From: Dave Hansen <dave.hansen@intel.com>
To: Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@linux.intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org
Cc: "H . Peter Anvin" <hpa@zytor.com>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
Tony Luck <tony.luck@intel.com>, Andi Kleen <ak@linux.intel.com>,
Kai Huang <kai.huang@intel.com>,
Wander Lairson Costa <wander@redhat.com>,
Isaku Yamahata <isaku.yamahata@gmail.com>,
marcelo.cerri@canonical.com, tim.gardner@canonical.com,
khalid.elmously@canonical.com, philip.cox@canonical.com,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v9 0/6] Add TDX Guest Attestation support
Date: Wed, 24 Aug 2022 10:12:21 -0700 [thread overview]
Message-ID: <bb006b7a-525a-3f1b-0fc4-1620bb5bd3ba@intel.com> (raw)
In-Reply-To: <20220728034420.648314-1-sathyanarayanan.kuppuswamy@linux.intel.com>
On 7/27/22 20:44, Kuppuswamy Sathyanarayanan wrote:
> An Intel SGX Quoting Enclave (QE), written specifically to support
> quoting Intel TDX TDs, uses EVERIFYREPORT2, to help check the integrity
> of the TDG.MR.REPORT. If it passes, the QE can use a certified quote
> signing key to sign a quote containing the guest TD’s measurements and
> the additional data being quoted.
(maintainer hat firmly in place, not speaking as an Intel person here...)
Let's say Intel tires of SGX and zaps it from server CPUs just like it
did clients. Or, that Intel decides that TDX is really cool and wants
it on SGX-free clients in addition to servers.
Can the guest ABI which is introduced here work for a future attestation
architecture that does not involve SGX?
next prev parent reply other threads:[~2022-08-24 17:12 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-28 3:44 [PATCH v9 0/6] Add TDX Guest Attestation support Kuppuswamy Sathyanarayanan
2022-07-28 3:44 ` [PATCH v9 1/6] x86/tdx: Add TDX Guest attestation interface driver Kuppuswamy Sathyanarayanan
2022-08-10 19:09 ` Borislav Petkov
2022-08-10 19:27 ` Sathyanarayanan Kuppuswamy
2022-08-18 14:18 ` Borislav Petkov
2022-08-18 14:40 ` Sathyanarayanan Kuppuswamy
2022-08-18 14:54 ` Borislav Petkov
2022-08-18 16:25 ` Dave Hansen
2022-08-19 0:22 ` Huang, Kai
2022-08-22 21:19 ` Dave Hansen
2022-08-22 21:36 ` Borislav Petkov
2022-08-22 21:44 ` Dave Hansen
2022-08-22 22:41 ` Sathyanarayanan Kuppuswamy
2022-08-24 15:56 ` Borislav Petkov
2022-08-24 16:56 ` Sathyanarayanan Kuppuswamy
2022-08-29 3:14 ` Huang, Kai
2022-08-29 8:05 ` Wang, Wei W
2022-08-30 2:25 ` Huang, Kai
2022-08-23 19:36 ` Sathyanarayanan Kuppuswamy
2022-08-24 15:55 ` Borislav Petkov
2022-07-28 3:44 ` [PATCH v9 2/6] selftests: tdx: Test GetReport TDX attestation feature Kuppuswamy Sathyanarayanan
2022-07-28 10:32 ` Kai Huang
2022-08-01 17:49 ` Sathyanarayanan Kuppuswamy
2022-08-02 0:08 ` Kai Huang
2022-07-28 3:44 ` [PATCH v9 3/6] x86/tdx: Add TDX Guest event notify interrupt support Kuppuswamy Sathyanarayanan
2022-07-28 10:18 ` Kai Huang
2022-08-01 21:39 ` Sathyanarayanan Kuppuswamy
2022-07-28 3:44 ` [PATCH v9 4/6] x86/coco: Add cc_decrypted_alloc/free() interfaces Kuppuswamy Sathyanarayanan
2022-07-28 3:44 ` [PATCH v9 5/6] x86/tdx: Add Quote generation support Kuppuswamy Sathyanarayanan
2022-07-28 3:44 ` [PATCH v9 6/6] selftests: tdx: Test GetQuote TDX attestation feature Kuppuswamy Sathyanarayanan
2022-08-24 17:12 ` Dave Hansen [this message]
2022-08-24 18:16 ` [PATCH v9 0/6] Add TDX Guest Attestation support Sathyanarayanan Kuppuswamy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bb006b7a-525a-3f1b-0fc4-1620bb5bd3ba@intel.com \
--to=dave.hansen@intel.com \
--cc=ak@linux.intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=isaku.yamahata@gmail.com \
--cc=kai.huang@intel.com \
--cc=khalid.elmously@canonical.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=marcelo.cerri@canonical.com \
--cc=mingo@redhat.com \
--cc=philip.cox@canonical.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=tim.gardner@canonical.com \
--cc=tony.luck@intel.com \
--cc=wander@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox