ccel

package

v0.0.1 Latest Latest Go to latest Published: Aug 29, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/google/go-eventlog

Links

Open Source Insights

README ¶

Confidential Compute Event Log (CCEL)

See https://uefi.org/specs/ACPI/6.5/05_ACPI_Software_Programming_Model.html#cc-event-log-acpi-table.

Not to be confused with Canonical Event Log (CEL).

Documentation ¶

Overview ¶

Package ccel implements event log parsing and replay for the Confidential Computing event log. It only supports the CCEL based on the TCG crypto-agile event log (including the "Spec ID Event03" signature).

Index ¶

Constants
func ExtractFirmwareLogState(acpiTableFile []byte, rawEventLog []byte, rtmrBank register.RTMRBank, ...) (*pb.FirmwareLogState, error)
type CCACPITable
type CCType
type ExtractOpts

Constants ¶

View Source

const (
	// See Section 4.3.3 CC-Event Log
	CCELACPITableSig     = "CCEL"
	CCELACPITableMinSize = 56
)

Defined in Guest Hypervisor Communication Interface (GHCI) for Intel TDX 1.0. https://www.intel.com/content/www/us/en/content-details/726790/guest-host-communication-interface-ghci-for-intel-trust-domain-extensions-intel-tdx.html

View Source

const (
	Reserved = iota
	SEV
	TDX
)

Known CC types. See https://uefi.org/specs/ACPI/6.5/05_ACPI_Software_Programming_Model.html#cc-event-log-acpi-table.

Variables ¶

This section is empty.

Functions ¶

func ExtractFirmwareLogState ¶

func ExtractFirmwareLogState(acpiTableFile []byte, rawEventLog []byte, rtmrBank register.RTMRBank, opts ExtractOpts) (*pb.FirmwareLogState, error)

ExtractFirmwareLogState parses a Confidential Computing event log and replays the parsed event log against the RTMR bank specified by hash.

It returns the corresponding FirmwareLogState containing the events verified by particular RTMR indexes/digests. It returns an error on failing to replay the events against the RTMR bank or on failing to parse malformed events.

The returned FirmwareLogState may be a partial FirmwareLogState. In the case of a partially filled state, err will be non-nil. Callers can look for individual errors using `errors.Is`.

It is the caller's responsibility to ensure that the passed RTMR values can be trusted. Users can establish trust in RTMR values by either calling client.ReadRTMRs() themselves or by verifying the values via a RTMR quote.

Types ¶

type CCACPITable ¶

type CCACPITable struct {
	Length uint32
	CCType
}

CCACPITable represents the confidential computing (CC) event log ACPI table.

type CCType ¶

type CCType uint8

CCType describes the Confidential Computing type for the Confidential Computing event log.

type ExtractOpts ¶

type ExtractOpts struct {
	Loader common.Bootloader
}

ExtractOpts gives options for extracting information from an event log.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL