[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v4 06/14] target/i386: sev: do not create launch context for an i
From: |
Ashish Kalra |
Subject: |
[PATCH v4 06/14] target/i386: sev: do not create launch context for an incoming guest |
Date: |
Wed, 4 Aug 2021 11:56:22 +0000 |
From: Brijesh Singh <brijesh.singh@amd.com>
The LAUNCH_START is used for creating an encryption context to encrypt
newly created guest, for an incoming guest the RECEIVE_START should be
used.
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
---
target/i386/sev.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 5e7c87764c..10038d3880 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -919,12 +919,17 @@ int sev_kvm_init(ConfidentialGuestSupport *cgs, Error
**errp)
goto err;
}
- ret = sev_launch_start(sev);
- if (ret) {
- error_setg(errp, "%s: failed to create encryption context", __func__);
- goto err;
+ /*
+ * The LAUNCH context is used for new guest, if its an incoming guest
+ * then RECEIVE context will be created after the connection is
established.
+ */
+ if (!runstate_check(RUN_STATE_INMIGRATE)) {
+ ret = sev_launch_start(sev);
+ if (ret) {
+ error_report("%s: failed to create encryption context", __func__);
+ goto err;
+ }
}
-
ram_block_notifier_add(&sev_ram_notifier);
qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
qemu_add_vm_change_state_handler(sev_vm_state_change, sev);
--
2.17.1
- [PATCH v4 03/14] migration.json: add AMD SEV specific migration parameters, (continued)
- [PATCH v4 03/14] migration.json: add AMD SEV specific migration parameters, Ashish Kalra, 2021/08/04
- [PATCH v4 04/14] confidential guest support: introduce ConfidentialGuestMemoryEncryptionOps for encrypted VMs, Ashish Kalra, 2021/08/04
- [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context, Ashish Kalra, 2021/08/04
- [PATCH v4 06/14] target/i386: sev: do not create launch context for an incoming guest,
Ashish Kalra <=
- [PATCH v4 07/14] target/i386: sev: add support to encrypt the outgoing page, Ashish Kalra, 2021/08/04
- [PATCH v4 08/14] target/i386: sev: add support to load incoming encrypted page, Ashish Kalra, 2021/08/04
- [PATCH v4 09/14] kvm: Add support for SEV shared regions list and KVM_EXIT_HYPERCALL., Ashish Kalra, 2021/08/04
- [PATCH v4 10/14] migration: add support to migrate shared regions list, Ashish Kalra, 2021/08/04
- [PATCH v4 11/14] migration/ram: add support to send encrypted pages, Ashish Kalra, 2021/08/04
- [PATCH v4 12/14] migration/ram: Force encrypted status for flash0 & flash1 devices., Ashish Kalra, 2021/08/04
- [PATCH v4 13/14] migration: for SEV live migration bump downtime limit to 1s., Ashish Kalra, 2021/08/04
- [PATCH v4 14/14] kvm: Add support for userspace MSR filtering and handling of MSR_KVM_MIGRATION_CONTROL., Ashish Kalra, 2021/08/04