From: Dan Williams <dan.j.williams@intel.com>
To: "Daniel P. Berrangé" <berrange@redhat.com>,
"Kuppuswamy Sathyanarayanan"
<sathyanarayanan.kuppuswamy@linux.intel.com>
Cc: Dan Williams <dan.j.williams@intel.com>,
Nikolay Borisov <nik.borisov@suse.com>,
<linux-coco@lists.linux.dev>, <x86@kernel.org>,
<dave.hansen@linux.intel.com>, <dionnaglaze@google.com>,
<dan.middleton@linux.intel.com>
Subject: Re: [PATCH] virt: tdx-guest: Deprecate legacy IOCTL-based interface for quote generation
Date: Wed, 31 Jan 2024 13:12:45 -0800 [thread overview]
Message-ID: <65bab7cdc650e_37ad294e1@dwillia2-xfh.jf.intel.com.notmuch> (raw)
In-Reply-To: <Zbq04j1Av2znlKIC@redhat.com>
Daniel P. Berrangé wrote:
> On Wed, Jan 31, 2024 at 12:44:46PM -0800, Kuppuswamy Sathyanarayanan wrote:
> >
> > On 1/31/24 11:50 AM, Dan Williams wrote:
> > > Kuppuswamy Sathyanarayanan wrote:
> > >> + Dan Middleton
> > >>
> > >> Hi Boris,
> > >>
> > >> On 1/24/24 1:38 AM, Nikolay Borisov wrote:
> > >>> IOCTL based interface was the natural choice for interacting with the
> > >>> quote generation machine at a time when there wasn't anything better.
> > >>> Fortunately, now we have a vendor-agnostic, configfs-based one which
> > >>> obviates the need to have the IOCTL-based interface.
> > >>>
> > >>> Gate the relevant code behind a Kconfig option, clearly marking it as
> > >>> deprecated as well as introduce a runtime warning.
> > >>>
> > >>> Signed-off-by: Nikolay Borisov <nik.borisov@suse.com>
> > >>> ---
> > >> In the following thread, Dan Middleton raised a point about this interface
> > >> being used for local attestation use cases.
> > >>
> > >> https://lore.kernel.org/all/ZbAaKAh-230Hj4BF@redhat.com/T/#m691dae9a7833a35552cafb597c838df9c2ed5f3a
> > >>
> > >> Currently, the configfs-based ABI does not support the local attestation use cases.
> > > What are local attestation use cases, and what happens if Linux does not
> > > provide a local attestation interface and standardizes on remotely
> > > attestable as the standard?
> >
> >
> > Local attestation is used by one TD on the same platform to prove to another TD
> > in the same platform about its identity. It is mainly used in cases where a TD provides
> > some special services required by other TDs. Since they are all in the same platform,
> > there is no need for a 3rd party verifier or Quoting service. It can use the verifiable MAC
> > to check the correctness of the TD.
>
> As an example of where this might be needed, consider supporting a vTPM in
> TDX. The TPM impl would likely be run in a separate service TD, and need to
> be locally attested by the primary TD, to establish trust in the vTPM.
Service TDs are in active deployment? How does that work? A tenant pays
the fees to host 2 VMs? Is that more economical than just communicating
the remote verifier? Not trying to be argumentative just trying to get
to the root of the question "why Linux must care about local
attestation".
next prev parent reply other threads:[~2024-01-31 21:12 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-24 9:38 [PATCH] virt: tdx-guest: Deprecate legacy IOCTL-based interface for quote generation Nikolay Borisov
2024-01-31 7:28 ` Nikolay Borisov
2024-01-31 15:27 ` Dave Hansen
2024-01-31 18:18 ` Nikolay Borisov
2024-01-31 19:05 ` Dave Hansen
2024-02-01 4:14 ` Haitao Huang
2024-02-01 4:55 ` Dan Williams
2024-01-31 7:48 ` Kuppuswamy Sathyanarayanan
2024-01-31 19:50 ` Dan Williams
2024-01-31 19:56 ` Nikolay Borisov
2024-01-31 20:44 ` Kuppuswamy Sathyanarayanan
2024-01-31 21:00 ` Daniel P. Berrangé
2024-01-31 21:12 ` Dan Williams [this message]
2024-02-01 2:52 ` Kuppuswamy Sathyanarayanan
2024-02-01 8:15 ` Daniel P. Berrangé
2024-01-31 21:09 ` Dan Williams
2024-02-08 13:42 ` Mikko Ylinen
2024-02-09 2:23 ` Dan Middleton
2024-02-12 23:12 ` Dan Williams
2024-01-31 20:23 ` Dan Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=65bab7cdc650e_37ad294e1@dwillia2-xfh.jf.intel.com.notmuch \
--to=dan.j.williams@intel.com \
--cc=berrange@redhat.com \
--cc=dan.middleton@linux.intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dionnaglaze@google.com \
--cc=linux-coco@lists.linux.dev \
--cc=nik.borisov@suse.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).