Re: [PATCH] x86/sev: Add AMD_SEV_ES_GUEST Kconfig for including SEV-ES support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 16/01/21 01:25, Sean Christopherson wrote:

@@ -1527,12 +1527,14 @@ config AMD_MEM_ENCRYPT
 	select DYNAMIC_PHYSICAL_MASK
 	select ARCH_USE_MEMREMAP_PROT
 	select ARCH_HAS_FORCE_DMA_UNENCRYPTED
-	select INSTRUCTION_DECODER
 	help
 	  Say yes to enable support for the encryption of system memory.
 	  This requires an AMD processor that supports Secure Memory
 	  Encryption (SME).
+ This also enables support for running as a Secure Encrypted
+	  Virtualization (SEV) guest.
+
 config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
 	bool "Activate AMD Secure Memory Encryption (SME) by default"
 	default y
@@ -1547,6 +1549,15 @@ config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
 	  If set to N, then the encryption of system memory can be
 	  activated with the mem_encrypt=on command line option.
+config AMD_SEV_ES_GUEST
+	bool "AMD Secure Encrypted Virtualization - Encrypted State (SEV-ES) Guest support"
+	depends on AMD_MEM_ENCRYPT
+	select INSTRUCTION_DECODER
+	help
+	  Enable support for running as a Secure Encrypted Virtualization -
+	  Encrypted State (SEV-ES) Guest.  This enables SEV-ES boot protocol
+	  changes, #VC handling, SEV-ES specific hypercalls, etc...
+

Queued, thanks.

Paolo




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux