From owner-freebsd-security@freebsd.org Mon Jan 25 08:55:49 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 346664EF07F for ; Mon, 25 Jan 2021 08:55:49 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DPNxc3t1Xz3KbJ for ; Mon, 25 Jan 2021 08:55:48 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: by mail-ej1-x629.google.com with SMTP id 6so16888240ejz.5 for ; Mon, 25 Jan 2021 00:55:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=gFpu3xmh0aomukUBLcsOk8Tguh3iYXH/v1c7C4hnAYo=; b=rfAgcnBPdjOLLXwzRQH0bQHy9iPZIgLuN42zV+wYYIzm7+R//cV+ZfDG+GWwC9RbWE S1JXVcE6CqR8tamINaMcL0NeHS8BRjI0NHJqwDHvzwqGXuZ+NUt6s8AexRPb3t/oKdMZ WKhgiUFM0M5wvV0X1x5X8kXqUglp/Yh7vnLS51B4hDpu6n8WqsI/txBstSxZoGo3uxNq WPpcRmIsGbGvyJ36S5U4DHF5e9rvVpRKvWenLIoiVSpLOSRmfqcgKfuw8lIQ/vXcm3ZM ieGjW0vc8OIbc2e7QI27ZviUYyxpX8QFIFSqOLz10cQepTh63+Kcmu7n+BwJCQ/BM74w s/1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=gFpu3xmh0aomukUBLcsOk8Tguh3iYXH/v1c7C4hnAYo=; b=JRuJNkiMdr0+dhEFuAE0I7/xMu02OLQ6dYudZwcNfcHr0R4nLUZgpvtWbUsugp7mIV v7Hmh4z5Az2H/ulljdjgaSWrVxCRHZjK33Cd/ocybtqXrk2ToZYrRp3XnM+mVUhNX2mR kTx3Fk2xKcX24GhZuET42Linoh59J851szCeuBOzNcQqz0c7WfWrWwd3pUHMM/4VRibN kDi/f2bxH3HmzIILHnk20WQlQ9pfI3BbOzrnX11me23/R1SiOXiJiI156Nanq5nzshGX F3yk5/F4wTioB22TwxNgbSZZr8O7h2T88GZnkNQDqVb8si9pkK4NZO7oPTyBQzSxY8yT zpcQ== X-Gm-Message-State: AOAM530R0s9dlQISg9aiR0MLSYf78o3zEvdithL0OD/fNnFxY/edFHH1 kUfBqyJSp/QrMUzrgr7lVglo9QLw8X2xrbD8fz9EDgsZoKkqkQ== X-Google-Smtp-Source: ABdhPJyNHyBX12nflzV6cEv+0lygv+X+c028eT+WZ/XByxepbPdiwC9suSnGHqtZm131Xoi6Oalct7sWauIA9r9JNuo= X-Received: by 2002:a17:906:9401:: with SMTP id q1mr69909ejx.516.1611564946586; Mon, 25 Jan 2021 00:55:46 -0800 (PST) MIME-Version: 1.0 Received: by 2002:a54:3d8d:0:0:0:0:0 with HTTP; Mon, 25 Jan 2021 00:55:45 -0800 (PST) In-Reply-To: References: From: grarpamp Date: Mon, 25 Jan 2021 03:55:45 -0500 Message-ID: Subject: Re: AMD's memory encryption (aka SME) To: freebsd-security@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4DPNxc3t1Xz3KbJ X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=rfAgcnBP; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of grarpamp@gmail.com designates 2a00:1450:4864:20::629 as permitted sender) smtp.mailfrom=grarpamp@gmail.com X-Spamd-Result: default: False [-2.00 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::629:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::629:from:127.0.2.255]; NEURAL_SPAM_SHORT(1.00)[0.999]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::629:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jan 2021 08:55:49 -0000 > does anyone have an opinion on AMD's "Secure Memory Encryption"? This > transparently encrypts all/most RAM pages. > Looking at some tech docs, this seems fairly easy to implement. > I was wondering if someone has attempted that already, or knows of > reasons why not to. Consider applications to rowhammer, cold boot attacks, shared hosting, VM, poison, etc... there are papers on some use cases. AMD SME has some different levels with EPYC being full featured, TR and PRO differently, than even consumer cpu last. FreeBSD should also implement sysctl that writes random to all memory (even over kernel) just before halt / reboot call. Similar for unallocated upon sleep, upon alloc release, and as background scrub. User can already choose random upon alloc with malloc.conf but that is different than above. Also: memtest86[+] integration.