linux/Documentation/security
Carlos Bilbao 1f597b1a6e docs: security: Confidential computing intro and threat model for x86 virtualization
Kernel developers working on confidential computing for virtualized
environments in x86 operate under a set of assumptions regarding the Linux
kernel threat model that differs from the traditional view. Historically,
the Linux threat model acknowledges attackers residing in userspace, as
well as a limited set of external attackers that are able to interact with
the kernel through networking or limited HW-specific exposed interfaces
(e.g. USB, thunderbolt). The goal of this document is to explain additional
attack vectors that arise in the virtualized confidential computing space.

Reviewed-by: Larry Dewey <larry.dewey@amd.com>
Reviewed-by: David Kaplan <david.kaplan@amd.com>
Co-developed-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Carlos Bilbao <carlos.bilbao@amd.com>

Message-ID: <98804f27-c2e7-74d6-d671-1eda927e19fe@amd.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
2023-09-23 01:14:21 -06:00
..
keys Documentation: Fix typos 2023-08-18 11:29:03 -06:00
secrets Documentation: Fix typos 2023-08-18 11:29:03 -06:00
tpm Documentation: drop optional BOMs 2021-05-10 15:17:34 -06:00
credentials.rst Documentation: remove current_security() reference 2020-09-09 11:33:59 -06:00
digsig.rst Documentation: Fix typos 2023-08-18 11:29:03 -06:00
IMA-templates.rst ima: support fs-verity file digest based version 3 signatures 2022-05-05 17:41:51 -04:00
index.rst docs: security: Confidential computing intro and threat model for x86 virtualization 2023-09-23 01:14:21 -06:00
landlock.rst landlock: Explain file descriptor access rights 2023-01-13 20:40:35 +01:00
lsm-development.rst lsm: move hook comments docs to security/security.c 2023-04-28 11:58:34 -04:00
lsm.rst lsm: move hook comments docs to security/security.c 2023-04-28 11:58:34 -04:00
sak.rst docs: security: move some books to it and update 2019-07-15 11:03:01 -03:00
SCTP.rst docs: fix 'make htmldocs' warning in SCTP.rst 2022-02-28 11:09:10 -05:00
self-protection.rst docs: update self-protection __ro_after_init status 2021-12-10 14:02:06 -07:00
siphash.rst Documentation: siphash: Fix typo in the name of offsetofend macro 2022-07-13 14:01:22 -06:00
snp-tdx-threat-model.rst docs: security: Confidential computing intro and threat model for x86 virtualization 2023-09-23 01:14:21 -06:00