|
| From: | David Kozub |
| Subject: | Re: [Qemu-devel] Emulation of TCG OPAL self-encrypting drive |
| Date: | Thu, 10 Jan 2019 00:05:32 +0100 (CET) |
| User-agent: | Alpine 2.21 (LRH 202 2017-01-01) |
On Mon, 7 Jan 2019, Stefan Hajnoczi wrote:
QEMU supports LUKS encrypted disk images so no new code is needed for the actual encryption.
Thanks for the feedback, Stefan. I know very little about qemu internals (I looked around a bit). One issue is: OPAL needs some persistent data outside of the actual user-visible data. How does that fit in with storage in QEMU? Perhaps the implementation could just occupy a fixed size of the associated storage for the OPAL state.
Or, just a pass-through to a block device in the host - but a pass-through that would allow OPAL commands.You can pass through a storage controller using PCI passthrough or you can pass through a SCSI LUN, but there is no ATA passthrough.
I currently don't have a usable box for PCI passthrough. I'm thinking that ATA passthrough could be generally usable for any fiddling and perhaps not too difficult to implement.
If I understand QEMU sources correctly, this needs to touch hw/ide/core.c (ide_exec_cmd), either adding a layer for OPAL, or just forwarding ATA commands for pass-through. Right?
Best regards, David
| [Prev in Thread] | Current Thread | [Next in Thread] |