Re: [PATCH v7 08/13] confidential guest support: Move SEV initialization into arch specific code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 18 Jan 2021 14:03:08 +1100
David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> wrote:

> On Fri, Jan 15, 2021 at 02:24:25PM +0100, Cornelia Huck wrote:
> > On Thu, 14 Jan 2021 10:58:06 +1100
> > David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> wrote:
> >   
> > > While we've abstracted some (potential) differences between mechanisms for
> > > securing guest memory, the initialization is still specific to SEV.  Given
> > > that, move it into x86's kvm_arch_init() code, rather than the generic
> > > kvm_init() code.
> > > 
> > > Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>
> > > ---
> > >  accel/kvm/kvm-all.c   | 14 --------------
> > >  accel/kvm/sev-stub.c  |  4 ++--
> > >  target/i386/kvm/kvm.c | 12 ++++++++++++
> > >  target/i386/sev.c     |  7 ++++++-
> > >  4 files changed, 20 insertions(+), 17 deletions(-)
> > >   
> > 
> > (...)
> >   
> > > @@ -2135,6 +2136,17 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
> > >      uint64_t shadow_mem;
> > >      int ret;
> > >      struct utsname utsname;
> > > +    Error *local_err = NULL;
> > > +
> > > +    /*
> > > +     * if memory encryption object is specified then initialize the
> > > +     * memory encryption context (no-op otherwise)
> > > +     */
> > > +    ret = sev_kvm_init(ms->cgs, &local_err);  
> > 
> > Maybe still leave a comment here, as the code will still need to be
> > modified to handle non-SEV x86 mechanisms?  
> 
> Uh.. I'm confused.. this hunk is adding a comment, not removing one..

Yes, but there was a "TODO: handle non-SEV" comment before. This will
probably need some massaging if we add Intel mechanisms?

> 
> >   
> > > +    if (ret < 0) {
> > > +        error_report_err(local_err);
> > > +        return ret;
> > > +    }
> > >  
> > >      if (!kvm_check_extension(s, KVM_CAP_IRQ_ROUTING)) {
> > >          error_report("kvm: KVM_CAP_IRQ_ROUTING not supported by KVM");

Attachment: pgpZ9nxQjjbih.pgp
Description: OpenPGP digital signature


[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux