Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

client.GetQuote() returns error "inappropriate ioctl for device" #28

Open
shuk777 opened this issue Nov 8, 2023 · 5 comments
Open

client.GetQuote() returns error "inappropriate ioctl for device" #28

shuk777 opened this issue Nov 8, 2023 · 5 comments

Comments

@shuk777
Copy link

shuk777 commented Nov 8, 2023

Hi, there.

I tried tools/attest/attest.go but got error. However, I was able to get quote with Intel official tdx-tools.

If u need more info plz let me know.
@deeglaze
Copy link
Collaborator

deeglaze commented Nov 8, 2023

What’s your output for uname -a? The driver has been in flux, so we’d need the kernel version.

@shuk777
Copy link
Author

shuk777 commented Nov 9, 2023
edited
Loading

Thanks for ur reply @deeglaze . It's Linux tdx-test 6.2.16-v5.0.mvp40-generic #tdx SMP PREEMPT_DYNAMIC Mon Nov 6 11:00:15 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux, both host and guest

@msanft
Copy link

msanft commented Jul 5, 2024
edited
Loading

Hey @deeglaze,

i have been running into the same issue. v0.3.1 returns an empty report for me when querying through the configfs, and the device doesn't seem to be supported anymore in this version. I tried to run v0.2.2, which should be the last version supporting the device, and client.GetRawQuote() returns "inappropriate ioctl for device".

Guest kernel is 6.7.0, host is 6.8.0-1004-intel.

@deeglaze
Copy link
Collaborator

deeglaze commented Jul 5, 2024

tdx-guest is not an upstream driver. This repo started as a means to test attestation with proposed patches. Now that configfs-tsm has been merged upstream, the configfs quote provider should be the only one that works. Still, this all depends on how your distro is managing their kernel patches and built config. Which distro are you using? We test the public images on GCE that are marked with TDX_CAPABLE guestOsFeatures.

@msanft
Copy link

msanft commented Jul 8, 2024

tdx-guest is not an upstream driver. This repo started as a means to test attestation with proposed patches. Now that configfs-tsm has been merged upstream, the configfs quote provider should be the only one that works. Still, this all depends on how your distro is managing their kernel patches and built config. Which distro are you using? We test the public images on GCE that are marked with TDX_CAPABLE guestOsFeatures.

Yeah, I know. I don't think my issue specifically revolves around go-tdx-guest. I can manually query a report on the machine through the ioctl, so I think the reason for v0.2.2 not working is some API differential between the library and the driver since then.

Regarding the configfs, I'll see and try to debug this. I think this is a kernel / distro issue, as manually querying a report through the configfs yields an empty report too. But I think this is nothing you, as a library author, should invest any time in.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@deeglaze @msanft @shuk777