Skip to content

Commit

Permalink
td-shim: measure payload only when EXTENDMR is not set
Browse files Browse the repository at this point in the history
Payload should not be measured by td-shim if the `EXTENDMR` is set
in metadata attribute.

Signed-off-by: Jiaqi Gao <[email protected]>
  • Loading branch information
gaojiaqi7 authored and jyao1 committed Nov 8, 2023
1 parent fdb7102 commit 8623615
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 3 deletions.
18 changes: 15 additions & 3 deletions td-shim/src/bin/td-shim/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,7 @@ pub extern "win64" fn _start(
// If the Payload Information GUID HOB is present, try to boot the Linux kernel.
if let Some(payload_info) = dynamic_info.payload_info {
boot_linux_kernel(
&static_info,
&payload_info,
&dynamic_info.acpi_tables,
&mem,
Expand All @@ -154,12 +155,18 @@ pub extern "win64" fn _start(
);
}

boot_builtin_payload(&mut mem, &mut td_event_log, &dynamic_info.acpi_tables);
boot_builtin_payload(
&static_info,
&mut mem,
&mut td_event_log,
&dynamic_info.acpi_tables,
);

panic!("payload entry() should not return here, deadloop!!!");
}

fn boot_linux_kernel(
static_info: &BootTimeStatic,
kernel_info: &PayloadInfo,
acpi_tables: &Vec<&[u8]>,
mem: &memory::Memory,
Expand All @@ -184,7 +191,9 @@ fn boot_linux_kernel(
let payload_parameter = mem.get_dynamic_mem_slice(SliceType::PayloadParameter);

// Record the payload binary/paramater into event log.
log_payload_binary(payload, event_log);
if static_info.payload_extend_rtmr() {
log_payload_binary(payload, event_log);
}
log_payload_parameter(payload_parameter, event_log);

let mailbox = mem.get_dynamic_mem_slice_mut(SliceType::RelocatedMailbox);
Expand All @@ -203,6 +212,7 @@ fn boot_linux_kernel(
}

fn boot_builtin_payload(
static_info: &BootTimeStatic,
mem: &mut memory::Memory,
event_log: &mut CcEventLogWriter,
acpi_tables: &Vec<&[u8]>,
Expand All @@ -222,7 +232,9 @@ fn boot_builtin_payload(
}

// Record the payload binary information into event log.
log_payload_binary(payload_bin, event_log);
if static_info.payload_extend_rtmr() {
log_payload_binary(payload_bin, event_log);
}

// Create an EV_SEPARATOR event to mark the end of the td-shim events
event_log.create_seperator();
Expand Down
14 changes: 14 additions & 0 deletions td-shim/src/bin/td-shim/shim_info.rs
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,11 @@ pub struct BootTimeStatic {
// If metadata contains one/more `PermMem` sections,
// TD-Shim should ignore the memory information in TD HOB.
metadata_has_perm: bool,

// If metadata contains `Payload` section and the attribute
// is `1` (PAGE.AUG), the payload is not extended into MRTD and will
// be measured into RTMR[1]
payload_extend_rtmr: bool,
}

impl BootTimeStatic {
Expand Down Expand Up @@ -76,12 +81,16 @@ impl BootTimeStatic {
let mut offset = metadata_offset + TDX_METADATA_DESCRIPTOR_LEN;
let mut sections = Vec::new();
let mut metadata_has_perm = false;
let mut payload_extend_rtmr = false;

for _ in 0..descriptor.number_of_section_entry {
let section = firmware.pread::<TdxMetadataSection>(offset as usize).ok()?;
if section.r#type == TDX_METADATA_SECTION_TYPE_PERM_MEM {
metadata_has_perm = true;
}
if section.r#type == TDX_METADATA_SECTION_TYPE_PAYLOAD && section.attributes == 0 {
payload_extend_rtmr = true;
}

sections.push(section);
offset += TDX_METADATA_SECTION_LEN;
Expand All @@ -96,12 +105,17 @@ impl BootTimeStatic {
Some(Self {
sections,
metadata_has_perm,
payload_extend_rtmr,
})
}

pub fn sections(&self) -> &[TdxMetadataSection] {
self.sections.as_slice()
}

pub fn payload_extend_rtmr(&self) -> bool {
self.payload_extend_rtmr
}
}

pub struct BootTimeDynamic<'a> {
Expand Down

0 comments on commit 8623615

Please sign in to comment.