From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 1BEE1C433FE
	for <linux-mm@archiver.kernel.org>; Tue, 11 Oct 2022 13:59:48 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id E37346B0071; Tue, 11 Oct 2022 09:59:47 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id DE5726B0073; Tue, 11 Oct 2022 09:59:47 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id CADE76B0074; Tue, 11 Oct 2022 09:59:47 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14])
	by kanga.kvack.org (Postfix) with ESMTP id B98846B0071
	for <linux-mm@kvack.org>; Tue, 11 Oct 2022 09:59:47 -0400 (EDT)
Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay01.hostedemail.com (Postfix) with ESMTP id 41D3E1C6A1F
	for <linux-mm@kvack.org>; Tue, 11 Oct 2022 13:59:47 +0000 (UTC)
X-FDA: 80008826814.13.C453F40
Received: from mail-ua1-f41.google.com (mail-ua1-f41.google.com [209.85.222.41])
	by imf18.hostedemail.com (Postfix) with ESMTP id D08601C0026
	for <linux-mm@kvack.org>; Tue, 11 Oct 2022 13:59:46 +0000 (UTC)
Received: by mail-ua1-f41.google.com with SMTP id p4so5046554uao.0
        for <linux-mm@kvack.org>; Tue, 11 Oct 2022 06:59:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=eclypsium.com; s=google;
        h=cc:to:subject:message-id:date:from:mime-version:from:to:cc:subject
         :date:message-id:reply-to;
        bh=v6drQhY3nPk+J+jL6R0RRWMe98UOtt8MgKXuLgaogHQ=;
        b=J8uzcxFLSXNniRGJX1OHG85BNxdn7N43eaYV8OINhZmcwmg99g1/8O/0j8DztCzzh7
         8mUsw4r6kYW0fOXDASRhILZpxrd4uXmXUSIchBp3H6dUJ8bH+lp9czsqQDm5RJBHG7Cj
         cdXpjLL6iEQezSLoBUvpnHQYgYCxKbIEZYx4gmLWx5cp7MwJqgxSDVWchrOuarl+g/U0
         B9eOBl8AIS+Y3BJfBItTVq0rM8LpJ79CB3WgS2DRQoMLwWJHNAwdOn0+pyUGACqbEjGc
         2MF+px2Mi39srHOiTkshRT0OJzE+aejlqB/v1uhf/1B5d3gzJGcecE8fBhk46IqjZU9K
         ld1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:mime-version:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=v6drQhY3nPk+J+jL6R0RRWMe98UOtt8MgKXuLgaogHQ=;
        b=yAzFh//LivyX6DJY5WZf2N5APiMJIxSsye4Ii0SxHdzrEPkkW3E8oQmUEqTv4/A0gG
         TMTWUwq0wf2AAd2El7r1LkyXpNXz29GY4v/jXRn1n6Q69f7o4Gje23d+1ZvpcFYFVKMc
         GH5ik6AnoZ5TUwDfxBShvicZ+op/Unm2HR2B4b5xZ/2Jil8hN0dlKtcXd5gzLb5DcnTN
         n28ZfXNBbMWNqiFKreGYHlnFsFrUd56AO2Naj3SsrX4VQYTvXGJtEANPx4116FUa4PZ1
         1QRhc/ZUaO4tl1pDGHdP7yp26OZrVyBBJPalhwZ3M0ER1NSzkAlruoyAfM5uENWFaLdT
         Iyog==
X-Gm-Message-State: ACrzQf12PYvQNy5TXXwfy2nGqvu29dTbO57kI9gopE7/U17U6VAfvbtd
	if230FsU6rd5g+x3lBcIRy2/tp7FWIyMMxdA9PryuA==
X-Google-Smtp-Source: AMsMyM4PqIZCENOGXYuoyczcKR0rW+bBV9aUC9a9SyYy0uTuLechbM5LtebU85RUib8XVbeAE2VA796uWMYUrwuLnbM=
X-Received: by 2002:ab0:749a:0:b0:3da:d19:6272 with SMTP id
 n26-20020ab0749a000000b003da0d196272mr11459184uap.73.1665496786025; Tue, 11
 Oct 2022 06:59:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:ab0:136f:0:b0:3d2:4916:f286 with HTTP; Tue, 11 Oct 2022
 06:59:45 -0700 (PDT)
From: Martin Fernandez <martin.fernandez@eclypsium.com>
Date: Tue, 11 Oct 2022 10:59:45 -0300
Message-ID: <CAKgze5bvqPLo7VZs8rCWc2rFsUekx_d0coKFzObi=J+_nPOacg@mail.gmail.com>
Subject: [RFC] UABI to show system memory encryption
To: linux-coco@lists.linux.dev, linux-mm@kvack.org
Cc: rppt@kernel.org, Dave Hansen <dave.hansen@linux.intel.com>, 
