"Theo de Raadt" <deraadt@openbsd.org> writes:

> I think this is very ugly.   The idea is basically that a hypervisor
> will not screw up these devices:
>
>> +         /* These are sufficient for running on vmm(4)/vmd(8) */
>> +         "mainbus", "cpu", "pvbus", "pvclock", "pci", "virtio", "viornd",
>> +         "vio", "vioblk", "scsibus", "sd", "vmmci", "isa", "com",
>> +         "softraid", "mpath", "vscsi",
>> +         /* These are additionally required for qemu and Linux/KVM */
>> +         "ppb", "ioapic", "bios", "acpi", "acpimadt",
>
> but will screw up all the others, and that's attack surface?
>
> I don't understand that logic, and I don't like this scheme at all.
>

Yeah... I think disabling things in the guest is backwards. Devices
don't just magically appear without the hypervisor's knowledge so I
believe it should be the arbiter of what it provides the guest.

Unless I'm missing something here?

>
>
> Hans-Jörg Höxer <hshoexer@genua.de> wrote:
>
>> Hi,
>>
>> When running confidential -- ie. SEV-* is active -- disable all
>> autoconf attached devices except a set of white listed devices.
>> This is similar to disabling devices using UKC.
>>
>> Running on a hypervisor puts emphasis on device drives as attack
>> surface. Thus we want to reduce that surface in a confidential
>> setting.
>>
>> Take care,
>> Hans-Joerg
>>
>> --
>> commit 653bf04dfd955a4b746c556fb1f909d0efde33f8
>> Author: Hans-Joerg Hoexer <hshoexer@genua.de>
>> Date:   Wed Jul 16 11:45:00 2025 +0200
>>
>>     AMD SEV: confidential autoconf whitelist
>>
>>     When running confidential -- ie. SEV-* is active -- disable all
>>     autoconf attached devices except a set of white listed devices.
>>     This is similar to disabling devices using UKC.
>>
>>     Running on a hypervisor puts emphasis on device drives as attack
>>     surface. Thus we want to reduce that surface in a confidential
>>     setting.
>>
>> diff --git a/sys/arch/amd64/amd64/machdep.c b/sys/arch/amd64/amd64/machdep.c
>> index 991dd2cbeb6..5fdb3ad08e3 100644
>> --- a/sys/arch/amd64/amd64/machdep.c
>> +++ b/sys/arch/amd64/amd64/machdep.c
>> @@ -276,6 +276,7 @@ void	map_tramps(void);
>>  void	init_x86_64(paddr_t);
>>  void	(*cpuresetfn)(void);
>>  void	enter_shared_special_pages(void);
>> +void	filter_autoconf(void);
>>
>>  #ifdef APERTURE
>>  int allowaperture = 0;
>> @@ -319,6 +320,8 @@ cpu_startup(void)
>>
>>  	bufinit();
>>
>> +	filter_autoconf();
>> +
>>  	if (boothowto & RB_CONFIG) {
>>  #ifdef BOOT_CONFIG
>>  		user_config();
>> @@ -2212,3 +2215,46 @@ delay_fini(void (*fn)(int))
>>  		amd64_delay_quality = 0;
>>  	}
>>  }
>> +
>> +/*
>> + * When running confidential, enable only trusted device drivers.
>> + */
>> +void
>> +filter_autoconf(void)
>> +{
>> +	int i, j, disable;
>> +	const char *wlist[] = {
>> +	    /* These are sufficient for running on vmm(4)/vmd(8) */
>> +	    "mainbus", "cpu", "pvbus", "pvclock", "pci", "virtio", "viornd",
>> +	    "vio", "vioblk", "scsibus", "sd", "vmmci", "isa", "com",
>> +	    "softraid", "mpath", "vscsi",
>> +	    /* These are additionally required for qemu and Linux/KVM */
>> +	    "ppb", "ioapic", "bios", "acpi", "acpimadt",
>> +	    NULL };
>> +
>> +	if (!ISSET(cpu_sev_guestmode, SEV_STAT_ENABLED))
>> +		return;
>> +
>> +	i = 0;
>> +	while (cfdata[i].cf_attach != NULL) {
>> +		j = 0;
>> +		disable = 1;
>> +		while (wlist[j] != NULL) {
>> +			if (strcmp(wlist[j], cfdata[i].cf_driver->cd_name)
>> +			    == 0) {
>> +				disable = 0;
>> +				break;
>> +			}
>> +			j++;
>> +		}
>> +		if (!disable) {
>> +			i++;
>> +			continue;
>> +		}
>> +		if (cfdata[i].cf_fstate == FSTATE_NOTFOUND)
>> +			cfdata[i].cf_fstate = FSTATE_DNOTFOUND;
>> +		if (cfdata[i].cf_fstate == FSTATE_STAR)
>> +			cfdata[i].cf_fstate = FSTATE_DSTAR;
>> +		i++;
>> +	}
>> +}