[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v8 06/28] machine: add -memory-encryption property
From: |
Brijesh Singh |
Subject: |
[Qemu-devel] [PATCH v8 06/28] machine: add -memory-encryption property |
Date: |
Mon, 12 Feb 2018 09:36:53 -0600 |
When CPU supports memory encryption feature, the property can be used to
specify the encryption object to use when launching an encrypted guest.
Cc: Paolo Bonzini <address@hidden>
Cc: Eduardo Habkost <address@hidden>
Cc: Marcel Apfelbaum <address@hidden>
Cc: Stefan Hajnoczi <address@hidden>
Signed-off-by: Brijesh Singh <address@hidden>
---
hw/core/machine.c | 22 ++++++++++++++++++++++
include/hw/boards.h | 1 +
qemu-options.hx | 2 ++
3 files changed, 25 insertions(+)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index cdc1163dc6fb..e9940e58ad65 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object
*obj, Error **errp)
return ms->enforce_config_section;
}
+static char *machine_get_memory_encryption(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->memory_encryption);
+}
+
+static void machine_set_memory_encryption(Object *obj, const char *value,
+ Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->memory_encryption);
+ ms->memory_encryption = g_strdup(value);
+}
+
void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type)
{
strList *item = g_new0(strList, 1);
@@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void *data)
&error_abort);
object_class_property_set_description(oc, "enforce-config-section",
"Set on to enforce configuration section migration", &error_abort);
+
+ object_class_property_add_str(oc, "memory-encryption",
+ machine_get_memory_encryption, machine_set_memory_encryption,
+ &error_abort);
+ object_class_property_set_description(oc, "memory-encryption",
+ "Set memory encyption object to use", &error_abort);
}
static void machine_class_base_init(ObjectClass *oc, void *data)
diff --git a/include/hw/boards.h b/include/hw/boards.h
index efb0a9edfdf1..8ce9a7a21d3d 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -243,6 +243,7 @@ struct MachineState {
bool suppress_vmdesc;
bool enforce_config_section;
bool enable_graphics;
+ char *memory_encryption;
ram_addr_t ram_size;
ram_addr_t maxram_size;
diff --git a/qemu-options.hx b/qemu-options.hx
index d15c1713d182..e70c92db2323 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -110,6 +110,8 @@ code to send configuration section even if the machine-type
sets the
@option{migration.send-configuration} property to @var{off}.
NOTE: this parameter is deprecated. Please use @option{-global}
@address@hidden|off} instead.
address@hidden address@hidden
+Memory encryption object to use. The default is none.
@end table
ETEXI
--
2.14.3
- [Qemu-devel] [PATCH v8 00/28] x86: Secure Encrypted Virtualization (AMD), Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 03/28] exec: add debug version of physical memory read and write API, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 01/28] memattrs: add debug attribute, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 02/28] exec: add ram_debug_ops support, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 04/28] monitor/i386: use debug APIs when accessing guest memory, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 05/28] target/i386: add memory encryption feature cpuid support, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 07/28] kvm: update kvm.h to include memory encryption ioctls, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 06/28] machine: add -memory-encryption property,
Brijesh Singh <=
- [Qemu-devel] [PATCH v8 09/28] target/i386: add Secure Encrypted Virtulization (SEV) object, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 08/28] docs: add AMD Secure Encrypted Virtualization (SEV), Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 10/28] sev/i386: add command to initialize the memory encryption context, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 11/28] sev/i386: register the guest memory range which may contain encrypted data, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 12/28] kvm: introduce memory encryption APIs, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 13/28] qmp: add query-sev command, Brijesh Singh, 2018/02/12
- [Qemu-devel] [PATCH v8 14/28] hmp: add 'info sev' command, Brijesh Singh, 2018/02/12