tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/OvmfPkg/Tcg/TdTcg2Pei/TdTcg2Pei.c

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

197 lines
5.5 KiB
C
Raw Normal View History

OvmfPkg/TdTcg2Pei: Add TdTcg2Pei to install gEdkiiCcPpi TdTcg2Pei is added to install the gEdkiiCcPpi for a TD-Guest. Cc: Erdem Aktas <erdemaktas@google.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Elena Reshetova <elena.reshetova@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
2024-09-27 07:08:09 +02:00
/** @file
This module implements EDKII CC Measurement PPI.
Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <PiPei.h>
#include <Ppi/CcMeasurement.h>
#include <Library/DebugLib.h>
#include <Library/PeiServicesLib.h>
#include <Library/TdxLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/BaseCryptLib.h>
#include <Library/HobLib.h>
#include <Library/TdxHelperLib.h>
/**
Do a hash operation on a data buffer, extend a specific RTMR with the hash result,
and build a GUIDed HOB recording the event.
@param[in] Flags Bitmap providing additional information.
@param[in] HashData Physical address of the start of the data buffer
to be hashed, extended, and logged.
@param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
@param[in] EventType Type of the Event.
@param[in] MrIndex CC Mr Index.
@param[in] EventData Physical address of the start of the data buffer.
@param[in] EventSize The length, in bytes, of the buffer referenced by EventData.
@retval EFI_SUCCESS Operation completed successfully.
@retval Others The operation failed with an unexpected error.
**/
EFI_STATUS
TdxPeiHashLogExtendEvent (
IN UINT64 Flags,
IN UINT8 *HashData,
IN UINT64 HashDataLen,
IN UINT32 EventType,
IN UINT32 MrIndex,
IN UINT8 *EventData,
IN UINT32 EventSize
)
{
EFI_STATUS Status;
UINT8 Digest[SHA384_DIGEST_SIZE];
Status = TdxHelperHashAndExtendToRtmr (
MrIndex - 1,
HashData,
(UINTN)HashDataLen,
Digest,
SHA384_DIGEST_SIZE
);
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "%a: HashAndExtendToRtmr failed with %r\n", __func__, Status));
return Status;
}
Status = TdxHelperBuildTdxMeasurementGuidHob (
MrIndex - 1,
EventType,
EventData,
EventSize,
Digest,
SHA384_DIGEST_SIZE
);
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "%a: BuildTdxMeasurementGuidHob failed with %r\n", __func__, Status));
}
return Status;
}
/**
Do a hash operation on a data buffer, extend a specific RTMR with the hash result,
and build a GUIDed HOB recording the event which will be passed to the DXE phase and
added into the Event Log.
@param[in] This Indicates the calling context
@param[in] Flags Bitmap providing additional information.
@param[in] HashData Physical address of the start of the data buffer to be hashed.
@param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData.
@param[in] NewEventHdr Pointer to a CC_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@retval EFI_SUCCESS Operation completed successfully.
@retval Others The operation failed with an unexpected error.
**/
EFI_STATUS
EFIAPI
TdHashLogExtendEvent (
IN EDKII_CC_PPI *This,
IN UINT64 Flags,
IN EFI_PHYSICAL_ADDRESS DataToHash,
IN UINTN DataToHashLen,
IN CC_EVENT_HDR *NewEventHdr,
IN UINT8 *NewEventData
)
{
EFI_STATUS Status;
DEBUG ((DEBUG_VERBOSE, "TdHashLogExtendEvent ...\n"));
if ((This == NULL) || (NewEventHdr == NULL)) {
return EFI_INVALID_PARAMETER;
}
//
// Do not check hash data size for EV_NO_ACTION event.
//
if ((NewEventHdr->EventType != EV_NO_ACTION) && (DataToHash == 0)) {
return EFI_INVALID_PARAMETER;
}
if (NewEventHdr->MrIndex == CC_MR_INDEX_0_MRTD) {
DEBUG ((DEBUG_ERROR, "%a: MRTD cannot be extended in TDVF.\n", __func__));
return EFI_INVALID_PARAMETER;
}
if (NewEventHdr->MrIndex >= CC_MR_INDEX_INVALID) {
DEBUG ((DEBUG_ERROR, "%a: MrIndex is invalid. (%d)\n", __func__, NewEventHdr->MrIndex));
return EFI_INVALID_PARAMETER;
}
Status = TdxPeiHashLogExtendEvent (
Flags,
(UINT8 *)(UINTN)DataToHash,
DataToHashLen,
NewEventHdr->EventType,
NewEventHdr->MrIndex,
NewEventData,
NewEventHdr->EventSize
);
DEBUG ((DEBUG_VERBOSE, "TdHashLogExtendEvent - %r\n", Status));
return Status;
}
EFI_STATUS
EFIAPI
TdMapPcrToMrIndex (
IN EDKII_CC_PPI *This,
IN UINT32 PCRIndex,
OUT UINT32 *MrIndex
)
{
*MrIndex = TdxHelperMapPcrToMrIndex (PCRIndex);
return EFI_SUCCESS;
}
EDKII_CC_PPI mEdkiiCcPpi = {
TdHashLogExtendEvent,
TdMapPcrToMrIndex
};
EFI_PEI_PPI_DESCRIPTOR mCcPpiList = {
EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
&gEdkiiCcPpiGuid,
&mEdkiiCcPpi
};
/**
Entry point of this module.
@param[in] FileHandle Handle of the file being invoked.
@param[in] PeiServices Describes the list of possible PEI Services.
@return Status.
**/
EFI_STATUS
EFIAPI
PeimEntryMA (
IN EFI_PEI_FILE_HANDLE FileHandle,
IN CONST EFI_PEI_SERVICES **PeiServices
)
{
EFI_STATUS Status;
if (!TdIsEnabled ()) {
return EFI_UNSUPPORTED;
}
Status = PeiServicesInstallPpi (&mCcPpiList);
DEBUG ((DEBUG_INFO, "%a::CC Measurement PPI install Status is %r.\n", __func__, Status));
return Status;
}