[RFC 10/12] x86/pconfig: Program memory encryption keys on a system-wide basis

Sakkinen, Jarkko jarkko.sakkinen at intel.com
Mon Sep 10 18:24:20 UTC 2018


On Fri, 2018-09-07 at 15:38 -0700, Alison Schofield wrote:
> The kernel manages the MKTME (Multi-Key Total Memory Encryption) Keys
> as a system wide single pool of keys. The hardware, however, manages
> the keys on a per physical package basis. Each physical package
> maintains a key table that all CPU's in that package share.
> 
> In order to maintain the consistent, system wide view that the kernel
> requires, program all physical packages during a key program request.
> 
> Signed-off-by: Alison Schofield <alison.schofield at intel.com>

Just kind of checking that are you talking about multiple cores in
a single package or really multiple packages?

/Jarkko



More information about the Linux-security-module-archive mailing list