On Tue, Mar 28, 2023 at 12:59 PM Dionna Amalie Glaze dionnaglaze@google.com wrote:
+Chong Cai
Adding a colleague per his request since he's not subscribed to the list yet.
On Mon, Mar 27, 2023 at 10:36 AM Erdem Aktas erdemaktas@google.com wrote:
On Sat, Mar 25, 2023 at 11:20 PM Kuppuswamy Sathyanarayanan sathyanarayanan.kuppuswamy@linux.intel.com wrote:
Hi All,
In TDX guest, the attestation process is used to verify the TDX guest trustworthiness to other entities before provisioning secrets to the guest.
The TDX guest attestation process consists of two steps:
- TDREPORT generation
- Quote generation.
The First step (TDREPORT generation) involves getting the TDX guest measurement data in the format of TDREPORT which is further used to validate the authenticity of the TDX guest. The second step involves sending the TDREPORT to a Quoting Enclave (QE) server to generate a remotely verifiable Quote. TDREPORT by design can only be verified on the local platform. To support remote verification of the TDREPORT, TDX leverages Intel SGX Quoting Enclave to verify the TDREPORT locally and convert it to a remotely verifiable Quote. Although attestation software can use communication methods like TCP/IP or vsock to send the TDREPORT to QE, not all platforms support these communication models. So TDX GHCI specification [1] defines a method for Quote generation via hypercalls. Please check the discussion from Google [2] and Alibaba [3] which clarifies the need for hypercall based
Thanks Sathyanarayanan for submitting patches again.
I just wanted to reiterate what I said before that having a clean TDVMCALL based interface to get TDX Quote without any virtio/vsock dependency is critical for us to support many use cases.
+1 to Erdem's point. A simple TDVMCALL interface could make it much easier for user cases that can not depend on virtio and vsock. Without the TDVMCALL, it will largely limit those user cases to adopt TDX. Thanks Sathyanarayanan for submitting this patch. -- -Dionna Glaze, PhD (she/her)