lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <25044b05-7574-4b01-a8ea-3f7e7f32317b@intel.com>
Date: Tue, 2 Dec 2025 14:46:08 -0800
From: Dave Hansen <dave.hansen@...el.com>
To: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@...ux.intel.com>,
 "Kirill A . Shutemov" <kas@...nel.org>
Cc: Rick Edgecombe <rick.p.edgecombe@...el.com>,
 Dave Hansen <dave.hansen@...ux.intel.com>,
 Dan Williams <dan.j.williams@...el.com>, x86@...nel.org,
 linux-kernel@...r.kernel.org, linux-coco@...ts.linux.dev
Subject: Re: [PATCH v5] virt: tdx-guest: Handle GetQuote request error code

On 12/2/25 14:22, Kuppuswamy Sathyanarayanan wrote:
> The tdx-guest driver sends Quote requests to the quoting enclave via a
> hypercall to obtain attestation evidence for the current TD state.
> Quote generation can fail in two ways: a hypercall failure, or a Quote
> failure that occurs after the VMM processes the request. The driver
> currently handles only hypercall failures and timeout errors during
> Quote processing. Update it to also handle other Quote failures
> reported by the VMM (for more details, refer to GHCI spec, v1.5,
> March 2023, sec titled "TDG.VP.VMCALL<GetQuote>).

I think you're talking about the "GetQuote Status Code" here, right?
That would have been nice to mention. It wasn't exactly trivial to find
because instead of saying what the format of a TDREPORT_STRUCT is, the
docs just call it "format of shared GPA".

> This change does not break the existing ABI behavior. When a Quote
> failure occurs, the VMM sets the Quote length to zero. Userspace
> already interprets a zero-length Quote as a Quote generation failure.
> Returning an explicit error in such cases makes the behavior more
> consistent and simplifies error handling in userspace.
I'm also not seeing a clear problem statement here. What is the end user
visible effect of this "fix"? Why *should* the kernel be parsing this
buffer? Why not not just leave the error handling to userspace?

> Fixes: f4738f56d1dc ("virt: tdx-guest: Add Quote generation support using TSM_REPORTS")
> Reported-by: Xiaoyao Li <xiaoyao.li@...el.com>
> Closes: https://lore.kernel.org/linux-coco/6bdf569c-684a-4459-af7c-4430691804eb@linux.intel.com/T/#u
> Closes: https://github.com/confidential-containers/guest-components/issues/823
> Reviewed-by: Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>
> Reviewed-by: Xiaoyao Li <xiaoyao.li@...el.com>
> Acked-by: Kai Huang <kai.huang@...el.com>
> Reviewed-by: Dan Williams <dan.j.williams@...el.com>
> Tested-by: Mikko Ylinen <mikko.ylinen@...ux.intel.com>
> Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@...ux.intel.com>

Please take a look at:

 https://docs.kernel.org/process/maintainer-tip.html#ordering-of-commit-tags

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