From patchwork Tue Mar  7 10:35:07 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Andrea Righi <andrea.righi@canonical.com>
X-Patchwork-Id: 1753050
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com
 (client-ip=91.189.94.19; helo=huckleberry.canonical.com;
 envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=<UNKNOWN>)
Authentication-Results: legolas.ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=canonical.com header.i=@canonical.com
 header.a=rsa-sha256 header.s=20210705 header.b=fYf1B8om;
	dkim-atps=neutral
Received: from huckleberry.canonical.com (huckleberry.canonical.com
 [91.189.94.19])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWBft1vWNz246m
	for <incoming@patchwork.ozlabs.org>; Tue,  7 Mar 2023 21:35:32 +1100 (AEDT)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1pZUfB-0005tu-Ab; Tue, 07 Mar 2023 10:35:21 +0000
Received: from smtp-relay-internal-1.internal ([10.131.114.114]
 helo=smtp-relay-internal-1.canonical.com)
 by huckleberry.canonical.com with esmtps
 (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2)
 (envelope-from <andrea.righi@canonical.com>) id 1pZUf9-0005tf-Fl
 for kernel-team@lists.ubuntu.com; Tue, 07 Mar 2023 10:35:19 +0000
Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com
 [209.85.208.71])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 0B17E3F469
 for <kernel-team@lists.ubuntu.com>; Tue,  7 Mar 2023 10:35:19 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com;
 s=20210705; t=1678185319;
 bh=F3peGXa188DrAr8Cj3tN4mtwpsqSLvVOKkuZz4+FxwQ=;
 h=From:To:Subject:Date:Message-Id:MIME-Version;
 b=fYf1B8om2bkp0uD+FbKcR+NzYJC0GqimQafmS6dsHnK/RDkRy9WvHkQI+Nt6hMfTm
 r/iKWK8L2biF1sGNgiCBwxl4VP596OZnMarSezxnyApO9UVlA4ESjXvC4sNgJZn4pF
 k3kcDxqv/At8HUEK9ulUFRzvm//q7i4ExJvODbi5lCnutqOcuxlfxIY3rMhcmWPKY+
 sBS/Jwxp1AumW6s7Okz/HierLe4JU3P2oS1qhL42MZM4qYILtPyts3oy6MWcPOAJFb
 7wS8422domtE92QpGcsoJ0aQGnMUpnugArQ66/gezC96zPrbelmRbt+0RU75hFxUEm
 j8s7urffmqPaw==
Received: by mail-ed1-f71.google.com with SMTP id
 b7-20020a056402350700b004d2a3d5cd3fso13024554edd.8
 for <kernel-team@lists.ubuntu.com>; Tue, 07 Mar 2023 02:35:19 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112; t=1678185318;
 h=content-transfer-encoding:mime-version:message-id:date:subject:to
 :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=F3peGXa188DrAr8Cj3tN4mtwpsqSLvVOKkuZz4+FxwQ=;
 b=SpRMHV+j/i3xFuuFXFMDtpqOQKUA/+YeFcv57aJMDK2b/PYBoKo8W8PCPj+vdxA5Xk
 FbIgBEw9c14Q+lTHryZm/L1SQlCHxmpyerLhmlamAmPCSRccxEs/Qlsv6612fFkNrCMC
 ii0vaVotb4kmzLZY0chFW92FimMUF/cp7/n2NqYU1AsWOX8JONbgMbP99sIYOyGdBtfn
 FwbPbTvWRyVDvOWlDkXgqcJi9AuzUkAeZpKNpEjBu2IKcbIbutYowp4gaSlndrGulXQc
 TQajcu6sMB6CHaQ4xESUxETuZR0rQzWnKveSt8jFo8zHHuS+ISXa2gg5yaB8VePDTjLm
 DKjw==
X-Gm-Message-State: AO0yUKUxXu/cpfSy/L9ob/flcX42EMhXEWHvDNvpWsSUvBCfLY4b3c+X
 ZinimATiU51Wnz6hBWO+8WnBMtcHeUkVGWXA/talysoWeWN6mj3qyOx6he7PM6woEcEC09T4JL1
 l1tv06F2q1yAD4C8lMkDiEtcDWoemP28XHsp8JoovUrs8M4S5tw==
X-Received: by 2002:a17:906:3a48:b0:8b1:2f0e:e3a4 with SMTP id
 a8-20020a1709063a4800b008b12f0ee3a4mr12456828ejf.26.1678185318756;
 Tue, 07 Mar 2023 02:35:18 -0800 (PST)
X-Google-Smtp-Source: 
 AK7set9HF4V0Y/bruKsb1zuCjZjwVZxoLX8sjMuh9IyBGz4jDwL3FK7elmWkIxKHCFzrqC/jkMaxxg==
X-Received: by 2002:a17:906:3a48:b0:8b1:2f0e:e3a4 with SMTP id
 a8-20020a1709063a4800b008b12f0ee3a4mr12456815ejf.26.1678185318426;
 Tue, 07 Mar 2023 02:35:18 -0800 (PST)
Received: from righiandr-XPS-13-7390.homenet.telecomitalia.it
 (host-79-53-23-214.retail.telecomitalia.it. [79.53.23.214])
 by smtp.gmail.com with ESMTPSA id
 q8-20020a170906940800b008eb89a435c9sm5831395ejx.164.2023.03.07.02.35.17
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 07 Mar 2023 02:35:18 -0800 (PST)
From: Andrea Righi <andrea.righi@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][K][PATCH v2 0/6] new TDX attestation driver from Intel
Date: Tue,  7 Mar 2023 11:35:07 +0100
Message-Id: <20230307103513.206358-1-andrea.righi@canonical.com>
X-Mailer: git-send-email 2.39.2
MIME-Version: 1.0
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

BugLink: https://bugs.launchpad.net/bugs/2009437

[Impact]

TDX guest attestation has been merged as SAUCE patches in the kinetic
kernel with the following commits:

https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?h=master-next&id=285d6d8136ebadcee7fd6452b9e4223996a2a0af
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?h=master-next&id=0b78a71c7d7630ab7c3c8a03cbe4f78f1361fb45

However, Intel released a new TDX attestation driver that will be
submitted upstream. We should align with the new version that will
likely end upstream.

See also LP: #1971027

[Test case]

Testing this feature requires a special hardware in the host, special
firmware and special configuration of a guest.

Right now it can only be tested by Intel.

[Fix]

Apply the new driver provided by Intel in LP: #1971027.

[Regression potential]

The new driver can potentially break user-space applications that are
relying on the TDX attestation feature. This is because of this struct
(used in the user-space/kernel communication, via ioctl):

+ * Used in TDX_CMD_GET_REPORT IOCTL request.
+ */
+struct tdx_report_req {
+ __u8 subtype;
+ __u64 reportdata;
+ __u32 rpd_len;
+ __u64 tdreport;
+ __u32 tdr_len;
+};

The new patch changed the struct as following:

+struct tdx_report_req {
+ __u8 reportdata[TDX_REPORTDATA_LEN];
+ __u8 tdreport[TDX_REPORT_LEN];
+};

In general we should never apply changes that are breaking user-space
like this (especially for non-devel kernels), but realistically we can
probably say that nobody is using this feature yet, so nobody has any
user-space program that is relying on the old struct (and if they do,
they're probably in touch with Intel, so they're aware of this change).

In conclusion, this change should be considered pretty safe, despite the
potential user-space brekage.

ChangeLog v1 -> v2:
 - add proper cherry picked / backported lines for upstream commits

----------------------------------------------------------------
Andrea Righi (3):
      Revert "UBUNTU: SAUCE: selftests: tdx: Test GetReport TDX attestation feature"
      Revert "UBUNTU: SAUCE: x86/tdx: Add TDX Guest attestation interface driver"
      UBUNTU: [Config] enable TDX attestation driver as module by default

Kuppuswamy Sathyanarayanan (3):
      x86/tdx: Add a wrapper to get TDREPORT0 from the TDX Module
      virt: Add TDX guest driver
      selftests/tdx: Test TDX attestation GetReport support

 Documentation/virt/coco/tdx-guest.rst         |  52 ++++++++
 Documentation/virt/index.rst                  |   1 +
 Documentation/x86/tdx.rst                     |  43 +++++++
 arch/x86/coco/tdx/tdx.c                       | 151 ++++++------------------
 arch/x86/include/asm/tdx.h                    |   2 +
 arch/x86/include/uapi/asm/tdx.h               |  51 --------
 debian.master/config/annotations              |   3 +
 debian.master/config/config.common.ubuntu     |   1 +
 drivers/virt/Kconfig                          |   2 +
 drivers/virt/Makefile                         |   1 +
 drivers/virt/coco/tdx-guest/Kconfig           |  10 ++
 drivers/virt/coco/tdx-guest/Makefile          |   2 +
 drivers/virt/coco/tdx-guest/tdx-guest.c       | 102 ++++++++++++++++
 include/uapi/linux/tdx-guest.h                |  42 +++++++
 tools/arch/x86/include/uapi/asm/tdx.h         |  51 --------
 tools/testing/selftests/tdx/Makefile          |   8 +-
 tools/testing/selftests/tdx/config            |   2 +-
 tools/testing/selftests/tdx/tdx_attest_test.c | 156 ------------------------
 tools/testing/selftests/tdx/tdx_guest_test.c  | 163 ++++++++++++++++++++++++++
 19 files changed, 464 insertions(+), 379 deletions(-)
 create mode 100644 Documentation/virt/coco/tdx-guest.rst
 delete mode 100644 arch/x86/include/uapi/asm/tdx.h
 create mode 100644 drivers/virt/coco/tdx-guest/Kconfig
 create mode 100644 drivers/virt/coco/tdx-guest/Makefile
 create mode 100644 drivers/virt/coco/tdx-guest/tdx-guest.c
 create mode 100644 include/uapi/linux/tdx-guest.h
 delete mode 100644 tools/arch/x86/include/uapi/asm/tdx.h
 delete mode 100644 tools/testing/selftests/tdx/tdx_attest_test.c
 create mode 100644 tools/testing/selftests/tdx/tdx_guest_test.c
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Khalid Elmously <khalid.elmously@canonical.com>