Re: [PATCH kernel 2/9] pci/tsm: Add tsm_tdi_status

Next message: Tal Zussman: "[PATCH v2 0/4] mm: Remove stray references to pagevec"
Previous message: Dave Airlie: "Re: [PATCH v2 0/3] dma-buf: heaps: cma: enable dmem cgroup accounting"
In reply to: dan.j.williams: "Re: [PATCH kernel 2/9] pci/tsm: Add tsm_tdi_status"
Next in thread: Alexey Kardashevskiy: "[PATCH kernel 1/9] pci/tsm: Add TDISP report blob and helpers to parse it"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alexey Kardashevskiy

Date: Wed Feb 25 2026 - 18:44:09 EST

On 25/2/26 17:33, dan.j.williams@xxxxxxxxx wrote:

Alexey Kardashevskiy wrote:

Define a structure with all info about a TDI such as TDISP status,
bind state, used START_INTERFACE options and the report digest.

This will be extended and shared to the userspace.

Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxx>
---

Make it uapi? We might want a sysfs node per a field so probably not.
For now its only user is AMD SEV TIO with a plan to expose this struct
as a whole via sysfs.

Say more about what this uapi when sysfs already has lock+accept
indications?

Or are you just talking about exporting the TDISP report as a binary
blob?

I mean that between lock and accept the guest userspace wants to read certs/measurements/report to do the attestation. And it will want to know these blobs digests. And probably the TDI state. Although successful write to lock() is an indication of CONFIG_LOCKED, and accept == RUN.

We do not do real attestation in phase2 but the report is required anyway to enable private MMIO so I started shuffling with this structure.

I think the kernel probably wants a generic abstraction for asserting
that the tsm layer believes the report remains valid between fetch and
run. In other words I am not sure arch features like intf_report_counter
ever show up anywhere in uapi outside of debugfs.

True, this is a shorter (not shorter enough :) ) version of SEV-TIO's TDI_INFO. Thanks,

--
Alexey