All of lore.kernel.org
 help / color / mirror / Atom feed
From: Sean Christopherson <seanjc@google.com>
To: Carlos Bilbao <carlos.bilbao@amd.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>,
	"corbet@lwn.net" <corbet@lwn.net>,
	 "linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
	 "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"ardb@kernel.org" <ardb@kernel.org>,
	 "kraxel@redhat.com" <kraxel@redhat.com>,
	"dovmurik@linux.ibm.com" <dovmurik@linux.ibm.com>,
	 "dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
	"Dhaval.Giani@amd.com" <Dhaval.Giani@amd.com>,
	 "michael.day@amd.com" <michael.day@amd.com>,
	 "pavankumar.paluri@amd.com" <pavankumar.paluri@amd.com>,
	"David.Kaplan@amd.com" <David.Kaplan@amd.com>,
	 "Reshma.Lal@amd.com" <Reshma.Lal@amd.com>,
	"Jeremy.Powell@amd.com" <Jeremy.Powell@amd.com>,
	 "sathyanarayanan.kuppuswamy@linux.intel.com"
	<sathyanarayanan.kuppuswamy@linux.intel.com>,
	 "alexander.shishkin@linux.intel.com"
	<alexander.shishkin@linux.intel.com>,
	 "thomas.lendacky@amd.com" <thomas.lendacky@amd.com>,
	"tglx@linutronix.de" <tglx@linutronix.de>,
	 "dgilbert@redhat.com" <dgilbert@redhat.com>,
	 "gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>,
	"dinechin@redhat.com" <dinechin@redhat.com>,
	 "linux-coco@lists.linux.dev" <linux-coco@lists.linux.dev>,
	"berrange@redhat.com" <berrange@redhat.com>,
	 "mst@redhat.com" <mst@redhat.com>,
	"tytso@mit.edu" <tytso@mit.edu>,
	"jikos@kernel.org" <jikos@kernel.org>,
	 "joro@8bytes.org" <joro@8bytes.org>,
	"leon@kernel.org" <leon@kernel.org>,
	 "richard.weinberger@gmail.com" <richard.weinberger@gmail.com>,
	"lukas@wunner.de" <lukas@wunner.de>,
	 "jejb@linux.ibm.com" <jejb@linux.ibm.com>,
	"cdupontd@redhat.com" <cdupontd@redhat.com>,
	 "jasowang@redhat.com" <jasowang@redhat.com>,
	"sameo@rivosinc.com" <sameo@rivosinc.com>,
	"bp@alien8.de" <bp@alien8.de>,
	 "security@kernel.org" <security@kernel.org>,
	Andrew Bresticker <abrestic@rivosinc.com>,
	 Rajnesh Kanwal <rkanwal@rivosinc.com>,
	Dylan Reid <dylan@rivosinc.com>,  Ravi Sahita <ravi@rivosinc.com>
Subject: Re: [PATCH] docs: security: Confidential computing intro and threat model
Date: Wed, 26 Apr 2023 12:53:52 -0700	[thread overview]
Message-ID: <ZEmBULXp24oMxaUH@google.com> (raw)
In-Reply-To: <9021d861-cde6-a51a-7d8c-b3f67eaa01d8@amd.com>

On Wed, Apr 26, 2023, Carlos Bilbao wrote:
> On 4/26/23 10:51 AM, Sean Christopherson wrote:
> > This document is named confidential-computing.rst, not tdx-and-snp.rst.  Not
> > explicitly mentioning SEV doesn't magically warp reality to make descriptions like
> > this one from security/secrets/coco.rst disappear:
> > 
> >   Introduction                                                                    
> >   ============                                                                    
> >                                                                                 
> >   Confidential Computing (coco) hardware such as AMD SEV (Secure Encrypted        
> >   Virtualization) allows guest owners to inject secrets into the VMs              
> >   memory without the host/hypervisor being able to read them.
> > 
> > My complaint about this document being too Intel/AMD centric isn't that it doesn't
> > mention other implementations, it's that the doc describes CoCo purely from the
> > narrow viewpoint of Intel TDX and AMD SNP, and to be blunt, reads like a press
> > release and not an objective overview of CoCo.
> 
> Be specific about the parts of the document that you feel are too
> AMD/Intel centric, and we will correct them.

