On 6/18/20 7:05 PM, David Gibson wrote: > Currently the "memory-encryption" property is only looked at once we get to > kvm_init(). Although protection of guest memory from the hypervisor isn't > something that could really ever work with TCG, it's not conceptually tied > to the KVM accelerator. > > In addition, the way the string property is resolved to an object is > almost identical to how a QOM link property is handled. > > So, create a new "host-trust-limitation" link property which sets this QOM > interface link directly in the machine. For compatibility we keep the > "memory-encryption" property, but now implemented in terms of the new > property. > > Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> > --- > accel/kvm/kvm-all.c | 23 +++++++---------------- > hw/core/machine.c | 41 ++++++++++++++++++++++++++++++++++++----- > include/hw/boards.h | 2 +- > 3 files changed, 44 insertions(+), 22 deletions(-) Reviewed-by: Richard Henderson <richard.henderson@xxxxxxxxxx> r~
