igvmfilegen/signed_measurement/
tdx.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.

//! Support for creating TDX MRTD

use super::SHA_384_OUTPUT_SIZE_BYTES;
use crate::file_loader::DEFAULT_COMPATIBILITY_MASK;
use igvm::IgvmDirectiveHeader;
use igvm_defs::PAGE_SIZE_4K;
use sha2::Digest;
use sha2::Sha384;
use std::collections::HashMap;
use thiserror::Error;
use zerocopy::FromBytes;
use zerocopy::Immutable;
use zerocopy::IntoBytes;
use zerocopy::KnownLayout;

#[derive(Debug, Error)]
pub enum Error {
    #[error("invalid parameter area index")]
    InvalidParameterAreaIndex,
}

/// Measure adding a page to TD.
#[repr(C)]
#[derive(Debug, Clone, Copy, IntoBytes, Immutable, KnownLayout, FromBytes)]
pub struct TdxPageAdd {
    /// MEM.PAGE.ADD
    pub operation: [u8; 16],
    /// Must be aligned to a page size boundary.
    pub gpa: u64,
    /// Reserved mbz.
    pub mbz: [u8; 104],
}

const TDX_EXTEND_CHUNK_SIZE: usize = 256;

/// Measure adding a chunk of data to TD.
#[repr(C)]
#[derive(Debug, Clone, Copy, IntoBytes, Immutable, KnownLayout, FromBytes)]
pub struct TdxMrExtend {
    /// MR.EXTEND
    pub operation: [u8; 16],
    /// Aligned to a 256B boundary.
    pub gpa: u64,
    /// Reserved mbz.
    pub mbz: [u8; 104],
    /// Data to measure.
    pub data: [u8; TDX_EXTEND_CHUNK_SIZE],
}

/// Iterate through all headers to create the MRTD.
pub fn generate_tdx_measurement(
    directive_headers: &[IgvmDirectiveHeader],
) -> Result<[u8; SHA_384_OUTPUT_SIZE_BYTES], Error> {
    let mut parameter_area_table = HashMap::new();
    const PAGE_SIZE_4K_USIZE: usize = PAGE_SIZE_4K as usize;
    let tdx_compatibility_mask = DEFAULT_COMPATIBILITY_MASK;
    // Reuse the same vec for padding out data to 4k.
    let mut padding_vec = vec![0; PAGE_SIZE_4K_USIZE];
    let mut hasher = Sha384::new();

    let mut measure_page = |gpa: u64, page_data: Option<&[u8]>| {
        // Measure the page being added.
        let page_add = TdxPageAdd {
            operation: *b"MEM.PAGE.ADD\0\0\0\0",
            gpa,
            mbz: [0; 104],
        };
        hasher.update(page_add.as_bytes());

        // Possibly measure the page contents in chunks.
        if let Some(data) = page_data {
            let data = match data.len() {
                0 => None,
                PAGE_SIZE_4K_USIZE => Some(data),
                _ if data.len() < PAGE_SIZE_4K_USIZE => {
                    padding_vec.fill(0);
                    padding_vec[..data.len()].copy_from_slice(data);
                    Some(padding_vec.as_slice())
                }
                _ => {
                    panic!("Unexpected data size");
                }
            };

            // Hash the contents of the 4K page, 256 bytes at a time.
            for offset in (0..PAGE_SIZE_4K).step_by(TDX_EXTEND_CHUNK_SIZE) {
                let mut mr_extend = TdxMrExtend {
                    operation: *b"MR.EXTEND\0\0\0\0\0\0\0",
                    gpa: gpa + offset,
                    mbz: [0; 104],
                    data: [0; TDX_EXTEND_CHUNK_SIZE],
                };

                // Copy in data for chunk if it exists.
                if let Some(data) = data {
                    mr_extend.data.copy_from_slice(
                        &data[offset as usize..offset as usize + TDX_EXTEND_CHUNK_SIZE],
                    );
                }
                hasher.update(mr_extend.as_bytes());
            }
        };
    };

    // Loop over all the page data to build the digest
    for header in directive_headers {
        // Skip headers that have compatibility masks that do not match TDX.
        if header
            .compatibility_mask()
            .map(|mask| mask & tdx_compatibility_mask != tdx_compatibility_mask)
            .unwrap_or(false)
        {
            continue;
        }

        match header {
            IgvmDirectiveHeader::ParameterArea {
                number_of_bytes,
                parameter_area_index,
                initial_data: _,
            } => {
                assert_eq!(
                    parameter_area_table.contains_key(&parameter_area_index),
                    false
                );
                assert_eq!(number_of_bytes % PAGE_SIZE_4K, 0);
                parameter_area_table.insert(parameter_area_index, number_of_bytes);
            }
            IgvmDirectiveHeader::PageData {
                gpa,
                compatibility_mask,
                flags,
                data_type: _,
                data,
            } => {
                assert_eq!(
                    compatibility_mask & tdx_compatibility_mask,
                    tdx_compatibility_mask
                );

                // Skip shared pages.
                if flags.shared() {
                    continue;
                }

                // If data is unmeasured, only measure the GPA.
                let data = if flags.unmeasured() {
                    None
                } else {
                    Some(data.as_bytes())
                };

                measure_page(*gpa, data);
            }
            IgvmDirectiveHeader::ParameterInsert(param) => {
                assert_eq!(
                    param.compatibility_mask & tdx_compatibility_mask,
                    tdx_compatibility_mask
                );

                let parameter_area_size = parameter_area_table
                    .get(&param.parameter_area_index)
                    .ok_or(Error::InvalidParameterAreaIndex)?;

                for gpa in (param.gpa..param.gpa + *parameter_area_size).step_by(PAGE_SIZE_4K_USIZE)
                {
                    measure_page(gpa, None);
                }
            }
            _ => {}
        }
    }

    let mrtd: [u8; SHA_384_OUTPUT_SIZE_BYTES] = hasher.finalize().into();
    tracing::info!("MRTD: {}", hex::encode_upper(mrtd));
    Ok(mrtd)
}