[PATCH V1 3/6] xen/virtio: Add option to restrict memory access under Xen
Juergen Gross
jgross at suse.com
Mon Apr 25 02:14:52 PDT 2022
On 25.04.22 09:58, Christoph Hellwig wrote:
> On Mon, Apr 25, 2022 at 09:47:49AM +0200, Juergen Gross wrote:
>>> Would the Xen specific bits fit into Confidential Computing Platform
>>> checks? I will let Juergen/Boris comment on this.
>>
>> I don't think cc_platform_has would be correct here. Xen certainly
>> provides more isolation between guests and dom0, but "Confidential
>> Computing" is basically orthogonal to that feature.
>
> The point of cc_platform_has is to remove all these open code checks.
> If a Xen hypervisor / dom0 can't access arbitrary guest memory for
> virtual I/O and we need special APIs for that it certainly false
> into the scope of cc_platform_has, even if the confientiality is
> rather limited.
In case the x86 maintainers are fine with that I won't oppose.
Juergen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xB0DE9DD628BF132F.asc
Type: application/pgp-keys
Size: 3098 bytes
Desc: OpenPGP public key
URL: <http://lists.infradead.org/pipermail/linux-arm-kernel/attachments/20220425/5905aca4/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://lists.infradead.org/pipermail/linux-arm-kernel/attachments/20220425/5905aca4/attachment-0001.sig>
More information about the linux-arm-kernel
mailing list