[PATCH v4 0/6] configfs-tsm: Attestation Report ABI
From: Dan Williams
Date: Tue Sep 26 2023 - 00:17:49 EST
Changes since v3: [1]:
- Combine configfs-tsm + sev-guest conversion with the tdx-guest
extension
- Split PEM formatted certificate data to its own output attribute
(Jeremi)
- Parse the sev-guest output payload and emit the raw report without the
header (Jeremi)
- Drop @format as an input parameter and always request "extended"
reports in the sev-guest case with certificate data optionally
included (inspired by creation of separate @certs attribute)
- Drop usage of cleanup helpers in tdx_report_new() until
mutex_lock_interruptible() grows a guard() helper in v6.7. (Daniel and
Dave)
- Changelog grammar fixes for tdx-guest change (Kirill)
- Defer tdx-guest emitting its cert-chain through @certs pending
question on output payload versioning (i.e. kernel should only support
one). In the meantime zero-sized @certs is a valid output condition.
[1]: http://lore.kernel.org/r/169342399185.3934343.3035845348326944519.stgit@xxxxxxxxxxxxxxxxxxxxxxxxx
An attestation report is signed evidence of how a Trusted Virtual
Machine (TVM) was launched and its current state. A verifying party uses
the report to make judgements of the confidentiality and integrity of
that execution environment. Upon successful attestation the verifying
party may, for example, proceed to deploy secrets to the TVM to carry
out a workload. Multiple confidential computing platforms share this
similar flow.
The approach of adding adding new char devs and new ioctls, for what
amounts to the same logical functionality with minor formatting
differences across vendors [2], is untenable. Common concepts and the
community benefit from common infrastructure.
Use configfs for this facility for maintainability compared to ioctl(),
and for its scalability compared to sysfs. Atomicity can be enforced at
item creation time, and a conflict detection mechanism is included for
scenarios where multiple threads may share a single configuration
instance.
[2]: http://lore.kernel.org/r/cover.1684048511.git.sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx
---
Dan Williams (5):
virt: coco: Add a coco/Makefile and coco/Kconfig
configfs-tsm: Introduce a shared ABI for attestation reports
virt: sevguest: Prep for kernel internal {get,get_ext}_report()
mm/slab: Add __free() support for kvfree
virt: sevguest: Add TSM_REPORTS support for SNP_{GET,GET_EXT}_REPORT
Kuppuswamy Sathyanarayanan (1):
virt: tdx-guest: Add Quote generation support using TSM_REPORTS
Documentation/ABI/testing/configfs-tsm | 67 +++++
MAINTAINERS | 8 +
arch/x86/coco/tdx/tdx.c | 21 ++
arch/x86/include/asm/shared/tdx.h | 1
arch/x86/include/asm/tdx.h | 2
drivers/virt/Kconfig | 6
drivers/virt/Makefile | 4
drivers/virt/coco/Kconfig | 14 +
drivers/virt/coco/Makefile | 8 +
drivers/virt/coco/sev-guest/Kconfig | 1
drivers/virt/coco/sev-guest/sev-guest.c | 180 ++++++++++++--
drivers/virt/coco/tdx-guest/Kconfig | 1
drivers/virt/coco/tdx-guest/tdx-guest.c | 229 +++++++++++++++++
drivers/virt/coco/tsm.c | 411 +++++++++++++++++++++++++++++++
include/linux/slab.h | 2
include/linux/tsm.h | 63 +++++
16 files changed, 992 insertions(+), 26 deletions(-)
create mode 100644 Documentation/ABI/testing/configfs-tsm
create mode 100644 drivers/virt/coco/Kconfig
create mode 100644 drivers/virt/coco/Makefile
create mode 100644 drivers/virt/coco/tsm.c
create mode 100644 include/linux/tsm.h
base-commit: 6465e260f48790807eef06b583b38ca9789b6072