On Tue, Sep 15, 2020 at 09:19:46AM -0500, Tom Lendacky wrote: > On 9/14/20 4:37 PM, Sean Christopherson wrote: > > On Mon, Sep 14, 2020 at 03:15:39PM -0500, Tom Lendacky wrote: > >> From: Tom Lendacky <thomas.lendacky@xxxxxxx> > >> > >> Since many of the registers used by the SEV-ES are encrypted and cannot > >> be read or written, adjust the __get_sregs() / __set_sregs() to only get > >> or set the registers being tracked (efer, cr0, cr4 and cr8) once the VMSA > >> is encrypted. > > > > Is there an actual use case for writing said registers after the VMSA is > > encrypted? Assuming there's a separate "debug mode" and live migration has > > special logic, can KVM simply reject the ioctl() if guest state is protected? > > Yeah, I originally had it that way but one of the folks looking at live > migration for SEV-ES thought it would be easier given the way Qemu does > things. But I think it's easy enough to batch the tracking registers into > the VMSA state that is being transferred during live migration. Let me > check that out and likely the SET ioctl() could just skip all the regs. Hmm, that would be ideal. How are the tracked registers validated when they're loaded at the destination? It seems odd/dangerous that KVM would have full control over efer/cr0/cr4/cr8. I.e. why is KVM even responsibile for migrating that information, e.g. as opposed to migrating an opaque blob that contains encrypted versions of those registers?
