[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v7 05/26] target/i386: add memory encryption fea

From: Brijesh Singh
Subject: Re: [Qemu-devel] [PATCH v7 05/26] target/i386: add memory encryption feature cpuid support
Date: Wed, 7 Feb 2018 12:28:48 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0

On 02/07/2018 10:54 AM, Paolo Bonzini wrote:
On 07/02/2018 17:06, Brijesh Singh wrote:
AMD EPYC processors support memory encryption feature. The feature
is reported through CPUID 8000_001F[EAX].

Fn8000_001F [EAX]:
  Bit 0   Secure Memory Encryption (SME) supported
  Bit 1   Secure Encrypted Virtualization (SEV) supported
  Bit 2   Page flush MSR supported
  Bit 3   Ecrypted State (SEV-ES) support

when memory encryption feature is reported, CPUID 8000_001F[EBX] should
provide additional information regarding the feature (such as which page
table bit is used to mark pages as encrypted etc). The information in EBX
and ECX may vary from one family to another hence we use the host cpuid
to populate the EBX information.

The details for memory encryption CPUID is available in AMD APM
(https://support.amd.com/TechDocs/24594.pdf) Section E.4.17

Cc: Paolo Bonzini <address@hidden>
Cc: Richard Henderson <address@hidden>
Cc: Eduardo Habkost <address@hidden>
Signed-off-by: Brijesh Singh <address@hidden>
  target/i386/cpu.c | 36 ++++++++++++++++++++++++++++++++++++
  target/i386/cpu.h |  6 ++++++
  2 files changed, 42 insertions(+)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index a49d2221adc9..4147eb6e18a9 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -234,6 +234,7 @@ static void x86_cpu_vendor_words2str(char *dst, uint32_t 
  #define TCG_EXT4_FEATURES 0
  #define TCG_SVM_FEATURES 0
  #define TCG_KVM_FEATURES 0
            CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
            CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT |            \
@@ -545,6 +546,20 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
          .cpuid_reg = R_EDX,
          .tcg_features = ~0U,
+        .feat_names = {
+            "sme", "sev", "page-flush-msr", "sev-es",

Why would sme ever be on in a guest?  That is, would a guest care about
whether SME is on in the host?

Guest does not need the SME feature bit exposed and it does not care whether SME is enabled on the host. Since I was defining the bit fields from 8000_001F EAX hence I tried to list them all. In next version, I will update the MEM_ENCRYPT feature to expose just SEV.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]