On Wed, Jun 28, 2023 at 02:16:45AM +0000, Huang, Kai wrote: > > You really shouldn't be putting attestation validation logic in the > > kernel. > > Agreed. The data blob for remote verification should be just some data blob to > the kernel. I think the kernel shouldn't even try to understand the data blob > is for which architecture. From the kernel's perspective, it should be just > some data blob that the kernel gets from hardware/firmware or whatever embedded > in the root-of-trust in the hardware after taking some input from usrspace for > the unique identity of the blob that can be used to, e.g., mitigate replay- > attack, etc. Great, then use the common "data blob" api that we have in the kernel for a very long time now, the "firwmare download" api, or the sysfs binary file api. Both of them just use the kernel as a pass-through and do not touch the data at all. No need for crazy custom ioctls and all that mess :) thanks, greg k-h
