Re: [PATCH v9 0/9] x86: Show in sysfs if a memory node is able to do encryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/27/22 01:57, Borislav Petkov wrote:
> Well, I still think this is not going to work in all cases. SME/TME can
> be enabled but the kernel can go - and for whatever reason - map a bunch
> of memory unencrypted.

For TME on Intel systems, there's no way to make it unencrypted.  The
memory controller is doing all the encryption behind the back of the OS
and even devices that are doing DMA.  Nothing outside of the memory
controller really knows or cares that encryption is happening.



[Index of Archives]     [Linux Kernel Development]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux