Skip to content
Commit f8acb24a authored by Michael Kelley's avatar Michael Kelley Committed by Wei Liu
Browse files

x86/hyperv: Block root partition functionality in a Confidential VM 



Hyper-V should never specify a VM that is a Confidential VM and also
running in the root partition.  Nonetheless, explicitly block such a
combination to guard against a compromised Hyper-V maliciously trying to
exploit root partition functionality in a Confidential VM to expose
Confidential VM secrets. No known bug is being fixed, but the attack
surface for Confidential VMs on Hyper-V is reduced.

Signed-off-by: default avatarMichael Kelley <mikelley@microsoft.com>
Link: https://lore.kernel.org/r/1678894453-95392-1-git-send-email-mikelley@microsoft.com


Signed-off-by: default avatarWei Liu <wei.liu@kernel.org>
parent 1eb65c86
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment