The measurement tool runs within TD guest to get RTMR value from TDREPORT via Linux attestion driver, and gets the full TD event log from TDEL ACPI table. Then it uses the TD event log to verify the RTMR value or change.
CSP or tenant developer could use it to analyze and debug the TDX measurement before providing the TDX guest VM.
The Log Area Start Address (LASA) is from ACPI TDEL table. Please see GHCI specification.
-
Get Event Log
./tdx_eventlogsThe example output for the event log in grub boot and direct boot
-
Get TD Report
./tdx_tdreport -
Verify the RTMR
./tdx_verify_rtmr
Build and install TDX Measurement Tool:
python3 setup.py bdist_wheel
pip3 install dist/*.whl --force-reinstall