1f597b1a6e
Kernel developers working on confidential computing for virtualized environments in x86 operate under a set of assumptions regarding the Linux kernel threat model that differs from the traditional view. Historically, the Linux threat model acknowledges attackers residing in userspace, as well as a limited set of external attackers that are able to interact with the kernel through networking or limited HW-specific exposed interfaces (e.g. USB, thunderbolt). The goal of this document is to explain additional attack vectors that arise in the virtualized confidential computing space. Reviewed-by: Larry Dewey <larry.dewey@amd.com> Reviewed-by: David Kaplan <david.kaplan@amd.com> Co-developed-by: Elena Reshetova <elena.reshetova@intel.com> Signed-off-by: Elena Reshetova <elena.reshetova@intel.com> Signed-off-by: Carlos Bilbao <carlos.bilbao@amd.com> Message-ID: <98804f27-c2e7-74d6-d671-1eda927e19fe@amd.com> Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Linux kernel
============
There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.
In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``. The formatted documentation can also be read online at:
https://www.kernel.org/doc/html/latest/
There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.