Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts

From: Michael S. Tsirkin
Date: Wed Oct 20 2021 - 02:56:37 EST

Next message: Vinod Koul: "Re: [PATCH v2 06/11] drm/msm/disp/dpu1: Don't use DSC with mode_3d"
Previous message: Boris Brezillon: "Re: [PATCH 0/3] mtd: core: protect access to mtd devices while in suspend"
In reply to: Jason Wang: "Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 20, 2021 at 09:33:49AM +0800, Jason Wang wrote:
> > In my own opinion, the threat model is:
> >
> > Attacker: 'malicious' hypervisor
> >
> > Victim: VM with SEV/TDX/SGX
> >
> > The attacker should not be able to steal secure/private data from VM, when the
> > hypervisor's action is unexpected. DoS is out of the scope.
> >
> > My concern is: it is very hard to clearly explain in the patchset how the
> > hypervisor is able to steal VM's data, by setting queue=0 or injecting unwanted
> > interrupts to VM.
>
> Yes, it's a hard question but instead of trying to answer that, we can
> just fix the case of e.g unexpected interrupts.
>
> Thanks

I think this it's still early days for TDX. So it's a bit early to talk
about threat models, start opening CVEs and distinguishing between
security and non-security bugs.

--
MST

Next message: Vinod Koul: "Re: [PATCH v2 06/11] drm/msm/disp/dpu1: Don't use DSC with mode_3d"
Previous message: Boris Brezillon: "Re: [PATCH 0/3] mtd: core: protect access to mtd devices while in suspend"
In reply to: Jason Wang: "Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]