conf: Validate TDX launchSecurity element mrConfigId/mrOwner/mrOwnerConfig

mrConfigId/mrOwner/mrOwnerConfig are base64 encoded SHA384 digest,
can be provided for TDX attestation.

Check their decoded lengths to ensure they are 48 bytes.

Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>

diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index 9b7418ccb5583dc4493bed98fb6b6a0675a85744..40edecef8377e6c385d8401dfbcb2b6d5d4a9b86 100644 (file)
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -1915,10 +1915,13 @@ virDomainDefValidateIOThreads(const virDomainDef *def)
     } \
 }
 
+#define SHA384_DIGEST_SIZE  48
+
 static int
 virDomainDefLaunchSecurityValidate(const virDomainDef *def)
 {
     virDomainSEVSNPDef *sev_snp;
+    virDomainTDXDef *tdx;
 
     if (!def->sec)
         return 0;
@@ -1933,10 +1936,17 @@ virDomainDefLaunchSecurityValidate(const virDomainDef *def)
         CHECK_BASE64_LEN(sev_snp->host_data, "hostData", 32);
         break;
 
+    case VIR_DOMAIN_LAUNCH_SECURITY_TDX:
+        tdx = &def->sec->data.tdx;
+
+        CHECK_BASE64_LEN(tdx->mrconfigid, "mrConfigId", SHA384_DIGEST_SIZE);
+        CHECK_BASE64_LEN(tdx->mrowner, "mrOwner", SHA384_DIGEST_SIZE);
+        CHECK_BASE64_LEN(tdx->mrownerconfig, "mrOwnerConfig", SHA384_DIGEST_SIZE);
+        break;
+
     case VIR_DOMAIN_LAUNCH_SECURITY_NONE:
     case VIR_DOMAIN_LAUNCH_SECURITY_SEV:
     case VIR_DOMAIN_LAUNCH_SECURITY_PV:
-    case VIR_DOMAIN_LAUNCH_SECURITY_TDX:
     case VIR_DOMAIN_LAUNCH_SECURITY_LAST:
         break;
     }