Re: Linux guest kernel threat model for Confidential Computing

From: Michael S. Tsirkin
Date: Thu Jan 26 2023 - 11:33:52 EST

Next message: Arnd Bergmann: "[PATCH] Coresight: tpda/tpdm: remove incorrect __exit annotation"
Previous message: Bryan O'Donoghue: "Re: [PATCH v4 0/6] Add MSM8939 SoC support with two devices"
In reply to: Lukas Wunner: "Re: Linux guest kernel threat model for Confidential Computing"
Next in thread: Lukas Wunner: "Re: Linux guest kernel threat model for Confidential Computing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 26, 2023 at 04:44:49PM +0100, Lukas Wunner wrote:
> Obviously the host can DoS guest access to the device by modifying
> exchanged messages, but there are much simpler ways for it to
> do that, say, by clearing Bus Master Enable or Memory Space Enable
> bits in the Command Register.

There's a single key per guest though, isn't it? Also used
for regular memory?

--
MST

Next message: Arnd Bergmann: "[PATCH] Coresight: tpda/tpdm: remove incorrect __exit annotation"
Previous message: Bryan O'Donoghue: "Re: [PATCH v4 0/6] Add MSM8939 SoC support with two devices"
In reply to: Lukas Wunner: "Re: Linux guest kernel threat model for Confidential Computing"
Next in thread: Lukas Wunner: "Re: Linux guest kernel threat model for Confidential Computing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]