Re: [PATCH v3 0/5] x86: Show in sysfs if a memory node is able to do encryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/7/21 12:06 PM, Mike Rapoport wrote:
>> An ABI that says "everything is encrypted" is pretty meaningless and
>> only useful for this one, special case.
>>
>> A per-node ABI is useful for this case and is also useful going forward
>> if folks want to target allocations from applications to NUMA nodes
>> which have encryption capabilities.  The ABI in this set is useful for
>> the immediate case and is useful to other folks.
> I don't mind per-node ABI, I'm just concerned that having a small region
> without the encryption flag set will render the entire node "not
> encryptable". This may happen because a bug in firmware, a user that shoot
> themself in a leg with weird memmap= or some hidden gem in interaction
> between e820, EFI and memblock that we still didn't discover.

That's a good point.  But, that seems more in the realm of a
pr_{info,warn}_once() than something deserving of its own specific ABI.

If we have a 100GB of a node that supports encryption, and 4k that
causes the whole thing to be considered un-encryptable, a warning is be
appropriate and feasible.



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux