diff options
| author | Carlos Bilbao <carlos.bilbao@amd.com> | 2023-09-14 11:20:46 -0500 |
|---|---|---|
| committer | Jonathan Corbet <corbet@lwn.net> | 2023-09-23 01:14:21 -0600 |
| commit | 1f597b1a6ec28f848fc236f17f246c4cac7aa8cc (patch) | |
| tree | c0a39c3f128cb2a4c7ef4cbc1082d3dfceac4230 /Documentation/admin-guide | |
| parent | 42b37783e2f6f806d4d5cd7e44d1b9016d93e5d9 (diff) | |
docs: security: Confidential computing intro and threat model for x86 virtualization
Kernel developers working on confidential computing for virtualized
environments in x86 operate under a set of assumptions regarding the Linux
kernel threat model that differs from the traditional view. Historically,
the Linux threat model acknowledges attackers residing in userspace, as
well as a limited set of external attackers that are able to interact with
the kernel through networking or limited HW-specific exposed interfaces
(e.g. USB, thunderbolt). The goal of this document is to explain additional
attack vectors that arise in the virtualized confidential computing space.
Reviewed-by: Larry Dewey <larry.dewey@amd.com>
Reviewed-by: David Kaplan <david.kaplan@amd.com>
Co-developed-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Carlos Bilbao <carlos.bilbao@amd.com>
Message-ID: <98804f27-c2e7-74d6-d671-1eda927e19fe@amd.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Diffstat (limited to 'Documentation/admin-guide')
0 files changed, 0 insertions, 0 deletions