| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <465d712c-b638-4884-88c8-1a88c506efdf@intel.com> Date: Tue, 18 Feb 2025 22:04:19 -0600 From: "Xing, Cedric" <cedric.xing@...el.com> To: Mikko Ylinen <mikko.ylinen@...ux.intel.com> CC: Dave Hansen <dave.hansen@...el.com>, Dan Williams <dan.j.williams@...el.com>, "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>, Dave Hansen <dave.hansen@...ux.intel.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, <x86@...nel.org>, "H. Peter Anvin" <hpa@...or.com>, <linux-kernel@...r.kernel.org>, <linux-coco@...ts.linux.dev>, Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@...ux.intel.com> Subject: Re: [PATCH 0/4] tsm: Unified Measurement Register ABI for TVMs On 2/18/2025 8:49 AM, Mikko Ylinen wrote: > On Thu, Feb 13, 2025 at 03:50:19PM -0600, Xing, Cedric wrote: >> On 2/13/2025 10:58 AM, Dave Hansen wrote: >>> On 2/13/25 08:21, Xing, Cedric wrote: >>>> On 2/12/2025 10:50 PM, Dave Hansen wrote: >>>>> On 2/12/25 18:23, Cedric Xing wrote: >>>>>> NOTE: This patch series introduces the Measurement Register (MR) ABI, >>>>>> and >>>>>> is a continuation of the RFC series on the same topic [1]. >>>>> >>>>> Could you please explain how the benefits of this series are helpful to >>>>> end users? >>>> >>>> This series exposes MRs as sysfs attributes, allowing end users to >>>> access them effortlessly without needing to write any code. This >>>> simplifies the process of debugging and diagnosing measurement-related >>>> issues. Additionally, it makes the CC architecture more intuitive for >>>> newcomers. >>> >>> Wait a sec, so there's already ABI for manipulating these? This just >>> adds a parallel sysfs interface to the existing ABI? >>> >> No, this is new. There's no existing ABI for accessing measurement registers >> from within a TVM (TEE VM). Currently, on TDX for example, reading TDX >> measurement registers (MRs) must be done by getting a TD quote. And there's >> no way to extend any RTMRs. Therefore, it would be much easier end users to > > TD reports *are* available through the tdx_guest ioctl so there's overlap > with the suggested reportdata/report0 entries at least. Since configfs-tsm > provides the generic transport for TVM reports, the best option to make report0 > available is through configfs-tsm reports. > Given the purpose of TSM, I once thought this TDX_CMD_GET_REPORT0 ioctl of /dev/tdx_guest had been deprecated but I was wrong. However, unlocked_ioctl is the only fops remaining on /dev/tdx_guest and TDX_CMD_GET_REPORT0 is the only command supported. It might soon be time to deprecate this interface. > The use case on MRCONFIGID mentioned later in this thread does not depend > on this series. It's easy for the user-space to interprete the full report > to find MRCONFIGID or any other register value (the same is true for HOSTDATA > on SNP). > Yes, parsing the full report will always be an option. But reading static MRs like MRCONDFIGID or HOSTDATA from sysfs attributes will be way more convenient. Additionally, this sysfs interface is more friendly to newcomers, as everyone can tell what MRs are available from the directory tree structure, rather than studying processor manuals. > The question here is whether there's any real benefit for the kernel to > expose the provider specific report details through sysfs or could we focus on > the RTMR extend capability only. > Again, parsing the full report is always an alternative for reading any MRs from the underlying arch. But it's much more convenient to read them from files, which I believe is a REAL benefit. Or can we flip the question around and ask: is there any real benefit NOT to allow reading MRs as files and force users and applications to go through an arch specific IOCTL interface?
Powered by blists - more mailing lists