From mboxrd@z Thu Jan 1 00:00:00 1970 From: Brijesh Singh Subject: [PATCH v6 06/23] machine: add -memory-encryption property Date: Mon, 29 Jan 2018 11:41:15 -0600 Message-ID: <20180129174132.108925-7-brijesh.singh@amd.com> References: <20180129174132.108925-1-brijesh.singh@amd.com> Mime-Version: 1.0 Content-Type: text/plain Cc: kvm@vger.kernel.org, Paolo Bonzini , Tom Lendacky , Peter Maydell , Richard Henderson , "Edgar E. Iglesias" , "Dr. David Alan Gilbert" , Eduardo Habkost , Stefan Hajnoczi , Eric Blake , "Michael S. Tsirkin" , "Daniel P . Berrange" , Brijesh Singh , Marcel Apfelbaum To: qemu-devel@nongnu.org Return-path: Received: from mail-dm3nam03on0075.outbound.protection.outlook.com ([104.47.41.75]:63152 "EHLO NAM03-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751422AbeA2RmA (ORCPT ); Mon, 29 Jan 2018 12:42:00 -0500 In-Reply-To: <20180129174132.108925-1-brijesh.singh@amd.com> Sender: kvm-owner@vger.kernel.org List-ID: When CPU supports memory encryption feature, the property can be used to specify the encryption object to use when launching an encrypted guest. Cc: Paolo Bonzini Cc: Eduardo Habkost Cc: Marcel Apfelbaum Cc: Stefan Hajnoczi Signed-off-by: Brijesh Singh --- hw/core/machine.c | 22 ++++++++++++++++++++++ include/hw/boards.h | 1 + qemu-options.hx | 2 ++ 3 files changed, 25 insertions(+) diff --git a/hw/core/machine.c b/hw/core/machine.c index cdc1163dc6fb..e9940e58ad65 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object *obj, Error **errp) return ms->enforce_config_section; } +static char *machine_get_memory_encryption(Object *obj, Error **errp) +{ + MachineState *ms = MACHINE(obj); + + return g_strdup(ms->memory_encryption); +} + +static void machine_set_memory_encryption(Object *obj, const char *value, + Error **errp) +{ + MachineState *ms = MACHINE(obj); + + g_free(ms->memory_encryption); + ms->memory_encryption = g_strdup(value); +} + void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type) { strList *item = g_new0(strList, 1); @@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void *data) &error_abort); object_class_property_set_description(oc, "enforce-config-section", "Set on to enforce configuration section migration", &error_abort); + + object_class_property_add_str(oc, "memory-encryption", + machine_get_memory_encryption, machine_set_memory_encryption, + &error_abort); + object_class_property_set_description(oc, "memory-encryption", + "Set memory encyption object to use", &error_abort); } static void machine_class_base_init(ObjectClass *oc, void *data) diff --git a/include/hw/boards.h b/include/hw/boards.h index efb0a9edfdf1..8ce9a7a21d3d 100644 --- a/include/hw/boards.h +++ b/include/hw/boards.h @@ -243,6 +243,7 @@ struct MachineState { bool suppress_vmdesc; bool enforce_config_section; bool enable_graphics; + char *memory_encryption; ram_addr_t ram_size; ram_addr_t maxram_size; diff --git a/qemu-options.hx b/qemu-options.hx index 1d73fb151d87..bec3490d7b8d 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -110,6 +110,8 @@ code to send configuration section even if the machine-type sets the @option{migration.send-configuration} property to @var{off}. NOTE: this parameter is deprecated. Please use @option{-global} @option{migration.send-configuration}=@var{on|off} instead. +@item memory-encryption=@var{} +Memory encryption object to use. The default is none. @end table ETEXI -- 2.9.5 From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49008) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1egDRS-0005Zl-C7 for qemu-devel@nongnu.org; Mon, 29 Jan 2018 12:42:06 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1egDRO-0003MB-6W for qemu-devel@nongnu.org; Mon, 29 Jan 2018 12:42:02 -0500 Received: from mail-dm3nam03on0055.outbound.protection.outlook.com ([104.47.41.55]:53115 helo=NAM03-DM3-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1egDRN-0003LQ-W4 for qemu-devel@nongnu.org; Mon, 29 Jan 2018 12:41:58 -0500 From: Brijesh Singh Date: Mon, 29 Jan 2018 11:41:15 -0600 Message-Id: <20180129174132.108925-7-brijesh.singh@amd.com> In-Reply-To: <20180129174132.108925-1-brijesh.singh@amd.com> References: <20180129174132.108925-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain Subject: [Qemu-devel] [PATCH v6 06/23] machine: add -memory-encryption property List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: kvm@vger.kernel.org, Paolo Bonzini , Tom Lendacky , Peter Maydell , Richard Henderson , "Edgar E. Iglesias" , "Dr. David Alan Gilbert" , Eduardo Habkost , Stefan Hajnoczi , Eric Blake , "Michael S. Tsirkin" , "Daniel P . Berrange" , Brijesh Singh , Marcel Apfelbaum When CPU supports memory encryption feature, the property can be used to specify the encryption object to use when launching an encrypted guest. Cc: Paolo Bonzini Cc: Eduardo Habkost Cc: Marcel Apfelbaum Cc: Stefan Hajnoczi Signed-off-by: Brijesh Singh --- hw/core/machine.c | 22 ++++++++++++++++++++++ include/hw/boards.h | 1 + qemu-options.hx | 2 ++ 3 files changed, 25 insertions(+) diff --git a/hw/core/machine.c b/hw/core/machine.c index cdc1163dc6fb..e9940e58ad65 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object *obj, Error **errp) return ms->enforce_config_section; } +static char *machine_get_memory_encryption(Object *obj, Error **errp) +{ + MachineState *ms = MACHINE(obj); + + return g_strdup(ms->memory_encryption); +} + +static void machine_set_memory_encryption(Object *obj, const char *value, + Error **errp) +{ + MachineState *ms = MACHINE(obj); + + g_free(ms->memory_encryption); + ms->memory_encryption = g_strdup(value); +} + void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type) { strList *item = g_new0(strList, 1); @@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void *data) &error_abort); object_class_property_set_description(oc, "enforce-config-section", "Set on to enforce configuration section migration", &error_abort); + + object_class_property_add_str(oc, "memory-encryption", + machine_get_memory_encryption, machine_set_memory_encryption, + &error_abort); + object_class_property_set_description(oc, "memory-encryption", + "Set memory encyption object to use", &error_abort); } static void machine_class_base_init(ObjectClass *oc, void *data) diff --git a/include/hw/boards.h b/include/hw/boards.h index efb0a9edfdf1..8ce9a7a21d3d 100644 --- a/include/hw/boards.h +++ b/include/hw/boards.h @@ -243,6 +243,7 @@ struct MachineState { bool suppress_vmdesc; bool enforce_config_section; bool enable_graphics; + char *memory_encryption; ram_addr_t ram_size; ram_addr_t maxram_size; diff --git a/qemu-options.hx b/qemu-options.hx index 1d73fb151d87..bec3490d7b8d 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -110,6 +110,8 @@ code to send configuration section even if the machine-type sets the @option{migration.send-configuration} property to @var{off}. NOTE: this parameter is deprecated. Please use @option{-global} @option{migration.send-configuration}=@var{on|off} instead. +@item memory-encryption=@var{} +Memory encryption object to use. The default is none. @end table ETEXI -- 2.9.5