Re: [PATCH v9 0/9] x86: Show in sysfs if a memory node is able to do encryption

From: Dave Hansen
Date: Thu Oct 27 2022 - 11:22:23 EST

Next message: Krzysztof Kozlowski: "Re: [PATCH v3 3/4] arm64: dts: qcom: Add base QDU1000/QRU1000 DTSIs"
Previous message: Steven Rostedt: "Re: [RFC][PATCH v2 15/31] timers: Input: Use del_timer_shutdown() before freeing timer"
In reply to: Borislav Petkov: "Re: [PATCH v9 0/9] x86: Show in sysfs if a memory node is able to do encryption"
Next in thread: Borislav Petkov: "Re: [PATCH v9 0/9] x86: Show in sysfs if a memory node is able to do encryption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/27/22 01:57, Borislav Petkov wrote:
> Well, I still think this is not going to work in all cases. SME/TME can
> be enabled but the kernel can go - and for whatever reason - map a bunch
> of memory unencrypted.

For TME on Intel systems, there's no way to make it unencrypted. The
memory controller is doing all the encryption behind the back of the OS
and even devices that are doing DMA. Nothing outside of the memory
controller really knows or cares that encryption is happening.

Next message: Krzysztof Kozlowski: "Re: [PATCH v3 3/4] arm64: dts: qcom: Add base QDU1000/QRU1000 DTSIs"
Previous message: Steven Rostedt: "Re: [RFC][PATCH v2 15/31] timers: Input: Use del_timer_shutdown() before freeing timer"
In reply to: Borislav Petkov: "Re: [PATCH v9 0/9] x86: Show in sysfs if a memory node is able to do encryption"
Next in thread: Borislav Petkov: "Re: [PATCH v9 0/9] x86: Show in sysfs if a memory node is able to do encryption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]