[edk2-devel] [PATCH 0/2] AmdSev: Harden SEV Kernel hashes verifier

2024-05-08 Thread Tobin Feldman-Fitzthum
The AmdSev package has a so-called BlobVerifier, which is meant to extend the TCB of a confidential guest (SEV or SNP) to include components provided via fw_cfg such as initrd, kernel, kernel params. This series fixes a few implementation errors in the blob verifier. One common theme is that the v

Re: [edk2-devel] [PATCH 0/2] AmdSev: Harden SEV Kernel hashes verifier

2024-06-26 Thread Aithal, Srikanth via groups.io
Hello, SEV/SEVES guest boot fails with AMDSEV OVMF package built using upstream edk2 master [commit head: 2fbaaa96d11ad61a9133df1728e3fe965d1457a5]. SEV/SEVES guest boot with AMDSEV package gets stuck at below point: Plain Text |2024-06-26 04:38:02: FetchBlob: loading 14332416 bytes for "ker

Re: [edk2-devel] [PATCH 0/2] AmdSev: Harden SEV Kernel hashes verifier

2024-06-26 Thread Aithal, Srikanth via groups.io
On 6/26/2024 7:28 PM, Tobin Feldman-Fitzthum wrote: On 6/26/24 4:08 AM, Aithal, Srikanth wrote: Hello, SEV/SEVES guest boot fails with AMDSEV OVMF package built using upstream edk2 master [commit head: 2fbaaa96d11ad61a9133df1728e3fe965d1457a5]. SEV/SEVES guest boot with AMDSEV package gets

Re: [edk2-devel] [PATCH 0/2] AmdSev: Harden SEV Kernel hashes verifier

2024-06-26 Thread Tobin Feldman-Fitzthum
On 6/26/24 4:08 AM, Aithal, Srikanth wrote: Hello, SEV/SEVES guest boot fails with AMDSEV OVMF package built using upstream edk2 master [commit head: 2fbaaa96d11ad61a9133df1728e3fe965d1457a5]. SEV/SEVES guest boot with AMDSEV package gets stuck at below point: Plain Text 2024-06-26 04: 38:

Re: [edk2-devel] [PATCH 0/2] AmdSev: Harden SEV Kernel hashes verifier

2024-06-27 Thread Tobin Feldman-Fitzthum
On 6/26/24 10:33 AM, Aithal, Srikanth wrote: On 6/26/2024 7:28 PM, Tobin Feldman-Fitzthum wrote: On 6/26/24 4:08 AM, Aithal, Srikanth wrote: Hello, SEV/SEVES guest boot fails with AMDSEV OVMF package built using upstream edk2 master [commit head: 2fbaaa96d11ad61a9133df1728e3fe965d1457a5]