From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from ms.lwn.net (ms.lwn.net [45.79.88.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AEB2F469E for ; Sat, 23 Sep 2023 08:05:49 +0000 (UTC) Received: from localhost (unknown [217.144.90.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ms.lwn.net (Postfix) with ESMTPSA id 8CDA0383; Sat, 23 Sep 2023 07:57:23 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 ms.lwn.net 8CDA0383 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lwn.net; s=20201203; t=1695455844; bh=mfkLM1mZ6patzZykKGGUczfcmlxw34HJH6wQWGJWhEI=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=ORgfQWMBvcaonPYu9FXssg1eETcs/C+oNsQNKobql3vJImfFeyEdqnjoPAOMydwEX uUN7e6ob3s9xvarSqsvfLw48K+gDBY5u5LEGPp9koqipZy6HhAuk9NC61ks9G+lLuX Hh6RYjbmVX4n3Wxkh65rhWu3tZmVvQ4l8L7NCCLBEsKG1MeNaI/+cs+hswnZT0TrZV ntQMB6QubijYg+v6Sh5hE1VOR/dlO291XoaKR0zLh54iuR25gi6pO+y+NLWMEL+Nit hs7lHfZmEGp7mmtbR5PnDI+N3hcqSX5+nUjpv/o4kZjJn8R2RLZu3SqxCSpXXnX7Rc 5UH9UaFD51BWQ== From: Jonathan Corbet To: Carlos Bilbao Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, ardb@kernel.org, kraxel@redhat.com, dovmurik@linux.ibm.com, elena.reshetova@intel.com, dave.hansen@linux.intel.com, Dhaval.Giani@amd.com, michael.day@amd.com, pavankumar.paluri@amd.com, David.Kaplan@amd.com, Reshma.Lal@amd.com, Jeremy.Powell@amd.com, sathyanarayanan.kuppuswamy@linux.intel.com, alexander.shishkin@linux.intel.com, thomas.lendacky@amd.com, tglx@linutronix.de, dgilbert@redhat.com, dinechin@redhat.com, linux-coco@lists.linux.dev, berrange@redhat.com, mst@redhat.com, tytso@mit.edu, jikos@kernel.org, joro@8bytes.org, leon@kernel.org, richard.weinberger@gmail.com, lukas@wunner.de, jejb@linux.ibm.com, cdupontd@redhat.com, jasowang@redhat.com, sameo@rivosinc.com, bp@alien8.de, seanjc@google.com, security@kernel.org, Larry Dewey , Greg Kroah-Hartman Subject: Re: [RESEND PATCH v4] docs: security: Confidential computing intro and threat model for x86 virtualization In-Reply-To: <98804f27-c2e7-74d6-d671-1eda927e19fe@amd.com> References: <20230905152656.1215119-1-carlos.bilbao@amd.com> <2023090537-undesired-junction-b325@gregkh> <4a25cfe8-39d7-1d0f-b89b-2d62bdb085c1@amd.com> <98804f27-c2e7-74d6-d671-1eda927e19fe@amd.com> Date: Sat, 23 Sep 2023 01:57:20 -0600 Message-ID: <87v8c15nkv.fsf@meer.lwn.net> Precedence: bulk X-Mailing-List: linux-coco@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain Carlos Bilbao writes: > Kernel developers working on confidential computing for virtualized > environments in x86 operate under a set of assumptions regarding the Linux > kernel threat model that differs from the traditional view. Historically, > the Linux threat model acknowledges attackers residing in userspace, as > well as a limited set of external attackers that are able to interact with > the kernel through networking or limited HW-specific exposed interfaces > (e.g. USB, thunderbolt). The goal of this document is to explain additional > attack vectors that arise in the virtualized confidential computing space. > > Reviewed-by: Larry Dewey > Reviewed-by: David Kaplan > Co-developed-by: Elena Reshetova > Signed-off-by: Elena Reshetova > Signed-off-by: Carlos Bilbao This patch was whitespace-corrupted (something wrapped the diff lines) making it hard to apply; I was able to fix it up and get git to swallow it. So applied, thanks. jon