Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active

From: Borislav Petkov
Date: Thu Sep 22 2016 - 15:12:00 EST

Next message: tip-bot for Gu Zheng: "[tip:x86/apic] x86/acpi: Set persistent cpuid <-> nodeid mapping when booting"
Previous message: Jannik Becher: "[PATCH] drivers: wlan-ng: fixed a coding style issue"
In reply to: Tom Lendacky: "Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active"
Next in thread: Tom Lendacky: "Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 22, 2016 at 02:04:27PM -0500, Tom Lendacky wrote:
> That's not what I mean here. If the BIOS sets the SMEE bit in the
> SYS_CFG msr then, even if the encryption bit is never used, there is
> still a reduction in physical address space.

I thought that reduction is the reservation of bits for the SME mask.

What other reduction is there?

> Transparent SME (TSME) will be a BIOS option that will result in the
> memory controller performing encryption no matter what. In this case
> all data will be encrypted without a reduction in physical address
> space.

Now I'm confused: aren't we reducing the address space with the SME
mask?

Or what reduction do you mean?

--
Regards/Gruss,
Boris.

SUSE Linux GmbH, GF: Felix ImendÃrffer, Jane Smithard, Graham Norton, HRB 21284 (AG NÃrnberg)
--

Next message: tip-bot for Gu Zheng: "[tip:x86/apic] x86/acpi: Set persistent cpuid <-> nodeid mapping when booting"
Previous message: Jannik Becher: "[PATCH] drivers: wlan-ng: fixed a coding style issue"
In reply to: Tom Lendacky: "Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active"
Next in thread: Tom Lendacky: "Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]