	Borislav Petkov <bp@alien8.de>, hughsient@gmail.com, daniel.gutson@eclypsium.com, 
	Alex Bazhaniuk <alex.bazhaniuk@eclypsium.com>
Content-Type: text/plain; charset="UTF-8"
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1665496787; a=rsa-sha256;
	cv=none;
	b=3tPjG81y3Z336jgGT06VpDSzKf9RDbaCpbTBCe3V83fvZ1rNRnOL5mT3erhk8dF2foAuA/
	1ezCDyH2QlIQl6IGeFK0OVmV5VQbSbB97MIfFGGLAzOyIyLNYewyiF7k+FQRQJfjTy2yph
	KkqhEJkAuXmb5B7KBW6WPqOnMauJA4c=
ARC-Authentication-Results: i=1;
	imf18.hostedemail.com;
	dkim=pass header.d=eclypsium.com header.s=google header.b=J8uzcxFL;
	dmarc=pass (policy=quarantine) header.from=eclypsium.com;
	spf=pass (imf18.hostedemail.com: domain of martin.fernandez@eclypsium.com designates 209.85.222.41 as permitted sender) smtp.mailfrom=martin.fernandez@eclypsium.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1665496786;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:in-reply-to:
	 references:dkim-signature; bh=v6drQhY3nPk+J+jL6R0RRWMe98UOtt8MgKXuLgaogHQ=;
	b=ajhJeF7IvDrmiBX2pyXpJXlXFbNfwS5pUmHVDjJGsA4aVgcsnOcRxW9jI8+MrxeIz28cHB
	5/4IAghuAOqMKL2D5aq2nsIQHdCzVEXy6sBTA9ucKQthHw0zhxp6G8qgmS1vZmQkGZ4PTc
	zarpYmLWsaGgfZ5j9mDft3YR1h0UQOA=
X-Rspam-User: 
X-Stat-Signature: g7hyndoby6fxcbwxydo5wrmu3wb5519r
X-Rspamd-Server: rspam07
X-Rspamd-Queue-Id: D08601C0026
Authentication-Results: imf18.hostedemail.com;
	dkim=pass header.d=eclypsium.com header.s=google header.b=J8uzcxFL;
	dmarc=pass (policy=quarantine) header.from=eclypsium.com;
	spf=pass (imf18.hostedemail.com: domain of martin.fernandez@eclypsium.com designates 209.85.222.41 as permitted sender) smtp.mailfrom=martin.fernandez@eclypsium.com
X-HE-Tag: 1665496786-726356
X-Bogosity: Ham, tests=bogofilter, spamicity=0.022783, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

Hi guys,

I've been working on a patch [1] to show in sysfs the status of the
memory encryption.

One of the parts involved in reporting the status is that the platform
is capable of doing encryption. In this case I focused on x86 EFI
systems, where this is reported as a flag in the EFI memory map:
EFI_MEMORY_CPU_CRYPTO.

>From the UEFI spec:

  The memory region is capable of being protected with CPU's
capabilities if and only if the flag is set.

After some discussion we decided that it would be nice to show if this
flag is set per memory node, ie, add a new file in the nodeX directory
where it will have a 1 if all the memory in that node is able to do
encryption (has the flag for x86 EFI systems) or 0 otherwise.

The idea is to determine, in conjunction with checking that the CPU is
actually able to do encryption (checking that TME/MKTME is enabled for
example), that a system is actively encryption its memory. Currently
fwupd is looking for something like this, in order to do some security
checks at boot time (more details on the use case on [1]).

More discussion on [2].

Please provide feedback on how this could be improved or new use cases
that could come up.

Thank you.

Martin.


[1] https://lore.kernel.org/linux-efi/20220704135833.1496303-1-martin.fernandez@eclypsium.com/

[2] https://lore.kernel.org/all/20200618210215.23602-1-daniel.gutson@eclypsium.com/