Received: by 2002:ac0:a679:0:0:0:0:0 with SMTP id p54csp1162594imp;
        Thu, 21 Feb 2019 20:39:21 -0800 (PST)
X-Google-Smtp-Source: AHgI3IaepV3H62BNB3nO5Ty0UL1cy15MUwAH/HU+aZTUlI8udN7U6blOSUfVMouynQj4iCVmnBha
X-Received: by 2002:a65:6683:: with SMTP id b3mr2065505pgw.423.1550810361536;
        Thu, 21 Feb 2019 20:39:21 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1550810361; cv=none;
        d=google.com; s=arc-20160816;
        b=c79FVFEEIcJxIcW0gMTSpYKToL6cxsaXrwK6RRw9t4V65CvEtFGo0aD7lbG2rbGJSp
         Z5KNwZtXjnzE9JQvHRww81HKqjdSd2nFC765jlEmafpm3nM8aQHEiOhaXaioa0d/rD9/
         4Uq2gnXmlv6gGt0MY2opXc39xdHn9mTVREd/GLE99eu7Q7S1fL5+Sy3TQzors/ErEmRO
         3NduJI01C7k1PuypdYNRXvuailvG5+//lHWM3TmJkGm2KewnwDincPu3t46iq12hvZhu
         pV1okHpufPOqNMx6vafO3+hZ7lT/yQmkQunVQn6EO5lpd4OuQy/K0eoCOxwQESVmrMM0
         gcBg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=K4uQdKnbfzZ48Ap5WgshQzfmVY28zKy5DgvekGMmV8I=;
        b=I3XjqMs7StgJsVnBcts+HtbmFBibvbrMT5Ftva0JcO1jjNXjZXYX3C5gK3IuAH+5tr
         HTsYBWjBrHHQNQXi34MBp7M1w2AUXSpMX1G/r4y5SW9JXHRga0k2QdOGh4kvy6um9aw+
         p11MTa71kBGZSCxOmLcWUXc4vDRp1rTayC2kaGFxSQaQLWvicAraAZ57wqMNlwzeqXDs
         Nt+nHmoN9LDhaalw62aDiwnfteBuXiSfAcmetktVMJfSBUR1WMR5A+2Q1IHUMG0Jb94a
         GZnG9Bj6hnf8lrkVq1GjQFCwEIBkKQcML40I9jSamMZByjo+UcIhHUQue/s2+W88ckin
         RJvg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id f10si404484pgl.528.2019.02.21.20.39.05;
        Thu, 21 Feb 2019 20:39:21 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726912AbfBVEhO (ORCPT <rfc822;brice.berna@gmail.com>
        + 99 others); Thu, 21 Feb 2019 23:37:14 -0500
Received: from orcrist.hmeau.com ([104.223.48.154]:52946 "EHLO
        deadmen.hmeau.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726213AbfBVEhO (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 21 Feb 2019 23:37:14 -0500
Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar)
        by deadmen.hmeau.com with esmtps (Exim 4.89 #2 (Debian))
        id 1gx2aF-0002kn-Sf; Fri, 22 Feb 2019 12:37:11 +0800
Received: from herbert by gondobar with local (Exim 4.89)
        (envelope-from <herbert@gondor.apana.org.au>)
        id 1gx2aB-0005Jj-LM; Fri, 22 Feb 2019 12:37:07 +0800
Date:   Fri, 22 Feb 2019 12:37:07 +0800
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     "Singh, Brijesh" <brijesh.singh@amd.com>
Cc:     Nathaniel McCallum <npmccallum@redhat.com>,
        "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "Natarajan, Janakarajan" <Janakarajan.Natarajan@amd.com>,
        "Hook, Gary" <Gary.Hook@amd.com>,
        "Lendacky, Thomas" <Thomas.Lendacky@amd.com>
Subject: Re: [PATCH] crypto: ccp: introduce SEV_GET_ID2 command
Message-ID: <20190222043707.6kzqeztgx3rvv3a4@gondor.apana.org.au>
References: <20190213192329.680-1-brijesh.singh@amd.com>
 <CAOASepMn-r+2fQjDxP3yM=JuM-YDXNiAZWOo2x0OdTQBj4pdYA@mail.gmail.com>
 <a38e8f14-0ee1-f3ba-fda0-c6eff88c71a8@amd.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <a38e8f14-0ee1-f3ba-fda0-c6eff88c71a8@amd.com>
User-Agent: NeoMutt/20170113 (1.7.2)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Feb 14, 2019 at 07:33:29PM +0000, Singh, Brijesh wrote:
> 
> 
> On 2/14/19 10:57 AM, Nathaniel McCallum wrote:
> > I'm a little concerned that this immediately disables SEV_GET_ID.
> > IMHO, we should continue to support both for a period of time. One
> > justification for immediate disablement would be that if keeping it
> > around is likely to enabled incorrect or insecure userspace behavior
> > with a firmware change. 
> 
> 
> There are not many programs using the GET_ID today, my preference
> is to force userspace running on a kernel which supports the GET_ID2
> to use GET_ID2 and not fallback to GET_ID.
> 
> The current GET_ID is *broken*.
> 
> Here is one case I am trying to navigate:
> - AMD releases a new CPU
> - The kernel used in your distro does not support this CPU yet.
>    You updated the kernel to get the CPU support.
> - The GET_ID on this CPU returned a 10 bytes (instead of 64)
> - You gave the 64-bytes of data to AMD to get the certificate.
>    AMD server rejects the request because ID given to it does not
>    exist in its database.
> 
> If we drop the support for GET_ID in kernel, then GET_ID will fail and
> user will required to take action.

Sorry, but we can't drop a kernel API just to force userspace
to upgrade to a new one.

So I agree with Nathaniel that we should keep compatibility until
such a time when user-space is no longer using the old API.

You can use other mechanisms to encourage user-space to switch
over to the new API, e.g., a once-only warning if the old API
is used.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt