lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 2 Oct 2021 13:14:31 +0200
From:   Greg Kroah-Hartman <>
To:     "Michael S. Tsirkin" <>
Cc:     Andi Kleen <>,
        "Kuppuswamy, Sathyanarayanan" 
        Dan Williams <>,
        Borislav Petkov <>, X86 ML <>,
        Bjorn Helgaas <>,
        Thomas Gleixner <>,
        Ingo Molnar <>,
        Andreas Noever <>,
        Michael Jamet <>,
        Yehezkel Bernat <>,
        "Rafael J . Wysocki" <>,
        Mika Westerberg <>,
        Jonathan Corbet <>,
        Jason Wang <>,
        Kuppuswamy Sathyanarayanan <>,
        Linux Kernel Mailing List <>,
        Linux PCI <>,
        USB list <>,,
        "Reshetova, Elena" <>
Subject: Re: [PATCH v2 4/6] virtio: Initialize authorized attribute for
 confidential guest

On Sat, Oct 02, 2021 at 07:04:28AM -0400, Michael S. Tsirkin wrote:
> On Fri, Oct 01, 2021 at 08:49:28AM -0700, Andi Kleen wrote:
> > >   Do you have a list of specific drivers and kernel options that you
> > > feel you now "trust"?
> > 
> > For TDX it's currently only virtio net/block/console
> > 
> > But we expect this list to grow slightly over time, but not at a high rate
> > (so hopefully <10)
> Well there are already >10 virtio drivers and I think it's reasonable
> that all of these will be used with encrypted guests. The list will
> grow.

What is keeping "all" drivers from being on this list?  How exactly are
you determining what should, and should not, be allowed?  How can
drivers move on, or off, of it over time?

And why not just put all of that into userspace and have it pick and
choose?  That should be the end-goal here, you don't want to encode
policy like this in the kernel, right?


greg k-h

Powered by blists - more mailing lists