| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Sep 2022 07:17:06 +0000
From: "Huang, Kai" <kai.huang@...el.com>
To: "sathyanarayanan.kuppuswamy@...ux.intel.com"
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"mingo@...hat.com" <mingo@...hat.com>,
"shuah@...nel.org" <shuah@...nel.org>,
"x86@...nel.org" <x86@...nel.org>, "bp@...en8.de" <bp@...en8.de>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"ak@...ux.intel.com" <ak@...ux.intel.com>,
"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
"wander@...hat.com" <wander@...hat.com>,
"tim.gardner@...onical.com" <tim.gardner@...onical.com>,
"hpa@...or.com" <hpa@...or.com>,
"isaku.yamahata@...il.com" <isaku.yamahata@...il.com>,
"kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
"Luck, Tony" <tony.luck@...el.com>,
"khalid.elmously@...onical.com" <khalid.elmously@...onical.com>,
"marcelo.cerri@...onical.com" <marcelo.cerri@...onical.com>,
"Cox, Philip" <philip.cox@...onical.com>,
"linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
"linux-kselftest@...r.kernel.org" <linux-kselftest@...r.kernel.org>
Subject: Re: [PATCH v13 2/3] selftests: tdx: Test TDX attestation GetReport
support
On Fri, 2022-09-09 at 12:27 -0700, Kuppuswamy Sathyanarayanan wrote:
> Attestation is used to verify the trustworthiness of a TDX guest.
> During the guest bring-up, Intel TDX module measures and records
> the initial contents and configuration of the guest, and at runtime,
> guest software uses runtime measurement registers (RMTRs) to measure
> and record details related to kernel image, command line params, ACPI
> tables, initrd, etc. At TDX guest runtime, Intel SGX attestation
> infrastructure is re-used to attest to these measurement data.
Similar the comment to patch 3, I don't particularly like "to attest" part as
only the verification service can truly _attest_ somthing (I suppose the "SGX
infrastructure" here you mean SGX QE to generate the Quote).
I think you can just say something like "TDX leverages SGX Quote mechanism to
support remote attestation of TDX guests". And you can combine this with below
paragraph.
>
> First step in the TDX attestation process is to get the TDREPORT data.
> It is a fixed size data structure generated by the TDX module which
> includes the above mentioned measurements data, a MAC to protect the
> integerity of the TDREPORT, and a 64-Byte of user specified data passed
> during TDREPORT request which can uniquely identify the TDREPORT.
>
> Intel's TDX guest driver exposes TDX_CMD_GET_REPORT IOCTL interface to
> get the TDREPORT from the user space.
>
> Add a kernel selftest module to test this ABI and verify the validity
> of generated TDREPORT.
>
> Reviewed-by: Tony Luck <tony.luck@...el.com>
> Reviewed-by: Andi Kleen <ak@...ux.intel.com>
> Acked-by: Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>
> Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@...ux.intel.com>
Anyway (although still not sure all the definitions of TDX architectural data
structures are needed):
Acked-by: Kai Huang <kai.huang@...el.com>
--
Thanks,
-Kai
Powered by blists - more mailing lists