| Message ID | 20211203192148.585399-6-martin.fernandez@eclypsium.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | x86: Show in sysfs if a memory node is able to do encryption | expand |
On Fri, Dec 03, 2021 at 04:21:48PM -0300, Martin Fernandez wrote: > Show in each node in sysfs if its memory is able to do be encrypted by > the CPU, ie. if all its memory is marked with EFI_MEMORY_CPU_CRYPTO in > the EFI memory map. > > Signed-off-by: Martin Fernandez <martin.fernandez@eclypsium.com> > --- > drivers/base/node.c | 10 ++++++++++ > 1 file changed, 10 insertions(+) > > diff --git a/drivers/base/node.c b/drivers/base/node.c > index b5a4ba18f9f9..67b0e2fa93b1 100644 > --- a/drivers/base/node.c > +++ b/drivers/base/node.c > @@ -560,11 +560,21 @@ static ssize_t node_read_distance(struct device *dev, > } > static DEVICE_ATTR(distance, 0444, node_read_distance, NULL); > > +static ssize_t crypto_capable_show(struct device *dev, > + struct device_attribute *attr, char *buf) > +{ > + struct pglist_data *pgdat = NODE_DATA(dev->id); > + > + return sysfs_emit(buf, "%d\n", pgdat->crypto_capable); > +} > +static DEVICE_ATTR_RO(crypto_capable); > + > static struct attribute *node_dev_attrs[] = { > &dev_attr_meminfo.attr, > &dev_attr_numastat.attr, > &dev_attr_distance.attr, > &dev_attr_vmstat.attr, > + &dev_attr_crypto_capable.attr, > NULL > }; You forgot a Documentation/ABI/ update for this new sysfs file you added :(
On 12/4/21, Greg KH <gregkh@linuxfoundation.org> wrote: > > You forgot a Documentation/ABI/ update for this new sysfs file you > added :( > Damn, I forgot to add it to the patch. It will be in my next patch, this is what it looks like: diff --git a/Documentation/ABI/testing/sysfs-devices-node b/Documentation/ABI/testing/sysfs-devices-node new file mode 100644 index 000000000000..ab46fdd3f6a8 --- /dev/null +++ b/Documentation/ABI/testing/sysfs-devices-node @@ -0,0 +1,10 @@ +What: /sys/devices/system/node/nodeX/crypto_capable +Date: October 2021 +Contact: Martin Fernandez <martin.fernandez@eclypsium.com> +Users: fwupd +Description: + This value is 1 if all system memory in this node is + marked with EFI_MEMORY_CPU_CRYPTO, indicating that the + system memory is capable of being protected with the + CPU’s memory cryptographic capabilities. It is 0 + otherwise. \ No newline at end of file
On Sat, Dec 04, 2021 at 01:35:15PM -0300, Martin Fernandez wrote: > On 12/4/21, Greg KH <gregkh@linuxfoundation.org> wrote: > > > > You forgot a Documentation/ABI/ update for this new sysfs file you > > added :( > > > > Damn, I forgot to add it to the patch. It will be in my next patch, > this is what it looks like: > > diff --git a/Documentation/ABI/testing/sysfs-devices-node > b/Documentation/ABI/testing/sysfs-devices-node > new file mode 100644 > index 000000000000..ab46fdd3f6a8 > --- /dev/null > +++ b/Documentation/ABI/testing/sysfs-devices-node > @@ -0,0 +1,10 @@ > +What: /sys/devices/system/node/nodeX/crypto_capable > +Date: October 2021 October is long gone :( > +Contact: Martin Fernandez <martin.fernandez@eclypsium.com> > +Users: fwupd Maybe a link to what 'fwupd' is? > +Description: > + This value is 1 if all system memory in this node is > + marked with EFI_MEMORY_CPU_CRYPTO, indicating that the > + system memory is capable of being protected with the > + CPU’s memory cryptographic capabilities. It is 0 > + otherwise. thanks, greg k-h
On 12/4/21, Greg KH <gregkh@linuxfoundation.org> wrote: > On Sat, Dec 04, 2021 at 01:35:15PM -0300, Martin Fernandez wrote: >> +Date: October 2021 > > October is long gone :( > :( >> +Contact: Martin Fernandez <martin.fernandez@eclypsium.com> >> +Users: fwupd > > Maybe a link to what 'fwupd' is? > Will add. Thanks.
diff --git a/drivers/base/node.c b/drivers/base/node.c index b5a4ba18f9f9..67b0e2fa93b1 100644 --- a/drivers/base/node.c +++ b/drivers/base/node.c @@ -560,11 +560,21 @@ static ssize_t node_read_distance(struct device *dev, } static DEVICE_ATTR(distance, 0444, node_read_distance, NULL); +static ssize_t crypto_capable_show(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct pglist_data *pgdat = NODE_DATA(dev->id); + + return sysfs_emit(buf, "%d\n", pgdat->crypto_capable); +} +static DEVICE_ATTR_RO(crypto_capable); + static struct attribute *node_dev_attrs[] = { &dev_attr_meminfo.attr, &dev_attr_numastat.attr, &dev_attr_distance.attr, &dev_attr_vmstat.attr, + &dev_attr_crypto_capable.attr, NULL };
Show in each node in sysfs if its memory is able to do be encrypted by the CPU, ie. if all its memory is marked with EFI_MEMORY_CPU_CRYPTO in the EFI memory map. Signed-off-by: Martin Fernandez <martin.fernandez@eclypsium.com> --- drivers/base/node.c | 10 ++++++++++ 1 file changed, 10 insertions(+)