Skip to content

Commit

Permalink
Fix editorial issues
Browse files Browse the repository at this point in the history
Signed-off-by: Steven Bellock <sbellock@nvidia.com>
  • Loading branch information
steven-bellock committed Aug 28, 2024
1 parent 0583613 commit 32b6158
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 25 deletions.
2 changes: 1 addition & 1 deletion src/appendix_d.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ values are required in order for the key to be released.
When the request to promote VM to a TVM is called and local attestation is
successful, the TSM unseals the key with help of the hardware root-of-trust. At
the point when the TVM needs to decrypt its disk (e.g., for mounting the
filesystem), the TVM utilizes an ABI call (`covg_retrieve_secret()`) to
filesystem), the TVM utilizes an ABI call (`sbi_covg_retrieve_secret()`) to
retrieve the decryption key from the TSM.

=== Further recommendations
Expand Down
6 changes: 3 additions & 3 deletions src/attestation.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,7 @@ measurement into runtime measurement registers. When supporting that feature,
the TSM must store runtime measurements separately from the TVM initial ones.
The TSM can use up to 18 runtime measurement registers for that purpose.

The TVM measurement extension interface is exposed through the optional TG-ABI
The TVM measurement extension interface is exposed through the optional COVG-ABI
`sbi_covg_extend_measurement()` FID.

[NOTE]
Expand Down Expand Up @@ -348,7 +348,7 @@ include the DICE derived public key for the Platform.

The CoVE layered Evidence structure is represented by the above described
composition of cryptographically chained EAT tokens. Verifier can then attest
of a CoVE workload trustworthiness by independenly inspecting each token,
of a CoVE workload trustworthiness by independently inspecting each token,
while being able to verify that the TCB represented by one token was used to
generate the next one.

Expand Down Expand Up @@ -751,7 +751,7 @@ tvm-runtime-measurements = (
==== Evidence Generation

TVM guest Attesters can request from the TSM to generate an Evidence that attest
to their own layered TCB layers, by calling into the TG-ABI
to their own layered TCB layers, by calling into the COVG-ABI
`sbi_covg_get_evidence()` FID.

The `sbi_covg_get_evidence()` returns an attestation certificate that includes
Expand Down
40 changes: 20 additions & 20 deletions src/sbi_cove.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -785,18 +785,18 @@ struct tsm_info {
* will be initialized to `0`.
*/
uint32_t tsm_state;
/*
/*
* Identifier of the TSM implementation, see `Reserved TSM Implementation IDs`
* table below. This identifier is intended to distinguish among different TSM
* implementations, potentially managed by different organizations, that might
* target different deployment models and, thus, implement subset of CoVE spec.
*/
uint32_t tsm_impl_id;
/*
* Version number of the running TSM.
/*
* Version number of the running TSM.
*/
uint32_t tsm_version;
/*
/*
* A bitmask of CoVE features supported by the running TSM, see `TSM Capabilities`
* table below. Every bit in this field corresponds to a capability defined by
* `COVE_TSM_CAP_*` constants. Presence of bit `i` indicates that both the TSM
Expand All @@ -809,8 +809,8 @@ struct tsm_info {
* dynamic memory allocation capability.
*/
unsigned long tvm_state_pages;
/*
* The maximum number of vCPUs a TVM can support.
/*
* The maximum number of vCPUs a TVM can support.
*/
unsigned long tvm_max_vcpus;
/*
Expand Down Expand Up @@ -840,7 +840,7 @@ struct tsm_info {
| 4 | COVE_TSM_CAP_MRIF | `1` | TSM supports MRIF.
| 5 | COVE_TSM_CAP_MEMORY_ALLOCATION | `0` | TSM supports static memory allocation.
| 5 | COVE_TSM_CAP_MEMORY_ALLOCATION | `1` | TSM supports dynamic memory allocation.
| 6..63 | RESERVED | |
| 6..63 | RESERVED | |
|===

[#table_sbi_covh_get_tsm_implementation_ids]
Expand Down Expand Up @@ -1139,7 +1139,7 @@ The `tap_addr` is the 8-bytes aligned guest physical address of the
For VMs that do not require local attestation (only the remote attestation),
`tap_addr` must be set to `0`.
The `entry_sepc` is the address at which the vCPU execution will resume.
`tvm_identity_addr` is an optional, when set, it points to a 64-bytes buffer
`tvm_identity_addr` is an optional, when set, it points to a 64-bytes buffer
containing a host-defined TVM identity, see `sbi_covh_finalize_tvm()` for more
details.

Expand Down Expand Up @@ -2102,7 +2102,7 @@ OS/VMM, which then allocates contiguous non-confidential pages and returns the
host physical address of the first page to the TSM. The TSM maps the
non-confidential pages to the TVM's address space.

