| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <080d834d-9ca0-437f-8f18-b7a311af0060@linux.microsoft.com>
Date: Fri, 1 Sep 2023 18:04:02 +0200
From: Jeremi Piotrowski <jpiotrowski@...ux.microsoft.com>
To: Dan Williams <dan.j.williams@...el.com>, linux-coco@...ts.linux.dev
Cc: Brijesh Singh <brijesh.singh@....com>,
Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>,
Tom Lendacky <thomas.lendacky@....com>,
Peter Gonda <pgonda@...gle.com>,
Borislav Petkov <bp@...en8.de>,
Dionna Amalie Glaze <dionnaglaze@...gle.com>,
Samuel Ortiz <sameo@...osinc.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Andrew Morton <akpm@...ux-foundation.org>,
James Bottomley <James.Bottomley@...senPartnership.com>,
linux-kernel@...r.kernel.org, tglx@...utronix.de
Subject: Re: [PATCH v3 0/5] configfs-tsm: Attestation Report ABI
On 8/30/2023 9:33 PM, Dan Williams wrote:
> Note that I am sending this during the merge window due to the high
> level of interest. My current expectation, barring major review
> concerns, is that this intercepts Linux-next soon after v6.6-rc1 for a
> v6.7 merge. Given the switch to configfs I did not carry forward
> Reviewed-by's from v2.
>
> Changes since v2 [1]:
> - Switch from sysfs to configfs to scale the interface for containers
> (Jeremi)
> - Fix locking in outblob_read() to avoid racing freeing and generation
> of ->outblob (Jeremi)
> - Add missing mutex to sev_report_new() (Jeremi)
> - Fix incorrect usage of no_free_ptr(), switch to return_ptr() (Peter)
> - Drop hex input parsing (configfs bin attributes are not seekable which
> eliminates the concern) (Greg)
> - Note why DEFINE_FREE() for kvfree() includes a NULL check (Greg)
> - Document the permissible values of privlevel in the ABI documentation
> (Greg)
> - Bump column limit to 100 for sev-guest changes, since that's existing
> code, for tsm.c use the .clang_format default. (Tom)
> - Drop report buffer size to 4K (Tom)
> - Fix uninitialized variable @rc in register_tsm() (Tom)
> - Fix collision detection confusion, always increment write_generation
> on successful write regardless if old data is being re-written (Tom)
> - Switch to sockptr_t for sharing {get,get_ext}_report() between the
> ioctl and configfs paths (Andy)
>
> [1]: http://lore.kernel.org/r/169199898909.1782217.10899362240465838600.stgit@dwillia2-xfh.jf.intel.com
>
> An attestation report is signed evidence of how a Trusted Virtual
> Machine (TVM) was launched and its current state. A verifying party uses
> the report to make judgements of the confidentiality and integrity of
> that execution environment. Upon successful attestation the verifying
> party may, for example, proceed to deploy secrets to the TVM to carry
> out a workload. Multiple confidential computing platforms share this
> similar flow.
Besides the platform (cpu) attestation report, there are also attestation
reports from individual secure PCIe devices that we'd want to fetch. This
uses the SPDM protocol[1]. There is a CHALLENGE command which (too me)
roughly maps to an attestation request, but also separate interfaces to
fetch individual measurements and certificates (like the SNP extended
report interface allows).
If this is to become the one attestation interface then we'll need to
consider that. That will probably require adding a second level
directory: /sys/kernel/config/tsm/<device path>.
[1]: https://www.dmtf.org/sites/default/files/standards/documents/DSP2058_1.0.0_1.pdf
Powered by blists - more mailing lists