Re: Linux guest kernel threat model for Confidential Computing
From: Michael S. Tsirkin
Date: Thu Jan 26 2023 - 11:33:52 EST
On Thu, Jan 26, 2023 at 04:44:49PM +0100, Lukas Wunner wrote:
> Obviously the host can DoS guest access to the device by modifying
> exchanged messages, but there are much simpler ways for it to
> do that, say, by clearing Bus Master Enable or Memory Space Enable
> bits in the Command Register.
There's a single key per guest though, isn't it? Also used
for regular memory?
--
MST