From: Sathyanarayanan Kuppuswamy <sathyanarayanan.kuppuswamy@linux.intel.com>
To: Dave Hansen <dave.hansen@intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org
Cc: "H . Peter Anvin" <hpa@zytor.com>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
Tony Luck <tony.luck@intel.com>, Andi Kleen <ak@linux.intel.com>,
Kai Huang <kai.huang@intel.com>,
Wander Lairson Costa <wander@redhat.com>,
Isaku Yamahata <isaku.yamahata@gmail.com>,
marcelo.cerri@canonical.com, tim.gardner@canonical.com,
khalid.elmously@canonical.com, philip.cox@canonical.com,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v8 0/5] Add TDX Guest Attestation support
Date: Mon, 27 Jun 2022 07:51:08 -0700 [thread overview]
Message-ID: <2502d21b-8f27-ebe5-b677-4cc56b03ee2c@linux.intel.com> (raw)
In-Reply-To: <9abde78c-d2c5-c762-24fe-f26669b7cc6c@intel.com>
Hi,
On 6/24/22 11:24 AM, Dave Hansen wrote:
> On 6/8/22 19:52, Kuppuswamy Sathyanarayanan wrote:
>> Following patches add the attestation support to TDX guest which
>> includes attestation user interface driver and related hypercall support.
>
> This is also the place where you lay out the roadmap:
>
> 1. Get a report
> 2. Get a quote
> 2a. Interrupt support because quotes take a long time
> 2b. Actual quote module calls and ABI
>
> Right? That seems worth a few sentences in the cover letter.
Ok. I will update the cover letter with brief introduction to
changes involved.
How about following?
In TDX guest, attestation process generally involves the following steps:
1. Get the TDREPORT using user specified REPORTDATA. This is implemented
using TDG.MR.TDREPORT Module call. An IOCTL interface is added to let
userspace get the TDREPORT data (implemented in patch #1).
2. Using the TDREPORT data, generate a remotely verifiable signed Quote.
Quote can be generated either using GetQuote hypercall or by communicating
with VMM/Quoting Enclave(QE) using VSOCK. In this patch set, only the
GetQuote hypercall model is supported. Since Quote generation is an
asynchronous request, and takes more time, we let VMM notify the TDX Guest
using the callback interrupt. Patch # 2-5 implements Quote generation support,
in which Patch # 2 implements the callback interrupt support.
--
Sathyanarayanan Kuppuswamy
Linux Kernel Developer
next prev parent reply other threads:[~2022-06-27 14:51 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-09 2:52 [PATCH v8 0/5] Add TDX Guest Attestation support Kuppuswamy Sathyanarayanan
2022-06-09 2:52 ` [PATCH v8 1/5] x86/tdx: Add TDX Guest attestation interface driver Kuppuswamy Sathyanarayanan
2022-06-24 16:51 ` Dave Hansen
2022-06-27 14:50 ` Sathyanarayanan Kuppuswamy
2022-06-27 17:24 ` Dave Hansen
2022-06-30 23:50 ` Sathyanarayanan Kuppuswamy
2022-07-05 12:07 ` Kai Huang
2022-07-05 18:45 ` Sathyanarayanan Kuppuswamy
2022-07-05 18:52 ` Dave Hansen
2022-07-05 21:21 ` Sathyanarayanan Kuppuswamy
2022-07-05 22:31 ` Kai Huang
2022-07-06 22:27 ` Sathyanarayanan Kuppuswamy
2022-07-06 22:59 ` Kai Huang
2022-07-18 22:52 ` Sathyanarayanan Kuppuswamy
2022-06-09 2:52 ` [PATCH v8 2/5] x86/tdx: Add TDX Guest event notify interrupt support Kuppuswamy Sathyanarayanan
