Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp1037685rwr; Wed, 26 Apr 2023 09:20:20 -0700 (PDT) X-Google-Smtp-Source: AKy350ZWIvavSF2mppuF0n1FUpSrnUfBlUsbU4pLCvtUOC+EMkKyib5s2AhiAa9WoVzfGyYw5tBp X-Received: by 2002:a05:6a00:1396:b0:63d:24d0:2c32 with SMTP id t22-20020a056a00139600b0063d24d02c32mr31344752pfg.33.1682526020120; Wed, 26 Apr 2023 09:20:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682526020; cv=none; d=google.com; s=arc-20160816; b=pU5iEZkjFfwlAUYtUpkYsMJXWxo3SAmSYWOuW581B1dzRhgPR/Q7s1wSo6WZgvqzxT qKPlVSP6Wytf9C1nuW/NNnv0KcwKqc1eTdSB+BUDyVYB1aO9tm7GCBw5SaeC+5hkFzud wjxHa+Ly0w2OjfU1TiV3grQOjlDaz9Vbrw9+2Sks+H/lN56u0xR6xRyamWEjZPuPcTpf ShNB2sQVCiYyTAdgLfLhHEqqVT8RcSOkGthFiGkqH5UuPFrkfEdS2gV2i2wbuyFrXnoL iH26xC0eMKH8fZf3/zXOpOC9XqP1unE0bPTwsy5eH4dQ0JcGhmA3LW/ieTZLNEYRiVw8 gEbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=UOhh7PBmE0FMhbaVbxSvnruTMoKtaFfjJSq6v0FhcXc=; b=gK11QlUwKX2wxZlj+dPxO+1wqqDPEiBMTTuurduKlVHSx0r+v/Xl1Sjz/xoD/piQ/I 58OW4+JrgqinBPDMaUl9B65x/CmzWxPlDkCYOGrT6qjg+jUcYwjCDwPQgebo0GpcyVyV q67LkzYfi473dmMFp4Sfm0MI0I3kauH42Wn5sXULW8zERH7KEqrk7V17mR1vTVBcmB5/ 62tkpaY91U7pvHQL3pLzvnv3EZ0H8Ud16iRJ/HWm3sjt2QeplyFR730hfxSBDBJZ7Cfg nHqOvqqwJDNrinwLoMoGzNtX9jfZL9ytkb2aE5zejQzR6DK7iYSp04BRw2vxVXG7ByeW lyqg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=MZ4nIIJT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 7-20020a620507000000b006391322d3f8si16456438pff.375.2023.04.26.09.20.05; Wed, 26 Apr 2023 09:20:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=MZ4nIIJT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234484AbjDZQRI (ORCPT + 99 others); Wed, 26 Apr 2023 12:17:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35548 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240448AbjDZQRH (ORCPT ); Wed, 26 Apr 2023 12:17:07 -0400 Received: from mail-pf1-x44a.google.com (mail-pf1-x44a.google.com [IPv6:2607:f8b0:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 805CB2D44 for ; Wed, 26 Apr 2023 09:17:05 -0700 (PDT) Received: by mail-pf1-x44a.google.com with SMTP id d2e1a72fcca58-63b79d8043eso37880451b3a.0 for ; Wed, 26 Apr 2023 09:17:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1682525825; x=1685117825; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=UOhh7PBmE0FMhbaVbxSvnruTMoKtaFfjJSq6v0FhcXc=; b=MZ4nIIJTkzZdwLItB22MSQr876/ZCmOOTnCjOwMN3HdZZA2MBx0RasO5pEQ/Q/JWWd O3NitjTxiGvQdKCYmxRC9XFU68PNDyZBtslpXPysgDBVMUdXdMfgMmoIUzjdawjlEr2g qQFD2+bVu0nt4/Epppg59t1qLnYmXXAr8GqBCfXhZzFq8LVA8mzxpKkEYaGvTFX1WCdU u3Wgn6jcO4GlrBPeARgIe9BCGjk6FGCL2HNwRCAyyqtvc8xdH59S7McTdKDHbUBYZqmr Of+AcOL8IdXTBWVqOuVHuVeVNYqF9OcM9V9oG7yyhc/7SVtGpJ56+FscccIyl3JvKrJi bV2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682525825; x=1685117825; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=UOhh7PBmE0FMhbaVbxSvnruTMoKtaFfjJSq6v0FhcXc=; b=c6u2QElQzxCxU4U4VDMN8MBjvvr7EelF7SDpHKC9U0L0ozkwwI4vgK0ee3aI/uFMzj KETsxMNwW2HHgDPb29taa0/QDyr3wxm65EDrthVKm4PnwhBYQwpw9lnOlQVVVEvoIaiO /8xy+r5e6E3ZOSpl8I79TS+kX0ZDv1CQDV0TiT9XJFFpCPT6DtbnNUPHE2lxN/k3TWkD 42EK9VDjMJTgkCY5Twr1TTC8bkvjsVQVQM5Rh8kozbr2ttnhMmOks82XY3hAL1Kp4u8z 5cx7bjv8uRgBmSAWZkT3TZb9L6Wh/f7FXLelYTQznqZMY7YqlEGD1ARDneA3S26COMBK YjvA== X-Gm-Message-State: AC+VfDzdOLCb8eUR7UWj4BfmffHLDY0nhwidm1bI4uH2veNUNuevr6vl