[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH V4 0/3] Enable TDX measurement to RTMR register
|
From: |
Daniel Kiper |
|
Subject: |
Re: [PATCH V4 0/3] Enable TDX measurement to RTMR register |
|
Date: |
Tue, 19 Jul 2022 15:52:02 +0200 |
|
User-agent: |
NeoMutt/20170113 (1.7.2) |
On Wed, Jul 13, 2022 at 10:06:09AM +0800, Lu Ken wrote:
> Intel Trust Domain Extensions(Intel TDX) refers to an Intel technology
> that extends Virtual Machine Extensions(VMX) and Multi-Key Total Memory
> Encryption(MK-TME) with a new kind of virtual machine guest called a
> Trust Domain(TD)[1]. A TD runs in a CPU mode that protects the confidentiality
> of its memory contents and its CPU state from any other software, including
> the hosting Virtual Machine Monitor (VMM).
>
> Trust Domain Virtual Firmware (TDVF) is required to provide TD services to
> the TD guest OS.[2] Its reference code is available at
> https://github.com/tianocore/edk2-staging/tree/TDVF.
>
> To support TD measurement/attestation, TDs provide 4 RTMR registers like
> TPM/TPM2 PCR as below:
> - RTMR[0] is for TDVF configuration
> - RTMR[1] is for the TD OS loader and kernel
> - RTMR[2] is for the OS application
> - RTMR[3] is reserved for special usage only
>
> This patch adds TD Measurement protocol support along with TPM/TPM2 protocol.
>
> References:
> [1]
> https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-whitepaper-v4.pdf
> [2]
> https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-virtual-firmware-design-guide-rev-1.pdf
>
> Lu Ken (3):
> efi/tpm.c: Refine the status of log event
> efi/tpm.c: Uses grub_strcpy() to replace grub_memcpy()
> efi/tpm.c: Enable EFI_CC_MEASUREMENT_PROTOCOL
There are still some nits but I will fix them for you.
Anyway, for all patches Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>...
Daniel