| Message ID | 20230413034108.1902712-1-sathyanarayanan.kuppuswamy@linux.intel.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | TDX Guest Quote generation support | expand |
On Wed, Apr 12, 2023 at 8:42 PM Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> wrote: > > Hi All, > > In TDX guest, the attestation process is used to verify the TDX guest > trustworthiness to other entities before provisioning secrets to the > guest. > > The TDX guest attestation process consists of two steps: > > 1. TDREPORT generation > 2. Quote generation. > > The First step (TDREPORT generation) involves getting the TDX guest > measurement data in the format of TDREPORT which is further used to > validate the authenticity of the TDX guest. The second step involves > sending the TDREPORT to a Quoting Enclave (QE) server to generate a > remotely verifiable Quote. TDREPORT by design can only be verified on > the local platform. To support remote verification of the TDREPORT, > TDX leverages Intel SGX Quoting Enclave to verify the TDREPORT > locally and convert it to a remotely verifiable Quote. Although > attestation software can use communication methods like TCP/IP or > vsock to send the TDREPORT to QE, not all platforms support these > communication models. So TDX GHCI specification [1] defines a method > for Quote generation via hypercalls. Please check the discussion from > Google [2] and Alibaba [3] which clarifies the need for hypercall based > Quote generation support. This patch set adds this support. Thanks Kuppuswamy for the v2 of this patch set. I reviewed all 3 patches and it looks good for me and it covers our use cases. > > Support for TDREPORT generation already exists in the TDX guest driver. > This patchset extends the same driver to add the Quote generation > support. > > Following are the details of the patch set: > > Patch 1/3 -> Adds event notification IRQ support. > Patch 2/3 -> Adds Quote generation support. > Patch 3/3 -> Adds selftest support for Quote generation feature. > > [1] https://cdrdv2.intel.com/v1/dl/getContent/726790, section titled "TDG.VP.VMCALL<GetQuote>". > [2] https://lore.kernel.org/lkml/CAAYXXYxxs2zy_978GJDwKfX5Hud503gPc8=1kQ-+JwG_kA79mg@mail.gmail.com/ > [3] https://lore.kernel.org/lkml/a69faebb-11e8-b386-d591-dbd08330b008@linux.alibaba.com/ > > Kuppuswamy Sathyanarayanan (3): > x86/tdx: Add TDX Guest event notify interrupt support > virt: tdx-guest: Add Quote generation support > selftests/tdx: Test GetQuote TDX attestation feature > > Documentation/virt/coco/tdx-guest.rst | 11 ++ > arch/x86/coco/tdx/tdx.c | 196 +++++++++++++++++++ > arch/x86/include/asm/tdx.h | 8 + > drivers/virt/coco/tdx-guest/tdx-guest.c | 168 +++++++++++++++- > include/uapi/linux/tdx-guest.h | 43 ++++ > tools/testing/selftests/tdx/tdx_guest_test.c | 68 ++++++- > 6 files changed, 487 insertions(+), 7 deletions(-) > > -- > 2.34.1 >
Hi Erdem, On 5/9/23 5:10 PM, Erdem Aktas wrote: > On Wed, Apr 12, 2023 at 8:42 PM Kuppuswamy Sathyanarayanan > <sathyanarayanan.kuppuswamy@linux.intel.com> wrote: >> >> Hi All, >> >> In TDX guest, the attestation process is used to verify the TDX guest >> trustworthiness to other entities before provisioning secrets to the >> guest. >> >> The TDX guest attestation process consists of two steps: >> >> 1. TDREPORT generation >> 2. Quote generation. >> >> The First step (TDREPORT generation) involves getting the TDX guest >> measurement data in the format of TDREPORT which is further used to >> validate the authenticity of the TDX guest. The second step involves >> sending the TDREPORT to a Quoting Enclave (QE) server to generate a >> remotely verifiable Quote. TDREPORT by design can only be verified on >> the local platform. To support remote verification of the TDREPORT, >> TDX leverages Intel SGX Quoting Enclave to verify the TDREPORT >> locally and convert it to a remotely verifiable Quote. Although >> attestation software can use communication methods like TCP/IP or >> vsock to send the TDREPORT to QE, not all platforms support these >> communication models. So TDX GHCI specification [1] defines a method >> for Quote generation via hypercalls. Please check the discussion from >> Google [2] and Alibaba [3] which clarifies the need for hypercall based >> Quote generation support. This patch set adds this support. > > > Thanks Kuppuswamy for the v2 of this patch set. > I reviewed all 3 patches and it looks good for me and it covers our use cases. Thanks for the review. I will address other reviewers comments and resubmit v3 this week. I will include your Reviewed-by in it. > >> >> Support for TDREPORT generation already exists in the TDX guest driver. >> This patchset extends the same driver to add the Quote generation >> support. >> >> Following are the details of the patch set: >> >> Patch 1/3 -> Adds event notification IRQ support. >> Patch 2/3 -> Adds Quote generation support. >> Patch 3/3 -> Adds selftest support for Quote generation feature. >> >> [1] https://cdrdv2.intel.com/v1/dl/getContent/726790, section titled "TDG.VP.VMCALL<GetQuote>". >> [2] https://lore.kernel.org/lkml/CAAYXXYxxs2zy_978GJDwKfX5Hud503gPc8=1kQ-+JwG_kA79mg@mail.gmail.com/ >> [3] https://lore.kernel.org/lkml/a69faebb-11e8-b386-d591-dbd08330b008@linux.alibaba.com/ >> >> Kuppuswamy Sathyanarayanan (3): >> x86/tdx: Add TDX Guest event notify interrupt support >> virt: tdx-guest: Add Quote generation support >> selftests/tdx: Test GetQuote TDX attestation feature >> >> Documentation/virt/coco/tdx-guest.rst | 11 ++ >> arch/x86/coco/tdx/tdx.c | 196 +++++++++++++++++++ >> arch/x86/include/asm/tdx.h | 8 + >> drivers/virt/coco/tdx-guest/tdx-guest.c | 168 +++++++++++++++- >> include/uapi/linux/tdx-guest.h | 43 ++++ >> tools/testing/selftests/tdx/tdx_guest_test.c | 68 ++++++- >> 6 files changed, 487 insertions(+), 7 deletions(-) >> >> -- >> 2.34.1 >>