fmt

Author: cjen1-msft

include/ccf/pal/attestation_sev_snp.h

@@ -6,7 +6,6 @@
 #include "ccf/pal/attestation_sev_snp_endorsements.h"
 #include "ccf/pal/measurement.h"
 #include "ccf/pal/report_data.h"
-#include "ccf/pal/hardware_info.h"
 
 #include <array>
 #include <map>
@@ -297,11 +296,13 @@ QPHfbkH0CyPfhl1jWhJFZasCAwEAAQ==
   };
 #pragma pack(pop)
   DECLARE_JSON_TYPE(CPUID);
-  DECLARE_JSON_REQUIRED_FIELDS(CPUID, stepping, base_model, base_family, extended_model, extended_family);
+  DECLARE_JSON_REQUIRED_FIELDS(
+    CPUID, stepping, base_model, base_family, extended_model, extended_family);
   static_assert(
     sizeof(CPUID) == sizeof(uint32_t), "Can't cast CPUID to uint32_t");
 
-  union UnionedCPUID{
+  union UnionedCPUID
+  {
     uint32_t eax;
     CPUID cpuid;
   };
@@ -310,10 +311,7 @@ QPHfbkH0CyPfhl1jWhJFZasCAwEAAQ==
   {
     UnionedCPUID cpuid_eax;
     cpuid_eax.eax = 0;
-    asm volatile(
-      "cpuid"
-      : "=a"(cpuid_eax.eax)
-      : "a"(1));
+    asm volatile("cpuid" : "=a"(cpuid_eax.eax) : "a"(1));
     return cpuid_eax.cpuid;
   }
 }
@@ -325,15 +323,13 @@ namespace ccf::kv::serialisers
   template <>
   struct BlitSerialiser<ccf::pal::snp::CPUID>
   {
-    static SerialisedEntry to_serialised(
-      const ccf::pal::snp::CPUID& chip)
+    static SerialisedEntry to_serialised(const ccf::pal::snp::CPUID& chip)
     {
       auto hex_str = chip.hex_str();
       return SerialisedEntry(hex_str.begin(), hex_str.end());
     }
 
-    static ccf::pal::snp::CPUID from_serialised(
-      const SerialisedEntry& data)
+    static ccf::pal::snp::CPUID from_serialised(const SerialisedEntry& data)
     {
       ccf::pal::snp::CPUID ret;
       auto buf_ptr = reinterpret_cast<uint8_t*>(&ret);

include/ccf/service/tables/tcb_verification.h

@@ -8,8 +8,7 @@
 
 namespace ccf
 {
-  using SnpTcbVersionMap =
-    ServiceMap<pal::snp::CPUID, pal::snp::TcbVersion>;
+  using SnpTcbVersionMap = ServiceMap<pal::snp::CPUID, pal::snp::TcbVersion>;
 
   namespace Tables
   {

src/node/quote.cpp

@@ -276,16 +276,19 @@ namespace ccf
     }
 
     std::optional<pal::snp::TcbVersion> min_tcb_opt = std::nullopt;
-    
+
     auto h = tx.ro<SnpTcbVersionMap>(Tables::SNP_TCB_VERSIONS);
-    // expensive but there should not be many entries in this table only one per cpu
-    h->foreach([&min_tcb_opt, &attestation](const pal::snp::CPUID& cpuid, const pal::snp::TcbVersion& v) {
-      if (cpuid.get_family_id() == attestation.cpuid_fam_id &&
-          cpuid.get_model_id() == attestation.cpuid_mod_id &&
-          cpuid.stepping == attestation.cpuid_step) {
+    // expensive but there should not be many entries
+    h->foreach([&min_tcb_opt, &attestation](
+                 const pal::snp::CPUID& cpuid, const pal::snp::TcbVersion& v) {
+      if (
+        cpuid.get_family_id() == attestation.cpuid_fam_id &&
+        cpuid.get_model_id() == attestation.cpuid_mod_id &&
+        cpuid.stepping == attestation.cpuid_step)
+      {
         min_tcb_opt = v;
         return false;
-      } 
+      }
       return true;
     });
 

src/node/rpc/node_frontend.h

@@ -1640,7 +1640,6 @@ namespace ccf
             break;
 
             InternalTablesAccess::trust_static_snp_tcb_version(ctx.tx);
-
           }
 
           case QuoteFormat::amd_sev_snp_v1:

src/pal/quote_generation.h

@@ -3,8 +3,8 @@
 #pragma once
 
 #include "ccf/crypto/hash_provider.h"
-#include "ds/files.h"
 #include "ccf/pal/attestation.h"
+#include "ds/files.h"
 
