qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [RFC PATCH v1 22/22] loader: reload bios image on ROM r


From: Paolo Bonzini
Subject: Re: [Qemu-devel] [RFC PATCH v1 22/22] loader: reload bios image on ROM reset in SEV-enabled guest
Date: Wed, 14 Sep 2016 23:11:04 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0


On 14/09/2016 23:09, Michael S. Tsirkin wrote:
> > > > Does the guest have to check the measured data (e.g. with a hash) too,
> > > > to check that it hasn't been tampered with outside the secure
> > > > processor's control?  Of course this would result in garbage written to
> > > > the modified page, but that might be a valid attack vector.
> > > 
> > > Guest does not need to check the measurement.
> > 
> > Can you explain why not?
> 
> For example, guest can boot in a secure environment and then be migrated
> to cloud. In fact that seems much easier to manage than all the hash
> based stuff.

This is not what I was asking.  My question was: assuming that the guest
is interested in checking the measurement, does it also have to
recompute it independently, and if not why?

Paolo



reply via email to

[Prev in Thread] Current Thread [Next in Thread]