[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [for-6.0 v5 03/13] securable guest memory: Handle memory encryption
|
From: |
David Gibson |
|
Subject: |
Re: [for-6.0 v5 03/13] securable guest memory: Handle memory encryption via interface |
|
Date: |
Tue, 12 Jan 2021 14:49:35 +1100 |
On Fri, Dec 04, 2020 at 02:10:05PM +0100, Cornelia Huck wrote:
> On Fri, 4 Dec 2020 16:44:05 +1100
> David Gibson <david@gibson.dropbear.id.au> wrote:
>
> > At the moment AMD SEV sets a special function pointer, plus an opaque
> > handle in KVMState to let things know how to encrypt guest memory.
> >
> > Now that we have a QOM interface for handling things related to securable
> > guest memory, use a QOM method on that interface, rather than a bare
> > function pointer for this.
> >
> > Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
> > Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
> > ---
> > accel/kvm/kvm-all.c | 36 +++++---
> > accel/kvm/sev-stub.c | 9 +-
> > include/exec/securable-guest-memory.h | 2 +
> > include/sysemu/sev.h | 5 +-
> > target/i386/monitor.c | 1 -
> > target/i386/sev.c | 116 ++++++++++----------------
> > 6 files changed, 77 insertions(+), 92 deletions(-)
> >
>
> > @@ -224,7 +224,7 @@ int kvm_get_max_memslots(void)
> >
> > bool kvm_memcrypt_enabled(void)
> > {
> > - if (kvm_state && kvm_state->memcrypt_handle) {
> > + if (kvm_state && kvm_state->sgm) {
>
> If we want to generalize the concept, maybe check for encrypt_data in
> sgm here? There's probably room for different callbacks in the sgm
> structure.
Actually, I've realised this isn't even as general as it pretends to
be now, so I've taken a different approach for the next spin.
>
> > return true;
> > }
> >
>
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
signature.asc
Description: PGP signature