Skip to content
This repository has been archived by the owner on Apr 15, 2024. It is now read-only.

example: add node measurement example #180

Merged
merged 1 commit into from
Dec 26, 2023
Merged

example: add node measurement example #180

merged 1 commit into from
Dec 26, 2023

Conversation

Ruoyu-y
Copy link
Contributor

@Ruoyu-y Ruoyu-y commented Dec 25, 2023

  • provide node measurement fetching python script
  • provide Dockerfile for sample container
  • provide yaml file for sample container deployment

@Ruoyu-y
Copy link
Contributor Author

Ruoyu-y commented Dec 25, 2023

Sample output:

tdx@tdx-guest:~$ kubectl exec -it ccnp-node-measurement-example-bb848b65b-br8z5  -- python3 fetch_node_measurement.py --verify-register-index 1
Defaulted container "ccnp-node-measurement-example" out of: ccnp-node-measurement-example, change-permissions (init)
2023-12-25 13:13:19,654 [INFO] Replay event log and verify re-calculated result against RTMR.              Provide option for selected measurement verification.

2023-12-25 13:13:19,754 [INFO] Step 0: List verify scope
2023-12-25 13:13:19,755 [INFO] Verifying RTMRs: [1]

2023-12-25 13:13:19,755 [INFO] Step 1: Check if IMA event logs exist in the system.
2023-12-25 13:13:19,755 [INFO] IMA event logs found in the system.

2023-12-25 13:13:19,755 [INFO] Step 2: Collect boot time and runtime event logs and replay results.
2023-12-25 13:13:19,755 [INFO] ==> Fetching boot time event logs using CCNP API
2023-12-25 13:13:20,055 [INFO] Fetch eventlog successfully.
2023-12-25 13:13:20,257 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,258 [INFO] RTMR index:         1
2023-12-25 13:13:20,258 [INFO] Event type:         2147483655(EV_EFI_ACTION)
2023-12-25 13:13:20,258 [INFO] Digest:
2023-12-25 13:13:20,258 [INFO] 00000000  77 A0 DA B2 31 2B 4E 1E 57 A8 4D 86 5A 21 E5 B2  w...1+N.W.M.Z!..
2023-12-25 13:13:20,259 [INFO] 00000010  EE 8D 67 7A 21 01 2A DA 81 9D 0A 98 98 80 78 D3  ..gz!.*.......x.
2023-12-25 13:13:20,259 [INFO] 00000020  D7 40 F6 34 6B FE 0A BA A9 38 CA 20 43 9A 8D 71  .@.4k....8. C..q
2023-12-25 13:13:20,259 [INFO]
2023-12-25 13:13:20,259 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,259 [INFO] RTMR index:         1
2023-12-25 13:13:20,260 [INFO] Event type:         2147483654(EV_EFI_GPT_EVENT)
2023-12-25 13:13:20,260 [INFO] Digest:
2023-12-25 13:13:20,260 [INFO] 00000000  95 F4 B9 8A 75 F4 5B C3 0D 31 12 30 32 1F 49 DF  ....u.[..1.02.I.
2023-12-25 13:13:20,260 [INFO] 00000010  D1 F1 4D DD 3B 38 D6 10 F2 13 C7 C8 64 7E 43 D0  ..M.;8......d~C.
2023-12-25 13:13:20,260 [INFO] 00000020  9C D2 A1 B8 2A 3B 06 17 7B F7 89 AC F9 9F E7 06  ....*;..{.......
2023-12-25 13:13:20,261 [INFO]
2023-12-25 13:13:20,261 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,261 [INFO] RTMR index:         1
2023-12-25 13:13:20,261 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,261 [INFO] Digest:
2023-12-25 13:13:20,261 [INFO] 00000000  8D DC 5C C6 A1 FA D3 7A D6 12 21 14 85 2B B5 5D  ..\....z..!..+.]
2023-12-25 13:13:20,262 [INFO] 00000010  90 DD 35 37 BB 99 AA 82 99 9F 45 D5 83 D5 77 7E  ..57......E...w~
2023-12-25 13:13:20,262 [INFO] 00000020  EC DB A1 62 63 80 EE C8 08 45 1D 0B 6B 0E 5C 55  ...bc....E..k.\U
2023-12-25 13:13:20,262 [INFO]
2023-12-25 13:13:20,262 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,262 [INFO] RTMR index:         1
2023-12-25 13:13:20,262 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,348 [INFO] Digest:
2023-12-25 13:13:20,349 [INFO] 00000000  FE 21 EE 53 03 30 B0 01 9F 7F AB 92 DF 0F CB 5D  .!.S.0.........]
2023-12-25 13:13:20,349 [INFO] 00000010  9C C9 55 CD C8 57 A5 6B E4 4A 39 B6 E5 7C AF 8F  ..U..W.k.J9..|..
2023-12-25 13:13:20,350 [INFO] 00000020  6A 5C 75 AF 10 FF 12 94 2C C8 56 E2 71 C0 15 7F  j\u.....,.V.q...
2023-12-25 13:13:20,350 [INFO]
2023-12-25 13:13:20,351 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,351 [INFO] RTMR index:         1
2023-12-25 13:13:20,351 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,351 [INFO] Digest:
2023-12-25 13:13:20,351 [INFO] 00000000  8D DC 5C C6 A1 FA D3 7A D6 12 21 14 85 2B B5 5D  ..\....z..!..+.]
2023-12-25 13:13:20,352 [INFO] 00000010  90 DD 35 37 BB 99 AA 82 99 9F 45 D5 83 D5 77 7E  ..57......E...w~
2023-12-25 13:13:20,352 [INFO] 00000020  EC DB A1 62 63 80 EE C8 08 45 1D 0B 6B 0E 5C 55  ...bc....E..k.\U
2023-12-25 13:13:20,352 [INFO]
2023-12-25 13:13:20,353 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,353 [INFO] RTMR index:         1
2023-12-25 13:13:20,353 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,353 [INFO] Digest:
2023-12-25 13:13:20,354 [INFO] 00000000  6D 8C B3 C7 E0 81 64 26 85 E2 D4 D5 11 B5 1A 5E  m.....d&.......^
2023-12-25 13:13:20,354 [INFO] 00000010  AD F5 F9 D3 2B F2 67 FB FC A5 DC 17 1D 45 08 D6  ....+.g......E..
2023-12-25 13:13:20,354 [INFO] 00000020  50 4D 05 EA A3 A8 36 0A C5 A0 45 82 93 31 77 6F  PM....6...E..1wo
2023-12-25 13:13:20,354 [INFO]
2023-12-25 13:13:20,355 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,355 [INFO] RTMR index:         1
2023-12-25 13:13:20,355 [INFO] Event type:         2147483655(EV_EFI_ACTION)
2023-12-25 13:13:20,355 [INFO] Digest:
2023-12-25 13:13:20,355 [INFO] 00000000  21 4B 0B EF 13 79 75 60 11 34 48 77 74 3F DC 2A  !K...yu`.4Hwt?.*
2023-12-25 13:13:20,355 [INFO] 00000010  53 82 BA C6 E7 03 62 D6 24 CC F3 F6 54 40 7C 1B  S.....b.$...T@|.
2023-12-25 13:13:20,355 [INFO] 00000020  4B AD F7 D8 F9 29 5D D3 DA BD EF 65 B2 76 77 E0  K....)]....e.vw.
2023-12-25 13:13:20,356 [INFO]
2023-12-25 13:13:20,356 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,356 [INFO] RTMR index:         1
2023-12-25 13:13:20,356 [INFO] Event type:         2147483655(EV_EFI_ACTION)
2023-12-25 13:13:20,356 [INFO] Digest:
2023-12-25 13:13:20,356 [INFO] 00000000  0A 2E 01 C8 5D EA E7 18 A5 30 AD 8C 6D 20 A8 40  ....]....0..m .@
2023-12-25 13:13:20,357 [INFO] 00000010  09 BA BE 6C 89 89 26 9E 95 0D 8C F4 40 C6 E9 97  ...l..&.....@...
2023-12-25 13:13:20,357 [INFO] 00000020  69 5E 64 D4 55 C4 17 4A 65 2C D0 80 F6 23 0B 74  i^d.U..Je,...#.t
2023-12-25 13:13:20,357 [INFO]
2023-12-25 13:13:20,358 [INFO] Step 3: Fetching measurements in RTMR.
2023-12-25 13:13:20,448 [INFO] ==> Fetching measurements in RTMR[1]
2023-12-25 13:13:20,549 [INFO] Fetch measurement successfully.
2023-12-25 13:13:20,550 [INFO] RTMR[1]: ed3f51bda185c04c79a63348dd531e28f44838b6925972f4373157439c980a82f4b8c3b4e7284f53c3ed578148fff4b4

