Re: [RESEND PATCH v4] docs: security: Confidential computing intro and threat model for x86 virtualization
From: Jonathan Corbet
Date: Sat Sep 23 2023 - 03:57:30 EST
Carlos Bilbao <carlos.bilbao@xxxxxxx> writes:
> Kernel developers working on confidential computing for virtualized
> environments in x86 operate under a set of assumptions regarding the Linux
> kernel threat model that differs from the traditional view. Historically,
> the Linux threat model acknowledges attackers residing in userspace, as
> well as a limited set of external attackers that are able to interact with
> the kernel through networking or limited HW-specific exposed interfaces
> (e.g. USB, thunderbolt). The goal of this document is to explain additional
> attack vectors that arise in the virtualized confidential computing space.
>
> Reviewed-by: Larry Dewey <larry.dewey@xxxxxxx>
> Reviewed-by: David Kaplan <david.kaplan@xxxxxxx>
> Co-developed-by: Elena Reshetova <elena.reshetova@xxxxxxxxx>
> Signed-off-by: Elena Reshetova <elena.reshetova@xxxxxxxxx>
> Signed-off-by: Carlos Bilbao <carlos.bilbao@xxxxxxx>
This patch was whitespace-corrupted (something wrapped the diff lines)
making it hard to apply; I was able to fix it up and get git to swallow
it. So applied, thanks.
jon