Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp115678rdh;
        Sat, 23 Sep 2023 04:01:29 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IHq7qP2pIB1K0uICmFGtecY79Z5szU8D1BiRsdMHrvA44vad/bU+NMKdRdvh29rZHq86iXv
X-Received: by 2002:a05:6358:5916:b0:143:82e0:8cbc with SMTP id g22-20020a056358591600b0014382e08cbcmr2066364rwf.1.1695466889185;
        Sat, 23 Sep 2023 04:01:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1695466889; cv=none;
        d=google.com; s=arc-20160816;
        b=zT27hRJlfb+95m519bMEUqlB7298mF8CuWYgypDunN2yYD1rABtO8A8kqVNoyHyz8u
         PzNPPklOQEAr273IICzbayl3oEfxVZWylI4ysufmlXQH+xtdai2QF28Zf/zs4PDhNXr2
         l5X7jSK8ImEybGP00FWZZ7Z4wUOYfuBITkaS5/YIBNJ6WqM6195HnhQEKTTM46qAKUCT
         QRO28VtEGpYTUYMTnlYWSg3e89QlRWwzl658dfiysYCRyGsMCDZk/PNO6xPaWMO0HkWl
         cYDKshhlCY6wcYAMQ4ARO9lJaP1mzztkrSe+Cn96/TggFlF+8N7fdE/hyF4dpoWDVD/4
         lQiA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:mime-version:message-id:date:references
         :in-reply-to:subject:cc:to:from:dkim-signature:dkim-filter;
        bh=mfkLM1mZ6patzZykKGGUczfcmlxw34HJH6wQWGJWhEI=;
        fh=qOaQGNDUjQMfAZrqHTS/lgUfTbMLeBduhyTnAYonbj8=;
        b=NeH+oLd5Oe6rZTZGr4hbGMWmblZSZCBkDzygz6V6Vmfwa4+zACnHWq1B8QCHS0Wp/7
         WoOOd5eA3gmD87kWNsbphwHiHbdwlEaW4GsMcNNYqgCaVwOdzgV+0zrcKLwRAd90uzar
         F4JEHtalluYuWUI8/KDxGGDHbojlmuc9/c5dz1YtQsQYVaQ11gwrXUM7ntU4f5dJiMPi
         hARQSFI+9ZFq8PERtYPII3LwQPpaTwFuKzHI9iohsAnnjDlA33TeA2ymCg8hvrlGf963
         r0YkHyJbSc0bKGlL+oMfiuX6/GM6WJYWfQu+M3OmlGAiHMNCaVhNvTMWB+5cf0I5S/RO
         cWgg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@lwn.net header.s=20201203 header.b=ORgfQWMB;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from morse.vger.email (morse.vger.email. [2620:137:e000::3:1])
        by mx.google.com with ESMTPS id x4-20020a63db44000000b005775c7e503csi3557637pgi.116.2023.09.23.04.01.28
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 23 Sep 2023 04:01:29 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) client-ip=2620:137:e000::3:1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@lwn.net header.s=20201203 header.b=ORgfQWMB;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by morse.vger.email (Postfix) with ESMTP id A69CC83BDCEB;
	Sat, 23 Sep 2023 00:57:31 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230334AbjIWH5b (ORCPT <rfc822;bharatb.linux@gmail.com>
        + 99 others); Sat, 23 Sep 2023 03:57:31 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33872 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230114AbjIWH5a (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 23 Sep 2023 03:57:30 -0400
Received: from ms.lwn.net (ms.lwn.net [IPv6:2600:3c01:e000:3a1::42])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73575197;
        Sat, 23 Sep 2023 00:57:24 -0700 (PDT)
Received: from localhost (unknown [217.144.90.202])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ms.lwn.net (Postfix) with ESMTPSA id 8CDA0383;
        Sat, 23 Sep 2023 07:57:23 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 ms.lwn.net 8CDA0383
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lwn.net; s=20201203;
        t=1695455844; bh=mfkLM1mZ6patzZykKGGUczfcmlxw34HJH6wQWGJWhEI=;
        h=From:To:Cc:Subject:In-Reply-To:References:Date:From;
        b=ORgfQWMBvcaonPYu9FXssg1eETcs/C+oNsQNKobql3vJImfFeyEdqnjoPAOMydwEX
         uUN7e6ob3s9xvarSqsvfLw48K+gDBY5u5LEGPp9koqipZy6HhAuk9NC61ks9G+lLuX
         Hh6RYjbmVX4n3Wxkh65rhWu3tZmVvQ4l8L7NCCLBEsKG1MeNaI/+cs+hswnZT0TrZV
         ntQMB6QubijYg+v6Sh5hE1VOR/dlO291XoaKR0zLh54iuR25gi6pO+y+NLWMEL+Nit
         hs7lHfZmEGp7mmtbR5PnDI+N3hcqSX5+nUjpv/o4kZjJn8R2RLZu3SqxCSpXXnX7Rc
         5UH9UaFD51BWQ==
From:   Jonathan Corbet <corbet@lwn.net>
To:     Carlos Bilbao <carlos.bilbao@amd.com>
Cc:     linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
        ardb@kernel.org, kraxel@redhat.com, dovmurik@linux.ibm.com,
        elena.reshetova@intel.com, dave.hansen@linux.intel.com,
        Dhaval.Giani@amd.com, michael.day@amd.com,
        pavankumar.paluri@amd.com, David.Kaplan@amd.com,
        Reshma.Lal@amd.com, Jeremy.Powell@amd.com,
        sathyanarayanan.kuppuswamy@linux.intel.com,
        alexander.shishkin@linux.intel.com, thomas.lendacky@amd.com,
        tglx@linutronix.de, dgilbert@redhat.com, dinechin@redhat.com,
        linux-coco@lists.linux.dev, berrange@redhat.com, mst@redhat.com,
        tytso@mit.edu, jikos@kernel.org, joro@8bytes.org, leon@kernel.org,
        richard.weinberger@gmail.com, lukas@wunner.de, jejb@linux.ibm.com,
        cdupontd@redhat.com, jasowang@redhat.com, sameo@rivosinc.com,
        bp@alien8.de, seanjc@google.com, security@kernel.org,
        Larry Dewey <larry.dewey@amd.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: Re: [RESEND PATCH v4] docs: security: Confidential computing intro
 and threat model for x86 virtualization
In-Reply-To: <98804f27-c2e7-74d6-d671-1eda927e19fe@amd.com>
References: <20230905152656.1215119-1-carlos.bilbao@amd.com>
 <2023090537-undesired-junction-b325@gregkh>
 <4a25cfe8-39d7-1d0f-b89b-2d62bdb085c1@amd.com>
 <bb5a6655-ebaa-2ddf-0c49-6f1027ccb839@amd.com>
 <f7700d54-da02-3482-17c5-bbae36799fb5@amd.com>
 <98804f27-c2e7-74d6-d671-1eda927e19fe@amd.com>
Date:   Sat, 23 Sep 2023 01:57:20 -0600
Message-ID: <87v8c15nkv.fsf@meer.lwn.net>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Status: No, score=2.7 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Sat, 23 Sep 2023 00:57:31 -0700 (PDT)
X-Spam-Level: **

Carlos Bilbao <carlos.bilbao@amd.com> writes:

> Kernel developers working on confidential computing for virtualized
> environments in x86 operate under a set of assumptions regarding the Linux
> kernel threat model that differs from the traditional view. Historically,
> the Linux threat model acknowledges attackers residing in userspace, as
> well as a limited set of external attackers that are able to interact with
> the kernel through networking or limited HW-specific exposed interfaces
> (e.g. USB, thunderbolt). The goal of this document is to explain additional
> attack vectors that arise in the virtualized confidential computing space.
>
> Reviewed-by: Larry Dewey <larry.dewey@amd.com>
> Reviewed-by: David Kaplan <david.kaplan@amd.com>
> Co-developed-by: Elena Reshetova <elena.reshetova@intel.com>
> Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
> Signed-off-by: Carlos Bilbao <carlos.bilbao@amd.com>

This patch was whitespace-corrupted (something wrapped the diff lines)
making it hard to apply; I was able to fix it up and get git to swallow
it.  So applied, thanks.

jon