2023-12-25 13:13:20,550 [INFO] Step 4: Verify individual RTMR value and re-calculated value from event logs
2023-12-25 13:13:20,550 [INFO] RTMR[1] passed the verification.
2023-12-25 13:13:20,550 [INFO] RTMR verify success.

@kenplusplus
Copy link
Contributor

Sample output:

tdx@tdx-guest:~$ kubectl exec -it ccnp-node-measurement-example-bb848b65b-br8z5  -- python3 fetch_node_measurement.py --verify-register-index 1
Defaulted container "ccnp-node-measurement-example" out of: ccnp-node-measurement-example, change-permissions (init)
2023-12-25 13:13:19,654 [INFO] Replay event log and verify re-calculated result against RTMR.              Provide option for selected measurement verification.

2023-12-25 13:13:19,754 [INFO] Step 0: List verify scope
2023-12-25 13:13:19,755 [INFO] Verifying RTMRs: [1]

2023-12-25 13:13:19,755 [INFO] Step 1: Check if IMA event logs exist in the system.
2023-12-25 13:13:19,755 [INFO] IMA event logs found in the system.

2023-12-25 13:13:19,755 [INFO] Step 2: Collect boot time and runtime event logs and replay results.
2023-12-25 13:13:19,755 [INFO] ==> Fetching boot time event logs using CCNP API
2023-12-25 13:13:20,055 [INFO] Fetch eventlog successfully.
2023-12-25 13:13:20,257 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,258 [INFO] RTMR index:         1
2023-12-25 13:13:20,258 [INFO] Event type:         2147483655(EV_EFI_ACTION)
2023-12-25 13:13:20,258 [INFO] Digest:
2023-12-25 13:13:20,258 [INFO] 00000000  77 A0 DA B2 31 2B 4E 1E 57 A8 4D 86 5A 21 E5 B2  w...1+N.W.M.Z!..
2023-12-25 13:13:20,259 [INFO] 00000010  EE 8D 67 7A 21 01 2A DA 81 9D 0A 98 98 80 78 D3  ..gz!.*.......x.
2023-12-25 13:13:20,259 [INFO] 00000020  D7 40 F6 34 6B FE 0A BA A9 38 CA 20 43 9A 8D 71  .@.4k....8. C..q
2023-12-25 13:13:20,259 [INFO]
2023-12-25 13:13:20,259 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,259 [INFO] RTMR index:         1
2023-12-25 13:13:20,260 [INFO] Event type:         2147483654(EV_EFI_GPT_EVENT)
2023-12-25 13:13:20,260 [INFO] Digest:
2023-12-25 13:13:20,260 [INFO] 00000000  95 F4 B9 8A 75 F4 5B C3 0D 31 12 30 32 1F 49 DF  ....u.[..1.02.I.
2023-12-25 13:13:20,260 [INFO] 00000010  D1 F1 4D DD 3B 38 D6 10 F2 13 C7 C8 64 7E 43 D0  ..M.;8......d~C.
2023-12-25 13:13:20,260 [INFO] 00000020  9C D2 A1 B8 2A 3B 06 17 7B F7 89 AC F9 9F E7 06  ....*;..{.......
2023-12-25 13:13:20,261 [INFO]
2023-12-25 13:13:20,261 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,261 [INFO] RTMR index:         1
2023-12-25 13:13:20,261 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,261 [INFO] Digest:
2023-12-25 13:13:20,261 [INFO] 00000000  8D DC 5C C6 A1 FA D3 7A D6 12 21 14 85 2B B5 5D  ..\....z..!..+.]
2023-12-25 13:13:20,262 [INFO] 00000010  90 DD 35 37 BB 99 AA 82 99 9F 45 D5 83 D5 77 7E  ..57......E...w~
2023-12-25 13:13:20,262 [INFO] 00000020  EC DB A1 62 63 80 EE C8 08 45 1D 0B 6B 0E 5C 55  ...bc....E..k.\U
2023-12-25 13:13:20,262 [INFO]
2023-12-25 13:13:20,262 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,262 [INFO] RTMR index:         1
2023-12-25 13:13:20,262 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,348 [INFO] Digest:
2023-12-25 13:13:20,349 [INFO] 00000000  FE 21 EE 53 03 30 B0 01 9F 7F AB 92 DF 0F CB 5D  .!.S.0.........]
2023-12-25 13:13:20,349 [INFO] 00000010  9C C9 55 CD C8 57 A5 6B E4 4A 39 B6 E5 7C AF 8F  ..U..W.k.J9..|..
2023-12-25 13:13:20,350 [INFO] 00000020  6A 5C 75 AF 10 FF 12 94 2C C8 56 E2 71 C0 15 7F  j\u.....,.V.q...
2023-12-25 13:13:20,350 [INFO]
2023-12-25 13:13:20,351 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,351 [INFO] RTMR index:         1
2023-12-25 13:13:20,351 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,351 [INFO] Digest:
2023-12-25 13:13:20,351 [INFO] 00000000  8D DC 5C C6 A1 FA D3 7A D6 12 21 14 85 2B B5 5D  ..\....z..!..+.]
2023-12-25 13:13:20,352 [INFO] 00000010  90 DD 35 37 BB 99 AA 82 99 9F 45 D5 83 D5 77 7E  ..57......E...w~
2023-12-25 13:13:20,352 [INFO] 00000020  EC DB A1 62 63 80 EE C8 08 45 1D 0B 6B 0E 5C 55  ...bc....E..k.\U
2023-12-25 13:13:20,352 [INFO]
2023-12-25 13:13:20,353 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,353 [INFO] RTMR index:         1
2023-12-25 13:13:20,353 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,353 [INFO] Digest:
2023-12-25 13:13:20,354 [INFO] 00000000  6D 8C B3 C7 E0 81 64 26 85 E2 D4 D5 11 B5 1A 5E  m.....d&.......^
2023-12-25 13:13:20,354 [INFO] 00000010  AD F5 F9 D3 2B F2 67 FB FC A5 DC 17 1D 45 08 D6  ....+.g......E..
2023-12-25 13:13:20,354 [INFO] 00000020  50 4D 05 EA A3 A8 36 0A C5 A0 45 82 93 31 77 6F  PM....6...E..1wo
2023-12-25 13:13:20,354 [INFO]
2023-12-25 13:13:20,355 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,355 [INFO] RTMR index:         1
2023-12-25 13:13:20,355 [INFO] Event type:         2147483655(EV_EFI_ACTION)
2023-12-25 13:13:20,355 [INFO] Digest:
2023-12-25 13:13:20,355 [INFO] 00000000  21 4B 0B EF 13 79 75 60 11 34 48 77 74 3F DC 2A  !K...yu`.4Hwt?.*
2023-12-25 13:13:20,355 [INFO] 00000010  53 82 BA C6 E7 03 62 D6 24 CC F3 F6 54 40 7C 1B  S.....b.$...T@|.
2023-12-25 13:13:20,355 [INFO] 00000020  4B AD F7 D8 F9 29 5D D3 DA BD EF 65 B2 76 77 E0  K....)]....e.vw.
2023-12-25 13:13:20,356 [INFO]
2023-12-25 13:13:20,356 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,356 [INFO] RTMR index:         1
2023-12-25 13:13:20,356 [INFO] Event type:         2147483655(EV_EFI_ACTION)
2023-12-25 13:13:20,356 [INFO] Digest:
2023-12-25 13:13:20,356 [INFO] 00000000  0A 2E 01 C8 5D EA E7 18 A5 30 AD 8C 6D 20 A8 40  ....]....0..m .@
2023-12-25 13:13:20,357 [INFO] 00000010  09 BA BE 6C 89 89 26 9E 95 0D 8C F4 40 C6 E9 97  ...l..&.....@...
2023-12-25 13:13:20,357 [INFO] 00000020  69 5E 64 D4 55 C4 17 4A 65 2C D0 80 F6 23 0B 74  i^d.U..Je,...#.t
2023-12-25 13:13:20,357 [INFO]
2023-12-25 13:13:20,358 [INFO] Step 3: Fetching measurements in RTMR.
2023-12-25 13:13:20,448 [INFO] ==> Fetching measurements in RTMR[1]
2023-12-25 13:13:20,549 [INFO] Fetch measurement successfully.
2023-12-25 13:13:20,550 [INFO] RTMR[1]: ed3f51bda185c04c79a63348dd531e28f44838b6925972f4373157439c980a82f4b8c3b4e7284f53c3ed578148fff4b4

2023-12-25 13:13:20,550 [INFO] Step 4: Verify individual RTMR value and re-calculated value from event logs
2023-12-25 13:13:20,550 [INFO] RTMR[1] passed the verification.
2023-12-25 13:13:20,550 [INFO] RTMR verify success.

could you please add a document at docs directory to save this output for future reference.

@Ruoyu-y
Copy link
Contributor Author

Ruoyu-y commented Dec 25, 2023

Sample output:

tdx@tdx-guest:~$ kubectl exec -it ccnp-node-measurement-example-bb848b65b-br8z5  -- python3 fetch_node_measurement.py --verify-register-index 1
Defaulted container "ccnp-node-measurement-example" out of: ccnp-node-measurement-example, change-permissions (init)
2023-12-25 13:13:19,654 [INFO] Replay event log and verify re-calculated result against RTMR.              Provide option for selected measurement verification.

2023-12-25 13:13:19,754 [INFO] Step 0: List verify scope
2023-12-25 13:13:19,755 [INFO] Verifying RTMRs: [1]

2023-12-25 13:13:19,755 [INFO] Step 1: Check if IMA event logs exist in the system.
2023-12-25 13:13:19,755 [INFO] IMA event logs found in the system.

2023-12-25 13:13:19,755 [INFO] Step 2: Collect boot time and runtime event logs and replay results.
2023-12-25 13:13:19,755 [INFO] ==> Fetching boot time event logs using CCNP API
2023-12-25 13:13:20,055 [INFO] Fetch eventlog successfully.
2023-12-25 13:13:20,257 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,258 [INFO] RTMR index:         1
2023-12-25 13:13:20,258 [INFO] Event type:         2147483655(EV_EFI_ACTION)
2023-12-25 13:13:20,258 [INFO] Digest:
2023-12-25 13:13:20,258 [INFO] 00000000  77 A0 DA B2 31 2B 4E 1E 57 A8 4D 86 5A 21 E5 B2  w...1+N.W.M.Z!..
2023-12-25 13:13:20,259 [INFO] 00000010  EE 8D 67 7A 21 01 2A DA 81 9D 0A 98 98 80 78 D3  ..gz!.*.......x.
2023-12-25 13:13:20,259 [INFO] 00000020  D7 40 F6 34 6B FE 0A BA A9 38 CA 20 43 9A 8D 71  .@.4k....8. C..q
2023-12-25 13:13:20,259 [INFO]
2023-12-25 13:13:20,259 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,259 [INFO] RTMR index:         1
2023-12-25 13:13:20,260 [INFO] Event type:         2147483654(EV_EFI_GPT_EVENT)
2023-12-25 13:13:20,260 [INFO] Digest:
2023-12-25 13:13:20,260 [INFO] 00000000  95 F4 B9 8A 75 F4 5B C3 0D 31 12 30 32 1F 49 DF  ....u.[..1.02.I.
2023-12-25 13:13:20,260 [INFO] 00000010  D1 F1 4D DD 3B 38 D6 10 F2 13 C7 C8 64 7E 43 D0  ..M.;8......d~C.
2023-12-25 13:13:20,260 [INFO] 00000020  9C D2 A1 B8 2A 3B 06 17 7B F7 89 AC F9 9F E7 06  ....*;..{.......
2023-12-25 13:13:20,261 [INFO]
2023-12-25 13:13:20,261 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,261 [INFO] RTMR index:         1
2023-12-25 13:13:20,261 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,261 [INFO] Digest:
2023-12-25 13:13:20,261 [INFO] 00000000  8D DC 5C C6 A1 FA D3 7A D6 12 21 14 85 2B B5 5D  ..\....z..!..+.]
2023-12-25 13:13:20,262 [INFO] 00000010  90 DD 35 37 BB 99 AA 82 99 9F 45 D5 83 D5 77 7E  ..57......E...w~
2023-12-25 13:13:20,262 [INFO] 00000020  EC DB A1 62 63 80 EE C8 08 45 1D 0B 6B 0E 5C 55  ...bc....E..k.\U
2023-12-25 13:13:20,262 [INFO]
2023-12-25 13:13:20,262 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,262 [INFO] RTMR index:         1
