[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Vir
From: |
Paolo Bonzini |
Subject: |
Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object |
Date: |
Tue, 13 Mar 2018 09:42:51 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 |
On 08/03/2018 23:44, Eduardo Habkost wrote:
>> I think doing so will be an issue for the migration. Consider your above
>> use case, a SEV guest is running on EPYC with cbitpos=47 and if we
>> migrate to some $NEXT AMD CPU which uses need to use cbitpos=48 and we
>> will fail to resume the guest on destination after migrating.
>
> Exactly, in other words these two options are part of the guest
> ABI, and QEMU promises to never make the guest ABI depend on the
> host hardware unless you're using "-cpu host".
This is not entirely true; while MAXPHYADDR is constant downstream
unless using "-cpu host", in practice that behavior is wrong and a guest
could misbehave if passed a MAXPHYADDR that is different from the host's.
I think this is the same, and management software will have to live with it.
Paolo
> In theory we could make QEMU choose the right values
> automatically if we document very clearly that the default
> behavior is unsafe. But I would rather not take that risk and
> force management software to be aware of the gotchas involved in
> using SEV + live-migration.
- [Qemu-devel] [PATCH v12 01/28] memattrs: add debug attribute, (continued)
- [Qemu-devel] [PATCH v12 01/28] memattrs: add debug attribute, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 04/28] monitor/i386: use debug APIs when accessing guest memory, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption property, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 06/28] kvm: update kvm.h to include memory encryption ioctls, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 07/28] docs: add AMD Secure Encrypted Virtualization (SEV), Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Brijesh Singh, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Daniel P . Berrangé, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Brijesh Singh, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object,
Paolo Bonzini <=
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/13
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Paolo Bonzini, 2018/03/13
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/13
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Dr. David Alan Gilbert, 2018/03/13
[Qemu-devel] [PATCH v12 09/28] qmp: add query-sev command, Brijesh Singh, 2018/03/08
[Qemu-devel] [PATCH v12 10/28] include: add psp-sev.h header file, Brijesh Singh, 2018/03/08