On 07/06/21 05:25, Tian, Kevin wrote:
Per Intel SDM wbinvd is a privileged instruction. A process on the host has no privilege to execute it.
(Half of) the point of the kernel is to do privileged tasks on the processes' behalf. There are good reasons why a process that uses VFIO (without KVM) could want to use wbinvd, so VFIO lets them do it with a ioctl and adequate checks around the operation.
Paolo