Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1401913pxj; Fri, 21 May 2021 13:22:11 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxR7+qIJ/rpaKdg6x1qiTpormGJnu1yQkIt0gvz3tnJMr9MlC+Q6BGtakejM1rTJCvUy6xw X-Received: by 2002:a92:cc41:: with SMTP id t1mr655623ilq.308.1621628531093; Fri, 21 May 2021 13:22:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1621628531; cv=none; d=google.com; s=arc-20160816; b=JFnTNsHkjQUFjMX4Aku20KmkTccMhL4iWN8jt78qIay0bcqnfwAGVNyZUv8RKYFLPJ u55fNQ+5S8SadYtPLmlywoc4evwQ+nVPk5bMuCLAzD6W4/ZdhNZvzJypV4akXZfIz8dP W56wfzG15luXzyePlSqBT5E2B/WH0q+Kl3Pv/MEElX/9upa+ePQZUUfxFbp8HsdJhD3c qnMvUM6YbzSlDjk0NFKgj+g4qZOZTvWo+ufOf/nZzdxMHRs4liJtTt2NMlmg37zLbUzI Q0ZmHA6UqjvutakNZbebCwuir0Y/nRLVO9nQfw+ZJUWg3iWBMWZFK+uPD8idJ+T74CuZ TMIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:reply-to:from:subject :message-id:dkim-signature; bh=NWkg5whIEVwVMkgRIGlgWyJUA+SgTZHOp0Nbt8P//bY=; b=q4IWWIUSGMF3oNdUGULXhrlsu4syE2yKYt+SdHwnSc9gexarMJ+VAnd0i4/eezhEDY phaB2xosmXi9oykHBw3ofENFKzBpeUHecjxD5dI41/djzZciJYIbhfNyFufFuPzuxnOO t+vQAuG0hGmERlQy7bqftmEafV+5iTfbUYHBjTYAV2Vp+gtHBuJbcdjVs4swjXtU9tO/ +5gUPsnAUpoWq3JgYOYU1qpSJ61ANTQGbEh5cPPO85dd0wNl0w+6nnnwXDKMMMIdI7BA RmKSTtf4K8+TLalosiLOSTD4JjKKCJ6oxdFFlnbCUB3IuMfHlOxR/ZdscRMRyOoefo8W sVSQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=PufsNEtP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g15si6463359iln.71.2021.05.21.13.21.57; Fri, 21 May 2021 13:22:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=PufsNEtP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232849AbhEUQFG (ORCPT + 99 others); Fri, 21 May 2021 12:05:06 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:51540 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S229586AbhEUQFF (ORCPT ); Fri, 21 May 2021 12:05:05 -0400 Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 14LG3TJf048686; Fri, 21 May 2021 12:03:33 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=message-id : subject : from : reply-to : to : cc : date : in-reply-to : references : content-type : mime-version : content-transfer-encoding; s=pp1; bh=NWkg5whIEVwVMkgRIGlgWyJUA+SgTZHOp0Nbt8P//bY=; b=PufsNEtPfEYnffaoQw0CxtuYA55Asl5kkuO4LJ5flhZZdwkSXfDXhn8uDIgxdemVARps focxG9bcHx/vDM0HUP2iDcoPHAtke1YlNC+W9y0gNsDr9TPrFni4cejBLhtWdldVdAdc +oN+MDctjCUQQ0ut6KIdfnSF1S+Aj2Rw8sHfpLx0Ob0LO+77w5cn29cxge97S2phowfn GRfc7+r+eE6ymTrJR4J6uXDQk9h1f+XLvLlHeQzuqLmxaqwvipccyJlAXsGmE8WfO2xD PpWE5+2C3c6ptwubaG4qmDq3lczIavaRL5cEaZfOCRm1oze5E/Cuj2tyeegp+3nsuvMd rA== Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 38pfar1avs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 21 May 2021 12:03:32 -0400 Received: from m0098420.ppops.net (m0098420.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 14LG3VVL048913; Fri, 21 May 2021 12:03:31 -0400 Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0b-001b2d01.pphosted.com with ESMTP id 38pfar1avh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 21 May 2021 12:03:31 -0400 Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 14LFtE6s024491; Fri, 21 May 2021 16:03:30 GMT Received: from b03cxnp08027.gho.boulder.ibm.com (b03cxnp08027.gho.boulder.ibm.com [9.17.130.19]) by ppma05wdc.us.ibm.com with ESMTP id 38j7tbrbe9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 21 May 2021 16:03:30 +0000 Received: from b03ledav004.gho.boulder.ibm.com (b03ledav004.gho.boulder.ibm.com [9.17.130.235]) by b03cxnp08027.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 14LG3Two10551732 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 21 May 2021 16:03:29 GMT Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E4B9878063; Fri, 21 May 2021 16:03:28 +0000 (GMT) Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E085D78066; Fri, 21 May 2021 16:03:24 +0000 (GMT) Received: from jarvis.int.hansenpartnership.com (unknown [9.80.208.94]) by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 21 May 2021 16:03:24 +0000 (GMT) Message-ID: Subject: Re: [RFC PATCH 0/3] Allow access to confidential computing secret area From: James Bottomley Reply-To: jejb@linux.ibm.com To: Brijesh Singh , Andi Kleen , "Dr. David Alan Gilbert" Cc: Dov Murik , linux-efi@vger.kernel.org, Tobin Feldman-Fitzthum , Tobin Feldman-Fitzthum , Jim Cadden , Hubertus Franke , Mike Rapoport , Laszlo Ersek , Ashish Kalra , Tom Lendacky , Ard Biesheuvel , James Morris , "Serge E. Hallyn" , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 21 May 2021 09:03:23 -0700 In-Reply-To: References: <20210513062634.2481118-1-dovmurik@linux.ibm.com> <2c8ae998-6dd0-bcb9-f735-e90da05ab9d9@amd.com> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.4 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-TM-AS-GCONF: 00 X-Proofpoint-GUID: J3eWov5232J_lTh8NNUvrd0Rb9wuA-eT X-Proofpoint-ORIG-GUID: mAG4Un5fk-XPLIHybX4tnpxaPXgowfWu X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.761 definitions=2021-05-21_07:2021-05-20,2021-05-21 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 clxscore=1011 mlxscore=0 adultscore=0 spamscore=0 impostorscore=0 suspectscore=0 mlxlogscore=999 phishscore=0 priorityscore=1501 malwarescore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2105210084 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 2021-05-21 at 10:56 -0500, Brijesh Singh wrote: [...] > In case of the SEV-SNP and TDX, the guest OS participates during the > attestation flow; the driver working on the behalf of userspace and > does not have access to the secret, so it cannot populate the file > with the secrets in it. OK, so for a simple encrypted VM using root on luks, how in SNP does the boot loader obtain the disk passphrase? In the non SNP case, it's already upstream: OVMF finds the secret page and converts it to an EFI config table, which is passed into grub. It's starting to sound like we'll need a new grub module for SNP which will do an active attestation and receive the passphrase over some channel secure against the cloud provider. Could you give us an example of how you think this flow will work? Thanks, James