Re: [PATCH v9 9/9] drivers/node: Show in sysfs node's crypto capabilities

On Mon, Jul 04, 2022 at 10:58:33AM -0300, Martin Fernandez wrote:

Show in each node in sysfs if its memory is able to do be encrypted by the CPU; on EFI systems: if all its memory is marked with EFI_MEMORY_CPU_CRYPTO in the EFI memory map.

Signed-off-by: Martin Fernandez martin.fernandez@eclypsium.com

Documentation/ABI/testing/sysfs-devices-node | 10 ++++++++++ drivers/base/node.c | 10 ++++++++++ 2 files changed, 20 insertions(+) create mode 100644 Documentation/ABI/testing/sysfs-devices-node

diff --git a/Documentation/ABI/testing/sysfs-devices-node b/Documentation/ABI/testing/sysfs-devices-node new file mode 100644 index 000000000000..0e95420bd7c5 --- /dev/null +++ b/Documentation/ABI/testing/sysfs-devices-node @@ -0,0 +1,10 @@ +What: /sys/devices/system/node/nodeX/crypto_capable +Date: April 2022 +Contact: Martin Fernandez martin.fernandez@eclypsium.com +Users: fwupd (https://fwupd.org) +Description:

• This value is 1 if all system memory in this node is
  

• capable of being protected with the CPU's memory
  

• cryptographic capabilities.  It is 0 otherwise.
  

• On EFI systems the node will be marked with
  

• EFI_MEMORY_CPU_CRYPTO.
  

Where will such a node be "marked"? I do not understand this last sentence, sorry, can you please reword this?

And why is EFI an issue here at all?

thanks,

greg k-h