1. devel@edk2.groups.io
  2. Messages
   Date   
[PATCH v2 08/11] OvmfPkg/AmdSev/SecretPei: build hob for full page

Dov Murik
 

Round up the size of the SEV launch secret area to a whole page, as
required by BuildMemoryAllocationHob. This will allow the secret
area defined in the MEMFD to take less than a whole 4KB page.

Cc: Laszlo Ersek <lersek@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ashish Kalra <ashish.kalra@...>
Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Min Xu <min.m.xu@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3457
Signed-off-by: Dov Murik <dovmurik@...>
---
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPe=
i/SecretPei.c
index ad491515dd5d..db4267428e5a 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -15,9 +15,16 @@ InitializeSecretPei (
IN CONST EFI_PEI_SERVICES **PeiServices=0D
)=0D
{=0D
+ UINT64 RoundedSize;=0D
+=0D
+ RoundedSize =3D PcdGet32 (PcdSevLaunchSecretSize);=0D
+ if (RoundedSize % EFI_PAGE_SIZE !=3D 0) {=0D
+ RoundedSize =3D (RoundedSize / EFI_PAGE_SIZE + 1) * EFI_PAGE_SIZE;=0D
+ }=0D
+=0D
BuildMemoryAllocationHob (=0D
PcdGet32 (PcdSevLaunchSecretBase),=0D
- PcdGet32 (PcdSevLaunchSecretSize),=0D
+ RoundedSize,=0D
EfiBootServicesData=0D
);=0D
=0D
--=20
2.25.1
[PATCH v2 06/11] ArmVirtPkg: add NullBlobVerifierLib to DSC

Dov Murik
 

This prepares the ground for calling VerifyBlob() in
QemuKernelLoaderFsDxe.

Cc: Laszlo Ersek <lersek@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Leif Lindholm <leif@...>
Cc: Sami Mujawar <sami.mujawar@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ashish Kalra <ashish.kalra@...>
Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Min Xu <min.m.xu@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3457
Signed-off-by: Dov Murik <dovmurik@...>
---
ArmVirtPkg/ArmVirtQemu.dsc | 5 ++++-
ArmVirtPkg/ArmVirtQemuKernel.dsc | 5 ++++-
2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 7ef5e7297bc7..a0d3592ae0e6 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -440,7 +440,10 @@ [Components.common]
NULL|MdeModulePkg/Library/BootManagerUiLib/BootManagerUiLib.inf=0D
NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanc=
eManagerUiLib.inf=0D
}=0D
- OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf=0D
+ OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf {=0D
+ <LibraryClasses>=0D
+ NULL|OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf=0D
+ }=0D
=0D
#=0D
# Networking stack=0D
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKerne=
l.dsc
index a542fcb157e9..e63a7f0b6d63 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -376,7 +376,10 @@ [Components.common]
NULL|MdeModulePkg/Library/BootManagerUiLib/BootManagerUiLib.inf=0D
NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanc=
eManagerUiLib.inf=0D
}=0D
- OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf=0D
+ OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf {=0D
+ <LibraryClasses>=0D
+ NULL|OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf=0D
+ }=0D
=0D
#=0D
# Networking stack=0D
--=20
2.25.1
[PATCH v2 05/11] OvmfPkg: add NullBlobVerifierLib to DSC

Dov Murik
 

This prepares the ground for calling VerifyBlob() in
QemuKernelLoaderFsDxe.

Cc: Laszlo Ersek <lersek@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ashish Kalra <ashish.kalra@...>
Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Min Xu <min.m.xu@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3457
Signed-off-by: Dov Murik <dovmurik@...>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 6 +++++-
OvmfPkg/OvmfPkgIa32.dsc | 5 ++++-
OvmfPkg/OvmfPkgIa32X64.dsc | 5 ++++-
OvmfPkg/OvmfPkgX64.dsc | 5 ++++-
4 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index aefdcf881c99..8b260df114e3 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -173,6 +173,7 @@ [LibraryClasses]
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf=0D
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/Customize=
dDisplayLib.inf=0D
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltL=
ib.inf=0D
+ BlobVerifierLib|OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf=
=0D
=0D
!if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE=0D
PeCoffExtraActionLib|SourceLevelDebugPkg/Library/PeCoffExtraActionLibDeb=
ug/PeCoffExtraActionLibDebug.inf=0D
@@ -693,7 +694,10 @@ [Components]
NULL|MdeModulePkg/Library/BootManagerUiLib/BootManagerUiLib.inf=0D
NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanc=
eManagerUiLib.inf=0D
}=0D
- OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf=0D
+ OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf {=0D
+ <LibraryClasses>=0D
+ NULL|OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf=0D
+ }=0D
OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf=0D
OvmfPkg/Virtio10Dxe/Virtio10.inf=0D
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf=0D
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index f53efeae7986..68e8a2f74249 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -786,7 +786,10 @@ [Components]
NULL|OvmfPkg/Csm/LegacyBootMaintUiLib/LegacyBootMaintUiLib.inf=0D
!endif=0D
}=0D
- OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf=0D
+ OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf {=0D
+ <LibraryClasses>=0D
+ NULL|OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf=0D
+ }=0D
OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf=0D
OvmfPkg/Virtio10Dxe/Virtio10.inf=0D
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf=0D
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index b3662e17f256..24d9cddc2447 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -800,7 +800,10 @@ [Components.X64]
NULL|OvmfPkg/Csm/LegacyBootMaintUiLib/LegacyBootMaintUiLib.inf=0D
!endif=0D
}=0D
- OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf=0D
+ OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf {=0D
+ <LibraryClasses>=0D
+ NULL|OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf=0D
+ }=0D
OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf=0D
OvmfPkg/Virtio10Dxe/Virtio10.inf=0D
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf=0D
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 0a237a905866..c4907efd7b67 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -798,7 +798,10 @@ [Components]
NULL|OvmfPkg/Csm/LegacyBootMaintUiLib/LegacyBootMaintUiLib.inf=0D
!endif=0D
}=0D
- OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf=0D
+ OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf {=0D
+ <LibraryClasses>=0D
+ NULL|OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf=0D
+ }=0D
OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf=0D
OvmfPkg/Virtio10Dxe/Virtio10.inf=0D
OvmfPkg/VirtioBlkDxe/VirtioBlk.inf=0D
--=20
2.25.1
[PATCH v2 07/11] OvmfPkg/QemuKernelLoaderFsDxe: call VerifyBlob after fetch from fw_cfg

Dov Murik
 

In QemuKernelLoaderFsDxeEntrypoint we use FetchBlob to read the content
of the kernel/initrd/cmdline from the QEMU fw_cfg interface. Insert a
call to VerifyBlob after fetching to allow BlobVerifierLib
implementations to add a verification step for these blobs.

This will allow confidential computing OVMF builds to add verification
mechanisms for these blobs that originate from an untrusted source
(QEMU).

The null implementation of BlobVerifierLib does nothing in VerifyBlob,
and therefore no functional change is expected.

Cc: Laszlo Ersek <lersek@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ashish Kalra <ashish.kalra@...>
Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Min Xu <min.m.xu@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3457
Co-developed-by: James Bottomley <jejb@...>
Signed-off-by: James Bottomley <jejb@...>
Signed-off-by: Dov Murik <dovmurik@...>
---
OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c | 9 +++++++++
1 file changed, 9 insertions(+)

diff --git a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c b/OvmfPk=
g/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
index c7ddd86f5c75..b43330d23b80 100644
--- a/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
+++ b/OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c
@@ -17,6 +17,7 @@
#include <Guid/QemuKernelLoaderFsMedia.h>=0D
#include <Library/BaseLib.h>=0D
#include <Library/BaseMemoryLib.h>=0D
+#include <Library/BlobVerifierLib.h>=0D
#include <Library/DebugLib.h>=0D
#include <Library/DevicePathLib.h>=0D
#include <Library/MemoryAllocationLib.h>=0D
@@ -1039,6 +1040,14 @@ QemuKernelLoaderFsDxeEntrypoint (
if (EFI_ERROR (Status)) {=0D
goto FreeBlobs;=0D
}=0D
+ Status =3D VerifyBlob (=0D
+ CurrentBlob->Name,=0D
+ CurrentBlob->Data,=0D
+ CurrentBlob->Size=0D
+ );=0D
+ if (EFI_ERROR (Status)) {=0D
+ goto FreeBlobs;=0D
+ }=0D
mTotalBlobBytes +=3D CurrentBlob->Size;=0D
}=0D
KernelBlob =3D &mKernelBlob[KernelBlobTypeKernel];=0D
--=20
2.25.1
[PATCH v2 02/11] OvmfPkg/AmdSev: use GenericQemuLoadImageLib in AmdSev builds

Dov Murik
 

Newer kernels support efistub and therefore don't need all the legacy
stuff in X86QemuLoadImageLib, which are harder to secure. Specifically
the verification of kernel/initrd/cmdlien blobs will be added only to
the GenericQemuLoadImageLib implementation, so use that for SEV builds.

