Re: [PATCH] x86/CPU/AMD, mm: Extend with mem_encrypt=sme option

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 02/10/2017 17:07, Brijesh Singh wrote:
> 
> 
> Yep, that will work just fine. There are couple of ways we can limit
> hypervisor from creating the SEV guest 1) clear the X86_FEATURE_SEV bit
> when mem_encrypt=sme is passed or 2) parse the mem_encrypt=xxx in
> kvm-amd.ko
> and fail the KVM_SEV_INIT when mem_encrpt=sme or mem_encrypt=off.

Stupid question ahead: if it's just about guests, why bother with
mem_encrypt=xxx at all?  kvm_amd should have a sev parameter anyway, you
can just do kvm_amd.sev=0 to disable it.

Paolo



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux