Received: by 2002:a05:7412:e794:b0:fa:551:50a7 with SMTP id o20csp1396501rdd; Wed, 10 Jan 2024 19:34:13 -0800 (PST) X-Google-Smtp-Source: AGHT+IFV7JUsPgQ0aQS9eG0HIMzH1IaR+qyhwwOKC+bFHR3RXrtj/rJ+3+f1C/suah5323VlGXyQ X-Received: by 2002:a7b:ce19:0:b0:40e:4997:b1fe with SMTP id m25-20020a7bce19000000b0040e4997b1femr10221wmc.55.1704944053162; Wed, 10 Jan 2024 19:34:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704944053; cv=none; d=google.com; s=arc-20160816; b=tzJgIXkKb4sD4UX8ooCGVzOznkkyOm12LZ5ars5LBHYPG9FYgvDMqgzniYzsvRQmHH Q4VwtjPlvonm/i/B2E1DyRiY0CZpzqEUc+E3R1szBHMk03V9X7Jg5RfEZx5CKV5yInFz VhC6VqKrr9SB49uPh12hlpypPQz04P3CWGkJU/C/MbG5hIVb+o/X2H4fuyYsg+K+MJNo f2G+nFY149R4P1g9/b08dG0iflhoMC5mCWGeR/RVjx8AU46FmURuTYqbH7qtlIR6MDLA F7qB2f2vkhiIDpMMd0/8OVAzE46RO6V+46XU4dQeQacubm3N93GjPtgg8iS9UeU7aZaZ 7vAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=AWGinkTMgdiwlqTZo4GAegM0v59tnAxTUdwsZVdKfIs=; fh=fHyqRWIV6DRZtyE6+pV3T+XZVT4is8eNsNQ8QFYiMIE=; b=O57/WY2A5eXfTccnFuNbQviiXX/w1MB9t3uy1TGfXz+eOA5qfp+7DSheNm53AqxwtC EWgoN1CEcoxBeY+nKW292NN9f32PczF+l2uBAgXXytB6AfKIkhuekAD6JbdVhXoAdj77 PwEBzTC5CTHOh3uNdRbiliPPc5VlF0olVbiBm9yhhJVdkz4DGhhuVVWUUhpw9BqJM5z3 xF6M/CKGWl/GMBKZcC6yX1qZO+89P0iucTvG8EwR86sToGdJLqhK1Cm3ccgYhyBmuRrU pNAwEc2j++bd4r2yZTMq9cr5Ux6mEaU4THawlgYp6J7uhS8OwpZQCWerhuYULdODBoH7 p19g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="iI008k/x"; spf=pass (google.com: domain of linux-kernel+bounces-23033-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-23033-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id i14-20020a1709061cce00b00a26db9496d5si83561ejh.545.2024.01.10.19.34.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Jan 2024 19:34:13 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-23033-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="iI008k/x"; spf=pass (google.com: domain of linux-kernel+bounces-23033-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-23033-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id E7EDB1F22591 for ; Thu, 11 Jan 2024 03:34:12 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 10AC510E1; Thu, 11 Jan 2024 03:34:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="iI008k/x" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7C653EBC for ; Thu, 11 Jan 2024 03:34:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1704944043; x=1736480043; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=HL60IJCbg51uCA/Ke8LM4u0ojnLTkmcbUqIywmQAX3Q=; b=iI008k/xNny23jcOq5NqlOJ0Bsvgv4Q0lz/+nrVM1DtMBntbUrXDxUPV eMFTl8Xdq3lE4w8ANtPjYTEyWL56ZET1tLVqLeaRCz9fcPzMyhohAgECr dvL7Ko9WLnitaJ5AhwOLQiOp1lvmYrDzsYaDlaiZnF6/zCp9cxWqaaIVA hdQSkr4jaWCO8FKbk7DaIvUSyzltl3i/wJSOohW6nF33lvdfDp7Djf8SW 3/3Ba0MOvrGB0PL+PaQ2nTwz+5GyZJ+9ilrpEGnI64QHdE07cbO/23MW7 sTg5FFBl31dctrsa3VAYEnBrteJhDjScSV6EuXvD0Pj7JmHVcsxUTW/eb w==; X-IronPort-AV: E=McAfee;i="6600,9927,10949"; a="20209902" X-IronPort-AV: E=Sophos;i="6.04,185,1695711600"; d="scan'208";a="20209902" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmvoesa101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jan 2024 19:34:03 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10949"; a="905794898" X-IronPort-AV: E=Sophos;i="6.04,185,1695711600"; d="scan'208";a="905794898" Received: from skuppusw-desk2.jf.intel.com ([10.165.154.101]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jan 2024 19:34:02 -0800 From: Kuppuswamy Sathyanarayanan To: "Kirill A . Shutemov" , x86@kernel.org Cc: Dave Hansen , Dan Williams , Xiaoyao Li , linux-kernel@vger.kernel.org, linux-coco@lists.linux.dev Subject: [PATCH v2] virt: tdx-guest: Handle GetQuote request error code Date: Thu, 11 Jan 2024 03:32:45 +0000 Message-Id: <20240111033245.2632484-1-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.25.1 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit During the TDX guest attestation process, TSM ConfigFS ABI is used by the user attestation agent to get the signed VM measurement data (a.k.a Quote), which can be used by a remote verifier to validate the trustworthiness of the guest. When a user requests for the Quote data via the ConfigFS ABI, the TDX Quote generation handler (tdx_report_new()) forwards the request to VMM (or QE) via a hypercall, and then shares the output with the user. Currently, when handling the Quote generation request, tdx_report_new() handler only checks whether the VMM successfully processed the request and if it is true it returns success and shares the output to the user without actually validating the output data. Since the VMM can return error even after processing the Quote request, always returning success for the processed requests is incorrect and will create confusion to the user. Although for the failed request, output buffer length will be zero and can also be used by the user to identify the failure case, it will be more clear to return error for all failed cases. Validate the Quote data output status and return error code for all failed cases. Fixes: f4738f56d1dc ("virt: tdx-guest: Add Quote generation support using TSM_REPORTS") Reported-by: Xiaoyao Li Closes: https://lore.kernel.org/linux-coco/6bdf569c-684a-4459-af7c-4430691804eb@linux.intel.com/T/#u Signed-off-by: Kuppuswamy Sathyanarayanan --- Changes since v1: * Updated the commit log (Kirill) drivers/virt/coco/tdx-guest/tdx-guest.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/virt/coco/tdx-guest/tdx-guest.c b/drivers/virt/coco/tdx-guest/tdx-guest.c index 1253bf76b570..61368318fa39 100644 --- a/drivers/virt/coco/tdx-guest/tdx-guest.c +++ b/drivers/virt/coco/tdx-guest/tdx-guest.c @@ -228,6 +228,12 @@ static int tdx_report_new(struct tsm_report *report, void *data) goto done; } + if (quote_buf->status != GET_QUOTE_SUCCESS) { + pr_err("GetQuote request failed, ret %llx\n", quote_buf->status); + ret = -EIO; + goto done; + } + buf = kvmemdup(quote_buf->data, quote_buf->out_len, GFP_KERNEL); if (!buf) { ret = -ENOMEM; -- 2.25.1