Le 12/06/2025 à 12:08, Jan Beulich a écrit : > On 12.06.2025 01:58, Andrew Cooper wrote: >> + >> +Lockdown Mode >> +^^^^^^^^^^^^^ >> + >> +A mode which causes the enforcement of the properties necessary to conform >> to >> +the Secure Boot specification. Lockdown Mode is forced active when Secure >> +Boot is active in the platform, but may be activated independently too for >> +development purposes with the ``lockdown`` command line option. >> + >> +TODO >> +^^^^ >> + >> + * Command Line >> + * Livepatching >> + * Kexec >> + * Userspace hypercalls > > What about Dom0 being able to access almost(?) all memory, including all MMIO? > In this context, isn't iommu=dom0-strict a requirement for SB (while that's > still not the default mode of operation for PV Dom0, despite me keeping to > suggest that we ought to change that default)? >
Unless I missed something, the kernel is not a part of the TCB in this Secure Boot model. But at some point, we definitely want to reduce the TCB to just Xen, and put a more limited trust on the control domains. Yet, the current plan of hardening the privcmd device is going to be very hard for sure. dom0-iommu=strict is a good mitigations in case untrusted parties of the dom0 get direct access to a devices. However, as it is now, it implies a IOTLB flush for each grant mapping done, which severely impede PV performance (PV-IOMMU patches can help solving this performance problem though). Teddy Teddy Astie | Vates XCP-ng Developer XCP-ng & Xen Orchestra - Vates solutions web: https://vates.tech
