lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2152f69f2127267fdcc5e5c7e7937177da699ab9.camel@intel.com>
Date:   Thu, 23 Mar 2023 22:15:37 +0000
From:   "Huang, Kai" <kai.huang@...el.com>
To:     "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "david@...hat.com" <david@...hat.com>
CC:     "Hansen, Dave" <dave.hansen@...el.com>,
        "Luck, Tony" <tony.luck@...el.com>,
        "bagasdotme@...il.com" <bagasdotme@...il.com>,
        "ak@...ux.intel.com" <ak@...ux.intel.com>,
        "Wysocki, Rafael J" <rafael.j.wysocki@...el.com>,
        "kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
        "Christopherson,, Sean" <seanjc@...gle.com>,
        "Chatre, Reinette" <reinette.chatre@...el.com>,
        "pbonzini@...hat.com" <pbonzini@...hat.com>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "Yamahata, Isaku" <isaku.yamahata@...el.com>,
        "linux-mm@...ck.org" <linux-mm@...ck.org>,
        "Shahar, Sagi" <sagis@...gle.com>,
        "imammedo@...hat.com" <imammedo@...hat.com>,
        "peterz@...radead.org" <peterz@...radead.org>,
        "Gao, Chao" <chao.gao@...el.com>,
        "Brown, Len" <len.brown@...el.com>,
        "sathyanarayanan.kuppuswamy@...ux.intel.com" 
        <sathyanarayanan.kuppuswamy@...ux.intel.com>,
        "Huang, Ying" <ying.huang@...el.com>,
        "Williams, Dan J" <dan.j.williams@...el.com>
Subject: Re: [PATCH v10 02/16] x86/virt/tdx: Detect TDX during kernel boot

On Thu, 2023-03-23 at 18:02 +0100, David Hildenbrand wrote:
> On 16.03.23 23:37, Huang, Kai wrote:
> > On Thu, 2023-03-16 at 13:48 +0100, David Hildenbrand wrote:
> > > On 06.03.23 15:13, Kai Huang wrote:
> > > > Intel Trust Domain Extensions (TDX) protects guest VMs from malicious
> > > > host and certain physical attacks.  A CPU-attested software module
> > > > called 'the TDX module' runs inside a new isolated memory range as a
> > > > trusted hypervisor to manage and run protected VMs.
> > > > 
> > > > Pre-TDX Intel hardware has support for a memory encryption architecture
> > > > called MKTME.  The memory encryption hardware underpinning MKTME is also
> > > > used for Intel TDX.  TDX ends up "stealing" some of the physical address
> > > > space from the MKTME architecture for crypto-protection to VMs.  The
> > > > BIOS is responsible for partitioning the "KeyID" space between legacy
> > > > MKTME and TDX.  The KeyIDs reserved for TDX are called 'TDX private
> > > > KeyIDs' or 'TDX KeyIDs' for short.
> > > > 
> > > > TDX doesn't trust the BIOS.  During machine boot, TDX verifies the TDX
> > > > private KeyIDs are consistently and correctly programmed by the BIOS
> > > > across all CPU packages before it enables TDX on any CPU core.  A valid
> > > > TDX private KeyID range on BSP indicates TDX has been enabled by the
> > > > BIOS, otherwise the BIOS is buggy.
> > > 
> 
> Sorry for the late reply!

Not late for me :)  Thanks!

[...]


> > > >    
> > > > +config INTEL_TDX_HOST
> > > > +	bool "Intel Trust Domain Extensions (TDX) host support"
> > > > +	depends on CPU_SUP_INTEL
> > > > +	depends on X86_64
> > > > +	depends on KVM_INTEL
> > > > +	help
> > > > +	  Intel Trust Domain Extensions (TDX) protects guest VMs from malicious
> > > > +	  host and certain physical attacks.  This option enables necessary TDX
> > > > +	  support in host kernel to run protected VMs.
> > > 
> > > s/in host/in the host/ ?
> > 
> > Sure.
> > 
> > > 
> > > Also, is "protected VMs" the right term to use here? "Encrypted VMs",
> > > "Confidential VMs" ... ?
> > 
> > "Encrypted VM" perhaps is not a good choice, because there are more things than
> > encryption.  I am also OK with "Confidential VMs", but "protected VMs" is also
> > used in the KVM series (not upstreamed yet), and also used by s390 by looking at
> > the git log.
> > 
> > So both "protected VM" and "confidential VM" work for me.
> > 
> > Not sure anyone else wants to comment?
> 
> I'm fine as long as it's used consistently. "Protected VM" would have 
> been the one out of the 3 alternatives that I have heard least frequently.
> > 

Yes I'll make sure it is used consistently.  Thanks!

I am also glad to change to "Confidential VMs" if anyone else believes it is
better.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