2023-12-25 13:13:20,262 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,348 [INFO] Digest:
2023-12-25 13:13:20,349 [INFO] 00000000  FE 21 EE 53 03 30 B0 01 9F 7F AB 92 DF 0F CB 5D  .!.S.0.........]
2023-12-25 13:13:20,349 [INFO] 00000010  9C C9 55 CD C8 57 A5 6B E4 4A 39 B6 E5 7C AF 8F  ..U..W.k.J9..|..
2023-12-25 13:13:20,350 [INFO] 00000020  6A 5C 75 AF 10 FF 12 94 2C C8 56 E2 71 C0 15 7F  j\u.....,.V.q...
2023-12-25 13:13:20,350 [INFO]
2023-12-25 13:13:20,351 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,351 [INFO] RTMR index:         1
2023-12-25 13:13:20,351 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,351 [INFO] Digest:
2023-12-25 13:13:20,351 [INFO] 00000000  8D DC 5C C6 A1 FA D3 7A D6 12 21 14 85 2B B5 5D  ..\....z..!..+.]
2023-12-25 13:13:20,352 [INFO] 00000010  90 DD 35 37 BB 99 AA 82 99 9F 45 D5 83 D5 77 7E  ..57......E...w~
2023-12-25 13:13:20,352 [INFO] 00000020  EC DB A1 62 63 80 EE C8 08 45 1D 0B 6B 0E 5C 55  ...bc....E..k.\U
2023-12-25 13:13:20,352 [INFO]
2023-12-25 13:13:20,353 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,353 [INFO] RTMR index:         1
2023-12-25 13:13:20,353 [INFO] Event type:         2147483651(EV_EFI_BOOT_SERVICES_APPLICATION)
2023-12-25 13:13:20,353 [INFO] Digest:
2023-12-25 13:13:20,354 [INFO] 00000000  6D 8C B3 C7 E0 81 64 26 85 E2 D4 D5 11 B5 1A 5E  m.....d&.......^
2023-12-25 13:13:20,354 [INFO] 00000010  AD F5 F9 D3 2B F2 67 FB FC A5 DC 17 1D 45 08 D6  ....+.g......E..
2023-12-25 13:13:20,354 [INFO] 00000020  50 4D 05 EA A3 A8 36 0A C5 A0 45 82 93 31 77 6F  PM....6...E..1wo
2023-12-25 13:13:20,354 [INFO]
2023-12-25 13:13:20,355 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,355 [INFO] RTMR index:         1
2023-12-25 13:13:20,355 [INFO] Event type:         2147483655(EV_EFI_ACTION)
2023-12-25 13:13:20,355 [INFO] Digest:
2023-12-25 13:13:20,355 [INFO] 00000000  21 4B 0B EF 13 79 75 60 11 34 48 77 74 3F DC 2A  !K...yu`.4Hwt?.*
2023-12-25 13:13:20,355 [INFO] 00000010  53 82 BA C6 E7 03 62 D6 24 CC F3 F6 54 40 7C 1B  S.....b.$...T@|.
2023-12-25 13:13:20,355 [INFO] 00000020  4B AD F7 D8 F9 29 5D D3 DA BD EF 65 B2 76 77 E0  K....)]....e.vw.
2023-12-25 13:13:20,356 [INFO]
2023-12-25 13:13:20,356 [INFO] --------------------Event Log Entry----------------------
2023-12-25 13:13:20,356 [INFO] RTMR index:         1
2023-12-25 13:13:20,356 [INFO] Event type:         2147483655(EV_EFI_ACTION)
2023-12-25 13:13:20,356 [INFO] Digest:
2023-12-25 13:13:20,356 [INFO] 00000000  0A 2E 01 C8 5D EA E7 18 A5 30 AD 8C 6D 20 A8 40  ....]....0..m .@
2023-12-25 13:13:20,357 [INFO] 00000010  09 BA BE 6C 89 89 26 9E 95 0D 8C F4 40 C6 E9 97  ...l..&.....@...
2023-12-25 13:13:20,357 [INFO] 00000020  69 5E 64 D4 55 C4 17 4A 65 2C D0 80 F6 23 0B 74  i^d.U..Je,...#.t
2023-12-25 13:13:20,357 [INFO]
2023-12-25 13:13:20,358 [INFO] Step 3: Fetching measurements in RTMR.
2023-12-25 13:13:20,448 [INFO] ==> Fetching measurements in RTMR[1]
2023-12-25 13:13:20,549 [INFO] Fetch measurement successfully.
2023-12-25 13:13:20,550 [INFO] RTMR[1]: ed3f51bda185c04c79a63348dd531e28f44838b6925972f4373157439c980a82f4b8c3b4e7284f53c3ed578148fff4b4

