Re: [PATCH v5 07/10] crypto: ccp: Add preferred access checking method
From: Dionna Amalie Glaze
Date: Tue Nov 12 2024 - 17:58:27 EST
On Mon, Nov 11, 2024 at 2:46 PM Tom Lendacky <thomas.lendacky@xxxxxxx> wrote:
>
> On 11/7/24 17:24, Dionna Glaze wrote:
> > sev_issue_cmd_external_user is the only function that checks permissions
> > before performing its task. With the new GCTX API, it's important to
> > establish permission once and have that determination dominate later API
> > uses. This is implicitly how ccp has been used by dominating uses of
> > sev_do_cmd by a successful sev_issue_cmd_external_user call.
> >
> > Consider sev_issue_cmd_external_user deprecated by
> > checking if a held file descriptor passes file_is_sev, similar to the
> > file_is_kvm function.
> >
> > This also fixes the header comment that the bad file error code is
> > -%EINVAL when in fact it is -%EBADF.
>
> Same comment as before. This commit merely creates a helper function, so
> this commit message is not appropriate.
>
Is this a meta-comment about how the commit presupposes being in a
series with a goal, but should have a self-contained commit message? I
don't know what "same comment as before" you're referring to.
How about this:
crypto: ccp: Add file_is_sev to identify access
Access to the ccp driver only needs to be determined once, so
sev_issue_cmd_external_user called in a loop (e.g. for
SNP_LAUNCH_UPDATE) does more than it needs to.
The file_is_sev function allows the caller to determine access before using
sev_do_cmd or other API methods multiple times without extra access
checking.
This also fixes the header comment that the bad file error code is
-%EINVAL when in fact it is -%EBADF.
--
-Dionna Glaze, PhD, CISSP, CCSP (she/her)