Re: [RFC] /dev/ioasid uAPI proposal

From: Paolo Bonzini
Date: Mon Jun 07 2021 - 02:51:57 EST

On 07/06/21 05:25, Tian, Kevin wrote:
Per Intel SDM wbinvd is a privileged instruction. A process on the
host has no privilege to execute it.

(Half of) the point of the kernel is to do privileged tasks on the processes' behalf. There are good reasons why a process that uses VFIO (without KVM) could want to use wbinvd, so VFIO lets them do it with a ioctl and adequate checks around the operation.