tdx-guest.rst 2.0 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152
  1. .. SPDX-License-Identifier: GPL-2.0
  2. ===================================================================
  3. TDX Guest API Documentation
  4. ===================================================================
  5. 1. General description
  6. ======================
  7. The TDX guest driver exposes IOCTL interfaces via the /dev/tdx-guest misc
  8. device to allow userspace to get certain TDX guest-specific details.
  9. 2. API description
  10. ==================
  11. In this section, for each supported IOCTL, the following information is
  12. provided along with a generic description.
  13. :Input parameters: Parameters passed to the IOCTL and related details.
  14. :Output: Details about output data and return value (with details about
  15. the non common error values).
  16. 2.1 TDX_CMD_GET_REPORT0
  17. -----------------------
  18. :Input parameters: struct tdx_report_req
  19. :Output: Upon successful execution, TDREPORT data is copied to
  20. tdx_report_req.tdreport and return 0. Return -EINVAL for invalid
  21. operands, -EIO on TDCALL failure or standard error number on other
  22. common failures.
  23. The TDX_CMD_GET_REPORT0 IOCTL can be used by the attestation software to get
  24. the TDREPORT0 (a.k.a. TDREPORT subtype 0) from the TDX module using
  25. TDCALL[TDG.MR.REPORT].
  26. A subtype index is added at the end of this IOCTL CMD to uniquely identify the
  27. subtype-specific TDREPORT request. Although the subtype option is mentioned in
  28. the TDX Module v1.0 specification, section titled "TDG.MR.REPORT", it is not
  29. currently used, and it expects this value to be 0. So to keep the IOCTL
  30. implementation simple, the subtype option was not included as part of the input
  31. ABI. However, in the future, if the TDX Module supports more than one subtype,
  32. a new IOCTL CMD will be created to handle it. To keep the IOCTL naming
  33. consistent, a subtype index is added as part of the IOCTL CMD.
  34. Reference
  35. ---------
  36. TDX reference material is collected here:
  37. https://www.intel.com/content/www/us/en/developer/articles/technical/intel-trust-domain-extensions.html
  38. The driver is based on TDX module specification v1.0 and TDX GHCI specification v1.0.