Re: [PATCH Part2 v6 13/49] crypto:ccp: Provide APIs to issue SEV-SNP commands

From: Borislav Petkov
Date: Mon Oct 03 2022 - 14:53:25 EST

Next message: Yury Norov: "Re: [PATCH bitmap-for-next 0/5] bitmap,cpumask: Add for_each_cpu_andnot()"
Previous message: Dave Hansen: "Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW"
In reply to: Kalra, Ashish: "RE: [PATCH Part2 v6 13/49] crypto:ccp: Provide APIs to issue SEV-SNP commands"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Oct 03, 2022 at 06:43:08PM +0000, Kalra, Ashish wrote:
> probably it is nice to have an abstracted interface,

Why is it "probably nice" to have an abstracted interface?

Is the hypervisor allowed to issue only a subset of the commands?

Do you want to control the arguments the hypervisor is supposed to send
down to the firmware?

There must be a reason why one would do an abstracted interface. Not
just because and probably.

Because from where I'm standing this looks like adding a bunch of random
wrappers without any logic to it.

So, if you wanna have an interface, you should think this through and
design it properly and explain why it is there and how it is supposed to
be used.

Don't get me wrong - a properly designed interface to control what the
HV issues to the firmware is not a bad idea. But it needs to be properly
designed.

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Yury Norov: "Re: [PATCH bitmap-for-next 0/5] bitmap,cpumask: Add for_each_cpu_andnot()"
Previous message: Dave Hansen: "Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW"
In reply to: Kalra, Ashish: "RE: [PATCH Part2 v6 13/49] crypto:ccp: Provide APIs to issue SEV-SNP commands"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]