Hi, > > I think the module should fail noisily. See above for autoload. In > > case the module is loaded (either manually by the admin, or because > > efi.coco_secret != EFI_INVALID_TABLE_ADDR) and it can't actually load > > the secrets we want know why ... > > Note that the AmdSev build of OVMF always publishes > LINUX_EFI_COCO_SECRET_TABLE_GUID in the EFI table. Even when > LAUNCH_SECRET was not executed. In such cases the secret area will be > empty. Hmm, ok. Why? I assume the secret area is filled by the host and ovmf doesn't even look at it? > If we keep only the 'efi.coco_secret != EFI_INVALID_TABLE_ADDR' check, > we'll get errors from efi_secret for every VM launch that doesn't > undergo LAUNCH_SECRET. I don't think that's good. Well, if that is a common case the module could either print nothing or log KERN_INFO level instead of KERN_ERROR. > If we *do* want to check that the area starts with > EFI_SECRET_TABLE_HEADER_GUID (like I think we should), we need all the > checks before that, like checking that the area is big enough, and that > all the memremap()s succeed -- before actually comparing the > header_guid. The checks are basically prerequisites for calling > efi_guidcmp() safely. It is still not fully clear to me why you want do that check twice. take care, Gerd
