Re: [RFC PATCH 0/3] Allow access to confidential computing secret area

From: Andi Kleen
Date: Fri May 21 2021 - 12:41:49 EST

Next message: Bartosz Golaszewski: "[GIT PULL] gpio: fixes for v5.13-rc3"
Previous message: Qais Yousef: "Re: [PATCH v6 11/21] sched: Split the guts of sched_setaffinity() into a helper function"
In reply to: Brijesh Singh: "Re: [RFC PATCH 0/3] Allow access to confidential computing secret area"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The SEV-SNP attestation approach is very similar to what Andi described
for the TDX. However, in the case of legacy SEV and ES, the attestation
verification is performed before the guest is booted. In this case, the
hyervisor puts the secret provided by the guest owner (after the
attestation) at a fixed location. Dov's driver is simply reading that
fixed location and making it available through the simple text file.

That's the same as our SVKL model.

The (not yet posted) driver is here:

https://github.com/intel/tdx/commit/62c2d9fae275d5bf50f869e8cfb71d2ca1f71363

We opted to use ioctls, with the idea that it should be just read and cleared once to not let the secret lying around. Typically you would just use it to set up dmcrypt or similar once. I think read-and-clear with explicit operations is a better model than some virtual file because of the security properties.

-Andi

Next message: Bartosz Golaszewski: "[GIT PULL] gpio: fixes for v5.13-rc3"
Previous message: Qais Yousef: "Re: [PATCH v6 11/21] sched: Split the guts of sched_setaffinity() into a helper function"
In reply to: Brijesh Singh: "Re: [RFC PATCH 0/3] Allow access to confidential computing secret area"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]