From nobody Thu Apr 2 17:23:45 2026 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 96E891D5170 for ; Wed, 11 Feb 2026 00:17:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.10 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770769057; cv=none; b=BDQAUv8VNqJUrqD1Nd3Q/NM96/RqYFSryF6SsJJmHre4K2whl8I1IQszN1QRNu0s1WDnMjMZ81oFtwTyNBUCRpNwQTTVbvu2VtKBL5jyIya0V0YNyASkyNaU7HSVfycjRI4SQosD2xU8v6J4jQO8rOqBiel+BkfNYJG5TRde1M8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770769057; c=relaxed/simple; bh=ZXKgLjfjUMF5Zlz2aryYjTREBzkzCvURKUYVMjQVPYo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=PfXiWeloqLtvdobNLHceWLnRuQ0dtDcKuZ/ZO5YvNpxUHNR4PStuPohstF0NUolxpPBJ3G+kaiGPOF94OT1RIpeLk3cXYJvtJ42MJKxEFAkIxv+TKACM7ET049tIInt7uSARVoHWilkIJafcJpR1/UwseQ0k894slELhI8J4n/s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=pass smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=mWOagqu1; arc=none smtp.client-ip=192.198.163.10 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="mWOagqu1" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1770769057; x=1802305057; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ZXKgLjfjUMF5Zlz2aryYjTREBzkzCvURKUYVMjQVPYo=; b=mWOagqu1uMo3T9qC+OgEf+rARtPi4P9DwVeK87wu026gZDdskCzC15mZ UMUgdR+dgWQjMCQUChvXIg6zgEjplltHrpO92lKZEJyBfQUB+tjZu5XpY jZOcbthJEJ/oG0R2xZeWdIUYLLH1n0iyzHd6gKDSan/Ub0m1xdEa+bLYB eNQoxdWLI2FViY9Rp+MuTKN7tvTnGeckaE894DLaK4slIOnLGiuHh/UTu nS74AUv2L6WBzX0fSf2nRofm7E7gUplAJezXTyTN6LZHetx8dj8Aw7UBT NhsSXbxxxWJLX96wO1pjrlua8Q/dXBxuslkOZLbBcPTWx9fmxCgSts1vP g==; X-CSE-ConnectionGUID: LmZXz3PtR0WTqP+e1PZ2AQ== X-CSE-MsgGUID: qbb4aUCARmu7QwdOpVmNPw== X-IronPort-AV: E=McAfee;i="6800,10657,11697"; a="83279908" X-IronPort-AV: E=Sophos;i="6.21,283,1763452800"; d="scan'208";a="83279908" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by fmvoesa104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Feb 2026 16:17:31 -0800 X-CSE-ConnectionGUID: EK55xVOhSfmhaG8fYIV/7g== X-CSE-MsgGUID: B5KCxlnoRuW/g3YGiK9VfQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.21,283,1763452800"; d="scan'208";a="216242055" Received: from skuppusw-desk2.jf.intel.com ([10.165.154.101]) by ORVIESA003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Feb 2026 16:17:31 -0800 From: Kuppuswamy Sathyanarayanan To: Dan Williams , "Kirill A . Shutemov" Cc: Dave Hansen , Rick Edgecombe , x86@kernel.org, linux-kernel@vger.kernel.org, linux-coco@lists.linux.dev Subject: [PATCH v1 2/3] virt: tsm: Increase TSM_REPORT_OUTBLOB_MAX to 16MB Date: Tue, 10 Feb 2026 16:17:11 -0800 Message-ID: <20260211001712.1531955-3-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260211001712.1531955-1-sathyanarayanan.kuppuswamy@linux.intel.com> References: <20260211001712.1531955-1-sathyanarayanan.kuppuswamy@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Confidential Computing (CoCo) attestation is evolving toward standardized models such as DICE (Device Identifier Composition Engine) and Post-Quantum Cryptography (PQC), which rely on layered certificate chains and larger cryptographic signatures. A typical PQC certificate can range from 5KB to 15KB, and DICE-based architectures accumulate these certificates across multiple boot stages. In such configurations, the total attestation evidence can reach several megabytes, exceeding the current 32KB limit. Increase TSM_REPORT_OUTBLOB_MAX to 16MB to accommodate these larger certificate chains. This provides sufficient headroom to handle evolving requirements without requiring frequent updates to the limit. TSM_REPORT_OUTBLOB_MAX is used by the configfs read interface to cap the maximum allowed binary blob size for outblob, auxblob and manifestblob attributes. Hence, the per-open-file worst case memory allocation increases from 32KB to 16MB. Multiple concurrent readers multiply this cost (e.g., N readers of an M-byte blob incur NxM bytes of vmalloc-backed memory). However, allocations are performed on demand and remain proportional to the actual blob length, not the configured maximum. Reviewed-by: Fang Peter Signed-off-by: Kuppuswamy Sathyanarayanan --- include/linux/tsm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/tsm.h b/include/linux/tsm.h index a3b7ab668eff..7f72a154b6b2 100644 --- a/include/linux/tsm.h +++ b/include/linux/tsm.h @@ -8,7 +8,7 @@ #include =20 #define TSM_REPORT_INBLOB_MAX 64 -#define TSM_REPORT_OUTBLOB_MAX SZ_32K +#define TSM_REPORT_OUTBLOB_MAX SZ_16M =20 /* * Privilege level is a nested permission concept to allow confidential --=20 2.43.0