Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CoCo AS]: Documentation for parsed-claim measurement #246

Closed
Xynnn007 opened this issue Nov 29, 2023 · 0 comments · Fixed by #248
Closed

[CoCo AS]: Documentation for parsed-claim measurement #246

Xynnn007 opened this issue Nov 29, 2023 · 0 comments · Fixed by #248

Comments

@Xynnn007
Copy link
Member

Currently CoCo-AS will generate a parsed_claims key-value map due different platforms. For example on TDX we might have the following

{
    "tdx.ccel.kernel": "5b7aa6572f649714ff00b6a2b9170516a068fd1a0ba72aa8de27574131d454e6396d3bfa1727d9baf421618a942977fa",
    "tdx.ccel.kernel_parameters.console": "hvc0",
    "tdx.ccel.kernel_parameters.root": "/dev/vda1",
    "tdx.ccel.kernel_parameters.rw": null,
    "tdx.quote.header.version": "0400",
    "tdx.quote.header.att_key_type": "0200",
    "tdx.quote.header.tee_type": "81000000",
    "tdx.quote.header.reserved": "00000000",
    "tdx.quote.header.vendor_id": "939a7233f79c4ca9940a0db3957f0607",
    "tdx.quote.header.user_data": "d099bfec0a477aa85a605dceabf2b10800000000",
    "tdx.quote.body.mr_config_id": "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
    "tdx.quote.body.mr_owner": "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
    "tdx.quote.body.mr_owner_config": "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
    "tdx.quote.body.mr_td": "705ee9381b8633a9fbe532b52345e8433343d2868959f57889d84ca377c395b689cac1599ccea1b7d420483a9ce5f031",
    "tdx.quote.body.mrsigner_seam": "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
    "tdx.quote.body.report_data": "7c71fe2c86eff65a7cf8dbc22b3275689fd0464a267baced1bf94fc1324656aeb755da3d44d098c0c87382f3a5f85b45c8a28fee1d3bdb38342bf96671501429",
    "tdx.quote.body.seam_attributes": "0000000000000000",
    "tdx.quote.body.td_attributes": "0100001000000000",
    "tdx.quote.body.mr_seam": "2fd279c16164a93dd5bf373d834328d46008c2b693af9ebb865b08b2ced320c9a89b4869a9fab60fbe9d0c5a5363c656",
    "tdx.quote.body.tcb_svn": "03000500000000000000000000000000",
    "tdx.quote.body.xfam": "e742060000000000"
}

It would be useful to have a document the claim items of different platforms, which can help to write OPA policy and prepare reference values.
@Xynnn007 Xynnn007 changed the title CoCo AS: Spec for parsed-claim measurement [CoCo AS]: Documentation for parsed-claim measurement Nov 29, 2023
Xynnn007 added a commit to Xynnn007/kbs that referenced this issue Nov 30, 2023
@Xynnn007
AS/docs: parsed claims for SGX/TDX
410767b 
related to confidential-containers#246. This commit implements SGX/TDX/Sample.

Signed-off-by: Xynnn007 <[email protected]>
Xynnn007 added a commit to Xynnn007/kbs that referenced this issue Nov 30, 2023
@Xynnn007
AS/docs: parsed claims for SGX/TDX
92c6e4c 
related to confidential-containers#246. This commit implements SGX/TDX/Sample.

Signed-off-by: Xynnn007 <[email protected]>
@Xynnn007 Xynnn007 mentioned this issue Nov 30, 2023
Merged
Xynnn007 added a commit to Xynnn007/kbs that referenced this issue Dec 1, 2023
@Xynnn007
AS/docs: parsed claims for SGX/TDX
57b9010 
related to confidential-containers#246. This commit implements SGX/TDX/Sample.

Signed-off-by: Xynnn007 <[email protected]>
Xynnn007 added a commit to Xynnn007/kbs that referenced this issue Dec 1, 2023
@Xynnn007
AS/docs: parsed claims for SGX/TDX
8f7b446 
related to confidential-containers#246. This commit implements SGX/TDX/Sample.

Signed-off-by: Xynnn007 <[email protected]>
Xynnn007 added a commit that referenced this issue Dec 6, 2023
@Xynnn007
AS/docs: parsed claims for SGX/TDX
82072bc 
related to #246. This commit implements SGX/TDX/Sample.

Signed-off-by: Xynnn007 <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

AS: add parsed claims for TDX/SGX and documents Xynnn007/kbs
1 participant
@Xynnn007