eventlog: platform priority change and fix event log cli

src/python/cc_event_log_cli.py

@@ -7,6 +7,7 @@
 from cctrusted_base.api import CCTrustedApi
 from cctrusted_base.eventlog import TcgEventLog
 from cctrusted_base.tcgcel import TcgTpmsCelEvent
+from cctrusted_base.tcg import TcgAlgorithmRegistry
 from cctrusted_vm.cvm import ConfidentialVM
 from cctrusted_vm.sdk import CCTrustedVmSdk
 
@@ -41,11 +42,17 @@ def main():
     LOG.info("Total %d of event logs fetched.", len(event_logs))
 
     res = CCTrustedApi.replay_cc_eventlog(event_logs)
+    # pylint: disable-next=C0301
+    LOG.info("Note: If the underlying platform is TDX, the IMR index showing is cc measurement register instead of TDX measurement register.")
+    # pylint: disable-next=C0301
+    LOG.info("Please refer to the spec https://www.intel.com/content/www/us/en/content-details/726790/guest-host-communication-interface-ghci-for-intel-trust-domain-extensions-intel-tdx.html")
     LOG.info("Replayed result of collected event logs:")
     # pylint: disable-next=C0201
-    for key in res.keys():
-        LOG.info("IMR[%d]: ", key)
-        LOG.info("     %s", res.get(key).get(12).hex())
+    for k in sorted(res.keys()):
+        LOG.info("IMR[%d]: ", k)
+        for alg, h in res.get(k).items():
+            LOG.info("   %s: ", TcgAlgorithmRegistry.get_algorithm_string(alg))
+            LOG.info("      %s", h.hex())
 
     LOG.info("Dump collected event logs:")
     for event in event_logs:

src/python/cctrusted_vm/cvm.py

@@ -97,12 +97,13 @@ def init(self) -> bool:
     @staticmethod
     def detect_cc_type():
         """Detect the type of current confidential VM"""
-        # TODO: refine the justification
+        #TODO: refine the justification
+        # support TPM as the first priority for now
+        if os.path.exists(TpmVM.DEFAULT_TPM_DEVICE_NODE):
+            return CCTrustedApi.TYPE_CC_TPM
         for devpath in TdxVM.DEVICE_NODE_PATH.values():
             if os.path.exists(devpath):
                 return CCTrustedApi.TYPE_CC_TDX
-        if os.path.exists(TpmVM.DEFAULT_TPM_DEVICE_NODE):
-            return CCTrustedApi.TYPE_CC_TPM
         return CCTrustedApi.TYPE_CC_NONE
 
     @abstractmethod

src/python/cctrusted_vm/sdk.py

@@ -135,7 +135,7 @@ def get_cc_eventlog(self, start:int = None, count:int = None) -> list:
         self._cvm.process_eventlog()
 
         event_logs = EventLogs(self._cvm.boot_time_event_log, self._cvm.runtime_event_log,
-                               TcgEventLog.TCG_FORMAT_PCCLIENT)
+                               self._cvm.cc_type, TcgEventLog.TCG_FORMAT_PCCLIENT)
 
         event_logs.select(start, count)
 

src/python/tests/tdx_check.py

@@ -34,10 +34,10 @@ def _check_imr(imr_index: int, alg_id: int, rtmr: bytes):
         alg_id: an integer specified the hash algorithm.
         rtmr: bytes of RTMR data for comparison.
     """
-    assert 0 <= imr_index < TdxRTMR.RTMR_COUNT
+    assert 0 < imr_index <= TdxRTMR.RTMR_COUNT
     assert rtmr is not None
     assert alg_id == TcgAlgorithmRegistry.TPM_ALG_SHA384
-    imr = CCTrustedVmSdk.inst().get_cc_measurement([imr_index, alg_id])
+    imr = CCTrustedVmSdk.inst().get_cc_measurement([imr_index - 1, alg_id])
     assert imr is not None
     digest_obj = imr.digest(alg_id)
     assert digest_obj is not None
@@ -128,8 +128,8 @@ def _check_quote_rtmrs(quote):
     # Compare all the RTMR values which are used by the event log.
     # Please note that some RTMR may not be used.
     for imr_idx, digests in rtmrs.items():
-        assert quote_rtmrs[imr_idx] == digests[alg.alg_id], \
-            f"RTMR{imr_idx} doesn't equal the replay from event log!"
+        assert quote_rtmrs[imr_idx - 1] == digests[alg.alg_id], \
+            f"RTMR{imr_idx - 1} doesn't equal the replay from event log!"
 
 def _check_quote_reportdata(quote, nonce=None, userdata=None):
     """Check the userdata in quote result."""