|
|
|
|
|
|
by bpye
1921 days ago
|
|
|
How would you know to trust the platform you are running on without some sort of hardware key and attestation? You need to be able to determine from your guest that you are running in this confidential environment rather than in some emulation, and I don’t know of any other way to do this than attestation. Additionally we are not talking about separate TPMs today much of the time, rather there will be some environment on the same package or the same die as your AP providing this TEE so you cannot trivially intercept that bus. |
|
|
I don't know of any way to do this, period.