On 04.02.20 21:19, Thomas Huth wrote: [...] >> +KVM_PV_VM_DESTROY >> +Unregisters the VM from the Ultravisor and frees memory that was > > s/Unregisters/Deregisters/ ? ack > >> +donated, so the kernel can use it again. All registered VCPUs have to >> +be unregistered beforehand and all memory has to be exported or >> +shared. >> + >> +KVM_PV_VM_SET_SEC_PARMS >> +Pass the image header from VM memory to the Ultravisor in preparation >> +of image unpacking and verification. >> + >> +KVM_PV_VM_UNPACK >> +Unpack (protect and decrypt) a page of the encrypted boot image. >> + >> +KVM_PV_VM_VERIFY >> +Verify the integrity of the unpacked image. Only if this succeeds, KVM >> + >> +is allowed to start protected VCPUs. > > Please remove the empty line between "KVM" and "is allowed". ack
