Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E74E9C54E94 for ; Wed, 25 Jan 2023 16:02:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235890AbjAYQCL (ORCPT ); Wed, 25 Jan 2023 11:02:11 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41854 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235872AbjAYQCJ (ORCPT ); Wed, 25 Jan 2023 11:02:09 -0500 Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 85EB25999F for ; Wed, 25 Jan 2023 08:02:07 -0800 (PST) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id E0BDB5C0193; Wed, 25 Jan 2023 11:02:06 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Wed, 25 Jan 2023 11:02:06 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov.name; h=cc:cc:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm1; t=1674662526; x=1674748926; bh=j9 m9IV7KjyIID3/ptK8lRPhHxapTw3RI8SIqS9Yoqlw=; b=hQolHntqwrbC7SuX0u Vq00jIE4bQzwk1jsBGFbtmlJ+UTOyLH1mVypUSXL/61li1NhrZbeUCe/DNDvJjer hfpOJ3aMu2lpPS99FbM2v0glOjIqxWpcgxU39ksgLAoqitSR5Li1TLRdg6qd4ifa +SlT/xoPsZoLfKQn9yFvE7RirciRN46BPLqC+K3xPJigVpxLKOhiMaJ4u/dw0Kms yYWiX8UDYNaalP2HfABBmWtQduUaqpR19Pz0CpJHn5f4jQPBnygGtFrFlei+3roD 22Vr1ibOc7jaOJu+rMjPArxaTxO25HZHT1VjIfhzWjDCbmDT6iHrbFRDCS4/22yg cfUg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1674662526; x=1674748926; bh=j9m9IV7KjyIID3/ptK8lRPhHxapT w3RI8SIqS9Yoqlw=; b=a5ZB8A2/2+6TdM7qUZmHs/pWQF2K2mHu2j+aLe9NmfDm 2nsoRI/gm4TdtvvKwvIj0BhjL9xv/NBvnC1a5JH7kM9ZTHHRsyaZXGOl9FhHBFN+ /VvUGWUwvF8xNvArMknd/DmaQSzlSlGwDB2THYaxJUsDNOytnWuzXQ081/ijFFUe 1Y3Ac24i9DLfPpTEqqSa7Rg46SKAM+7CWQN8B45i/18k0QiKQdrvljmgjQwV7O3S SqAFw7KwCLaDrJI0oUFNco6QA2IPYYmL4nfHp9OP1MJXqLnDYFAH5STENIsmzLRi dvzoy75dXF9jNA5ShxhoXuBCDT4JmnCwrJD8Mxwe9A== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedruddvvddgkeegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvfevuffkfhggtggujgesthdttddttddtvdenucfhrhhomhepfdfmihhr ihhllhcutedrucfuhhhuthgvmhhovhdfuceokhhirhhilhhlsehshhhuthgvmhhovhdrnh grmhgvqeenucggtffrrghtthgvrhhnpefhieeghfdtfeehtdeftdehgfehuddtvdeuheet tddtheejueekjeegueeivdektdenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmh epmhgrihhlfhhrohhmpehkihhrihhllhesshhhuhhtvghmohhvrdhnrghmvg X-ME-Proxy: Feedback-ID: ie3994620:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 25 Jan 2023 11:02:04 -0500 (EST) Received: by box.shutemov.name (Postfix, from userid 1000) id 30AFB10BDFE; Wed, 25 Jan 2023 19:02:03 +0300 (+03) Date: Wed, 25 Jan 2023 19:02:03 +0300 From: "Kirill A. Shutemov" To: "Michael S. Tsirkin" Cc: Greg Kroah-Hartman , "Dr. David Alan Gilbert" , "Reshetova, Elena" , "Shishkin, Alexander" , "Shutemov, Kirill" , "Kuppuswamy, Sathyanarayanan" , "Kleen, Andi" , "Hansen, Dave" , Thomas Gleixner , Peter Zijlstra , "Wunner, Lukas" , Mika Westerberg , Jason Wang , "Poimboe, Josh" , "aarcange@redhat.com" , Cfir Cohen , Marc Orr , "jbachmann@google.com" , "pgonda@google.com" , "keescook@chromium.org" , James Morris , Michael Kelley , "Lange, Jon" , "linux-coco@lists.linux.dev" , Linux Kernel Mailing List Subject: Re: Linux guest kernel threat model for Confidential Computing Message-ID: <20230125160203.z4ttwlgclfd54pc6@box.shutemov.name> References: <20230125103816-mutt-send-email-mst@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230125103816-mutt-send-email-mst@kernel.org> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jan 25, 2023 at 10:45:48AM -0500, Michael S. Tsirkin wrote: > On Wed, Jan 25, 2023 at 04:16:02PM +0100, Greg Kroah-Hartman wrote: > > Everyone wants a subset, different from other's subset, which means you > > need them all. Sorry. > > Well if there's a very popular system (virtual in this case) that needs > a specific config to work well, then I guess > arch/x86/configs/ccguest.config or whatever might be acceptable, no? > Lots of precedent here. OS vendors want the single kernel that fits all sizes: it should be possible (and secure) to run a generic disto kernel within TDX/SEV guest. -- Kiryl Shutsemau / Kirill A. Shutemov