lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YN4DixahyShxyyCv@zn.tnic>
Date:   Thu, 1 Jul 2021 20:03:55 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     Brijesh Singh <brijesh.singh@....com>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        linux-efi@...r.kernel.org, platform-driver-x86@...r.kernel.org,
        linux-coco@...ts.linux.dev, linux-mm@...ck.org,
        linux-crypto@...r.kernel.org, Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Joerg Roedel <jroedel@...e.de>,
        Tom Lendacky <thomas.lendacky@....com>,
        "H. Peter Anvin" <hpa@...or.com>, Ard Biesheuvel <ardb@...nel.org>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Sean Christopherson <seanjc@...gle.com>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        Wanpeng Li <wanpengli@...cent.com>,
        Jim Mattson <jmattson@...gle.com>,
        Andy Lutomirski <luto@...nel.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Sergio Lopez <slp@...hat.com>, Peter Gonda <pgonda@...gle.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com>,
        David Rientjes <rientjes@...gle.com>, tony.luck@...el.com,
        npmccallum@...hat.com, Dov Murik <dovmurik@...ux.ibm.com>
Subject: Re: [PATCH Part1 RFC v3 22/22] virt: Add SEV-SNP guest driver

On Wed, Jun 30, 2021 at 11:26:46AM -0500, Brijesh Singh wrote:
> As you have noticed that Dov is submitting the SEV specific driver.

Well, reportedly that driver is generic-ish as it only handles the
EFI-provided sekrits and is not SEV-specific - the SEV use is only
exemplary.

> I was thinking that it will be nice if we have one driver that covers
> both the SEV and SEV-SNP. That driver can be called "sevguest". The
> kernel will install the appropriate platform device. The sevguest
> driver can probe for both the "sev-guest" and "snp-guest" and delegate
> the ioctl handling accordingly.
>
> In the kernel the directory structure may look like this:
>
> virt/coco/sevguest
>   sevguest.c       // common code
>   snp.c            // SNP specific ioctl implementation
>   sev.c            // SEV specific ioctl or sysfs implementation
> 
> Thoughts ?

Sure, but I'd call it sevguest.c and will have it deal with both SEV and
SNP ioctls depending on what has been detected in the hardware. Or is
there some special reason for having snp.c and sev.c separate?

> I followed the naming convension you recommended during the initial SEV driver
> developement. IIRC, the main reason for us having to add "user" in it because
> we wanted to distinguious that this structure is not exactly same as the what
> is defined in the SEV-SNP firmware spec.

I most definitely have forgotten about this. Can you point me to the
details of that discussion and why there's a need to distinguish?

> Good question, I am not able to find a generic place to document it. Should we
> create a documentation "Documentation/virt/coco/sevguest-api.rst" for it ? I am
> open to other suggestions.

Well, grepping the tree for "ioctl" I see:

Documentation/driver-api/ioctl.rst
Documentation/process/botching-up-ioctls.rst
Documentation/userspace-api/ioctl/cdrom.rst
Documentation/userspace-api/ioctl/hdio.rst
Documentation/userspace-api/ioctl/index.rst
Documentation/userspace-api/ioctl/ioctl-decoding.rst
Documentation/userspace-api/ioctl/ioctl-number.rst
Documentation/userspace-api/media/cec/cec-func-ioctl.rst
Documentation/userspace-api/media/mediactl/media-func-ioctl.rst
Documentation/userspace-api/media/mediactl/request-func-ioctl.rst
Documentation/userspace-api/media/v4l/func-ioctl.rst

and there's some good info as to what to do.

In any case, Documentation/virt/coco/sevguest-api.rst doesn't sound too
bad either, actually, as it collects everything under virt/

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