On 27/08/2019 11:44, Andrew Cooper wrote: >> I was also uncertain about the new cache_flush_permitted() instance - >> generally I think it wouldn't be too bad if we allowed line flushes in >> all cases, in which case the checks in the ->wbinvd_intercept() handlers >> would suffice (as they did until now). > This is a more general issue which we need to address. To support > encrypted memory in VM's, we must guarantee that WC mappings which the > guest creates are really WC, which means we must not use IPAT or play > any "fall back to WB" games. > > Furthermore, AMD's encrypt-in-place algorithm requires the guest to be > able to use WBINVD.
Apologies. AMD's algorithm requires aliased WP and WB mappings, not WC. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
