Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C1F64C27C76 for ; Wed, 25 Jan 2023 20:14:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235053AbjAYUOW (ORCPT ); Wed, 25 Jan 2023 15:14:22 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51120 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230257AbjAYUOU (ORCPT ); Wed, 25 Jan 2023 15:14:20 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AC0D65D104 for ; Wed, 25 Jan 2023 12:14:07 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 1C835615F4 for ; Wed, 25 Jan 2023 20:14:05 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id BC1DEC433EF; Wed, 25 Jan 2023 20:13:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1674677644; bh=IIhQ2n4TFirL+HSKieunuuAJKTG6lyOUEfvKpLkA6RY=; h=Date:From:To:cc:Subject:In-Reply-To:References:From; b=Z95VHzexg+FPTfcsXE0wheQ27L7rLHS41DjEWooE1eUKAjCZhqI8F/nbN97jk3V4x P2sXJTiAOaOggw7DpwJA01j+HZ6O0gURSCIvfe5WjfttKkgt84REmMqjhg9/asl2E9 ERLLaTDPV0XqLJEpurv00UY7PRbGRzwo1lbj26n62tOKtvHWybsNux/xPR2rO1+YUy cjl+g2mGWiHNYXyygwc/DQNclePsnNb8k1Qng8KU/eYYHTfZvWAFChzodwp47Bp8HB P0SF3AqK9Z0Wcx29vFQxnfjzxvvDXJrsY1GQh+WXJRkezZGTJLdvovbakekepJXvW+ RroFnbplyCBCA== Date: Wed, 25 Jan 2023 21:13:56 +0100 (CET) From: Jiri Kosina To: Greg Kroah-Hartman cc: "Dr. David Alan Gilbert" , "Reshetova, Elena" , "Shishkin, Alexander" , "Shutemov, Kirill" , "Kuppuswamy, Sathyanarayanan" , "Kleen, Andi" , "Hansen, Dave" , Thomas Gleixner , Peter Zijlstra , "Wunner, Lukas" , Mika Westerberg , "Michael S. Tsirkin" , Jason Wang , "Poimboe, Josh" , "aarcange@redhat.com" , Cfir Cohen , Marc Orr , "jbachmann@google.com" , "pgonda@google.com" , "keescook@chromium.org" , James Morris , Michael Kelley , "Lange, Jon" , "linux-coco@lists.linux.dev" , Linux Kernel Mailing List Subject: Re: Linux guest kernel threat model for Confidential Computing In-Reply-To: Message-ID: References: User-Agent: Alpine 2.21 (LRH 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 25 Jan 2023, Greg Kroah-Hartman wrote: > How do you trust you got real data on the disk? On the network? Those > are coming from the host, how is any of that data to be trusted? Where > does the trust stop and why? This is all well described in AMD SEV-SNP documentation, see page 5 of [1]. All the external devices are treated as untrusted in that model. [1] https://www.amd.com/system/files/TechDocs/SEV-SNP-strengthening-vm-isolation-with-integrity-protection-and-more.pdf -- Jiri Kosina SUSE Labs