kenplusplus
commented
2 years ago @frozencemetery are you OK for merging this patch, appreciate! May I know when is next release?
Closed kenplusplus closed 2 years ago
kenplusplus
commented
2 years ago @frozencemetery are you OK for merging this patch, appreciate! May I know when is next release?
kenplusplus
commented
2 years ago Other than project style which I guess we'll clean up on merge, my understanding is that this is fine and we're just waiting on the grub patchset and a release to be planned.
@frozencemetery Harwood, I just send V4 pacthset for Grub at https://www.mail-archive.com/grub-devel@gnu.org/msg34541.html
tuanggolt
commented
2 years ago open và hợp nhất
kenplusplus
commented
2 years ago Other than project style which I guess we'll clean up on merge, my understanding is that this is fine and we're just waiting on the grub patchset and a release to be planned.
@frozencemetery Harwood, I just send V4 pacthset for Grub at https://www.mail-archive.com/grub-devel@gnu.org/msg34541.html
@frozencemetery Sound like grub2 got reviewed pass by Danial https://www.mail-archive.com/grub-devel@gnu.org/msg34556.html
kenplusplus
commented
2 years ago Other than project style which I guess we'll clean up on merge, my understanding is that this is fine and we're just waiting on the grub patchset and a release to be planned.
@frozencemetery Harwood, I just send V4 pacthset for Grub at https://www.mail-archive.com/grub-devel@gnu.org/msg34541.html
@frozencemetery Sound like grub2 got reviewed pass by Danial https://www.mail-archive.com/grub-devel@gnu.org/msg34556.html
grub2 patch merged at https://git.savannah.gnu.org/cgit/grub.git/commit/?id=ef8679b645a63eb9eb191bb9539d7d25a9d6ff3b
vathpela
commented
2 years ago What's cc->get_capability() for? How does cc_log_event_raw() get away with not using it at all?
kenplusplus
commented
2 years ago What's
cc->get_capability()for? How doescc_log_event_raw()get away with not using it at all?
@vathpela cc->get_capability() will not impact the common logic of cc_log_event_raw().
Intel Trust Domain Extensions(Intel TDX) refers to an Intel technology that extends Virtual Machine Extensions(VMX) and Multi-Key Total Memory Encryption(MK-TME) with a new kind of virtual machine guest called a Trust Domain(TD)[1]. A TD runs in a CPU mode that protects the confidentiality of its memory contents and its CPU state from any other software, including the hosting Virtual Machine Monitor (VMM).
Trust Domain Virtual Firmware (TDVF) is required to provide Intel TDX implementation and service for EFI_CC_MEASUREMENT_PROTOCOL[2]. The bugzilla for TDVF is at https://bugzilla.tianocore.org/show_bug.cgi?id=3625.
To support CC measurement/attestation with Intel TDX technology, following 4 RTMR registers will be extended by TDX service like TPM/TPM2 PCR:
This patch adds TDX Implementation for CC Measurement protocol along with TPM/TPM2 protocol.
References: [1] https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-whitepaper-v4.pdf [2] https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-virtual-firmware-design-guide-rev-1.pdf [3] https://software.intel.com/content/dam/develop/external/us/en/documents/intel-tdx-guest-hypervisor-communication-interface-1.0-344426-002.pdf
Signed-off-by: Lu Ken ken.lu@intel.com