1What: /sys/kernel/config/tsm/report/$name/inblob 2Date: September, 2023 3KernelVersion: v6.7 4Contact: linux-coco@lists.linux.dev 5Description: 6 (WO) Up to 64 bytes of user specified binary data. For replay 7 protection this should include a nonce, but the kernel does not 8 place any restrictions on the content. 9 10What: /sys/kernel/config/tsm/report/$name/outblob 11Date: September, 2023 12KernelVersion: v6.7 13Contact: linux-coco@lists.linux.dev 14Description: 15 (RO) Binary attestation report generated from @inblob and other 16 options The format of the report is implementation specific 17 where the implementation is conveyed via the @provider 18 attribute. 19 20What: /sys/kernel/config/tsm/report/$name/auxblob 21Date: October, 2023 22KernelVersion: v6.7 23Contact: linux-coco@lists.linux.dev 24Description: 25 (RO) Optional supplemental data that a TSM may emit, visibility 26 of this attribute depends on TSM, and may be empty if no 27 auxiliary data is available. 28 29 When @provider is "sev_guest" this file contains the 30 "cert_table" from SEV-ES Guest-Hypervisor Communication Block 31 Standardization v2.03 Section 4.1.8.1 MSG_REPORT_REQ. 32 https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf 33 34What: /sys/kernel/config/tsm/report/$name/provider 35Date: September, 2023 36KernelVersion: v6.7 37Contact: linux-coco@lists.linux.dev 38Description: 39 (RO) A name for the format-specification of @outblob like 40 "sev_guest" [1] or "tdx_guest" [2] in the near term, or a 41 common standard format in the future. 42 43 [1]: SEV Secure Nested Paging Firmware ABI Specification 44 Revision 1.55 Table 22 45 https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56860.pdf 46 47 [2]: Intel® Trust Domain Extensions Data Center Attestation 48 Primitives : Quote Generation Library and Quote Verification 49 Library Revision 0.8 Appendix 4,5 50 https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf 51 52What: /sys/kernel/config/tsm/report/$name/generation 53Date: September, 2023 54KernelVersion: v6.7 55Contact: linux-coco@lists.linux.dev 56Description: 57 (RO) The value in this attribute increments each time @inblob or 58 any option is written. Userspace can detect conflicts by 59 checking generation before writing to any attribute and making 60 sure the number of writes matches expectations after reading 61 @outblob, or it can prevent conflicts by creating a report 62 instance per requesting context. 63 64What: /sys/kernel/config/tsm/report/$name/privlevel 65Date: September, 2023 66KernelVersion: v6.7 67Contact: linux-coco@lists.linux.dev 68Description: 69 (WO) Attribute is visible if a TSM implementation provider 70 supports the concept of attestation reports for TVMs running at 71 different privilege levels, like SEV-SNP "VMPL", specify the 72 privilege level via this attribute. The minimum acceptable 73 value is conveyed via @privlevel_floor and the maximum 74 acceptable value is TSM_PRIVLEVEL_MAX (3). 75 76What: /sys/kernel/config/tsm/report/$name/privlevel_floor 77Date: September, 2023 78KernelVersion: v6.7 79Contact: linux-coco@lists.linux.dev 80Description: 81 (RO) Indicates the minimum permissible value that can be written 82 to @privlevel. 83