Re: [RESEND PATCH v4] docs: security: Confidential computing intro and threat model for x86 virtualization

From: Jonathan Corbet
Date: Sat Sep 23 2023 - 03:57:30 EST

Next message: Greg KH: "Re: [PATCH v3 15/15] Drivers: hv: Add modules to expose /dev/mshv to VMMs running on Hyper-V"
Previous message: Greg KH: "Re: [PATCH v3 15/15] Drivers: hv: Add modules to expose /dev/mshv to VMMs running on Hyper-V"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Carlos Bilbao <carlos.bilbao@xxxxxxx> writes:

> Kernel developers working on confidential computing for virtualized
> environments in x86 operate under a set of assumptions regarding the Linux
> kernel threat model that differs from the traditional view. Historically,
> the Linux threat model acknowledges attackers residing in userspace, as
> well as a limited set of external attackers that are able to interact with
> the kernel through networking or limited HW-specific exposed interfaces
> (e.g. USB, thunderbolt). The goal of this document is to explain additional
> attack vectors that arise in the virtualized confidential computing space.
>
> Reviewed-by: Larry Dewey <larry.dewey@xxxxxxx>
> Reviewed-by: David Kaplan <david.kaplan@xxxxxxx>
> Co-developed-by: Elena Reshetova <elena.reshetova@xxxxxxxxx>
> Signed-off-by: Elena Reshetova <elena.reshetova@xxxxxxxxx>
> Signed-off-by: Carlos Bilbao <carlos.bilbao@xxxxxxx>

This patch was whitespace-corrupted (something wrapped the diff lines)
making it hard to apply; I was able to fix it up and get git to swallow
it. So applied, thanks.

jon

Next message: Greg KH: "Re: [PATCH v3 15/15] Drivers: hv: Add modules to expose /dev/mshv to VMMs running on Hyper-V"
Previous message: Greg KH: "Re: [PATCH v3 15/15] Drivers: hv: Add modules to expose /dev/mshv to VMMs running on Hyper-V"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]