From 935343cf1639a28530904a1e8d73d6517a07cbff Mon Sep 17 00:00:00 2001 From: Min M Xu Date: Thu, 2 Feb 2023 17:03:14 +0800 Subject: [PATCH] OvmfPkg/AcpiPlatformDxe: Measure ACPI table from QEMU in TDVF https://bugzilla.tianocore.org/show_bug.cgi?id=4245 QEMU provides the following three files for guest to install the ACPI tables: - etc/acpi/rsdp - etc/acpi/tables - etc/table-loader "etc/acpi/rsdp" and "etc/acpi/tables" are similar, they are only kept separate because they have different allocation requirements in SeaBIOS. Both of these fw_cfg files contain preformatted ACPI payload. "etc/acpi/rsdp" contains only the RSDP table, while "etc/acpi/tables" contains all other tables, concatenated. To be noted, the tables in these two files have been filled in by qemu, but two kinds of fields are incomplete: pointers to other tables and checksums (which depend on the pointers). "/etc/table-loader" is a linker/loader which provides the commands to "patch" the tables in "etc/acpi/tables" and then install them. "Patch" means to fill the pointers and compute the checksum. From the security perspective these 3 files are the raw data downloaded from qemu. They should be measured and extended before they're consumed. Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Gerd Hoffmann Cc: Tom Lendacky Cc: Michael Roth Signed-off-by: Min Xu Reviewed-by: Jiewen Yao Acked-by: Gerd Hoffmann --- OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf | 1 + OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c | 32 +++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf b/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf index 8939dde425..3fd0483b50 100644 --- a/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf +++ b/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf @@ -46,6 +46,7 @@ UefiBootServicesTableLib UefiDriverEntryPoint HobLib + TpmMeasurementLib [Protocols] gEfiAcpiTableProtocolGuid # PROTOCOL ALWAYS_CONSUMED diff --git a/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c b/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c index f0d81d6fd7..68abc34f22 100644 --- a/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c +++ b/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c @@ -10,6 +10,7 @@ #include // EFI_ACPI_DESCRIPTION_HEADER #include // QEMU_LOADER_FNAME_SIZE +#include #include // AsciiStrCmp() #include // CopyMem() #include // DEBUG() @@ -18,6 +19,7 @@ #include // QemuFwCfgFindFile() #include // QemuFwCfgS3Enabled() #include // gBS +#include #include "AcpiPlatform.h" @@ -415,6 +417,21 @@ ProcessCmdAllocate ( (UINT64)Blob->Size, (UINT64)(UINTN)Blob->Base )); + + // + // Measure the data which is downloaded from QEMU. + // It has to be done before it is consumed. Because the data will + // be updated in the following operations. + // + TpmMeasureAndLogData ( + 1, + EV_PLATFORM_CONFIG_FLAGS, + EV_POSTCODE_INFO_ACPI_DATA, + ACPI_DATA_LEN, + (VOID *)(UINTN)Blob->Base, + Blob->Size + ); + return EFI_SUCCESS; FreeBlob: @@ -1126,6 +1143,21 @@ InstallQemuFwCfgTables ( QemuFwCfgSelectItem (FwCfgItem); QemuFwCfgReadBytes (FwCfgSize, LoaderStart); RestorePciDecoding (OriginalPciAttributes, OriginalPciAttributesCount); + + // + // Measure the "etc/table-loader" which is downloaded from QEMU. + // It has to be done before it is consumed. Because it would be + // updated in the following operations. + // + TpmMeasureAndLogData ( + 1, + EV_PLATFORM_CONFIG_FLAGS, + EV_POSTCODE_INFO_ACPI_DATA, + ACPI_DATA_LEN, + (VOID *)(UINTN)LoaderStart, + FwCfgSize + ); + LoaderEnd = LoaderStart + FwCfgSize / sizeof *LoaderEntry; AllocationsRestrictedTo32Bit = NULL;