From: "Michael Brown" <mcb30@ipxe.org>
To: devel@edk2.groups.io, min.m.xu@intel.com,
"lersek@redhat.com" <lersek@redhat.com>,
"Yao, Jiewen" <jiewen.yao@intel.com>,
"rfc@edk2.groups.io" <rfc@edk2.groups.io>
Cc: "jejb@linux.ibm.com" <jejb@linux.ibm.com>,
Brijesh Singh <brijesh.singh@amd.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
"erdemaktas@google.com" <erdemaktas@google.com>,
"cho@microsoft.com" <cho@microsoft.com>,
"bret.barkelew@microsoft.com" <bret.barkelew@microsoft.com>,
Jon Lange <jlange@microsoft.com>, Karen Noel <knoel@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Nathaniel McCallum <npmccallum@redhat.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
"Ademar de Souza Reis Jr." <areis@redhat.com>
Subject: Re: [edk2-rfc] [edk2-devel] RFC: design review for TDVF in OVMF
Date: Sun, 6 Jun 2021 12:39:39 +0100 [thread overview]
Message-ID: <830485db-3210-54c0-8dda-893a5850b6c4@ipxe.org> (raw)
In-Reply-To: <PH0PR11MB5064DF7675D38723D5701795C5399@PH0PR11MB5064.namprd11.prod.outlook.com>
On 06/06/2021 09:52, Min Xu wrote:
> On June 4, 2021 12:12 AM, Laszlo wrote:
>> (18) says "SMM is not supported in Td guest" -- how is the variable store
>> protected from direct hardware (pflash) access from the guest OS?
>> Without SMM, the guest OS need not go through gRT->SetVariable() to
>> update authenticated non-volatile UEFI variables, and that undermines
>> Secure Boot.
>>
> Let me explain the SMM and Secure boot in TDX like below:
> 1) TDX doesn't support virtual SMM in guest. Virtual SMI cannot be injected
> into TD guest.
> 2) SMI/SMM is used to manage variable update to avoid expose Flash direct.
> So SMM is not must-to-have for secure boot, but help to mitigate the security risk.
> 3) We don't trust VMM. That is why we need TDX.
> 4) If you trust VMM to emulate SMM, then you don't need TDX.
Secure Boot defines a security boundary between the firmware and the
operating system: the operating system is not permitted to make
arbitrary changes to firmware variables.
It sounds as though you have decided that the TDX security properties
remove the need for the Secure Boot security properties. That would be
a viable conclusion: if the user is able to verify that the intended
workload is running in the VM (and the VM is disposable anyway) then
there is not much value added by also having Secure Boot.
However, it's not valid to pretend to also include Secure Boot, knowing
that there is no way to actually provide the security properties of
Secure Boot.
If TDX can't support SMM (or some equivalent way for the guest
*firmware* to guarantee that the ring 0 guest OS cannot make arbitrary
changes to UEFI variables), then TDX cannot support Secure Boot.
Thanks,
Michael
next prev parent reply other threads:[~2021-06-06 11:39 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-03 13:51 [edk2-rfc] [edk2-devel] RFC: design review for TDVF in OVMF Yao, Jiewen
2021-06-03 16:11 ` Laszlo Ersek
2021-06-03 23:19 ` Yao, Jiewen
2021-06-04 10:11 ` Laszlo Ersek
2021-06-04 10:24 ` Yao, Jiewen
2021-06-04 10:43 ` Michael Brown
2021-06-04 14:52 ` Michael Brown
2021-06-04 15:04 ` James Bottomley
2021-06-04 7:33 ` Min Xu
2021-06-06 2:03 ` Min Xu
2021-06-06 11:29 ` Michael Brown
2021-06-06 12:49 ` Min Xu
2021-06-07 13:52 ` Laszlo Ersek
2021-06-06 8:52 ` Min Xu
2021-06-06 11:39 ` Michael Brown [this message]
2021-06-08 12:27 ` Min Xu
2021-06-08 15:36 ` Laszlo Ersek
2021-06-08 16:01 ` James Bottomley
2021-06-08 19:33 ` Laszlo Ersek
2021-06-09 0:58 ` Min Xu
2021-06-09 11:00 ` Laszlo Ersek
2021-06-09 14:36 ` James Bottomley
2021-06-09 2:01 ` Min Xu
2021-06-09 14:28 ` James Bottomley
2021-06-09 15:47 ` Paolo Bonzini
2021-06-09 15:59 ` James Bottomley
2021-06-10 21:01 ` Erdem Aktas
2021-06-10 22:30 ` Min Xu
2021-06-11 1:33 ` James Bottomley
2021-06-11 1:36 ` Yao, Jiewen
2021-06-11 1:38 ` James Bottomley
2021-06-11 1:55 ` James Bottomley
[not found] ` <168759329436FBCF.5845@groups.io>
2021-06-11 6:37 ` Min Xu
2021-06-22 13:34 ` Laszlo Ersek
2021-06-22 13:38 ` Laszlo Ersek
2021-06-24 0:24 ` Min Xu
2021-06-24 0:35 ` James Bottomley
2021-06-24 0:55 ` Min Xu
[not found] ` <168B5EA81BA66FAC.7570@groups.io>
2021-07-01 5:00 ` Min Xu
2021-06-23 2:44 ` Min Xu
2021-06-23 17:47 ` Laszlo Ersek
2021-06-23 11:56 ` Min Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=830485db-3210-54c0-8dda-893a5850b6c4@ipxe.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox