Mailing List Archive

I think this is very ugly. The idea is basically that a hypervisor will not screw up these devices: > + /* These are sufficient for running on vmm(4)/vmd(8) */ > + "mainbus", "cpu", "pvbus", "pvclock", "pci", "virtio", "viornd", > + "vio", "vioblk", "scsibus", "sd", "vmmci", "isa", "com", > + "softraid", "mpath", "vscsi", > + /* These are additionally required for qemu and Linux/KVM */ > + "ppb", "ioapic", "bios", "acpi", "acpimadt", but will screw up all the others, and that's attack surface? I don't understand that logic, and I don't like this scheme at all. Hans-Jörg Höxer <hshoexer@genua.de> wrote: > Hi, > > When running confidential -- ie. SEV-* is active -- disable all > autoconf attached devices except a set of white listed devices. > This is similar to disabling devices using UKC. > > Running on a hypervisor puts emphasis on device drives as attack > surface. Thus we want to reduce that surface in a confidential > setting. > > Take care, > Hans-Joerg > > -- > commit 653bf04dfd955a4b746c556fb1f909d0efde33f8 > Author: Hans-Joerg Hoexer <hshoexer@genua.de> > Date: Wed Jul 16 11:45:00 2025 +0200 > > AMD SEV: confidential autoconf whitelist > > When running confidential -- ie. SEV-* is active -- disable all > autoconf attached devices except a set of white listed devices. > This is similar to disabling devices using UKC. > > Running on a hypervisor puts emphasis on device drives as attack > surface. Thus we want to reduce that surface in a confidential > setting. > > diff --git a/sys/arch/amd64/amd64/machdep.c b/sys/arch/amd64/amd64/machdep.c > index 991dd2cbeb6..5fdb3ad08e3 100644 > --- a/sys/arch/amd64/amd64/machdep.c > +++ b/sys/arch/amd64/amd64/machdep.c > @@ -276,6 +276,7 @@ void map_tramps(void); > void init_x86_64(paddr_t); > void (*cpuresetfn)(void); > void enter_shared_special_pages(void); > +void filter_autoconf(void); > > #ifdef APERTURE > int allowaperture = 0; > @@ -319,6 +320,8 @@ cpu_startup(void) > > bufinit(); > > + filter_autoconf(); > + > if (boothowto & RB_CONFIG) { > #ifdef BOOT_CONFIG > user_config(); > @@ -2212,3 +2215,46 @@ delay_fini(void (*fn)(int)) > amd64_delay_quality = 0; > } > } > + > +/* > + * When running confidential, enable only trusted device drivers. > + */ > +void > +filter_autoconf(void) > +{ > + int i, j, disable; > + const char *wlist[] = { > + /* These are sufficient for running on vmm(4)/vmd(8) */ > + "mainbus", "cpu", "pvbus", "pvclock", "pci", "virtio", "viornd", > + "vio", "vioblk", "scsibus", "sd", "vmmci", "isa", "com", > + "softraid", "mpath", "vscsi", > + /* These are additionally required for qemu and Linux/KVM */ > + "ppb", "ioapic", "bios", "acpi", "acpimadt", > + NULL }; > + > + if (!ISSET(cpu_sev_guestmode, SEV_STAT_ENABLED)) > + return; > + > + i = 0; > + while (cfdata[i].cf_attach != NULL) { > + j = 0; > + disable = 1; > + while (wlist[j] != NULL) { > + if (strcmp(wlist[j], cfdata[i].cf_driver->cd_name) > + == 0) { > + disable = 0; > + break; > + } > + j++; > + } > + if (!disable) { > + i++; > + continue; > + } > + if (cfdata[i].cf_fstate == FSTATE_NOTFOUND) > + cfdata[i].cf_fstate = FSTATE_DNOTFOUND; > + if (cfdata[i].cf_fstate == FSTATE_STAR) > + cfdata[i].cf_fstate = FSTATE_DSTAR; > + i++; > + } > +}

2025-07-21 14:03 Hans-Jörg Höxer:
AMD SEV: confidential autoconf whitelist
- 2025-07-21 14:09 Theo de Raadt:
  AMD SEV: confidential autoconf whitelist
- - 2025-07-21 15:08 Dave Voutila:
    AMD SEV: confidential autoconf whitelist
  - - 2025-07-21 17:31 Mike Larkin:
      AMD SEV: confidential autoconf whitelist