From: Ingo Molnar <mingo@kernel.org>
To: Borislav Petkov <bp@alien8.de>
Cc: Joerg Roedel <joro@8bytes.org>,
x86@kernel.org, hpa@zytor.com,
Tom Lendacky <thomas.lendacky@amd.com>,
Nikunj A Dadhania <nikunj@amd.com>,
linux-kernel@vger.kernel.org, Larry.Dewey@amd.com,
Joerg Roedel <jroedel@suse.de>
Subject: Re: [PATCH] x86/sev: Make SEV_STATUS available via SYSFS
Date: Wed, 5 Mar 2025 12:42:41 +0100 [thread overview]
Message-ID: <Z8g4sU_dsZgY0PuS@gmail.com> (raw)
In-Reply-To: <20250305113155.GCZ8g2K1XEdgynTA9D@fat_crate.local>
* Borislav Petkov <bp@alien8.de> wrote:
> On Wed, Mar 05, 2025 at 12:26:13PM +0100, Ingo Molnar wrote:
> > It's *far* better to expose this via a targeted sysfs entry than
> > polluting /proc/cpuinfo with it that everyone and their dog is parsing
> > all the time ...
>
> Pasting what we're talking on IRC:
>
> - we don't want to expose a naked MSR u64 to userspace.
As long as it's architected values that won't change randomly, I don't
see the harm, and we expose raw feature bits all the time in sysfs.
User-space tooling would just unnecessarily parse and decode it anyway.
So if the convenience of tooling is the argument, the raw feature mask
exposed is the best option overall.
> Might as well use msr-tools
>
> - the backstory is, there are a bunch of tools which wanna know this so we
> need to agree on how to supply it to them
>
> - I think /proc/cpuinfo is the best option right now
So I disagree with that placement: /proc/cpuinfo is fundamentally
per-CPU, while sev_status is a machine-wide word in .data. Also,
something that is needed infrequently should not be put into the
frequently used /proc/cpuinfo file.
> - and then TDX can use the same thing too
>
> - we have a general need to expose what a confidential guest supports
>
> - a .../sev sysfs file clearly doesn't cut it because TDX doesn't have "sev"
> - it is the Intel version of a confidential guest
>
> - and I don't want to have "0xdeadbeef" in some sys file but "SEV SEV-ES TDX
> SecureTSC" and so on user-readable strings
So the /sys/devices/system/cpu/sev/ directory already exists and your
arguments already apply to that, don't they?
As to the hex numbers - do you prefer to put string versions of these
into the sysfs file:
MSR_AMD64_SEV_ENABLED
MSR_AMD64_SEV_ES_ENABLED
MSR_AMD64_SEV_SNP_ENABLED
MSR_AMD64_SNP_DEBUG_SWAP
MSR_AMD64_SNP_SECURE_TSC
MSR_AMD64_SNP_VTOM
?
Thanks,
Ingo
next prev parent reply other threads:[~2025-03-05 11:42 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-05 10:52 [PATCH] x86/sev: Make SEV_STATUS available via SYSFS Joerg Roedel
2025-03-05 11:11 ` [tip: x86/sev] " tip-bot2 for Joerg Roedel
2025-03-05 11:12 ` [PATCH] " Borislav Petkov
2025-03-05 11:26 ` Ingo Molnar
2025-03-05 11:31 ` Borislav Petkov
2025-03-05 11:35 ` Juergen Gross
2025-03-05 11:41 ` Borislav Petkov
2025-03-05 11:48 ` Jürgen Groß
2025-03-05 11:53 ` Borislav Petkov
2025-03-05 11:42 ` Ingo Molnar [this message]
2025-03-05 11:50 ` Borislav Petkov
2025-03-05 13:56 ` Joerg Roedel
2025-03-05 15:37 ` Borislav Petkov
2025-03-05 16:37 ` Dave Hansen
2025-03-05 16:40 ` Dave Hansen
2025-03-05 16:55 ` Borislav Petkov
2025-03-05 17:09 ` Dave Hansen
2025-03-05 17:51 ` Joerg Roedel
2025-03-05 20:07 ` Borislav Petkov
2025-03-06 8:01 ` Kirill A. Shutemov
2025-03-06 8:38 ` Joerg Roedel
2025-03-06 10:31 ` Borislav Petkov
2025-03-06 13:36 ` Kirill A. Shutemov
2025-03-06 13:56 ` Borislav Petkov
2025-03-06 10:37 ` Alexey Gladkov (Intel)
2025-03-10 10:28 ` Joerg Roedel
2025-03-10 11:02 ` Borislav Petkov
2025-03-10 12:46 ` Joerg Roedel
2025-03-10 13:36 ` Borislav Petkov
2025-03-10 11:24 ` Alexey Gladkov
2025-03-10 12:28 ` Juergen Gross
2025-03-10 12:35 ` Joerg Roedel
2025-03-10 12:49 ` Juergen Gross
2025-03-10 13:38 ` Borislav Petkov
2025-03-10 14:39 ` Tom Lendacky
2025-03-10 14:50 ` Alexey Gladkov
2025-03-10 15:11 ` Borislav Petkov
2025-03-10 15:33 ` Jürgen Groß
2025-03-10 15:41 ` Borislav Petkov
2025-03-10 15:50 ` Alexey Gladkov
2025-03-10 15:43 ` Alexey Gladkov
2025-03-10 15:52 ` Juergen Gross
2025-03-10 15:55 ` Borislav Petkov
2025-03-10 16:00 ` Juergen Gross
2025-03-10 16:06 ` Borislav Petkov
2025-03-10 16:23 ` Jürgen Groß
2025-03-10 16:05 ` Alexey Gladkov
2025-03-11 9:43 ` Joerg Roedel
2025-03-11 10:22 ` Jürgen Groß
2025-03-11 11:07 ` Borislav Petkov
2025-03-11 11:14 ` Juergen Gross
2025-03-11 18:24 ` Alexey Gladkov
2025-03-11 18:40 ` Joerg Roedel
2025-03-11 20:37 ` Alexey Gladkov
2025-03-12 7:19 ` Kirill A. Shutemov
2025-03-12 8:23 ` Joerg Roedel
2025-03-12 8:48 ` Kirill A. Shutemov
2025-03-12 9:07 ` Joerg Roedel
2025-03-12 10:59 ` Kirill A. Shutemov
2025-03-12 11:44 ` Joerg Roedel
2025-03-11 18:13 ` Alexey Gladkov
2025-03-05 13:50 ` Joerg Roedel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z8g4sU_dsZgY0PuS@gmail.com \
--to=mingo@kernel.org \
--cc=Larry.Dewey@amd.com \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=joro@8bytes.org \
--cc=jroedel@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=nikunj@amd.com \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.