[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC PATCH v4 07/20] kvm: add memory encryption api sup
From: |
Eduardo Habkost |
Subject: |
Re: [Qemu-devel] [RFC PATCH v4 07/20] kvm: add memory encryption api support |
Date: |
Wed, 8 Mar 2017 18:06:55 -0300 |
User-agent: |
Mutt/1.7.1 (2016-10-04) |
On Wed, Mar 08, 2017 at 03:52:26PM -0500, Brijesh Singh wrote:
> Add high level API's to provide guest memory encryption support.
>
> Signed-off-by: Brijesh Singh <address@hidden>
> ---
> include/sysemu/kvm.h | 7 +++++++
> kvm-all.c | 52
> ++++++++++++++++++++++++++++++++++++++++++++++++++
> kvm-stub.c | 31 ++++++++++++++++++++++++++++++
> 3 files changed, 90 insertions(+)
>
> diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h
> index 24281fc..6f88a06 100644
> --- a/include/sysemu/kvm.h
> +++ b/include/sysemu/kvm.h
> @@ -227,6 +227,13 @@ int kvm_init_vcpu(CPUState *cpu);
> int kvm_cpu_exec(CPUState *cpu);
> int kvm_destroy_vcpu(CPUState *cpu);
>
> +bool kvm_memcrypt_enabled(void);
> +void *kvm_memcrypt_get_handle(void);
> +void kvm_memcrypt_set_debug_ops(MemoryRegion *mr);
> +int kvm_memcrypt_create_launch_context(void);
> +int kvm_memcrypt_release_launch_context(void);
> +int kvm_memcrypt_encrypt_launch_data(uint8_t *ptr, uint64_t len);
Please document what the return value of those functions mean.
[...]
> +int kvm_memcrypt_create_launch_context(void)
> +{
> + if (kvm_state->create_launch_context) {
> + return kvm_state->create_launch_context(kvm_state->ehandle);
> + }
> +
> + return 1;
I suggest returning -ENOTSUP if not implemented.
> +}
> +
> +int kvm_memcrypt_release_launch_context(void)
> +{
> + if (kvm_state->release_launch_context) {
> + return kvm_state->release_launch_context(kvm_state->ehandle);
> + }
> +
> + return 1;
> +}
> +
> +int kvm_memcrypt_encrypt_launch_data(uint8_t *dst, uint64_t len)
> +{
> + if (kvm_state->encrypt_launch_data) {
> + return kvm_state->encrypt_launch_data(kvm_state->ehandle, dst, len);
> + }
> +
> + return 1;
> +}
> +
> +void kvm_memcrypt_set_debug_ops(MemoryRegion *mr)
> +{
> + if (kvm_state->memcrypt_debug_ops) {
> + return kvm_state->memcrypt_debug_ops(kvm_state->ehandle, mr);
> + }
> +}
> +
> +void *kvm_memcrypt_get_handle(void)
> +{
> + return kvm_state->ehandle;
> +}
> +
> int kvm_get_max_memslots(void)
> {
> KVMState *s = KVM_STATE(current_machine->accelerator);
> diff --git a/kvm-stub.c b/kvm-stub.c
> index ef0c734..20920aa 100644
> --- a/kvm-stub.c
> +++ b/kvm-stub.c
> @@ -105,6 +105,37 @@ int kvm_on_sigbus(int code, void *addr)
> return 1;
> }
>
> +bool kvm_memcrypt_enabled(void)
> +{
> + return false;
> +}
> +
> +void *kvm_memcrypt_get_handle(void)
> +{
> + return NULL;
> +}
> +
> +void kvm_memcrypt_set_debug_ops(MemoryRegion *mr)
> +{
> + return;
> +}
> +
> +int kvm_memcrypt_create_launch_context(void)
> +{
> + return 1;
> +}
> +
> +int kvm_memcrypt_release_launch_context(void)
> +{
> + return 1;
> +}
> +
> +int kvm_memcrypt_encrypt_launch_data(uint8_t *ptr, uint64_t len)
> +{
> + return 1;
> +}
> +
> +
> #ifndef CONFIG_USER_ONLY
> int kvm_irqchip_add_msi_route(KVMState *s, int vector, PCIDevice *dev)
> {
>
--
Eduardo
- [Qemu-devel] [RFC PATCH v4 09/20] hmp: display memory encryption support in 'info kvm', (continued)
- [Qemu-devel] [RFC PATCH v4 09/20] hmp: display memory encryption support in 'info kvm', Brijesh Singh, 2017/03/08
- [Qemu-devel] [RFC PATCH v4 12/20] SEV: add GUEST_STATUS command, Brijesh Singh, 2017/03/08
- [Qemu-devel] [RFC PATCH v4 14/20] sev: add LAUNCH_FINISH command, Brijesh Singh, 2017/03/08
- [Qemu-devel] [RFC PATCH v4 18/20] target/i386: add cpuid Fn8000_001f, Brijesh Singh, 2017/03/08
- [Qemu-devel] [RFC PATCH v4 16/20] sev: add DEBUG_ENCRYPT command, Brijesh Singh, 2017/03/08
- Re: [Qemu-devel] [RFC PATCH v4 00/20] x86: Secure Encrypted Virtualization (AMD), Eduardo Habkost, 2017/03/08
- [Qemu-devel] [RFC PATCH v4 07/20] kvm: add memory encryption api support, Brijesh Singh, 2017/03/08
- Re: [Qemu-devel] [RFC PATCH v4 07/20] kvm: add memory encryption api support,
Eduardo Habkost <=
- [Qemu-devel] [RFC PATCH v4 15/20] sev: add DEBUG_DECRYPT command, Brijesh Singh, 2017/03/08
- [Qemu-devel] [RFC PATCH v4 17/20] target/i386: encrypt bios rom when memory encryption is enabled, Brijesh Singh, 2017/03/08
- [Qemu-devel] [RFC PATCH v4 20/20] migration: disable save/restore and migration when SEV is active, Brijesh Singh, 2017/03/08
- [Qemu-devel] [RFC PATCH v4 19/20] target/i386: clear memory encryption bit when walking SEV guest page table, Brijesh Singh, 2017/03/08
- Re: [Qemu-devel] [RFC PATCH v4 00/20] x86: Secure Encrypted Virtualization (AMD), no-reply, 2017/03/08