TianoCore EDK2 master
Loading...
Searching...
No Matches
TdxMeasurementHob.c
Go to the documentation of this file.
1
10#include <PiPei.h>
11#include <Library/BaseLib.h>
12#include <Library/BaseMemoryLib.h>
13#include <Library/DebugLib.h>
14#include <IndustryStandard/Tpm20.h>
15#include <IndustryStandard/UefiTcgPlatform.h>
16#include <Library/HobLib.h>
17#include <Library/PrintLib.h>
18#include <Library/TcgEventLogRecordLib.h>
19#include <WorkArea.h>
20
21#pragma pack(1)
22
23#define HANDOFF_TABLE_DESC "TdxTable"
24typedef struct {
25 UINT8 TableDescriptionSize;
26 UINT8 TableDescription[sizeof (HANDOFF_TABLE_DESC)];
27 UINT64 NumberOfTables;
28 EFI_CONFIGURATION_TABLE TableEntry[1];
29} TDX_HANDOFF_TABLE_POINTERS2;
30
31#pragma pack()
32
33#define FV_HANDOFF_TABLE_DESC "Fv(XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX)"
34typedef PLATFORM_FIRMWARE_BLOB2_STRUCT CFV_HANDOFF_TABLE_POINTERS2;
35
54STATIC
55EFI_STATUS
56BuildTdxMeasurementGuidHob (
57 UINT32 RtmrIndex,
58 UINT32 EventType,
59 UINT8 *EventData,
60 UINT32 EventSize,
61 UINT8 *HashValue,
62 UINT32 HashSize
63 )
64{
65 VOID *EventHobData;
66 UINT8 *Ptr;
67 TPML_DIGEST_VALUES *TdxDigest;
68
69 if (HashSize != SHA384_DIGEST_SIZE) {
70 return EFI_INVALID_PARAMETER;
71 }
72
73 #define TDX_DIGEST_VALUE_LEN (sizeof (UINT32) + sizeof (TPMI_ALG_HASH) + SHA384_DIGEST_SIZE)
74
75 EventHobData = BuildGuidHob (
76 &gCcEventEntryHobGuid,
77 sizeof (TCG_PCRINDEX) + sizeof (TCG_EVENTTYPE) +
78 TDX_DIGEST_VALUE_LEN +
79 sizeof (UINT32) + EventSize
80 );
81
82 if (EventHobData == NULL) {
83 return EFI_OUT_OF_RESOURCES;
84 }
85
86 Ptr = (UINT8 *)EventHobData;
87
88 //
89 // There are 2 types of measurement registers in TDX: MRTD and RTMR[0-3].
90 // According to UEFI Spec 2.10 Section 38.4.1, RTMR[0-3] is mapped to MrIndex[1-4].
91 // So RtmrIndex must be increased by 1 before the event log is created.
92 //
93 RtmrIndex++;
94 CopyMem (Ptr, &RtmrIndex, sizeof (UINT32));
95 Ptr += sizeof (UINT32);
96
97 CopyMem (Ptr, &EventType, sizeof (TCG_EVENTTYPE));
98 Ptr += sizeof (TCG_EVENTTYPE);
99
100 TdxDigest = (TPML_DIGEST_VALUES *)Ptr;
101 TdxDigest->count = 1;
102 TdxDigest->digests[0].hashAlg = TPM_ALG_SHA384;
103 CopyMem (
104 TdxDigest->digests[0].digest.sha384,
105 HashValue,
106 SHA384_DIGEST_SIZE
107 );
108 Ptr += TDX_DIGEST_VALUE_LEN;
109
110 CopyMem (Ptr, &EventSize, sizeof (UINT32));
111 Ptr += sizeof (UINT32);
112
113 CopyMem (Ptr, (VOID *)EventData, EventSize);
114 Ptr += EventSize;
115
116 return EFI_SUCCESS;
117}
118
130VOID *
131GetFvName (
132 IN EFI_PHYSICAL_ADDRESS FvBase,
133 IN UINT64 FvLength
134 )
135{
136 EFI_FIRMWARE_VOLUME_HEADER *FvHeader;
137 EFI_FIRMWARE_VOLUME_EXT_HEADER *FvExtHeader;
138
139 if (FvBase >= MAX_ADDRESS) {
140 return NULL;
141 }
142
143 if (FvLength >= MAX_ADDRESS - FvBase) {
144 return NULL;
145 }
146
147 if (FvLength < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {
148 return NULL;
149 }
150
151 FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)FvBase;
152 if (FvHeader->ExtHeaderOffset < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {
153 return NULL;
154 }
155
156 if (FvHeader->ExtHeaderOffset + sizeof (EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {
157 return NULL;
158 }
159
160 FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + FvHeader->ExtHeaderOffset);
161
162 return &FvExtHeader->FvName;
163}
164
172EFI_STATUS
173InternalBuildGuidHobForTdxMeasurement (
174 VOID
175 )
176{
177 EFI_STATUS Status;
178 OVMF_WORK_AREA *WorkArea;
179 VOID *TdHobList;
180 TDX_HANDOFF_TABLE_POINTERS2 HandoffTables;
181 VOID *FvName;
182 CFV_HANDOFF_TABLE_POINTERS2 FvBlob2;
183 EFI_PHYSICAL_ADDRESS FvBase;
184 UINT64 FvLength;
185 UINT8 *HashValue;
186
187 if (!TdIsEnabled ()) {
188 ASSERT (FALSE);
189 return EFI_UNSUPPORTED;
190 }
191
192 WorkArea = (OVMF_WORK_AREA *)FixedPcdGet32 (PcdOvmfWorkAreaBase);
193 if (WorkArea == NULL) {
194 return EFI_ABORTED;
195 }
196
197 Status = EFI_SUCCESS;
198
199 //
200 // Build the GuidHob for TdHob measurement
201 //
202 TdHobList = (VOID *)(UINTN)FixedPcdGet32 (PcdOvmfSecGhcbBase);
203 if (WorkArea->TdxWorkArea.SecTdxWorkArea.TdxMeasurementsData.MeasurementsBitmap & TDX_MEASUREMENT_TDHOB_BITMASK) {
204 HashValue = WorkArea->TdxWorkArea.SecTdxWorkArea.TdxMeasurementsData.TdHobHashValue;
205 HandoffTables.TableDescriptionSize = sizeof (HandoffTables.TableDescription);
206 CopyMem (HandoffTables.TableDescription, HANDOFF_TABLE_DESC, sizeof (HandoffTables.TableDescription));
207 HandoffTables.NumberOfTables = 1;
208 CopyGuid (&(HandoffTables.TableEntry[0].VendorGuid), &gUefiOvmfPkgTokenSpaceGuid);
209 HandoffTables.TableEntry[0].VendorTable = TdHobList;
210
211 Status = BuildTdxMeasurementGuidHob (
212 0, // RtmrIndex
213 EV_EFI_HANDOFF_TABLES2, // EventType
214 (UINT8 *)(UINTN)&HandoffTables, // EventData
215 sizeof (HandoffTables), // EventSize
216 HashValue, // HashValue
217 SHA384_DIGEST_SIZE // HashSize
218 );
219 }
220
221 if (EFI_ERROR (Status)) {
222 ASSERT (FALSE);
223 return Status;
224 }
225
226 //
227 // Build the GuidHob for Cfv measurement
228 //
229 if (WorkArea->TdxWorkArea.SecTdxWorkArea.TdxMeasurementsData.MeasurementsBitmap & TDX_MEASUREMENT_CFVIMG_BITMASK) {
230 HashValue = WorkArea->TdxWorkArea.SecTdxWorkArea.TdxMeasurementsData.CfvImgHashValue;
231 FvBase = (UINT64)PcdGet32 (PcdOvmfFlashNvStorageVariableBase);
232 FvLength = (UINT64)PcdGet32 (PcdCfvRawDataSize);
233 FvBlob2.BlobDescriptionSize = sizeof (FvBlob2.BlobDescription);
234 CopyMem (FvBlob2.BlobDescription, FV_HANDOFF_TABLE_DESC, sizeof (FvBlob2.BlobDescription));
235 FvName = GetFvName (FvBase, FvLength);
236 if (FvName != NULL) {
237 AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "Fv(%g)", FvName);
238 }
239
240 FvBlob2.BlobBase = FvBase;
241 FvBlob2.BlobLength = FvLength;
242
243 Status = BuildTdxMeasurementGuidHob (
244 0, // RtmrIndex
245 EV_EFI_PLATFORM_FIRMWARE_BLOB2, // EventType
246 (VOID *)&FvBlob2, // EventData
247 sizeof (FvBlob2), // EventSize
248 HashValue, // HashValue
249 SHA384_DIGEST_SIZE // HashSize
250 );
251 }
252
253 if (EFI_ERROR (Status)) {
254 ASSERT (FALSE);
255 return Status;
256 }
257
258 return EFI_SUCCESS;
259}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
MAX_ADDRESS
#define MAX_ADDRESS
Definition: ProcessorBind.h:137
BuildGuidHob
VOID *EFIAPI BuildGuidHob(IN CONST EFI_GUID *Guid, IN UINTN DataLength)
Definition: HobLib.c:336
SHA384_DIGEST_SIZE
#define SHA384_DIGEST_SIZE
Definition: BaseCryptLib.h:49
CopyMem
VOID *EFIAPI CopyMem(OUT VOID *DestinationBuffer, IN CONST VOID *SourceBuffer, IN UINTN Length)
Definition: CopyMemWrapper.c:41
CopyGuid
GUID *EFIAPI CopyGuid(OUT GUID *DestinationGuid, IN CONST GUID *SourceGuid)
Definition: MemLibGuid.c:39
AsciiSPrint
UINTN EFIAPI AsciiSPrint(OUT CHAR8 *StartOfBuffer, IN UINTN BufferSize, IN CONST CHAR8 *FormatString,...)
Definition: PrintLib.c:813
NULL
#define NULL
Definition: Base.h:319
STATIC
#define STATIC
Definition: Base.h:264
FALSE
#define FALSE
Definition: Base.h:307
IN
#define IN
Definition: Base.h:279
TdIsEnabled
BOOLEAN EFIAPI TdIsEnabled()
Definition: IntelTdxNull.c:79
FixedPcdGet32
#define FixedPcdGet32(TokenName)
Definition: PcdLib.h:92
PcdGet32
#define PcdGet32(TokenName)
Definition: PcdLib.h:362
GetFvName
VOID * GetFvName(IN EFI_PHYSICAL_ADDRESS FvBase, IN UINT64 FvLength)
Definition: TdxMeasurementHob.c:131
InternalBuildGuidHobForTdxMeasurement
EFI_STATUS InternalBuildGuidHobForTdxMeasurement(VOID)
Definition: TdxMeasurementHob.c:173
BuildTdxMeasurementGuidHob
STATIC EFI_STATUS BuildTdxMeasurementGuidHob(UINT32 RtmrIndex, UINT32 EventType, UINT8 *EventData, UINT32 EventSize, UINT8 *HashValue, UINT32 HashSize)
Definition: TdxMeasurementHob.c:56
EFI_PHYSICAL_ADDRESS
UINT64 EFI_PHYSICAL_ADDRESS
Definition: UefiBaseType.h:50
EFI_STATUS
RETURN_STATUS EFI_STATUS
Definition: UefiBaseType.h:29
EFI_SUCCESS
#define EFI_SUCCESS
Definition: UefiBaseType.h:112
EFI_CONFIGURATION_TABLE
Definition: UefiSpec.h:2014
EFI_CONFIGURATION_TABLE::VendorTable
VOID * VendorTable
Definition: UefiSpec.h:2022
EFI_CONFIGURATION_TABLE::VendorGuid
EFI_GUID VendorGuid
Definition: UefiSpec.h:2018
EFI_FIRMWARE_VOLUME_EXT_HEADER
Definition: PiFirmwareVolume.h:160
EFI_FIRMWARE_VOLUME_EXT_HEADER::FvName
EFI_GUID FvName
Definition: PiFirmwareVolume.h:164
EFI_FIRMWARE_VOLUME_HEADER
Definition: PiFirmwareVolume.h:99
EFI_FIRMWARE_VOLUME_HEADER::ExtHeaderOffset
UINT16 ExtHeaderOffset
Definition: PiFirmwareVolume.h:133
PLATFORM_FIRMWARE_BLOB2_STRUCT
Definition: TcgEventLogRecordLib.h:17
TDX_HANDOFF_TABLE_POINTERS2
Definition: TdxMeasurementHob.c:24
TPML_DIGEST_VALUES
Definition: Tpm20.h:1073
OVMF_WORK_AREA
Definition: WorkArea.h:107