Re: [PATCH 2/5] efi/x86: Implement support for unaccepted memory

From: Dave Hansen
Date: Tue Aug 10 2021 - 14:31:33 EST

Next message: Stephen Boyd: "Re: [PATCH v2] drm/msm/dp: add drm debug logs to dp_pm_resume/suspend"
Previous message: Andi Kleen: "Re: [PATCH 1/5] mm: Add support for unaccepted memory"
In reply to: Dave Hansen: "Re: [PATCH 2/5] efi/x86: Implement support for unaccepted memory"
Next in thread: Kirill A. Shutemov: "Re: [PATCH 2/5] efi/x86: Implement support for unaccepted memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 8/9/21 11:26 PM, Kirill A. Shutemov wrote:
> +config UNACCEPTED_MEMORY
> + bool
> + depends on EFI_STUB
> + help
> + Some Virtual Machine platforms, such as Intel TDX, introduce
> + the concept of memory acceptance, requiring memory to be accepted
> + before it can be used by the guest. This protects against a class of
> + attacks by the virtual machine platform.
> +
> + This option adds support for unaccepted memory and makes such memory
> + usable by kernel.

Do we really need a full-blown user-visible option here? If we, for
instance, just did:

config UNACCEPTED_MEMORY
bool
depends on EFI_STUB

it could be 'select'ed from the TDX Kconfig and no users would ever be
bothered with it. Would a user *ever* turn this on if they don't have
TDX (or equivalent)?

Next message: Stephen Boyd: "Re: [PATCH v2] drm/msm/dp: add drm debug logs to dp_pm_resume/suspend"
Previous message: Andi Kleen: "Re: [PATCH 1/5] mm: Add support for unaccepted memory"
In reply to: Dave Hansen: "Re: [PATCH 2/5] efi/x86: Implement support for unaccepted memory"
Next in thread: Kirill A. Shutemov: "Re: [PATCH 2/5] efi/x86: Implement support for unaccepted memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]