Re: [for-6.0 v5 03/13] securable guest memory: Handle memory encryption

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [for-6.0 v5 03/13] securable guest memory: Handle memory encryption

From:	Cornelia Huck
Subject:	Re: [for-6.0 v5 03/13] securable guest memory: Handle memory encryption via interface
Date:	Fri, 4 Dec 2020 14:10:05 +0100

On Fri,  4 Dec 2020 16:44:05 +1100
David Gibson <david@gibson.dropbear.id.au> wrote:

> At the moment AMD SEV sets a special function pointer, plus an opaque
> handle in KVMState to let things know how to encrypt guest memory.
> 
> Now that we have a QOM interface for handling things related to securable
> guest memory, use a QOM method on that interface, rather than a bare
> function pointer for this.
> 
> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>  accel/kvm/kvm-all.c                   |  36 +++++---
>  accel/kvm/sev-stub.c                  |   9 +-
>  include/exec/securable-guest-memory.h |   2 +
>  include/sysemu/sev.h                  |   5 +-
>  target/i386/monitor.c                 |   1 -
>  target/i386/sev.c                     | 116 ++++++++++----------------
>  6 files changed, 77 insertions(+), 92 deletions(-)
> 

> @@ -224,7 +224,7 @@ int kvm_get_max_memslots(void)
>  
>  bool kvm_memcrypt_enabled(void)
>  {
> -    if (kvm_state && kvm_state->memcrypt_handle) {
> +    if (kvm_state && kvm_state->sgm) {

If we want to generalize the concept, maybe check for encrypt_data in
sgm here? There's probably room for different callbacks in the sgm
structure.

>          return true;
>      }
>

[Prev in Thread]

Current Thread

[Next in Thread]

[for-6.0 v5 00/13] Generalize memory encryption models, David Gibson, 2020/12/04
- [for-6.0 v5 04/13] securable guest memory: Move side effect out of machine_set_memory_encryption(), David Gibson, 2020/12/04
- [for-6.0 v5 02/13] securable guest memory: Introduce new securable guest memory base class, David Gibson, 2020/12/04
- [for-6.0 v5 01/13] qom: Allow optional sugar props, David Gibson, 2020/12/04
  - Re: [for-6.0 v5 01/13] qom: Allow optional sugar props, Cornelia Huck, 2020/12/04
  - Re: [for-6.0 v5 01/13] qom: Allow optional sugar props, Eduardo Habkost, 2020/12/14
- [for-6.0 v5 03/13] securable guest memory: Handle memory encryption via interface, David Gibson, 2020/12/04
  - Re: [for-6.0 v5 03/13] securable guest memory: Handle memory encryption via interface, Cornelia Huck <=
- [for-6.0 v5 08/13] securable guest memory: Introduce sgm "ready" flag, David Gibson, 2020/12/04
  - Re: [for-6.0 v5 08/13] securable guest memory: Introduce sgm "ready" flag, Cornelia Huck, 2020/12/14
    - Re: [for-6.0 v5 08/13] securable guest memory: Introduce sgm "ready" flag, David Gibson, 2020/12/17
    - Re: [for-6.0 v5 08/13] securable guest memory: Introduce sgm "ready" flag, Cornelia Huck, 2020/12/17
- [for-6.0 v5 06/13] securable guest memory: Decouple kvm_memcrypt_*() helpers from KVM, David Gibson, 2020/12/04
- [for-6.0 v5 11/13] spapr: PEF: prevent migration, David Gibson, 2020/12/04
  - Re: [for-6.0 v5 11/13] spapr: PEF: prevent migration, Cornelia Huck, 2020/12/14
    - Re: [for-6.0 v5 11/13] spapr: PEF: prevent migration, David Gibson, 2020/12/17
    - Re: [for-6.0 v5 11/13] spapr: PEF: prevent migration, Cornelia Huck, 2020/12/17
    - Re: [for-6.0 v5 11/13] spapr: PEF: prevent migration, Greg Kurz, 2020/12/17

Prev by Date: Re: [for-6.0 v5 00/13] Generalize memory encryption models
Next by Date: Re: [for-6.0 v5 00/13] Generalize memory encryption models
Previous by thread: [for-6.0 v5 03/13] securable guest memory: Handle memory encryption via interface
Next by thread: [for-6.0 v5 08/13] securable guest memory: Introduce sgm "ready" flag
Index(es):
- Date
- Thread