 #include <nlohmann/json.hpp>
 #include <string>

src/service/internal_tables_access.h

@@ -827,13 +827,14 @@ namespace ccf
     {
       auto h = tx.wo<ccf::SnpTcbVersionMap>(Tables::SNP_TCB_VERSIONS);
 
-      constexpr pal::snp::CPUID milan_chip_id {.stepping = 0x1,
-         .base_model = 0x1,
-         .base_family = 0xF,
-         .reserved = 0,
-         .extended_model = 0x0,
-         .extended_family = 0x0A,
-         .reserved2 = 0};
+      constexpr pal::snp::CPUID milan_chip_id{
+        .stepping = 0x1,
+        .base_model = 0x1,
+        .base_family = 0xF,
+        .reserved = 0,
+        .extended_model = 0x0,
+        .extended_family = 0x0A,
+        .reserved2 = 0};
       constexpr pal::snp::TcbVersion milan_tcb_version = {
         .boot_loader = 0,
         .tee = 0,
@@ -842,13 +843,14 @@ namespace ccf
         .microcode = 0xDB};
       h->put(milan_chip_id, milan_tcb_version);
 
-      constexpr pal::snp::CPUID milan_x_chip_id {.stepping = 0x2,
-         .base_model = 0x1,
-         .base_family = 0xF,
-         .reserved = 0,
-         .extended_model = 0x0,
-         .extended_family = 0x0A,
-         .reserved2 = 0};
+      constexpr pal::snp::CPUID milan_x_chip_id{
+        .stepping = 0x2,
+        .base_model = 0x1,
+        .base_family = 0xF,
+        .reserved = 0,
+        .extended_model = 0x0,
+        .extended_family = 0x0A,
+        .reserved2 = 0};
       constexpr pal::snp::TcbVersion milan_x_tcb_version = {
         .boot_loader = 0,
         .tee = 0,
@@ -857,13 +859,14 @@ namespace ccf
         .microcode = 0x44};
       h->put(milan_x_chip_id, milan_x_tcb_version);
 
-      constexpr pal::snp::CPUID genoa_chip_id {.stepping = 0x1,
-         .base_model = 0x1,
-         .base_family = 0xF,
-         .reserved = 0,
-         .extended_model = 0x1,
-         .extended_family = 0x0A,
-         .reserved2 = 0};
+      constexpr pal::snp::CPUID genoa_chip_id{
+        .stepping = 0x1,
+        .base_model = 0x1,
+        .base_family = 0xF,
+        .reserved = 0,
+        .extended_model = 0x1,
+        .extended_family = 0x0A,
+        .reserved2 = 0};
       constexpr pal::snp::TcbVersion genoa_tcb_version = {
         .boot_loader = 0,
         .tee = 0,
@@ -872,13 +875,14 @@ namespace ccf
         .microcode = 0x54};
       h->put(genoa_chip_id, genoa_tcb_version);
 
-      constexpr pal::snp::CPUID genoa_x_chip_id {.stepping = 0x2,
-         .base_model = 0x1,
-         .base_family = 0xF,
-         .reserved = 0,
-         .extended_model = 0x1,
-         .extended_family = 0x0A,
-         .reserved2 = 0};
+      constexpr pal::snp::CPUID genoa_x_chip_id{
+        .stepping = 0x2,
+        .base_model = 0x1,
+        .base_family = 0xF,
+        .reserved = 0,
+        .extended_model = 0x1,
+        .extended_family = 0x0A,
+        .reserved2 = 0};
       constexpr pal::snp::TcbVersion genoa_x_tcb_version = {
         .boot_loader = 0,
         .tee = 0,
@@ -891,7 +895,7 @@ namespace ccf
     static void trust_node_snp_tcb_version(
       ccf::kv::Tx& tx, pal::snp::Attestation& attestation)
     {
-      // Fall back to statically configured tcb versions 
+      // Fall back to statically configured tcb versions
       auto cpuid = pal::snp::get_cpuid();
       if (attestation.version < pal::snp::MIN_TCB_VERIF_VERSION)
       {
@@ -906,7 +910,11 @@ namespace ccf
         cpuid->stepping != attestation.cpuid_step)
       {
         LOG_FAIL_FMT(
-          "Snp cpuid does not match attestation cpuid ({} != {}, {}, {})", cpuid->hex_str(), attestation.cpuid_fam_id, attestation.cpuid_mod_id, attestation.cpuid_step);
+          "Snp cpuid does not match attestation cpuid ({} != {}, {}, {})",
+          cpuid->hex_str(),
+          attestation.cpuid_fam_id,
+          attestation.cpuid_mod_id,
+          attestation.cpuid_step);
         trust_static_snp_tcb_version(tx);
         return;
       }