Cc: Laszlo Ersek <lersek@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ashish Kalra <ashish.kalra@...>
Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Min Xu <min.m.xu@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3457
Signed-off-by: Dov Murik <dovmurik@...>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 1d487befae08..a2f1324c40a6 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -368,7 +368,7 @@ [LibraryClasses.common.DXE_DRIVER]
PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf=0D
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf=
=0D
- QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib=
.inf=0D
+ QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoad=
ImageLib.inf=0D
!if $(TPM_ENABLE) =3D=3D TRUE=0D
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.i=
nf=0D
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.in=
f=0D
--=20
2.25.1
[PATCH v2 04/11] OvmfPkg: add library class BlobVerifierLib with null implementation

Dov Murik
 

BlobVerifierLib will be used to verify blobs fetching them from QEMU's
firmware config (fw_cfg) in platforms that enable such verification.

The null implementation NullBlobVerifierLib treats all blobs as valid.

Cc: Laszlo Ersek <lersek@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ashish Kalra <ashish.kalra@...>
Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Min Xu <min.m.xu@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3457
Signed-off-by: Dov Murik <dovmurik@...>
---
OvmfPkg/OvmfPkg.dec | 3 ++
OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf | 27 ++++++++++++++
OvmfPkg/Include/Library/BlobVerifierLib.h | 38 +++++++++++++=
+++++++
OvmfPkg/Library/BlobVerifierLib/NullBlobVerifier.c | 34 +++++++++++++=
+++++
4 files changed, 102 insertions(+)

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 6ae733f6e39f..f82228d69cc2 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -23,6 +23,9 @@ [LibraryClasses]
## @libraryclass Access bhyve's firmware control interface.=0D
BhyveFwCtlLib|Include/Library/BhyveFwCtlLib.h=0D
=0D
+ ## @libraryclass Verify blobs read from the VMM=0D
+ BlobVerifierLib|Include/Library/BlobVerifierLib.h=0D
+=0D
## @libraryclass Loads and boots a Linux kernel image=0D
#=0D
LoadLinuxLib|Include/Library/LoadLinuxLib.h=0D
diff --git a/OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf b/Ovmf=
Pkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf
new file mode 100644
index 000000000000..c8942ad05d96
--- /dev/null
+++ b/OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf
@@ -0,0 +1,27 @@
+## @file=0D
+#=0D
+# Null implementation of the blob verifier library.=0D
+#=0D
+# Copyright (C) 2021, IBM Corp=0D
+#=0D
+# SPDX-License-Identifier: BSD-2-Clause-Patent=0D
+#=0D
+##=0D
+=0D
+[Defines]=0D
+ INF_VERSION =3D 0x00010005=0D
+ BASE_NAME =3D NullBlobVerifierLib=0D
+ FILE_GUID =3D b1b5533e-e01a-43bb-9e54-414f00ca036e=
=0D
+ MODULE_TYPE =3D BASE=0D
+ VERSION_STRING =3D 1.0=0D
+ LIBRARY_CLASS =3D BlobVerifierLib=0D
+=0D
+[Sources]=0D
+ NullBlobVerifier.c=0D
+=0D
+[Packages]=0D
+ MdePkg/MdePkg.dec=0D
+ OvmfPkg/OvmfPkg.dec=0D
+=0D
+[LibraryClasses]=0D
+ DebugLib=0D
diff --git a/OvmfPkg/Include/Library/BlobVerifierLib.h b/OvmfPkg/Include/Li=
brary/BlobVerifierLib.h
new file mode 100644
index 000000000000..667024766681
--- /dev/null
+++ b/OvmfPkg/Include/Library/BlobVerifierLib.h
@@ -0,0 +1,38 @@
+/** @file=0D
+=0D
+ Blob verification library=0D
+=0D
+ This library class allows verifiying whether blobs from external sources=
=0D
+ (such as QEMU's firmware config) are trusted.=0D
+=0D
+ Copyright (C) 2021, IBM Corporation=0D
+=0D
+ SPDX-License-Identifier: BSD-2-Clause-Patent=0D
+**/=0D
+=0D
+#ifndef BLOB_VERIFIER_LIB_H__=0D
+#define BLOB_VERIFIER_LIB_H__=0D
+=0D
+#include <Uefi/UefiBaseType.h>=0D
+#include <Base.h>=0D
+=0D
+/**=0D
+ Verify blob from an external source.=0D
+=0D
+ @param BlobName The name of the blob=0D
+ @param Buf The data of the blob=0D
+ @param BufSize The size of the blob in bytes=0D
+=0D
+ @retval EFI_SUCCESS The blob was verified successfully.=0D
+ @retval EFI_ACCESS_DENIED The blob could not be verified, and theref=
ore=0D
+ should be considered non-secure.=0D
+**/=0D
+EFI_STATUS=0D
+EFIAPI=0D
+VerifyBlob (=0D
+ IN CONST CHAR16 *BlobName,=0D
+ IN CONST VOID *Buf,=0D
+ UINT32 BufSize=0D
+ );=0D
+=0D
+#endif=0D
diff --git a/OvmfPkg/Library/BlobVerifierLib/NullBlobVerifier.c b/OvmfPkg/L=
ibrary/BlobVerifierLib/NullBlobVerifier.c
new file mode 100644
index 000000000000..7b31b6ec767d
--- /dev/null
+++ b/OvmfPkg/Library/BlobVerifierLib/NullBlobVerifier.c
@@ -0,0 +1,34 @@
+/** @file=0D
+=0D
+ Null implementation of the blob verifier library.=0D
+=0D
+ Copyright (C) 2021, IBM Corporation=0D
+=0D
+ SPDX-License-Identifier: BSD-2-Clause-Patent=0D
+**/=0D
+=0D
+#include <Library/BaseLib.h>=0D
+#include <Library/DebugLib.h>=0D
+#include <Library/BlobVerifierLib.h>=0D
+=0D
+/**=0D
+ Verify blob from an external source.=0D
+=0D
+ @param BlobName The name of the blob=0D
+ @param Buf The data of the blob=0D
+ @param BufSize The size of the blob in bytes=0D
+=0D
+ @retval EFI_SUCCESS The blob was verified successfully.=0D
+ @retval EFI_ACCESS_DENIED The blob could not be verified, and theref=
ore=0D
+ should be considered non-secure.=0D
+**/=0D
+EFI_STATUS=0D
+EFIAPI=0D
+VerifyBlob (=0D
+ IN CONST CHAR16 *BlobName,=0D
+ IN CONST VOID *Buf,=0D
+ UINT32 BufSize=0D
+ )=0D
+{=0D
+ return EFI_SUCCESS;=0D
+}=0D
--=20
2.25.1
[PATCH v2 03/11] OvmfPkg: PlatformBootManagerLibGrub: Allow executing kernel via fw_cfg

Dov Murik
 

From: James Bottomley <jejb@...>

Support QEMU's -kernel option.

OvmfPkg/Library/PlatformBootManagerLibGrub/QemuKernel.c is an exact copy
of OvmfPkg/Library/PlatformBootManagerLib/QemuKernel.c .

Cc: Laszlo Ersek <lersek@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ashish Kalra <ashish.kalra@...>
Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Min Xu <min.m.xu@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3457
Signed-off-by: James Bottomley <jejb@...>
---
OvmfPkg/AmdSev/AmdSevX64.dsc =
| 1 +
OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf =
| 2 ++
OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h =
| 11 +++++++++++
OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c =
| 5 +++++
OvmfPkg/Library/{PlatformBootManagerLib =3D> PlatformBootManagerLibGrub}/Q=
emuKernel.c | 0
5 files changed, 19 insertions(+)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index a2f1324c40a6..aefdcf881c99 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -281,6 +281,7 @@ [LibraryClasses.common.PEIM]
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuE=
xceptionHandlerLib.inf=0D
MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf=0D
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf=
=0D
+ QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoad=
ImageLib.inf=0D
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf=0D
QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf=0D
=0D
diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManager=
LibGrub.inf b/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManage=
rLibGrub.inf
index 9a806d17ec45..5f6f73d18470 100644
--- a/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub=
.inf
+++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub=
.inf
@@ -23,6 +23,7 @@ [Defines]
=0D
[Sources]=0D
BdsPlatform.c=0D
+ QemuKernel.c=0D
PlatformData.c=0D
BdsPlatform.h=0D
=0D
@@ -46,6 +47,7 @@ [LibraryClasses]
BootLogoLib=0D
DevicePathLib=0D
PciLib=0D
+ QemuLoadImageLib=0D
UefiLib=0D
PlatformBmPrintScLib=0D
Tcg2PhysicalPresenceLib=0D
diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h b/Ovm=
fPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h
index 748c63081920..f1d3a2906c00 100644
--- a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h
+++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h
@@ -172,4 +172,15 @@ PlatformInitializeConsole (
IN PLATFORM_CONSOLE_CONNECT_ENTRY *PlatformConsole=0D
);=0D
=0D
+/**=0D
+ Loads and boots UEFI Linux via the FwCfg interface.=0D
+=0D
+ @retval EFI_NOT_FOUND - The Linux kernel was not found=0D
+=0D
+**/=0D
+EFI_STATUS=0D
+TryRunningQemuKernel (=0D
+ VOID=0D
+ );=0D
+=0D
#endif // _PLATFORM_SPECIFIC_BDS_PLATFORM_H_=0D
diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c b/Ovm=
fPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
index 5c92d4fc2b09..7cceeea4879c 100644
--- a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
@@ -1315,6 +1315,11 @@ PlatformBootManagerAfterConsole (
//=0D
Tcg2PhysicalPresenceLibProcessRequest (NULL);=0D
=0D
+ //=0D
+ // Process QEMU's -kernel command line option=0D
+ //=0D
+ TryRunningQemuKernel ();=0D
+=0D
//=0D
// Perform some platform specific connect sequence=0D
//=0D
diff --git a/OvmfPkg/Library/PlatformBootManagerLib/QemuKernel.c b/OvmfPkg/=
Library/PlatformBootManagerLibGrub/QemuKernel.c
similarity index 100%
copy from OvmfPkg/Library/PlatformBootManagerLib/QemuKernel.c
copy to OvmfPkg/Library/PlatformBootManagerLibGrub/QemuKernel.c
--=20
2.25.1
[PATCH v2 00/11] Measured SEV boot with kernel/initrd/cmdline

