On Mon, Jan 18, 2021 at 06:59:38PM +0100, Paolo Bonzini wrote:
> On 16/01/21 01:25, Sean Christopherson wrote:
> >
> > @@ -1527,12 +1527,14 @@ config AMD_MEM_ENCRYPT
> > select DYNAMIC_PHYSICAL_MASK
> > select ARCH_USE_MEMREMAP_PROT
> > select ARCH_HAS_FORCE_DMA_UNENCRYPTED
> > - select INSTRUCTION_DECODER
> > help
> > Say yes to enable support for the encryption of system memory.
> > This requires an AMD processor that supports Secure Memory
> > Encryption (SME).
> > + This also enables support for running as a Secure Encrypted
> > + Virtualization (SEV) guest.
> > +
> > config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
> > bool "Activate AMD Secure Memory Encryption (SME) by default"
> > default y
> > @@ -1547,6 +1549,15 @@ config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
> > If set to N, then the encryption of system memory can be
> > activated with the mem_encrypt=on command line option.
> > +config AMD_SEV_ES_GUEST
> > + bool "AMD Secure Encrypted Virtualization - Encrypted State (SEV-ES) Guest support"
> > + depends on AMD_MEM_ENCRYPT
> > + select INSTRUCTION_DECODER
> > + help
> > + Enable support for running as a Secure Encrypted Virtualization -
> > + Encrypted State (SEV-ES) Guest. This enables SEV-ES boot protocol
> > + changes, #VC handling, SEV-ES specific hypercalls, etc...
> > +
>
> Queued, thanks.
Say, Paolo, why are you queuing a patch which goes through tip, if at all?
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
