diff options
| author |   Carlos Bilbao <carlos.bilbao@amd.com> | 2023-09-14 11:20:46 -0500 |
|---|---|---|
| committer |   Jonathan Corbet <corbet@lwn.net> | 2023-09-23 01:14:21 -0600 |
| commit | 1f597b1a6ec28f848fc236f17f246c4cac7aa8cc (patch) | |
| tree | c0a39c3f128cb2a4c7ef4cbc1082d3dfceac4230 /tools/perf/scripts/python/export-to-postgresql.py | |
| parent | docs/sp_SP: Add translation of process/embargoed-hardware-issues (diff) | |
| download | wireguard-linux-1f597b1a6ec28f848fc236f17f246c4cac7aa8cc.tar.xz wireguard-linux-1f597b1a6ec28f848fc236f17f246c4cac7aa8cc.zip | |
docs: security: Confidential computing intro and threat model for x86 virtualization
Kernel developers working on confidential computing for virtualized
environments in x86 operate under a set of assumptions regarding the Linux
kernel threat model that differs from the traditional view. Historically,
the Linux threat model acknowledges attackers residing in userspace, as
well as a limited set of external attackers that are able to interact with
the kernel through networking or limited HW-specific exposed interfaces
(e.g. USB, thunderbolt). The goal of this document is to explain additional
attack vectors that arise in the virtualized confidential computing space.
Reviewed-by: Larry Dewey <larry.dewey@amd.com>
Reviewed-by: David Kaplan <david.kaplan@amd.com>
Co-developed-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Carlos Bilbao <carlos.bilbao@amd.com>
Message-ID: <98804f27-c2e7-74d6-d671-1eda927e19fe@amd.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Diffstat (limited to 'tools/perf/scripts/python/export-to-postgresql.py')
0 files changed, 0 insertions, 0 deletions