[PULL v9 11/13] spapr: PEF: prevent migration

qemu-s390x

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PULL v9 11/13] spapr: PEF: prevent migration

From:	David Gibson
Subject:	[PULL v9 11/13] spapr: PEF: prevent migration
Date:	Mon, 8 Feb 2021 17:05:36 +1100

We haven't yet implemented the fairly involved handshaking that will be
needed to migrate PEF protected guests.  For now, just use a migration
blocker so we get a meaningful error if someone attempts this (this is the
same approach used by AMD SEV).

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
---
 hw/ppc/pef.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/hw/ppc/pef.c b/hw/ppc/pef.c
index f9fd1f2a71..573be3ed79 100644
--- a/hw/ppc/pef.c
+++ b/hw/ppc/pef.c
@@ -44,6 +44,8 @@ struct PefGuest {
 static int kvmppc_svm_init(Error **errp)
 {
 #ifdef CONFIG_KVM
+    static Error *pef_mig_blocker;
+
     if (!kvm_check_extension(kvm_state, KVM_CAP_PPC_SECURE_GUEST)) {
         error_setg(errp,
                    "KVM implementation does not support Secure VMs (is an 
ultravisor running?)");
@@ -58,6 +60,11 @@ static int kvmppc_svm_init(Error **errp)
         }
     }
 
+    /* add migration blocker */
+    error_setg(&pef_mig_blocker, "PEF: Migration is not implemented");
+    /* NB: This can fail if --only-migratable is used */
+    migrate_add_blocker(pef_mig_blocker, &error_fatal);
+
     return 0;
 #else
     g_assert_not_reached();
-- 
2.29.2

[Prev in Thread]

Current Thread

[Next in Thread]

[PULL v9 00/13] Cgs patches, David Gibson, 2021/02/08
- [PULL v9 04/13] confidential guest support: Move side effect out of machine_set_memory_encryption(), David Gibson, 2021/02/08
- [PULL v9 02/13] confidential guest support: Introduce new confidential guest support class, David Gibson, 2021/02/08
- [PULL v9 01/13] qom: Allow optional sugar props, David Gibson, 2021/02/08
- [PULL v9 03/13] sev: Remove false abstraction of flash encryption, David Gibson, 2021/02/08
- [PULL v9 06/13] sev: Add Error ** to sev_kvm_init(), David Gibson, 2021/02/08
- [PULL v9 05/13] confidential guest support: Rework the "memory-encryption" property, David Gibson, 2021/02/08
- [PULL v9 09/13] confidential guest support: Update documentation, David Gibson, 2021/02/08
- [PULL v9 12/13] confidential guest support: Alter virtio default properties for protected guests, David Gibson, 2021/02/08
- [PULL v9 11/13] spapr: PEF: prevent migration, David Gibson <=
- [PULL v9 13/13] s390: Recognize confidential-guest-support option, David Gibson, 2021/02/08
- [PULL v9 10/13] spapr: Add PEF based confidential guest support, David Gibson, 2021/02/08
- [PULL v9 08/13] confidential guest support: Move SEV initialization into arch specific code, David Gibson, 2021/02/08
- [PULL v9 07/13] confidential guest support: Introduce cgs "ready" flag, David Gibson, 2021/02/08
- Re: [PULL v9 00/13] Cgs patches, Peter Maydell, 2021/02/08
- [PULL v9 00/13] Cgs patches, David Gibson, 2021/02/08
  - [PULL v9 03/13] sev: Remove false abstraction of flash encryption, David Gibson, 2021/02/08
  - [PULL v9 04/13] confidential guest support: Move side effect out of machine_set_memory_encryption(), David Gibson, 2021/02/08
  - [PULL v9 02/13] confidential guest support: Introduce new confidential guest support class, David Gibson, 2021/02/08
  - [PULL v9 05/13] confidential guest support: Rework the "memory-encryption" property, David Gibson, 2021/02/08

Prev by Date: [PULL v9 12/13] confidential guest support: Alter virtio default properties for protected guests
Next by Date: [PULL v9 13/13] s390: Recognize confidential-guest-support option
Previous by thread: [PULL v9 12/13] confidential guest support: Alter virtio default properties for protected guests
Next by thread: [PULL v9 13/13] s390: Recognize confidential-guest-support option
Index(es):
- Date
- Thread