On Tue, 5 Mar 2024 at 21:27, Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx> wrote: > > > On 3/5/24 10:00 AM, Ilias Apalodimas wrote: > > Hi Ard, > > > > On Mon, 4 Mar 2024 at 12:44, Ard Biesheuvel <ardb+git@xxxxxxxxxx> wrote: > >> From: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx> > >> > >> If the virtual firmware implements TPM support, TCG2 protocol will be > >> used for kernel measurements and event logging support. But in CC > >> environment, not all platforms support or enable the TPM feature. UEFI > >> specification [1] exposes protocol and interfaces used for kernel > >> measurements in CC platforms without TPM support. > >> > >> More details about the EFI CC measurements and logging can be found > >> in [1]. > >> > >> Link: https://uefi.org/specs/UEFI/2.10/38_Confidential_Computing.html#efi-cc-measurement-protocol [1] > >> Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx> > >> [ardb: Drop code changes, keep typedefs and #define's only] > >> Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx> > >> --- > >> drivers/firmware/efi/libstub/efistub.h | 79 ++++++++++++++++++++ > >> include/linux/efi.h | 1 + > >> 2 files changed, 80 insertions(+) > >> > > [...] > > > >> + > >> +struct efi_cc_event { > >> + u32 event_size; > >> + struct { > >> + u32 header_size; > >> + u16 header_version; > >> + u32 mr_index; > >> + u32 event_type; > >> + } __packed event_header; > >> + u8 event_data[0]; > > We should define this as a flexible array member instead of a zero-length array? > > The spec is funny and defines this as event_data[1]. I think we aren't > > using the sizeof(struct efi_cc_event) anywhere, so if this struct is > > not used as a member of another struct or an array we can omit it > > entirely. > > Flexible array is also fine or we can just add a comment like "u8[] event follows here" > like in struct efi_tcg2_event . Yes. I just noticed I had a typo above. I meant to write "if this struct *is* used as a member of another struct or an array we can omit it entirely." > > > > > [...] > > > > Cheers > > /Ilias > > -- > Sathyanarayanan Kuppuswamy > Linux Kernel Developer >
