lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Ya++1FwWzKr2wYQH@kernel.org>
Date:   Tue, 7 Dec 2021 22:06:44 +0200
From:   Mike Rapoport <rppt@...nel.org>
To:     Dave Hansen <dave.hansen@...el.com>
Cc:     Martin Fernandez <martin.fernandez@...ypsium.com>,
        Richard Hughes <hughsient@...il.com>,
        linux-kernel@...r.kernel.org, linux-efi@...r.kernel.org,
        platform-driver-x86@...r.kernel.org, linux-mm@...ck.org,
        tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
        dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com,
        ardb@...nel.org, dvhart@...radead.org, andy@...radead.org,
        gregkh@...uxfoundation.org, rafael@...nel.org,
        akpm@...ux-foundation.org, daniel.gutson@...ypsium.com,
        alex.bazhaniuk@...ypsium.com, alison.schofield@...el.com
Subject: Re: [PATCH v3 0/5] x86: Show in sysfs if a memory node is able to do
 encryption

On Tue, Dec 07, 2021 at 11:52:54AM -0800, Dave Hansen wrote:
> On 12/7/21 11:45 AM, Martin Fernandez wrote:
> >> I wonder, for example, why did you choose per-node reporting rather than
> >> per-region as described in UEFI spec.
> > Some time ago we discussed about this and concluded with Dave Hansen
> > that it was better to do it in this per-node way.
> 
> Physical memory regions aren't exposed to userspace in any meaningful way.

Well, we have /sys/firmware/memory that exposes e820...
 
> An ABI that says "everything is encrypted" is pretty meaningless and
> only useful for this one, special case.
> 
> A per-node ABI is useful for this case and is also useful going forward
> if folks want to target allocations from applications to NUMA nodes
> which have encryption capabilities.  The ABI in this set is useful for
> the immediate case and is useful to other folks.

I don't mind per-node ABI, I'm just concerned that having a small region
without the encryption flag set will render the entire node "not
encryptable". This may happen because a bug in firmware, a user that shoot
themself in a leg with weird memmap= or some hidden gem in interaction
between e820, EFI and memblock that we still didn't discover.

I agree that per-node flag is useful, but maybe we should also have better
granularity as well.

-- 
Sincerely yours,
Mike.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