OvmfPkg: Create SP800155 HOBs from QemuFwCfgFile

Signed firmware measurements are allowed to be passed along to in the
TCG and CC event logs according to the TCG PC Client Platform Firware
Profile. The event logs include events that Tcg2Dxe reads from
appropriately GUIDed HOBs, so allow opt/org.tianocode/sp800155evts to
pass along events that the VMM sees fit to provide.

The VMM may provide reference measurements through UEFI variables that
it references from the SP800-155 event3 structure given the appropriate
RIM locator type, or via URL, etc.

After the uint16-sized events are read from fw_cfg, they are written
one-by-one to EFI_HOB_GUID_TYPE HOBs created for the events. The name
they target gTcg800155PlatformIdEventHobGuid for the later Dxe driver
to use to extend the event log. The sizes are expected to be in the
architecture's endianness.

The internal consistency of the event, i.e., the fact that the sum total
of sizes present in the event are within the range of the
opt/org.tianocode/sp800155evts file size, is not checked, as it will
only be parsed by an event log analyzer that will need to perform its
own validity checking.

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>

OvmfPkg/PlatformPei/Platform.c

@@ -40,6 +40,7 @@
 #include <OvmfPlatforms.h>
 
 #include "Platform.h"
+#include "PlatformId.h"
 
 EFI_PEI_PPI_DESCRIPTOR  mPpiBootMode[] = {
   {
@@ -363,6 +364,7 @@ InitializePlatform (
     MiscInitializationForMicrovm (PlatformInfoHob);
   } else {
     MiscInitialization (PlatformInfoHob);
+    PlatformIdInitialization (PeiServices);
   }
 
   IntelTdxInitialize ();

