| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7502e1af0615c08167076ff452fc69ebf316c730.camel@linux.ibm.com>
Date: Wed, 26 Apr 2023 11:18:03 -0400
From: James Bottomley <jejb@...ux.ibm.com>
To: "Reshetova, Elena" <elena.reshetova@...el.com>,
"Christopherson, , Sean" <seanjc@...gle.com>,
Carlos Bilbao <carlos.bilbao@....com>
Cc: "corbet@....net" <corbet@....net>,
"linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"ardb@...nel.org" <ardb@...nel.org>,
"kraxel@...hat.com" <kraxel@...hat.com>,
"dovmurik@...ux.ibm.com" <dovmurik@...ux.ibm.com>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"Dhaval.Giani@....com" <Dhaval.Giani@....com>,
"michael.day@....com" <michael.day@....com>,
"pavankumar.paluri@....com" <pavankumar.paluri@....com>,
"David.Kaplan@....com" <David.Kaplan@....com>,
"Reshma.Lal@....com" <Reshma.Lal@....com>,
"Jeremy.Powell@....com" <Jeremy.Powell@....com>,
"sathyanarayanan.kuppuswamy@...ux.intel.com"
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
"alexander.shishkin@...ux.intel.com"
<alexander.shishkin@...ux.intel.com>,
"thomas.lendacky@....com" <thomas.lendacky@....com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"dgilbert@...hat.com" <dgilbert@...hat.com>,
"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
"dinechin@...hat.com" <dinechin@...hat.com>,
"linux-coco@...ts.linux.dev" <linux-coco@...ts.linux.dev>,
"berrange@...hat.com" <berrange@...hat.com>,
"mst@...hat.com" <mst@...hat.com>, "tytso@....edu" <tytso@....edu>,
"jikos@...nel.org" <jikos@...nel.org>,
"joro@...tes.org" <joro@...tes.org>,
"leon@...nel.org" <leon@...nel.org>,
"richard.weinberger@...il.com" <richard.weinberger@...il.com>,
"lukas@...ner.de" <lukas@...ner.de>,
"cdupontd@...hat.com" <cdupontd@...hat.com>,
"jasowang@...hat.com" <jasowang@...hat.com>,
"sameo@...osinc.com" <sameo@...osinc.com>,
"bp@...en8.de" <bp@...en8.de>,
"security@...nel.org" <security@...nel.org>,
Andrew Bresticker <abrestic@...osinc.com>,
Rajnesh Kanwal <rkanwal@...osinc.com>,
Dylan Reid <dylan@...osinc.com>,
Ravi Sahita <ravi@...osinc.com>
Subject: Re: [PATCH] docs: security: Confidential computing intro and threat
model
On Wed, 2023-04-26 at 13:32 +0000, Reshetova, Elena wrote:
> > On Mon, Mar 27, 2023, Carlos Bilbao wrote:
[...]
> > > +provide stronger security guarantees to their clients (usually
> > > referred to +as tenants) by excluding all the CSP's
> > > infrastructure and SW out of the +tenant's Trusted Computing Base
> > > (TCB).
> >
> > This is inaccurate, the provider may still have software and/or
> > hardware in the TCB.
>
> Well, this is the end goal where we want to be, the practical
> deployment can differ of course. We can rephrase that it "allows to
> exclude all the CSP's infrastructure and SW out of tenant's TCB."
That's getting even more inaccurate. To run in a Cloud with CoCo you
usually have to insert some provided code, like OVMF and, for AMD, the
SVSM. These are often customized by the CSP to suit the cloud
infrastructure, so you're running their code. The goal, I think, is to
make sure you only run code you trust (some of which may come from the
CSP) in your TCB, which is very different from the statement above.
James
Powered by blists - more mailing lists