On Wed, Jul 18, 2018 at 10:38:27AM -0700, Dave Hansen wrote:
On 07/17/2018 04:20 AM, Kirill A. Shutemov wrote:
quoted
Pages encrypted with different encryption keys are not allowed to be
merged by KSM. Otherwise it would cross security boundary.
Let's say I'm using plain AES (not AES-XTS). I use the same key in two
keyid slots. I map a page with the first keyid and another with the
other keyid.
Won't they have the same cipertext? Why shouldn't we KSM them?
We compare plain text, not ciphertext. And for good reason.
Comparing ciphertext would only make KSM successful for AES-ECB that
doesn't dependent on physical address of the page.
MKTME only supports AES-XTS (no plans to support AES-ECB). It effectively
disables KSM if we go with comparing ciphertext.
--
Kirill A. Shutemov