|
|
Subscribe / Log in / New account

But how the virtual machine verify its host?

But how the virtual machine verify its host?

Posted Jan 3, 2021 8:47 UTC (Sun) by moxfyre (guest, #13847)
Parent article: Challenges in protecting virtual machines from untrusted entities

All of this technology sounds fascinating, if cumbersome to implement.

But here's what I don't understand: how can a VM possibly verify that it's running under a "trusted entity" which takes pains not to be able to access the guest's secret data, as opposed to a standard omniscient hypervisor — or more pointedly a malicious hypervisor which pretends to be a "trusted entity"?

If the VM can't actually verify its host environment's construction, then… what's the point?

It seems to come down to "trusting your cloud/VM hosting provider not to do leaky or malicious things", which is about where we are anyway.

to post comments

But how will the virtual machine verify its host?

Posted Jan 5, 2021 0:23 UTC (Tue) by moxfyre (guest, #13847) [Link] (3 responses)

Based on this very interesting blog post from James Bottomley (https://blog.hansenpartnership.com/deploying-encrypted-images-for-confidential-computing)… it appears that this is, essentially, a rather complex scheme that — if it works correctly — means that the VM/guest owners have to place very little trust in the cloud provider, but a lot of trust in the CPU/SoC manufacturer.

But how will the virtual machine verify its host?

Posted Jan 6, 2021 10:54 UTC (Wed) by penguin42 (guest, #72294) [Link]

Yes, in the end it comes back to getting an attested measurement signed by something in the CPU that can be traced
back to the CPU vendor, and you have to trust the CPU vendor to have implemented the mechanism.
To your first comment, it's not necessarily that the guest can verify it's running under a trusted entity - it's that a 3rd party (running outside the potentially dodgy cloud) can verify that the VM they're talking to is running in a trusted setup before you give that VM work or a secret that is then used to do something.

But how will the virtual machine verify its host?

Posted Jan 6, 2021 10:54 UTC (Wed) by kashyap (subscriber, #55821) [Link]

Yes, one of the main points (based on my understanding) is that the cloud provider can feel relieved, now that they're not on the hook anymore — because: "Hey, it's all encrypted; _you_ have the keys. So even to run a binary we need your (the guest owner) involvement."

And indeed, since the "trusted entity" is the hardware, so you're placing trust in the CPU/SoC. I'll let more clueful people than me to correct me or add further details.

But how will the virtual machine verify its host?

Posted Jan 6, 2021 19:44 UTC (Wed) by mjg59 (subscriber, #23239) [Link]

Given that your code is running on said CPU, you're already placing rather a lot of trust in the CPU vendor…


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds