From: Martin Fernandez <martin.fernandez@eclypsium.com>
To: "Limonciello, Mario" <mario.limonciello@amd.com>
Cc: linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org,
platform-driver-x86@vger.kernel.org, linux-mm@kvack.org,
tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com,
ardb@kernel.org, dvhart@infradead.org, andy@infradead.org,
gregkh@linuxfoundation.org, rafael@kernel.org, rppt@kernel.org,
akpm@linux-foundation.org, daniel.gutson@eclypsium.com,
hughsient@gmail.com, alex.bazhaniuk@eclypsium.com,
alison.schofield@intel.com, keescook@chromium.org, "Lendacky,
Thomas" <Thomas.Lendacky@amd.com>
Subject: Re: [PATCH v6 6/6] drivers/node: Show in sysfs node's crypto capabilities
Date: Fri, 4 Feb 2022 10:21:50 -0300 [thread overview]
Message-ID: <CAKgze5YM2+BRjj2nvb+_dnuCg5WtWvQ6FQyNYJ1c8G6Orn=aQw@mail.gmail.com> (raw)
In-Reply-To: <67d2711b-200c-0894-4ff7-beb3eb304399@amd.com>
On 2/4/22, Limonciello, Mario <mario.limonciello@amd.com> wrote:
> On 2/3/2022 10:43, Martin Fernandez wrote:
>> +static ssize_t crypto_capable_show(struct device *dev,
>> + struct device_attribute *attr, char *buf)
>> +{
>> + struct pglist_data *pgdat = NODE_DATA(dev->id);
>> +
>> + return sysfs_emit(buf, "%d\n", pgdat->crypto_capable);
>
> As there is interest in seeing these capabilities from userspace, it
> seems like a logical time to also expose a `crypto_active` attribute.
I planned to do something similar to this, but to show (or actually
hide if inactive) tme in cpuinfo, just as Borislav Petkov suggested a
few versions back.
https://lore.kernel.org/linux-efi/YXrnkxgdjWbcPlJA@zn.tnic/
> Then userspace can make a judgement call if the system supports crypto
> memory (`crypto_capable`) and then also whether or not it's been turned
> on (`crypto_active`).
>
> `crypto_active` could be detected with some existing support in the
> kernel of `mem_encrypt_active()`. This will then work for a variety of
> architectures too that offer `mem_encrypt_active()`.
I need a hand with this, I grepped for mem_encrypt_active and nothing
showed up...
> As it stands today the only reliable way to tell from userspace (at
> least for AMD's x86 implementation) is by grepping the system log for
> the line "AMD Memory Encryption Features active".
Isn't enough to grep for sme/sev in cpuinfo?
next prev parent reply other threads:[~2022-02-04 13:21 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-03 16:43 [PATCH v6 0/6] x86: Show in sysfs if a memory node is able to do encryption Martin Fernandez
2022-02-03 16:43 ` [PATCH v6 1/6] mm/memblock: Tag memblocks with crypto capabilities Martin Fernandez
2022-02-03 18:07 ` Mike Rapoport
2022-02-03 18:24 ` Martin Fernandez
2022-02-07 21:18 ` Kees Cook
2022-02-08 14:39 ` Martin Fernandez
2022-02-03 16:43 ` [PATCH v6 2/6] mm/mmzone: Tag pg_data_t " Martin Fernandez
2022-02-07 21:19 ` Kees Cook
2022-02-03 16:43 ` [PATCH v6 3/6] x86/e820: Refactor range_update and range_remove Martin Fernandez
2022-02-07 21:45 ` Kees Cook
2022-02-08 8:40 ` Mike Rapoport
2022-02-08 21:01 ` Martin Fernandez
2022-02-15 7:10 ` Mike Rapoport
2022-02-15 14:14 ` Martin Fernandez
2022-02-08 21:09 ` Martin Fernandez
2022-03-04 20:32 ` Martin Fernandez
2022-02-08 21:04 ` Daniel Gutson
2022-02-03 16:43 ` [PATCH v6 4/6] x86/e820: Tag e820_entry with crypto capabilities Martin Fernandez
2022-02-07 21:56 ` Kees Cook
2022-02-08 14:46 ` Martin Fernandez
2022-02-03 16:43 ` [PATCH v6 5/6] x86/efi: Tag e820_entries as crypto capable from EFI memmap Martin Fernandez
2022-02-03 16:43 ` [PATCH v6 6/6] drivers/node: Show in sysfs node's crypto capabilities Martin Fernandez
2022-02-04 3:47 ` Limonciello, Mario
2022-02-04 13:21 ` Martin Fernandez [this message]
2022-02-04 15:59 ` Tom Lendacky
2022-02-04 16:23 ` Limonciello, Mario
2022-02-04 16:28 ` Borislav Petkov
2022-02-04 17:12 ` Tom Lendacky
2022-02-04 17:49 ` Limonciello, Mario
2022-02-04 18:00 ` Borislav Petkov
2022-02-04 18:49 ` Tom Lendacky
2022-02-04 21:49 ` Borislav Petkov
2022-02-07 3:39 ` Kees Cook
2022-02-07 10:02 ` Borislav Petkov
2022-02-04 4:56 ` Mike Rapoport
2022-02-04 12:27 ` Martin Fernandez
2022-02-04 13:37 ` Mike Rapoport
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAKgze5YM2+BRjj2nvb+_dnuCg5WtWvQ6FQyNYJ1c8G6Orn=aQw@mail.gmail.com' \
--to=martin.fernandez@eclypsium.com \
--cc=Thomas.Lendacky@amd.com \
--cc=akpm@linux-foundation.org \
--cc=alex.bazhaniuk@eclypsium.com \
--cc=alison.schofield@intel.com \
--cc=andy@infradead.org \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=daniel.gutson@eclypsium.com \
--cc=dave.hansen@linux.intel.com \
--cc=dvhart@infradead.org \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=hughsient@gmail.com \
--cc=keescook@chromium.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mario.limonciello@amd.com \
--cc=mingo@redhat.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=rafael@kernel.org \
--cc=rppt@kernel.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.