| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Dec 2021 09:25:04 +0200
From: Mike Rapoport <rppt@...nel.org>
To: Richard Hughes <hughsient@...il.com>
Cc: Martin Fernandez <martin.fernandez@...ypsium.com>,
linux-kernel@...r.kernel.org, linux-efi@...r.kernel.org,
platform-driver-x86@...r.kernel.org, linux-mm@...ck.org,
tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com,
ardb@...nel.org, dvhart@...radead.org, andy@...radead.org,
gregkh@...uxfoundation.org, rafael@...nel.org,
akpm@...ux-foundation.org, daniel.gutson@...ypsium.com,
alex.bazhaniuk@...ypsium.com, alison.schofield@...el.com
Subject: Re: [PATCH v3 0/5] x86: Show in sysfs if a memory node is able to do
encryption
Hi Richard,
On Mon, Dec 06, 2021 at 07:58:10PM +0000, Richard Hughes wrote:
> On Sun, 5 Dec 2021 at 06:04, Mike Rapoport <rppt@...nel.org> wrote:
> > On Fri, Dec 03, 2021 at 04:21:43PM -0300, Martin Fernandez wrote:
> > > fwupd project plans to use it as part of a check to see if the users
> > > have properly configured memory hardware encryption capabilities.
> > I'm missing a description about *how* the new APIs/ABIs are going to be
> > used.
>
> We're planning to use this feature in the Host Security ID checks done
> at every boot. Please see
> https://fwupd.github.io/libfwupdplugin/hsi.html for details. I'm happy
> to answer questions or concerns. Thanks!
Can you please describe the actual check for the memory encryption and how
it would impact the HSI rating?
I wonder, for example, why did you choose per-node reporting rather than
per-region as described in UEFI spec.
--
Sincerely yours,
Mike.
Powered by blists - more mailing lists