lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3bf9c7c4-4475-ad12-d146-a97b33d1e4ba@linux.ibm.com>
Date:   Wed, 2 Mar 2022 11:46:38 +0100
From:   Steffen Eiden <seiden@...ux.ibm.com>
To:     Janosch Frank <frankja@...ux.ibm.com>, linux-s390@...r.kernel.org
Cc:     Heiko Carstens <hca@...ux.ibm.com>,
        Vasily Gorbik <gor@...ux.ibm.com>,
        Christian Borntraeger <borntraeger@...ux.ibm.com>,
        Alexander Gordeev <agordeev@...ux.ibm.com>,
        David Hildenbrand <david@...hat.com>,
        Claudio Imbrenda <imbrenda@...ux.ibm.com>,
        Shuah Khan <shuah@...nel.org>, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH v2 1/3] drivers/s390/char: Add Ultravisor io device



On 3/2/22 11:34, Janosch Frank wrote:
> On 2/23/22 15:48, Steffen Eiden wrote:
>> This patch adds a new miscdevice to expose some Ultravisor functions
>> to userspace. Userspace can send IOCTLs to the uvdevice that will then
>> emit a corresponding Ultravisor Call and hands the result over to
>> userspace. The uvdevice is available if the Ultravisor Call facility is
>> present.
>>
>> Userspace is now able to call the Query Ultravisor Information
>> Ultravisor Command through the uvdevice.
>>
>> Signed-off-by: Steffen Eiden <seiden@...ux.ibm.com>
>> ---
[...]
>> +
>> +config S390_UV_UAPI
>> +    def_tristate y
>> +    prompt "Ultravisor userspace API"
>> +    depends on PROTECTED_VIRTUALIZATION_GUEST
> 
> Please drop the dependency.
> We want this to be available to both guest and host as QUI is available 
> in both environments and more calls like this could follow.
> 
> We could put an option around the attestation but the savings are not 
> worth the effort.

Makes sense. I will drop the dependency in v3.

Steffen

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