Re: [PATCH v5] virt: tdx-guest: Handle GetQuote request error code

From: Dave Hansen
Date: Tue Dec 02 2025 - 17:46:19 EST

Next message: Ahmet Eray Karadag: "[PATCH v6] ocfs2: Invalidate inode if i_mode is zero after block read"
Previous message: Balbir Singh: "Re: [PATCH] arch/x86: memory_hotplug, do not bump up max_pfn for device private pages"
In reply to: Kuppuswamy Sathyanarayanan: "[PATCH v5] virt: tdx-guest: Handle GetQuote request error code"
Next in thread: Kuppuswamy Sathyanarayanan: "Re: [PATCH v5] virt: tdx-guest: Handle GetQuote request error code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/2/25 14:22, Kuppuswamy Sathyanarayanan wrote:
> The tdx-guest driver sends Quote requests to the quoting enclave via a
> hypercall to obtain attestation evidence for the current TD state.
> Quote generation can fail in two ways: a hypercall failure, or a Quote
> failure that occurs after the VMM processes the request. The driver
> currently handles only hypercall failures and timeout errors during
> Quote processing. Update it to also handle other Quote failures
> reported by the VMM (for more details, refer to GHCI spec, v1.5,
> March 2023, sec titled "TDG.VP.VMCALL<GetQuote>).

I think you're talking about the "GetQuote Status Code" here, right?
That would have been nice to mention. It wasn't exactly trivial to find
because instead of saying what the format of a TDREPORT_STRUCT is, the
docs just call it "format of shared GPA".

> This change does not break the existing ABI behavior. When a Quote
> failure occurs, the VMM sets the Quote length to zero. Userspace
> already interprets a zero-length Quote as a Quote generation failure.
> Returning an explicit error in such cases makes the behavior more
> consistent and simplifies error handling in userspace.
I'm also not seeing a clear problem statement here. What is the end user
visible effect of this "fix"? Why *should* the kernel be parsing this
buffer? Why not not just leave the error handling to userspace?

> Fixes: f4738f56d1dc ("virt: tdx-guest: Add Quote generation support using TSM_REPORTS")
> Reported-by: Xiaoyao Li <xiaoyao.li@xxxxxxxxx>
> Closes: https://lore.kernel.org/linux-coco/6bdf569c-684a-4459-af7c-4430691804eb@xxxxxxxxxxxxxxx/T/#u
> Closes: https://github.com/confidential-containers/guest-components/issues/823
> Reviewed-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>
> Reviewed-by: Xiaoyao Li <xiaoyao.li@xxxxxxxxx>
> Acked-by: Kai Huang <kai.huang@xxxxxxxxx>
> Reviewed-by: Dan Williams <dan.j.williams@xxxxxxxxx>
> Tested-by: Mikko Ylinen <mikko.ylinen@xxxxxxxxxxxxxxx>
> Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx>

Please take a look at:

https://docs.kernel.org/process/maintainer-tip.html#ordering-of-commit-tags

Next message: Ahmet Eray Karadag: "[PATCH v6] ocfs2: Invalidate inode if i_mode is zero after block read"
Previous message: Balbir Singh: "Re: [PATCH] arch/x86: memory_hotplug, do not bump up max_pfn for device private pages"
In reply to: Kuppuswamy Sathyanarayanan: "[PATCH v5] virt: tdx-guest: Handle GetQuote request error code"
Next in thread: Kuppuswamy Sathyanarayanan: "Re: [PATCH v5] virt: tdx-guest: Handle GetQuote request error code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]