docs/master/_blob_verifier_sev_hashes_8c_source.html

#include <Library/BaseCryptLib.h>

#include <Library/BaseLib.h>

#include <Library/BaseMemoryLib.h>

#include <Library/DebugLib.h>

#include <Library/BlobVerifierLib.h>


#define SEV_HASH_TABLE_GUID \

  (GUID) { 0x9438d606, 0x4f22, 0x4cc9, { 0xb4, 0x79, 0xa7, 0x93, 0xd4, 0x11, 0xfd, 0x21 } }

#define SEV_KERNEL_HASH_GUID \

  (GUID) { 0x4de79437, 0xabd2, 0x427f, { 0xb8, 0x35, 0xd5, 0xb1, 0x72, 0xd2, 0x04, 0x5b } }

#define SEV_INITRD_HASH_GUID \

  (GUID) { 0x44baf731, 0x3a2f, 0x4bd7, { 0x9a, 0xf1, 0x41, 0xe2, 0x91, 0x69, 0x78, 0x1d } }

#define SEV_CMDLINE_HASH_GUID \

  (GUID) { 0x97d02dd8, 0xbd20, 0x4c94, { 0xaa, 0x78, 0xe7, 0x71, 0x4d, 0x36, 0xab, 0x2a } }


STATIC CONST EFI_GUID  mSevKernelHashGuid  = SEV_KERNEL_HASH_GUID;

STATIC CONST EFI_GUID  mSevInitrdHashGuid  = SEV_INITRD_HASH_GUID;

STATIC CONST EFI_GUID  mSevCmdlineHashGuid = SEV_CMDLINE_HASH_GUID;


#pragma pack (1)

typedef struct {

  GUID      Guid;

  UINT16    Len;

  UINT8     Data[];

} HASH_TABLE;

#pragma pack ()


STATIC HASH_TABLE  *mHashesTable;

STATIC UINT16      mHashesTableSize;


STATIC

CONST GUID *

FindBlobEntryGuid (

  IN  CONST CHAR16  *BlobName

  )

{

  if (StrCmp (BlobName, L"kernel") == 0) {

    return &mSevKernelHashGuid;

  } else if (StrCmp (BlobName, L"initrd") == 0) {

    return &mSevInitrdHashGuid;

  } else if (StrCmp (BlobName, L"cmdline") == 0) {

    return &mSevCmdlineHashGuid;

  } else {

    return NULL;

  }

}


EFI_STATUS

EFIAPI

VerifyBlob (

  IN  CONST CHAR16  *BlobName,

  IN  CONST VOID    *Buf,

  IN  UINT32        BufSize,

  IN  EFI_STATUS    FetchStatus

  )

{

  CONST GUID  *Guid;

  INT32       Remaining;

  HASH_TABLE  *Entry;


  // Enter a dead loop if the fetching of this blob

  // failed. This prevents a malicious host from

  // circumventing the following checks.

  if (EFI_ERROR (FetchStatus)) {

    DEBUG ((

      DEBUG_ERROR,

      "%a: Fetching blob failed.\n",

      __func__

      ));


    CpuDeadLoop ();

  }


  if ((mHashesTable == NULL) || (mHashesTableSize == 0)) {

    DEBUG ((

      DEBUG_WARN,

      "%a: Verifier called but no hashes table discoverd in MEMFD\n",

      __func__

      ));

    return EFI_ACCESS_DENIED;

  }


  Guid = FindBlobEntryGuid (BlobName);

  if (Guid == NULL) {

    DEBUG ((

      DEBUG_ERROR,

      "%a: Unknown blob name \"%s\"\n",

      __func__,

      BlobName

      ));


    CpuDeadLoop ();

  }


  //

  // Remaining is INT32 to catch underflow in case Entry->Len has a

  // very high UINT16 value

  //

  for (Entry = mHashesTable, Remaining = mHashesTableSize;

       Remaining >= sizeof *Entry && Remaining >= Entry->Len;

       Remaining -= Entry->Len,

       Entry = (HASH_TABLE *)((UINT8 *)Entry + Entry->Len))

  {

    UINTN       EntrySize;

    EFI_STATUS  Status;

    UINT8       Hash[SHA256_DIGEST_SIZE];


    if (!CompareGuid (&Entry->Guid, Guid)) {

      continue;

    }


    DEBUG ((DEBUG_INFO, "%a: Found GUID %g in table\n", __func__, Guid));


    EntrySize = Entry->Len - sizeof Entry->Guid - sizeof Entry->Len;

    if (EntrySize != SHA256_DIGEST_SIZE) {

      DEBUG ((

        DEBUG_WARN,

        "%a: Hash has the wrong size %d != %d\n",

        __func__,

        EntrySize,

        SHA256_DIGEST_SIZE

        ));

      return EFI_ACCESS_DENIED;

    }


    //

    // Calculate the buffer's hash and verify that it is identical to the

    // expected hash table entry

    //

    Sha256HashAll (Buf, BufSize, Hash);


    if (CompareMem (Entry->Data, Hash, EntrySize) == 0) {

      Status = EFI_SUCCESS;

      DEBUG ((

        DEBUG_INFO,

        "%a: Hash comparison succeeded for \"%s\"\n",

        __func__,

        BlobName

        ));

    } else {

      Status = EFI_ACCESS_DENIED;

      DEBUG ((

        DEBUG_ERROR,

        "%a: Hash comparison failed for \"%s\"\n",

        __func__,

        BlobName

        ));


      CpuDeadLoop ();

    }


    return Status;

  }


  //

  // If the GUID is not in the hash table, execution can still continue.

  // This blob will not be measured, but at least one blob must be.

  //

  DEBUG ((

    DEBUG_ERROR,

    "%a: Hash GUID %g not found in table\n",

    __func__,

    Guid

    ));

  return EFI_SUCCESS;

}


RETURN_STATUS

EFIAPI

BlobVerifierLibSevHashesConstructor (

  VOID

  )

{

  HASH_TABLE  *Ptr;

  UINT32      Size;


  mHashesTable     = NULL;

  mHashesTableSize = 0;


  Ptr  = (void *)(UINTN)FixedPcdGet64 (PcdQemuHashTableBase);

  Size = FixedPcdGet32 (PcdQemuHashTableSize);


  if ((Ptr == NULL) || (Size < sizeof *Ptr) ||

      !CompareGuid (&Ptr->Guid, &SEV_HASH_TABLE_GUID) ||

      (Ptr->Len < sizeof *Ptr) || (Ptr->Len > Size))

  {

    return RETURN_SUCCESS;

  }


  DEBUG ((

    DEBUG_INFO,

    "%a: Found injected hashes table in secure location\n",

    __func__

    ));


  mHashesTable     = (HASH_TABLE *)Ptr->Data;

  mHashesTableSize = Ptr->Len - sizeof Ptr->Guid - sizeof Ptr->Len;


  DEBUG ((

    DEBUG_VERBOSE,

    "%a: mHashesTable=0x%p, Size=%u\n",

    __func__,

    mHashesTable,

    mHashesTableSize

    ));


  return RETURN_SUCCESS;

}

UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112

BaseCryptLib.h

SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
Definition: BaseCryptLib.h:44

Sha256HashAll
BOOLEAN EFIAPI Sha256HashAll(IN CONST VOID *Data, IN UINTN DataSize, OUT UINT8 *HashValue)
Definition: CryptSha256.c:199

BaseLib.h

StrCmp
INTN EFIAPI StrCmp(IN CONST CHAR16 *FirstString, IN CONST CHAR16 *SecondString)
Definition: String.c:109

CpuDeadLoop
VOID EFIAPI CpuDeadLoop(VOID)
Definition: CpuDeadLoop.c:25

BaseMemoryLib.h

CompareMem
INTN EFIAPI CompareMem(IN CONST VOID *DestinationBuffer, IN CONST VOID *SourceBuffer, IN UINTN Length)
Definition: CompareMemWrapper.c:45

CompareGuid
BOOLEAN EFIAPI CompareGuid(IN CONST GUID *Guid1, IN CONST GUID *Guid2)
Definition: MemLibGuid.c:73

BlobVerifierLib.h

SEV_HASH_TABLE_GUID
#define SEV_HASH_TABLE_GUID
Definition: BlobVerifierSevHashes.c:36

VerifyBlob
EFI_STATUS EFIAPI VerifyBlob(IN CONST CHAR16 *BlobName, IN CONST VOID *Buf, IN UINT32 BufSize, IN EFI_STATUS FetchStatus)
Definition: BlobVerifierSevHashes.c:95

BlobVerifierLibSevHashesConstructor
RETURN_STATUS EFIAPI BlobVerifierLibSevHashesConstructor(VOID)
Definition: BlobVerifierSevHashes.c:224

NULL
#define NULL
Definition: Base.h:319

CONST
#define CONST
Definition: Base.h:259

STATIC
#define STATIC
Definition: Base.h:264

RETURN_SUCCESS
#define RETURN_SUCCESS
Definition: Base.h:1066

IN
#define IN
Definition: Base.h:279

DebugLib.h

DEBUG
#define DEBUG(Expression)
Definition: DebugLib.h:434

FixedPcdGet32
#define FixedPcdGet32(TokenName)
Definition: PcdLib.h:92

FixedPcdGet64
#define FixedPcdGet64(TokenName)
Definition: PcdLib.h:106

EFI_STATUS
RETURN_STATUS EFI_STATUS
Definition: UefiBaseType.h:29

EFI_SUCCESS
#define EFI_SUCCESS
Definition: UefiBaseType.h:112

GUID
Definition: Base.h:213

HASH_TABLE
Definition: BlobVerifierSevHashes.c:50