Commit cbabf03c authored by Dov Murik's avatar Dov Murik Committed by Ard Biesheuvel
Browse files

virt: Add efi_secret module to expose confidential computing secrets 



The new efi_secret module exposes the confidential computing (coco)
EFI secret area via securityfs interface.

When the module is loaded (and securityfs is mounted, typically under
/sys/kernel/security), a "secrets/coco" directory is created in
securityfs.  In it, a file is created for each secret entry.  The name
of each such file is the GUID of the secret entry, and its content is
the secret data.

This allows applications running in a confidential computing setting to
read secrets provided by the guest owner via a secure secret injection
mechanism (such as AMD SEV's LAUNCH_SECRET command).

Removing (unlinking) files in the "secrets/coco" directory will zero out
the secret in memory, and remove the filesystem entry.  If the module is
removed and loaded again, that secret will not appear in the filesystem.

Signed-off-by: default avatarDov Murik <dovmurik@linux.ibm.com>
Reviewed-by: default avatarGerd Hoffmann <kraxel@redhat.com>
Link: https://lore.kernel.org/r/20220412212127.154182-3-dovmurik@linux.ibm.com


Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
parent 12274189

Documentation/ABI/testing/securityfs-secrets-coco

0 → 100644
+51 −0
Original line number Diff line number Diff line 
What:		security/secrets/coco

Date:		February 2022

Contact:	Dov Murik <dovmurik@linux.ibm.com>

Description:

		Exposes confidential computing (coco) EFI secrets to

		userspace via securityfs.



		EFI can declare memory area used by confidential computing

		platforms (such as AMD SEV and SEV-ES) for secret injection by

		the Guest Owner during VM's launch.  The secrets are encrypted

		by the Guest Owner and decrypted inside the trusted enclave,

		and therefore are not readable by the untrusted host.



		The efi_secret module exposes the secrets to userspace.  Each

		secret appears as a file under <securityfs>/secrets/coco,

		where the filename is the GUID of the entry in the secrets

		table.  This module is loaded automatically by the EFI driver

		if the EFI secret area is populated.



		Two operations are supported for the files: read and unlink.

		Reading the file returns the content of secret entry.

		Unlinking the file overwrites the secret data with zeroes and

		removes the entry from the filesystem.  A secret cannot be read

		after it has been unlinked.



		For example, listing the available secrets::



		  # modprobe efi_secret

		  # ls -l /sys/kernel/security/secrets/coco

		  -r--r----- 1 root root 0 Jun 28 11:54 736870e5-84f0-4973-92ec-06879ce3da0b

		  -r--r----- 1 root root 0 Jun 28 11:54 83c83f7f-1356-4975-8b7e-d3a0b54312c6

		  -r--r----- 1 root root 0 Jun 28 11:54 9553f55d-3da2-43ee-ab5d-ff17f78864d2

		  -r--r----- 1 root root 0 Jun 28 11:54 e6f5a162-d67f-4750-a67c-5d065f2a9910



		Reading the secret data by reading a file::



		  # cat /sys/kernel/security/secrets/coco/e6f5a162-d67f-4750-a67c-5d065f2a9910

		  the-content-of-the-secret-data



		Wiping a secret by unlinking a file::



		  # rm /sys/kernel/security/secrets/coco/e6f5a162-d67f-4750-a67c-5d065f2a9910

		  # ls -l /sys/kernel/security/secrets/coco

		  -r--r----- 1 root root 0 Jun 28 11:54 736870e5-84f0-4973-92ec-06879ce3da0b

		  -r--r----- 1 root root 0 Jun 28 11:54 83c83f7f-1356-4975-8b7e-d3a0b54312c6

		  -r--r----- 1 root root 0 Jun 28 11:54 9553f55d-3da2-43ee-ab5d-ff17f78864d2



		Note: The binary format of the secrets table injected by the

		Guest Owner is described in

		drivers/virt/coco/efi_secret/efi_secret.c under "Structure of

		the EFI secret area".

drivers/virt/Kconfig

+3 −0
Original line number Diff line number Diff line
@@ -47,4 +47,7 @@ source "drivers/virt/vboxguest/Kconfig" 
source "drivers/virt/nitro_enclaves/Kconfig"



source "drivers/virt/acrn/Kconfig"



source "drivers/virt/coco/efi_secret/Kconfig"



endif

drivers/virt/Makefile

+1 −0
Original line number Diff line number Diff line
@@ -9,3 +9,4 @@ obj-y += vboxguest/ 


obj-$(CONFIG_NITRO_ENCLAVES)	+= nitro_enclaves/

obj-$(CONFIG_ACRN_HSM)		+= acrn/

obj-$(CONFIG_EFI_SECRET)	+= coco/efi_secret/

drivers/virt/coco/efi_secret/Kconfig

0 → 100644
+16 −0
Original line number Diff line number Diff line 
# SPDX-License-Identifier: GPL-2.0-only

config EFI_SECRET

	tristate "EFI secret area securityfs support"

	depends on EFI && X86_64

	select EFI_COCO_SECRET

	select SECURITYFS

	help

	  This is a driver for accessing the EFI secret area via securityfs.

	  The EFI secret area is a memory area designated by the firmware for

	  confidential computing secret injection (for example for AMD SEV

	  guests).  The driver exposes the secrets as files in

	  <securityfs>/secrets/coco.  Files can be read and deleted (deleting

	  a file wipes the secret from memory).



	  To compile this driver as a module, choose M here.

	  The module will be called efi_secret.

drivers/virt/coco/efi_secret/Makefile

0 → 100644
+2 −0
Original line number Diff line number Diff line 
# SPDX-License-Identifier: GPL-2.0-only

obj-$(CONFIG_EFI_SECRET) += efi_secret.o