From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 517BFC433EF for ; Wed, 18 May 2022 18:29:05 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9BDF26B0072; Wed, 18 May 2022 14:29:04 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 96C566B0073; Wed, 18 May 2022 14:29:04 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 80D596B0074; Wed, 18 May 2022 14:29:04 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 6BFED6B0072 for ; Wed, 18 May 2022 14:29:04 -0400 (EDT) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 3CAB1609A6 for ; Wed, 18 May 2022 18:29:04 +0000 (UTC) X-FDA: 79479700608.28.FEE6E80 Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) by imf02.hostedemail.com (Postfix) with ESMTP id 18B6E800DB for ; Wed, 18 May 2022 18:29:00 +0000 (UTC) Received: by mail-pf1-f169.google.com with SMTP id a11so2929145pff.1 for ; Wed, 18 May 2022 11:29:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel-com.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=rs+hYjREIGQRrA6fYOwB+iDuVdssLJ9+QtiHFV7DjL0=; b=56li6rLC4mQzRo0A2kXqCOMihPnh37A1HauoHxo4CjJMMuRdOwMf25S0Gg0mhW4H1V 9oOovgGOyX26iKhdSLr17ZDHUilwvfRWItX4kYjWxDcZeJLKtWZdFg1s7NiWZdD+GyVM KJttKiC4l1M5erBf0kwMAuhlpCYSJef4Ht1zQqWzfQh9U259WzwAbZy7OglBSEw1Kkt5 I8zIKarbcikHCK0RFMumk20d6U4SinIwA/pHFrpQj3jVTbbDOPe4Z+fN1BJJD+DxEI+B O7cWYnGGR+LQ4+Smr495r3EMtIZ9/Hrn5EVFhO1s214IbW9ifIzL2RKvXS2XHrYOVgOA InyA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rs+hYjREIGQRrA6fYOwB+iDuVdssLJ9+QtiHFV7DjL0=; b=ipOsZ0TvFPT9YyXgD8oUqt9i9FDR4sP1n/hsnMWAMLyZWZ6U7IPkdBJmLKZSDryBO8 TtUDZqH5CslM+t2Jy4PYpdowEHyNgRjdkVU/94qGxCIAkK61a05GmqakVujsXs62tOR8 A11O4v9IXqozFjz5o4dC3m4vTaOutHxYfJgMmarrUW8aclA3mQ/f5NH8swDeiPqdvRdS 1KZBUxz+yYwGKjHkuzymlsZbmMOSoPz/k1QD9ROCfh8ys2PFNTzkDhBVIzIbU4rLSRtO XUoODParIXHyFinR/jHAFflp7o6pDzSx/wlmKVfYW1A9r7KNE2FyTfIFTjD6TmjeLINX OCxg== X-Gm-Message-State: AOAM5307HkRyG1HScJMMtFJFz3gkY+dsGmsjUA44XnjsGOdh6eBwUmde f2tpbEQrNYMf8tFFc54zln4XBxOu+302gCS1a0B2nA== X-Google-Smtp-Source: ABdhPJwMwJen2kHUljMxLGhfJo+EhmxX/T4W59DWfSThgOD6IYw6SPZuTRmwpc9boSVZhrVVAKPtxD2J9ln9cKQkELQ= X-Received: by 2002:a63:e648:0:b0:3f2:7ade:8f86 with SMTP id p8-20020a63e648000000b003f27ade8f86mr670271pgj.40.1652898540353; Wed, 18 May 2022 11:29:00 -0700 (PDT) MIME-Version: 1.0 References: <6d90c832-af4a-7ed6-4f72-dae08bb69c37@intel.com> <47140A56-D3F8-4292-B355-5F92E3BA9F67@alien8.de> <6abea873-52a2-f506-b21b-4b567bee1874@intel.com> <4bc56567-e2ce-40ec-19ab-349c8de8d969@intel.com> In-Reply-To: From: Dan Williams Date: Wed, 18 May 2022 11:28:49 -0700 Message-ID: Subject: Re: [PATCH v8 0/8] x86: Show in sysfs if a memory node is able to do encryption To: Borislav Petkov Cc: Richard Hughes , Dave Hansen , Martin Fernandez , Linux Kernel Mailing List , linux-efi , platform-driver-x86@vger.kernel.org, Linux MM , "H. Peter Anvin" , daniel.gutson@eclypsium.com, Darren Hart , Andy Shevchenko , Kees Cook , Andrew Morton , Ard Biesheuvel , Ingo Molnar , Thomas Gleixner , Dave Hansen , "Rafael J. Wysocki" , X86 ML , "Schofield, Alison" , alex.bazhaniuk@eclypsium.com, Greg KH , Mike Rapoport , Ben Widawsky , "Huang, Kai" Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: 18B6E800DB X-Stat-Signature: axtcxteo1kqzcxcg17wzg5xxnbgmbnxj Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=intel-com.20210112.gappssmtp.com header.s=20210112 header.b=56li6rLC; spf=none (imf02.hostedemail.com: domain of dan.j.williams@intel.com has no SPF policy when checking 209.85.210.169) smtp.mailfrom=dan.j.williams@intel.com; dmarc=fail reason="No valid SPF, DKIM not aligned (relaxed)" header.from=intel.com (policy=none) X-HE-Tag: 1652898540-304425 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, May 18, 2022 at 12:53 AM Borislav Petkov wrote: > > On Mon, May 16, 2022 at 09:39:06AM +0100, Richard Hughes wrote: > > This is still something consumers need; at the moment users have no > > idea if data is *actually* being encrypted. > > As it was already pointed out - that's in /proc/cpuinfo. For TME you still need to compare it against the EFI memory map as there are exclusion ranges for things like persistent memory. Given that persistent memory can be forced into volatile "System RAM" operation by various command line options and driver overrides, you need to at least trim the assumptions of what is encrypted to the default "conventional memory" conveyed by platform firmware / BIOS.