2023-12-25 13:13:20,550 [INFO] Step 4: Verify individual RTMR value and re-calculated value from event logs
2023-12-25 13:13:20,550 [INFO] RTMR[1] passed the verification.
2023-12-25 13:13:20,550 [INFO] RTMR verify success.

could you please add a document at docs directory to save this output for future reference.

Sure.

@Ruoyu-y
Copy link
Contributor Author

Ruoyu-y commented Dec 25, 2023

And ONE THING need to mention here, current the IMA event logs are NOT fetched through CCNP API, but fetched directly by the script from the data located under /sys/kernel/security/integrity/ima/ascii_runtime_measurements. Which means the script will be changed when the implementation for processing these runtime event logs are added to CC-API/CCNP. @kenplusplus Do you think it is acceptable to do this?

@Ruoyu-y
example: add node measurement example
9409a47 
* provide node measurement fetching python script
* provide Dockerfile for sample container
* provide yaml file for sample container deployment
* provide sample output for the tool

Signed-off-by: Ruoyu Ying <ruoyu.ying@intel.com>
kenplusplus
kenplusplus approved these changes Dec 26, 2023
View reviewed changes
Copy link
Contributor

@kenplusplus kenplusplus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kenplusplus kenplusplus merged commit 638d772 into intel:main Dec 26, 2023
3 checks passed
@Ruoyu-y Ruoyu-y deleted the node-measurement-tool branch December 29, 2023 00:36
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@kenplusplus kenplusplus kenplusplus approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Ruoyu-y @kenplusplus