From: Andi Kleen <ak@linux.intel.com>
To: Brijesh Singh <brijesh.singh@amd.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Dov Murik <dovmurik@linux.ibm.com>,
linux-efi@vger.kernel.org,
Tobin Feldman-Fitzthum <tobin@linux.ibm.com>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Jim Cadden <jcadden@ibm.com>,
James Bottomley <jejb@linux.ibm.com>,
Hubertus Franke <frankeh@us.ibm.com>,
Mike Rapoport <rppt@linux.ibm.com>,
Laszlo Ersek <lersek@redhat.com>,
Ashish Kalra <ashish.kalra@amd.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Ard Biesheuvel <ardb@kernel.org>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org,
Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@linux.intel.com>
Subject: Re: [RFC PATCH 0/3] Allow access to confidential computing secret area
Date: Fri, 21 May 2021 09:41:42 -0700 [thread overview]
Message-ID: <45842efd-7b6b-496f-d161-e5786760078d@linux.intel.com> (raw)
In-Reply-To: <c316c49c-03db-22e3-0072-ebaf3c7f2ca2@amd.com>
> The SEV-SNP attestation approach is very similar to what Andi described
> for the TDX. However, in the case of legacy SEV and ES, the attestation
> verification is performed before the guest is booted. In this case, the
> hyervisor puts the secret provided by the guest owner (after the
> attestation) at a fixed location. Dov's driver is simply reading that
> fixed location and making it available through the simple text file.
That's the same as our SVKL model.
The (not yet posted) driver is here:
https://github.com/intel/tdx/commit/62c2d9fae275d5bf50f869e8cfb71d2ca1f71363
We opted to use ioctls, with the idea that it should be just read and
cleared once to not let the secret lying around. Typically you would
just use it to set up dmcrypt or similar once. I think read-and-clear
with explicit operations is a better model than some virtual file
because of the security properties.
-Andi
next prev parent reply other threads:[~2021-05-21 16:41 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-13 6:26 [RFC PATCH 0/3] Allow access to confidential computing secret area Dov Murik
2021-05-13 6:26 ` [RFC PATCH 3/3] virt: Add sev_secret module to expose confidential computing secrets Dov Murik
2021-05-14 13:01 ` [RFC PATCH 0/3] Allow access to confidential computing secret area Brijesh Singh
2021-05-20 10:38 ` Dov Murik
2021-05-20 10:56 ` Dr. David Alan Gilbert
2021-05-20 22:02 ` Andi Kleen
2021-05-21 15:56 ` Brijesh Singh
2021-05-21 16:03 ` James Bottomley
2021-05-21 16:21 ` Brijesh Singh
2021-05-21 16:41 ` Andi Kleen [this message]
2021-05-24 12:08 ` Dr. David Alan Gilbert
2021-05-24 15:35 ` James Bottomley
2021-05-24 16:31 ` Andi Kleen
2021-05-24 17:12 ` James Bottomley
2021-06-08 19:48 ` Dov Murik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45842efd-7b6b-496f-d161-e5786760078d@linux.intel.com \
--to=ak@linux.intel.com \
--cc=ardb@kernel.org \
--cc=ashish.kalra@amd.com \
--cc=brijesh.singh@amd.com \
--cc=dgilbert@redhat.com \
--cc=dovmurik@linux.ibm.com \
--cc=frankeh@us.ibm.com \
--cc=jcadden@ibm.com \
--cc=jejb@linux.ibm.com \
--cc=jmorris@namei.org \
--cc=lersek@redhat.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=rppt@linux.ibm.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=serge@hallyn.com \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tobin@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).