W5rj2ptUdovtvMnJm3K5OgzFV2HdmhY= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:44c9:b0:63d:24ea:4172 with SMTP id cv9-20020a056a0044c900b0063d24ea4172mr1075870pfb.1.1682525825009; Wed, 26 Apr 2023 09:17:05 -0700 (PDT) Date: Wed, 26 Apr 2023 09:17:03 -0700 In-Reply-To: <7502e1af0615c08167076ff452fc69ebf316c730.camel@linux.ibm.com> Mime-Version: 1.0 References: <20230327141816.2648615-1-carlos.bilbao@amd.com> <7502e1af0615c08167076ff452fc69ebf316c730.camel@linux.ibm.com> Message-ID: Subject: Re: [PATCH] docs: security: Confidential computing intro and threat model From: Sean Christopherson To: James Bottomley Cc: Elena Reshetova , Carlos Bilbao , "corbet@lwn.net" , "linux-doc@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "ardb@kernel.org" , "kraxel@redhat.com" , "dovmurik@linux.ibm.com" , "dave.hansen@linux.intel.com" , "Dhaval.Giani@amd.com" , "michael.day@amd.com" , "pavankumar.paluri@amd.com" , "David.Kaplan@amd.com" , "Reshma.Lal@amd.com" , "Jeremy.Powell@amd.com" , "sathyanarayanan.kuppuswamy@linux.intel.com" , "alexander.shishkin@linux.intel.com" , "thomas.lendacky@amd.com" , "tglx@linutronix.de" , "dgilbert@redhat.com" , "gregkh@linuxfoundation.org" , "dinechin@redhat.com" , "linux-coco@lists.linux.dev" , "berrange@redhat.com" , "mst@redhat.com" , "tytso@mit.edu" , "jikos@kernel.org" , "joro@8bytes.org" , "leon@kernel.org" , "richard.weinberger@gmail.com" , "lukas@wunner.de" , "cdupontd@redhat.com" , "jasowang@redhat.com" , "sameo@rivosinc.com" , "bp@alien8.de" , "security@kernel.org" , Andrew Bresticker , Rajnesh Kanwal , Dylan Reid , Ravi Sahita Content-Type: text/plain; charset="us-ascii" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 26, 2023, James Bottomley wrote: > On Wed, 2023-04-26 at 13:32 +0000, Reshetova, Elena wrote: > > > On Mon, Mar 27, 2023, Carlos Bilbao wrote: > [...] > > > > +provide stronger security guarantees to their clients (usually > > > > referred to +as tenants) by excluding all the CSP's > > > > infrastructure and SW out of the +tenant's Trusted Computing Base > > > > (TCB). > > > > > > This is inaccurate, the provider may still have software and/or > > > hardware in the TCB. > > > > Well, this is the end goal where we want to be, If by "we" you mean Intel and AMD, then yes, that is probably a true statement. But those goals have nothing to do with security. > > the practical deployment can differ of course. We can rephrase that it > > "allows to exclude all the CSP's infrastructure and SW out of tenant's > > TCB." > > That's getting even more inaccurate. To run in a Cloud with CoCo you > usually have to insert some provided code, like OVMF and, for AMD, the > SVSM. These are often customized by the CSP to suit the cloud > infrastructure, so you're running their code. The goal, I think, is to > make sure you only run code you trust (some of which may come from the > CSP) in your TCB, which is very different from the statement above. Yes. And taking things a step further, if we were to ask security concious users what they would choose to have in their TCB: (a) closed-source firmware written by a hardware vendor, or (b) open-source software that is provided by CSPs, I am betting the overwhelming majority would choose (b).