Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp3583601rdh; Thu, 28 Sep 2023 16:55:42 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHbz3qV1q3X/17qBySiquiD01b9hUyCR089tvPBIfmDK/m01+fIoxBRIiNo2RxpJVajPU20 X-Received: by 2002:a05:6a00:84c:b0:68e:29a6:e247 with SMTP id q12-20020a056a00084c00b0068e29a6e247mr2936910pfk.10.1695945341925; Thu, 28 Sep 2023 16:55:41 -0700 (PDT) Return-Path: Received: from groat.vger.email (groat.vger.email. [23.128.96.35]) by mx.google.com with ESMTPS id ck12-20020a056a00328c00b00690ff5e479fsi19175663pfb.332.2023.09.28.16.55.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Sep 2023 16:55:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=cpN0Fv0Y; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 9754483DD696; Thu, 28 Sep 2023 15:49:41 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232482AbjI1Wtb (ORCPT + 99 others); Thu, 28 Sep 2023 18:49:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44408 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231535AbjI1Wta (ORCPT ); Thu, 28 Sep 2023 18:49:30 -0400 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 896B0180 for ; Thu, 28 Sep 2023 15:49:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1695941369; x=1727477369; h=date:from:to:cc:subject:message-id:references: content-transfer-encoding:in-reply-to:mime-version; bh=kbwGgTUsr+F8XHCXxOpWkq/RYvLp8mRezE0fBOhE29c=; b=cpN0Fv0Yw5lZhjh8pcpFcOirE3M6tRqB6ghks/kax3jvIyM6U9loxvXR 0aNowYCi6GhCJQXhRQpzhMK23dryyS/kC2b1OwFH2OaQkIpPI9BDItIph L0GGE6mUybm0xTxJc3P0qhhMLZmVAsPImZck3VPQOdw6xSAqf+9G/rHXz bvQAiuc/ujrpt+7sy3q8ooJrEGmhJ3YsXozYlDXOiVCmoprfjPoHL1mAS 1PY8r2iDopzMc/O3Vv5IRbkdJruNoYfDuzOZH4WD1ViUPwnMkJsY7e5md 7B+ha/6rdGQf2Hx+8o+w25G0otX5zPQzOVwS30/DtPcnHinMjN59INPbm w==; X-IronPort-AV: E=McAfee;i="6600,9927,10847"; a="798619" X-IronPort-AV: E=Sophos;i="6.03,185,1694761200"; d="scan'208";a="798619" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Sep 2023 15:49:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10847"; a="865468194" X-IronPort-AV: E=Sophos;i="6.03,185,1694761200"; d="scan'208";a="865468194" Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by fmsmga002.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 28 Sep 2023 15:49:27 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32; Thu, 28 Sep 2023 15:49:27 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32; Thu, 28 Sep 2023 15:49:26 -0700 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32 via Frontend Transport; Thu, 28 Sep 2023 15:49:26 -0700 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.173) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.32; Thu, 28 Sep 2023 15:49:26 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WfVWTlDAYXIylhzOpXDNPNUsPmhRqmsXrPuWCnRsD9FompCkiLYhixl1Ocz8+wkPr+5uRz5qYnSgOM+mVsE3sQ7noGuC/6mUElMX0kLv4U+a7f71f5FFp5EqYp8WOKtwFZgkeVwOwy0JILEW3TbmSJwf9T4gGo8jcXic85p6Sqb1XCq5Tbcw6lWMxf/JTBbUcnWtlsaOe4KqwSHpm4IoIsKZKAo3pzF8JSkVU4HpRkj77gPDzw76IOYvKJp8C5E2aeYt36xAAjS3S1+5YQqWrfsIc1KRtwVTz7Ch9B4i06PqdCN/u5StEpQs5KTMoF1EdqAgWygs9iEjjqKLT2WuUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gfxWJtkEGiLfbxhYE8vCiZ+Es2PfzoCr7yVHna8uZUU=; b=eupc/PBhs8hA+5q4XVm/18KZzUh5UeJuWdFfHUfpTUbmONyghxQ0958dOXpTZ6hBDmpUeqZxNHhHF8WI43v/M/0UGz1HSmdJ0dqliQMz4VXFU+YV1DlJOuXz589Y5gxmd0OU1mIYjGbrBmpjUaYpZo5h1Eqc7IyDcT2FJj8TvXpx5cYTKT9UvVoEhwCc0BZoteJqXqZmFqiPICZ2K+Lt/BLP0pzIKKvpdcfgbmKbGmO2zZRAylElaKZm1TqE9crtEhEQv8S6Wm6A9K426f2Bi0TPxFeH+t8A320VW7XkUNzXYKBlzNx95IKsJ6m1TiiYlDcWw1Cj9yk4CFDahlNiMQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; Received: