lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <06a5f311-9084-74da-9263-a35a9779f622@intel.com>
Date:   Thu, 25 Jun 2020 14:29:11 -0700
From:   Dave Hansen <dave.hansen@...el.com>
To:     Daniel Gutson <daniel.gutson@...ypsium.com>,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>,
        Arnd Bergmann <arnd@...db.de>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Peter Zijlstra <peterz@...radead.org>
Cc:     "David S. Miller" <davem@...emloft.net>,
        Rob Herring <robh@...nel.org>, Tony Luck <tony.luck@...el.com>,
        Rahul Tanwar <rahul.tanwar@...ux.intel.com>,
        Xiaoyao Li <xiaoyao.li@...el.com>,
        Sean Christopherson <sean.j.christopherson@...el.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Ability to read the MKTME status from userspace (patch
 v2)

On 6/25/20 2:10 PM, Daniel Gutson wrote:
> The intent of this patch is to provide visibility of the
> MKTME status to userspace. This is an important factor for
> firmware security related applilcations.

We need more specifics than this.  It's an important factor for what,
exactly?  Who will consume this and what will they do with it?

I'm also not sure we want to have an Intel product name in the ABI.  If
we're meaning to tell folks if hardware memory encryption is available
on the platform, let's say _that_, rather than talk about MKTME.

Also, MKTME enabling isn't all that interesting.  TME is much more
interesting and much more opaque.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