The whole thing?  There aren't specific parts that are too SNP/TDX centric, the
entire tone and approach of the document is wrong.  As I responded to Dave, I
would feel differently if the document were named tdx-and-snp-threat-model.rst,
but this patch proposes a generic confidential-computing.rst and presents the
SNP+TDX confidential VM use case as if it's the *only* confidential computing use
case.

  reply	other threads:[~2023-04-26 19:53 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-03-27 14:18 [PATCH] docs: security: Confidential computing intro and threat model Carlos Bilbao
2023-03-29 10:40 ` Greg KH
2023-03-30 17:32   ` Carlos Bilbao
2023-04-22  3:17   ` Bagas Sanjaya
2023-04-21 21:09 ` Kaplan, David
2023-04-25 13:43   ` Carlos Bilbao
2023-04-25 15:02 ` Sean Christopherson
2023-04-26 13:32   ` Reshetova, Elena
2023-04-26 15:08     ` Carlos Bilbao
2023-04-26 15:51       ` Sean Christopherson
2023-04-26 19:21         ` Carlos Bilbao
2023-04-26 19:53           ` Sean Christopherson [this message]
2023-04-26 20:15             ` Carlos Bilbao
2023-04-26 21:33               ` Sean Christopherson
2023-04-26 22:27                 ` Carlos Bilbao
2023-04-27 12:29                 ` Reshetova, Elena
2023-04-27 14:16                   ` Carlos Bilbao
2023-04-27 15:18                     ` Sean Christopherson
2023-04-27 17:59                       ` Carlos Bilbao
2023-04-26 20:12           ` Dave Hansen
2023-04-26 15:18     ` James Bottomley
2023-04-26 16:17       ` Sean Christopherson
2023-04-27 12:43         ` Reshetova, Elena
2023-04-27 13:18           ` James Bottomley
2023-04-27 15:47             ` Reshetova, Elena
2023-04-27 16:16               ` James Bottomley
2023-04-27 16:46                 ` Randy Dunlap
2023-04-27 17:19             ` Michael S. Tsirkin
2023-04-27 18:27               ` James Bottomley
2023-04-27 12:56       ` Reshetova, Elena
2023-04-26 15:46   ` Dave Hansen
2023-04-26 16:03     ` Sean Christopherson
2023-04-27 19:06       ` Peter Gonda
2023-04-27 18:47   ` Peter Gonda

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZEmBULXp24oMxaUH@google.com \
    --to=seanjc@google.com \
    --cc=David.Kaplan@amd.com \
    --cc=Dhaval.Giani@amd.com \
    --cc=Jeremy.Powell@amd.com \
    --cc=Reshma.Lal@amd.com \
    --cc=abrestic@rivosinc.com \
    --cc=alexander.shishkin@linux.intel.com \
    --cc=ardb@kernel.org \
    --cc=berrange@redhat.com \
    --cc=bp@alien8.de \
    --cc=carlos.bilbao@amd.com \
    --cc=cdupontd@redhat.com \
    --cc=corbet@lwn.net \
    --cc=dave.hansen@linux.intel.com \
    --cc=dgilbert@redhat.com \
    --cc=dinechin@redhat.com \
    --cc=dovmurik@linux.ibm.com \
    --cc=dylan@rivosinc.com \
    --cc=elena.reshetova@intel.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=jasowang@redhat.com \
    --cc=jejb@linux.ibm.com \
    --cc=jikos@kernel.org \
    --cc=joro@8bytes.org \
    --cc=kraxel@redhat.com \
    --cc=leon@kernel.org \
    --cc=linux-coco@lists.linux.dev \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lukas@wunner.de \
    --cc=michael.day@amd.com \
    --cc=mst@redhat.com \
    --cc=pavankumar.paluri@amd.com \
    --cc=ravi@rivosinc.com \
    --cc=richard.weinberger@gmail.com \
    --cc=rkanwal@rivosinc.com \
    --cc=sameo@rivosinc.com \
    --cc=sathyanarayanan.kuppuswamy@linux.intel.com \
    --cc=security@kernel.org \
    --cc=tglx@linutronix.de \
    --cc=thomas.lendacky@amd.com \
    --cc=tytso@mit.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.