Re: [Qemu-devel] [PATCH v6 00/23] x86: Secure Encrypted Virtualization (AMD)

[Bruce Rogers]

>>> On 1/29/2018 at 10:41 AM, <address@hidden> wrote:
> This patch series provides support for AMD's new Secure Encrypted 
> Virtualization (SEV) feature.
> 
> SEV is an extension to the AMD‑V architecture which supports running
> multiple VMs under the control of a hypervisor. The SEV feature allows
> the memory contents of a virtual machine (VM) to be transparently encrypted
> with a key unique to the guest VM. The memory controller contains a
> high performance encryption engine which can be programmed with multiple
> keys for use by a different VMs in the system. The programming and
> management of these keys is handled by the AMD Secure Processor firmware
> which exposes a commands for these tasks.
> 
> The KVM SEV patch series introduced a new ioctl (KVM_MEMORY_ENCRYPTION_OP)
> which is used by qemu to issue the SEV commands to assist performing
> common hypervisor activities such as a launching, running, snapshooting,
> migration and debugging guests.
> 

As for the reported failure to build on non-x86 hosts, eg:
...
  LINK    i386-softmmu/qemu-system-i386
target/i386/helper.o: In function `get_me_mask':
/var/tmp/patchew-tester-tmp-hek3vjny/src/target/i386/helper.c:735: undefined 
reference to `kvm_arch_get_supported_cpuid'
target/i386/monitor.o: In function `get_me_mask':
/var/tmp/patchew-tester-tmp-hek3vjny/src/target/i386/monitor.c:71: undefined 
reference to `kvm_arch_get_supported_cpuid'

... I've looked at that a bit and find that in target/i386/kvm-stub.c, if we 
get rid of
the #ifndef __OPTIMIZE__ it then builds ok. I'm not sure if the guarding done 
there
with the check for  __OPTIMIZE__ is a relic that no longer applies given how 
qemu
currently builds, but at least it's something to look at.

Bruce