|
From: | Brijesh Singh |
Subject: | Re: [Qemu-devel] [RFC PATCH v1 20/22] fw_cfg: sev: disable dma in real mode |
Date: | Wed, 21 Sep 2016 13:19:25 -0500 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 |
Hi Michael,
Again it isn't clear how much value does attestation have, we are assuming arbitrary restrictions on the attacker such as inability to trigger exits at random times, why not assume it can't attack guest during boot? IOW it seems reasonable to just ignore the need for attestation completely as the first step. Get the other stuff merged first.
Thanks for feedbacks. In v2, I will try to remove the attestation code and we can revisit it later.
-Brijesh
[Prev in Thread] | Current Thread | [Next in Thread] |