[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200306172010.1213899-1-ckuehl@redhat.com>
Date: Fri, 6 Mar 2020 09:20:09 -0800
From: Connor Kuehl <ckuehl@...hat.com>
To: thomas.lendacky@....com, herbert@...dor.apana.org.au,
davem@...emloft.net
Cc: gary.hook@....com, erdemaktas@...gle.com, rientjes@...gle.com,
brijesh.singh@....com, npmccallum@...hat.com, bsd@...hat.com,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
Connor Kuehl <ckuehl@...hat.com>
Subject: [PATCH 0/1] crypto: ccp: use file mode for sev ioctl permissions
Some background:
My team is working on a project that interacts very closely with
SEV so we have a layer of code that wraps around the SEV ioctl calls.
We have an automated test suite that ends up testing these ioctls
on our test machine.
We are in the process of adding this test machine as a dedicated test
runner in our continuous integration process. Any time someone opens a
pull request against our project, this test runner automatically checks
that code out and executes the tests.
Right now, the SEV ioctls that affect the state of the platform require
CAP_SYS_ADMIN to run. This is not a capability we can give to an
automated test runner, because it means that anyone who would like to
contribute to the project would be able to run any code they want (for
good or evil) as CAP_SYS_ADMIN on our machine.
This patch replaces the check for CAP_SYS_ADMIN with a check that can
still be easily controlled by an administrator with the file permissions
ACL. This way access to the device can still be controlled, but without
also assigning such broad system privileges at the same time.
Connor Kuehl (1):
crypto: ccp: use file mode for sev ioctl permissions
drivers/crypto/ccp/sev-dev.c | 33 +++++++++++++++++----------------
1 file changed, 17 insertions(+), 16 deletions(-)
--
2.24.1
Powered by blists - more mailing lists