| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 27 Oct 2022 08:21:02 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: Borislav Petkov <bp@...en8.de>,
Martin Fernandez <martin.fernandez@...ypsium.com>
Cc: linux-kernel@...r.kernel.org, linux-efi@...r.kernel.org,
platform-driver-x86@...r.kernel.org, linux-mm@...ck.org,
kunit-dev@...glegroups.com, linux-kselftest@...r.kernel.org,
tglx@...utronix.de, mingo@...hat.com, dave.hansen@...ux.intel.com,
x86@...nel.org, hpa@...or.com, ardb@...nel.org,
dvhart@...radead.org, andy@...radead.org,
gregkh@...uxfoundation.org, rafael@...nel.org, rppt@...nel.org,
akpm@...ux-foundation.org, daniel.gutson@...ypsium.com,
hughsient@...il.com, alex.bazhaniuk@...ypsium.com,
alison.schofield@...el.com, keescook@...omium.org
Subject: Re: [PATCH v9 0/9] x86: Show in sysfs if a memory node is able to do
encryption
On 10/27/22 01:57, Borislav Petkov wrote:
> Well, I still think this is not going to work in all cases. SME/TME can
> be enabled but the kernel can go - and for whatever reason - map a bunch
> of memory unencrypted.
For TME on Intel systems, there's no way to make it unencrypted. The
memory controller is doing all the encryption behind the back of the OS
and even devices that are doing DMA. Nothing outside of the memory
controller really knows or cares that encryption is happening.
Powered by blists - more mailing lists