On Mon, Nov 26, 2018 at 01:51:45PM -0800, Jarkko Sakkinen wrote: > > ioctl(sgx, SGX_IOC_ADD_RIGHT, sgx_provisioning); > > > > This requires extra syscalls, but it doesn’t have the combinatorial > > explosion problem. > > I like this design because it is extendable. I'm now also in the same > page why we need to protect provisioning in the first place. I would > slight restructure this as > > /dev/sgx/control > /dev/sgx/attributes/provision I guess it would be OK to upstream only control node first as long as provision attribute is denied in order to keep the already huge patch set a tiny bit smaller? /Jarkko
