* [PATCH] docs/system/ppc: Merge the PEF information into the pseries page
@ 2022-01-05 10:32 Thomas Huth
2022-01-05 12:52 ` Daniel Henrique Barboza
2022-01-12 11:40 ` Cédric Le Goater
0 siblings, 2 replies; 3+ messages in thread
From: Thomas Huth @ 2022-01-05 10:32 UTC (permalink / raw)
To: Daniel Henrique Barboza, Cédric Le Goater, qemu-devel
Cc: Leonardo Garcia, qemu-ppc, Greg Kurz, David Gibson
The Protected Execution Facility is only available with the pseries
machine, so let's merge the old ASCII text into the new RST file now.
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
docs/papr-pef.txt | 30 ------------------------------
docs/system/ppc/pseries.rst | 33 +++++++++++++++++++++++++++++++++
2 files changed, 33 insertions(+), 30 deletions(-)
delete mode 100644 docs/papr-pef.txt
diff --git a/docs/papr-pef.txt b/docs/papr-pef.txt
deleted file mode 100644
index 72550e9bf8..0000000000
--- a/docs/papr-pef.txt
+++ /dev/null
@@ -1,30 +0,0 @@
-POWER (PAPR) Protected Execution Facility (PEF)
-===============================================
-
-Protected Execution Facility (PEF), also known as Secure Guest support
-is a feature found on IBM POWER9 and POWER10 processors.
-
-If a suitable firmware including an Ultravisor is installed, it adds
-an extra memory protection mode to the CPU. The ultravisor manages a
-pool of secure memory which cannot be accessed by the hypervisor.
-
-When this feature is enabled in QEMU, a guest can use ultracalls to
-enter "secure mode". This transfers most of its memory to secure
-memory, where it cannot be eavesdropped by a compromised hypervisor.
-
-Launching
----------
-
-To launch a guest which will be permitted to enter PEF secure mode:
-
-# ${QEMU} \
- -object pef-guest,id=pef0 \
- -machine confidential-guest-support=pef0 \
- ...
-
-Live Migration
-----------------
-
-Live migration is not yet implemented for PEF guests. For
-consistency, we currently prevent migration if the PEF feature is
-enabled, whether or not the guest has actually entered secure mode.
diff --git a/docs/system/ppc/pseries.rst b/docs/system/ppc/pseries.rst
index 72e315eff6..16394fa521 100644
--- a/docs/system/ppc/pseries.rst
+++ b/docs/system/ppc/pseries.rst
@@ -230,6 +230,39 @@ nested. Combinations not shown in the table are not available.
.. [3] Introduced on Power10 machines.
+
+POWER (PAPR) Protected Execution Facility (PEF)
+-----------------------------------------------
+
+Protected Execution Facility (PEF), also known as Secure Guest support
+is a feature found on IBM POWER9 and POWER10 processors.
+
+If a suitable firmware including an Ultravisor is installed, it adds
+an extra memory protection mode to the CPU. The ultravisor manages a
+pool of secure memory which cannot be accessed by the hypervisor.
+
+When this feature is enabled in QEMU, a guest can use ultracalls to
+enter "secure mode". This transfers most of its memory to secure
+memory, where it cannot be eavesdropped by a compromised hypervisor.
+
+Launching
+^^^^^^^^^
+
+To launch a guest which will be permitted to enter PEF secure mode::
+
+ $ qemu-system-ppc64 \
+ -object pef-guest,id=pef0 \
+ -machine confidential-guest-support=pef0 \
+ ...
+
+Live Migration
+^^^^^^^^^^^^^^
+
+Live migration is not yet implemented for PEF guests. For
+consistency, QEMU currently prevents migration if the PEF feature is
+enabled, whether or not the guest has actually entered secure mode.
+
+
Maintainer contact information
------------------------------
--
2.27.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] docs/system/ppc: Merge the PEF information into the pseries page
2022-01-05 10:32 [PATCH] docs/system/ppc: Merge the PEF information into the pseries page Thomas Huth
@ 2022-01-05 12:52 ` Daniel Henrique Barboza
2022-01-12 11:40 ` Cédric Le Goater
1 sibling, 0 replies; 3+ messages in thread
From: Daniel Henrique Barboza @ 2022-01-05 12:52 UTC (permalink / raw)
To: Thomas Huth, Cédric Le Goater, qemu-devel
Cc: Leonardo Garcia, qemu-ppc, Greg Kurz, David Gibson
On 1/5/22 07:32, Thomas Huth wrote:
> The Protected Execution Facility is only available with the pseries
> machine, so let's merge the old ASCII text into the new RST file now.
>
> Signed-off-by: Thomas Huth <thuth@redhat.com>
> ---
Well observed. Thanks for fixing it.
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
> docs/papr-pef.txt | 30 ------------------------------
> docs/system/ppc/pseries.rst | 33 +++++++++++++++++++++++++++++++++
> 2 files changed, 33 insertions(+), 30 deletions(-)
> delete mode 100644 docs/papr-pef.txt
>
> diff --git a/docs/papr-pef.txt b/docs/papr-pef.txt
> deleted file mode 100644
> index 72550e9bf8..0000000000
> --- a/docs/papr-pef.txt
> +++ /dev/null
> @@ -1,30 +0,0 @@
> -POWER (PAPR) Protected Execution Facility (PEF)
> -===============================================
> -
> -Protected Execution Facility (PEF), also known as Secure Guest support
> -is a feature found on IBM POWER9 and POWER10 processors.
> -
> -If a suitable firmware including an Ultravisor is installed, it adds
> -an extra memory protection mode to the CPU. The ultravisor manages a
> -pool of secure memory which cannot be accessed by the hypervisor.
> -
> -When this feature is enabled in QEMU, a guest can use ultracalls to
> -enter "secure mode". This transfers most of its memory to secure
> -memory, where it cannot be eavesdropped by a compromised hypervisor.
> -
> -Launching
> ----------
> -
> -To launch a guest which will be permitted to enter PEF secure mode:
> -
> -# ${QEMU} \
> - -object pef-guest,id=pef0 \
> - -machine confidential-guest-support=pef0 \
> - ...
> -
> -Live Migration
> -----------------
> -
> -Live migration is not yet implemented for PEF guests. For
> -consistency, we currently prevent migration if the PEF feature is
> -enabled, whether or not the guest has actually entered secure mode.
> diff --git a/docs/system/ppc/pseries.rst b/docs/system/ppc/pseries.rst
> index 72e315eff6..16394fa521 100644
> --- a/docs/system/ppc/pseries.rst
> +++ b/docs/system/ppc/pseries.rst
> @@ -230,6 +230,39 @@ nested. Combinations not shown in the table are not available.
>
> .. [3] Introduced on Power10 machines.
>
> +
> +POWER (PAPR) Protected Execution Facility (PEF)
> +-----------------------------------------------
> +
> +Protected Execution Facility (PEF), also known as Secure Guest support
> +is a feature found on IBM POWER9 and POWER10 processors.
> +
> +If a suitable firmware including an Ultravisor is installed, it adds
> +an extra memory protection mode to the CPU. The ultravisor manages a
> +pool of secure memory which cannot be accessed by the hypervisor.
> +
> +When this feature is enabled in QEMU, a guest can use ultracalls to
> +enter "secure mode". This transfers most of its memory to secure
> +memory, where it cannot be eavesdropped by a compromised hypervisor.
> +
> +Launching
> +^^^^^^^^^
> +
> +To launch a guest which will be permitted to enter PEF secure mode::
> +
> + $ qemu-system-ppc64 \
> + -object pef-guest,id=pef0 \
> + -machine confidential-guest-support=pef0 \
> + ...
> +
> +Live Migration
> +^^^^^^^^^^^^^^
> +
> +Live migration is not yet implemented for PEF guests. For
> +consistency, QEMU currently prevents migration if the PEF feature is
> +enabled, whether or not the guest has actually entered secure mode.
> +
> +
> Maintainer contact information
> ------------------------------
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] docs/system/ppc: Merge the PEF information into the pseries page
2022-01-05 10:32 [PATCH] docs/system/ppc: Merge the PEF information into the pseries page Thomas Huth
2022-01-05 12:52 ` Daniel Henrique Barboza
@ 2022-01-12 11:40 ` Cédric Le Goater
1 sibling, 0 replies; 3+ messages in thread
From: Cédric Le Goater @ 2022-01-12 11:40 UTC (permalink / raw)
To: Thomas Huth, Daniel Henrique Barboza, qemu-devel
Cc: Leonardo Garcia, qemu-ppc, Greg Kurz, David Gibson
On 1/5/22 11:32, Thomas Huth wrote:
> The Protected Execution Facility is only available with the pseries
> machine, so let's merge the old ASCII text into the new RST file now.
>
> Signed-off-by: Thomas Huth <thuth@redhat.com>
Applied to ppc7.0.
Thanks,
C.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-01-12 12:04 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-05 10:32 [PATCH] docs/system/ppc: Merge the PEF information into the pseries page Thomas Huth
2022-01-05 12:52 ` Daniel Henrique Barboza
2022-01-12 11:40 ` Cédric Le Goater
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.