[RFC PATCH v2 3/3] virt: Add sev_secret module to expose confidential computing secrets
bp at suse.de
Tue Jun 29 22:48:48 UTC 2021
On Tue, Jun 29, 2021 at 10:23:49AM +0300, Dov Murik wrote:
> But not if it's a generic driver that is useful for other confidential
> computing implementations. Consider some non-encrypting guest memory
> isolation mechanism where the host can't read most guest pages; this
> module might be useful there too.
Anything concrete or just hypothetical?
In any case, if this thing is generic, it should not have "AMD" and
"SEV" in the strings.
> Also, isn't it a bit weird to depend on CONFIG_AMD_MEM_ENCRYPT but not
> use any of its APIs?
Yeah, see above.
SUSE Software Solutions Germany GmbH, GF: Felix Imendörffer, HRB 36809, AG Nürnberg
More information about the Linux-security-module-archive