On Wed, 2025-05-07 at 21:18 +0530, Srish Srinivasan wrote: > > We expect SB_VERSION to always be world-readable, I think? In which > > case it shouldn't return H_AUTHORITY / -EPERM, ever, and if it does > > that's an error which should be handled as an error. Or am I > > misinterpreting the spec here? > > Yes, SB_VERSION is world-readable and should not return H_AUTHORITY > in > the case of dynamic key management mode. However, in > the case of static key management mode, when SB_VERSION does not > exist, > the hypervisor tries to authenticate the consumer. If the > authentication is successful, H_NOT_FOUND is returned, else > H_AUTHORITY > is returned. The intention behind authenticating the > consumer when the object is not found is to ensure that a > non-authenticated consumer is unable to conclude on the absence of > the object. Here, when the kernel tries to read the non-existent > SB_VERSION, it fails the authentication check and therefore, > gets the H_AUTHORITY error code.
Ah, I see my confusion: if the object *doesn't exist*, then it obviously can't be a world-readable object, thus triggering the password verification. In which case, we do need to catch -EPERM. Thanks for correcting me! -- Andrew Donnellan OzLabs, ADL Canberra a...@linux.ibm.com IBM Australia Limited
