On 2/14/19 3:08 PM, Nathaniel McCallum wrote:
> I've been working on wrapping various SEV kernel APIs for userspace
> consumption. There does not appear to be any privilege separation for
> these commands: you can run them all or none of them. This is less
> than ideal because it means that a
I've been working on wrapping various SEV kernel APIs for userspace
consumption. There does not appear to be any privilege separation for
these commands: you can run them all or none of them. This is less
than ideal because it means that a compromise of the code which
launches VMs could make
2 matches
Mail list logo