Re: [PATCH 1/1] x86: Export information about hardware memory encryption to sysfs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 9/10/21 2:33 PM, Martin Fernandez wrote:
> +static void __init efi_set_mem_crypto(void)
> +{
> +	efi_memory_desc_t *md;
> +
> +	efi_mem_crypto = EFI_MEM_ENCRYPTION_CAPABLE;
> +
> +	for_each_efi_memory_desc(md) {
> +		switch (md->type) {
> +		/* System memory after ExitBootServices */
> +		case EFI_LOADER_CODE:
> +		case EFI_LOADER_DATA:
> +		case EFI_BOOT_SERVICES_CODE:
> +		case EFI_BOOT_SERVICES_DATA:
> +		case EFI_CONVENTIONAL_MEMORY:
> +		case EFI_ACPI_RECLAIM_MEMORY:
> +			if (!(md->attribute & EFI_MEMORY_CPU_CRYPTO)) {
> +				efi_mem_crypto = EFI_MEM_ENCRYPTION_NOT_CAPABLE;
> +				return;
> +			}
> +		}
> +	}
> +}

If the ABI is per-NUMA-node, shouldn't this be determining and reporting
of each individual node is EFI_MEMORY_CPU_CRYPTO instead of reporting a
system-wide value?

I understand that this was a lot easier to hack together than doing
that, but it could be extremely misleading to an end user.

Would it be possible that 'efi_mem_crypto' would need to be updated on a
memory hotplug event?



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux