Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp4784314pxv; Tue, 29 Jun 2021 15:55:41 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyOPOHdV/6n9CFYIDhIPGS/YbRJtpzebK3AFZLnbOVRPB39yxpMXTVoKx1Dpvf0jEsQ9ZYE X-Received: by 2002:a17:906:616:: with SMTP id s22mr31876740ejb.210.1625007340981; Tue, 29 Jun 2021 15:55:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1625007340; cv=none; d=google.com; s=arc-20160816; b=xrASttGuOmAa3FhMHPlkUtJK4+a5kgXKpNIMd5JbkoRBNeIT0A5hLoMK0guxk1OLSN ldKMR704LbjBbfMMrAytkpuydg6X/PCkWPt4pjbRGP4MZUI2eXU2cg84UBjX+i72YuPf CAGueAILl2/N5yCklCR1LgvpQxS8/IBim9nj3osnymD12FGkQgPFTi6e6ie8UYsqVcVU 2wBNwFt/pb2BMw7e50ddLPPJkFuMBpqnU+swfjfISZ6KyOk+n8lYNra+0NVsQOL0e/6s j5pYy/7E/hFQKH3hsjiysC5GTXUj60W9KchtaGc6WB+HSMhRNslttGOVd4lmn35K3Ll2 2tQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:dkim-signature:dkim-signature :dkim-signature; bh=SlvM3MzcnkI5ct41kravAhdLb8Av6htcPQ3tAc07kmY=; b=xIzc9Ev6T5p6Xf6PFNparhrgkEjJeKfD8sxDMj5tg6pZLmoHHTpygHFp8keDRq7MOG cOS/JjPVl6tcxd/u8CeYsWbhozM7LoWrmKbx7tL89VGZ5ESbspBklHp99eh+o71upmBq LIciXfoQ3dXCjchc/0sSa5UyvmH5mBqnqEXT9U14bnMP6aWksUcinoPVqLgg1nh1oCrS UAzBOOq3Fm64nJj6DcNVnh1u5a3toMJnkL5uV7fZfYELquThSl7B375HzNDmGZrqeDfV 3INJFs3ny5zBogkJlnLOffUbH/D0f8vmd9LD5AF3bVvhNb4mwuZU/MmGOyIXQB9Q7Dqv HpGg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=ljGaQc3V; dkim=neutral (no key) header.i=@suse.de; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=ljGaQc3V; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 16si17539736ejj.242.2021.06.29.15.55.13; Tue, 29 Jun 2021 15:55:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=ljGaQc3V; dkim=neutral (no key) header.i=@suse.de; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=ljGaQc3V; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235476AbhF2Wvd (ORCPT + 99 others); Tue, 29 Jun 2021 18:51:33 -0400 Received: from smtp-out2.suse.de ([195.135.220.29]:40918 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235371AbhF2Wvc (ORCPT ); Tue, 29 Jun 2021 18:51:32 -0400 Received: from imap.suse.de (imap-alt.suse-dmz.suse.de [192.168.254.47]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 205A71FDDA; Tue, 29 Jun 2021 22:49:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1625006943; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SlvM3MzcnkI5ct41kravAhdLb8Av6htcPQ3tAc07kmY=; b=ljGaQc3VJLB2w+oNaBigYEtTsLD44cQcnKzJcpRXjVEBNZYFQSo/UD03tJuQGjVqDjAOBQ VHiNzEz6QQwlFfyXQ7s6A0OkuLHup9KzDOeeNKE27lXp8Fep8m1fB0Ys3wMiOejDGjpD2D KTLlDkhxxtN/Yg2ggdLNeeie7zj8HX8= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1625006943; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SlvM3MzcnkI5ct41kravAhdLb8Av6htcPQ3tAc07kmY=; b=/GpuesW/GrvcNHBpUkzkoLxs+SajReBCJCfO3O7+/BZJa3Bwcz2CTrNQI3Am/kHASYejbk jhE3+mC7JwujOVBQ== Received: from imap3-int (imap-alt.suse-dmz.suse.de [192.168.254.47]) by imap.suse.de (Postfix) with ESMTP id 0DD2C11906; Tue, 29 Jun 2021 22:49:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1625006943; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SlvM3MzcnkI5ct41kravAhdLb8Av6htcPQ3tAc07kmY=; b=ljGaQc3VJLB2w+oNaBigYEtTsLD44cQcnKzJcpRXjVEBNZYFQSo/UD03tJuQGjVqDjAOBQ VHiNzEz6QQwlFfyXQ7s6A0OkuLHup9KzDOeeNKE27lXp8Fep8m1fB0Ys3wMiOejDGjpD2D KTLlDkhxxtN/Yg2ggdLNeeie7zj8HX8= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1625006943; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SlvM3MzcnkI5ct41kravAhdLb8Av6htcPQ3tAc07kmY=; b=/GpuesW/GrvcNHBpUkzkoLxs+SajReBCJCfO3O7+/BZJa3Bwcz2CTrNQI3Am/kHASYejbk jhE3+mC7JwujOVBQ== Received: from director2.suse.de ([192.168.254.72]) by imap3-int with ESMTPSA id 47eGA1+j22A8XgAALh3uQQ (envelope-from ); Tue, 29 Jun 2021 22:49:03 +0000 Date: Wed, 30 Jun 2021 00:48:48 +0200 From: Borislav Petkov To: Dov Murik Cc: linux-efi@vger.kernel.org, Laszlo Ersek , Ashish Kalra , Brijesh Singh , Tom Lendacky , Ard Biesheuvel , James Morris , "Serge E. Hallyn" , Andi Kleen , "Dr. David Alan Gilbert" , James Bottomley , Tobin Feldman-Fitzthum , Jim Cadden , linux-coco@lists.linux.dev, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [RFC PATCH v2 3/3] virt: Add sev_secret module to expose confidential computing secrets Message-ID: References: <20210628183431.953934-1-dovmurik@linux.ibm.com> <20210628183431.953934-4-dovmurik@linux.ibm.com> <6e35f6db-9c5b-3c75-a66b-de1392295f6a@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <6e35f6db-9c5b-3c75-a66b-de1392295f6a@linux.ibm.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 29, 2021 at 10:23:49AM +0300, Dov Murik wrote: > But not if it's a generic driver that is useful for other confidential > computing implementations. Consider some non-encrypting guest memory > isolation mechanism where the host can't read most guest pages; this > module might be useful there too. Anything concrete or just hypothetical? In any case, if this thing is generic, it should not have "AMD" and "SEV" in the strings. > Also, isn't it a bit weird to depend on CONFIG_AMD_MEM_ENCRYPT but not > use any of its APIs? Yeah, see above. Thx. -- Regards/Gruss, Boris. SUSE Software Solutions Germany GmbH, GF: Felix Imendörffer, HRB 36809, AG Nürnberg