Linux 6.7-rc7

[linux-modified.git] / Documentation / ABI / testing / configfs-tsm

What:           /sys/kernel/config/tsm/report/$name/inblob
Date:           September, 2023
KernelVersion:  v6.7
Contact:        linux-coco@lists.linux.dev
Description:
                (WO) Up to 64 bytes of user specified binary data. For replay
                protection this should include a nonce, but the kernel does not
                place any restrictions on the content.

What:           /sys/kernel/config/tsm/report/$name/outblob
Date:           September, 2023
KernelVersion:  v6.7
Contact:        linux-coco@lists.linux.dev
Description:
                (RO) Binary attestation report generated from @inblob and other
                options The format of the report is implementation specific
                where the implementation is conveyed via the @provider
                attribute.

What:           /sys/kernel/config/tsm/report/$name/auxblob
Date:           October, 2023
KernelVersion:  v6.7
Contact:        linux-coco@lists.linux.dev
Description:
                (RO) Optional supplemental data that a TSM may emit, visibility
                of this attribute depends on TSM, and may be empty if no
                auxiliary data is available.

                When @provider is "sev_guest" this file contains the
                "cert_table" from SEV-ES Guest-Hypervisor Communication Block
                Standardization v2.03 Section 4.1.8.1 MSG_REPORT_REQ.
                https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf

What:           /sys/kernel/config/tsm/report/$name/provider
Date:           September, 2023
KernelVersion:  v6.7
Contact:        linux-coco@lists.linux.dev
Description:
                (RO) A name for the format-specification of @outblob like
                "sev_guest" [1] or "tdx_guest" [2] in the near term, or a
                common standard format in the future.

                [1]: SEV Secure Nested Paging Firmware ABI Specification
                Revision 1.55 Table 22
                https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56860.pdf

                [2]: Intel® Trust Domain Extensions Data Center Attestation
                Primitives : Quote Generation Library and Quote Verification
                Library Revision 0.8 Appendix 4,5
                https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf

What:           /sys/kernel/config/tsm/report/$name/generation
Date:           September, 2023
KernelVersion:  v6.7
Contact:        linux-coco@lists.linux.dev
Description:
                (RO) The value in this attribute increments each time @inblob or
                any option is written. Userspace can detect conflicts by
                checking generation before writing to any attribute and making
                sure the number of writes matches expectations after reading
                @outblob, or it can prevent conflicts by creating a report
                instance per requesting context.

What:           /sys/kernel/config/tsm/report/$name/privlevel
Date:           September, 2023
KernelVersion:  v6.7
Contact:        linux-coco@lists.linux.dev
Description:
                (WO) Attribute is visible if a TSM implementation provider
                supports the concept of attestation reports for TVMs running at
                different privilege levels, like SEV-SNP "VMPL", specify the
                privilege level via this attribute.  The minimum acceptable
                value is conveyed via @privlevel_floor and the maximum
                acceptable value is TSM_PRIVLEVEL_MAX (3).

What:           /sys/kernel/config/tsm/report/$name/privlevel_floor
Date:           September, 2023
KernelVersion:  v6.7
Contact:        linux-coco@lists.linux.dev
Description:
                (RO) Indicates the minimum permissible value that can be written
                to @privlevel.