Re: [PATCH v3 4/9] host trust limitation: Rework the "memory-encryption" property

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 6/18/20 7:05 PM, David Gibson wrote:
> Currently the "memory-encryption" property is only looked at once we get to
> kvm_init().  Although protection of guest memory from the hypervisor isn't
> something that could really ever work with TCG, it's not conceptually tied
> to the KVM accelerator.
> 
> In addition, the way the string property is resolved to an object is
> almost identical to how a QOM link property is handled.
> 
> So, create a new "host-trust-limitation" link property which sets this QOM
> interface link directly in the machine.  For compatibility we keep the
> "memory-encryption" property, but now implemented in terms of the new
> property.
> 
> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>
> ---
>  accel/kvm/kvm-all.c | 23 +++++++----------------
>  hw/core/machine.c   | 41 ++++++++++++++++++++++++++++++++++++-----
>  include/hw/boards.h |  2 +-
>  3 files changed, 44 insertions(+), 22 deletions(-)

Reviewed-by: Richard Henderson <richard.henderson@xxxxxxxxxx>

r~



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux