Re: [PATCH v2 4/6] virtio: Initialize authorized attribute for confidential guest
From: Kuppuswamy, Sathyanarayanan
Date: Thu Sep 30 2021 - 11:18:59 EST
On 9/30/21 6:36 AM, Dan Williams wrote:
And in particular, not all virtio drivers are hardened -
I think at this point blk and scsi drivers have been hardened - so
treating them all the same looks wrong.
My understanding was that they have been audited, Sathya?
Yes, AFAIK, it has been audited. Andi also submitted some patches
related to it. Andi, can you confirm.
We also authorize the virtio at PCI ID level. And currently we allow
console, block and net virtio PCI devices.
{ PCI_DEVICE(PCI_VENDOR_ID_REDHAT_QUMRANET, VIRTIO_TRANS_ID_NET) },
{ PCI_DEVICE(PCI_VENDOR_ID_REDHAT_QUMRANET, VIRTIO_TRANS_ID_BLOCK) },
{ PCI_DEVICE(PCI_VENDOR_ID_REDHAT_QUMRANET, VIRTIO_TRANS_ID_CONSOLE) },
--
Sathyanarayanan Kuppuswamy
Linux Kernel Developer