From: Mike Rapoport <rppt@kernel.org>
To: Richard Hughes <hughsient@gmail.com>
Cc: Martin Fernandez <martin.fernandez@eclypsium.com>,
linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org,
platform-driver-x86@vger.kernel.org, linux-mm@kvack.org,
tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com,
ardb@kernel.org, dvhart@infradead.org, andy@infradead.org,
gregkh@linuxfoundation.org, rafael@kernel.org,
akpm@linux-foundation.org, daniel.gutson@eclypsium.com,
alex.bazhaniuk@eclypsium.com, alison.schofield@intel.com
Subject: Re: [PATCH v3 0/5] x86: Show in sysfs if a memory node is able to do encryption
Date: Tue, 7 Dec 2021 09:25:04 +0200 [thread overview]
Message-ID: <Ya8MUOKPOKVfBfjJ@kernel.org> (raw)
In-Reply-To: <CAD2FfiG9wfeW_2xxZqBi9vsjzEJBRjJUZw+AQy1Taos4fh2TLA@mail.gmail.com>
Hi Richard,
On Mon, Dec 06, 2021 at 07:58:10PM +0000, Richard Hughes wrote:
> On Sun, 5 Dec 2021 at 06:04, Mike Rapoport <rppt@kernel.org> wrote:
> > On Fri, Dec 03, 2021 at 04:21:43PM -0300, Martin Fernandez wrote:
> > > fwupd project plans to use it as part of a check to see if the users
> > > have properly configured memory hardware encryption capabilities.
> > I'm missing a description about *how* the new APIs/ABIs are going to be
> > used.
>
> We're planning to use this feature in the Host Security ID checks done
> at every boot. Please see
> https://fwupd.github.io/libfwupdplugin/hsi.html for details. I'm happy
> to answer questions or concerns. Thanks!
Can you please describe the actual check for the memory encryption and how
it would impact the HSI rating?
I wonder, for example, why did you choose per-node reporting rather than
per-region as described in UEFI spec.
--
Sincerely yours,
Mike.
next prev parent reply other threads:[~2021-12-07 7:25 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-03 19:21 [PATCH v3 0/5] x86: Show in sysfs if a memory node is able to do encryption Martin Fernandez
2021-12-03 19:21 ` [PATCH v3 1/5] mm/memblock: Tag memblocks with crypto capabilities Martin Fernandez
2021-12-03 19:21 ` [PATCH v3 2/5] mm/mmzone: Tag pg_data_t " Martin Fernandez
2021-12-03 19:21 ` [PATCH v3 3/5] Tag e820_entry " Martin Fernandez
2021-12-04 8:21 ` Greg KH
2021-12-04 16:05 ` Mike Rapoport
2021-12-03 19:21 ` [PATCH v3 4/5] x86/efi: Tag e820_entries as crypto capable from EFI memmap Martin Fernandez
2021-12-03 19:21 ` [PATCH v3 5/5] drivers/node: Show in sysfs node's crypto capabilities Martin Fernandez
2021-12-04 8:22 ` Greg KH
2021-12-04 16:35 ` Martin Fernandez
2021-12-04 17:22 ` Greg KH
2021-12-04 18:03 ` Martin Fernandez
2021-12-05 6:04 ` [PATCH v3 0/5] x86: Show in sysfs if a memory node is able to do encryption Mike Rapoport
2021-12-06 19:58 ` Richard Hughes
2021-12-07 7:25 ` Mike Rapoport [this message]
2021-12-07 19:45 ` Martin Fernandez
2021-12-07 19:52 ` Dave Hansen
2021-12-07 20:06 ` Mike Rapoport
2021-12-07 20:13 ` Dave Hansen
2021-12-08 14:05 ` Richard Hughes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Ya8MUOKPOKVfBfjJ@kernel.org \
--to=rppt@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=alex.bazhaniuk@eclypsium.com \
--cc=alison.schofield@intel.com \
--cc=andy@infradead.org \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=daniel.gutson@eclypsium.com \
--cc=dave.hansen@linux.intel.com \
--cc=dvhart@infradead.org \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=hughsient@gmail.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=martin.fernandez@eclypsium.com \
--cc=mingo@redhat.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=rafael@kernel.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.