Intel Trust Domain Extensions(Intel TDX) refers to an Intel technology that extends Virtual Machine Extensions(VMX) and Multi-Key Total Memory Encryption(MK-TME) with a new kind of virtual machine guest called a Trust Domain(TD)[1]. A TD runs in a CPU mode that protects the confidentiality of its memory contents and its CPU state from any other software, including the hosting Virtual Machine Monitor (VMM).
Trust Domain Virtual Firmware (TDVF) is required to provide TD services to the TD guest OS.[2] Its reference code is available at https://github.com/tianocore/edk2-staging/tree/TDVF. To support TD measurement/attestation, TDs provide 4 RTMR registers like TPM/TPM2 PCR as below: - RTMR[0] is for TDVF configuration - RTMR[1] is for the TD OS loader and kernel - RTMR[2] is for the OS application - RTMR[3] is reserved for special usage only This patch adds TD Measurement protocol support along with TPM/TPM2 protocol. References: [1] https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-whitepaper-v4.pdf [2] https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-virtual-firmware-design-guide-rev-1.pdf Lu Ken (3): efi/tpm.c: Refine the status of log event efi/tpm.c: Uses grub_strcpy() to replace grub_memcpy() efi/tpm.c: Enable EFI_CC_MEASUREMENT_PROTOCOL grub-core/commands/efi/tpm.c | 64 ++++++++++++-- include/grub/efi/cc.h | 158 +++++++++++++++++++++++++++++++++++ 2 files changed, 215 insertions(+), 7 deletions(-) create mode 100644 include/grub/efi/cc.h -- 2.31.1 _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