Dov Murik
 

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3457

Booting with SEV prevented the loading of kernel, initrd, and kernel
command-line via QEMU fw_cfg interface because they arrive from the VMM
which is untrusted in SEV.

However, in some cases the kernel, initrd, and cmdline are not secret
but should not be modified by the host. In such a case, we want to
verify inside the trusted VM that the kernel, initrd, and cmdline are
indeed the ones expected by the Guest Owner, and only if that is the
case go on and boot them up (removing the need for grub inside OVMF in
that mode).

This patch series reserves an area in MEMFD (previously the last 1KB of
the launch secret page) which will contain the
hashes of these three blobs (kernel, initrd, cmdline), each under its
own GUID entry. This tables of hashes is populated by QEMU before
launch, and encrypted as part of the initial VM memory; this makes sure
theses hashes are part of the SEV measurement (which has to be approved
by the Guest Owner for secret injection, for example). Note that this
requires QEMU support [1].

OVMF parses the table of hashes populated by QEMU (patch 5), and as it
reads the fw_cfg blobs from QEMU, it will verify each one against the
expected hash (kernel and initrd verifiers are introduced in patch 6,
and command-line verifier is introduced in patches 7+8). This is all
done inside the trusted VM context. If all the hashes are correct, boot
of the kernel is allowed to continue.

Any attempt by QEMU to modify the kernel, initrd, cmdline (including
dropping one of them), or to modify the OVMF code that verifies those
hashes, will cause the initial SEV measurement to change and therefore
will be detectable by the Guest Owner during launch before secret
injection.

Relevant part of OVMF serial log during boot with AmdSevX86 build and QEMU with
-kernel/-initrd/-append:

...
SevHashesBlobVerifierLibConstructor: found injected hashes table in secure location
Select Item: 0x17
Select Item: 0x8
FetchBlob: loading 7379328 bytes for "kernel"
Select Item: 0x18
Select Item: 0x11
VerifyBlob: Found GUID 4DE79437-ABD2-427F-B835-D5B172D2045B in table
VerifyBlob: Hash comparison succeeded for entry 'kernel'
Select Item: 0xB
FetchBlob: loading 12483878 bytes for "initrd"
Select Item: 0x12
VerifyBlob: Found GUID 44BAF731-3A2F-4BD7-9AF1-41E29169781D in table
VerifyBlob: Hash comparison succeeded for entry 'initrd'
Select Item: 0x14
FetchBlob: loading 86 bytes for "cmdline"
Select Item: 0x15
VerifyBlob: Found GUID 97D02DD8-BD20-4C94-AA78-E7714D36AB2A in table
VerifyBlob: Hash comparison succeeded for entry 'cmdline'
...

The patch series is organized as follows:

1: Simple comment fix in adjacent area in the code.
2: Use GenericQemuLoadImageLib to gain one location for fw_cfg blob
fetching.
3: Allow the (previously blocked) usage of -kernel in AmdSevX64.
4-7: Add BlobVerifierLib with null implementation and use it in the correct
location in QemuKernelLoaderFsDxe.
8-9: Reserve memory for hashes table, declare this area in the reset vector.
10-11: Add the secure implementation SevHashesBlobVerifierLib and use it in
AmdSevX64 builds.

[1] https://lore.kernel.org/qemu-devel/20210624102040.2015280-1-dovmurik@linux.ibm.com/

Code is at
https://github.com/confidential-containers-demo/edk2/tree/sev-hashes-v2

v2 changes:
- Use the last 1KB of the existing SEV launch secret page for hashes table
(instead of reserving a whole new MEMFD page).
- Build on top of commit cf203024745f ("OvmfPkg/GenericQemuLoadImageLib: Read
cmdline from QemuKernelLoaderFs", 2021-06-28) to have a single location in
which all of kernel/initrd/cmdline are fetched from QEMU.
- Use static linking of the two BlobVerifierLib implemenatations.
- Reorganize series.

v1: https://edk2.groups.io/g/devel/message/75567

Cc: Laszlo Ersek <lersek@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ashish Kalra <ashish.kalra@...>
Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Min Xu <min.m.xu@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Leif Lindholm <leif@...>
Cc: Sami Mujawar <sami.mujawar@...>

Dov Murik (8):
OvmfPkg/AmdSev: use GenericQemuLoadImageLib in AmdSev builds
OvmfPkg: add library class BlobVerifierLib with null implementation
OvmfPkg: add NullBlobVerifierLib to DSC
ArmVirtPkg: add NullBlobVerifierLib to DSC
OvmfPkg/QemuKernelLoaderFsDxe: call VerifyBlob after fetch from fw_cfg
OvmfPkg/AmdSev/SecretPei: build hob for full page
OvmfPkg: add SevHashesBlobVerifierLib
OvmfPkg/AmdSev: Enforce hash verification of kernel blobs

James Bottomley (3):
OvmfPkg/AmdSev/SecretDxe: fix header comment to generic naming
OvmfPkg: PlatformBootManagerLibGrub: Allow executing kernel via fw_cfg
OvmfPkg/AmdSev: reserve MEMFD space for for firmware config hashes

OvmfPkg/OvmfPkg.dec | 9 +
ArmVirtPkg/ArmVirtQemu.dsc | 5 +-
ArmVirtPkg/ArmVirtQemuKernel.dsc | 5 +-
OvmfPkg/AmdSev/AmdSevX64.dsc | 9 +-
OvmfPkg/OvmfPkgIa32.dsc | 5 +-
OvmfPkg/OvmfPkgIa32X64.dsc | 5 +-
OvmfPkg/OvmfPkgX64.dsc | 5 +-
OvmfPkg/AmdSev/AmdSevX64.fdf | 5 +-
OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf | 27 +++
OvmfPkg/Library/BlobVerifierLib/SevHashesBlobVerifierLib.inf | 36 ++++
OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf | 2 +
OvmfPkg/ResetVector/ResetVector.inf | 2 +
OvmfPkg/Include/Library/BlobVerifierLib.h | 38 ++++
OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h | 11 ++
OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 2 +-
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 9 +-
OvmfPkg/Library/BlobVerifierLib/NullBlobVerifier.c | 34 ++++
OvmfPkg/Library/BlobVerifierLib/SevHashesBlobVerifier.c | 199 ++++++++++++++++++++
OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c | 5 +
OvmfPkg/Library/{PlatformBootManagerLib => PlatformBootManagerLibGrub}/QemuKernel.c | 0
OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c | 9 +
OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 20 ++
OvmfPkg/ResetVector/ResetVector.nasmb | 2 +
23 files changed, 434 insertions(+), 10 deletions(-)
create mode 100644 OvmfPkg/Library/BlobVerifierLib/NullBlobVerifierLib.inf
create mode 100644 OvmfPkg/Library/BlobVerifierLib/SevHashesBlobVerifierLib.inf
create mode 100644 OvmfPkg/Include/Library/BlobVerifierLib.h
create mode 100644 OvmfPkg/Library/BlobVerifierLib/NullBlobVerifier.c
create mode 100644 OvmfPkg/Library/BlobVerifierLib/SevHashesBlobVerifier.c
copy OvmfPkg/Library/{PlatformBootManagerLib => PlatformBootManagerLibGrub}/QemuKernel.c (100%)

--
2.25.1
[PATCH v2 01/11] OvmfPkg/AmdSev/SecretDxe: fix header comment to generic naming

Dov Murik
 

From: James Bottomley <jejb@...>

Commit 96201ae7bf97 ("OvmfPkg/AmdSev/SecretDxe: make secret location
naming generic", 2020-12-15) replaced references to SEV with the generic
term Confidential Computing, but missed the file header comment. Fix
the naming in that header.

