On Wed, 30 Nov 2022, Dan Williams wrote:
Davidlohr Bueso wrote:
On Wed, 30 Nov 2022, Dave Jiang wrote:
>Bypass cpu_cache_invalidate_memregion() and checks when doing testing
>using CONFIG_NVDIMM_SECURITY_TEST flag. The bypass allows testing on
>QEMU where cpu_cache_has_invalidate_memregion() fails. Usage of
>cpu_cache_invalidate_memregion() is not needed for cxl_test security
>testing.
We'll also want something similar for the non-pmem specific security
bits
Wait, you expect someone is going to build a device *with* security
commands but *without* pmem? In the volatile case the device can just
secure erase itself without user intervention every time power is
removed, no need for explicit user action to trigger that. So the
data-at-rest security argument goes away with a pure volatile device,
no?
Well the spec explicitly states that sanitation can be done to volatile
capacity devices, which makes me think the use case for this would not
require rebooting.
Thanks,
Davidlohr
