Re: Coconut-SVSM - vTPM support for Intel TD Partitioning
From: Dionna Amalie Glaze <hidden>
Date: 2024-08-03 01:54:48
More questions / comments 1.1 "Get TPM AK Cert (signed by EK)". This is something I thought for a long time too. That's not what the EK does. The EK does not sign anything. It's used for proving ownership of both EK and AK for ActivateCredential to get an AKcert from a trusted CA. What is your intended communication channel between SVSM and a CA for this credential activation? 2.2.2 item 6, migration needs to ensure that the vTPM state is not duplicated, which is a possible host attack by spinning up two targets and directing migration to both. This needs to be explicitly required for TPM security. 2.2.3 item 8 I don't think the community has fully agreed that MMIO should be the command pathway for SVSM-based vTPM due to performance problems. This appears to disallow an SVSM service call implementation as an enlightenment path. 2.4 the alternate entrypoint TD_PARAM is undocumented. Please add a footnote that this will be in a future revision to the TDX module reference. item 2.1 The launch parameter (TD_HOB) is currently measured to MRTD, so how is this data communicated to SVSM if it's meant to be measured to RTMR[0] (and be a useful measurement, presumably because it wasn't measured to MRTD?) 2.5.2 "TPM CRB interface attack" and "TPM command attack" could use citations for what you mean. On Fri, Aug 2, 2024 at 8:40 AM James Bottomley [off-list ref] wrote:
On Thu, 2024-08-01 at 22:38 +0000, Yao, Jiewen wrote:quoted
Hi As follow up, we have drafted the vTPM document and put to https://github.com/intel-staging/td-partitioning-svsm/blob/svsm-tdp-vtpm/Documentation/TD%20Partitioning%20based%20virtual%20TPM%20Design%20Guide%20Rev%200.5.1.pdf .Just a note for the vTPM reference implementation which, I think, applies to both you and the current SVSM-vTPM: the reference TPM implementation has moved to https://github.com/TrustedComputingGroup/TPM And the one you list (https://github.com/microsoft/ms-tpm-20-ref) is now a stale copy that isn't being kept up to date. Regards, James
-- -Dionna Glaze, PhD, CISSP, CCSP (she/her)