Configure CoCo runtimes with shared_fs=none #9676
Labels
area/confidential-containers
Issues related to confidential containers (see also CCv0 branch)
enhancement
Improvement to an existing feature
needs-review
Needs to be assessed by the team.
Projects
Which feature do you think can be improved?
The confidential runtime classes (qemu-coco-dev, qemu-snp, qemu-tdx, qemu-sev) are all configured with
shared_fs=virtio-9p
which actually represents a confidentiality flaw due the lack of a secure/trusted channels to share the host filesystem into the guest. Until we don't have a confidential mechanism to share host filesystem within the guest, it's suggested that CoCo runtimes are configure withshared_fs=none
, i.e, not host sharing is allowed.Once setting
shared_fs=none
, features likeConfigMap
andSecrets
resources will rely on files copied over the guest. We will need to test and fix any breakage with these features (as well as downward API and projected volumes).How can it be improved?
Set
shared_fs=none
by default on qemu-coco-dev, qemu-snp, qemu-tdx and qemu-sev runtime configuration.toml file.Additional Information
@fidencio actually first proposed that approach If I'm not mistaken and has already raised a PR for TDX: #9315 . From hist work we already have a list of test (so features) that break:
Work breakdown
shared_fs=none
for TDX #9315 (@fidencio)The text was updated successfully, but these errors were encountered: