README
¶
Confidential Compute Event Log (CCEL)
See https://uefi.org/specs/ACPI/6.5/05_ACPI_Software_Programming_Model.html#cc-event-log-acpi-table.
Not to be confused with Canonical Event Log (CEL).
Documentation
¶
Overview ¶
Package ccel implements event log parsing and replay for the Confidential Computing event log. It only supports the CCEL based on the TCG crypto-agile event log (including the "Spec ID Event03" signature).
Index ¶
Constants ¶
const ( // See Section 4.3.3 CC-Event Log CCELACPITableSig = "CCEL" CCELACPITableMinSize = 56 )
Defined in Guest Hypervisor Communication Interface (GHCI) for Intel TDX 1.0. https://www.intel.com/content/www/us/en/content-details/726790/guest-host-communication-interface-ghci-for-intel-trust-domain-extensions-intel-tdx.html
const ( Reserved = iota SEV TDX )
Known CC types. See https://uefi.org/specs/ACPI/6.5/05_ACPI_Software_Programming_Model.html#cc-event-log-acpi-table.
Variables ¶
This section is empty.
Functions ¶
func ReplayAndExtract ¶ added in v0.0.2
func ReplayAndExtract(acpiTableFile []byte, rawEventLog []byte, rtmrBank register.RTMRBank, opts extract.Opts) (*pb.FirmwareLogState, error)
ReplayAndExtract parses a Confidential Computing event log and replays the parsed event log against the RTMR bank specified by hash.
It then extracts event info from the verified log into a FirmwareLogState. It returns an error on failing to replay the events against the RTMR bank or on failing to parse malformed events.
The returned FirmwareLogState may be a partial FirmwareLogState. In the case of a partially filled state, err will be non-nil. Callers can look for individual errors using `errors.Is`.
It is the caller's responsibility to ensure that the passed RTMR values can be trusted. Users can establish trust in RTMR values by either calling client.ReadRTMRs() themselves or by verifying the values via a RTMR quote.
Types ¶
type CCACPITable ¶
CCACPITable represents the confidential computing (CC) event log ACPI table.
Source Files