On Wed, Apr 21, 2021, Paolo Bonzini wrote:
> Add a new MSR that can be used to communicate whether the page
> encryption status bitmap is up to date and therefore whether live
> migration of an encrypted guest is possible.
>
> The MSR should be processed by userspace if it is going to live
> migrate the guest; the default implementation does nothing.
>
> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> ---
...
> @@ -91,6 +93,8 @@ struct kvm_clock_pairing {
> /* MSR_KVM_ASYNC_PF_INT */
> #define KVM_ASYNC_PF_VEC_MASK GENMASK(7, 0)
>
> +/* MSR_KVM_MIGRATION_CONTROL */
> +#define KVM_PAGE_ENC_STATUS_UPTODATE (1 << 0)
Why explicitly tie this to encryption status? AFAICT, doing so serves no real
purpose and can only hurt us in the long run. E.g. if a new use case for
"disabling" migration comes along and it has nothing to do with encryption, then
it has the choice of either using a different bit or bastardizing the existing
control.
I've no idea if such a use case is remotely likely to pop up, but allowing for
such a possibility costs us nothing.
