|
|
Subscribe / Log in / New account

Private memory for KVM guests

Private memory for KVM guests

Posted Apr 10, 2022 17:42 UTC (Sun) by ssmith32 (subscriber, #72404)
In reply to: Private memory for KVM guests by pbonzini
Parent article: Private memory for KVM guests

For (2) , doesn't it still assume some guest instructions are allowed to run on the processor directly by the host?

What prevents the host from loading guest programs into an entirely virtualized CPU?

Other than the complexity involved in emulating an entire set of CPU behaviours..

to post comments

Private memory for KVM guests

Posted Apr 10, 2022 19:35 UTC (Sun) by excors (subscriber, #95769) [Link]

I think the simplified version is: The host can't emulate the TDX/etc hardware, because that contains a private key known only to Intel/etc. The host could trick its guest into accepting a fake TDX attestation by cleverly patching the guest's verification code, but that doesn't matter because it's meant for *remote* attestation: the guest sends the signed attestation report over the network to some already-trusted machine, which verifies it against Intel's public key and checks that the TDX hardware says the hypervisor has properly enabled memory encryption etc, before sending sensitive information (e.g. encryption keys for the guest's disks) back to the now-trusted guest.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds