| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <fc31d2a9-ee56-f114-857e-310c4f4d7d4f@linux.ibm.com>
Date: Fri, 8 Oct 2021 08:40:14 +0300
From: Dov Murik <dovmurik@...ux.ibm.com>
To: "Dr. David Alan Gilbert" <dgilbert@...hat.com>,
Dave Hansen <dave.hansen@...el.com>
Cc: linux-efi@...r.kernel.org, Borislav Petkov <bp@...e.de>,
Ashish Kalra <ashish.kalra@....com>,
Brijesh Singh <brijesh.singh@....com>,
Tom Lendacky <thomas.lendacky@....com>,
Ard Biesheuvel <ardb@...nel.org>,
James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>,
Andi Kleen <ak@...ux.intel.com>,
Greg KH <gregkh@...uxfoundation.org>,
Andrew Scull <ascull@...gle.com>,
James Bottomley <jejb@...ux.ibm.com>,
Tobin Feldman-Fitzthum <tobin@...ux.ibm.com>,
Jim Cadden <jcadden@....com>,
Daniele Buono <dbuono@...ux.vnet.ibm.com>,
linux-coco@...ts.linux.dev, linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, Dov Murik <dovmurik@...ux.ibm.com>
Subject: Re: [PATCH v2 4/4] virt: Add sev_secret module to expose confidential
computing secrets
Thanks Dave and Dave for reviewing this.
On 07/10/2021 19:17, Dr. David Alan Gilbert wrote:
> * Dave Hansen (dave.hansen@...el.com) wrote:
>> On 10/6/21 11:18 PM, Dov Murik wrote:
>>> +static int sev_secret_map_area(void)
>>> +{
>>> + struct sev_secret *s = sev_secret_get();
>>> + struct linux_efi_coco_secret_area *secret_area;
>>> + u32 secret_area_size;
>>> +
>>> + if (efi.coco_secret == EFI_INVALID_TABLE_ADDR) {
>>> + pr_err("Secret area address is not available\n");
>>> + return -EINVAL;
>>> + }
>>> +
>>> + secret_area = memremap(efi.coco_secret, sizeof(*secret_area), MEMREMAP_WB);
>>> + if (secret_area == NULL) {
>>> + pr_err("Could not map secret area header\n");
>>> + return -ENOMEM;
>>> + }
>>
>> There doesn't seem to be anything truly SEV-specific in here at all.
>> Isn't this more accurately called "efi_secret" or something? What's to
>> prevent Intel or an ARM vendor from implementing this?
>
> I don't think anything; although the last discussion I remember on list
> with Intel was that Intel preferred some interface with an ioctl to read
> the secrets and stuff. I'm not quite sure if the attestation/secret
> delivery order makes sense with TDX, but if it does, then if you could
> persuade someone to standardise on this it would be great.
>
I agree that this series doesn't have any SEV-specific stuff in it; in
fact, I wrote in the cover letter:
+++
This has been tested with AMD SEV and SEV-ES guests, but the kernel side
of handling the secret area has no SEV-specific dependencies, and
therefore might be usable (perhaps with minor changes) for any
confidential computing hardware that can publish the secret area via the
standard EFI config table entry.
+++
However, in previous rounds Boris said [1] that if it's only
hypothetical support for other platforms, I should add a
"depends on AMD_MEM_ENCRYPT" clause. Boris, can you please share your view?
I'm indeed in favor of making this more generic (efi_secret sounds
good), allowing for future support for other early-boot secret injection
mechanisms.
[1] https://lore.kernel.org/linux-coco/YNojYBIwk0xCHQ0v@zn.tnic/
-Dov
Powered by blists - more mailing lists