Closed kenplusplus closed 2 years ago
Sorry for later response, since wait for the review of similar grub's patch at https://www.mail-archive.com/grub-devel@gnu.org/msg34244.html.
I resubmitted this V2 patch and close the previous one at https://github.com/rhboot/shim/pull/388:
Latest version looks fine to me.
ok
Hello, Sound like The CI build failure is caused by the code in mock-variables.c which is not related this commit. Do you need me rebase this patch to 15.6?
Do you need me rebase this patch to 15.6?
Yes - your patch is targeted for main, so it should be based on main.
@frozencemetery Thanks! I resubmitted V3 PR https://github.com/rhboot/shim/pull/485 , targeting to main branch. Could we close this PR and move to new V3 PR?
Yes. Couple notes though:
git push --force
the branch.
Intel Trust Domain Extensions(Intel TDX) refers to an Intel technology that extends Virtual Machine Extensions(VMX) and Multi-Key Total Memory Encryption(MK-TME) with a new kind of virtual machine guest called a Trust Domain(TD)[1]. A TD runs in a CPU mode that protects the confidentiality of its memory contents and its CPU state from any other software, including the hosting Virtual Machine Monitor (VMM).
Trust Domain Virtual Firmware (TDVF) is required to provide Intel TDX implementation and service for EFI_CC_MEASUREMENT_PROTOCOL[2]. The bugzilla for TDVF is at https://bugzilla.tianocore.org/show_bug.cgi?id=3625.
To support CC measurement/attestation with Intel TDX technology, following 4 RTMR registers will be extended by TDX service like TPM/TPM2 PCR:
This patch adds TDX Implementation for CC Measurement protocol along with TPM/TPM2 protocol.
References: [1] https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-whitepaper-v4.pdf [2] https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-virtual-firmware-design-guide-rev-1.pdf [3] https://software.intel.com/content/dam/develop/external/us/en/documents/intel-tdx-guest-hypervisor-communication-interface-1.0-344426-002.pdf
Signed-off-by: Lu Ken ken.lu@intel.com