vmsdk: initiate the code structure

1. add github action for pylint 2. add api class for python vmsdk 3. add binaryblob, imr, utility for common sdk
cc-api · Dec 6, 2023 · 63c16ff · 63c16ff
1 parent 3374839
commit 63c16ff
Show file tree

Hide file tree

Showing 13 changed files with 1,426 additions and 9 deletions.
diff --git a/.github/pylintrc b/.github/pylintrc
diff --git a/.github/workflows/pylint.yaml b/.github/workflows/pylint.yaml
@@ -0,0 +1,42 @@
+name: Python Code Scan
+
+on:
+  push:
+    branches:
+    - main
+    paths:
+    - 'common/**/*.py'
+    - 'vmsdk/**/*.py'
+  pull_request:
+    paths:
+    - 'common/**/*.py'
+    - 'vmsdk/**/*.py'
+  workflow_dispatch:
+
+jobs:
+  codescan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-python@v4
+
+      - name: Install dependencies
+        run: |
+          python3 -m pip install --upgrade pip
+          python3 -m pip install pylint pydocstyle
+          python3 -m pip install -r ./common/python/requirements.txt
+          python3 -m pip install -r ./vmsdk/python/requirements.txt
+          sudo apt update
+
+      - name: Analyze python code
+        run: |
+          set -ex
+          source setupenv.sh
+          python_files=$(find ./ -name "*.py" -print)
+          if [[ -n "$python_files" ]]; then
+            echo "$python_files" | xargs -n 1 python3 -m pylint --rcfile=.github/pylintrc
+            #echo "$python_files" | xargs -n 1 python3 -m pydocstyle --convention=google
+          else
+            echo "No python files found."
+          fi
diff --git a/.gitignore b/.gitignore
@@ -50,3 +50,5 @@ modules.order
 Module.symvers
 Mkfile.old
 dkms.conf
+
+__pycache__/
diff --git a/common/python/cctrusted_base/binaryblob.py b/common/python/cctrusted_base/binaryblob.py
@@ -0,0 +1,113 @@
+"""
+Manage the binary blob
+"""
+import logging
+import string
+import struct
+
+LOG = logging.getLogger(__name__)
+
+__author__ = ""
+
+
+class BinaryBlob:
+    """
+    Manage the binary blob.
+    """
+
+    def __init__(self, data, base=0):
+        self._data = data
+        self._base_address = base
+
+    @property
+    def length(self):
+        """
+        Length of binary in bytes
+        """
+        return len(self._data)
+
+    @property
+    def data(self):
+        """
+        Raw data of binary blob
+        """
+        return self._data
+
+    def to_hex_string(self):
+        """
+        To hex string
+        """
+        return "".join(f"{b:02x}" % b for b in self._data)
+
+    def get_uint16(self, pos):
+        """
+        Get UINT16 integer
+        """
+        assert pos + 2 <= self.length
+        return (struct.unpack("<H", self.data[pos:pos + 2])[0], pos + 2)
+
+    def get_uint8(self, pos):
+        """
+        Get UINT8 integer
+        """
+        assert pos + 1 <= self.length
+        return (self.data[pos], pos + 1)
+
+    def get_uint32(self, pos):
+        """
+        Get UINT32 integer
+        """
+        assert pos + 4 <= self.length
+        return (struct.unpack("<L", self.data[pos:pos + 4])[0], pos + 4)
+
+    def get_uint64(self, pos):
+        """
+        Get UINT64 integer
+        """
+        assert pos + 8 <= self.length
+        return (struct.unpack("<Q", self.data[pos:pos + 8])[0], pos + 8)
+
+    def get_bytes(self, pos, count):
+        """
+        Get bytes
+        """
+        if count == 0:
+            return None
+        assert pos + count <= self.length
+        return (self.data[pos:pos + count], pos + count)
+
+    def dump(self):
+        """
+        Dump Hex value
+        """
+        index = 0
+        linestr = ""
+        printstr = ""
+
+        while index < self.length:
+            if (index % 16) == 0:
+                if len(linestr) != 0:
+                    LOG.info("%s %s", linestr, printstr)
+                    printstr = ''
+                # line prefix string
+                # pylint: disable=consider-using-f-string
+                linestr = "{0:08X}  ".format(int(index / 16) * 16 + \
+                    self._base_address)
+
+            # pylint: disable=consider-using-f-string
+            linestr += "{0:02X} ".format(self._data[index])
+            if chr(self._data[index]) in set(string.printable) and \
+               self._data[index] not in [0xC, 0xB, 0xA, 0xD, 0x9]:
+                printstr += chr(self._data[index])
+            else:
+                printstr += '.'
+
+            index += 1
+
+        if (index % 16) != 0:
+            blank = ""
+            for _ in range(16 - index % 16):
+                blank = blank + "   "
+            LOG.info("%s%s %s", linestr, blank, printstr)
+        elif index == self.length:
+            LOG.info("%s %s", linestr, printstr)
diff --git a/common/python/cctrusted_base/imr.py b/common/python/cctrusted_base/imr.py
@@ -0,0 +1,113 @@
+"""
+Integrated Measurement Register packages.
+"""
+from abc import ABC, abstractmethod
+
+class TcgAlgorithmRegistry:
+    """
+    From TCG specification
+    https://trustedcomputinggroup.org/wp-content/uploads/TCG-_Algorithm_Registry_r1p32_pub.pdf
+    """
+
+    TPM_ALG_ERROR = 0x0
+    TPM_ALG_RSA = 0x1
+    TPM_ALG_TDES = 0x3
+    TPM_ALG_SHA256 = 0xB
+    TPM_ALG_SHA384 = 0xC
+    TPM_ALG_SHA512 = 0xD
+
+    TPM_ALG_TABLE = {
+        TPM_ALG_RSA: "TPM_ALG_RSA",
+        TPM_ALG_TDES: "TPM_ALG_TDES",
+        TPM_ALG_SHA256: "TPM_ALG_SHA256",
+        TPM_ALG_SHA384: "TPM_ALG_SHA384",
+        TPM_ALG_SHA512: "TPM_ALG_SHA512"
+    }
+
+    @staticmethod
+    def get_algorithm_string(alg_id: int) -> str:
+        """
+        Return algorithms name from ID
+        """
+        if alg_id in TcgAlgorithmRegistry.TPM_ALG_TABLE:
+            return TcgAlgorithmRegistry.TPM_ALG_TABLE[alg_id]
+        return "UNKNOWN"
+
+    def __init__(self, alg_id: int) -> None:
+        assert alg_id in TcgAlgorithmRegistry.TPM_ALG_TABLE, \
+            "invalid parameter alg_id"
+        self._alg_id = alg_id
+
+class TcgDigest:
+    """
+    TCG Digest
+    """
+
+    def __init__(self, alg_id=TcgAlgorithmRegistry.TPM_ALG_SHA384):
+        self._algorithms = TcgAlgorithmRegistry(alg_id)
+        self._hash = []
+
+    @property
+    def algorithms(self) -> TcgAlgorithmRegistry:
+        """
+        Algorithms for the hash of digest
+        """
+        return self._algorithms
+
+class TcgIMR(ABC):
+    """
+    Common Integrated Measurement Register class
+    """
+
+    _INVALID_IMR_INDEX = -1
+
+    def __init__(self):
+        self._index = -1
+        self._digest = []
+
+    @property
+    def index(self) -> int:
+        """
+        The index of IMR register
+        """
+        return self._index
+
+    @property
+    def digest(self):
+        """
+        The digest value of IMR
+        """
+        return self._digest
+
+    @property
+    @abstractmethod
+    def count(self):
+        """
+        The total account of IMR
+        """
+        raise NotImplementedError("Need implemented in different arch")
+
+    def is_valid(self):
+        """
+        Check whether IMR is valid or not
+        """
+        return self._index != TcgIMR._INVALID_IMR_INDEX and \
+            self._index < self.count
+
+class TdxRTMR(TcgIMR):
+    """
+    RTMR class defined for Intel TDX
+    """
+
+    @property
+    def count(self):
+        return 4
+
+class TpmPCR(TcgIMR):
+    """
+    PCR class defined for TPM
+    """
+
+    @property
+    def count(self):
+        return 24