from PH8PR11MB8107.namprd11.prod.outlook.com (2603:10b6:510:256::6) by LV3PR11MB8578.namprd11.prod.outlook.com (2603:10b6:408:1b3::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6813.23; Thu, 28 Sep 2023 22:49:23 +0000 Received: from PH8PR11MB8107.namprd11.prod.outlook.com ([fe80::acb0:6bd3:58a:c992]) by PH8PR11MB8107.namprd11.prod.outlook.com ([fe80::acb0:6bd3:58a:c992%5]) with mapi id 15.20.6792.026; Thu, 28 Sep 2023 22:49:23 +0000 Date: Thu, 28 Sep 2023 15:49:00 -0700 From: Dan Williams To: Peter Gonda , Dan Williams CC: , Kuppuswamy Sathyanarayanan , Erdem Aktas , , , , Subject: Re: [PATCH v4 6/6] virt: tdx-guest: Add Quote generation support using TSM_REPORTS Message-ID: <651602dc4c6e3_91c1e2947f@dwillia2-xfh.jf.intel.com.notmuch> References: <169570181657.596431.6178773442587231200.stgit@dwillia2-xfh.jf.intel.com> <169570185411.596431.3153227201984845022.stgit@dwillia2-xfh.jf.intel.com> Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-ClientProxiedBy: MW4PR03CA0108.namprd03.prod.outlook.com (2603:10b6:303:b7::23) To PH8PR11MB8107.namprd11.prod.outlook.com (2603:10b6:510:256::6) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PH8PR11MB8107:EE_|LV3PR11MB8578:EE_ X-MS-Office365-Filtering-Correlation-Id: 7be1be44-28b6-44c9-053d-08dbc0751ced X-LD-Processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3N8KsbOq33DPsr5xTi9PH9553HUX9M61nBxWDTimJIbgAhALpJTXKZ7LQWI+P7xsVhznu3G+n230knPq/ORZ+rXXYSn+dD7z6eeOokbh9Pz19dkfPUbza/QbxZLT4EuIKw6gZtJbVqgia5xACUu60KERy8sgmW0zF5hD+KbP5SU7bDpSoxP2VIHUF+RuRYJLnaywoyGGwyMjQ+3AFd4220HLt0kKRcnNaPZ+/kvMCVx+l62vyc5HGH3k84rIHwxobr9f7Huys+tVFPKGkABKSxd63JVq2w1sF7IspDb+nS23ocF9CzfNU0U5jkcUC2MIuxJMxi5DrJqStfxBKnCnU2TTMq33NbNv5piSez/83ee1HtMNpyMJupUj/Rh25lAtp9Hal6ysVyjd6lfrIltlEz0EZybKWwea+J6BewtlPWkd3Ctjay9Acappo6gN2xgwyX6tWFBjC727qbDUebJAhe0uIG5zR6tlLW+BKig9WkySLNiZ8W9Ok/iyzuY2KJq4BqH5OokskKnlS3wVEGyos+7dlSaIckliXKnArasowtU= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH8PR11MB8107.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(346002)(376002)(39860400002)(396003)(136003)(366004)(230922051799003)(186009)(64100799003)(451199024)(1800799009)(6512007)(9686003)(478600001)(82960400001)(53546011)(110136005)(6486002)(86362001)(6666004)(54906003)(38100700002)(83380400001)(966005)(66556008)(26005)(66946007)(66476007)(41300700001)(5660300002)(8676002)(8936002)(6506007)(316002)(4326008)(2906002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?YjJHb1E4MkpUTUJrYkJCa2ZmL0RnMGlIN3VocEV2UUxHV1NsNmhHQW5CY25w?= =?utf-8?B?MlJacVZ1MDQvWTlYRHFQMVZ6TFNMM21NWC8rQStEaVoyR29EK1A2czNoa3Rp?= =?utf-8?B?M3RJVUxONVNyWXBGbmpLNjFZSVhlaVFOSlU3bVlmY2lJOE5reXoycE1LcjlI?= =?utf-8?B?T2JEL3ZVTGZwSFZyM3U3TVlDR1dSeEMralVBRldMZUllRmtXZlZORFRkZ2hi?= =?utf-8?B?aDNvb3pWaUNLOHFPa0VJc0pPaDh5aTZSTmh4QlhvVCtVOWxzRDBpSTh1bzQ5?= =?utf-8?B?VVFNQVhZelhST0tvdFNuQkxQUzlibXJzbmJGckxDNjBEWEUrWVVKN0lNSjBt?= =?utf-8?B?UWxkZE5rbTRXVFdDZHdIL1c5ODluU01nOTVuN0RXUG5tNE5ORTVBT1JQSlFx?= =?utf-8?B?SGFKdXNuVjZneW9uTWZiMzZMeWdVVVJGZFJ2R2R6TFBBSG9OWVRTQjdoV3JF?= =?utf-8?B?VUdzTEFnd1VyU0VmVzVnd2ZIem5lUFJ0dHc2dm5YSkVJK3NpYytMSHdYZVZt?= =?utf-8?B?SngxSEhIc3I3a240eFRSNFEzZFUzajF4WURZZ2dWbkNWbjhWbmw2cWluZTMy?= =?utf-8?B?MDd3c3ViSDQ2U2llWlNMRXgreXNhYk9ldnpTdTB6UXVZWGlVUlh0bnkrZTZH?= =?utf-8?B?TFB2TGxka3V0SU5UOFRON3VBaGtPQjJISW41U2RMWkNDYW5wUzBiRWxqcEFa?= =?utf-8?B?c3FZSlVRcnZ4eWVOMk1ldWhXQTAvYWo1MkdHVFZ4eTZTZGJtTnJ3Ynp5SUZL?= =?utf-8?B?OWo5OUZFYzdVZWVQd3RPYW03VFRmUFBrRCtoU2hNdlpZWnJ2bmVRS3U5eVd4?= =?utf-8?B?aXdTUGR3VHB5MjRQM1huaFVVeVp4OGIybzl0bFF2N2E2ajNOQ2MyVkFuc080?= =?utf-8?B?SXpUa3hKMUpCZndoZXNxUGRhSGFlVWc4OGVhOFdHTnRVZWR6QnRWeDlTVW14?= =?utf-8?B?QzdRK09nRm1JcFNweFlRS1hHb1Q2Q3o3Y0lRK2t3THRFVzVudFN1YkNZWkNo?= =?utf-8?B?Zi9aOXNtN2VpRmJNNDViZGtnRDQxUjdqSDhsamNSNTJRTkdyREoyT3krcGhS?= =?utf-8?B?SWJ2RkJuK3g0L1VUVVNpY1lIWkxvWkVkWWE2Q050MHRldVZCZUlwaVYvZ0Yx?= =?utf-8?B?QmFpaU9RWmNYRWlFY3RhaTZMMzNZcHIvRVJVak1Kdmg3cTM2TWcveGgyN2VU?= =?utf-8?B?Rm11WjdzWjNaYzkvMTFNQ2pVRHUyWTFlWElDL2NqVWVKUGxCeDlVNFZEeVNk?= =?utf-8?B?SzhGQlRmVUQ3RHZ2SUJ0Y0R5Nk1LcFBqUVRRaWNQc0pOQmFWcXh3N0p5WXVE?= =?utf-8?B?d3pLWmNYWlVhSStSbHdBTlBRbCs5Y0x5eXNoc1UvNHk3bHdWaG1JQUxoSVdy?= =?utf-8?B?cnZnUTlxZHNGNEUvSFFvZ3BWclJjVkFsWkc4WFRJU1g5ZmRKaHpuRzhlRnl6?= =?utf-8?B?RVZRRHpRNU5oaUpoL3FDWk5jL3JUcks1bzhvbzhLQmFDQ3FxUytmOHl6RFZ3?= =?utf-8?B?Y3FrSVFCVW10NmhKVGUvVDB4WUZSK2hGdFNId1RzdjFieGhwZVVuNVdNUWhR?= =?utf-8?B?MkJ1OGZyQkQ2UFQzanRkRHVEY3psVTZjRkFsSkI1SXNpN0x2UEpYNXJybWVY?= =?utf-8?B?cTl0Unl1Zk1JSWlwMjRDdXFzQnc0bE5QSDB1QTA4VGhmbWo1MVkvam9TY3Nr?= =?utf-8?B?TCtwbk1QeGloY1JidnpaSXNSaEZ2d3B6aWduS2ZVYUluSEJHKzdzdCt6K09C?= =?utf-8?B?VWdSUTA2a2lGYURYeDlaNWVvUUlqYjEwN28vRld4MklXSXZ4TVRPTFZ4bGY2?= =?utf-8?B?MFJHM25ZOTBYMlpXYmhEZ1V5Vkl2K3o3TnFtbnpydDhzcjh0bkpsMEdaQnBl?= =?utf-8?B?TXYwUll4aXplc0s4RmZzOFVxQ2FtdzhLQXhZdU9tUi92TDJnK1RCMEJtUHVx?= =?utf-8?B?cnExdUhwY0IxWGpXaXF6WHV2NmtUV3JabXpUMG1xUGRwcktxZEVCcUduZGYz?= =?utf-8?B?OFFvL3pSZmkyWkNocldKcmVvNlJ5clZKUWxuMGw3VnR0UHl5T3B0WXdSdnRj?= =?utf-8?B?ZjdZRlY1VkNqaWVheVJIb1BqcXNiY3lKTDN1OWF0aGZyMXMvbkxhZ2V0SkdC?= =?utf-8?B?U0RZNUdMekF0bFRvVFJ6aStWa3QrRG45WGx3cyt3Zjh2bDIvejFxUTdvODJm?= =?utf-8?B?b1E9PQ==?= X-MS-Exchange-CrossTenant-Network-Message-Id: 7be1be44-28b6-44c9-053d-08dbc0751ced X-MS-Exchange-CrossTenant-AuthSource: PH8PR11MB8107.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Sep 2023 22:49:03.7713 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ivWvIu5zJdn8Vkd/IyqSdleTOY0q/97VLBmIOzAWQfr2cK8KUATGownT4s+hy/33uZYYFBct8mDZRHU4+whsYW37AUHEEkqaLPdgEHTCd6Q= X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR11MB8578 X-OriginatorOrg: intel.com X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Thu, 28 Sep 2023 15:49:41 -0700 (PDT) Peter Gonda wrote: > On Mon, Sep 25, 2023 at 10:17 PM Dan Williams wrote: > > > > From: Kuppuswamy Sathyanarayanan > > > > In TDX guest, the attestation process is used to verify the TDX guest > > trustworthiness to other entities before provisioning secrets to the > > guest. The first step in the attestation process is TDREPORT > > generation, which involves getting the guest measurement data in the > > format of TDREPORT, which is further used to validate the authenticity > > of the TDX guest. TDREPORT by design is integrity-protected and can > > only be verified on the local machine. > > > > To support remote verification of the TDREPORT in a SGX-based > > attestation, the TDREPORT needs to be sent to the SGX Quoting Enclave > > (QE) to convert it to a remotely verifiable Quote. SGX QE by design can > > only run outside of the TDX guest (i.e. in a host process or in a > > normal VM) and guest can use communication channels like vsock or > > TCP/IP to send the TDREPORT to the QE. But for security concerns, the > > TDX guest may not support these communication channels. To handle such > > cases, TDX defines a GetQuote hypercall which can be used by the guest > > to request the host VMM to communicate with the SGX QE. More details > > about GetQuote hypercall can be found in TDX Guest-Host Communication > > Interface (GHCI) for Intel TDX 1.0, section titled > > "TDG.VP.VMCALL". > > > > Trusted Security Module (TSM) [1] exposes a common ABI for Confidential > > Computing Guest platforms to get the measurement data via ConfigFS. > > Extend the TSM framework and add support to allow an attestation agent > > to get the TDX Quote data (included usage example below). > > > > report=/sys/kernel/config/tsm/report/report0 > > mkdir $report > > dd if=/dev/urandom bs=64 count=1 > $report/inblob > > hexdump -C $report/outblob > > rmdir $report > > > > GetQuote TDVMCALL requires TD guest pass a 4K aligned shared buffer > > with TDREPORT data as input, which is further used by the VMM to copy > > the TD Quote result after successful Quote generation. To create the > > shared buffer, allocate a large enough memory and mark it shared using > > set_memory_decrypted() in tdx_guest_init(). This buffer will be re-used > > for GetQuote requests in the TDX TSM handler. > > > > Although this method reserves a fixed chunk of memory for GetQuote > > requests, such one time allocation can help avoid memory fragmentation > > related allocation failures later in the uptime of the guest. > > > > Since the Quote generation process is not time-critical or frequently > > used, the current version uses a polling model for Quote requests and > > it also does not support parallel GetQuote requests. > > > > Link: https://lore.kernel.org/lkml/169342399185.3934343.3035845348326944519.stgit@dwillia2-xfh.jf.intel.com/ [1] > > Signed-off-by: Kuppuswamy Sathyanarayanan > > Reviewed-by: Erdem Aktas > > Signed-off-by: Dan Williams > > Hey Dan, > > I tried running your test commands on an SNP enabled guest. To build > the kernel I just checked out linus/master and applied your series. I > haven't done any debugging yet, so I will update with what I find. > > root@Ubuntu2004:~# hexdump -C $report/outblob > [ 219.871875] ------------[ cut here ]------------ > [ 219.876642] kernel BUG at include/linux/scatterlist.h:187! Ok, it does not like virtual address of one of the buffers, but my changes "should" not have affected that as get_ext_report() internally uses snp_dev->certs_data and snp_dev->response for bounce buffering the actual request / response memory. First test I want to try once I can get on an SNP system is compare this to the ioctl path just make sure that succeeds.