On Wed, Jun 28, 2023 at 02:16:45AM +0000, Huang, Kai wrote:
quoted
You really shouldn't be putting attestation validation logic in the
kernel.
Agreed. The data blob for remote verification should be just some data blob to
the kernel. I think the kernel shouldn't even try to understand the data blob
is for which architecture. From the kernel's perspective, it should be just
some data blob that the kernel gets from hardware/firmware or whatever embedded
in the root-of-trust in the hardware after taking some input from usrspace for
the unique identity of the blob that can be used to, e.g., mitigate replay-
attack, etc.
Great, then use the common "data blob" api that we have in the kernel
for a very long time now, the "firwmare download" api, or the sysfs
binary file api. Both of them just use the kernel as a pass-through and
do not touch the data at all. No need for crazy custom ioctls and all
that mess :)
thanks,
greg k-h