Merge tag 'tsm-for-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/devsec/tsm

Pull TSM updates from Dan Williams:
 "A couple of updates to the maximum buffer sizes supported for the
  configfs-tsm-reports interface.

  This interface is a common transport that conveys the varied
  architecture specific launch attestation reports for confidential VMs.

   - Prepare the configfs-tsm-reports interface for passing larger
     attestation evidence blobs for "Device Identifier Composition
     Engine" (DICE) and Post Quantum Crypto (PQC)

   - Update the tdx-guest driver for DICE evidence (larger certificate
     chains and the CBOR Web Token schema)"

* tag 'tsm-for-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/devsec/tsm:
  configfs-tsm-report: tdx_guest: Increase Quote buffer size to 128KB
  configfs-tsm-report: Increase TSM_REPORT_OUTBLOB_MAX to 16MB
  configfs-tsm-report: Document size limits for outblob attributes

1 files changed, 3 insertions, 1 deletions

diff --git a/drivers/virt/coco/tdx-guest/tdx-guest.c b/drivers/virt/coco/tdx-guest/tdx-guest.c
index 4e239ec960c9..4252b147593a 100644
--- a/drivers/virt/coco/tdx-guest/tdx-guest.c
+++ b/drivers/virt/coco/tdx-guest/tdx-guest.c
@@ -160,8 +160,10 @@ static void tdx_mr_deinit(const struct attribute_group *mr_grp)
 /*
  * Intel's SGX QE implementation generally uses Quote size less
  * than 8K (2K Quote data + ~5K of certificate blob).
+ * DICE-based attestation uses layered evidence that requires
+ * larger Quote size (~100K).
  */
-#define GET_QUOTE_BUF_SIZE		SZ_8K
+#define GET_QUOTE_BUF_SIZE		SZ_128K
 
 #define GET_QUOTE_CMD_VER		1