lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 3 Oct 2022 12:01:19 -0600 From: Peter Gonda <pgonda@...gle.com> To: Borislav Petkov <bp@...en8.de> Cc: "Kalra, Ashish" <Ashish.Kalra@....com>, "x86@...nel.org" <x86@...nel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "kvm@...r.kernel.org" <kvm@...r.kernel.org>, "linux-coco@...ts.linux.dev" <linux-coco@...ts.linux.dev>, "linux-mm@...ck.org" <linux-mm@...ck.org>, "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>, "tglx@...utronix.de" <tglx@...utronix.de>, "mingo@...hat.com" <mingo@...hat.com>, "jroedel@...e.de" <jroedel@...e.de>, "Lendacky, Thomas" <Thomas.Lendacky@....com>, "hpa@...or.com" <hpa@...or.com>, "ardb@...nel.org" <ardb@...nel.org>, "pbonzini@...hat.com" <pbonzini@...hat.com>, "seanjc@...gle.com" <seanjc@...gle.com>, "vkuznets@...hat.com" <vkuznets@...hat.com>, "jmattson@...gle.com" <jmattson@...gle.com>, "luto@...nel.org" <luto@...nel.org>, "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>, "slp@...hat.com" <slp@...hat.com>, "peterz@...radead.org" <peterz@...radead.org>, "srinivas.pandruvada@...ux.intel.com" <srinivas.pandruvada@...ux.intel.com>, "rientjes@...gle.com" <rientjes@...gle.com>, "dovmurik@...ux.ibm.com" <dovmurik@...ux.ibm.com>, "tobin@....com" <tobin@....com>, "Roth, Michael" <Michael.Roth@....com>, "vbabka@...e.cz" <vbabka@...e.cz>, "kirill@...temov.name" <kirill@...temov.name>, "ak@...ux.intel.com" <ak@...ux.intel.com>, "tony.luck@...el.com" <tony.luck@...el.com>, "marcorr@...gle.com" <marcorr@...gle.com>, "sathyanarayanan.kuppuswamy@...ux.intel.com" <sathyanarayanan.kuppuswamy@...ux.intel.com>, "alpergun@...gle.com" <alpergun@...gle.com>, "dgilbert@...hat.com" <dgilbert@...hat.com>, "jarkko@...nel.org" <jarkko@...nel.org> Subject: Re: [PATCH Part2 v6 13/49] crypto:ccp: Provide APIs to issue SEV-SNP commands On Mon, Oct 3, 2022 at 11:45 AM Borislav Petkov <bp@...en8.de> wrote: > > On Mon, Oct 03, 2022 at 05:11:05PM +0000, Kalra, Ashish wrote: > > They are basically providing the APIs for the hypervisor to manage a > > SNP guest. > > Yes, I know. But that is not my question. Lemme try again. > > My previous comment was: > > "I think you should simply export sev_do_cmd() and call it instead." > > In this case, the API is a single function - sev_do_cmd() - which the > hypervisor calls. > > So my question still stands: why is it better to have silly wrappers > of sev_do_cmd() instead of having the hypervisor call sev_do_cmd() > directly? We already have sev_issue_cmd_external_user() exported right? Another option could be to make these wrappers more helpful and less silly. For example callers need to know the PSP command format right now, see sev_guest_decommission(). int sev_guest_decommission(struct sev_data_decommission *data, int *error) Instead of taking @data this function could just take inputs to create sev_data_decommission: int sev_guest_decommission(u32 handle, int *error) > > -- > Regards/Gruss, > Boris. > > https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists