From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1oBRls-0006W5-09 for mharc-grub-devel@gnu.org; Tue, 12 Jul 2022 22:06:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:54126) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oBRlq-0006T2-OB for grub-devel@gnu.org; Tue, 12 Jul 2022 22:06:34 -0400 Received: from mga09.intel.com ([134.134.136.24]:14135) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oBRlm-0005EX-SC for grub-devel@gnu.org; Tue, 12 Jul 2022 22:06:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657677990; x=1689213990; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=H2wdaWHYO7nghwqjB5tLnMYu5Bsfy0GVu4OIFGrylgU=; b=dswNaK8Fy+LLvwLNrlHedSTwTe71rxjPpqgLYiRJT/PqXkZkTy4jYmP+ 9oOS56e/jhEg3i9xo44/niIOJKgDO+xegJ5QqEH6rGikHajjkhiLy/UL9 dU+w18udxMnDr4AghDwX8Qk/Dp8U8/QtTmI3jaXEnlEreuo4cN2CdLq0B 4eBmLYqlQ5f5LBzGlWdzLNmqeN98/Nqn95LusgMPEIOllfwM1xvxbC8f3 2wFN4naKYgP27xMQOCDyOnS8o0S6BDahdIAPtl2bJezhTy5CTnkdP/nVK R60UFYJHtehEQwLGP+FbsC/1Lt+SWgCzkqo59AWaZN99pptjj0cPOYXz0 g==; X-IronPort-AV: E=McAfee;i="6400,9594,10406"; a="285832135" X-IronPort-AV: E=Sophos;i="5.92,266,1650956400"; d="scan'208";a="285832135" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Jul 2022 19:06:26 -0700 X-IronPort-AV: E=Sophos;i="5.92,266,1650956400"; d="scan'208";a="653160439" Received: from cpio-build-prc1.sh.intel.com ([10.239.85.209]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Jul 2022 19:06:24 -0700 From: Lu Ken To: grub-devel@gnu.org Cc: dkiper@net-space.pl, min.m.xu@intel.com, Lu Ken Subject: [PATCH V4 0/3] Enable TDX measurement to RTMR register Date: Wed, 13 Jul 2022 10:06:09 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=134.134.136.24; envelope-from=ken.lu@intel.com; helo=mga09.intel.com X-Spam_score_int: -44 X-Spam_score: -4.5 X-Spam_bar: ---- X-Spam_report: (-4.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.082, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Jul 2022 02:06:34 -0000 Intel Trust Domain Extensions(Intel TDX) refers to an Intel technology that extends Virtual Machine Extensions(VMX) and Multi-Key Total Memory Encryption(MK-TME) with a new kind of virtual machine guest called a Trust Domain(TD)[1]. A TD runs in a CPU mode that protects the confidentiality of its memory contents and its CPU state from any other software, including the hosting Virtual Machine Monitor (VMM). Trust Domain Virtual Firmware (TDVF) is required to provide TD services to the TD guest OS.[2] Its reference code is available at https://github.com/tianocore/edk2-staging/tree/TDVF. To support TD measurement/attestation, TDs provide 4 RTMR registers like TPM/TPM2 PCR as below: - RTMR[0] is for TDVF configuration - RTMR[1] is for the TD OS loader and kernel - RTMR[2] is for the OS application - RTMR[3] is reserved for special usage only This patch adds TD Measurement protocol support along with TPM/TPM2 protocol. References: [1] https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-whitepaper-v4.pdf [2] https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-virtual-firmware-design-guide-rev-1.pdf Lu Ken (3): efi/tpm.c: Refine the status of log event efi/tpm.c: Uses grub_strcpy() to replace grub_memcpy() efi/tpm.c: Enable EFI_CC_MEASUREMENT_PROTOCOL grub-core/commands/efi/tpm.c | 64 ++++++++++++-- include/grub/efi/cc.h | 158 +++++++++++++++++++++++++++++++++++ 2 files changed, 215 insertions(+), 7 deletions(-) create mode 100644 include/grub/efi/cc.h -- 2.31.1