If a CoCo guest enables memory swapping to a disk, and assuming the disk is under control of host/VMM, it is possible to perform rollback attacks on CoCo guest private memory since no commonly used Linux disk protection mechanisms provide rollback protection (confidentiality and integrity of the disk can be guaranteed by using an off-shelf methods).
Solution
Currently none. If rollback attacks are a concern, then either memory swapping should be disabled in the guest kernel or the disk must be located outside of host/VMM control, i.e. by using a volume mounted from the network, etc.
Summary
If a CoCo guest enables memory swapping to a disk, and assuming the disk is under control of host/VMM, it is possible to perform rollback attacks on CoCo guest private memory since no commonly used Linux disk protection mechanisms provide rollback protection (confidentiality and integrity of the disk can be guaranteed by using an off-shelf methods).
Solution
Currently none. If rollback attacks are a concern, then either memory swapping should be disabled in the guest kernel or the disk must be located outside of host/VMM control, i.e. by using a volume mounted from the network, etc.