[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH V4 0/3] Enable TDX measurement to RTMR register
|
From: |
Lu Ken |
|
Subject: |
[PATCH V4 0/3] Enable TDX measurement to RTMR register |
|
Date: |
Wed, 13 Jul 2022 10:06:09 +0800 |
Intel Trust Domain Extensions(Intel TDX) refers to an Intel technology
that extends Virtual Machine Extensions(VMX) and Multi-Key Total Memory
Encryption(MK-TME) with a new kind of virtual machine guest called a
Trust Domain(TD)[1]. A TD runs in a CPU mode that protects the confidentiality
of its memory contents and its CPU state from any other software, including
the hosting Virtual Machine Monitor (VMM).
Trust Domain Virtual Firmware (TDVF) is required to provide TD services to
the TD guest OS.[2] Its reference code is available at
https://github.com/tianocore/edk2-staging/tree/TDVF.
To support TD measurement/attestation, TDs provide 4 RTMR registers like
TPM/TPM2 PCR as below:
- RTMR[0] is for TDVF configuration
- RTMR[1] is for the TD OS loader and kernel
- RTMR[2] is for the OS application
- RTMR[3] is reserved for special usage only
This patch adds TD Measurement protocol support along with TPM/TPM2 protocol.
References:
[1]
https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-whitepaper-v4.pdf
[2]
https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-virtual-firmware-design-guide-rev-1.pdf
Lu Ken (3):
efi/tpm.c: Refine the status of log event
efi/tpm.c: Uses grub_strcpy() to replace grub_memcpy()
efi/tpm.c: Enable EFI_CC_MEASUREMENT_PROTOCOL
grub-core/commands/efi/tpm.c | 64 ++++++++++++--
include/grub/efi/cc.h | 158 +++++++++++++++++++++++++++++++++++
2 files changed, 215 insertions(+), 7 deletions(-)
create mode 100644 include/grub/efi/cc.h
--
2.31.1
- [PATCH V4 0/3] Enable TDX measurement to RTMR register,
Lu Ken <=