Open rw8896 opened 3 weeks ago
steven-bellock
commented
3 weeks ago The Integrator needs to monitor request_attribute and the SignatureRequested bit, since content_change can only be asserted when a signature is requested. So it keeps track of measurements when SignatureRequested is not set, and does a comparison when SignatureRequested is set.
rw8896
commented
3 weeks ago Thanks and I think that works for normal scenario. But as "Any communication between Requester and Responder other than a GET_MEASUREMENTS request or response re-initializes L1/L2 computation to null .", the integrator seems not able to know if L1/L2 has been re-inited?
steven-bellock
commented
3 weeks ago Yes, that looks like it's an issue. The state of the l1/l2 transcript is stored in the spdm_context but it is currently not public. We would need to provide a public function to query the transcript state. @jyao1 does that sound good?
rw8896
commented
3 weeks ago I feel a callback function to notify L1/L2 was reset might be easier for integrators to track the measurement. Maybe provide a callback function for transcript state change (similar to connection state callback)?
steven-bellock
commented
2 weeks ago I will draw up the two approaches and we can see which ones looks the best: callback versus querying the transcript from the spdm_context.
https://github.com/DMTF/libspdm/blob/704d5652b2eeb451fffbd1bb1129046e377c9cf3/include/hal/library/responder/measlib.h#L77
Hi,
I have a question about content_changed implementation. The integrator will need the knowledge about measurement logs in current L2 contents as a basis to check if there is any measurement changed. But the function didn't seem to be able to provide such information. Is there a design/mechanism for integrators to acquire the information from libspdm?