On 02/07/2018 04:59 AM, Kirill A. Shutemov wrote: > The patchset does some ground work for MKTME enabling: > - Adds two new cpufeatures: TME and PCONFIG; > - Detects if BIOS enabled TME and MKTME; > - Enumerates what PCONFIG targets are supported; > - Provides helper to program encryption keys into CPU; > > As part of TME enumeration we check of how many bits from physical address > are claimed for encryption key ID. This may be critical as we or guest VM > must not use these bits for physical address.
For this kind of stuff, I'd really appreciate if you included some high-level descriptions. I'd assume that a reviewer has no idea what PCONFIG or MKTME is. It would also be really nice to say which hardware will implement this. Is it in particular CPUs today, for instance?
