Linux 5.10 To Support AMD SME Hardware-Enforced Cache Coherency
Linux 5.10 is set to support a new feature of AMD Secure Memory Encryption (SME) as part of the Secure Encrypted Virtualization (SEV).
The new feature is supporting hardware-enforced cache coherency and is coming to Linux 5.10 via patches that have been worked on by an Oracle engineer. It's not clear what AMD EPYC CPUs support this hardware-enforced cache coherency as it's checking on a CPUID bit but given the timing it wouldn't be surprising if this is for the upcoming AMD EPYC Zen 3 processors.
On processors supporting this CPUID feature, there is guaranteed coherency between the encrypted/unencrypted mappings of the same physical page. Thus with this AMD hardware-enforced cache coherency there is no need to flush the page from all CPU caches in the system before changing the value of the C-bit for a page. Avoiding unnecessary cache flushes should help with performance albeit the patches don't detail any specific advantages and I haven't been able to find any public documentation this specific SME feature.
This patch adds the bits for "SME_COHERENT" feature while this followup patch ensures not to flush the cache if there is the hardware-enforced cache coherency across encryption domains. Both patches are queued as part of "x86/cpu" changes ahead of the Linux 5.10 merge window opening in October.
Add A Comment