Re: [PATCH v5 31/32] x86: Add sysfs support for Secure Memory Encryption

From: Borislav Petkov
Date: Thu May 18 2017 - 13:02:29 EST

Next message: Christoph Lameter: "Re: [RFC 1/6] mm, page_alloc: fix more premature OOM due to race with cpuset update"
Previous message: Kees Cook: "Re: [PATCH 00/17] convert/reorganize Documentation/security/"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 18, 2017 at 04:22:12PM -0500, Tom Lendacky wrote:
> Add sysfs support for SME so that user-space utilities (kdump, etc.) can
> determine if SME is active.

But why do user-space tools need to know that?

I mean, when we load the kdump kernel, we do it with the first kernel,
with the kexec_load() syscall, AFAICT. And that code does a lot of
things during that init, like machine_kexec_prepare()->init_pgtable() to
prepare the ident mapping of the second kernel, for example.

What I'm aiming at is that the first kernel knows *exactly* whether SME
is enabled or not and doesn't need to tell the second one through some
sysfs entries - it can do that during loading.

So I don't think we need any userspace things at all...

Or?

--
Regards/Gruss,
Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

Next message: Christoph Lameter: "Re: [RFC 1/6] mm, page_alloc: fix more premature OOM due to race with cpuset update"
Previous message: Kees Cook: "Re: [PATCH 00/17] convert/reorganize Documentation/security/"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]