Re: [PATCH v8 29/40] x86/compressed/64: add support for SEV-SNP CPUID table in #VC handlers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jan 18, 2022 at 08:37:30AM -0600, Michael Roth wrote:
> Actually, no, because doing that would provide hypervisor a means to
> effectively disable CPUID page for an SNP guest by provided a table with
> count == 0, which needs to be guarded against.

Err, I'm confused.

Isn't that "SEV-SNP guests will be provided the location of special
'secrets' 'CPUID' pages via the Confidential Computing blob..." and the
HV has no say in there?

Why does the HV provide the CPUID page?

And when I read "secrets page" I think, encrypted/signed and given
directly to the guest, past the HV which cannot even touch it.

Hmmm.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux