SecurityPkg/TdTcg2Dxe: td-guest shall halt when CcMeasurement install fail

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4335

CcMeasurement protocol is installed when it is supported in a td-guest. If
the installation of the protocol failed, the guest shall go into
CpuDeadLoop. Because the measurement feature is crucial to a td-guest and
it shall stop running immediately at this situation.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

diff --git a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c
index 59341a8c0250f9d878dee06849855b35be2d30fd..b34da724ac4247df4acd0d57a228f2ff1dd28628 100644 (file)
--- a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c
+++ b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c
@@ -2510,6 +2510,12 @@ DriverEntry (
     //\r
     // Create event callback to install CC EventLog ACPI Table\r
     EfiCreateProtocolNotifyEvent (&gEfiAcpiTableProtocolGuid, TPL_CALLBACK, InstallAcpiTable, NULL, &Registration);\r
+  } else {\r
+    //\r
+    // Cc measurement feature is crucial to a td-guest and it shall stop running immediately\r
+    // when it is failed to be installed.\r
+    DEBUG ((DEBUG_ERROR, "%a: CcMeasurement protocol failed to be installed - %r\n", __FUNCTION__, Status));\r
+    CpuDeadLoop ();\r
   }\r
 \r
   return Status;\r