From: Zhenzhong Duan <zhenzhong.duan@intel.com>
Date: Thu, 10 Jul 2025 07:21:10 +0000 (-0400)
Subject: conf: Validate TDX launchSecurity element mrConfigId/mrOwner/mrOwnerConfig
X-Git-Tag: v11.6.0-rc1~27
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ea625cb60b6c829d96c67a4ac99f6ccb96a15257;p=thirdparty%2Flibvirt.git

conf: Validate TDX launchSecurity element mrConfigId/mrOwner/mrOwnerConfig

mrConfigId/mrOwner/mrOwnerConfig are base64 encoded SHA384 digest,
can be provided for TDX attestation.

Check their decoded lengths to ensure they are 48 bytes.

Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
---

diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index 9b7418ccb5..40edecef83 100644
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -1915,10 +1915,13 @@ virDomainDefValidateIOThreads(const virDomainDef *def)
     } \
 }
 
+#define SHA384_DIGEST_SIZE  48
+
 static int
 virDomainDefLaunchSecurityValidate(const virDomainDef *def)
 {
     virDomainSEVSNPDef *sev_snp;
+    virDomainTDXDef *tdx;
 
     if (!def->sec)
         return 0;
@@ -1933,10 +1936,17 @@ virDomainDefLaunchSecurityValidate(const virDomainDef *def)
         CHECK_BASE64_LEN(sev_snp->host_data, "hostData", 32);
         break;
 
+    case VIR_DOMAIN_LAUNCH_SECURITY_TDX:
+        tdx = &def->sec->data.tdx;
+
+        CHECK_BASE64_LEN(tdx->mrconfigid, "mrConfigId", SHA384_DIGEST_SIZE);
+        CHECK_BASE64_LEN(tdx->mrowner, "mrOwner", SHA384_DIGEST_SIZE);
+        CHECK_BASE64_LEN(tdx->mrownerconfig, "mrOwnerConfig", SHA384_DIGEST_SIZE);
+        break;
+
     case VIR_DOMAIN_LAUNCH_SECURITY_NONE:
     case VIR_DOMAIN_LAUNCH_SECURITY_SEV:
     case VIR_DOMAIN_LAUNCH_SECURITY_PV:
-    case VIR_DOMAIN_LAUNCH_SECURITY_TDX:
     case VIR_DOMAIN_LAUNCH_SECURITY_LAST:
         break;
     }