Thanks for the response, Dave.
On Wed, Jul 03, 2024 at 05:18:22PM -0700, Dave Hansen wrote:
>
> Could we please be frank and transparent about what you actually want
> here and how you expect this mechanism to be used?
>
Sorry for being unclear. open-vm-tools is currently broken on TDX and
the intent here is to fix that. The idea is that versions of open-vm-tools
that have been audited and restricted to certain hypercalls, would execute
prctl to mark the process as capable of executing hypercalls.
> This inheritance model seems more suited to wrapping a tiny helper app
> around an existing binary, a la:
>
> prctl(ARCH_SET_COCO_USER_HCALL);
> execve("/existing/binary/that/i/surely/did/not/audit", ...);
>
> ... as opposed to something that you set in new versions of
> open-vm-tools after an extensive audit and a bug fixing campaign to
> clean up everything that the audit found.
I understand the concern about inheritance. I chose prctl primarily
because of some existing options that seemed similar, mainly speculation
control. Is there an alternative approach that doesn't suffer from the
inheritance issue?