In systems with fragmented memory and lack of dynamic page conversion,
In systems with fragmented memory and lack of dynamic page conversion,
the OS/VMM may fail allocating a single large physical memory region that
spans over contiguous non-confidential pages. The TVM should then retry and
request share of multiple smaller memory regions, for example, at the 4KB page
Expand Down Expand Up @@ -2276,10 +2276,10 @@ struct AttestationCapabilities {
uint32_t certificate_formats;
/* Number of initial measurement registers */
uint_8 initial_measurements;
uint8_t initial_measurements;
/* Number of runtime measurement registers */
uint_8 runtime_measurements;
uint8_t runtime_measurements;
/* Array of all measurement register descriptors */
MeasurementRegisterDescriptor[MAX_MEASUREMENT_REGISTERS] msmt_regs;
Expand Down Expand Up @@ -2326,7 +2326,7 @@ struct MeasurementRegisterDescriptor {
This implies an exit to the host, and a subsequent
resume of execution.
| SBI_ERR_INVALID_ADDRESS | `tvm_caps_addr` was invalid.
| SBI_ERR_INVALID_PARAM | `caps_len` was invalid, or the entire range doesn't
| SBI_ERR_INVALID_PARAM | `caps_size` was invalid, or the entire range doesn't
span a `CONFIDENTIAL_MEMORY_REGION`
| SBI_ERR_FAILED | The operation failed for unknown reasons.
|===
Expand Down Expand Up @@ -2424,11 +2424,11 @@ confidential memory.
| SBI_ERR_FAILED | The operation failed for unknown reasons.
|===

[#covg_retrieve_secret]
[#sbi_covg_retrieve_secret]
=== Function: COVE Guest Retrieve Secret (FID #9)
[source, C]
-----
struct sbiret covg_retrieve_secret(unsigned long buf_addr,
struct sbiret sbi_covg_retrieve_secret(unsigned long buf_addr,
unsigned long buf_size);
-----
Requests TSM for a secret available after successful local attestation. TSM
Expand All @@ -2438,9 +2438,9 @@ creation via `sbi_covh_promote_to_tvm()`. Only the TVMs that were correctly
authenticated and authorized during local attestation can receive the secret
embedded in TAP.

`buf_addr` is the 4KB-aligned address in the TVM address space to which the
`buf_addr` is the 4KB-aligned address in the TVM address space to which the
TSM will write the secret.
`buf_size` is the length of the buffer. The buffer cannot be larger than the
`buf_size` is the length of the buffer. The buffer cannot be larger than the
4KB page size.

This ABI will become part of the `Sealing Interface` planned for the CoVE in
Expand All @@ -2449,7 +2449,7 @@ version 2.0.
If the call fails, the TSM returns SBI error code in `sbiret.error` to the VM.
The possible error codes are shown below.

[#table_covg_retrieve_secret_errors]
[#table_sbi_covg_retrieve_secret_errors]
.COVE Guest Retrieve Secret Errors
[cols="2,3", width=90%, align="center", options="header"]
|===
Expand Down Expand Up @@ -2542,8 +2542,8 @@ the VMM to finalize the measurement of a TVM (initial). The TSM enforces that
the TVM virtual harts cannot be entered unless the TVM measurement is committed
via this operation.

| <<sbi_covh_promote_to_tvm, sbi_covh_promote_to_tvm>> | Creates a TVM in
a single-step taking the state of an existing VM and recreating it in
| <<sbi_covh_promote_to_tvm, sbi_covh_promote_to_tvm>> | Creates a TVM in
a single-step taking the state of an existing VM and recreating it in
confidential memory. It is an alternative approach to creating a TVM in
a multi-step process initiated with `sbi_covh_create_tvm()`.

Expand Down Expand Up @@ -2785,7 +2785,7 @@ report to a remote relying party. It returns an attestation certificate signed
by the TSM attestation key, and includes the TVM attestation evidence. The TSM
attestion key is also included in the reported TSM token.

| <<covg_retrieve_secret, covg_retrieve_secret>> | TVM reads a secret
| <<sbi_covg_retrieve_secret, sbi_covg_retrieve_secret>> | TVM reads a secret
available after successful local attestation. TSM writes the secret to the
buffer specified by the TVM.

Expand Down
2 changes: 1 addition & 1 deletion src/swlifecycle.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -727,7 +727,7 @@ and non-confidential, may allow the VMM to grant the confidential memory to
another TVM or reclaim all memory granted to the TVM via
`sbi_covh_reclaim_pages()` which will verify the TSM hgatp mapping and tracking
for the page and restore it as a VMM-available page to grant to a
non-confidential VM. This reclaim TSM opertaion:
non-confidential VM. This reclaim TSM operation:

* Verifies that the PAs referenced are either Non-confidential (No-operation) or
Confidential-Unassigned state.
Expand Down

0 comments on commit 32b6158

Please sign in to comment.