tdx/validator: add TODO about memory integrity

edgelesssys · Aug 26, 2024 · 902e416 · 902e416
1 parent 82676d4
commit 902e416
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/internal/attestation/tdx/validator.go b/internal/attestation/tdx/validator.go
@@ -90,6 +90,8 @@ func (v *Validator) OID() asn1.ObjectIdentifier {
 
 // Validate a TDX attestation.
 func (v *Validator) Validate(ctx context.Context, attDocRaw []byte, nonce []byte, peerPublicKey []byte) (err error) {
+	// TODO(freax13): Validate the memory integrity mode (logical vs cryptographic) in the provisioning certificate.
+
 	v.logger.Info("Validate called", "nonce", hex.EncodeToString(nonce))
 	defer func() {
 		if err != nil {