From f62da5cc539be6e700af4a389b95ac9d4250a0bf Mon Sep 17 00:00:00 2001
From: Ruoyu Ying <ruoyu.ying@intel.com>
Date: Tue, 11 Jun 2024 10:13:02 +0800
Subject: [PATCH] eventlog: platform priority change and fix event log cli

* make tpm as the first priority while doing platform check
* fix event log issue and provide the sorted output

Signed-off-by: Ruoyu Ying <ruoyu.ying@intel.com>
---
 src/python/cc_event_log_cli.py | 13 ++++++++++---
 src/python/cctrusted_vm/cvm.py |  7 ++++---
 src/python/cctrusted_vm/sdk.py |  2 +-
 3 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/src/python/cc_event_log_cli.py b/src/python/cc_event_log_cli.py
index a95a625..150fe9c 100644
--- a/src/python/cc_event_log_cli.py
+++ b/src/python/cc_event_log_cli.py
@@ -7,6 +7,7 @@
 from cctrusted_base.api import CCTrustedApi
 from cctrusted_base.eventlog import TcgEventLog
 from cctrusted_base.tcgcel import TcgTpmsCelEvent
+from cctrusted_base.tcg import TcgAlgorithmRegistry
 from cctrusted_vm.cvm import ConfidentialVM
 from cctrusted_vm.sdk import CCTrustedVmSdk
 
@@ -41,11 +42,17 @@ def main():
     LOG.info("Total %d of event logs fetched.", len(event_logs))
 
     res = CCTrustedApi.replay_cc_eventlog(event_logs)
+    # pylint: disable-next=C0301
+    LOG.info("Note: If the underlying platform is TDX, the IMR index showing is cc measurement register instead of TDX measurement register.")
+    # pylint: disable-next=C0301
+    LOG.info("      Please refer to the spec https://www.intel.com/content/www/us/en/content-details/726790/guest-host-communication-interface-ghci-for-intel-trust-domain-extensions-intel-tdx.html")
     LOG.info("Replayed result of collected event logs:")
     # pylint: disable-next=C0201
-    for key in res.keys():
-        LOG.info("IMR[%d]: ", key)
-        LOG.info("     %s", res.get(key).get(12).hex())
+    for k in sorted(res.keys()):
+        LOG.info("IMR[%d]: ", k)
+        for alg, h in res.get(k).items():
+            LOG.info("   %s: ", TcgAlgorithmRegistry.get_algorithm_string(alg))
+            LOG.info("      %s", h.hex())
 
     LOG.info("Dump collected event logs:")
     for event in event_logs:
diff --git a/src/python/cctrusted_vm/cvm.py b/src/python/cctrusted_vm/cvm.py
index ca948e2..f5145ae 100644
--- a/src/python/cctrusted_vm/cvm.py
+++ b/src/python/cctrusted_vm/cvm.py
@@ -97,12 +97,13 @@ def init(self) -> bool:
     @staticmethod
     def detect_cc_type():
         """Detect the type of current confidential VM"""
-        # TODO: refine the justification
+        #TODO: refine the justification
+        # support TPM as the first priority for now
+        if os.path.exists(TpmVM.DEFAULT_TPM_DEVICE_NODE):
+            return CCTrustedApi.TYPE_CC_TPM
         for devpath in TdxVM.DEVICE_NODE_PATH.values():
             if os.path.exists(devpath):
                 return CCTrustedApi.TYPE_CC_TDX
-        if os.path.exists(TpmVM.DEFAULT_TPM_DEVICE_NODE):
-            return CCTrustedApi.TYPE_CC_TPM
         return CCTrustedApi.TYPE_CC_NONE
 
     @abstractmethod
diff --git a/src/python/cctrusted_vm/sdk.py b/src/python/cctrusted_vm/sdk.py
index 1a715ff..99f5523 100644
--- a/src/python/cctrusted_vm/sdk.py
+++ b/src/python/cctrusted_vm/sdk.py
@@ -135,7 +135,7 @@ def get_cc_eventlog(self, start:int = None, count:int = None) -> list:
         self._cvm.process_eventlog()
 
         event_logs = EventLogs(self._cvm.boot_time_event_log, self._cvm.runtime_event_log,
-                               TcgEventLog.TCG_FORMAT_PCCLIENT)
+                               self._cvm.cc_type, TcgEventLog.TCG_FORMAT_PCCLIENT)
 
         event_logs.select(start, count)