[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 03/22] machine: add memory-encryption option
From: |
Paolo Bonzini |
Subject: |
[Qemu-devel] [PULL 03/22] machine: add memory-encryption option |
Date: |
Tue, 13 Mar 2018 13:56:19 +0100 |
From: Brijesh Singh <address@hidden>
When CPU supports memory encryption feature, the property can be used to
specify the encryption object to use when launching an encrypted guest.
Cc: Paolo Bonzini <address@hidden>
Cc: Eduardo Habkost <address@hidden>
Cc: Marcel Apfelbaum <address@hidden>
Cc: Stefan Hajnoczi <address@hidden>
Signed-off-by: Brijesh Singh <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
---
hw/core/machine.c | 22 ++++++++++++++++++++++
include/hw/boards.h | 1 +
qemu-options.hx | 5 ++++-
3 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 5e2bbcd..2040177 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object
*obj, Error **errp)
return ms->enforce_config_section;
}
+static char *machine_get_memory_encryption(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->memory_encryption);
+}
+
+static void machine_set_memory_encryption(Object *obj, const char *value,
+ Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->memory_encryption);
+ ms->memory_encryption = g_strdup(value);
+}
+
void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type)
{
strList *item = g_new0(strList, 1);
@@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void *data)
&error_abort);
object_class_property_set_description(oc, "enforce-config-section",
"Set on to enforce configuration section migration", &error_abort);
+
+ object_class_property_add_str(oc, "memory-encryption",
+ machine_get_memory_encryption, machine_set_memory_encryption,
+ &error_abort);
+ object_class_property_set_description(oc, "memory-encryption",
+ "Set memory encyption object to use", &error_abort);
}
static void machine_class_base_init(ObjectClass *oc, void *data)
diff --git a/include/hw/boards.h b/include/hw/boards.h
index efb0a9e..8ce9a7a 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -243,6 +243,7 @@ struct MachineState {
bool suppress_vmdesc;
bool enforce_config_section;
bool enable_graphics;
+ char *memory_encryption;
ram_addr_t ram_size;
ram_addr_t maxram_size;
diff --git a/qemu-options.hx b/qemu-options.hx
index 6585058..4c28014 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
" suppress-vmdesc=on|off disables self-describing migration
(default=off)\n"
" nvdimm=on|off controls NVDIMM support (default=off)\n"
" enforce-config-section=on|off enforce configuration
section migration (default=off)\n"
- " s390-squash-mcss=on|off (deprecated) controls support for
squashing into default css (default=off)\n",
+ " s390-squash-mcss=on|off (deprecated) controls support for
squashing into default css (default=off)\n"
+ " address@hidden memory encryption object to use
(default=none)\n",
QEMU_ARCH_ALL)
STEXI
@item -machine address@hidden,address@hidden,...]]
@@ -110,6 +111,8 @@ code to send configuration section even if the machine-type
sets the
@option{migration.send-configuration} property to @var{off}.
NOTE: this parameter is deprecated. Please use @option{-global}
@address@hidden|off} instead.
address@hidden address@hidden
+Memory encryption object to use. The default is none.
@end table
ETEXI
--
1.8.3.1
- [Qemu-devel] [PULL 00/22] KVM patches for QEMU 2.12 soft freeze, Paolo Bonzini, 2018/03/13
- [Qemu-devel] [PULL 03/22] machine: add memory-encryption option,
Paolo Bonzini <=
- [Qemu-devel] [PULL 02/22] KVM: x86: Add support for save/load MSR_SMI_COUNT, Paolo Bonzini, 2018/03/13
- [Qemu-devel] [PULL 04/22] docs: add AMD Secure Encrypted Virtualization (SEV), Paolo Bonzini, 2018/03/13
- [Qemu-devel] [PULL 05/22] kvm: add memory encryption context, Paolo Bonzini, 2018/03/13
- [Qemu-devel] [PULL 06/22] kvm: introduce memory encryption APIs, Paolo Bonzini, 2018/03/13
- [Qemu-devel] [PULL 01/22] update Linux headers to 4.16-rc5, Paolo Bonzini, 2018/03/13
- [Qemu-devel] [PULL 09/22] include: add psp-sev.h header file, Paolo Bonzini, 2018/03/13
- [Qemu-devel] [PULL 07/22] target/i386: add Secure Encrypted Virtualization (SEV) object, Paolo Bonzini, 2018/03/13
- [Qemu-devel] [PULL 13/22] sev/i386: add command to encrypt guest memory region, Paolo Bonzini, 2018/03/13
- [Qemu-devel] [PULL 11/22] sev/i386: register the guest memory range which may contain encrypted data, Paolo Bonzini, 2018/03/13
- [Qemu-devel] [PULL 08/22] sev/i386: qmp: add query-sev command, Paolo Bonzini, 2018/03/13