From: Randy Dunlap <rdunlap@infradead.org>
To: Carlos Bilbao <carlos.bilbao@amd.com>, corbet@lwn.net
Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
ardb@kernel.org, kraxel@redhat.com, dovmurik@linux.ibm.com,
elena.reshetova@intel.com, dave.hansen@linux.intel.com,
Dhaval.Giani@amd.com, michael.day@amd.com,
pavankumar.paluri@amd.com, David.Kaplan@amd.com,
Reshma.Lal@amd.com, Jeremy.Powell@amd.com,
sathyanarayanan.kuppuswamy@linux.intel.com,
alexander.shishkin@linux.intel.com, thomas.lendacky@amd.com,
tglx@linutronix.de, dgilbert@redhat.com,
gregkh@linuxfoundation.org, dinechin@redhat.com,
linux-coco@lists.linux.dev, berrange@redhat.com, mst@redhat.com,
tytso@mit.edu, jikos@kernel.org, joro@8bytes.org,
leon@kernel.org, richard.weinberger@gmail.com, lukas@wunner.de,
jejb@linux.ibm.com, cdupontd@redhat.com, jasowang@redhat.com,
sameo@rivosinc.com, bp@alien8.de, seanjc@google.com,
security@kernel.org, Larry Dewey <larry.dewey@amd.com>
Subject: Re: [PATCH v2] docs: security: Confidential computing intro and threat model for x86 virtualization
Date: Wed, 14 Jun 2023 08:06:06 -0700 [thread overview]
Message-ID: <4bde30cd-3ec6-bacd-5d92-1b52489a8c48@infradead.org> (raw)
In-Reply-To: <902093e0-dd44-d542-363d-06367a533fce@amd.com>
Hi Carlos,
On 6/14/23 06:55, Carlos Bilbao wrote:
> Hello Randy,
>
> On 6/12/23 17:43, Randy Dunlap wrote:
>> Hi--
>>
>> On 6/12/23 09:47, Carlos Bilbao wrote:
>>> Kernel developers working on confidential computing for virtualized
>>> environments in x86 operate under a set of assumptions regarding the Linux
>>> kernel threat model that differs from the traditional view. Historically,
>>> the Linux threat model acknowledges attackers residing in userspace, as
>>> well as a limited set of external attackers that are able to interact with
>>> the kernel through networking or limited HW-specific exposed interfaces
>>> (e.g. USB, thunderbolt). The goal of this document is to explain additional
>>> attack vectors that arise in the virtualized confidential computing space
>>> and discuss the proposed protection mechanisms for the Linux kernel.
>>>
>>> Reviewed-by: Larry Dewey <larry.dewey@amd.com>
>>> Reviewed-by: David Kaplan <david.kaplan@amd.com>
>>> Co-developed-by: Elena Reshetova <elena.reshetova@intel.com>
>>> Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
>>> Signed-off-by: Carlos Bilbao <carlos.bilbao@amd.com>
>>> ---
>>>
>>> ---
>>> Documentation/security/index.rst | 1 +
>>> .../security/x86-confidential-computing.rst | 298 ++++++++++++++++++
>>> MAINTAINERS | 6 +
>>> 3 files changed, 305 insertions(+)
>>> create mode 100644 Documentation/security/x86-confidential-computing.rst
>>>
>>> diff --git a/Documentation/security/x86-confidential-computing.rst b/Documentation/security/x86-confidential-computing.rst
>>> new file mode 100644
>>> index 000000000000..5c52b8888089
>>> --- /dev/null
>>> +++ b/Documentation/security/x86-confidential-computing.rst
>>> @@ -0,0 +1,298 @@
>>> +======================================================
>>> +Confidential Computing in Linux for x86 virtualization
>>> +======================================================
>>> +
>>> +.. contents:: :local:
>>> +
>>> +By: Elena Reshetova <elena.reshetova@intel.com> and Carlos Bilbao <carlos.bilbao@amd.com>
>>> +
>>> +The basic CoCo guest layout includes the host, guest, the interfaces that
>>> +communicate guest and host, a platform capable of supporting CoCo VMs, and
>>> +a trusted intermediary between the guest VM and the underlying platform
>>> +that acts as a security manager. The host-side virtual machine monitor
>>> +(VMM) typically consists of a subset of traditional VMM features and
>>> +is still in charge of the guest lifecycle, i.e. create or destroy a CoCo
>>> +VM, manage its access to system resources, etc. However, since it
>>> +typically stays out of CoCo VM TCB, its access is limited to preserve the
>>
>> to preserving the
>> ?
>
> I think that using "preserving" and "preserve" here may result in two
> different interpretations:
>
> "limited to preserve the security objectives" suggests that the limited
> access is enforced to preserve the security guarantees. In other words, the
> act of limiting access itself, particularly from the VMM, helps to maintain
> the security objectives. This is what we want to say.
>
> "limited to preserving the security objectives" suggests that the access of
> the VMM is limited to the components that allow the VMM to preserve the
> security objectives.
>
> Hope that makes sense?
Yes, I get it, thanks.
>>
>>> +security objectives.
>>> +
>>> +In the following diagram, the "<--->" lines represent bi-directional
>>> +communication channels or interfaces between the CoCo security manager and
>>> +the rest of the components (data flow for guest, host, hardware) ::
>>> +
>>> + +-------------------+ +-----------------------+
>>> + | CoCo guest VM |<---->| |
>>> + +-------------------+ | |
>>> + | Interfaces | | CoCo security manager |
>>> + +-------------------+ | |
>>> + | Host VMM |<---->| |
>>> + +-------------------+ | |
>>> + | |
>>> + +--------------------+ | |
>>> + | CoCo platform |<--->| |
>>> + +--------------------+ +-----------------------+
>>> +
>>> +The specific details of the CoCo security manager vastly diverge between
>>> +technologies. For example, in some cases, it will be implemented in HW
>>> +while in others it may be pure SW. In some cases, such as for the
>>> +`Protected kernel-based virtual machine (pKVM) <https://github.com/intel-staging/pKVM-IA>`,
>>> +the CoCo security manager is a small, isolated and highly privileged
>>> +(compared to the rest of SW running on the host) part of a traditional
>>> +VMM.
>>> +
>>> +Confidential Computing threat model and its security objectives
>>> +===============================================================
>>> +
>>> +Confidential Computing adds a new type of attacker to the above list: a
>>> +potentially misbehaving host (which can also include some part of a
>>> +traditional VMM or all of it), which is typically placed outside of the
>>> +CoCo VM TCB due to its large SW attack surface. It is important to note
>>> +that this doesn’t imply that the host or VMM are intentionally
>>> +malicious, but that there exists a security value in having a small CoCo
>>> +VM TCB. This new type of adversary may be viewed as a more powerful type
>>> +of external attacker, as it resides locally on the same physical machine
>>> +-in contrast to a remote network attacker- and has control over the guest
>>
>> Hyphens (dashes) are not normally used for a parenthetical phrase AFAIK.
>
> Yes, parentheses would be more appropriate.
>
>>
>>> +kernel communication with most of the HW::
>>
>> I would prefer to capitalize "kernel" above.
>
> I'm not sure I follow, we don't capitalize kernel elsewhere, why here?
>
My mistake in reading. :(
Thanks.
--
~Randy
next prev parent reply other threads:[~2023-06-14 15:06 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-12 16:47 [PATCH v2] docs: security: Confidential computing intro and threat model for x86 virtualization Carlos Bilbao
2023-06-12 22:43 ` Randy Dunlap
2023-06-14 13:55 ` Carlos Bilbao
2023-06-14 15:06 ` Randy Dunlap [this message]
2023-06-13 17:03 ` Sean Christopherson
2023-06-14 7:37 ` Reshetova, Elena
2023-06-14 14:15 ` Sean Christopherson
2023-06-16 12:36 ` Dmytro Maluka
2023-06-16 13:56 ` Sean Christopherson
2023-06-16 14:09 ` Allen Webb
2023-06-16 14:42 ` Sean Christopherson
2023-06-16 15:16 ` Allen Webb
2023-06-17 18:15 ` Dmytro Maluka
2023-06-16 15:31 ` Dmytro Maluka
2023-06-16 18:07 ` Sean Christopherson
2023-06-17 17:43 ` Dmytro Maluka
2023-06-19 11:23 ` Reshetova, Elena
2023-06-19 15:03 ` Dmytro Maluka
2023-06-16 12:24 ` Dmytro Maluka
2023-06-16 14:20 ` Sean Christopherson
2023-06-16 15:36 ` Dmytro Maluka
2023-06-22 14:32 ` Carlos Bilbao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4bde30cd-3ec6-bacd-5d92-1b52489a8c48@infradead.org \
--to=rdunlap@infradead.org \
--cc=David.Kaplan@amd.com \
--cc=Dhaval.Giani@amd.com \
--cc=Jeremy.Powell@amd.com \
--cc=Reshma.Lal@amd.com \
--cc=alexander.shishkin@linux.intel.com \
--cc=ardb@kernel.org \
--cc=berrange@redhat.com \
--cc=bp@alien8.de \
--cc=carlos.bilbao@amd.com \
--cc=cdupontd@redhat.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=dgilbert@redhat.com \
--cc=dinechin@redhat.com \
--cc=dovmurik@linux.ibm.com \
--cc=elena.reshetova@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=jasowang@redhat.com \
--cc=jejb@linux.ibm.com \
--cc=jikos@kernel.org \
--cc=joro@8bytes.org \
--cc=kraxel@redhat.com \
--cc=larry.dewey@amd.com \
--cc=leon@kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=michael.day@amd.com \
--cc=mst@redhat.com \
--cc=pavankumar.paluri@amd.com \
--cc=richard.weinberger@gmail.com \
--cc=sameo@rivosinc.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=security@kernel.org \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.