From: Dave Voutila Subject: Re: AMD SEV: confidential autoconf whitelist To: tech@openbsd.org Date: Mon, 21 Jul 2025 11:08:24 -0400 "Theo de Raadt" writes: > I think this is very ugly. The idea is basically that a hypervisor > will not screw up these devices: > >> + /* These are sufficient for running on vmm(4)/vmd(8) */ >> + "mainbus", "cpu", "pvbus", "pvclock", "pci", "virtio", "viornd", >> + "vio", "vioblk", "scsibus", "sd", "vmmci", "isa", "com", >> + "softraid", "mpath", "vscsi", >> + /* These are additionally required for qemu and Linux/KVM */ >> + "ppb", "ioapic", "bios", "acpi", "acpimadt", > > but will screw up all the others, and that's attack surface? > > I don't understand that logic, and I don't like this scheme at all. > Yeah... I think disabling things in the guest is backwards. Devices don't just magically appear without the hypervisor's knowledge so I believe it should be the arbiter of what it provides the guest. Unless I'm missing something here? > > > Hans-Jörg Höxer wrote: > >> Hi, >> >> When running confidential -- ie. SEV-* is active -- disable all >> autoconf attached devices except a set of white listed devices. >> This is similar to disabling devices using UKC. >> >> Running on a hypervisor puts emphasis on device drives as attack >> surface. Thus we want to reduce that surface in a confidential >> setting. >> >> Take care, >> Hans-Joerg >> >> -- >> commit 653bf04dfd955a4b746c556fb1f909d0efde33f8 >> Author: Hans-Joerg Hoexer >> Date: Wed Jul 16 11:45:00 2025 +0200 >> >> AMD SEV: confidential autoconf whitelist >> >> When running confidential -- ie. SEV-* is active -- disable all >> autoconf attached devices except a set of white listed devices. >> This is similar to disabling devices using UKC. >> >> Running on a hypervisor puts emphasis on device drives as attack >> surface. Thus we want to reduce that surface in a confidential >> setting. >> >> diff --git a/sys/arch/amd64/amd64/machdep.c b/sys/arch/amd64/amd64/machdep.c >> index 991dd2cbeb6..5fdb3ad08e3 100644 >> --- a/sys/arch/amd64/amd64/machdep.c >> +++ b/sys/arch/amd64/amd64/machdep.c >> @@ -276,6 +276,7 @@ void map_tramps(void); >> void init_x86_64(paddr_t); >> void (*cpuresetfn)(void); >> void enter_shared_special_pages(void); >> +void filter_autoconf(void); >> >> #ifdef APERTURE >> int allowaperture = 0; >> @@ -319,6 +320,8 @@ cpu_startup(void) >> >> bufinit(); >> >> + filter_autoconf(); >> + >> if (boothowto & RB_CONFIG) { >> #ifdef BOOT_CONFIG >> user_config(); >> @@ -2212,3 +2215,46 @@ delay_fini(void (*fn)(int)) >> amd64_delay_quality = 0; >> } >> } >> + >> +/* >> + * When running confidential, enable only trusted device drivers. >> + */ >> +void >> +filter_autoconf(void) >> +{ >> + int i, j, disable; >> + const char *wlist[] = { >> + /* These are sufficient for running on vmm(4)/vmd(8) */ >> + "mainbus", "cpu", "pvbus", "pvclock", "pci", "virtio", "viornd", >> + "vio", "vioblk", "scsibus", "sd", "vmmci", "isa", "com", >> + "softraid", "mpath", "vscsi", >> + /* These are additionally required for qemu and Linux/KVM */ >> + "ppb", "ioapic", "bios", "acpi", "acpimadt", >> + NULL }; >> + >> + if (!ISSET(cpu_sev_guestmode, SEV_STAT_ENABLED)) >> + return; >> + >> + i = 0; >> + while (cfdata[i].cf_attach != NULL) { >> + j = 0; >> + disable = 1; >> + while (wlist[j] != NULL) { >> + if (strcmp(wlist[j], cfdata[i].cf_driver->cd_name) >> + == 0) { >> + disable = 0; >> + break; >> + } >> + j++; >> + } >> + if (!disable) { >> + i++; >> + continue; >> + } >> + if (cfdata[i].cf_fstate == FSTATE_NOTFOUND) >> + cfdata[i].cf_fstate = FSTATE_DNOTFOUND; >> + if (cfdata[i].cf_fstate == FSTATE_STAR) >> + cfdata[i].cf_fstate = FSTATE_DSTAR; >> + i++; >> + } >> +}