[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v11 05/28] machine: add -memory-encryption property
From: |
Brijesh Singh |
Subject: |
[Qemu-devel] [PATCH v11 05/28] machine: add -memory-encryption property |
Date: |
Wed, 7 Mar 2018 10:50:15 -0600 |
When CPU supports memory encryption feature, the property can be used to
specify the encryption object to use when launching an encrypted guest.
Cc: Paolo Bonzini <address@hidden>
Cc: Eduardo Habkost <address@hidden>
Cc: Marcel Apfelbaum <address@hidden>
Cc: Stefan Hajnoczi <address@hidden>
Signed-off-by: Brijesh Singh <address@hidden>
---
hw/core/machine.c | 22 ++++++++++++++++++++++
include/hw/boards.h | 1 +
qemu-options.hx | 5 ++++-
3 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 5e2bbcdacedb..2040177664d5 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object
*obj, Error **errp)
return ms->enforce_config_section;
}
+static char *machine_get_memory_encryption(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->memory_encryption);
+}
+
+static void machine_set_memory_encryption(Object *obj, const char *value,
+ Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->memory_encryption);
+ ms->memory_encryption = g_strdup(value);
+}
+
void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type)
{
strList *item = g_new0(strList, 1);
@@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void *data)
&error_abort);
object_class_property_set_description(oc, "enforce-config-section",
"Set on to enforce configuration section migration", &error_abort);
+
+ object_class_property_add_str(oc, "memory-encryption",
+ machine_get_memory_encryption, machine_set_memory_encryption,
+ &error_abort);
+ object_class_property_set_description(oc, "memory-encryption",
+ "Set memory encyption object to use", &error_abort);
}
static void machine_class_base_init(ObjectClass *oc, void *data)
diff --git a/include/hw/boards.h b/include/hw/boards.h
index efb0a9edfdf1..8ce9a7a21d3d 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -243,6 +243,7 @@ struct MachineState {
bool suppress_vmdesc;
bool enforce_config_section;
bool enable_graphics;
+ char *memory_encryption;
ram_addr_t ram_size;
ram_addr_t maxram_size;
diff --git a/qemu-options.hx b/qemu-options.hx
index 2a22a62f743b..c157946af308 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
" suppress-vmdesc=on|off disables self-describing migration
(default=off)\n"
" nvdimm=on|off controls NVDIMM support (default=off)\n"
" enforce-config-section=on|off enforce configuration
section migration (default=off)\n"
- " s390-squash-mcss=on|off (deprecated) controls support for
squashing into default css (default=off)\n",
+ " s390-squash-mcss=on|off (deprecated) controls support for
squashing into default css (default=off)\n"
+ " address@hidden memory encryption object to use
(default=none)\n",
QEMU_ARCH_ALL)
STEXI
@item -machine address@hidden,address@hidden,...]]
@@ -110,6 +111,8 @@ code to send configuration section even if the machine-type
sets the
@option{migration.send-configuration} property to @var{off}.
NOTE: this parameter is deprecated. Please use @option{-global}
@address@hidden|off} instead.
address@hidden address@hidden
+Memory encryption object to use. The default is none.
@end table
ETEXI
--
2.14.3
- [Qemu-devel] [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD), Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 01/28] memattrs: add debug attribute, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 02/28] exec: add ram_debug_ops support, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 03/28] exec: add debug version of physical memory read and write API, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 04/28] monitor/i386: use debug APIs when accessing guest memory, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 06/28] kvm: update kvm.h to include memory encryption ioctls, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 05/28] machine: add -memory-encryption property,
Brijesh Singh <=
- [Qemu-devel] [PATCH v11 07/28] docs: add AMD Secure Encrypted Virtualization (SEV), Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 09/28] qmp: add query-sev command, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 12/28] sev/i386: register the guest memory range which may contain encrypted data, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 10/28] include: add psp-sev.h header file, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 15/28] sev/i386: add command to create launch memory encryption context, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 20/28] hw/i386: set ram_debug_ops when memory encryption is enabled, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 19/28] sev/i386: finalize the SEV guest launch flow, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 16/28] sev/i386: add command to encrypt guest memory region, Brijesh Singh, 2018/03/07
- [Qemu-devel] [PATCH v11 18/28] sev/i386: add support to LAUNCH_MEASURE command, Brijesh Singh, 2018/03/07