~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/Documentation/security/secrets/coco.rst

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /Documentation/security/secrets/coco.rst (Version linux-6.12-rc7) and /Documentation/security/secrets/coco.rst (Version linux-6.9.12)


  1 .. SPDX-License-Identifier: GPL-2.0                 1 .. SPDX-License-Identifier: GPL-2.0
  2                                                     2 
  3 ==============================                      3 ==============================
  4 Confidential Computing secrets                      4 Confidential Computing secrets
  5 ==============================                      5 ==============================
  6                                                     6 
  7 This document describes how Confidential Compu      7 This document describes how Confidential Computing secret injection is handled
  8 from the firmware to the operating system, in       8 from the firmware to the operating system, in the EFI driver and the efi_secret
  9 kernel module.                                      9 kernel module.
 10                                                    10 
 11                                                    11 
 12 Introduction                                       12 Introduction
 13 ============                                       13 ============
 14                                                    14 
 15 Confidential Computing (coco) hardware such as     15 Confidential Computing (coco) hardware such as AMD SEV (Secure Encrypted
 16 Virtualization) allows guest owners to inject      16 Virtualization) allows guest owners to inject secrets into the VMs
 17 memory without the host/hypervisor being able      17 memory without the host/hypervisor being able to read them.  In SEV,
 18 secret injection is performed early in the VM      18 secret injection is performed early in the VM launch process, before the
 19 guest starts running.                              19 guest starts running.
 20                                                    20 
 21 The efi_secret kernel module allows userspace      21 The efi_secret kernel module allows userspace applications to access these
 22 secrets via securityfs.                            22 secrets via securityfs.
 23                                                    23 
 24                                                    24 
 25 Secret data flow                                   25 Secret data flow
 26 ================                                   26 ================
 27                                                    27 
 28 The guest firmware may reserve a designated me     28 The guest firmware may reserve a designated memory area for secret injection,
 29 and publish its location (base GPA and length)     29 and publish its location (base GPA and length) in the EFI configuration table
 30 under a ``LINUX_EFI_COCO_SECRET_AREA_GUID`` en     30 under a ``LINUX_EFI_COCO_SECRET_AREA_GUID`` entry
 31 (``adf956ad-e98c-484c-ae11-b51c7d336447``).  T     31 (``adf956ad-e98c-484c-ae11-b51c7d336447``).  This memory area should be marked
 32 by the firmware as ``EFI_RESERVED_TYPE``, and      32 by the firmware as ``EFI_RESERVED_TYPE``, and therefore the kernel should not
 33 be use it for its own purposes.                    33 be use it for its own purposes.
 34                                                    34 
 35 During the VM's launch, the virtual machine ma     35 During the VM's launch, the virtual machine manager may inject a secret to that
 36 area.  In AMD SEV and SEV-ES this is performed     36 area.  In AMD SEV and SEV-ES this is performed using the
 37 ``KVM_SEV_LAUNCH_SECRET`` command (see [sev]_)     37 ``KVM_SEV_LAUNCH_SECRET`` command (see [sev]_).  The structure of the injected
 38 Guest Owner secret data should be a GUIDed tab     38 Guest Owner secret data should be a GUIDed table of secret values; the binary
 39 format is described in ``drivers/virt/coco/efi     39 format is described in ``drivers/virt/coco/efi_secret/efi_secret.c`` under
 40 "Structure of the EFI secret area".                40 "Structure of the EFI secret area".
 41                                                    41 
 42 On kernel start, the kernel's EFI driver saves     42 On kernel start, the kernel's EFI driver saves the location of the secret area
 43 (taken from the EFI configuration table) in th     43 (taken from the EFI configuration table) in the ``efi.coco_secret`` field.
 44 Later it checks if the secret area is populate     44 Later it checks if the secret area is populated: it maps the area and checks
 45 whether its content begins with ``EFI_SECRET_T     45 whether its content begins with ``EFI_SECRET_TABLE_HEADER_GUID``
 46 (``1e74f542-71dd-4d66-963e-ef4287ff173b``).  I     46 (``1e74f542-71dd-4d66-963e-ef4287ff173b``).  If the secret area is populated,
 47 the EFI driver will autoload the efi_secret ke     47 the EFI driver will autoload the efi_secret kernel module, which exposes the
 48 secrets to userspace applications via security     48 secrets to userspace applications via securityfs.  The details of the
 49 efi_secret filesystem interface are in [secret     49 efi_secret filesystem interface are in [secrets-coco-abi]_.
 50                                                    50 
 51                                                    51 
 52 Application usage example                          52 Application usage example
