On 07/17/2018 04:20 AM, Kirill A. Shutemov wrote: > Pages encrypted with different encryption keys are not allowed to be > merged by KSM. Otherwise it would cross security boundary. Let's say I'm using plain AES (not AES-XTS). I use the same key in two keyid slots. I map a page with the first keyid and another with the other keyid. Won't they have the same cipertext? Why shouldn't we KSM them?
