Received: by 2002:a05:7412:e794:b0:fa:551:50a7 with SMTP id o20csp738965rdd; Tue, 9 Jan 2024 19:57:05 -0800 (PST) X-Google-Smtp-Source: AGHT+IGqMwocEPW8vGhoZFFK+tNYO6dcRqV/5kXjoOx9M/YP1OLVPZ1BcsfwDUxHW+vyDfSi7WJ7 X-Received: by 2002:a05:622a:203:b0:429:9a61:9b59 with SMTP id b3-20020a05622a020300b004299a619b59mr537067qtx.29.1704859025215; Tue, 09 Jan 2024 19:57:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704859025; cv=none; d=google.com; s=arc-20160816; b=a33h9w0+Fa+SAZkx7RMDQnc9AhSMdugaC7EqtqlLC4YRGudHI9p2xIyn/j+nh/lveY exY5KfF36T+DmXIu6AI6JPB/VT7viWYDxwSb9Cbu4JaG2XQafgL4anL3hCkZPOVEPbc9 5f5uis1kYZicCQ/9AKZIQSoPTpjnVUv0/7b/O3fxtuf2fH4scChEynv2LviSHi8L/eYP HRA5V1w0L0IOZXyK+RxP9DucTeAo+P348+QoPolirvfey6hBbj/zGZhLEIiKYiE+rc5J 6r9cpxTCQ60/Nm/breLc2TFcnHapnQc6P2ZpStAbhycCWIuX7IJBQOyXo0aVey5UgWuN qd/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id:dkim-signature; bh=mhT6yVlGrgroWvenaQGSMxVvgxUaj4p+kXNvdwBc4fU=; fh=dVLDccgVepPDRfb5/6gX3J2/34oKlQTviDPc8ths6KI=; b=ohWdbrbe08IukyJ5xgCM1SNXKF7l0pNEWIEq7qBO4V4UlSSaNlj8aGijZlW8IKCUr+ vwjT45oR+BhO4zRgqyFL7zq9HpvOwTKgUrPlOrlIGBxmBIEeUfMEFVjHH9CJjn1bXqvL nE2Yw5m2gKW2XO2NN6X0/X5ZjLXUzRZOn5hMmyhsZvX2EOacPZLZoHg+aqAaVlDopmCJ iyDKkgNtzjW4fp4usyIW4uwR0PCYRnajM/7+svo3+HrhR+cyu1wxlwRyAgmECRPQ9KNh gVOv6HZq9PSU9IUzqCasT/FCE860cjTypsXINiBDEa0yoSCXDGCUmelduSrck7j0YFCI TnNA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Di0upVoz; spf=pass (google.com: domain of linux-kernel+bounces-21697-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-21697-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id v22-20020ac85796000000b00429a3d1094esi3041584qta.126.2024.01.09.19.57.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Jan 2024 19:57:05 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-21697-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Di0upVoz; spf=pass (google.com: domain of linux-kernel+bounces-21697-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-21697-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id F35D81C2503C for ; Wed, 10 Jan 2024 03:57:04 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 18C1D4C69; Wed, 10 Jan 2024 03:57:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Di0upVoz" Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EA2BF2579 for ; Wed, 10 Jan 2024 03:56:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1704859017; x=1736395017; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=gdadnGNt0Fm1J3d13vTf9QC7afXDTIlf4F249pDwUqM=; b=Di0upVozpG/71gPCnlIUhjHGce0c16RUd2Mg3zMzr+Irykoh1MTkQc9P v907RnvJTZJHbZKYc6J/QMhC2Nf6p5OKP5NLUSyfmIA6P8gWArNkZWnHX 5eTxdtEO/YeEPkstFglEQ8IihExAYwmryhkUscVpc28OzTQR44sv8MXJ8 +tIcFD3FjFcQfoNlkZp8Hdy8hpXSVekGhmeYEeL1BDdnJnC2ITPT/q5CA jaJjN+BZxAM2nUsN0b2NhOnpvzzEy4by32NML/OgUFUJ9cLWM7Rd8YSKy kzHexDvVa0Yy9PTO7W2NQ2+CZYbnu0tPxFR2JdEo4qPiUwM9T1yJMDraZ Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10947"; a="388840831" X-IronPort-AV: E=Sophos;i="6.04,184,1695711600"; d="scan'208";a="388840831" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Jan 2024 19:56:57 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10947"; a="925493785" X-IronPort-AV: E=Sophos;i="6.04,184,1695711600"; d="scan'208";a="925493785" Received: from nitishde-mobl1.amr.corp.intel.com (HELO [10.209.101.57]) ([10.209.101.57]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Jan 2024 19:56:56 -0800 Message-ID: <6805ad1f-2c91-4a8d-98c9-5da337dd13f6@linux.intel.com> Date: Tue, 9 Jan 2024 19:56:56 -0800 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v1] virt: tdx-guest: Handle GetQuote request error code Content-Language: en-US To: "Kirill A . Shutemov" Cc: x86@kernel.org, Dave Hansen , Dan Williams , Xiaoyao Li , linux-kernel@vger.kernel.org, linux-coco@lists.linux.dev References: <20240109054604.2562620-1-sathyanarayanan.kuppuswamy@linux.intel.com> <20240109131740.nk54gdmri6gpwkta@box.shutemov.name> From: Kuppuswamy Sathyanarayanan In-Reply-To: <20240109131740.nk54gdmri6gpwkta@box.shutemov.name> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 1/9/2024 5:17 AM, Kirill A . Shutemov wrote: > On Tue, Jan 09, 2024 at 05:46:04AM +0000, Kuppuswamy Sathyanarayanan wrote: >> Currently when a user requests for the Quote generation, the Quote >> generation handler (tdx_report_new()) only checks whether the VMM >> successfully processes the Quote generation request (status != >> GET_QUOTE_IN_FLIGHT) and returns the output to the user without >> validating the status of the output data. Since VMM can return error >> even after processing the Quote request, returning success just after >> successful processing will create confusion to the user. Although for >> the failed request, output buffer length will be zero and can also be >> used by the user to identify the failure case, it will be more clear to >> return error for all failed cases. So validate the Quote output status >> and return error code for all failed cases. > > Could you split commit message into several paragraphs? It would be easier > to get along. > > It can be helpful to follow structure like: > > > > > > > How about the following version? During the TDX guest attestation process, TSM ConfigFS ABI is used by the user attestation agent to get the signed VM measurement data (a.k.a Quote), which can be used by a remote verifier to validate the trustworthiness of the guest. When a user requests for the Quote data via the ConfigFS ABI, the TDX Quote generation handler (tdx_report_new()) forwards the request to VMM (or QE) via a hypercall, and then shares the output with the user. Currently, when handling the Quote generation request, tdx_report_new() handler only checks whether the VMM successfully processed the request and if it is true it returns success and shares the output to the user without actually validating the output data. Since the VMM can return error even after processing the Quote request, always returning success for the processed requests is incorrect and will create confusion to the user. Although for the failed request, output buffer length will be zero and can also be used by the user to identify the failure case, it will be more clear to return error for all failed cases. So when handling the Quote generation request, validate the Quote data output status and return error code for all failed cases. -- Sathyanarayanan Kuppuswamy Linux Kernel Developer