Re: [PATCH] docs: security: Confidential computing intro and threat model

From: Bagas Sanjaya
Date: Fri Apr 21 2023 - 23:18:18 EST

Next message: patchwork-bot+netdevbpf: "Re: [PATCH] net/handshake: Fix section mismatch in handshake_exit"
Previous message: Vishal Verma: "[PATCH 3/4] cxl: add a firmware update mechanism using the sysfs firmware loader"
In reply to: Kaplan, David: "RE: [PATCH] docs: security: Confidential computing intro and threat model"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 29, 2023 at 12:40:24PM +0200, Greg KH wrote:
> > + * - Guest malicious configuration
> > + - A malicious host modifies one of the following guest's
> > + configuration:
> > +
> > + 1. Guest firmware or bootloader
> > +
> > + 2. Guest kernel or module binaries
> > +
> > + 3. Guest command line parameters
> > +
> > + This allows the host to break the integrity of the code running
> > + inside a CoCo guest and violate the CoCo security objectives.
>
> So hosts are not allowed to change this? I don't understand the use of
> "violate" here, sorry.

I think the situation described above is when malicious actors gain
control of a CoCo host.

Thanks.

--
An old man doll... just what I always wanted! - Clara

Attachment: signature.asc
Description: PGP signature

Next message: patchwork-bot+netdevbpf: "Re: [PATCH] net/handshake: Fix section mismatch in handshake_exit"
Previous message: Vishal Verma: "[PATCH 3/4] cxl: add a firmware update mechanism using the sysfs firmware loader"
In reply to: Kaplan, David: "RE: [PATCH] docs: security: Confidential computing intro and threat model"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]