Re: Linux guest kernel threat model for Confidential Computing

[Jason Wang]

在 2023/2/1 19:01, Michael S. Tsirkin 写道:
> On Wed, Feb 01, 2023 at 11:52:27AM +0100, Christophe de Dinechin Dupont de Dinechin wrote:
> > > On 31 Jan 2023, at 18:39, Michael S. Tsirkin <mst@xxxxxxxxxx> wrote:
> > >
> > > On Tue, Jan 31, 2023 at 04:14:29PM +0100, Christophe de Dinechin wrote:
> > > > Finally, security considerations that apply irrespective of whether the
> > > > platform is confidential or not are also outside of the scope of this
> > > > document. This includes topics ranging from timing attacks to social
> > > > engineering.
> > > Why are timing attacks by hypervisor on the guest out of scope?
> > Good point.
> >
> > I was thinking that mitigation against timing attacks is the same
> > irrespective of the source of the attack. However, because the HV
> > controls CPU time allocation, there are presumably attacks that
> > are made much easier through the HV. Those should be listed.
> Not just that, also because it can and does emulate some devices.
> For example, are disk encryption systems protected against timing of
> disk accesses?
> This is why some people keep saying "forget about emulated devices, require
> passthrough, include devices in the trust zone".


One problem is that the device could be yet another emulated one that is 
running in the SmartNIC/DPU itself.

Thanks