Re: [PATCH v2 0/5] [RFC] x86: Export information about hardware memory encryption to sysfs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/28/21 10:39 AM, Martin Fernandez wrote:
> On 10/28/21, Borislav Petkov <bp@xxxxxxxxx> wrote:
>> Why cannot this be a userspace program, script, tool, whatever?
> Because it's not convenient to parse dmesg. And about /proc/cpuinfo,
> it tells you about TME, as a feature of the cpu but it doesn't tell
> you if it is activated, and even if it is activated you will need to
> be sure that you are storing your data in a region flagged with this
> new attribute.
> 
> Here we discussed about it some time ago:
> http://lkml.iu.edu/hypermail/linux/kernel/2006.2/06753.html . That
> comment is what triggered this patch.

Martin,

I don't think this interface makes any sense at all for something off of
which to base firmware updates.  It's just too noisy.

That said, I *do* think we are going to need something similar to what
you propose here because folks are going to want to target memory
allocations to NUMA nodes that have encryption capabilities.

But, I don't think what you've proposed here fits very well there.  The
->cpu_local thing looks totally broken.  It's entirely unclear what
users are supposed to do when the crypto_capable file is not present.



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux