* SVSM Development Call April 3rd, 2024
@ 2024-04-03 11:20 Jörg Rödel
2024-04-03 11:59 ` Yao, Jiewen
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Jörg Rödel @ 2024-04-03 11:20 UTC (permalink / raw)
To: svsm-devel, linux-coco
Hi,
Here is the usual call for agenda items for this weeks SVSM development
call. My agenda so far is:
* vTPM merge fallout
* Security issue mitigations
The items we can not cover during the meeting will be deferred to the
next meeting.
Please note that Europe is now also on summer time, so the meeting will
be at its usual time spot again. The definitive time is always in the
Google calendar I shared below.
Details of the meeting (GMeet and Calendar links, meeting time) can be
found in our governance repository at:
https://github.com/coconut-svsm/governance
The meeting will be recorded and the recording eventually published.
See you all there.
Regards,
Jörg
^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: SVSM Development Call April 3rd, 2024
2024-04-03 11:20 SVSM Development Call April 3rd, 2024 Jörg Rödel
@ 2024-04-03 11:59 ` Yao, Jiewen
2024-04-03 12:18 ` James Bottomley
2024-04-03 17:06 ` [svsm-devel] " Stefano Garzarella
2024-04-04 8:04 ` Jörg Rödel
2 siblings, 1 reply; 6+ messages in thread
From: Yao, Jiewen @ 2024-04-03 11:59 UTC (permalink / raw)
To: Jörg Rödel, svsm-devel@coconut-svsm.dev,
linux-coco@lists.linux.dev
Hi Jorg
Probably you already notice that I have raised the question on vTPM interface in coconut-svsm.
I have explained how we did the POC in a secure way for TD-partitioning with TPM CRB buffer.
Jeremi Piotrowski also explained the mechanism to expose vTPM through TPM CRB MMIO.
In Intel, we still don't understand why SVSM must use a specific vTPM protocol, but not use TCG defined TPM2 CRB buffer directly.
Unfortunately, it is hard for me to use "Google Meet", and probably I am not able to join.
If possible, I hope we can continue the vTPM interface discussion in email before we make decision.
Thank you
Yao, Jiewen
> -----Original Message-----
> From: Jörg Rödel <joro@8bytes.org>
> Sent: Wednesday, April 3, 2024 7:20 PM
> To: svsm-devel@coconut-svsm.dev; linux-coco@lists.linux.dev
> Subject: SVSM Development Call April 3rd, 2024
>
> Hi,
>
> Here is the usual call for agenda items for this weeks SVSM development
> call. My agenda so far is:
>
> * vTPM merge fallout
> * Security issue mitigations
>
> The items we can not cover during the meeting will be deferred to the
> next meeting.
>
> Please note that Europe is now also on summer time, so the meeting will
> be at its usual time spot again. The definitive time is always in the
> Google calendar I shared below.
>
> Details of the meeting (GMeet and Calendar links, meeting time) can be
> found in our governance repository at:
>
> https://github.com/coconut-svsm/governance
>
> The meeting will be recorded and the recording eventually published.
>
> See you all there.
>
> Regards,
>
> Jörg
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: SVSM Development Call April 3rd, 2024
2024-04-03 11:59 ` Yao, Jiewen
@ 2024-04-03 12:18 ` James Bottomley
2024-04-03 13:11 ` Yao, Jiewen
0 siblings, 1 reply; 6+ messages in thread
From: James Bottomley @ 2024-04-03 12:18 UTC (permalink / raw)
To: Yao, Jiewen, Jörg Rödel, svsm-devel@coconut-svsm.dev,
linux-coco@lists.linux.dev
On Wed, 2024-04-03 at 11:59 +0000, Yao, Jiewen wrote:
> Hi Jorg
> Probably you already notice that I have raised the question on vTPM
> interface in coconut-svsm.
>
> I have explained how we did the POC in a secure way for TD-
> partitioning with TPM CRB buffer.
> Jeremi Piotrowski also explained the mechanism to expose vTPM through
> TPM CRB MMIO. In Intel, we still don't understand why SVSM must use a
> specific vTPM protocol, but not use TCG defined TPM2 CRB buffer
> directly.
Nobody has said *must*. The enlightened interface was designed after
we had all the trouble with the CRB one outlined in the previous email
thread, so that's what this pull request has. However, this being open
source nothing prevents you submitting a pull request for a functioning
CRB interface if that's what you want.
James
^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: SVSM Development Call April 3rd, 2024
2024-04-03 12:18 ` James Bottomley
@ 2024-04-03 13:11 ` Yao, Jiewen
0 siblings, 0 replies; 6+ messages in thread
From: Yao, Jiewen @ 2024-04-03 13:11 UTC (permalink / raw)
To: jejb@linux.ibm.com, Jörg Rödel,
svsm-devel@coconut-svsm.dev, linux-coco@lists.linux.dev
Thank you to confirm that James.
