lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 26 May 2020 13:42:41 +0200
From:   Alexander Graf <graf@...zon.de>
To:     Greg KH <gregkh@...uxfoundation.org>,
        Andra Paraschiv <andraprs@...zon.com>
CC:     <linux-kernel@...r.kernel.org>,
        Anthony Liguori <aliguori@...zon.com>,
        Benjamin Herrenschmidt <benh@...nel.crashing.org>,
        Colm MacCarthaigh <colmmacc@...zon.com>,
        Bjoern Doebel <doebel@...zon.de>,
        David Woodhouse <dwmw@...zon.co.uk>,
        Frank van der Linden <fllinden@...zon.com>,
        "Martin Pohlack" <mpohlack@...zon.de>,
        Matt Wilson <msw@...zon.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Balbir Singh <sblbir@...zon.com>,
        Stefano Garzarella <sgarzare@...hat.com>,
        Stefan Hajnoczi <stefanha@...hat.com>,
        Stewart Smith <trawets@...zon.com>,
        Uwe Dannowski <uwed@...zon.de>, <kvm@...r.kernel.org>,
        <ne-devel-upstream@...zon.com>
Subject: Re: [PATCH v3 07/18] nitro_enclaves: Init misc device providing the
 ioctl interface



On 26.05.20 08:51, Greg KH wrote:
> 
> On Tue, May 26, 2020 at 01:13:23AM +0300, Andra Paraschiv wrote:
>> +#define NE "nitro_enclaves: "
> 
> Again, no need for this.
> 
>> +#define NE_DEV_NAME "nitro_enclaves"
> 
> KBUILD_MODNAME?
> 
>> +#define NE_IMAGE_LOAD_OFFSET (8 * 1024UL * 1024UL)
>> +
>> +static char *ne_cpus;
>> +module_param(ne_cpus, charp, 0644);
>> +MODULE_PARM_DESC(ne_cpus, "<cpu-list> - CPU pool used for Nitro Enclaves");
> 
> Again, please do not do this.

I actually asked her to put this one in specifically.

The concept of this parameter is very similar to isolcpus= and maxcpus= 
in that it takes CPUs away from Linux and instead donates them to the 
underlying hypervisor, so that it can spawn enclaves using them.

 From an admin's point of view, this is a setting I would like to keep 
persisted across reboots. How would this work with sysfs?

> Can you get the other amazon.com developers on the cc: list to review
> this before you send it out again?  I feel like I am doing basic review
> of things that should be easily caught by them before you ask the
> community to review your code.

Again, my fault :). We did a good number of internal review rounds, but 
I guess I didn't catch the bits you pointed out.

So yes, let's give everyone in CC the change to review v3 properly first 
before v4 goes out.

> And get them to sign off on it too, showing they agree with the design
> decisions here :)

I would expect a Reviewed-by tag as a result from the above would 
satisfy this? :)


Alex



Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