Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
From: Ard Biesheuvel
Date: Wed Feb 02 2022 - 02:22:21 EST
On Wed, 2 Feb 2022 at 08:10, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote:
>
> On Wed, Feb 02, 2022 at 08:05:23AM +0100, Greg KH wrote:
>
> > I see different platform patches trying to stick these blobs in
> > different locations and ways to access (securityfs, sysfs, char device
> > node), which seems crazy to me. Why can't we at least pick one way to
> > access these to start with, and then have the filesystem layout be
> > platform-specific as needed, which will give the correct hints to
> > userspace as to what it needs to do here?
>
> Which other examples are you thinking of? I think this conversation may
> have accidentally become conflated with a different prior one and now
> we're talking at cross purposes.
This came up a while ago during review of one of the earlier revisions
of this patch set.
https://lore.kernel.org/linux-efi/YRZuIIVIzMfgjtEl@xxxxxxxxxx/
which describes another two variations on the theme, for pKVM guests
as well as Android bare metal.