Re: [RFC 0/3] Expose Confidential Computing capabilities on sysfs

From: Dave Hansen
Date: Wed Mar 09 2022 - 17:40:43 EST

Next message: Minchan Kim: "Re: [PATCH] mm: fs: fix lru_cache_disabled race in bh_lru"
Previous message: Greg Kroah-Hartman: "Re: [PATCH] ARM: Do not use NOCROSSREFS directive with ld.lld"
In reply to: Alejandro Jimenez: "[RFC 2/3] x86: Expose SEV capabilities in sysfs"
Next in thread: Alejandro Jimenez: "Re: [RFC 0/3] Expose Confidential Computing capabilities on sysfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 3/9/22 14:06, Alejandro Jimenez wrote:>
> On EPYC Milan host:
>
> $ grep -r . /sys/kernel/mm/mem_encrypt/*
> /sys/kernel/mm/mem_encrypt/c_bit_position:51

Why on earth would we want to expose this to userspace?

> /sys/kernel/mm/mem_encrypt/sev/nr_sev_asid:509
> /sys/kernel/mm/mem_encrypt/sev/status:enabled
> /sys/kernel/mm/mem_encrypt/sev/nr_asid_available:509
> /sys/kernel/mm/mem_encrypt/sev_es/nr_sev_es_asid:0
> /sys/kernel/mm/mem_encrypt/sev_es/status:enabled
> /sys/kernel/mm/mem_encrypt/sev_es/nr_asid_available:509
> /sys/kernel/mm/mem_encrypt/sme/status:active

For all of this... What will userspace *do* with it?

For nr_asid_available, I get it. It tells you how many guests you can
still run. But, TDX will need the same logical thing. Should TDX hosts
go looking for this in:

/sys/kernel/mm/mem_encrypt/tdx/available_guest_key_ids

?

If it's something that's common, it needs to be somewhere common.

Next message: Minchan Kim: "Re: [PATCH] mm: fs: fix lru_cache_disabled race in bh_lru"
Previous message: Greg Kroah-Hartman: "Re: [PATCH] ARM: Do not use NOCROSSREFS directive with ld.lld"
In reply to: Alejandro Jimenez: "[RFC 2/3] x86: Expose SEV capabilities in sysfs"
Next in thread: Alejandro Jimenez: "Re: [RFC 0/3] Expose Confidential Computing capabilities on sysfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]