Skip to content

SPDM 1.3: Measurement Extension Log Support #86

New issue
New issue
Open
Open
SPDM 1.3: Measurement Extension Log Support#86
Labels
enhancementNew feature or request
@twilfredo

Description

@twilfredo
twilfredo
opened on Jul 17, 2024

As defined by SPDM 1.3 specification section 10.30.

A Responder device may create and maintain a Measurement Extension Log (MEL) to record device information such
as measurements of firmware and/or software modules loaded during the boot, firmware and/or software updates,
configurations, status of the system, and so on. To construct the MEL, when certain events occur, the Responder
appends data associated with the events to the end of the MEL. The events that cause the MEL update are specific to
and are determined by individual Responder implementations. For example, the Responder may append the digest
and version number of a firmware module to the end of the MEL when the firmware module is loaded. The MEL
grows as entries are added. At reset, the Responder may reset the MEL or preserve the MEL. If the Responder
preserves the MEL across resets, the reset events themselves may be added as new entries to the MEL. Accordingly,
the corresponding HEM should also be preserved across resets. The Responder should ensure that the MEL will not
overrun memory or wrap under normal uses.

Do we want to support this in SPDM-Utils? libspdm has LIBSPDM_ENABLE_CAPABILITY_MEL_CAP support, which means we should be able to add this to spdm-utils by implementing:

#if LIBSPDM_ENABLE_CAPABILITY_MEL_CAP
/**
 * Process the SPDM GET_MEASUREMENT_EXTENSION_LOG request and return the response.
 *
 * @param  spdm_context                  A pointer to the SPDM context.
 * @param  request_size                  size in bytes of the request data.
 * @param  request                      A pointer to the request data.
 * @param  response_size                 size in bytes of the response data.
 *                                     On input, it means the size in bytes of response data buffer.
 *                                     On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned,
 *                                     and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned.
 * @param  response                     A pointer to the response data.
 **/
libspdm_return_t libspdm_get_response_measurement_extension_log(libspdm_context_t *spdm_context,
                                                                size_t request_size,
                                                                const void *request,
                                                                size_t *response_size,
                                                                void *response);
#endif /* LIBSPDM_ENABLE_CAPABILITY_MEL_CAP */

As specified here

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions