git.proxmox.com Git - mirror

author	Min M Xu <min.m.xu@intel.com>
	Fri, 3 Feb 2023 03:31:43 +0000 (11:31 +0800)
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
	Sat, 4 Feb 2023 03:38:15 +0000 (03:38 +0000)
commit	019621d0780df546637a4a032994f123eb91037d
tree	7a5dc32666a6c750700d6a30e57c98f45707f361	tree
parent	c0984d1ff28325a8f1c76e23a79141cbb12c3e4f	commit \| diff

OvmfPkg/IntelTdx: Measure TdHob and Configuration FV in SecMain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243

TdHob and Configuration FV (Cfv) are external inputs from VMM. From the
security perspective, they should be measured before they're consumed.
This patch measures TdHob and Cfv and stores the measurement values in
WorkArea.

After TdHob and Configuration FV (Cfv) are measured in SecMain, the
same measurements in PeilessStartupLib are deleted.

Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>

OvmfPkg/IntelTdx/IntelTdxX64.dsc		diff \| blob \| blame \| history
OvmfPkg/IntelTdx/Sec/SecMain.c		diff \| blob \| blame \| history
OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c		diff \| blob \| blame \| history
OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf		diff \| blob \| blame \| history