Cc: Laszlo Ersek <lersek@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ashish Kalra <ashish.kalra@...>
Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Min Xu <min.m.xu@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Signed-off-by: James Bottomley <jejb@...>
---
OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c b/OvmfPkg/AmdSev/SecretDx=
e/SecretDxe.c
index 308022b5b25e..934ad207632b 100644
--- a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
+++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
@@ -1,5 +1,5 @@
/** @file=0D
- SEV Secret configuration table constructor=0D
+ Confidential Computing Secret configuration table constructor=0D
=0D
Copyright (C) 2020 James Bottomley, IBM Corporation.=0D
SPDX-License-Identifier: BSD-2-Clause-Patent=0D
--=20
2.25.1
Re: [PATCH v4 2/3] Acpi: Install Acpi tables for Cloud hypervisor

Sami Mujawar
 

Hi Jianyong,

I should have caught this earlier in my review. However, if you agree, I will do the following changes before pushing the patch.

1. The subject line of the commit message does not confirm to the edk2 coding standard. It should have ‘ArmVirtPkg: <subject line for the patch>’
2. The ACPI table signature can be simplified further. Can you try the following and let me know if it works, please?

diff --git a/ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpi.c b/ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpi.c
index f5a47aa7f3cd..51b012676e7d 100644
--- a/ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpi.c
+++ b/ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpi.c
@@ -52,8 +52,8 @@ FindAcpiTableProtocol (
EFI_STATUS
EFIAPI
InstallCloudHvAcpiTables (
- IN EFI_ACPI_TABLE_PROTOCOL *AcpiProtocol
- )
+ IN EFI_ACPI_TABLE_PROTOCOL *AcpiProtocol
+ )
{
UINTN InstalledKey;
UINTN TableSize;
@@ -97,11 +97,12 @@ InstallCloudHvAcpiTables (
//
// Get DSDT from FADT
//
- if (DsdtPtr == NULL
- && !AsciiStrnCmp ((CHAR8 *)&((EFI_ACPI_COMMON_HEADER *)AcpiTablePtr)->Signature, "FACP", 4)) {
+ if ((DsdtPtr == NULL)
+ && (EFI_ACPI_6_3_FIXED_ACPI_DESCRIPTION_TABLE_SIGNATURE ==
+ ((EFI_ACPI_COMMON_HEADER *)AcpiTablePtr)->Signature)) {
DsdtPtr = (UINT64 *)(((EFI_ACPI_6_3_FIXED_ACPI_DESCRIPTION_TABLE *)AcpiTablePtr)->XDsdt);
}
- }
+ } // while

if (DsdtPtr == NULL) {
DEBUG ((DEBUG_ERROR, "%a: no DSDT found\n", __FUNCTION__));

Regards,

Sami Mujawar

On 05/07/2021, 11:07, "Jianyong Wu" <jianyong.wu@...> wrote:

There is no device like Fw-cfg in Qemu in Cloud Hypervisor, so a specific
Acpi handler is introduced here.

The handler implemented here is in a very simple way:
1. acquire the RSDP from the PCD variable in the top ".dsc";
2. get the XSDT address from RSDP structure;
3. get the ACPI tables following the XSDT structure and install them
one by one;
4. get DSDT address from FADT and install DSDT table.

Cc: Laszlo Ersek <lersek@...>
Cc: Sami Mujawar <sami.mujawar@...>

Signed-off-by: Jianyong Wu <jianyong.wu@...>
---
ArmVirtPkg/ArmVirtPkg.dec | 6 +
.../CloudHvAcpiPlatformDxe.inf | 47 ++++++
.../CloudHvAcpiPlatformDxe/CloudHvAcpi.c | 155 ++++++++++++++++++
3 files changed, 208 insertions(+)
create mode 100644 ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpiPlatformDxe.inf
create mode 100644 ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpi.c

diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec
index bf82f7f1f3f2..4e4d758015bc 100644
--- a/ArmVirtPkg/ArmVirtPkg.dec
+++ b/ArmVirtPkg/ArmVirtPkg.dec
@@ -66,6 +66,12 @@ [PcdsFixedAtBuild, PcdsPatchableInModule]
#
gArmVirtTokenSpaceGuid.PcdTerminalTypeGuidBuffer|{0x65, 0x60, 0xA6, 0xDF, 0x19, 0xB4, 0xD3, 0x11, 0x9A, 0x2D, 0x00, 0x90, 0x27, 0x3F, 0xC1, 0x4D}|VOID*|0x00000007

+ ##
+ # This is the physical address of Rsdp which is the core struct of Acpi.
+ # Cloud Hypervisor has no other way to pass Rsdp address to the guest except use a PCD.
+ #
+ gArmVirtTokenSpaceGuid.PcdCloudHvAcpiRsdpBaseAddress|0x0|UINT64|0x00000005
+
[PcdsDynamic]
#
# Whether to force disable ACPI, regardless of the fw_cfg settings
diff --git a/ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpiPlatformDxe.inf b/ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpiPlatformDxe.inf
new file mode 100644
index 000000000000..01de76486686
--- /dev/null
+++ b/ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpiPlatformDxe.inf
@@ -0,0 +1,47 @@
+## @file
+# ACPI Platform Driver for Cloud Hypervisor
+#
+# Copyright (c) 2021, ARM Limited. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = CloudHvgAcpiPlatform
+ FILE_GUID = 6c76e407-73f2-dc1c-938f-5d6c4691ea93
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ ENTRY_POINT = CloudHvAcpiPlatformEntryPoint
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+ VALID_ARCHITECTURES = AARCH64
+#
+
+[Sources]
+ CloudHvAcpi.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ OvmfPkg/OvmfPkg.dec
+ ArmVirtPkg/ArmVirtPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ DebugLib
+ MemoryAllocationLib
+ OrderedCollectionLib
+ UefiBootServicesTableLib
+ UefiDriverEntryPoint
+
+[Protocols]
+ gEfiAcpiTableProtocolGuid # PROTOCOL ALWAYS_CONSUMED
+
+[Pcd]
+ gArmVirtTokenSpaceGuid.PcdCloudHvAcpiRsdpBaseAddress
+
+[Depex]
+ gEfiAcpiTableProtocolGuid
diff --git a/ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpi.c b/ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpi.c
new file mode 100644
index 000000000000..f5a47aa7f3cd
--- /dev/null
+++ b/ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpi.c
@@ -0,0 +1,155 @@
+/** @file
+ Install Acpi tables for Cloud Hypervisor
+
+ Copyright (c) 2021, Arm Limited. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <IndustryStandard/Acpi63.h>
+#include <Protocol/AcpiTable.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiDriverEntryPoint.h>
+#include <Library/DebugLib.h>
+
+/**
+ Find Acpi table Protocol and return it
+
+ @return AcpiTable Protocol, which is used to handle Acpi Table, on SUCCESS or NULL on FAILURE.
+
+**/
+STATIC
+EFI_ACPI_TABLE_PROTOCOL *
+FindAcpiTableProtocol (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ EFI_ACPI_TABLE_PROTOCOL *AcpiTable;
+
+ Status = gBS->LocateProtocol (
+ &gEfiAcpiTableProtocolGuid,
+ NULL,
+ (VOID**)&AcpiTable
+ );
+ ASSERT_EFI_ERROR (Status);
+ return AcpiTable;
+}
+
+/** Install Acpi tables for Cloud Hypervisor
+
+ @param [in] AcpiProtocol Acpi Protocol which is used to install Acpi talbles
+
+ @return EFI_SUCCESS The table was successfully inserted.
+ @return EFI_INVALID_PARAMETER Either AcpiProtocol, AcpiTablePtr or DsdtPtr is NULL
+ and the size field embedded in the ACPI table pointed
+ by AcpiTablePtr or DsdtPtr are not in sync.
+ @return EFI_OUT_OF_RESOURCES Insufficient resources exist to complete the request.
+ @return EFI_NOT_FOUND DSDT table not found.
+**/
+EFI_STATUS
+EFIAPI
+InstallCloudHvAcpiTables (
+ IN EFI_ACPI_TABLE_PROTOCOL *AcpiProtocol
+ )
+{
+ UINTN InstalledKey;
+ UINTN TableSize;
+ UINTN AcpiTableLength;
+ UINT64 RsdpPtr;
+ UINT64 XsdtPtr;
+ UINT64 TableOffset;
+ UINT64 AcpiTablePtr;
+ UINT64 *DsdtPtr = NULL;
+ EFI_STATUS Status;
+
+ if (AcpiProtocol == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ RsdpPtr = PcdGet64 (PcdCloudHvAcpiRsdpBaseAddress);
+ XsdtPtr = ((EFI_ACPI_6_3_ROOT_SYSTEM_DESCRIPTION_POINTER *)RsdpPtr)->XsdtAddress;
+ AcpiTableLength = ((EFI_ACPI_COMMON_HEADER *)XsdtPtr)->Length;
+ TableOffset = sizeof (EFI_ACPI_DESCRIPTION_HEADER);
+
+ while (TableOffset < AcpiTableLength) {
+ AcpiTablePtr = *(UINT64 *)(XsdtPtr + TableOffset);
+ TableSize = ((EFI_ACPI_COMMON_HEADER *)AcpiTablePtr)->Length;
+
+ //
+ // Install ACPI tables from XSDT
+ //
+ Status = AcpiProtocol->InstallAcpiTable (
+ AcpiProtocol,
+ (VOID *)AcpiTablePtr,
+ TableSize,
+ &InstalledKey
+ );
+
+ if (EFI_ERROR(Status)) {
+ return Status;
+ }
+
+ TableOffset += sizeof (UINT64);
+
+ //
+ // Get DSDT from FADT
+ //
+ if (DsdtPtr == NULL
+ && !AsciiStrnCmp ((CHAR8 *)&((EFI_ACPI_COMMON_HEADER *)AcpiTablePtr)->Signature, "FACP", 4)) {
+ DsdtPtr = (UINT64 *)(((EFI_ACPI_6_3_FIXED_ACPI_DESCRIPTION_TABLE *)AcpiTablePtr)->XDsdt);
+ }
+ }
+
+ if (DsdtPtr == NULL) {
+ DEBUG ((DEBUG_ERROR, "%a: no DSDT found\n", __FUNCTION__));
+ return EFI_NOT_FOUND;
+ }
+
+ //
+ // Install DSDT table
+ //
+ TableSize = ((EFI_ACPI_COMMON_HEADER *)DsdtPtr)->Length;
+ Status = AcpiProtocol->InstallAcpiTable (
+ AcpiProtocol,
+ DsdtPtr,
+ TableSize,
+ &InstalledKey
+ );
+
+ return Status;
+}
+
+/** Entry point for Cloud Hypervisor Platform Dxe
+
+ @param [in] ImageHandle Handle for this image.
+ @param [in] SystemTable Pointer to the EFI system table.
+
+ @return EFI_SUCCESS The table was successfully inserted.
+ @return EFI_INVALID_PARAMETER Either AcpiProtocol, AcpiTablePtr or DsdtPtr is NULL
+ and the size field embedded in the ACPI table pointed to
+ by AcpiTablePtr or DsdtPtr are not in sync.
+ @return EFI_OUT_OF_RESOURCES Insufficient resources exist to complete the request.
+ @return EFI_NOT_FOUND DSDT table not found
+**/
+EFI_STATUS
+EFIAPI
+CloudHvAcpiPlatformEntryPoint (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ Status = InstallCloudHvAcpiTables (FindAcpiTableProtocol ());
+
+ if (EFI_ERROR(Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: Fail to install Acpi table: %r\n", __FUNCTION__,
+ Status));
+ CpuDeadLoop ();
+ }
+
+ return EFI_SUCCESS;
+}
--
2.17.1
Loading EFI module from disk and handing over execution

Andy Pont <andy.pont@...>
 

Originally sent to the edk2-discuss list but with no response. Resending to the edk2-devel list as it appears to have more traffic and active users.

I am currently working on a project using tianocore as a payload for coreboot and have having some problems booting Qubes.

When trying to boot the Qubes ISO image from a USB memory stick it gives the error "Xen must be loaded below 4Gb". Looking at the Xen sources it is making two checks using the ImageBase and ImageSize values in the EFI_LOADED_IMAGE structure. The check that is failing that generates the error is that ((ImageBase + ImageSize) >> 32) isn't 0.

I'm struggling to find the right part of the tianocore sources to see where Xen's \EFI\BOOT\BOOTX64.EFI file is read from the USB stick to be able to see where, and how, ImageBase is setup.

Can anyone point me roughly in the right direction?

-Andy.
"edk2-redfish-client" branch on edk2-staging

Abner Chang
 

Hi all,

FYI, “edk2-redfish-client” branch is created on edk2-staging repository for the future contribution of EDK2 Redfish client implementation. The EDK2 Redfish client is implemented based on EDK2 Redfish foundation (RedfishPkg)to provide the remote platform configuration using EDK2 HII and the standard schemas published by DMTF Redfish TF.

 

Regards,

Abner

 

 
Re: [PATCH] MdeModulePkg/PartitionDxe: Ignore PMBR BootIndicator per UEFI spec

Laszlo Ersek
 

On 07/05/21 11:36, Neal Gompa wrote:
Per UEFI Spec 2.8 (UEFI_Spec_2_8_final.pdf, page 114)
5.2.3 Protective MBR
Table 20. Protective MBR Partition Record protecting the entire disk

The description for BootIndicator states the following:

Set to 0x00 to indicate a non-bootable partition. If set to any
value other than 0x00 the behavior of this flag on non-UEFI
systems is undefined. Must be ignored by UEFI implementations.
Unfortunately, we have been incorrectly assuming that the
BootIndicator value must be 0x00, which leads to problems
when the 'pmbr_boot' flag is set on a disk containing a GPT
(such as with GNU parted). When the flag is set, the value
changes to 0x01, causing this check to fail and the system
is rendered unbootable despite it being valid from the
perspective of the UEFI spec.

To resolve this, we drop the check for the BootIndicator
so that we stop caring about the value set there, which
restores the capability to boot such disks.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3474

Cc: Chris Murphy <chrismurphy@...>
Cc: David Duncan <davdunc@...>
Cc: Lazlo Ersek <lersek@...>
Cc: Hao A Wu <hao.a.wu@...>
Cc: Ray Ni <ray.ni@...>
Cc: Zhichao Gao <zhichao.gao@...>

Signed-off-by: Neal Gompa <ngompa@...>
---
MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
index aefb2d6ecb3f..efaff5e0808f 100644
--- a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
+++ b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
@@ -264,8 +264,7 @@ PartitionInstallGptChildHandles (
// Verify that the Protective MBR is valid
//
for (Index = 0; Index < MAX_MBR_PARTITIONS; Index++) {
- if (ProtectiveMbr->Partition[Index].BootIndicator == 0x00 &&
- ProtectiveMbr->Partition[Index].OSIndicator == PMBR_GPT_PARTITION &&
+ if (ProtectiveMbr->Partition[Index].OSIndicator == PMBR_GPT_PARTITION &&
UNPACK_UINT32 (ProtectiveMbr->Partition[Index].StartingLBA) == 1
) {
break;
Merged as commit b3db0cb1f8d1, via
<https://github.com/tianocore/edk2/pull/1792>.

I fixed up the authorship meta-datum with "git commit --amend
--author='Neal Gompa <ngompa@...>'", per BZ comment
<https://bugzilla.tianocore.org/show_bug.cgi?id=3474#c9>.

Thanks
Laszlo
Re: [PATCH v2] IntelFsp2Pkg: PatchFv parseInfFile function modification

Chiu, Chasel
 

Reviewed-by: Chasel Chiu <chasel.chiu@...>

-----Original Message-----
From: S, Ashraf Ali <ashraf.ali.s@...>
Sent: Monday, July 5, 2021 4:11 PM
To: devel@edk2.groups.io
Cc: S, Ashraf Ali <ashraf.ali.s@...>; Ni, Ray <ray.ni@...>; Chiu,
Chasel <chasel.chiu@...>; Desimone, Nathaniel L
<nathaniel.l.desimone@...>; Zeng, Star <star.zeng@...>
Subject: [PATCH v2] IntelFsp2Pkg: PatchFv parseInfFile function modification

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3476

parseInfFile currently reading the EFI_BASE_ADDRESS from INF, once the
address found still it's continues to read the complete inf file which is not
required. once the EFI_BASE_ADDRESS read from the INF no need to read the
INF further.
MSFT compiler can generate the map file address 8 or 16 based on which
architecture the INF is compiler. currently it's support for IA32, modified the
patchfv to support for all.
modification of few typo errors in parseModMapFile, getCurr function required

Signed-off-by: Ashraf Ali S <ashraf.ali.s@...>
Cc: Ray Ni <ray.ni@...>
Cc: Chasel Chiu <chasel.chiu@...>
Cc: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Star Zeng <star.zeng@...>
---
IntelFsp2Pkg/Tools/PatchFv.py | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/IntelFsp2Pkg/Tools/PatchFv.py b/IntelFsp2Pkg/Tools/PatchFv.py
index 112de4077a..64b4e927a0 100644
--- a/IntelFsp2Pkg/Tools/PatchFv.py
+++ b/IntelFsp2Pkg/Tools/PatchFv.py
@@ -1,6 +1,6 @@
## @ PatchFv.py
#
-# Copyright (c) 2014 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2014 - 2021, Intel Corporation. All rights
+reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -304,10 +304,11 @@
class Symbols:
match = re.match("^EFI_BASE_ADDRESS\s*=\s*(0x[a-fA-F0-9]+)", rptLine)
if match is not None:
self.fdBase = int(match.group(1), 16) - fvOffset
+ break
rptLine = fdIn.readline()
fdIn.close()
if self.fdBase == 0xFFFFFFFF:
- raise Exception("Could not find EFI_BASE_ADDRESS in INF file!" % fvFile)
+ raise Exception("Could not find EFI_BASE_ADDRESS in INF
+ file!" % infFile)
return 0

