diff options
| author | Kuppuswamy Sathyanarayanan <[email protected]> | 2022-11-16 14:38:20 -0800 |
|---|---|---|
| committer | Dave Hansen <[email protected]> | 2022-11-17 11:04:28 -0800 |
| commit | 00e07cfbdf0b232f7553f0175f8f4e8d792f7e90 (patch) | |
| tree | 2a157f6a5b04e7824a9d7c7f85af08641d58d2a3 /scripts/generate_rust_analyzer.py | |
| parent | 6c8c1406a6d6a3f2e61ac590f5c0994231bc6be7 (diff) | |
selftests/tdx: Test TDX attestation GetReport support
Attestation is used to verify the trustworthiness of a TDX guest.
During the guest bring-up, the Intel TDX module measures and records
the initial contents and configuration of the guest, and at runtime,
guest software uses runtime measurement registers (RMTRs) to measure
and record details related to kernel image, command line params, ACPI
tables, initrd, etc. At guest runtime, the attestation process is used
to attest to these measurements.
The first step in the TDX attestation process is to get the TDREPORT
data. It is a fixed size data structure generated by the TDX module
which includes the above mentioned measurements data, a MAC ID to
protect the integrity of the TDREPORT, and a 64-Byte of user specified
data passed during TDREPORT request which can uniquely identify the
TDREPORT.
Intel's TDX guest driver exposes TDX_CMD_GET_REPORT0 IOCTL interface to
enable guest userspace to get the TDREPORT subtype 0.
Add a kernel self test module to test this ABI and verify the validity
of the generated TDREPORT.
Signed-off-by: Kuppuswamy Sathyanarayanan <[email protected]>
Signed-off-by: Dave Hansen <[email protected]>
Reviewed-by: Tony Luck <[email protected]>
Reviewed-by: Mika Westerberg <[email protected]>
Acked-by: Kai Huang <[email protected]>
Acked-by: Wander Lairson Costa <[email protected]>
Acked-by: Kirill A. Shutemov <[email protected]>
Link: https://lore.kernel.org/all/20221116223820.819090-4-sathyanarayanan.kuppuswamy%40linux.intel.com
Diffstat (limited to 'scripts/generate_rust_analyzer.py')
0 files changed, 0 insertions, 0 deletions