Re: [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption prope

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption prope

From:	Daniel P . Berrangé
Subject:	Re: [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption property
Date:	Thu, 8 Mar 2018 16:43:41 +0000
User-agent:	Mutt/1.9.2 (2017-12-15)

Nitpick: the subject makes it seem like you're adding
"-memory-encryption" as a CLI arg, but actually its
adding support for  'memory-encryption=$VAL' property
to the '-machine' CLI arg.

Sufficient to just   s/-memory-encryption/"memory-encryption"/

On Thu, Mar 08, 2018 at 06:48:38AM -0600, Brijesh Singh wrote:
> When CPU supports memory encryption feature, the property can be used to
> specify the encryption object to use when launching an encrypted guest.
> 
> Cc: Paolo Bonzini <address@hidden>
> Cc: Eduardo Habkost <address@hidden>
> Cc: Marcel Apfelbaum <address@hidden>
> Cc: Stefan Hajnoczi <address@hidden>
> Signed-off-by: Brijesh Singh <address@hidden>
> ---
>  hw/core/machine.c   | 22 ++++++++++++++++++++++
>  include/hw/boards.h |  1 +
>  qemu-options.hx     |  5 ++++-
>  3 files changed, 27 insertions(+), 1 deletion(-)
> 
> diff --git a/hw/core/machine.c b/hw/core/machine.c
> index 5e2bbcdacedb..2040177664d5 100644
> --- a/hw/core/machine.c
> +++ b/hw/core/machine.c
> @@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object 
> *obj, Error **errp)
>      return ms->enforce_config_section;
>  }
>  
> +static char *machine_get_memory_encryption(Object *obj, Error **errp)
> +{
> +    MachineState *ms = MACHINE(obj);
> +
> +    return g_strdup(ms->memory_encryption);
> +}
> +
> +static void machine_set_memory_encryption(Object *obj, const char *value,
> +                                        Error **errp)
> +{
> +    MachineState *ms = MACHINE(obj);
> +
> +    g_free(ms->memory_encryption);
> +    ms->memory_encryption = g_strdup(value);
> +}
> +
>  void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char 
> *type)
>  {
>      strList *item = g_new0(strList, 1);
> @@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void 
> *data)
>          &error_abort);
>      object_class_property_set_description(oc, "enforce-config-section",
>          "Set on to enforce configuration section migration", &error_abort);
> +
> +    object_class_property_add_str(oc, "memory-encryption",
> +        machine_get_memory_encryption, machine_set_memory_encryption,
> +        &error_abort);
> +    object_class_property_set_description(oc, "memory-encryption",
> +        "Set memory encyption object to use", &error_abort);
>  }
>  
>  static void machine_class_base_init(ObjectClass *oc, void *data)
> diff --git a/include/hw/boards.h b/include/hw/boards.h
> index efb0a9edfdf1..8ce9a7a21d3d 100644
> --- a/include/hw/boards.h
> +++ b/include/hw/boards.h
> @@ -243,6 +243,7 @@ struct MachineState {
>      bool suppress_vmdesc;
>      bool enforce_config_section;
>      bool enable_graphics;
> +    char *memory_encryption;
>  
>      ram_addr_t ram_size;
>      ram_addr_t maxram_size;
> diff --git a/qemu-options.hx b/qemu-options.hx
> index 6585058c6cde..4c280142c52c 100644
> --- a/qemu-options.hx
> +++ b/qemu-options.hx
> @@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
>      "                suppress-vmdesc=on|off disables self-describing 
> migration (default=off)\n"
>      "                nvdimm=on|off controls NVDIMM support (default=off)\n"
>      "                enforce-config-section=on|off enforce configuration 
> section migration (default=off)\n"
> -    "                s390-squash-mcss=on|off (deprecated) controls support 
> for squashing into default css (default=off)\n",
> +    "                s390-squash-mcss=on|off (deprecated) controls support 
> for squashing into default css (default=off)\n"
> +    "                address@hidden memory encryption object to use 
> (default=none)\n",
>      QEMU_ARCH_ALL)
>  STEXI
>  @item -machine address@hidden,address@hidden,...]]
> @@ -110,6 +111,8 @@ code to send configuration section even if the 
> machine-type sets the
>  @option{migration.send-configuration} property to @var{off}.
>  NOTE: this parameter is deprecated. Please use @option{-global}
>  @address@hidden|off} instead.
> address@hidden address@hidden
> +Memory encryption object to use. The default is none.
>  @end table
>  ETEXI
>  
> -- 
> 2.14.3
> 

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH v12 00/28] x86: Secure Encrypted Virtualization (AMD), Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 02/28] exec: add ram_debug_ops support, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 03/28] exec: add debug version of physical memory read and write API, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 01/28] memattrs: add debug attribute, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 04/28] monitor/i386: use debug APIs when accessing guest memory, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption property, Brijesh Singh, 2018/03/08
  - Re: [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption property, Daniel P . Berrangé <=
- [Qemu-devel] [PATCH v12 06/28] kvm: update kvm.h to include memory encryption ioctls, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 07/28] docs: add AMD Secure Encrypted Virtualization (SEV), Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Brijesh Singh, 2018/03/08
  - Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Daniel P . Berrangé, 2018/03/08
    - Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Brijesh Singh, 2018/03/08
    - Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/08
    - Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Paolo Bonzini, 2018/03/13
    - Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/13
    - Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Paolo Bonzini, 2018/03/13
    - Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/13

Prev by Date: Re: [Qemu-devel] [edk2] [PATCH v2 4/8] ovmf: simplify SecurityStubDxe.inf inclusion
Next by Date: Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object
Previous by thread: [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption property
Next by thread: [Qemu-devel] [PATCH v12 06/28] kvm: update kvm.h to include memory encryption ioctls
Index(es):
- Date
- Thread