confidential guest kernel hardening changes #11257
Conversation
build-kernel.sh supports exluding fragments from the common base set based on the kernel target architecture. However, there are also cases where the base set must be stripped down for other reason. For example, confidential guest builds want to exclude some drivers the untrusted host may try to add devices (e.g., virtio-rng). Make build-kernel.sh to skip fragments tagged using '!confidential' when confidential guest kernels are built. Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
As the comment in the fragment suggests, this is for the firecracker builds and not relevant for confidential guests, for example. Exlude mmio.conf fragment by adding the new !confidential tag to drop virtio MMIO transport for the confidential guest kernel (as virtio PCI is enough for the use cases today). Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Linux CoCo x86 guest is hardened to ensure RDRAND provides enough entropy to initialize Linux RNG. A failure will panic the guest. For confidential guests any other RNG source is untrusted so disable them. Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
6.12.28 has been released, let's bump to it. Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Adding: "-object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0" for confidential guests is not necessary as the RNG source cannot be trusted and the guest kernel has the driver already disable as well. Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
49eca2c to
ab29c8c
Compare
|
added v6.12.28 LTS bump. |
| @@ -0,0 +1,4 @@ | |||
| # !confidential | |||
| # This is used by the s390 arch at least. Leave it on globally. | |||
There was a problem hiding this comment.
@BbolroC will this impact the SE kernel?
There was a problem hiding this comment.
I am not sure about the impact, but I will run our nightly SE test against this PR and share if all tests are passed. Thanks for the notice.
There was a problem hiding this comment.
Maybe I should bring this to @hbrueckner. What do you think about this?
There was a problem hiding this comment.
See ab29c8c also. According to that, these configs are not used by the runtime on s390 (which looks a conflict with the comment in this file?).
There was a problem hiding this comment.
Ah, right. I have also got the following feedback from inside:
The IBM Z and LinuxOne has an on-chip true random generator.
But just to make sure it, I will trigger the nightly test and share the result today. Thanks!
There was a problem hiding this comment.
I believe that is expected and OK for s390x given:
tools/packaging/kernel/configs/fragments/s390/base.conf:CONFIG_HW_RANDOM_S390=y
There was a problem hiding this comment.
yeah, interestingly, I still got CONFIG_HW_RANDOM=y after commenting out CONFIG_HW_RANDOM_S390
There was a problem hiding this comment.
It seems CONFIG_ZCRYPT=y depends on CONFIG_HW_RANDOM=y. Is it okay for you the kernel is hardened enough for the platform even if CONFIG_HW_RANDOM=y which seems you don't want to have for x86_64?
There was a problem hiding this comment.
I got an internal confirmation like CCA mode for our crypto card depends on the HW random number generator. The mode is not used in IBM SEL. So I think the resulted configs are okay for the platform. Let met finish the test.
There was a problem hiding this comment.
Is it okay for you the kernel is hardened enough for the platform even if
CONFIG_HW_RANDOM=ywhich seems you don't want to have for x86_64?
It does not get enabled on x86_64 (see the PR cover letter) so we should be good. (thanks a lot for the help btw!)
|
@mythi Could you explain why you try to drop those configs for CoCo? Just out of curiosity. 😉 I've checked the reason from the commit message:
Let me rephrase my question. Could you elaborate more on |
I guess it would be better to say 'host provided RNG source is not trusted' which then answers your question. |
yep, it makes sense to me. thanks! |
|
@mythi @stevenhorsman all nightly tests with the PR have been passed. Also, it was confirmed that no issues are expected for the current crypto use cases for IBM SEL. Thanks! |
My goal was to have it in the release. |
A change in the qemu command line is suspected to have caused this change in ACPI table measurement, the following flags were removed: -object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0 In PR kata-containers/kata-containers#11257 Signed-off-by: Paul Meyer <katexochen0@gmail.com>
A change in the qemu command line is suspected to have caused this change in ACPI table measurement, the following flags were removed: -object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0 In PR kata-containers/kata-containers#11257 Signed-off-by: Paul Meyer <katexochen0@gmail.com>
A change in the qemu command line is suspected to have caused this change in ACPI table measurement, the following flags were removed: -object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0 In PR kata-containers/kata-containers#11257 Signed-off-by: Paul Meyer <katexochen0@gmail.com>
A change in the qemu command line is suspected to have caused this change in ACPI table measurement, the following flags were removed: -object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0 In PR kata-containers/kata-containers#11257 Signed-off-by: Paul Meyer <katexochen0@gmail.com>
Drop some fragments from the confidential guest kernel builds. The PR should result in the following
.configdiff:Tested on a Kata TDX guest and it boots OK.