1 What: /sys/kernel/config/tsm/report/$name/inblob 2 Date: September, 2023 3 KernelVersion: v6.7 4 Contact: linux-coco@lists.linux.dev 5 Description: 6 (WO) Up to 64 bytes of user specified binary data. For replay 7 protection this should include a nonce, but the kernel does not 8 place any restrictions on the content. 9 10 What: /sys/kernel/config/tsm/report/$name/outblob 11 Date: September, 2023 12 KernelVersion: v6.7 13 Contact: linux-coco@lists.linux.dev 14 Description: 15 (RO) Binary attestation report generated from @inblob and other 16 options The format of the report is implementation specific 17 where the implementation is conveyed via the @provider 18 attribute. 19 20 What: /sys/kernel/config/tsm/report/$name/auxblob 21 Date: October, 2023 22 KernelVersion: v6.7 23 Contact: linux-coco@lists.linux.dev 24 Description: 25 (RO) Optional supplemental data that a TSM may emit, visibility 26 of this attribute depends on TSM, and may be empty if no 27 auxiliary data is available. 28 29 When @provider is "sev_guest" this file contains the 30 "cert_table" from SEV-ES Guest-Hypervisor Communication Block 31 Standardization v2.03 Section 4.1.8.1 MSG_REPORT_REQ. 32 https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf 33 34 What: /sys/kernel/config/tsm/report/$name/manifestblob 35 Date: January, 2024 36 KernelVersion: v6.10 37 Contact: linux-coco@lists.linux.dev 38 Description: 39 (RO) Optional supplemental data that a TSM may emit, visibility 40 of this attribute depends on TSM, and may be empty if no 41 manifest data is available. 42 43 See 'service_provider' for information on the format of the 44 manifest blob. 45 46 What: /sys/kernel/config/tsm/report/$name/provider 47 Date: September, 2023 48 KernelVersion: v6.7 49 Contact: linux-coco@lists.linux.dev 50 Description: 51 (RO) A name for the format-specification of @outblob like 52 "sev_guest" [1] or "tdx_guest" [2] in the near term, or a 53 common standard format in the future. 54 55 [1]: SEV Secure Nested Paging Firmware ABI Specification 56 Revision 1.55 Table 22 57 https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56860.pdf 58 59 [2]: IntelĀ® Trust Domain Extensions Data Center Attestation 60 Primitives : Quote Generation Library and Quote Verification 61 Library Revision 0.8 Appendix 4,5 62 https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf 63 64 What: /sys/kernel/config/tsm/report/$name/generation 65 Date: September, 2023 66 KernelVersion: v6.7 67 Contact: linux-coco@lists.linux.dev 68 Description: 69 (RO) The value in this attribute increments each time @inblob or 70 any option is written. Userspace can detect conflicts by 71 checking generation before writing to any attribute and making 72 sure the number of writes matches expectations after reading 73 @outblob, or it can prevent conflicts by creating a report 74 instance per requesting context. 75 76 What: /sys/kernel/config/tsm/report/$name/privlevel 77 Date: September, 2023 78 KernelVersion: v6.7 79 Contact: linux-coco@lists.linux.dev 80 Description: 81 (WO) Attribute is visible if a TSM implementation provider 82 supports the concept of attestation reports for TVMs running at 83 different privilege levels, like SEV-SNP "VMPL", specify the 84 privilege level via this attribute. The minimum acceptable 85 value is conveyed via @privlevel_floor and the maximum 86 acceptable value is TSM_PRIVLEVEL_MAX (3). 87 88 What: /sys/kernel/config/tsm/report/$name/privlevel_floor 89 Date: September, 2023 90 KernelVersion: v6.7 91 Contact: linux-coco@lists.linux.dev 92 Description: 93 (RO) Indicates the minimum permissible value that can be written 94 to @privlevel. 95 96 What: /sys/kernel/config/tsm/report/$name/service_provider 97 Date: January, 2024 98 KernelVersion: v6.10 99 Contact: linux-coco@lists.linux.dev 100 Description: 101 (WO) Attribute is visible if a TSM implementation provider 102 supports the concept of attestation reports from a service 103 provider for TVMs, like SEV-SNP running under an SVSM. 104 Specifying the service provider via this attribute will create 105 an attestation report as specified by the service provider. 106 The only currently supported service provider is "svsm". 107 108 For the "svsm" service provider, see the Secure VM Service Module 109 for SEV-SNP Guests v1.00 Section 7. For the doc, search for 110 "site:amd.com "Secure VM Service Module for SEV-SNP 111 Guests", docID: 58019" 112 113 What: /sys/kernel/config/tsm/report/$name/service_guid 114 Date: January, 2024 115 KernelVersion: v6.10 116 Contact: linux-coco@lists.linux.dev 117 Description: 118 (WO) Attribute is visible if a TSM implementation provider 119 supports the concept of attestation reports from a service 120 provider for TVMs, like SEV-SNP running under an SVSM. 121 Specifying an empty/null GUID (00000000-0000-0000-0000-000000) 122 requests all active services within the service provider be 123 part of the attestation report. Specifying a GUID request 124 an attestation report of just the specified service using the 125 manifest form specified by the service_manifest_version 126 attribute. 127 128 See 'service_provider' for information on the format of the 129 service guid. 130 131 What: /sys/kernel/config/tsm/report/$name/service_manifest_version 132 Date: January, 2024 133 KernelVersion: v6.10 134 Contact: linux-coco@lists.linux.dev 135 Description: 136 (WO) Attribute is visible if a TSM implementation provider 137 supports the concept of attestation reports from a service 138 provider for TVMs, like SEV-SNP running under an SVSM. 139 Indicates the service manifest version requested for the 140 attestation report (default 0). If this field is not set by 141 the user, the default manifest version of the service (the 142 service's initial/first manifest version) is returned. 143 144 See 'service_provider' for information on the format of the 145 service manifest version.
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.