#
@@ -402,6 +403,7 @@ class Symbols:
#
# retval 0 Parsed MOD MAP file successfully
# retval 1 There is no moduleEntryPoint in modSymbols
+ # retval 2 There is no offset for moduleEntryPoint in modSymbols
#
def parseModMapFile(self, moduleName, mapFile):
#
@@ -426,7 +428,7 @@ class Symbols:
else:
#MSFT
#0003:00000190 _gComBase 00007a50 SerialPo
- patchMapFileMatchString = "^\s[0-9a-fA-F]{4}:[0-9a-fA-
F]{8}\s+(\w+)\s+([0-9a-fA-F]{8}\s+)"
+ patchMapFileMatchString = "^\s[0-9a-fA-F]{4}:[0-9a-fA-
F]{8}\s+(\w+)\s+([0-9a-fA-F]{8,16}\s+)"
matchKeyGroupIndex = 1
matchSymbolGroupIndex = 2
prefix = ''
@@ -455,7 +457,13 @@ class Symbols:
continue

if not moduleEntryPoint in modSymbols:
- return 1
+ if matchSymbolGroupIndex == 1:
+ if not '_ModuleEntryPoint' in modSymbols:
+ return 1
+ else:
+ moduleEntryPoint = "_ModuleEntryPoint"
+ else:
+ return 1

modEntry = '%s:%s' % (moduleName,moduleEntryPoint)
if not modEntry in self.dictSymbolAddress:
@@ -498,7 +506,7 @@ class Symbols:
#
# Get current character
#
- # retval elf.string[self.index]
+ # retval self.string[self.index]
# retval '' Exception
#
def getCurr(self):
--
2.30.2.windows.1
回复: [PATCH v2 2/2] MdeModulePkg: Update YAML file to fix CI error

gaoliming
 

Reviewed-by: Liming Gao <gaoliming@...>

-----邮件原件-----
发件人: Nickle Wang <nickle.wang@...>
发送时间: 2021年7月5日 10:41
收件人: devel@edk2.groups.io
抄送: gaoliming@...; jian.j.wang@...;
hao.a.wu@...; Nickle Wang <nickle.wang@...>
主题: [PATCH v2 2/2] MdeModulePkg: Update YAML file to fix CI error

Add OnigurumaUefiPort.h and OnigurumaUefiPort.c into ECC exception in
MdeModulePkg.ci.yaml in order to fix CI error.

Signed-off-by: Nickle Wang <nickle.wang@...>
---
MdeModulePkg/MdeModulePkg.ci.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/MdeModulePkg.ci.yaml
b/MdeModulePkg/MdeModulePkg.ci.yaml
index 4c71468bd3..8e01caf94c 100644
--- a/MdeModulePkg/MdeModulePkg.ci.yaml
+++ b/MdeModulePkg/MdeModulePkg.ci.yaml
@@ -3,6 +3,7 @@
#

# Copyright (c) Microsoft Corporation

# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>

+# (C) Copyright 2021 Hewlett Packard Enterprise Development LP<BR>

# SPDX-License-Identifier: BSD-2-Clause-Patent

##

{

@@ -24,7 +25,9 @@
"Library/BrotliCustomDecompressLib/brotli",

"Universal/RegularExpressionDxe/oniguruma",

"Library/LzmaCustomDecompressLib/Sdk/DOC",

- "Library/LzmaCustomDecompressLib/Sdk/C"

+ "Library/LzmaCustomDecompressLib/Sdk/C",

+ "Universal/RegularExpressionDxe/OnigurumaUefiPort.h",

+ "Universal/RegularExpressionDxe/OnigurumaUefiPort.c"

]

},

## options defined ci/Plugin/CompilerPlugin

--
2.31.1.windows.1
Cancelled Event: TianoCore Bug Triage - APAC / NAMO - Tuesday, July 6, 2021 #cal-cancelled

devel@edk2.groups.io Calendar <noreply@...>
 

Cancelled: TianoCore Bug Triage - APAC / NAMO

This event has been cancelled.

When:
Tuesday, July 6, 2021
6:30pm to 7:30pm
(UTC-07:00) America/Los Angeles

Where:
https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTUyZTg2NjgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%22b286b53a-1218-4db3-bfc9-3d4c5aa7669e%22%7d

Organizer: Liming Gao gaoliming@...

Description:

TianoCore Bug Triage - APAC / NAMO

Hosted by Liming Gao

 

________________________________________________________________________________

Microsoft Teams meeting

Join on your computer or mobile app

Click here to join the meeting

Join with a video conferencing device

teams@...

Video Conference ID: 116 062 094 0

Alternate VTC dialing instructions

Or call in (audio only)

+1 916-245-6934,,77463821#   United States, Sacramento

Phone Conference ID: 774 638 21#

Find a local number | Reset PIN

Learn More | Meeting options

Calendar
Calendar

回复: [edk2-devel] Event: TianoCore Bug Triage - APAC / NAMO - 07/06/2021 #cal-reminder

gaoliming
 

Few new issues are submitted this week. Let’s cancel the meeting.

 

3465

EDK2

Tools

unassigned@...

UNCO

Build tools cannot parse #if FixedPcdGetBool , used in header file of Structure PCD

Mon 08:23

madhusudhan.nimbuja@...

3473

EDK2

Code

ray.ni@...

UNCO

UefiCpuPkg VTF0 X64: Build page tables using Linear-Address Translation to a 1-GByte Page

Sun 07:28

ashraf.ali.s@...

2424

Tianocor

Code

yonghong.zhu@...

UNCO

TLSv1.3 support

2021-06-29

prarthanasv@...

3466

Tianocor

Code

unassigned@...

UNCO

CryptoPkg: consume OpenSSL 3.0

2021-06-29

lersek@...

3446

Tianocor

Code

unassigned@...

UNCO

TianoCore missing support for Specification 2.8 Items

2021-06-23

kevin.davis@...

 

Thanks

Liming

 

发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 devel@edk2.groups.io Calendar
发送时间: 202176 9:30
收件人: devel@edk2.groups.io
主题: [edk2-devel] Event: TianoCore Bug Triage - APAC / NAMO - 07/06/2021 #cal-reminder

 

Reminder: TianoCore Bug Triage - APAC / NAMO

When:
07/06/2021
6:30pm to 7:30pm
(UTC-07:00) America/Los Angeles

Where:
https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTUyZTg2NjgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%22b286b53a-1218-4db3-bfc9-3d4c5aa7669e%22%7d

Organizer: Liming Gao gaoliming@...

View Event

Description:

TianoCore Bug Triage - APAC / NAMO

Hosted by Liming Gao

 

________________________________________________________________________________

Microsoft Teams meeting

Join on your computer or mobile app

Click here to join the meeting

Join with a video conferencing device

teams@...

Video Conference ID: 116 062 094 0

Alternate VTC dialing instructions

Or call in (audio only)

+1 916-245-6934,,77463821#   United States, Sacramento

Phone Conference ID: 774 638 21#

Find a local number | Reset PIN

Learn More | Meeting options

Re: [PATCH] UefiCpuPkg/ExceptionLib: Conditionally clear shadow stack token busy bit

Sheng Wei
 

Hi Eric,
Thank you for the review and give review by.
Could you help to submit the patch to the edk2 branch?
I just attached the patch file.
BR
Sheng Wei

-----Original Message-----
From: Dong, Eric <eric.dong@...>
Sent: 2021年7月6日 10:53
To: Sheng, W <w.sheng@...>; devel@edk2.groups.io
Cc: Ni, Ray <ray.ni@...>; Laszlo Ersek <lersek@...>; Kumar,
Rahul1 <rahul1.kumar@...>; Yao, Jiewen <jiewen.yao@...>;
Zhuang, Qihua <qihua.zhuang@...>; Dong, Daquan
<daquan.dong@...>; Tong, Justin <justin.tong@...>; Xu, Tom
<tom.xu@...>
Subject: RE: [PATCH] UefiCpuPkg/ExceptionLib: Conditionally clear shadow
stack token busy bit

Reviewed-by: Eric Dong <eric.dong@...>

-----Original Message-----
From: Sheng, W <w.sheng@...>
Sent: Friday, July 2, 2021 1:29 PM
To: devel@edk2.groups.io
Cc: Dong, Eric <eric.dong@...>; Ni, Ray <ray.ni@...>; Laszlo
Ersek <lersek@...>; Kumar, Rahul1 <rahul1.kumar@...>; Yao,
Jiewen <jiewen.yao@...>; Zhuang, Qihua <qihua.zhuang@...>;
Dong, Daquan <daquan.dong@...>; Tong, Justin
<justin.tong@...>; Xu, Tom <tom.xu@...>
Subject: [PATCH] UefiCpuPkg/ExceptionLib: Conditionally clear shadow stack
token busy bit

When enter SMM exception, there will be a stack switch only if the IST field
of the interrupt gate is set. When CET shadow stack feature is enabled, if
there is a stack switch between SMM exception and SMM, the shadow stack
token busy bit needs to be cleared when return from SMM exception to
SMM. In UEFI BIOS, only page fault exception does the stack swith when
SMM shack guard feature is enabled. The condition of clear shadow stack
token busy bit should be SMM stack guard enabled, CET shadows stack
feature enabled and page fault exception.
The shadow stack token should be initialized by UINT64.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3462

