Re: [PATCH v2 4/4] virt: Add sev_secret module to expose confidential computing secrets
From: Dov Murik <hidden>
Date: 2021-10-08 05:40:43
Also in:
linux-efi, linux-security-module, lkml
Thanks Dave and Dave for reviewing this. On 07/10/2021 19:17, Dr. David Alan Gilbert wrote:
* Dave Hansen (dave.hansen@intel.com) wrote:quoted
On 10/6/21 11:18 PM, Dov Murik wrote:quoted
+static int sev_secret_map_area(void) +{ + struct sev_secret *s = sev_secret_get(); + struct linux_efi_coco_secret_area *secret_area; + u32 secret_area_size; + + if (efi.coco_secret == EFI_INVALID_TABLE_ADDR) { + pr_err("Secret area address is not available\n"); + return -EINVAL; + } + + secret_area = memremap(efi.coco_secret, sizeof(*secret_area), MEMREMAP_WB); + if (secret_area == NULL) { + pr_err("Could not map secret area header\n"); + return -ENOMEM; + }There doesn't seem to be anything truly SEV-specific in here at all. Isn't this more accurately called "efi_secret" or something? What's to prevent Intel or an ARM vendor from implementing this?I don't think anything; although the last discussion I remember on list with Intel was that Intel preferred some interface with an ioctl to read the secrets and stuff. I'm not quite sure if the attestation/secret delivery order makes sense with TDX, but if it does, then if you could persuade someone to standardise on this it would be great.
I agree that this series doesn't have any SEV-specific stuff in it; in fact, I wrote in the cover letter: +++ This has been tested with AMD SEV and SEV-ES guests, but the kernel side of handling the secret area has no SEV-specific dependencies, and therefore might be usable (perhaps with minor changes) for any confidential computing hardware that can publish the secret area via the standard EFI config table entry. +++ However, in previous rounds Boris said [1] that if it's only hypothetical support for other platforms, I should add a "depends on AMD_MEM_ENCRYPT" clause. Boris, can you please share your view? I'm indeed in favor of making this more generic (efi_secret sounds good), allowing for future support for other early-boot secret injection mechanisms. [1] https://lore.kernel.org/linux-coco/YNojYBIwk0xCHQ0v@zn.tnic/ (local) -Dov