Re: [RFC PATCH 09/15] x86/virt/tdx: Add interface to generate a Quote

Next message: Andrew Murray: "Re: [PATCH RFC 1/4] printk: remove BOOT_PRINTK_DELAY config option"
Previous message: Will Deacon: "Re: [PATCH v2] arm64: tlbflush: Don't broadcast if mm was only active on local cpu"
In reply to: Adrian Hunter: "Re: [RFC PATCH 09/15] x86/virt/tdx: Add interface to generate a Quote"
Next in thread: Peter Fang: "Re: [RFC PATCH 09/15] x86/virt/tdx: Add interface to generate a Quote"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Peter Fang

Date: Sun Jun 14 2026 - 07:36:50 EST

On Thu, Jun 11, 2026 at 08:15:50PM +0300, Adrian Hunter wrote:
> On 22/05/2026 06:41, Xu Yilun wrote:
> > From: Peter Fang <peter.fang@xxxxxxxxx>
> >
> > Use the TDX Quoting extension's TDH.QUOTE.GET SEAMCALL to generate a
> > Quote. Since the interface is shared across all KVM instances,
> > serialize access to the SEAMCALL buffer with a mutex.
>
> Isn't the concurrency configurable, so supporting only 1 instance
> is a decision of the software implementation, not a TDX limitation?

Ah yes, I should document that. I'll put that in the patch log.

>
> > +static u64 tdx_quote_get(struct tdx_td *td, u64 in_data_pa, u64 in_data_len,
> > + u64 hpa_list_pa, u64 total_len, u64 *quote_len)
> > +{
> > + struct tdx_module_args args = {
> > + .rcx = tdx_tdr_pa(td),
> > + /* Don't bother specifying the quote id */
>
> Need to explain why

Will do. It's because we use whatever the default Quote ID is.

>
> ...
>
> > + r = tdx_quote_get(td, quote_data.hpa_list[0], (u64)in_data_len,
> > + quote_data.hpa_list_pa, quote_data.buf_len, &out_len);
> > + if (r || !out_len || out_len > quote_data.buf_len)
>
> Is r != TDX_SUCCESS more consistent

Yep I can fix that. Thanks.

>