fix(tdeventlog): fix SpecID header detection and exclude invalid RTMRs

[hyperfinitism]

This PR fixes parsing/replay issues observed on some cloud platforms.

Issue summary

On some environments (e.g. Google Compute Engine C3 on Ubuntu 24.04+), the CCEL/TCG event log can contain multiple EV_NO_ACTION entries, while only one of them is the Spec ID event.

The current parser assumes the first EV_NO_ACTION entry is always the Spec ID event, which can lead to an incorrect self._specid_header assignment and subsequent parse failures when processing following entries.

Additionally, some environments (including GCE C3) emit event log entries with an RTMR index of -1 (i.e. non-extendable / out of the valid RTMR range). Attempting to replay such entries causes RTMR replay to fail.

Changes

• Spec ID detection: Identify the Spec ID event by checking for the Spec ID signature (b"Spec ID Event03\x00") in the event data
• RTMR replay: Skip entries whose RTMR index is out of range (e.g. -1)
• Non-functional: remove a duplicated import and use a context manager (with) when reading initrd.img to silence pylint warning

Test

Test Environments

I have tested on the following environments (both Ubuntu 24.04 LTS and 25.04):

• VM: Google Compute Engine C3 (c3-standard-4)
• CPU: Intel Sapphire Rapids
• OS Image:
  1. Ubuntu 24.04 LTS (ubuntu-accelerator-2404-amd64-with-nvidia-580-v20251014)
  2. Ubuntu 25.04 (ubuntu-2504-plucky-amd64-v20260114)
• Kernel:
  1. 6.14.0-1020-gcp
  2. 6.14.0-1021-gcp
• Confidential VM service: Intel TDX
• Shielded VM: Enabled
  • Secure Boot: On
  • vTPM: On
  • Integrity Monitoring: On

Setup

# Install Go (latest)
wget https://go.dev/dl/go1.25.6.linux-amd64.tar.gz
sudo tar -xzvf go1.25.6.linux-amd64.tar.gz -C /usr/local/
rm go1.25.6.linux-amd64.tar.gz
export GOPATH="$HOME/go"
export PATH=$PATH:"$GOPATH/bin":"/usr/local/go/bin"
echo "export GOPATH="$HOME/go"" >> "$HOME/.bashrc"
echo "export PATH=$PATH:"$GOPATH/bin":"/usr/local/go/bin"" >> "$HOME/.bashrc"

# Install go-tdx-guest (with display feature)
git clone https://github.com/hyperfinitism/go-tdx-guest -b add-show-cli
pushd go-tdx-guest
    go build -o ../tdx-attest tools/attest/attest.go
    go build -o ../tdx-show tools/show/show.go
popd
rm -rf go-tdx-guest

# Python
sudo apt update
sudo apt install -y python3 python3-venv

Reproduce the issue

Reproduce the reported issue in the current main branch:

# Install from the current repository
git clone https://github.com/canonical/tdx
pushd tdx
  git checkout 1c9ca39
popd
python3 -m venv venv
source venv/bin/activate
pip3 install tdx/tests/lib/tdx-tools/
deactivate

# Run
sudo ./venv/bin/tdeventlog
# => AssertionError (line 260 in tdeventlog.py)

# Clean up
sudo rm -rf tdx

Test this patch

Verify that this PR resolves the issue:

# Install from my working branch
git clone https://github.com/hyperfinitism/tdx -b feature/support-gcp
python3 -m venv venv
source venv/bin/activate
pip3 install tdx/tests/lib/tdx-tools/
deactivate

# Run
sudo ./venv/bin/tdeventlog
# => Successful

# Get TD quote
openssl rand 64 | xxd -p | tr -d '\n' > report-data.txt
sudo ./tdx-attest -inform hex -in "$(< report-data.txt)" -outform bin -out quote.bin

# Show RTMRs in the TD quote and compare them with replayed RTMRs
./tdx-show -inform bin -in quote.bin | grep -i rtmrs

# Clean up
sudo rm quote.bin
rm report-data.txt
rm -rf tdx

The following are the results obtained when executed in my environments (partially omitted). It can be confirmed that the RTMR values are correctly reproduced.

$ sudo ./venv/bin/tdeventlog

.......

==== TDX Event Log Entry - 114 [0xBF5CACA3] ====
RTMR              : 1
Type              : 0x80000007 (EV_EFI_ACTION)
Length            : 106
Algorithms ID     : 12 (TPM_ALG_SHA384)
Digest[0] : 0a2e01c85deae718a530ad8c6d20a84009babe6c8989269e950d8cf440c6e997695e64d455c4174a652cd080f6230b74
RAW DATA: ----------------------------------------------
BF5CACA3  02 00 00 00 07 00 00 80 01 00 00 00 0C 00 0A 2E  ................
BF5CACB3  01 C8 5D EA E7 18 A5 30 AD 8C 6D 20 A8 40 09 BA  ..]....0..m .@..
BF5CACC3  BE 6C 89 89 26 9E 95 0D 8C F4 40 C6 E9 97 69 5E  .l..&.....@...i^
BF5CACD3  64 D4 55 C4 17 4A 65 2C D0 80 F6 23 0B 74 28 00  d.U..Je,...#.t(.
BF5CACE3  00 00 45 78 69 74 20 42 6F 6F 74 20 53 65 72 76  ..Exit Boot Serv
BF5CACF3  69 63 65 73 20 52 65 74 75 72 6E 65 64 20 77 69  ices Returned wi
BF5CAD03  74 68 20 53 75 63 63 65 73 73                    th Success
RAW DATA: ----------------------------------------------

Skip event with invalid RTMR index -1
Skip event with invalid RTMR index -1

==== Replayed RTMR values from event log ====
rtmr_0 : bd0b25d2ecf8a7ee2d35b448d294b0b481fc69c30fdd6e4d0a88339d5254673dcc70a0252f8a025d0a35fd3ff918fa9d
rtmr_1 : 14747c6196dd8ae2b81e268d2932b843df6bde05876f2a35387310223585d849e6da7eb9726d9132a55e03aca4aa651d
rtmr_2 : a2a1067dfa6cd0a0ea52775dd28fd22b5d8f2b152317940bd86244f0dc7fd04fb312a2c92eb87045ad7dfdf2c0b5f1b3
rtmr_3 : 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

$ ./tdx-show -inform bin -in quote.bin | grep -i rtmrs
  rtmrs:  "\xbd\x0b%\xd2\xec\xf8\xa7\xee-5\xb4H\u0494\xb0\xb4\x81\xfci\xc3\x0f\xddnM\n\x883\x9dRTg=\xccp\xa0%/\x8a\x02]\n5\xfd?\xf9\x18\xfa\x9d"
  rtmrs:  "\x14t|a\x96\u074a\xe2\xb8\x1e&\x8d)2\xb8C\xdfk\xde\x05\x87o*58s\x10\"5\x85\xd8I\xe6\xda~\xb9rm\x912\xa5^\x03\xac\xa4\xaae\x1d"
  rtmrs:  "\xa2\xa1\x06}\xfal\u0420\xeaRw]\u048f\xd2+]\x8f+\x15#\x17\x94\x0b\xd8bD\xf0\xdc\x7f\xd0O\xb3\x12\xa2\xc9.\xb8pE\xad}\xfd\xf2\xc0\xb5\xf1\xb3"
  rtmrs:  "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"