On Thu, 29 Aug 2019, Borislav Petkov wrote: > On Wed, Jul 10, 2019 at 08:13:11PM +0000, Singh, Brijesh wrote: > > @@ -2060,6 +2067,14 @@ static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc) > > */ > > cpa_flush(&cpa, 0); > > > > + /* > > + * When SEV is active, notify hypervisor that a given memory range is mapped > > + * encrypted or decrypted. Hypervisor will use this information during > > + * the VM migration. > > + */ > > + if (sev_active()) > > + set_memory_enc_dec_hypercall(addr, numpages << PAGE_SHIFT, enc); > > Btw, tglx has a another valid design concern here: why isn't this a > pv_ops thing? So that it is active only when the hypervisor is actually > present? > > I know, I know, this will run on SEV guests only because it is all > (hopefully) behind "if (sev_active())" checks but the clean and accepted > design is a paravirt call, I'd say. No. sev_active() has nothing to do with guest mode. It tells whether SEV is active or not. So yes, this calls into this function on both guest and host. The latter is beyond pointless. Thanks, tglx
