[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v6 00/23] x86: Secure Encrypted Virtualization (
From: |
Bruce Rogers |
Subject: |
Re: [Qemu-devel] [PATCH v6 00/23] x86: Secure Encrypted Virtualization (AMD) |
Date: |
Tue, 06 Feb 2018 08:51:52 -0700 |
>>> On 1/29/2018 at 10:41 AM, <address@hidden> wrote:
> This patch series provides support for AMD's new Secure Encrypted
> Virtualization (SEV) feature.
>
> SEV is an extension to the AMD‑V architecture which supports running
> multiple VMs under the control of a hypervisor. The SEV feature allows
> the memory contents of a virtual machine (VM) to be transparently encrypted
> with a key unique to the guest VM. The memory controller contains a
> high performance encryption engine which can be programmed with multiple
> keys for use by a different VMs in the system. The programming and
> management of these keys is handled by the AMD Secure Processor firmware
> which exposes a commands for these tasks.
>
> The KVM SEV patch series introduced a new ioctl (KVM_MEMORY_ENCRYPTION_OP)
> which is used by qemu to issue the SEV commands to assist performing
> common hypervisor activities such as a launching, running, snapshooting,
> migration and debugging guests.
>
As for the reported failure to build on non-x86 hosts, eg:
...
LINK i386-softmmu/qemu-system-i386
target/i386/helper.o: In function `get_me_mask':
/var/tmp/patchew-tester-tmp-hek3vjny/src/target/i386/helper.c:735: undefined
reference to `kvm_arch_get_supported_cpuid'
target/i386/monitor.o: In function `get_me_mask':
/var/tmp/patchew-tester-tmp-hek3vjny/src/target/i386/monitor.c:71: undefined
reference to `kvm_arch_get_supported_cpuid'
... I've looked at that a bit and find that in target/i386/kvm-stub.c, if we
get rid of
the #ifndef __OPTIMIZE__ it then builds ok. I'm not sure if the guarding done
there
with the check for __OPTIMIZE__ is a relic that no longer applies given how
qemu
currently builds, but at least it's something to look at.
Bruce
- Re: [Qemu-devel] [PATCH v6 00/23] x86: Secure Encrypted Virtualization (AMD),
Bruce Rogers <=