Re: [PATCH RFC 3/3] tsm: Add TVM Measurement Sample Code
From: Xing, Cedric
Date: Sat Sep 14 2024 - 12:36:21 EST
On 9/12/2024 7:28 AM, James Bottomley wrote:
On Sat, 2024-09-07 at 23:56 -0500, Cedric Xing wrote:
This sample kernel module demonstrates how to make MRs accessible to
user mode
through TSM.
Once loaded, this module registers a virtual measurement provider
with the TSM
core and will result in the directory tree below.
/sys/kernel/tsm/
└── measurement-example
├── config_mr
├── full_report
├── report_digest
├── rtmr0
│ ├── append_event
│ ├── digest
│ ├── event_log
│ └── hash_algo
├── rtmr1
│ ├── append_event
│ ├── digest
│ ├── event_log
│ └── hash_algo
├── static_mr
└── user_data
I'm not sure this is the best structure to apply to logs with multiple
banks (hash algorithms). There needs to be a way to get the same
registers measurement for each bank, but the log should sit above that
(appending should extend all active banks)
How about
/sys/kernel/tsm/
└──<measurement type>
├──reg0
│ ├── <log format>
│ │ ├── append_event
│ │ └── event_log
│ ├── <hash algo>
│ ... └── digest
...
That way it supports multiple log formats (would be the job of the log
extender to ensure compatibility) and multiple banks.
I have considered this before. But I'm not sure how to (define/describe
criteria to) match an MR with its log format. Also, MRs are arch
dependent and may also vary from gen to gen. I'm afraid this might bring
in more chaos than order.
-Cedric