[edk2-rfc] [edk2-devel] RFC: design review for TDVF in OVMF

[Michael Brown]

On 04/06/2021 11:43, Michael Brown wrote:
> On 04/06/2021 11:11, Laszlo Ersek wrote:
>> And, to reiterate, just because Confidential Computing is the
>> new hot thing, the use cases for OvmfPkgIa32, OvmfPkgIa32X64, OvmfPkgX64
>> do not disappear. Regressing them, or making them unmaintainable due to
>> skyrocketing complexity, is not acceptable.
> 
> Totally agree with this.  Confidential Computing is a very niche use 
> case, and there is no justification for exploding the complexity of the 
> standard OVMF build.
> 
> If, several years from now, it ever reaches the point that the majority 
> of real-world workloads are using TDX, then there would be an argument 
> that the complexity cost has to be paid and that the standard OVMF build 
> should include TDX features.  But that's several years away and may 
> never happen.

Out of interest: does Intel TDX provide any security benefits beyond the 
(much simpler) Intel SGX?

As far as I can tell from the various papers, the fundamental difference 
between TDX and SGX seems to be that TDX deliberately increases the 
attack surface from "just the application code" to "entire guest VM, 
including OS kernel, runtime libraries, etc".  Increasing the attack 
surface while adding complexity is a huge cost so I'm assuming that 
there must be some commensurate benefit, but nothing in the 
documentation I've seen seems to describe what this benefit actually is.

Thanks,

Michael


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#76079): https://edk2.groups.io/g/devel/message/76079
Mute This Topic: https://groups.io/mt/83283616/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-