[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Vir
From: |
Eduardo Habkost |
Subject: |
Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object |
Date: |
Tue, 13 Mar 2018 15:49:50 -0300 |
User-agent: |
Mutt/1.9.2 (2017-12-15) |
On Tue, Mar 13, 2018 at 09:42:51AM +0100, Paolo Bonzini wrote:
> On 08/03/2018 23:44, Eduardo Habkost wrote:
> >> I think doing so will be an issue for the migration. Consider your above
> >> use case, a SEV guest is running on EPYC with cbitpos=47 and if we
> >> migrate to some $NEXT AMD CPU which uses need to use cbitpos=48 and we
> >> will fail to resume the guest on destination after migrating.
> >
> > Exactly, in other words these two options are part of the guest
> > ABI, and QEMU promises to never make the guest ABI depend on the
> > host hardware unless you're using "-cpu host".
>
> This is not entirely true; while MAXPHYADDR is constant downstream
> unless using "-cpu host", in practice that behavior is wrong and a guest
> could misbehave if passed a MAXPHYADDR that is different from the host's.
>
> I think this is the same, and management software will have to live with it.
>
I think they are very far from being equivalent.
In practice guests don't seem to mind if we don't perfectly
emulate behavior that depend on MAXPHYADDR, and live-migration
between hosts with different MAXPHYADDR works.
But if you tell the guest the wrong C-bit location, guests are
likely to rely on it and break. Migration between hosts with
different C-bit locations won't work, will it?
--
Eduardo
- [Qemu-devel] [PATCH v12 04/28] monitor/i386: use debug APIs when accessing guest memory, (continued)
- [Qemu-devel] [PATCH v12 04/28] monitor/i386: use debug APIs when accessing guest memory, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 05/28] machine: add -memory-encryption property, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 06/28] kvm: update kvm.h to include memory encryption ioctls, Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 07/28] docs: add AMD Secure Encrypted Virtualization (SEV), Brijesh Singh, 2018/03/08
- [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Brijesh Singh, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Daniel P . Berrangé, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Brijesh Singh, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/08
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Paolo Bonzini, 2018/03/13
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object,
Eduardo Habkost <=
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Paolo Bonzini, 2018/03/13
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Eduardo Habkost, 2018/03/13
- Re: [Qemu-devel] [PATCH v12 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Dr. David Alan Gilbert, 2018/03/13
[Qemu-devel] [PATCH v12 09/28] qmp: add query-sev command, Brijesh Singh, 2018/03/08
[Qemu-devel] [PATCH v12 10/28] include: add psp-sev.h header file, Brijesh Singh, 2018/03/08
[Qemu-devel] [PATCH v12 12/28] sev/i386: register the guest memory range which may contain encrypted data, Brijesh Singh, 2018/03/08