Signed-off-by: Sheng Wei <w.sheng@...>
Cc: Eric Dong <eric.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Laszlo Ersek <lersek@...>
Cc: Rahul Kumar <rahul1.kumar@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Qihua Zhuang <qihua.zhuang@...>
Cc: Daquan Dong <daquan.dong@...>
Cc: Justin Tong <justin.tong@...>
Cc: Tom Xu <tom.xu@...>
---
.../X64/Xcode5ExceptionHandlerAsm.nasm | 83 +++++++++++----------
-
UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 2 +-
2 files changed, 43 insertions(+), 42 deletions(-)

diff --git
a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/Xcode5ExceptionHandle
rAsm.nasm
b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/Xcode5ExceptionHandle
rAsm.nasm
index ebe0eec874..4881a02848 100644
---
a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/Xcode5ExceptionHandle
rAsm.nasm
+++
b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/Xcode5ExceptionHandl
+++ erAsm.nasm
@@ -20,6 +20,7 @@
;

%define VC_EXCEPTION 29
+%define PF_EXCEPTION 14

extern ASM_PFX(mErrorCodeFlag) ; Error code flags for exceptions
extern ASM_PFX(mDoFarReturnFlag) ; Do far return flag @@ -279,6 +280,46
@@ DrFinish:
call ASM_PFX(CommonExceptionHandler)
add rsp, 4 * 8 + 8

+ ; The follow algorithm is used for clear shadow stack token busy bit.
+ ; The comment is based on the sample shadow stack.
+ ; The sample shadow stack layout :
+ ; Address | Context
+ ; +-------------------------+
+ ; 0xFD0 | FREE | it is 0xFD8|0x02|(LMA & CS.L), after
SAVEPREVSSP.
+ ; +-------------------------+
+ ; 0xFD8 | Prev SSP |
+ ; +-------------------------+
+ ; 0xFE0 | RIP |
+ ; +-------------------------+
+ ; 0xFE8 | CS |
+ ; +-------------------------+
+ ; 0xFF0 | 0xFF0 | BUSY | BUSY flag cleared after CLRSSBSY
+ ; +-------------------------+
+ ; 0xFF8 | 0xFD8|0x02|(LMA & CS.L) |
+ ; +-------------------------+
+ ; Instructions for Intel Control Flow Enforcement Technology (CET) are
supported since NASM version 2.15.01.
+ cmp qword [ASM_PFX(mDoFarReturnFlag)], 0
+ jz CetDone
+ cmp qword [rbp + 8], PF_EXCEPTION ; check if it is a Page Fault
+ jnz CetDone
+ cmp byte [dword ASM_PFX(FeaturePcdGet (PcdCpuSmmStackGuard))],
0
+ jz CetDone
+ mov rax, cr4
+ and rax, 0x800000 ; check if CET is enabled
+ jz CetDone
+ ; SSP should be 0xFD8 at this point
+ mov rax, 0x04 ; advance past cs:lip:prevssp;supervisor shadow
stack token
+ INCSSP_RAX ; After this SSP should be 0xFF8
+ SAVEPREVSSP ; now the shadow stack restore token will be
created at 0xFD0
+ READSSP_RAX ; Read new SSP, SSP should be 0x1000
+ sub rax, 0x10
+ CLRSSBSY_RAX ; Clear token at 0xFF0, SSP should be 0 after this
+ sub rax, 0x20
+ RSTORSSP_RAX ; Restore to token at 0xFD0, new SSP will be 0xFD0
+ mov rax, 0x01 ; Pop off the new save token created
+ INCSSP_RAX ; SSP should be 0xFD8 now
+CetDone:
+
cli
;; UINT64 ExceptionData;
add rsp, 8
@@ -373,47 +414,7 @@ DoReturn:
push qword [rax + 0x18] ; save EFLAGS in new location
mov rax, [rax] ; restore rax
popfq ; restore EFLAGS
-
- ; The follow algorithm is used for clear shadow stack token busy bit.
- ; The comment is based on the sample shadow stack.
- ; The sample shadow stack layout :
- ; Address | Context
- ; +-------------------------+
- ; 0xFD0 | FREE | it is 0xFD8|0x02|(LMA & CS.L), after
SAVEPREVSSP.
- ; +-------------------------+
- ; 0xFD8 | Prev SSP |
- ; +-------------------------+
- ; 0xFE0 | RIP |
- ; +-------------------------+
- ; 0xFE8 | CS |
- ; +-------------------------+
- ; 0xFF0 | 0xFF0 | BUSY | BUSY flag cleared after CLRSSBSY
- ; +-------------------------+
- ; 0xFF8 | 0xFD8|0x02|(LMA & CS.L) |
- ; +-------------------------+
- ; Instructions for Intel Control Flow Enforcement Technology (CET) are
supported since NASM version 2.15.01.
- push rax ; SSP should be 0xFD8 at this point
- cmp byte [dword ASM_PFX(FeaturePcdGet (PcdCpuSmmStackGuard))],
0
- jz CetDone
- mov rax, cr4
- and rax, 0x800000 ; check if CET is enabled
- jz CetDone
- mov rax, 0x04 ; advance past cs:lip:prevssp;supervisor shadow
stack token
- INCSSP_RAX ; After this SSP should be 0xFF8
- SAVEPREVSSP ; now the shadow stack restore token will be
created at 0xFD0
- READSSP_RAX ; Read new SSP, SSP should be 0x1000
- push rax
- sub rax, 0x10
- CLRSSBSY_RAX ; Clear token at 0xFF0, SSP should be 0 after this
- sub rax, 0x20
- RSTORSSP_RAX ; Restore to token at 0xFD0, new SSP will be 0xFD0
- pop rax
- mov rax, 0x01 ; Pop off the new save token created
- INCSSP_RAX ; SSP should be 0xFD8 now
-CetDone:
- pop rax ; restore rax
-
- DB 0x48 ; prefix to composite "retq" with next "retf"
+ DB 0x48 ; prefix to composite "retq" with next "retf"
retf ; far return
DoIret:
iretq
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
index 661c1ba294..ca3f5ff91a 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
@@ -202,7 +202,7 @@ InitShadowStack (
// Please refer to UefiCpuPkg/Library/CpuExceptionHandlerLib/X64 for
the full stack frame at runtime.
//
InterruptSsp = (UINT32)((UINTN)ShadowStack + EFI_PAGES_TO_SIZE(1) -
sizeof(UINT64));
- *(UINT32 *)(UINTN)InterruptSsp = (InterruptSsp - sizeof(UINT64) * 4) |
0x2;
+ *(UINT64 *)(UINTN)InterruptSsp = (InterruptSsp - sizeof(UINT64) *
+ 4) | 0x2;
mCetInterruptSsp = InterruptSsp - sizeof(UINT64);

mCetInterruptSspTable = (UINT32)(UINTN)(mSmmInterruptSspTables +
sizeof(UINT64) * 8 * CpuIndex);
--
2.16.2.windows.1

?
0001-UefiCpuPkg-ExceptionLib-Conditionally-clear-shadow-s.patch

Re: [PATCH] UefiCpuPkg/ExceptionLib: Conditionally clear shadow stack token busy bit

Dong, Eric
 

Reviewed-by: Eric Dong <eric.dong@...>

-----Original Message-----
From: Sheng, W <w.sheng@...>
Sent: Friday, July 2, 2021 1:29 PM
To: devel@edk2.groups.io
Cc: Dong, Eric <eric.dong@...>; Ni, Ray <ray.ni@...>; Laszlo Ersek <lersek@...>; Kumar, Rahul1 <rahul1.kumar@...>; Yao, Jiewen <jiewen.yao@...>; Zhuang, Qihua <qihua.zhuang@...>; Dong, Daquan <daquan.dong@...>; Tong, Justin <justin.tong@...>; Xu, Tom <tom.xu@...>
Subject: [PATCH] UefiCpuPkg/ExceptionLib: Conditionally clear shadow stack token busy bit

When enter SMM exception, there will be a stack switch only if the IST field of the interrupt gate is set. When CET shadow stack feature is enabled, if there is a stack switch between SMM exception and SMM, the shadow stack token busy bit needs to be cleared when return from SMM exception to SMM. In UEFI BIOS, only page fault exception does the stack swith when SMM shack guard feature is enabled. The condition of clear shadow stack token busy bit should be SMM stack guard enabled, CET shadows stack feature enabled and page fault exception.
The shadow stack token should be initialized by UINT64.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3462

Signed-off-by: Sheng Wei <w.sheng@...>
Cc: Eric Dong <eric.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Laszlo Ersek <lersek@...>
Cc: Rahul Kumar <rahul1.kumar@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Qihua Zhuang <qihua.zhuang@...>
Cc: Daquan Dong <daquan.dong@...>
Cc: Justin Tong <justin.tong@...>
Cc: Tom Xu <tom.xu@...>
---
.../X64/Xcode5ExceptionHandlerAsm.nasm | 83 +++++++++++-----------
UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 2 +-
2 files changed, 43 insertions(+), 42 deletions(-)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/Xcode5ExceptionHandlerAsm.nasm b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/Xcode5ExceptionHandlerAsm.nasm
index ebe0eec874..4881a02848 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/Xcode5ExceptionHandlerAsm.nasm
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/Xcode5ExceptionHandl
+++ erAsm.nasm
@@ -20,6 +20,7 @@
;

