Re: Linux guest kernel threat model for Confidential Computing

From: Jiri Kosina
Date: Wed Jan 25 2023 - 13:48:35 EST

Next message: Verma, Vishal L: "Re: [PATCH v2] cxl: fix spelling mistakes"
Previous message: nick . hawkins: "[PATCH v4 1/5] i2c: hpe: Add GXP SoC I2C Controller"
In reply to: Dr. David Alan Gilbert: "Re: Linux guest kernel threat model for Confidential Computing"
Next in thread: Jörg Rödel: "Re: Linux guest kernel threat model for Confidential Computing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 25 Jan 2023, Greg Kroah-Hartman wrote:

> Argument that it doesn't work? I thought that ship sailed a long time
> ago but I could be wrong as I don't really pay attention to that stuff
> as it's just vaporware :)

Greg, are you sure you are talking about *SEV-SNP* here? (*)

That ship hasn't sailed as far as I can tell, it's being actively worked
on.

With SEV-SNP launch attestation, FDE, and runtime remote attestation (**)
one thing that you get is a way how to ensure that the guest image that
you have booted in a (public) cloud hasn't been tampered with, even if you
have zero trust in the cloud provider and their hypervisor.

And that without the issues and side-channels previous SEV and SEV-ES had.

Which to me is a rather valid usecase in today's world, rather than
vaporware.

(*) and corresponding Intel-TDX support counterpart, once it exists

(**) which is not necessarily a kernel work of course, but rather
userspace integration work, e.g. based on Keylime

--
Jiri Kosina
SUSE Labs

Next message: Verma, Vishal L: "Re: [PATCH v2] cxl: fix spelling mistakes"
Previous message: nick . hawkins: "[PATCH v4 1/5] i2c: hpe: Add GXP SoC I2C Controller"
In reply to: Dr. David Alan Gilbert: "Re: Linux guest kernel threat model for Confidential Computing"
Next in thread: Jörg Rödel: "Re: Linux guest kernel threat model for Confidential Computing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]