RE: [PATCH v3 0/3] TDX Guest Quote generation support

public inbox for linux-doc@vger.kernel.org
 help / color / mirror / Atom feed

From: Dan Williams <dan.j.williams@intel.com>
To: Kuppuswamy Sathyanarayanan 
	<sathyanarayanan.kuppuswamy@linux.intel.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>, <x86@kernel.org>,
	Shuah Khan <shuah@kernel.org>, Jonathan Corbet <corbet@lwn.net>
Cc: "H . Peter Anvin" <hpa@zytor.com>,
	Kuppuswamy Sathyanarayanan 
	<sathyanarayanan.kuppuswamy@linux.intel.com>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	Tony Luck <tony.luck@intel.com>,
	"Wander Lairson Costa" <wander@redhat.com>,
	Erdem Aktas <erdemaktas@google.com>,
	Dionna Amalie Glaze <dionnaglaze@google.com>,
	Chong Cai <chongc@google.com>, Qinkun Bao <qinkun@apache.org>,
	Guorui Yu <GuoRui.Yu@linux.alibaba.com>,
	"Du Fan" <fan.du@intel.com>, <linux-kernel@vger.kernel.org>,
	<linux-kselftest@vger.kernel.org>, <linux-doc@vger.kernel.org>
Subject: RE: [PATCH v3 0/3] TDX Guest Quote generation support
Date: Fri, 23 Jun 2023 21:05:24 -0700	[thread overview]
Message-ID: <64966b842becf_142af8294a5@dwillia2-xfh.jf.intel.com.notmuch> (raw)
In-Reply-To: <cover.1684048511.git.sathyanarayanan.kuppuswamy@linux.intel.com>

Kuppuswamy Sathyanarayanan wrote:
> Hi All,
> 
> In TDX guest, the attestation process is used to verify the TDX guest
> trustworthiness to other entities before provisioning secrets to the
> guest.
> 
> The TDX guest attestation process consists of two steps:
> 
> 1. TDREPORT generation
> 2. Quote generation.
> 
> The First step (TDREPORT generation) involves getting the TDX guest
> measurement data in the format of TDREPORT which is further used to
> validate the authenticity of the TDX guest. The second step involves
> sending the TDREPORT to a Quoting Enclave (QE) server to generate a
> remotely verifiable Quote. TDREPORT by design can only be verified on
> the local platform. To support remote verification of the TDREPORT,
> TDX leverages Intel SGX Quoting Enclave to verify the TDREPORT
> locally and convert it to a remotely verifiable Quote. Although
> attestation software can use communication methods like TCP/IP or
> vsock to send the TDREPORT to QE, not all platforms support these
> communication models. So TDX GHCI specification [1] defines a method
> for Quote generation via hypercalls. Please check the discussion from
> Google [2] and Alibaba [3] which clarifies the need for hypercall based
> Quote generation support. This patch set adds this support.
> 
> Support for TDREPORT generation already exists in the TDX guest driver. 
> This patchset extends the same driver to add the Quote generation
> support.

I missed that the TDREPORT ioctl() and this character device are already
upstream. The TDREPORT ioctl() if it is only needed for quote generation
seems a waste because it just retrieves a blob that needs to be turned
around and injected back into the kernel to generate a quote.

An ABI wants to care about the abstractions around what the hardware
mechanism enables. The TD quote is not even at the end of that chain of
what the ABI needs to offer. The guest wants to use the TD quote to access
/ unlock other resources, just like the SEV report is used to
"...provide the VM with secrets, such as a disk decryption key, or other
keys required for operation".

That's where the ABI line needs to be drawn. I.e. for the guest to be
able to request the distributions of keys to unlock resources by a
key-type and key-descriptor. Enable userspace to interrogate an
attestation object without blobs needing to traverse the kernel. If the
remote service needs more than just a blob and signature to validate the
state of the guest then provide faclity to interrogate that property of
quote / report in a common way versus the ABI risk of conveying vendor
specific binary data formats in the kernel ABI.

next prev parent reply	other threads:[~2023-06-24  4:05 UTC|newest]

Thread overview: 41+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-05-14  7:23 [PATCH v3 0/3] TDX Guest Quote generation support Kuppuswamy Sathyanarayanan
2023-05-14  7:23 ` [PATCH v3 1/3] x86/tdx: Add TDX Guest event notify interrupt support Kuppuswamy Sathyanarayanan
2023-06-12 12:49   ` Huang, Kai
2023-08-23 20:47   ` Thomas Gleixner
2023-05-14  7:23 ` [PATCH v3 2/3] virt: tdx-guest: Add Quote generation support Kuppuswamy Sathyanarayanan
2023-06-12 12:50   ` Huang, Kai
2023-05-14  7:23 ` [PATCH v3 3/3] selftests/tdx: Test GetQuote TDX attestation feature Kuppuswamy Sathyanarayanan
2023-06-12 19:03   ` Dan Williams
2023-06-19  5:38     ` Sathyanarayanan Kuppuswamy
2023-06-22 23:31     ` Erdem Aktas
2023-06-22 23:44       ` Huang, Kai
2023-06-23 22:31         ` Dan Williams
2023-06-23 22:27     ` Dan Williams
2023-06-26  3:05       ` Sathyanarayanan Kuppuswamy
2023-06-26 18:57         ` Dionna Amalie Glaze
2023-06-27  0:39           ` Sathyanarayanan Kuppuswamy
2023-06-28 15:41             ` Samuel Ortiz
2023-06-28 15:55               ` Sathyanarayanan Kuppuswamy
2023-06-28  0:11           ` Dan Williams
2023-06-28  1:36             ` Dionna Amalie Glaze
2023-06-28  2:16               ` Huang, Kai
2023-06-28  6:46                 ` gregkh
2023-06-28  8:56                   ` Huang, Kai
2023-06-28  9:02                     ` gregkh
2023-06-28  9:45                       ` Huang, Kai
2023-06-28  2:52               ` Dan Williams
2023-06-29 16:25                 ` Dionna Amalie Glaze
2023-06-28 15:31               ` Samuel Ortiz
2023-06-28 15:24             ` Samuel Ortiz
2023-06-27 23:44         ` Dan Williams
2023-06-28  2:47       ` Huang, Kai
     [not found]     ` <CAAYXXYyK4g9k7a78CU9w6Sn9KTBdoNLOu9gcgrSHJfp+3-tO=w@mail.gmail.com>
2023-06-23 22:49       ` Dan Williams
2023-08-23  8:25       ` Thomas Gleixner
2023-05-24 21:33 ` [PATCH v3 0/3] TDX Guest Quote generation support Chong Cai
2023-05-25 22:55   ` Sathyanarayanan Kuppuswamy
2023-06-24  4:05 ` Dan Williams [this message]
2023-06-25 20:21   ` Dan Williams
2023-06-26  3:07   ` Sathyanarayanan Kuppuswamy
2023-06-26  4:31     ` Dan Williams
2023-06-27  7:50       ` Chong Cai
2023-08-23  7:33         ` Thomas Gleixner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=64966b842becf_142af8294a5@dwillia2-xfh.jf.intel.com.notmuch \
    --to=dan.j.williams@intel.com \
    --cc=GuoRui.Yu@linux.alibaba.com \
    --cc=bp@alien8.de \
    --cc=chongc@google.com \
    --cc=corbet@lwn.net \
    --cc=dave.hansen@linux.intel.com \
    --cc=dionnaglaze@google.com \
    --cc=erdemaktas@google.com \
    --cc=fan.du@intel.com \
    --cc=hpa@zytor.com \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=qinkun@apache.org \
    --cc=sathyanarayanan.kuppuswamy@linux.intel.com \
    --cc=shuah@kernel.org \
    --cc=tglx@linutronix.de \
    --cc=tony.luck@intel.com \
    --cc=wander@redhat.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox