On Thu, 14 Jan 2021 10:58:03 +1100 David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> wrote: > Currently the "memory-encryption" property is only looked at once we > get to kvm_init(). Although protection of guest memory from the > hypervisor isn't something that could really ever work with TCG, it's > not conceptually tied to the KVM accelerator. > > In addition, the way the string property is resolved to an object is > almost identical to how a QOM link property is handled. > > So, create a new "confidential-guest-support" link property which sets > this QOM interface link directly in the machine. For compatibility we > keep the "memory-encryption" property, but now implemented in terms of > the new property. > > Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> > Reviewed-by: Greg Kurz <groug@xxxxxxxx> > --- > accel/kvm/kvm-all.c | 5 +++-- > accel/kvm/sev-stub.c | 5 +++-- > hw/core/machine.c | 43 +++++++++++++++++++++++++++++++++++++------ > include/hw/boards.h | 2 +- > include/sysemu/sev.h | 2 +- > target/i386/sev.c | 32 ++------------------------------ > 6 files changed, 47 insertions(+), 42 deletions(-) Reviewed-by: Cornelia Huck <cohuck@xxxxxxxxxx>
