diff options
| author | Carlos Bilbao <carlos.bilbao@amd.com> | 2023-09-14 19:20:46 +0300 |
|---|---|---|
| committer | Jonathan Corbet <corbet@lwn.net> | 2023-09-23 10:14:21 +0300 |
| commit | 1f597b1a6ec28f848fc236f17f246c4cac7aa8cc (patch) | |
| tree | c0a39c3f128cb2a4c7ef4cbc1082d3dfceac4230 /Documentation/security/index.rst | |
| parent | 42b37783e2f6f806d4d5cd7e44d1b9016d93e5d9 (diff) | |
| download | linux-1f597b1a6ec28f848fc236f17f246c4cac7aa8cc.tar.xz | |
docs: security: Confidential computing intro and threat model for x86 virtualization
Kernel developers working on confidential computing for virtualized
environments in x86 operate under a set of assumptions regarding the Linux
kernel threat model that differs from the traditional view. Historically,
the Linux threat model acknowledges attackers residing in userspace, as
well as a limited set of external attackers that are able to interact with
the kernel through networking or limited HW-specific exposed interfaces
(e.g. USB, thunderbolt). The goal of this document is to explain additional
attack vectors that arise in the virtualized confidential computing space.
Reviewed-by: Larry Dewey <larry.dewey@amd.com>
Reviewed-by: David Kaplan <david.kaplan@amd.com>
Co-developed-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Carlos Bilbao <carlos.bilbao@amd.com>
Message-ID: <98804f27-c2e7-74d6-d671-1eda927e19fe@amd.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Diffstat (limited to 'Documentation/security/index.rst')
| -rw-r--r-- | Documentation/security/index.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/Documentation/security/index.rst b/Documentation/security/index.rst index 6ed8d2fa6f9e..59f8fc106cb0 100644 --- a/Documentation/security/index.rst +++ b/Documentation/security/index.rst @@ -6,6 +6,7 @@ Security Documentation :maxdepth: 1 credentials + snp-tdx-threat-model IMA-templates keys/index lsm |