On 9/10/21 2:33 PM, Martin Fernandez wrote:
> +static void __init efi_set_mem_crypto(void)
> +{
> + efi_memory_desc_t *md;
> +
> + efi_mem_crypto = EFI_MEM_ENCRYPTION_CAPABLE;
> +
> + for_each_efi_memory_desc(md) {
> + switch (md->type) {
> + /* System memory after ExitBootServices */
> + case EFI_LOADER_CODE:
> + case EFI_LOADER_DATA:
> + case EFI_BOOT_SERVICES_CODE:
> + case EFI_BOOT_SERVICES_DATA:
> + case EFI_CONVENTIONAL_MEMORY:
> + case EFI_ACPI_RECLAIM_MEMORY:
> + if (!(md->attribute & EFI_MEMORY_CPU_CRYPTO)) {
> + efi_mem_crypto = EFI_MEM_ENCRYPTION_NOT_CAPABLE;
> + return;
> + }
> + }
> + }
> +}
If the ABI is per-NUMA-node, shouldn't this be determining and reporting
of each individual node is EFI_MEMORY_CPU_CRYPTO instead of reporting a
system-wide value?
I understand that this was a lot easier to hack together than doing
that, but it could be extremely misleading to an end user.
Would it be possible that 'efi_mem_crypto' would need to be updated on a
memory hotplug event?
