Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp2461169rdh; Wed, 27 Sep 2023 03:28:51 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH2IlrY5fTadWgJf0baKdnmZhePtxh0r4YE9CbFdYSNGaAZVQguNnOXiyTf8i1Ost3FEWJ1 X-Received: by 2002:a05:6870:b69d:b0:1d5:bda7:132d with SMTP id cy29-20020a056870b69d00b001d5bda7132dmr2216099oab.4.1695810531436; Wed, 27 Sep 2023 03:28:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695810531; cv=none; d=google.com; s=arc-20160816; b=TIBrip1gTySdzh+yvaYEkxMRY1ljRAyqA10RADan4rbX2jk/Zi1LZzhzyyEhtR2IwO +LVk311yl5DtzgPiWog1Q18R+Tzie1Eej6LcYuP7mtyu7PPMhH6Qy1VaTRzvFG98MEjg ky7gx4bEq6dauaWIPW5dsa29v4x6v8uAy8yT7lIWsg2FNv83iyHTNZ+/NQTOrYkJg9mz FCjt2Nbcleky8QiNDgbMeRv8qVhYfn4W6flXWAhg3BJyGHrEXkwBllPDD6OummkM3i3e u0U6YzdGAmE9v2bds2y/paAJ+5zS3INCfkFix2Wo5Z8oejAUs4JaD0D6/07EPdc3wrOw 3Rsw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=KCkza55Bwm3HBRjy5gx9XLQCeSfCsP7GfuZ+jZDqYqw=; fh=HCUxrxIKpsPCpzmLwwyG9Rz6eKbt/xw4xZjH4fvchfg=; b=TU7Dbt+o9siMIz+z2hf527bImp+giflWmvF1zMOhi38IKFX2crUHOnaF8FLkPJ6VNb wOv4odycCwNoxiUUWSBNdKTvI/7Tt6CJzCR+f1fnjzEA6f4zxj0mD78OkcAtyY2IOeMr bklyFIOwm3xCXQswodE6nsd1AjAL8+m78xMwf+zsqjyF5AE9VfSjnwkpkzuXYNFgNM8q naLxFAdR9JuKZ3OSTnvdBSCxW5R2oU4+8CNQw79iDcTlIXxw0rdAX57vFVx9dcoF/Dzr 5zPaIZW9Rkm+gaAkCX/m4Wz07RnFqPdVxMVVO6eNf4XLyGHFuJqu5XXQKuCsUBBYuPWd mx2A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=zv+K0F+v; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id a5-20020a655c85000000b0056fa1bc208esi983900pgt.722.2023.09.27.03.28.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Sep 2023 03:28:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=zv+K0F+v; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id D83E381AB522; Wed, 27 Sep 2023 01:44:04 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230163AbjI0IoC (ORCPT + 99 others); Wed, 27 Sep 2023 04:44:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36744 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229762AbjI0IoA (ORCPT ); Wed, 27 Sep 2023 04:44:00 -0400 Received: from mail-lj1-x22a.google.com (mail-lj1-x22a.google.com [IPv6:2a00:1450:4864:20::22a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 061AB95 for ; Wed, 27 Sep 2023 01:43:59 -0700 (PDT) Received: by mail-lj1-x22a.google.com with SMTP id 38308e7fff4ca-2bffdf50212so172296441fa.1 for ; Wed, 27 Sep 2023 01:43:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1695804237; x=1696409037; darn=vger.kernel.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=KCkza55Bwm3HBRjy5gx9XLQCeSfCsP7GfuZ+jZDqYqw=; b=zv+K0F+vhJkU5qOAiIZitQVZlEaJ9EfIuEtc/xFw1nY8UI+DuARkBmjQhHfTkGZSWB kpGFsCHBMJJ12rXgX11fJ1PPvR8if4Gan2OV05JiqNTZA7Sa7DzJvULEogxikSre4UD0 GtNiAFJOVc1oAxcTSitXgl9NsfUf7j9nODVN/vBUmElzup5RGgRKd0gYvomsJ6pEls9v Kz9luzw59VforWj1DpXDEdBpC3gJHmQfQbS1s++nV54e0e6cttxSpNac97UsVtlLaAHJ vVOEhqeV5z9DU7K+l2YFH2z06fBpD6BRrsFXjUt9mAFOUljBBF0pUgBIy0TqUA10cuGe Rr8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695804237; x=1696409037; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=KCkza55Bwm3HBRjy5gx9XLQCeSfCsP7GfuZ+jZDqYqw=; b=F9BXXghZOyV1mdK/G3c0ujGF9lF3o30XKfR/EgVwcEvYAIhs+HBR/7BEXk/hAdHSem O1chbsOu+EdXX7MNEvkldKDvHaML1jqUCkXJgvmOvwNB0eRoBAZQYyMrbHFkQLVi8WvU ADYm+DLqhp56Vv+CBzPBiQrBioQXqNEm+TPmsvXepJfr7nKe1XDx+wUXR0gdkxuMEN3M PtlSiWs99TaibU4kM7F4p9VDQGufluDpJ54qAanp1Qo1l+9RS/pLXklr9Cv8sMXrsXcR 5MgZ5GdNZvb1idbsmM2N7z8IbVcJwpyqWiLcWZ4htO+ufm3M2khOrie8rpOfNbFKtRx5 W4KA== X-Gm-Message-State: AOJu0Yx8uxN+oSPyrDWVICBhpj/Q6MkUqfRQK5DUBALb+OROhs/5dvwi gWXHhYcchWfv3DVncSuxNqblHKYN74occcnW6bZNRw== X-Received: by 2002:a2e:808f:0:b0:2c0:d21:39de with SMTP id i15-20020a2e808f000000b002c00d2139demr1519425ljg.42.1695804237206; Wed, 27 Sep 2023 01:43:57 -0700 (PDT) MIME-Version: 1.0 References: <169570181657.596431.6178773442587231200.stgit@dwillia2-xfh.jf.intel.com> <169570182987.596431.14062417344858914481.stgit@dwillia2-xfh.jf.intel.com> In-Reply-To: From: Thomas Fossati Date: Wed, 27 Sep 2023 10:43:41 +0200 Message-ID: Subject: Re: [PATCH v4 2/6] configfs-tsm: Introduce a shared ABI for attestation reports To: Dan Williams Cc: linux-coco@lists.linux.dev, Dionna Amalie Glaze , James Bottomley , Peter Gonda , Greg Kroah-Hartman , Samuel Ortiz , Thomas Gleixner , peterz@infradead.org, linux-kernel@vger.kernel.org, x86@kernel.org, dave.hansen@linux.intel.com Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Wed, 27 Sep 2023 01:44:05 -0700 (PDT) Caveat: newbie here (just subscribed the linux-coco list) trying to bridge the abstract language of IETF RATS with an actual implementation of the architecture. > +struct tsm_report { > + struct tsm_desc desc; > + size_t outblob_len; > + u8 *outblob; > + size_t certs_len; > + u8 *certs; > +}; Could you clarify the semantics of @certs? Are these what the IETF calls platform "endorsements" [1], [2]? Or could a DICE report (which is a cert chain) fall into this bucket too? If the former, maybe @endorsement_certs (or similar) would minimise ambiguity. [1] https://www.rfc-editor.org/rfc/rfc9334.html#name-endorsements [2] https://www.ietf.org/archive/id/draft-dthaler-rats-endorsements-02.html