LWN: Comments on "A proposed API for full-memory encryption"

Request : How to test Total memory enrcyption feature in Latest Ubuntu OS (22.04)

Sridha — Fri, 21 Oct 2022 01:25:07 +0000

Hi
Any can help to me for TME testing.

How to test Total memory enrcyption feature in Latest Ubuntu OS (22.04)

Thanks /Sridhar

A proposed API for full-memory encryption

judas_iscariote — Thu, 02 May 2019 14:19:23 +0000

Why they will even bother with this ? there are gazillions of bugs more easily exploited !

A proposed API for full-memory encryption

timmu_india — Fri, 01 Feb 2019 16:07:01 +0000

Does Intel Management Engine has visibility to the encryption steps that happens inside CPU? IME is a huge security hole already.

A proposed API for full-memory encryption

jlarrew — Thu, 31 Jan 2019 18:46:32 +0000

The EPYC server line from AMD does inline AES encryption for the cross-socket links.

A proposed API for full-memory encryption

flussence — Sun, 27 Jan 2019 01:20:48 +0000

It's needed for ACPI suspend.

A proposed API for full-memory encryption

biergaizi — Sat, 26 Jan 2019 19:35:39 +0000

This should eventually fix the cold-boot attack.

A proposed API for full-memory encryption

james — Wed, 23 Jan 2019 17:31:28 +0000

The Real World Tech forums debated inter-socket encryption last month.

As usual with forums, it's difficult to ensure posters are who they say they are, but someone calling himself Aaron Spink said:

The simple reality is that you aren't going to MitM any high speed link without a custom board and multiple millions of dollars of large bulky equipment. You can't just put some contacts onto the board and get a viable working signal.

and

AFAIK, no one actually does link level encryption in the field currently for a variety of reasons (not the least of which is that end to end is much simpler and robust).

Presumably, the point is that modern point-to-point high speed connections are designed to run as fast as possible over as few wires as possible. A third device on the link would change the electrical characteristics to the point that the link just wouldn't work -- if it didn't, the link isn't going fast enough.

A proposed API for full-memory encryption

Paf — Wed, 23 Jan 2019 13:55:05 +0000

So, physical intrusion. Ok! I was concerned as I can’t think of any software level stuff for this, and this makes more sense.

A proposed API for full-memory encryption

zdzichu — Wed, 23 Jan 2019 06:34:18 +0000

15 years ago, Microsoft Xbox console was hacked by sniffing traffic on memory bus.

A proposed API for full-memory encryption

Paf — Wed, 23 Jan 2019 03:53:37 +0000

Why, though? What potential exploit(s) does that cover?

A proposed API for full-memory encryption

luto — Wed, 23 Jan 2019 00:30:30 +0000

I hope that SGX protects coherency traffic between sockets.

A proposed API for full-memory encryption

sbates — Tue, 22 Jan 2019 18:52:45 +0000

The encryption hardware discussed in this article is integrated into the memory controller(s). So it only affects data as it leaves the coherent bus and heads out to off-chip memory (typically DRAM). This serves two purposes.

1. No plaintext on the DDR bus. Though I’d argue if a black hat has physical access to your DDR bus you have bigger problems ;-).

2. Assuming different keys for each process (or VM) leaking memory from one process to another does not reveal user data.

For inter-SMP buses only 1 is an issue. So I’d argue it’s less critical to encrypt the chip to chip busses than the chip to memory busses. Now I’d argue this holds less and less as these busses scale out so things like OpenGenCCIX might need encryption...

A proposed API for full-memory encryption

Paf — Tue, 22 Jan 2019 16:56:07 +0000

I'm also not sure I see the point of encrypting cross-socket communications. What is that supposed to protect against?

A proposed API for full-memory encryption

kiryl — Tue, 22 Jan 2019 12:39:56 +0000

MKTME encryption doesn't cover any traffic within socket or between them. It's all plain text. Only traffic to/from memory is encrypted.

A proposed API for full-memory encryption

naptastic — Mon, 21 Jan 2019 14:55:06 +0000

I've never physically removed a CPU from a running system, but I've used CPU hotplugging as a heavy-handed power/thermal management tool before.

A proposed API for full-memory encryption

janfrode — Sun, 20 Jan 2019 22:07:01 +0000

Switching between SMT modes on Power8/9 is probably a form of CPU hotplugging, and it’s very common to do on job setup in HPC.

A proposed API for full-memory encryption

jcm — Sun, 20 Jan 2019 20:42:17 +0000

Anyone able to confirm if the solutions out there currently encrypt all coherency traffic between sockets as well? They certainly should but I'm not certain the initial generations do that.

A proposed API for full-memory encryption

Freeaqingme — Sun, 20 Jan 2019 16:15:21 +0000

I wonder how widespread the use of CPU hotplugging is, especially on bare metal. I've always seen it as a rather obscure use case that perhaps occasionally used in mainframes or something. If that's the case, one could simply say that at first memory encryption is not supported when cpu hotplugging is enabled.

But perhaps my idea of the popularity of the cpu hotplugging functionality is wrong?

A proposed API for full-memory encryption

khim — Sat, 19 Jan 2019 02:31:40 +0000

Is kernel actually secure enough to warrant plugging them in? Historically all OSes were buggy enough that it was simpler and cheaper to just look for holes left by developers.

A proposed API for full-memory encryption

jdulaney — Sat, 19 Jan 2019 01:08:52 +0000

I wonder how long it will take to find the various government backdoors.