Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect IMR index for vTPM eventlog replay #50

Open
ruomengh opened this issue May 24, 2024 · 2 comments
Open

Incorrect IMR index for vTPM eventlog replay #50

ruomengh opened this issue May 24, 2024 · 2 comments
Labels
enhancement New feature or request

Comments

@ruomengh
Copy link
Contributor

When running cc_event_log_cli.py, the IMR index is not correct in the replay part. It needs to be enhanced.
See below output.

main INFO Total 104 of event logs fetched.
main INFO Replayed result of collected event logs:
main INFO IMR[-1]:
main INFO 592b3f42ec556a9c093f201124cc7313fdaa4ce40ae1602e14d51f18fbfc480d6a1e196d1c52ad919328410272dc7222
main INFO IMR[6]:
main INFO 8e6b00184b2cb85d87821055218d1841404636dfa6102e5a8b5e6aaf485f4f88f1fed11d871ac13b25c84debda5f673b
main INFO IMR[0]:
main INFO 5641d8048aa75f0d456dfd75e7e5bf519abffcac79487905c5b7a57ca206debdd91e8d8df805e983728bbb6e1a7a49f8
main INFO IMR[3]:
main INFO 6cbd1894a1605e76463a6cf5b033614578f6813ca950a64bf16d5af9e3d6ef49c1bc5c523190fe6330d5119b21156111
main INFO IMR[1]:
main INFO 518923b0f955d08da077c96aaba522b9decede61c599cea6c41889cfbea4ae4d50529d96fe4d1afdafb65e7f95bf23c4
main INFO IMR[2]:
main INFO 518923b0f955d08da077c96aaba522b9decede61c599cea6c41889cfbea4ae4d50529d96fe4d1afdafb65e7f95bf23c4
main INFO IMR[4]:
main INFO 92be0744f3973f11ad487c4427a65f92c1fbbab5a1fa2d9bf58fcaf5b2cd4300d7aad862e56aa5a03e74e4e361711714
main INFO IMR[5]:
main INFO 518923b0f955d08da077c96aaba522b9decede61c599cea6c41889cfbea4ae4d50529d96fe4d1afdafb65e7f95bf23c4
main INFO IMR[13]:
main INFO 937437d07298010015f4598395c9f8dc202ef36e0be3897bba89874bf612b5da092beadfe37f79714a60193819e384ad
main INFO IMR[8]:
main INFO 85ac01b59fe1c87c75c3f6f30b55c315d796d977af89cdb04ae7768b3892254eaeb53f7dcab9144997281e51f6502afd
main INFO IMR[7]:
main INFO 135cc970dea4bfb076efaa3e9e91611da2a44aea4f981a5eac6996f988a04234a0bf300f6e79d9614e6dab83a056844a
@ruomengh ruomengh added the enhancement New feature or request label May 24, 2024
@Ruoyu-y
Copy link
Member

Ruoyu-y commented May 30, 2024

@ruomengh After checking the code, i found it is caused by the code that helps parsing the event logs. In the previous implementation, we assume the event logs are TDX event logs saved in CCEL. And in CCEL implementation, cc measurement register is used as the value for PCRIndex. But we could see from the specification that, cc measurement register is not equal to TDX measurement register and they two have the mapping like this:
image
That means the event logs for RTMR[0] actually using ‘1’ as the PCRIndex value within the event log.
For better understanding, the parsing code do a minus one operation for the PCRIndex value when treating the event logs. Thus, causing the PCRIndex value for TPM event logs becomes invalid.

To solve this, we could remove that minus one operation to make TPM event logs work perfectly. But the TDX event logs will become a little bit confusing, as the replay result will become:
IMR[1] -> holding the replay result for RTMR[0]
IMR[2] -> holding the replay result for RTMR[1]
IMR[3] -> holding the replay result for RTMR[2]
IMR[4] -> holding the replay result for RTMR[3]

Does it make sense?

@ruomengh
Copy link
Contributor Author

ruomengh commented Jun 4, 2024

@Ruoyu-y Thanks for finding the root cause. If the IMR index is not equal to RTMR index, such as IMR 1 -> RTMR[0], it's better to make sure the callers are ware of the index offset.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Ruoyu-y @ruomengh