OvmfPkg/PlatformPei/PlatformId.c

@@ -0,0 +1,155 @@
+/**@file
+  PlatformId Event HOB creation
+
+  Copyright (c) 2024, Google LLC. All rights reserved.<BR>
+
+  SPDX-License-Identifier: Apache-2.0
+
+**/
+
+#include <Guid/TcgEventHob.h>
+#include <IndustryStandard/UefiTcgPlatform.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/HobLib.h>
+#include <Library/PeiServicesLib.h>
+#include <Library/QemuFwCfgLib.h>
+
+/**
+ * Reads a first 2 bytes as a size, then determines if Buffer + 2 + size
+ * exceeds the BufferEnd. Returns EFI_BUFFER_TOO_SMALL if so, otherwise
+ * EFI_SUCCESS. If EFI_SUCCESS, *EvtSize contains the value stored in the 2
+ * byte header, and *Buffer[out] contains *Buffer[in] + 2 to advance past the 2
+ * byte size.
+*/
+STATIC
+EFI_STATUS
+ConsumeUint16Str (
+  IN OUT UINT8   **Buffer,
+  IN     UINT8   *BufferEnd,
+  OUT    UINT16  *EvtSize
+  )
+{
+  UINTN  BufferSize;
+  UINT8  *Start = *Buffer;
+
+  if (Start > BufferEnd) {
+    return EFI_BUFFER_TOO_SMALL;
+  }
+
+  BufferSize = BufferEnd - Start;
+  if (BufferSize < sizeof (UINT16)) {
+    return EFI_BUFFER_TOO_SMALL;
+  }
+
+  *EvtSize = *(UINT16 *)Start;
+  if (BufferSize < *EvtSize + sizeof (UINT16)) {
+    return EFI_BUFFER_TOO_SMALL;
+  }
+
+  *Buffer = Start + sizeof (UINT16);
+  return EFI_SUCCESS;
+}
+
+/**
+ * Creates an EFI_HOB_TYPE_GUID_EXTENSION HOB for each uint16 string in the
+ * span [Evts, Evts + EvtsSize).
+ * Associates the string data with gTcg800155PlatformIdEventHobGuid. Any unused
+ * bytes or out-of-bounds event sizes are considered corrupted and are
+ * discarded.
+**/
+STATIC
+VOID
+PlatformIdRegisterSp800155 (
+  IN EFI_PEI_SERVICES  **PeiServices,
+  IN UINT8             *Evts,
+  IN UINTN             EvtsSize
+  )
+{
+  EFI_STATUS         Status;
+  UINT16             EvtSize;
+  VOID               *Hob;
+  EFI_HOB_GUID_TYPE  *GuidHob;
+  UINT8              *Evt;
+  UINT8              *EvtsEnd;
+  UINT8              *EvtDest;
+
+  Evt     = Evts;
+  EvtsEnd = Evts + EvtsSize;
+  while (Evt != EvtsEnd) {
+    Status = ConsumeUint16Str (&Evt, EvtsEnd, &EvtSize);
+    if (EFI_ERROR (Status)) {
+      DEBUG ((
+        DEBUG_ERROR,
+        "%a: malformed eventdata event in fw_cfg, "
+        "skipping\n",
+        __func__
+        ));
+      goto done;
+    }
+
+    Status = (*PeiServices)->CreateHob (
+                               PeiServices,
+                               EFI_HOB_TYPE_GUID_EXTENSION,
+                               sizeof (EFI_HOB_GUID_TYPE) + EvtSize,
+                               &Hob
+                               );
+    // If the proposed size is too much, ignore the host message and continue.
+    if (Status == EFI_SUCCESS) {
+      GuidHob = (EFI_HOB_GUID_TYPE *)Hob;
+      CopyGuid (&GuidHob->Name, &gTcg800155PlatformIdEventHobGuid);
+      EvtDest = (UINT8 *)GET_GUID_HOB_DATA (Hob);
+      CopyMem (EvtDest, Evt, EvtSize);
+      // Fill the remaining HOB padding bytes with 0s.
+      SetMem (EvtDest + EvtSize, GET_GUID_HOB_DATA_SIZE (Hob) - EvtSize, 0);
+    }
+
+    Evt += EvtSize;
+  }
+}
+
+VOID
+PlatformIdInitialization (
+  IN CONST EFI_PEI_SERVICES  **PeiServices
+  )
+{
+  EFI_STATUS            Status;
+  UINTN                 NumPages;
+  EFI_PHYSICAL_ADDRESS  Pages;
+  FIRMWARE_CONFIG_ITEM  FdtItem;
+  UINTN                 FdtSize;
+  UINT8                 *Evts;
+
+  //
+  // The format of opt/org.tianocode/sp800155evts is expected to be a sequence of
+  // uint16-sized byte strings, each of which contain event data in the form of
+  // tdTCG_Sp800_155_PlatformId_Event2 or tdTCG_Sp800_155_PlatformId_Event3.
+  //
+  Status = QemuFwCfgFindFile ("opt/org.tianocode/sp800155evts", &FdtItem, &FdtSize);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_INFO, "%a: no opt/org.tianocode/sp800155evts found in fw_cfg, skipping\n", __func__));
+    return;
+  }
+
+  NumPages = EFI_SIZE_TO_PAGES (FdtSize);
+  Status   = (*PeiServices)->AllocatePages (
+                               PeiServices,
+                               EfiBootServicesData,
+                               NumPages,
+                               &Pages
+                               );
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "%a: %d pages could not be allocated for opt/org.tianocode/sp800155evts\n", __func__));
+    return;
+  }
+
+  Evts = (UINT8 *)(UINTN)Pages;
+  QemuFwCfgSelectItem (FdtItem);
+  QemuFwCfgReadBytes (FdtSize, Evts);
+  PlatformIdRegisterSp800155 (PeiServices, Evts, FdtSize);
+
+done:
+  Status = (*PeiServices)->FreePages (PeiServices, Pages, NumPages);
+  ASSERT_EFI_ERROR (Status);
+}

OvmfPkg/PlatformPei/PlatformId.h

@@ -0,0 +1,26 @@
+/** @file
+  PlatformId internal header for PlatformPei
+
+  Copyright (c) 2024, Google LLC. All rights reserved.<BR>
+  SPDX-License-Identifier: Apache-2.0
+
+**/
+
+#ifndef __PLATFORM_PEI_PLATFORMID_H__
+#define __PLATFORM_PEI_PLATFORMID_H__
+
+
+/**
+ * Reads opt/org.tianocode/sp800155evts as a stream of uint16 byte strings and
+ * registers the contents of each in the gTcg800155PlatformIdEventHobGuid for
+ * the later Tcg2Dxe driver to write to the event log as unmeasured events.
+ * These events inform the event log analyzer of firmware provenance and
+ * reference integrity manifests.
+**/
+VOID
+PlatformIdInitialization (
+  IN CONST EFI_PEI_SERVICES  **PeiServices
+  );
+
+
+#endif // __PLATFORM_PEI_PLATFORMID_H__

OvmfPkg/PlatformPei/PlatformPei.inf

@@ -31,6 +31,8 @@
   MemTypeInfo.c
   Platform.c
   Platform.h
+  PlatformId.c
+  PlatformId.h
   IntelTdx.c
   SmmRelocation.c
 
@@ -47,6 +49,7 @@
   gFdtHobGuid
   gUefiOvmfPkgPlatformInfoGuid
   gGhcbApicIdsGuid
+  gTcg800155PlatformIdEventHobGuid              ## SOMETIMES_PRODUCES
 
 [LibraryClasses]
   BaseLib
@@ -148,4 +151,3 @@
 
 [Depex]
   TRUE
-