[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption prope
From: |
Daniel P . Berrangé |
Subject: |
Re: [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption property |
Date: |
Thu, 8 Mar 2018 16:43:41 +0000 |
User-agent: |
Mutt/1.9.2 (2017-12-15) |
Nitpick: the subject makes it seem like you're adding
"-memory-encryption" as a CLI arg, but actually its
adding support for 'memory-encryption=$VAL' property
to the '-machine' CLI arg.
Sufficient to just s/-memory-encryption/"memory-encryption"/
On Thu, Mar 08, 2018 at 06:48:38AM -0600, Brijesh Singh wrote:
> When CPU supports memory encryption feature, the property can be used to
> specify the encryption object to use when launching an encrypted guest.
>
> Cc: Paolo Bonzini <address@hidden>
> Cc: Eduardo Habkost <address@hidden>
> Cc: Marcel Apfelbaum <address@hidden>
> Cc: Stefan Hajnoczi <address@hidden>
> Signed-off-by: Brijesh Singh <address@hidden>
> ---
> hw/core/machine.c | 22 ++++++++++++++++++++++
> include/hw/boards.h | 1 +
> qemu-options.hx | 5 ++++-
> 3 files changed, 27 insertions(+), 1 deletion(-)
>
> diff --git a/hw/core/machine.c b/hw/core/machine.c
> index 5e2bbcdacedb..2040177664d5 100644
> --- a/hw/core/machine.c
> +++ b/hw/core/machine.c
> @@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object
> *obj, Error **errp)
> return ms->enforce_config_section;
> }
>
> +static char *machine_get_memory_encryption(Object *obj, Error **errp)
> +{
> + MachineState *ms = MACHINE(obj);
> +
> + return g_strdup(ms->memory_encryption);
> +}
> +
> +static void machine_set_memory_encryption(Object *obj, const char *value,
> + Error **errp)
> +{
> + MachineState *ms = MACHINE(obj);
> +
> + g_free(ms->memory_encryption);
> + ms->memory_encryption = g_strdup(value);
> +}
> +
> void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char
> *type)
> {
> strList *item = g_new0(strList, 1);
> @@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void
> *data)
> &error_abort);
> object_class_property_set_description(oc, "enforce-config-section",
> "Set on to enforce configuration section migration", &error_abort);
> +
> + object_class_property_add_str(oc, "memory-encryption",
> + machine_get_memory_encryption, machine_set_memory_encryption,
> + &error_abort);
> + object_class_property_set_description(oc, "memory-encryption",
> + "Set memory encyption object to use", &error_abort);
> }
>
> static void machine_class_base_init(ObjectClass *oc, void *data)
> diff --git a/include/hw/boards.h b/include/hw/boards.h
> index efb0a9edfdf1..8ce9a7a21d3d 100644
> --- a/include/hw/boards.h
> +++ b/include/hw/boards.h
> @@ -243,6 +243,7 @@ struct MachineState {
> bool suppress_vmdesc;
> bool enforce_config_section;
> bool enable_graphics;
> + char *memory_encryption;
>
> ram_addr_t ram_size;
> ram_addr_t maxram_size;
> diff --git a/qemu-options.hx b/qemu-options.hx
> index 6585058c6cde..4c280142c52c 100644
> --- a/qemu-options.hx
> +++ b/qemu-options.hx
> @@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
> " suppress-vmdesc=on|off disables self-describing
> migration (default=off)\n"
> " nvdimm=on|off controls NVDIMM support (default=off)\n"
> " enforce-config-section=on|off enforce configuration
> section migration (default=off)\n"
> - " s390-squash-mcss=on|off (deprecated) controls support
> for squashing into default css (default=off)\n",
> + " s390-squash-mcss=on|off (deprecated) controls support
> for squashing into default css (default=off)\n"
> + " address@hidden memory encryption object to use
> (default=none)\n",
> QEMU_ARCH_ALL)
> STEXI
> @item -machine address@hidden,address@hidden,...]]
> @@ -110,6 +111,8 @@ code to send configuration section even if the
> machine-type sets the
> @option{migration.send-configuration} property to @var{off}.
> NOTE: this parameter is deprecated. Please use @option{-global}
> @address@hidden|off} instead.
> address@hidden address@hidden
> +Memory encryption object to use. The default is none.
> @end table
> ETEXI
>
> --
> 2.14.3
>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
- [Qemu-devel] [PATCH v12 00/28] x86: Secure Encrypted Virtualization (AMD), Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 02/28] exec: add ram_debug_ops support, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 03/28] exec: add debug version of physical memory read and write API, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 01/28] memattrs: add debug attribute, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 04/28] monitor/i386: use debug APIs when accessing guest memory, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption property, Brijesh Singh, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption property,
Daniel P . Berrangé <=
- [Qemu-devel] [PATCH v12 06/28] kvm: update kvm.h to include memory encryption ioctls, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 07/28] docs: add AMD Secure Encrypted Virtualization (SEV), Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Brijesh Singh, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Daniel P . Berrangé, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Brijesh Singh, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Paolo Bonzini, 2018/03/13
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/13
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Paolo Bonzini, 2018/03/13
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/13