Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp612872ybt; Fri, 19 Jun 2020 09:20:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzFx3wXUNz5j81El7f/Ur5RWgP9w/CSiwe5Mkb3c55OK95j/eGaoVGjLd/KZQTEJcz+oMxP X-Received: by 2002:aa7:d785:: with SMTP id s5mr4286277edq.17.1592583627548; Fri, 19 Jun 2020 09:20:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592583627; cv=none; d=google.com; s=arc-20160816; b=eceAR9c1h0VabyEiQ442AF6idM4vBE2kbAeS0nrn0Q2qWKSXf2XV20g1wa4v0PUUSr eDYLM5HmrVGzI+dgjS2c8SEy+ESLTHVpp7V/6Cq3EY9bKch8f1H0FCLlpm/HmxwZ9CFe INbU47hpeqU7Rv2D1/S+KJzcB10DKx4fAO5GF3YlzIAjfKePMIYIWrHJLbZ7gl9COcia bpbSpMWfGOSDWjqcLOY038GtjhoSh03TDJUH45ej1qe0rN1E+yCwc1pMajO6FvWvHSrX mT7l1WIlwJLxR0PLvhbfQNbyeOe85W+LMrEoWcwl6cPQKW+x+pE+iIKm0q6TJQEfOhVm yzPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=KA1YYiLoYecDSXE7VUrhPC0pwfaz8HP7Uv5Pt43IOGY=; b=ZbWjT+1tdITngBXiYYv9EhYo94k+xBIg7i/HQeP8tufC0OIupPApE0Rjaf04uuBMWc caL+5kBLQw1sPtzTvymMq9SbDqi5MCsq0i3BkzwG9TGSyM7aYr47qQ6n6tzRsEIuE/g9 9kFaLWpKwHJM+3316c6Ax0MF9MvfNxnsEOiL8SkzqKvQVRf9EgqpD2JAUzQB3GW8jCP/ S8h3f444I2osttwCNjb0EZz886YqjA6VORuA7PrPAGdw7x4IzYOo0X5Iy0T33MTUvIGN gKlSiZvLijeu4anskjFyPtkavQzmxr9sR+iQJIhrQ3bA4DGVS+ihA57MZmLILHLgDBpf gKIw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=s+Q5WK32; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h19si4215821ejd.365.2020.06.19.09.20.05; Fri, 19 Jun 2020 09:20:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=s+Q5WK32; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2394509AbgFSQRY (ORCPT + 99 others); Fri, 19 Jun 2020 12:17:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55948 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390753AbgFSPCb (ORCPT ); Fri, 19 Jun 2020 11:02:31 -0400 Received: from mail-vs1-xe41.google.com (mail-vs1-xe41.google.com [IPv6:2607:f8b0:4864:20::e41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E3CDC06174E for ; Fri, 19 Jun 2020 08:02:31 -0700 (PDT) Received: by mail-vs1-xe41.google.com with SMTP id y123so5760683vsb.6 for ; Fri, 19 Jun 2020 08:02:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KA1YYiLoYecDSXE7VUrhPC0pwfaz8HP7Uv5Pt43IOGY=; b=s+Q5WK32U7x677VRiwsxq5vLGWbQmVm3qU5gzbBqxiAwaSVsdmV07dmcuRGlhrvRgG gN3uVtClNBaOwGDGW+v0DnBXSP4Zm9FtdpKu5SXMFi4L23Y8wXEH0zoKon8G5VxoicCO OzqH3UQ+Z2/HQSudWwlKu8rM/8m4nffPcAsiaxJmupRD9QjVSJZyQ5THFvZ2ZPnFT4Bf wh4G66yucWvORbH60yEO2YLbaesEfRiyQPh8KrTmU8Ml/nuiYAFjgzhvlR4HXx3tmo61 i9w/weX5MHfrvqUltQMp55oet6EA22B754bpfiWu6Wdg0ExgKWQBRiYLmJ9AfH8Ys6ZT tD+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KA1YYiLoYecDSXE7VUrhPC0pwfaz8HP7Uv5Pt43IOGY=; b=Azo0GXGrXyCtlDa7kYLXUY/QA4fdPzWmX9PNS1JolYkkHl8P0kloTULyry08/E3QKc LTuc6PWgxrJNc6Oe4iV/dufs44XNm6+YJVxw6T7F1HjLyK2BUnb48I/iFh4LGrD/bUAr 6fcfkwO/g0p17b31iwJtUWJBHYjFlht1Etjw/11GaF+rBweA6d/2u5fnpE/qlb7zzroy Ep3CSLnKkwIOFgkKALItiz7RuBwwjoIR2FopFZs1Fwm0A3rUjczj+C7azf2wbQPv7O38 3ZIdizdceR0ZlgqzKBb+6Qx12xhsu8CH3dDCNGybjfsrNRhClvhdFaS280oqcXHF9CsY 53gg== X-Gm-Message-State: AOAM532Q88GAUPrlcaa6HujkUxU58lfLjRO4azQ2NxPpNOjNNPr/oEMS UiMG8eM29wOgaYeSRPsBaIBau05msCwsD9ClY98= X-Received: by 2002:a67:684f:: with SMTP id d76mr7813592vsc.66.1592578950686; Fri, 19 Jun 2020 08:02:30 -0700 (PDT) MIME-Version: 1.0 References: <20200618210215.23602-1-daniel.gutson@eclypsium.com> <589c89ae-620e-36f8-2be5-4afc727c2911@intel.com> <23babf62-00cb-cb47-bb19-da9508325934@intel.com> <80578b72-cb6f-8da9-1043-b4055c75d7f6@intel.com> <3d454068-fd4e-4399-4bf5-2d010bb2ba7d@intel.com> In-Reply-To: From: Richard Hughes Date: Fri, 19 Jun 2020 16:02:19 +0100 Message-ID: Subject: Re: [PATCH] Ability to read the MKTME status from userspace To: Dave Hansen Cc: Daniel Gutson , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H. Peter Anvin" , Arnd Bergmann , Greg Kroah-Hartman , Peter Zijlstra , "David S. Miller" , Rob Herring , Tony Luck , Rahul Tanwar , Xiaoyao Li , Sean Christopherson , Dave Hansen , linux-kernel Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 19 Jun 2020 at 15:48, Dave Hansen wrote: > You cut out the important part. The "pretty sure" involves a bunch of > preconditions and knowing what your hardware configuration is in the > first place. Totally agree. > Let's take a step back. We add read-only ABIs so that decisions can be > made. What decision will somebody make from the ABI being proposed here? The question of "is my memory encrypted" is what I'm trying to decide. To the end user (or the person marking a compliance ticksheet for a government contract) all they want to know is the end result. At the moment for AMD SME this seems much simpler as there are less "preconditions". > Someone does 'cat /proc/mktme' (or whatever) and it says "1" or > whatever, which means yay, encryption is on. What do they do? I think "is my memory encrypted" for Intel has to be a superset of: 1. TME in CPU info 2. not disabled by the platform 3. not using unencrypted swap 4. not using a memory accelerator 5. entire DRAM area is marked with EFI_MEMORY_CPU_CRYPTO It seems the only way to answer the questions and make it easy for the consumer to know the answer is to ask the kernel for each of the 5 different questions. At the moment we can only get 1, 3, maybe 4, soon to be 5, but not 2. Richard.