%define VC_EXCEPTION 29
+%define PF_EXCEPTION 14

extern ASM_PFX(mErrorCodeFlag) ; Error code flags for exceptions
extern ASM_PFX(mDoFarReturnFlag) ; Do far return flag @@ -279,6 +280,46 @@ DrFinish:
call ASM_PFX(CommonExceptionHandler)
add rsp, 4 * 8 + 8

+ ; The follow algorithm is used for clear shadow stack token busy bit.
+ ; The comment is based on the sample shadow stack.
+ ; The sample shadow stack layout :
+ ; Address | Context
+ ; +-------------------------+
+ ; 0xFD0 | FREE | it is 0xFD8|0x02|(LMA & CS.L), after SAVEPREVSSP.
+ ; +-------------------------+
+ ; 0xFD8 | Prev SSP |
+ ; +-------------------------+
+ ; 0xFE0 | RIP |
+ ; +-------------------------+
+ ; 0xFE8 | CS |
+ ; +-------------------------+
+ ; 0xFF0 | 0xFF0 | BUSY | BUSY flag cleared after CLRSSBSY
+ ; +-------------------------+
+ ; 0xFF8 | 0xFD8|0x02|(LMA & CS.L) |
+ ; +-------------------------+
+ ; Instructions for Intel Control Flow Enforcement Technology (CET) are supported since NASM version 2.15.01.
+ cmp qword [ASM_PFX(mDoFarReturnFlag)], 0
+ jz CetDone
+ cmp qword [rbp + 8], PF_EXCEPTION ; check if it is a Page Fault
+ jnz CetDone
+ cmp byte [dword ASM_PFX(FeaturePcdGet (PcdCpuSmmStackGuard))], 0
+ jz CetDone
+ mov rax, cr4
+ and rax, 0x800000 ; check if CET is enabled
+ jz CetDone
+ ; SSP should be 0xFD8 at this point
+ mov rax, 0x04 ; advance past cs:lip:prevssp;supervisor shadow stack token
+ INCSSP_RAX ; After this SSP should be 0xFF8
+ SAVEPREVSSP ; now the shadow stack restore token will be created at 0xFD0
+ READSSP_RAX ; Read new SSP, SSP should be 0x1000
+ sub rax, 0x10
+ CLRSSBSY_RAX ; Clear token at 0xFF0, SSP should be 0 after this
+ sub rax, 0x20
+ RSTORSSP_RAX ; Restore to token at 0xFD0, new SSP will be 0xFD0
+ mov rax, 0x01 ; Pop off the new save token created
+ INCSSP_RAX ; SSP should be 0xFD8 now
+CetDone:
+
cli
;; UINT64 ExceptionData;
add rsp, 8
@@ -373,47 +414,7 @@ DoReturn:
push qword [rax + 0x18] ; save EFLAGS in new location
mov rax, [rax] ; restore rax
popfq ; restore EFLAGS
-
- ; The follow algorithm is used for clear shadow stack token busy bit.
- ; The comment is based on the sample shadow stack.
- ; The sample shadow stack layout :
- ; Address | Context
- ; +-------------------------+
- ; 0xFD0 | FREE | it is 0xFD8|0x02|(LMA & CS.L), after SAVEPREVSSP.
- ; +-------------------------+
- ; 0xFD8 | Prev SSP |
- ; +-------------------------+
- ; 0xFE0 | RIP |
- ; +-------------------------+
- ; 0xFE8 | CS |
- ; +-------------------------+
- ; 0xFF0 | 0xFF0 | BUSY | BUSY flag cleared after CLRSSBSY
- ; +-------------------------+
- ; 0xFF8 | 0xFD8|0x02|(LMA & CS.L) |
- ; +-------------------------+
- ; Instructions for Intel Control Flow Enforcement Technology (CET) are supported since NASM version 2.15.01.
- push rax ; SSP should be 0xFD8 at this point
- cmp byte [dword ASM_PFX(FeaturePcdGet (PcdCpuSmmStackGuard))], 0
- jz CetDone
- mov rax, cr4
- and rax, 0x800000 ; check if CET is enabled
- jz CetDone
- mov rax, 0x04 ; advance past cs:lip:prevssp;supervisor shadow stack token
- INCSSP_RAX ; After this SSP should be 0xFF8
- SAVEPREVSSP ; now the shadow stack restore token will be created at 0xFD0
- READSSP_RAX ; Read new SSP, SSP should be 0x1000
- push rax
- sub rax, 0x10
- CLRSSBSY_RAX ; Clear token at 0xFF0, SSP should be 0 after this
- sub rax, 0x20
- RSTORSSP_RAX ; Restore to token at 0xFD0, new SSP will be 0xFD0
- pop rax
- mov rax, 0x01 ; Pop off the new save token created
- INCSSP_RAX ; SSP should be 0xFD8 now
-CetDone:
- pop rax ; restore rax
-
- DB 0x48 ; prefix to composite "retq" with next "retf"
+ DB 0x48 ; prefix to composite "retq" with next "retf"
retf ; far return
DoIret:
iretq
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
index 661c1ba294..ca3f5ff91a 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
@@ -202,7 +202,7 @@ InitShadowStack (
// Please refer to UefiCpuPkg/Library/CpuExceptionHandlerLib/X64 for the full stack frame at runtime.
//
InterruptSsp = (UINT32)((UINTN)ShadowStack + EFI_PAGES_TO_SIZE(1) - sizeof(UINT64));
- *(UINT32 *)(UINTN)InterruptSsp = (InterruptSsp - sizeof(UINT64) * 4) | 0x2;
+ *(UINT64 *)(UINTN)InterruptSsp = (InterruptSsp - sizeof(UINT64) *
+ 4) | 0x2;
mCetInterruptSsp = InterruptSsp - sizeof(UINT64);

mCetInterruptSspTable = (UINT32)(UINTN)(mSmmInterruptSspTables + sizeof(UINT64) * 8 * CpuIndex);
--
2.16.2.windows.1
Re: [PATCH] MdeModulePkg/PartitionDxe: Ignore PMBR BootIndicator per UEFI spec

Wu, Hao A
 

-----Original Message-----
From: Neal Gompa <ngompa@...>
Sent: Monday, July 5, 2021 5:36 PM
To: devel@edk2.groups.io
Cc: Neal Gompa <ngompa@...>; Chris Murphy
<chrismurphy@...>; David Duncan <davdunc@...>;
Lazlo Ersek <lersek@...>; Wu, Hao A <hao.a.wu@...>; Ni,
Ray <ray.ni@...>; Gao, Zhichao <zhichao.gao@...>
Subject: [PATCH] MdeModulePkg/PartitionDxe: Ignore PMBR BootIndicator
per UEFI spec

Per UEFI Spec 2.8 (UEFI_Spec_2_8_final.pdf, page 114)
5.2.3 Protective MBR
Table 20. Protective MBR Partition Record protecting the entire disk

The description for BootIndicator states the following:

Set to 0x00 to indicate a non-bootable partition. If set to any
value other than 0x00 the behavior of this flag on non-UEFI
systems is undefined. Must be ignored by UEFI implementations.
Unfortunately, we have been incorrectly assuming that the
BootIndicator value must be 0x00, which leads to problems
when the 'pmbr_boot' flag is set on a disk containing a GPT
(such as with GNU parted). When the flag is set, the value
changes to 0x01, causing this check to fail and the system
is rendered unbootable despite it being valid from the
perspective of the UEFI spec.

To resolve this, we drop the check for the BootIndicator
so that we stop caring about the value set there, which
restores the capability to boot such disks.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3474

Cc: Chris Murphy <chrismurphy@...>
Cc: David Duncan <davdunc@...>
Cc: Lazlo Ersek <lersek@...>
Cc: Hao A Wu <hao.a.wu@...>
Cc: Ray Ni <ray.ni@...>
Cc: Zhichao Gao <zhichao.gao@...>

Signed-off-by: Neal Gompa <ngompa@...>
---
MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
index aefb2d6ecb3f..efaff5e0808f 100644
--- a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
+++ b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
@@ -264,8 +264,7 @@ PartitionInstallGptChildHandles (
// Verify that the Protective MBR is valid

//

for (Index = 0; Index < MAX_MBR_PARTITIONS; Index++) {

- if (ProtectiveMbr->Partition[Index].BootIndicator == 0x00 &&

- ProtectiveMbr->Partition[Index].OSIndicator == PMBR_GPT_PARTITION
&&

+ if (ProtectiveMbr->Partition[Index].OSIndicator ==
PMBR_GPT_PARTITION &&

Thanks a lot for the fix.
Reviewed-by: Hao A Wu <hao.a.wu@...>

Best Regards,
Hao Wu


UNPACK_UINT32 (ProtectiveMbr->Partition[Index].StartingLBA) == 1

) {

break;

--
2.31.1
24361 - 24380 of 101797