Baremetal TDX: SGX device plugin operator and PCCS TLS trust required for attestation

[butler54]

Summary

Baremetal TDX attestation requires two infrastructure components that are not yet fully integrated:

1. Intel Device Plugins Operator — provides the SGX device plugin (SgxDevicePlugin CR), which registers sgx.intel.com/enclave and sgx.intel.com/provision resources on TDX-capable nodes. Without this, the QGS (Quote Generation Service) cannot schedule and TDX quotes are empty.

2. PCCS TLS certificate trust — The trustee pod's QCNL config (sgx_default_qcnl.conf) needs "use_secure_cert": false when using a local PCCS with self-signed certificates. Without this, quote verification fails with SGX_QL_ROOT_CA_UNTRUSTED (0xe065).

Current State

• intel-device-plugins-operator subscription added to values-baremetal.yaml (certified-operators, stable channel)
• TDX config enabled in trustee overrides (kbs.tdx.enabled: true, pointing to pccs-service.intel-dcap.svc.cluster.local:8042)
• Trustee chart tdx-config.yaml template updated on feature/baremetal-attestation branch to include "use_secure_cert": false

Error Progression

1. TDX Quote is empty — no SGX device plugin, QGS can't run
2. SGX_QL_NETWORK_ERROR (0xe019) — SGX device plugin installed but QCNL pointing to localhost instead of PCCS service
3. SGX_QL_ROOT_CA_UNTRUSTED (0xe065) — QCNL reaching PCCS but rejecting self-signed cert

Action Items

• Release trustee chart with baremetal attestation rules and use_secure_cert: false in tdx-config
• Verify end-to-end TDX attestation on baremetal after chart release
• Consider whether PCCS should use a proper CA-signed certificate long-term

🤖 Generated with Claude Code