Re: [PATCH v13 2/3] selftests: tdx: Test TDX attestation GetReport support

From: Huang, Kai
Date: Mon Sep 12 2022 - 18:55:07 EST

Next message: Huang, Kai: "Re: [PATCH v13 2/3] selftests: tdx: Test TDX attestation GetReport support"
Previous message: Jacob Pan: "Re: [PATCHv8 00/11] Linear Address Masking enabling"
In reply to: Sathyanarayanan Kuppuswamy: "Re: [PATCH v13 2/3] selftests: tdx: Test TDX attestation GetReport support"
Next in thread: Huang, Kai: "Re: [PATCH v13 2/3] selftests: tdx: Test TDX attestation GetReport support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2022-09-12 at 15:06 -0700, Sathyanarayanan Kuppuswamy wrote:
> Hi Kai,
>
> On 9/12/22 12:17 AM, Huang, Kai wrote:
> > On Fri, 2022-09-09 at 12:27 -0700, Kuppuswamy Sathyanarayanan wrote:
> > > Attestation is used to verify the trustworthiness of a TDX guest.
> > > During the guest bring-up, Intel TDX module measures and records
> > > the initial contents and configuration of the guest, and at runtime,
> > > guest software uses runtime measurement registers (RMTRs) to measure
> > > and record details related to kernel image, command line params, ACPI
> > > tables, initrd, etc. At TDX guest runtime, Intel SGX attestation
> > > infrastructure is re-used to attest to these measurement data.
> >
> > Similar the comment to patch 3, I don't particularly like "to attest" part as
> > only the verification service can truly _attest_ somthing (I suppose the "SGX
> > infrastructure" here you mean SGX QE to generate the Quote).
> >
> > I think you can just say something like "TDX leverages SGX Quote mechanism to
> > support remote attestation of TDX guests". And you can combine this with below
> > paragraph.
>
> The part about leveraging the SGX infrastructure is not very important. We can
> even drop it. But I want to add some details about what we do with this measurement
> data. In the first paragraph, we have started with collection of measurements data.
> If we directly jump to attestation process without explaining the need for collecting
> measurements, it will be a bit confusing.
>
> How about following version?
>
> Attestation is used to verify the trustworthiness of a TDX guest.
>
> During the guest bring-up, Intel TDX module measures and records
>
> the initial contents and configuration of the guest, and at runtime,
>
> guest software uses runtime measurement registers (RMTRs) to measure
>
> and record details related to kernel image, command line params, ACPI
>
> tables, initrd, etc. At guest runtime, the attestation process is used
> to
> attest to these measurements.

Yeah fine to me.

Next message: Huang, Kai: "Re: [PATCH v13 2/3] selftests: tdx: Test TDX attestation GetReport support"
Previous message: Jacob Pan: "Re: [PATCHv8 00/11] Linear Address Masking enabling"
In reply to: Sathyanarayanan Kuppuswamy: "Re: [PATCH v13 2/3] selftests: tdx: Test TDX attestation GetReport support"
Next in thread: Huang, Kai: "Re: [PATCH v13 2/3] selftests: tdx: Test TDX attestation GetReport support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]