 53 =========================                          53 =========================
 54                                                    54 
 55 Consider a guest performing computations on en     55 Consider a guest performing computations on encrypted files.  The Guest Owner
 56 provides the decryption key (= secret) using t     56 provides the decryption key (= secret) using the secret injection mechanism.
 57 The guest application reads the secret from th     57 The guest application reads the secret from the efi_secret filesystem and
 58 proceeds to decrypt the files into memory and      58 proceeds to decrypt the files into memory and then performs the needed
 59 computations on the content.                       59 computations on the content.
 60                                                    60 
 61 In this example, the host can't read the files     61 In this example, the host can't read the files from the disk image
 62 because they are encrypted.  Host can't read t     62 because they are encrypted.  Host can't read the decryption key because
 63 it is passed using the secret injection mechan     63 it is passed using the secret injection mechanism (= secure channel).
 64 Host can't read the decrypted content from mem     64 Host can't read the decrypted content from memory because it's a
 65 confidential (memory-encrypted) guest.             65 confidential (memory-encrypted) guest.
 66                                                    66 
 67 Here is a simple example for usage of the efi_     67 Here is a simple example for usage of the efi_secret module in a guest
 68 to which an EFI secret area with 4 secrets was     68 to which an EFI secret area with 4 secrets was injected during launch::
 69                                                    69 
 70         # ls -la /sys/kernel/security/secrets/     70         # ls -la /sys/kernel/security/secrets/coco
 71         total 0                                    71         total 0
 72         drwxr-xr-x 2 root root 0 Jun 28 11:54      72         drwxr-xr-x 2 root root 0 Jun 28 11:54 .
 73         drwxr-xr-x 3 root root 0 Jun 28 11:54      73         drwxr-xr-x 3 root root 0 Jun 28 11:54 ..
 74         -r--r----- 1 root root 0 Jun 28 11:54      74         -r--r----- 1 root root 0 Jun 28 11:54 736870e5-84f0-4973-92ec-06879ce3da0b
 75         -r--r----- 1 root root 0 Jun 28 11:54      75         -r--r----- 1 root root 0 Jun 28 11:54 83c83f7f-1356-4975-8b7e-d3a0b54312c6
 76         -r--r----- 1 root root 0 Jun 28 11:54      76         -r--r----- 1 root root 0 Jun 28 11:54 9553f55d-3da2-43ee-ab5d-ff17f78864d2
 77         -r--r----- 1 root root 0 Jun 28 11:54      77         -r--r----- 1 root root 0 Jun 28 11:54 e6f5a162-d67f-4750-a67c-5d065f2a9910
 78                                                    78 
 79         # hd /sys/kernel/security/secrets/coco     79         # hd /sys/kernel/security/secrets/coco/e6f5a162-d67f-4750-a67c-5d065f2a9910
 80         00000000  74 68 65 73 65 2d 61 72  65      80         00000000  74 68 65 73 65 2d 61 72  65 2d 74 68 65 2d 6b 61  |these-are-the-ka|
 81         00000010  74 61 2d 73 65 63 72 65  74      81         00000010  74 61 2d 73 65 63 72 65  74 73 00 01 02 03 04 05  |ta-secrets......|
 82         00000020  06 07                            82         00000020  06 07                                             |..|
 83         00000022                                   83         00000022
 84                                                    84 
 85         # rm /sys/kernel/security/secrets/coco     85         # rm /sys/kernel/security/secrets/coco/e6f5a162-d67f-4750-a67c-5d065f2a9910
 86                                                    86 
 87         # ls -la /sys/kernel/security/secrets/     87         # ls -la /sys/kernel/security/secrets/coco
 88         total 0                                    88         total 0
 89         drwxr-xr-x 2 root root 0 Jun 28 11:55      89         drwxr-xr-x 2 root root 0 Jun 28 11:55 .
 90         drwxr-xr-x 3 root root 0 Jun 28 11:54      90         drwxr-xr-x 3 root root 0 Jun 28 11:54 ..
 91         -r--r----- 1 root root 0 Jun 28 11:54      91         -r--r----- 1 root root 0 Jun 28 11:54 736870e5-84f0-4973-92ec-06879ce3da0b
 92         -r--r----- 1 root root 0 Jun 28 11:54      92         -r--r----- 1 root root 0 Jun 28 11:54 83c83f7f-1356-4975-8b7e-d3a0b54312c6
 93         -r--r----- 1 root root 0 Jun 28 11:54      93         -r--r----- 1 root root 0 Jun 28 11:54 9553f55d-3da2-43ee-ab5d-ff17f78864d2
 94                                                    94 
 95                                                    95 
 96 References                                         96 References
 97 ==========                                         97 ==========
 98                                                    98 
 99 See [sev-api-spec]_ for more info regarding SE     99 See [sev-api-spec]_ for more info regarding SEV ``LAUNCH_SECRET`` operation.
100                                                   100 
101 .. [sev] Documentation/virt/kvm/x86/amd-memory    101 .. [sev] Documentation/virt/kvm/x86/amd-memory-encryption.rst
102 .. [secrets-coco-abi] Documentation/ABI/testin    102 .. [secrets-coco-abi] Documentation/ABI/testing/securityfs-secrets-coco
103 .. [sev-api-spec] https://www.amd.com/system/f    103 .. [sev-api-spec] https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf
                                                      

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php