
192 }
EFI Development Kit II mirror for PVE