diff options
| author | Brijesh Singh <[email protected]> | 2019-11-12 13:58:34 -0600 |
|---|---|---|
| committer | Herbert Xu <[email protected]> | 2019-11-22 18:48:35 +0800 |
| commit | ec310caf13b5505c268cfa526b7b28152a879d1e (patch) | |
| tree | 30a6956a23af717e9ed06c333e5d97d3414bf201 /scripts/gdb/linux/clk.py | |
| parent | c433a1a8572eceb7c45dd85d93fec6946b71bb72 (diff) | |
crypto: ccp - add SEV command privilege separation
Currently, there is no privilege separation of the SEV command; you can
run them all or none of them. This is less than ideal because it means
that a compromise of the code which launches VMs could make permanent
change to the SEV certifcate chain which will affect others.
These commands are required to attest the VM environment:
- SEV_PDH_CERT_EXPORT
- SEV_PLATFORM_STATUS
- SEV_GET_{ID,ID2}
These commands manage the SEV certificate chain:
- SEV_PEK_CERR_IMPORT
- SEV_FACTORY_RESET
- SEV_PEK_GEN
- SEV_PEK_CSR
- SEV_PDH_GEN
Lets add the CAP_SYS_ADMIN check for the group of the commands which alters
the SEV certificate chain to provide some level of privilege separation.
Cc: Herbert Xu <[email protected]>
Cc: Gary Hook <[email protected]>
Cc: Erdem Aktas <[email protected]>
Cc: Tom Lendacky <[email protected]>
Tested-by: David Rientjes <[email protected]>
Co-developed-by: David Rientjes <[email protected]>
Signed-off-by: David Rientjes <[email protected]>
Signed-off-by: Brijesh Singh <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
Diffstat (limited to 'scripts/gdb/linux/clk.py')
0 files changed, 0 insertions, 0 deletions