Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area

From: Dov Murik
Date: Mon Feb 07 2022 - 13:54:55 EST

Next message: trix: "[PATCH] io_uring: fix uninitialized return"
Previous message: Randy Dunlap: "Re: [PATCH 1/2] x86/Kconfig: move and modify CONFIG_I8K"
In reply to: Matthew Garrett: "Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 02/02/2022 10:45, Matthew Garrett wrote:
> On Wed, Feb 02, 2022 at 09:36:53AM +0100, Gerd Hoffmann wrote:
>
>> Having a "secrets/" directory looks good to me. Then the individual
>> implementations can either add files to the directory, i.e. efi_secrets
>> would create "secrets/<guid>" files. Or each implementation creates a
>> subdirectory with the secrets, i.e. "secrets/coco/" and
>> "secrets/coco/<guid>".
>
> I prefer a subdirectory, on the basis that we could conceivably end up
> with more than one implementation on a single device at some point, and
> also because it makes it trivial for userland to determine what the
> source is which may make a semantic difference under certain
> circumstances.
>

OK, sounds good. In the next round of the series the module will create
the files in <securityfs>/secrets/coco/ .

>> Longer-term (i.e once we have more than one implementation) we probably
>> need a separate module which owns and manages the "secrets/" directory,
>> and possibly provides some common helper functions too.
>
> Agree.

Yes; one candidate for such helper function is a filesystem that
implements the "wipe file content from memory on unlink".

-Dov

Next message: trix: "[PATCH] io_uring: fix uninitialized return"
Previous message: Randy Dunlap: "Re: [PATCH 1/2] x86/Kconfig: move and modify CONFIG_I8K"
In reply to: Matthew Garrett: "Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]