Re: [PATCH v9 42/43] virt: sevguest: Add support to derive key

From: Brijesh Singh
Date: Tue Feb 08 2022 - 09:14:26 EST

Next message: Jan Dąbroś: "Re: [PATCH v3 2/2] i2c: designware: Add AMD PSP I2C bus support"
Previous message: Alexandre Belloni: "Re: [PATCH] include: linux: Reorganize timekeeping and ktime headers"
In reply to: Borislav Petkov: "Re: [PATCH v9 42/43] virt: sevguest: Add support to derive key"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/8/22 1:56 AM, Dov Murik wrote:
...

Just to be clear, I didn't mean necessarily "leak the key to the
untrusted host" (even if a page is converted back from private to
shared, it is encrypted, so host can't read its contents). But even
*inside* the guest, when dealing with sensitive data like keys, we
should minimize the amount of copies that float around (I assume this is
the reason for most of the uses of memzero_explicit() in the kernel).

Yap, I agree with your point and will keep the memzero_explicit().

-Brijesh

Next message: Jan Dąbroś: "Re: [PATCH v3 2/2] i2c: designware: Add AMD PSP I2C bus support"
Previous message: Alexandre Belloni: "Re: [PATCH] include: linux: Reorganize timekeeping and ktime headers"
In reply to: Borislav Petkov: "Re: [PATCH v9 42/43] virt: sevguest: Add support to derive key"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]