From: "Huang, Kai" <kai.huang@intel.com>
To: "sathyanarayanan.kuppuswamy@linux.intel.com"
<sathyanarayanan.kuppuswamy@linux.intel.com>,
"Hansen, Dave" <dave.hansen@intel.com>,
"bp@alien8.de" <bp@alien8.de>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"Cox, Philip" <philip.cox@canonical.com>,
"ak@linux.intel.com" <ak@linux.intel.com>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"x86@kernel.org" <x86@kernel.org>,
"wander@redhat.com" <wander@redhat.com>,
"hpa@zytor.com" <hpa@zytor.com>,
"mingo@redhat.com" <mingo@redhat.com>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"kirill.shutemov@linux.intel.com"
<kirill.shutemov@linux.intel.com>,
"Luck, Tony" <tony.luck@intel.com>,
"tim.gardner@canonical.com" <tim.gardner@canonical.com>,
"marcelo.cerri@canonical.com" <marcelo.cerri@canonical.com>,
"isaku.yamahata@gmail.com" <isaku.yamahata@gmail.com>,
"khalid.elmously@canonical.com" <khalid.elmously@canonical.com>
Subject: Re: [PATCH v9 1/6] x86/tdx: Add TDX Guest attestation interface driver
Date: Fri, 19 Aug 2022 00:22:39 +0000 [thread overview]
Message-ID: <033ee694b6e9706dca86fb88d27d7f4e0b078f03.camel@intel.com> (raw)
In-Reply-To: <7b246fd0-d54e-2419-26b6-8c7088a280d0@intel.com>
On Thu, 2022-08-18 at 09:25 -0700, Dave Hansen wrote:
> On 8/18/22 07:18, Borislav Petkov wrote:
> > > + /*
> > > + * Generate TDREPORT using "TDG.MR.REPORT" TDCALL.
> > > + *
> > > + * Get the TDREPORT using REPORTDATA as input. Refer to
> > > + * section 22.3.3 TDG.MR.REPORT leaf in the TDX Module 1.0
> > > + * Specification for detailed information.
> > > + */
> > > + ret = __tdx_module_call(TDX_GET_REPORT, virt_to_phys(tdreport),
> > > + virt_to_phys(reportdata), req.subtype,
> > That subtype you're not checking either.
>
> I'll chime in here a bit since you're touching on something that bugged
> me too. This whole mechanism is because of two TDX shortcuts. (calling
> them shortcuts is generous, but I digress...)
>
> 1. TDX guest attestation relies on SGX. TDX does not have its own
> attestation mechanism.
> 2. TDX guests can not run SGX enclaves. Only TDX hosts can.
>
> As a result, any TDX guest that wants to do the attestation dance has to
> talk to the host, who them talks to the SGX enclave. There's actually a
> nice diagram of it in here (Figure 5.8):
>
> > https://www.intel.com/content/dam/develop/external/us/en/documents/tdx-whitepaper-v4.pdf
>
> This "talking" can be done via any old communication mechanism. Shared
> memory, virtio, morse code, whatever. TDX_GET_REPORT just happens to be
> yet another communication mechanism dedicated *only* to these
> attestation reports.
Hi Dave,
Just want to clarify, the *yet another communication mechanism" you mentioned
is actually TDX_GET_QUOTE, but not TDX_GET_REPORT.
The TDREPORT (which this TDX_GET_REPORT ABI will report to userspace) is the
data blob that needs to be sent to SGX quoting enclave to generate a Quote
(which can be remotely verified). It's the first step of supporting TDX
attestation, no matter whatever communication channel is going to be used to
talk to quoting enclave (vsock, tcp, or GetQuote).
>
> So, this is not a *STRICTLY* required ABI. Guests _can_ use other
> mechanisms to talk to an SGX attestation (quoting) enclave. Second,
> this ABI *is* TDX-specific because no other hardware architectures have
> made the same design "choices".
>
> That's why this was jettisoned for v10. It might reappear later, though.
Agreed (assuming you mean TDX_GET_QUOTE ABI).
Btw, my thinking is perhaps we can just make GetQuote support as a Intel-
specific driver, which can be a module, can have a separate Kconfig, etc. It
doesn't have to be a core functionality.
--
Thanks,
-Kai
next prev parent reply other threads:[~2022-08-19 0:22 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-28 3:44 [PATCH v9 0/6] Add TDX Guest Attestation support Kuppuswamy Sathyanarayanan
2022-07-28 3:44 ` [PATCH v9 1/6] x86/tdx: Add TDX Guest attestation interface driver Kuppuswamy Sathyanarayanan
2022-08-10 19:09 ` Borislav Petkov
2022-08-10 19:27 ` Sathyanarayanan Kuppuswamy
2022-08-18 14:18 ` Borislav Petkov
2022-08-18 14:40 ` Sathyanarayanan Kuppuswamy
2022-08-18 14:54 ` Borislav Petkov
2022-08-18 16:25 ` Dave Hansen
2022-08-19 0:22 ` Huang, Kai [this message]
2022-08-22 21:19 ` Dave Hansen
2022-08-22 21:36 ` Borislav Petkov
2022-08-22 21:44 ` Dave Hansen
2022-08-22 22:41 ` Sathyanarayanan Kuppuswamy
2022-08-24 15:56 ` Borislav Petkov
2022-08-24 16:56 ` Sathyanarayanan Kuppuswamy
2022-08-29 3:14 ` Huang, Kai
2022-08-29 8:05 ` Wang, Wei W
2022-08-30 2:25 ` Huang, Kai
2022-08-23 19:36 ` Sathyanarayanan Kuppuswamy
2022-08-24 15:55 ` Borislav Petkov
2022-07-28 3:44 ` [PATCH v9 2/6] selftests: tdx: Test GetReport TDX attestation feature Kuppuswamy Sathyanarayanan
2022-07-28 10:32 ` Kai Huang
2022-08-01 17:49 ` Sathyanarayanan Kuppuswamy
2022-08-02 0:08 ` Kai Huang
2022-07-28 3:44 ` [PATCH v9 3/6] x86/tdx: Add TDX Guest event notify interrupt support Kuppuswamy Sathyanarayanan
2022-07-28 10:18 ` Kai Huang
2022-08-01 21:39 ` Sathyanarayanan Kuppuswamy
2022-07-28 3:44 ` [PATCH v9 4/6] x86/coco: Add cc_decrypted_alloc/free() interfaces Kuppuswamy Sathyanarayanan
2022-07-28 3:44 ` [PATCH v9 5/6] x86/tdx: Add Quote generation support Kuppuswamy Sathyanarayanan
2022-07-28 3:44 ` [PATCH v9 6/6] selftests: tdx: Test GetQuote TDX attestation feature Kuppuswamy Sathyanarayanan
2022-08-24 17:12 ` [PATCH v9 0/6] Add TDX Guest Attestation support Dave Hansen
2022-08-24 18:16 ` Sathyanarayanan Kuppuswamy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=033ee694b6e9706dca86fb88d27d7f4e0b078f03.camel@intel.com \
--to=kai.huang@intel.com \
--cc=ak@linux.intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=isaku.yamahata@gmail.com \
--cc=khalid.elmously@canonical.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=marcelo.cerri@canonical.com \
--cc=mingo@redhat.com \
--cc=philip.cox@canonical.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=tim.gardner@canonical.com \
--cc=tony.luck@intel.com \
--cc=wander@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox