| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6655bcdc-e658-3ba1-ed7a-3fe1eadef48a@intel.com>
Date: Fri, 16 Jun 2023 09:26:39 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: Nikolay Borisov <nik.borisov@...e.com>,
Kai Huang <kai.huang@...el.com>, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Cc: linux-mm@...ck.org, kirill.shutemov@...ux.intel.com,
tony.luck@...el.com, peterz@...radead.org, tglx@...utronix.de,
seanjc@...gle.com, pbonzini@...hat.com, david@...hat.com,
dan.j.williams@...el.com, rafael.j.wysocki@...el.com,
ying.huang@...el.com, reinette.chatre@...el.com,
len.brown@...el.com, ak@...ux.intel.com, isaku.yamahata@...el.com,
chao.gao@...el.com, sathyanarayanan.kuppuswamy@...ux.intel.com,
bagasdotme@...il.com, sagis@...gle.com, imammedo@...hat.com
Subject: Re: [PATCH v11 20/20] Documentation/x86: Add documentation for TDX
host support
On 6/16/23 02:02, Nikolay Borisov wrote:
>>
>> +TDX reports a list of "Convertible Memory Region" (CMR) to tell the
>
> nit: It might be worth mentioning that those CMRs ultimately come from
> the BIOS. Because it's never mentioned here and in the "Physical Memory
> Hotplug" it's directly mentioned that bios shouldn't support hot-removal
> of memory. So the bios is a central component in a sense.
The BIOS is weird on TDX systems. It's central, sure, but it's also
untrusted. The TDX module generally has a kind of "trust but verify"
approach to the BIOS.
I guess the BIOS is the one poking at the memory controllers and getting
the DIMMs fired up. But I _do_ think it's OK to say that CMRs come from
the TDX module. The important thing is that they're trusted.
Powered by blists - more mailing lists