OvmfPkg/Library/PeilessStartupLib/IntelTdx.c

   1 /** @file
   2   Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
   3   SPDX-License-Identifier: BSD-2-Clause-Patent
   4 **/
   5
   6 #include <PiPei.h>
   7 #include <Library/BaseLib.h>
   8 #include <Library/BaseMemoryLib.h>
   9 #include <Library/DebugLib.h>
  10 #include <IndustryStandard/Tpm20.h>
  11 #include <IndustryStandard/UefiTcgPlatform.h>
  12 #include <Library/HobLib.h>
  13 #include <Library/PrintLib.h>
  14 #include <Library/TcgEventLogRecordLib.h>
  15 #include <Library/TpmMeasurementLib.h>
  16
  17 #include "PeilessStartupInternal.h"
  18
  19 #define FV_HANDOFF_TABLE_DESC  "Fv(XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX)"
  20 typedef PLATFORM_FIRMWARE_BLOB2_STRUCT CFV_HANDOFF_TABLE_POINTERS2;
  21
  22 /**
  23   Get the FvName from the FV header.
  24
  25   Causion: The FV is untrusted input.
  26
  27   @param[in]  FvBase            Base address of FV image.
  28   @param[in]  FvLength          Length of FV image.
  29
  30   @return FvName pointer
  31   @retval NULL   FvName is NOT found
  32 **/
  33 VOID *
  34 GetFvName (
  35   IN EFI_PHYSICAL_ADDRESS  FvBase,
  36   IN UINT64                FvLength
  37   )
  38 {
  39   EFI_FIRMWARE_VOLUME_HEADER      *FvHeader;
  40   EFI_FIRMWARE_VOLUME_EXT_HEADER  *FvExtHeader;
  41
  42   if (FvBase >= MAX_ADDRESS) {
  43     return NULL;
  44   }
  45
  46   if (FvLength >= MAX_ADDRESS - FvBase) {
  47     return NULL;
  48   }
  49
  50   if (FvLength < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {
  51     return NULL;
  52   }
  53
  54   FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)FvBase;
  55   if (FvHeader->ExtHeaderOffset < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {
  56     return NULL;
  57   }
  58
  59   if (FvHeader->ExtHeaderOffset + sizeof (EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {
  60     return NULL;
  61   }
  62
  63   FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + FvHeader->ExtHeaderOffset);
  64
  65   return &FvExtHeader->FvName;
  66 }
  67
  68 /**
  69   Measure FV image.
  70
  71   @param[in]  FvBase            Base address of FV image.
  72   @param[in]  FvLength          Length of FV image.
  73   @param[in]  PcrIndex          Index of PCR
  74
  75   @retval EFI_SUCCESS           Fv image is measured successfully
  76                                 or it has been already measured.
  77   @retval EFI_OUT_OF_RESOURCES  No enough memory to log the new event.
  78   @retval EFI_DEVICE_ERROR      The command was unsuccessful.
  79
  80 **/
  81 EFI_STATUS
  82 EFIAPI
  83 MeasureFvImage (
  84   IN EFI_PHYSICAL_ADDRESS  FvBase,
  85   IN UINT64                FvLength,
  86   IN UINT8                 PcrIndex
  87   )
  88 {
  89   EFI_STATUS                   Status;
  90   CFV_HANDOFF_TABLE_POINTERS2  FvBlob2;
  91   VOID                         *FvName;
  92
  93   //
  94   // Init the log event for FV measurement
  95   //
  96   FvBlob2.BlobDescriptionSize = sizeof (FvBlob2.BlobDescription);
  97   CopyMem (FvBlob2.BlobDescription, FV_HANDOFF_TABLE_DESC, sizeof (FvBlob2.BlobDescription));
  98   FvName = GetFvName (FvBase, FvLength);
  99   if (FvName != NULL) {
 100     AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "Fv(%g)", FvName);
 101   }
 102
 103   FvBlob2.BlobBase   = FvBase;
 104   FvBlob2.BlobLength = FvLength;
 105
 106   Status = TpmMeasureAndLogData (
 107              1,                              // PCRIndex
 108              EV_EFI_PLATFORM_FIRMWARE_BLOB2, // EventType
 109              (VOID *)&FvBlob2,               // EventData
 110              sizeof (FvBlob2),               // EventSize
 111              (UINT8 *)(UINTN)FvBase,         // HashData
 112              (UINTN)(FvLength)               // HashDataLen
 113              );
 114
 115   if (EFI_ERROR (Status)) {
 116     DEBUG ((DEBUG_ERROR, "The FV which failed to be measured starts at: 0x%x\n", FvBase));
 117     ASSERT (FALSE);
 118   }
 119
 120   return Status;
 121 }