Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area

[PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Dov Murik <hidden> · 2022-02-01
[PATCH v7 1/5] efi: Save location of EFI confidential computing area · Dov Murik <hidden> · 2022-02-01
Re: [PATCH v7 1/5] efi: Save location of EFI confidential computing area · Gerd Hoffmann <kraxel@redhat.com> · 2022-02-02
[PATCH v7 2/5] efi/libstub: Reserve confidential computing secret area · Dov Murik <hidden> · 2022-02-01
Re: [PATCH v7 2/5] efi/libstub: Reserve confidential computing secret area · Gerd Hoffmann <kraxel@redhat.com> · 2022-02-02
Re: [PATCH v7 2/5] efi/libstub: Reserve confidential computing secret area · Dov Murik <hidden> · 2022-02-02
[PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated · Dov Murik <hidden> · 2022-02-01
Re: [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated · Gerd Hoffmann <kraxel@redhat.com> · 2022-02-02
Re: [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated · Dov Murik <hidden> · 2022-02-02
Re: [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated · Gerd Hoffmann <kraxel@redhat.com> · 2022-02-02
Re: [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated · Dov Murik <hidden> · 2022-02-02
Re: [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated · Gerd Hoffmann <kraxel@redhat.com> · 2022-02-03
Re: [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated · Dov Murik <hidden> · 2022-02-03
Re: [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated · Gerd Hoffmann <kraxel@redhat.com> · 2022-02-03
[PATCH v7 3/5] virt: Add efi_secret module to expose confidential computing secrets · Dov Murik <hidden> · 2022-02-01
Re: [PATCH v7 3/5] virt: Add efi_secret module to expose confidential computing secrets · Gerd Hoffmann <kraxel@redhat.com> · 2022-02-02
Re: [PATCH v7 3/5] virt: Add efi_secret module to expose confidential computing secrets · Dov Murik <hidden> · 2022-02-02
[PATCH v7 5/5] docs: security: Add coco/efi_secret documentation · Dov Murik <hidden> · 2022-02-01
Re: [PATCH v7 5/5] docs: security: Add coco/efi_secret documentation · Gerd Hoffmann <kraxel@redhat.com> · 2022-02-02
Re: [PATCH v7 5/5] docs: security: Add coco/efi_secret documentation · Dov Murik <hidden> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Greg KH <gregkh@linuxfoundation.org> · 2022-02-01
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · James Bottomley <hidden> · 2022-02-01
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Greg KH <gregkh@linuxfoundation.org> · 2022-02-01
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · James Bottomley <hidden> · 2022-02-01
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Dr. David Alan Gilbert <hidden> · 2022-02-01
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Matthew Garrett <mjg59@srcf.ucam.org> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Greg KH <gregkh@linuxfoundation.org> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Matthew Garrett <mjg59@srcf.ucam.org> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Greg KH <gregkh@linuxfoundation.org> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Matthew Garrett <mjg59@srcf.ucam.org> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Ard Biesheuvel <ardb@kernel.org> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Matthew Garrett <mjg59@srcf.ucam.org> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Greg KH <gregkh@linuxfoundation.org> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Nayna <hidden> · 2022-02-09
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Gerd Hoffmann <kraxel@redhat.com> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Matthew Garrett <mjg59@srcf.ucam.org> · 2022-02-02
Re: [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area · Dov Murik <hidden> · 2022-02-07

From: Matthew Garrett <mjg59@srcf.ucam.org>
Date: 2022-02-02 04:02:02
Also in: linux-efi, linux-security-module, linuxppc-dev, lkml

On Tue, Feb 01, 2022 at 09:24:50AM -0500, James Bottomley wrote:

On Tue, 2022-02-01 at 14:50 +0100, Greg KH wrote:

quoted

You all need to work together to come up with a unified place for
this and stop making it platform-specific.

We're talking about things that have massively different semantics. How 
do we expose that without an unwieldy API that has to try to be a 
superset of everything implemented, which then has to be extended when 
yet another implementation shows up with another behavioural quirk? EFI 
variables already need extremely careful handling to avoid rm -rf /sys 
bricking the system - should we impose that on everything, or should we 
allow the underlying implementation to leak through in some ways?

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help