From: Martin Fernandez <martin.fernandez@eclypsium.com>
To: linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org,
platform-driver-x86@vger.kernel.org, linux-mm@kvack.org
Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com,
ardb@kernel.org, dvhart@infradead.org, andy@infradead.org,
gregkh@linuxfoundation.org, rafael@kernel.org, rppt@kernel.org,
akpm@linux-foundation.org, daniel.gutson@eclypsium.com,
hughsient@gmail.com, alex.bazhaniuk@eclypsium.com,
alison.schofield@intel.com,
Martin Fernandez <martin.fernandez@eclypsium.com>
Subject: [PATCH v3 0/5] x86: Show in sysfs if a memory node is able to do encryption
Date: Fri, 3 Dec 2021 16:21:43 -0300 [thread overview]
Message-ID: <20211203192148.585399-1-martin.fernandez@eclypsium.com> (raw)
Show for each node if every memory descriptor in that node has the
EFI_MEMORY_CPU_CRYPTO attribute.
fwupd project plans to use it as part of a check to see if the users
have properly configured memory hardware encryption capabilities. It's
planned to make it part of a specification that can be passed to
people purchasing hardware. It's called Host Security ID:
https://fwupd.github.io/libfwupdplugin/hsi.html
This also can be useful in the future if NUMA decides to prioritize
nodes that are able to do encryption.
Changes since v2:
e820__range_mark_crypto -> e820__range_mark_crypto_capable.
In e820__range_remove: Create a region with crypto capabilities
instead of creating one without it and then mark it.
Changes since v1:
Modify __e820__range_update to update the crypto capabilities of a
range; now this function will change the crypto capability of a range
if it's called with the same old_type and new_type. Rework
efi_mark_e820_regions_as_crypto_capable based on this.
Update do_add_efi_memmap to mark the regions as it creates them.
Change the type of crypto_capable in e820_entry from bool to u8.
Fix e820__update_table changes.
Remove memblock_add_crypto_capable. Now you have to add the region and
mark it then.
Better place for crypto_capable in pglist_data.
Martin Fernandez (5):
mm/memblock: Tag memblocks with crypto capabilities
mm/mmzone: Tag pg_data_t with crypto capabilities
Tag e820_entry with crypto capabilities
x86/efi: Tag e820_entries as crypto capable from EFI memmap
drivers/node: Show in sysfs node's crypto capabilities
arch/x86/include/asm/e820/api.h | 1 +
arch/x86/include/asm/e820/types.h | 1 +
arch/x86/kernel/e820.c | 59 ++++++++++++++++++++++++-------
arch/x86/platform/efi/efi.c | 25 +++++++++++++
drivers/base/node.c | 10 ++++++
include/linux/memblock.h | 5 +++
include/linux/mmzone.h | 3 ++
mm/memblock.c | 49 +++++++++++++++++++++++++
mm/page_alloc.c | 1 +
9 files changed, 142 insertions(+), 12 deletions(-)
--
2.30.2
next reply other threads:[~2021-12-03 19:22 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-03 19:21 Martin Fernandez [this message]
2021-12-03 19:21 ` [PATCH v3 1/5] mm/memblock: Tag memblocks with crypto capabilities Martin Fernandez
2021-12-03 19:21 ` [PATCH v3 2/5] mm/mmzone: Tag pg_data_t " Martin Fernandez
2021-12-03 19:21 ` [PATCH v3 3/5] Tag e820_entry " Martin Fernandez
2021-12-04 8:21 ` Greg KH
2021-12-04 16:05 ` Mike Rapoport
2021-12-03 19:21 ` [PATCH v3 4/5] x86/efi: Tag e820_entries as crypto capable from EFI memmap Martin Fernandez
2021-12-03 19:21 ` [PATCH v3 5/5] drivers/node: Show in sysfs node's crypto capabilities Martin Fernandez
2021-12-04 8:22 ` Greg KH
2021-12-04 16:35 ` Martin Fernandez
2021-12-04 17:22 ` Greg KH
2021-12-04 18:03 ` Martin Fernandez
2021-12-05 6:04 ` [PATCH v3 0/5] x86: Show in sysfs if a memory node is able to do encryption Mike Rapoport
2021-12-06 19:58 ` Richard Hughes
2021-12-07 7:25 ` Mike Rapoport
2021-12-07 19:45 ` Martin Fernandez
2021-12-07 19:52 ` Dave Hansen
2021-12-07 20:06 ` Mike Rapoport
2021-12-07 20:13 ` Dave Hansen
2021-12-08 14:05 ` Richard Hughes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211203192148.585399-1-martin.fernandez@eclypsium.com \
--to=martin.fernandez@eclypsium.com \
--cc=akpm@linux-foundation.org \
--cc=alex.bazhaniuk@eclypsium.com \
--cc=alison.schofield@intel.com \
--cc=andy@infradead.org \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=daniel.gutson@eclypsium.com \
--cc=dave.hansen@linux.intel.com \
--cc=dvhart@infradead.org \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=hughsient@gmail.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mingo@redhat.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=rafael@kernel.org \
--cc=rppt@kernel.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).