Yes, I will sync internally to understand the process for submitting patch to coconut-svsm.
Thank you
Yao, Jiewen
> -----Original Message-----
> From: James Bottomley <jejb@linux.ibm.com>
> Sent: Wednesday, April 3, 2024 8:19 PM
> To: Yao, Jiewen <jiewen.yao@intel.com>; Jörg Rödel <joro@8bytes.org>; svsm-
> devel@coconut-svsm.dev; linux-coco@lists.linux.dev
> Subject: Re: SVSM Development Call April 3rd, 2024
>
> On Wed, 2024-04-03 at 11:59 +0000, Yao, Jiewen wrote:
> > Hi Jorg
> > Probably you already notice that I have raised the question on vTPM
> > interface in coconut-svsm.
> >
> > I have explained how we did the POC in a secure way for TD-
> > partitioning with TPM CRB buffer.
> > Jeremi Piotrowski also explained the mechanism to expose vTPM through
> > TPM CRB MMIO. In Intel, we still don't understand why SVSM must use a
> > specific vTPM protocol, but not use TCG defined TPM2 CRB buffer
> > directly.
>
> Nobody has said *must*. The enlightened interface was designed after
> we had all the trouble with the CRB one outlined in the previous email
> thread, so that's what this pull request has. However, this being open
> source nothing prevents you submitting a pull request for a functioning
> CRB interface if that's what you want.
>
> James
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [svsm-devel] SVSM Development Call April 3rd, 2024
2024-04-03 11:20 SVSM Development Call April 3rd, 2024 Jörg Rödel
2024-04-03 11:59 ` Yao, Jiewen
@ 2024-04-03 17:06 ` Stefano Garzarella
2024-04-04 8:04 ` Jörg Rödel
2 siblings, 0 replies; 6+ messages in thread
From: Stefano Garzarella @ 2024-04-03 17:06 UTC (permalink / raw)
To: svsm-devel; +Cc: linux-coco, Jörg Rödel
On Wed, Apr 3, 2024 at 1:20 PM Jörg Rödel <joro@8bytes.org> wrote:
>
> Hi,
>
> Here is the usual call for agenda items for this weeks SVSM development
> call. My agenda so far is:
>
> * vTPM merge fallout
> * Security issue mitigations
As I mentioned during the call, I started a shared document to discuss
early attestation architecture in SVSM:
https://docs.google.com/document/d/11ZsxP8jsviP3ddp9Hrn0rf6inttNw_Pbnz0psXlxlPs
To get write access, please send me a request.
The document is really at an early stage. As Jörg suggested, we're
keeping it on gdoc for now to collaborate, but as soon as we have an
agreement, we'll move to github in some markdown files.
As I mentioned, from next week (April 9th to be precise) I will be
away until the end of the month. I will be back online on May 3rd.
Sorry in advance for the delay in my responses.
Thanks,
Stefano
>
> The items we can not cover during the meeting will be deferred to the
> next meeting.
>
> Please note that Europe is now also on summer time, so the meeting will
> be at its usual time spot again. The definitive time is always in the
> Google calendar I shared below.
>
> Details of the meeting (GMeet and Calendar links, meeting time) can be
> found in our governance repository at:
>
> https://github.com/coconut-svsm/governance
>
> The meeting will be recorded and the recording eventually published.
>
> See you all there.
>
> Regards,
>
> Jörg
> --
> Svsm-devel mailing list
> Svsm-devel@coconut-svsm.dev
> https://mail.8bytes.org/cgi-bin/mailman/listinfo/svsm-devel
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [svsm-devel] SVSM Development Call April 3rd, 2024
2024-04-03 11:20 SVSM Development Call April 3rd, 2024 Jörg Rödel
2024-04-03 11:59 ` Yao, Jiewen
2024-04-03 17:06 ` [svsm-devel] " Stefano Garzarella
@ 2024-04-04 8:04 ` Jörg Rödel
2 siblings, 0 replies; 6+ messages in thread
From: Jörg Rödel @ 2024-04-04 8:04 UTC (permalink / raw)
To: svsm-devel, linux-coco
On Wed, Apr 03, 2024 at 01:20:19PM +0200, Jörg Rödel wrote:
>
> https://github.com/coconut-svsm/governance
>
PR with the meeting minutes from yesterdays call is now posted:
https://github.com/coconut-svsm/governance/pull/9
Regards,
Joerg
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2024-04-04 8:04 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-04-03 11:20 SVSM Development Call April 3rd, 2024 Jörg Rödel
2024-04-03 11:59 ` Yao, Jiewen
2024-04-03 12:18 ` James Bottomley
2024-04-03 13:11 ` Yao, Jiewen
2024-04-03 17:06 ` [svsm-devel] " Stefano Garzarella
2024-04-04 8:04 ` Jörg Rödel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).