2022-06-20 12:33 ` Kai Huang
2022-06-20 15:44 ` Sathyanarayanan Kuppuswamy
2022-06-23 9:46 ` Kai Huang
2022-06-23 10:24 ` Kai Huang
2022-06-24 22:23 ` Sathyanarayanan Kuppuswamy
2022-06-24 23:41 ` Nakajima, Jun
2022-06-25 3:35 ` Yao, Jiewen
2022-06-27 11:21 ` Kai Huang
2022-06-27 14:56 ` Sathyanarayanan Kuppuswamy
2022-07-14 0:46 ` Sathyanarayanan Kuppuswamy
2022-07-14 10:42 ` Kai Huang
2022-07-14 20:55 ` Sathyanarayanan Kuppuswamy
2022-07-14 23:58 ` Kai Huang
2022-06-09 2:52 ` [PATCH v8 3/5] x86/mm: Make tdx_enc_status_changed() vmalloc address compatible Kuppuswamy Sathyanarayanan
2022-06-09 2:52 ` [PATCH v8 4/5] x86/mm: Add noalias variants of set_memory_*crypted() functions Kuppuswamy Sathyanarayanan
2022-06-24 13:19 ` Dave Hansen
2022-06-27 15:12 ` Kirill A. Shutemov
2022-06-27 18:24 ` Dave Hansen
2022-06-28 1:15 ` Kai Huang
2022-07-05 15:29 ` Kirill A. Shutemov
2022-07-18 14:22 ` Sathyanarayanan Kuppuswamy
2022-07-19 16:13 ` Kirill A. Shutemov
2022-07-19 17:10 ` Sathyanarayanan Kuppuswamy
2022-07-19 21:55 ` Kirill A. Shutemov
2022-07-20 14:56 ` Sathyanarayanan Kuppuswamy
2022-07-20 16:17 ` Kirill A. Shutemov
2022-07-20 16:58 ` Sathyanarayanan Kuppuswamy
2022-06-09 2:52 ` [PATCH v8 5/5] x86/tdx: Add Quote generation support Kuppuswamy Sathyanarayanan
2022-06-14 12:30 ` Wander Lairson Costa
2022-06-14 12:58 ` Sathyanarayanan Kuppuswamy
2022-07-21 16:08 ` Dave Hansen
2022-07-21 16:42 ` Sathyanarayanan Kuppuswamy
2022-07-21 16:49 ` Dave Hansen
2022-07-21 16:54 ` Sathyanarayanan Kuppuswamy
2022-07-21 17:02 ` Dave Hansen
2022-07-21 17:16 ` Sathyanarayanan Kuppuswamy
2022-07-21 17:19 ` Dave Hansen
2022-07-21 18:31 ` Sathyanarayanan Kuppuswamy
2022-07-21 18:42 ` Isaku Yamahata
2022-07-21 18:52 ` Dave Hansen
2022-07-21 18:57 ` Sathyanarayanan Kuppuswamy
2022-07-21 19:23 ` Dave Hansen
2022-07-21 22:08 ` Sathyanarayanan Kuppuswamy
2022-07-21 23:16 ` Kai Huang
2022-07-21 23:32 ` Kai Huang
2022-07-22 0:27 ` Dave Hansen
2022-07-22 19:05 ` Isaku Yamahata
2022-07-22 19:13 ` Dave Hansen
2022-07-22 21:18 ` Sathyanarayanan Kuppuswamy
2022-07-22 21:24 ` Dave Hansen
2022-07-25 20:19 ` Nakajima, Jun
2022-07-25 20:23 ` Dave Hansen
2022-07-25 21:56 ` Nakajima, Jun
2022-07-25 22:06 ` Sathyanarayanan Kuppuswamy
2022-08-09 6:20 ` Guorui Yu
2022-11-21 2:04 ` Guorui Yu
2022-11-21 2:26 ` Dave Hansen
2023-01-07 0:58 ` Erdem Aktas
2022-07-25 11:05 ` Kai Huang
2022-06-24 18:24 ` [PATCH v8 0/5] Add TDX Guest Attestation support Dave Hansen
2022-06-27 14:51 ` Sathyanarayanan Kuppuswamy [this message]
2022-06-27 18:51 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2502d21b-8f27-ebe5-b677-4cc56b03ee2c@linux.intel.com \
--to=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=ak@linux.intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=isaku.yamahata@gmail.com \
--cc=kai.huang@intel.com \
--cc=khalid.elmously@canonical.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=marcelo.cerri@canonical.com \
--cc=mingo@redhat.com \
--cc=philip.cox@canonical.com \
--cc=tglx@linutronix.de \
--cc=tim.gardner@canonical.com \
--cc=tony.luck@intel.com \
--cc=wander@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox