lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 6 Oct 2021 08:27:39 +0200
From:   Paul Menzel <pmenzel@...gen.mpg.de>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Tom Lendacky <thomas.lendacky@....com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, x86@...nel.org,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Andy Lutomirski <luto@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        LKML <linux-kernel@...r.kernel.org>,
        amd-gfx@...ts.freedesktop.org
Subject: Re: `AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y` causes AMDGPU to fail on
 Ryzen: amdgpu: SME is not compatible with RAVEN

Dear Borislav,


Thank you for your reply.

Am 05.10.21 um 16:38 schrieb Borislav Petkov:
> On Tue, Oct 05, 2021 at 04:29:41PM +0200, Paul Menzel wrote:
>> Selecting the symbol `AMD_MEM_ENCRYPT` – as
>> done in Debian 5.13.9-1~exp1 [1] – also selects
>> `AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT`, as it defaults to yes,
> 
> I'm assuming that "selecting" is done automatically: alldefconfig,
> olddefconfig?
> 
> Because CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT only depends on
> CONFIG_AMD_MEM_ENCRYPT and former can be disabled in oldconfig or
> menuconfig etc.

Sorry for being unclear. Distributions want to enable support for that 
feature, but as long as it breaks systems, it should be opt-in via the 
Linux kernel command line, and not opt-out. Also the Kconfig help texts 
do not mention anything about these problems, and the AMDGPU log message 
is of level info and not error. It’d be even better, if the message 
would contain the information, how to disable SME (`mem_encrypt=off`).


Kind regards,

Paul

Powered by blists - more mailing lists