On 7/12/19 10:52 AM, Konrad Rzeszutek Wilk wrote: > On Wed, Jul 10, 2019 at 08:12:59PM +0000, Singh, Brijesh wrote: >> The series add support for AMD SEV guest live migration commands. To protect the >> confidentiality of an SEV protected guest memory while in transit we need to >> use the SEV commands defined in SEV API spec [1]. >> >> SEV guest VMs have the concept of private and shared memory. Private memory >> is encrypted with the guest-specific key, while shared memory may be encrypted >> with hypervisor key. The commands provided by the SEV FW are meant to be used >> for the private memory only. The patch series introduces a new hypercall. >> The guest OS can use this hypercall to notify the page encryption status. >> If the page is encrypted with guest specific-key then we use SEV command during >> the migration. If page is not encrypted then fallback to default. >> > > I am bit lost. Why can't the hypervisor keep track of hypervisor key pages > and treat all other pages as owned by the guest and hence using the guest-specific > key? > The guest OS marks the pages 'private' or 'shared'. It is done by setting page encryption flag (aka C-bit) in guest page table. The shared pages may not necessary be just hypervisor key pages. In case of SEV, DMA needs to be done on the shared pages, so guest OS marks the DMA buffers as shared. -Brijesh
