From: Dov Murik <dovmurik@linux.ibm.com>
To: qemu-devel@nongnu.org
Cc: Tom Lendacky <thomas.lendacky@amd.com>,
Ashish Kalra <ashish.kalra@amd.com>,
Brijesh Singh <brijesh.singh@amd.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
Steve Rutherford <srutherford@google.com>,
James Bottomley <jejb@linux.ibm.com>,
Juan Quintela <quintela@redhat.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
Dov Murik <dovmurik@linux.ibm.com>,
Hubertus Franke <frankeh@us.ibm.com>,
Tobin Feldman-Fitzthum <tobin@linux.ibm.com>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: [RFC PATCH v2 05/12] migration: Load confidential guest RAM using migration helper
Date: Mon, 23 Aug 2021 10:16:29 -0400 [thread overview]
Message-ID: <20210823141636.65975-6-dovmurik@linux.ibm.com> (raw)
In-Reply-To: <20210823141636.65975-1-dovmurik@linux.ibm.com>
When loading encrypted RAM pages of a confidential guest, ask the
in-guest migration helper to decrypt the incoming page and place it
correctly in the guest memory at the appropriate address. This way the
page's plaintext content remains inaccessible to the host.
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
---
migration/ram.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/migration/ram.c b/migration/ram.c
index a1f89445d4..2d5889f795 100644
--- a/migration/ram.c
+++ b/migration/ram.c
@@ -1250,6 +1250,7 @@ static int load_encrypted_data(QEMUFile *f, uint8_t *ptr)
cgs_class->memory_encryption_ops;
int flag;
+ hwaddr gpa;
flag = qemu_get_be32(f);
@@ -1257,6 +1258,12 @@ static int load_encrypted_data(QEMUFile *f, uint8_t *ptr)
return ops->load_incoming_page(f, ptr);
} else if (flag == RAM_SAVE_SHARED_REGIONS_LIST) {
return ops->load_incoming_shared_regions_list(f);
+ } else if (flag == RAM_SAVE_GUEST_MH_ENCRYPTED_PAGE) {
+ if (!kvm_physical_memory_addr_from_host(kvm_state, ptr, &gpa)) {
+ error_report("%s: failed to get gpa for host ptr %p", __func__, ptr);
+ return -EINVAL;
+ }
+ return cgs_mh_load_encrypted_page(f, gpa);
} else {
error_report("unknown encrypted flag %x", flag);
return 1;
@@ -3728,6 +3735,10 @@ void colo_release_ram_cache(void)
*/
static int ram_load_setup(QEMUFile *f, void *opaque)
{
+ if (confidential_guest()) {
+ cgs_mh_init();
+ }
+
if (compress_threads_load_setup(f)) {
return -1;
}
@@ -3754,6 +3765,10 @@ static int ram_load_cleanup(void *opaque)
rb->receivedmap = NULL;
}
+ if (confidential_guest()) {
+ cgs_mh_cleanup();
+ }
+
return 0;
}
@@ -4024,6 +4039,7 @@ void colo_flush_ram_cache(void)
static int ram_load_precopy(QEMUFile *f)
{
int flags = 0, ret = 0, invalid_flags = 0, len = 0, i = 0;
+
/* ADVISE is earlier, it shows the source has the postcopy capability on */
bool postcopy_advised = postcopy_is_advised();
if (!migrate_use_compression()) {
--
2.20.1
next prev parent reply other threads:[~2021-08-23 14:25 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-23 14:16 [RFC PATCH v2 00/12] Confidential guest-assisted live migration Dov Murik
2021-08-23 14:16 ` [RFC PATCH v2 01/12] migration: Add helpers to save confidential RAM Dov Murik
2021-08-23 14:16 ` [RFC PATCH v2 02/12] migration: Add helpers to load " Dov Murik
2021-08-23 14:16 ` [RFC PATCH v2 03/12] migration: Introduce gpa_inside_migration_helper_shared_area Dov Murik
2021-08-23 14:16 ` [RFC PATCH v2 04/12] migration: Save confidential guest RAM using migration helper Dov Murik
2021-08-23 14:16 ` Dov Murik [this message]
2021-08-23 14:16 ` [RFC PATCH v2 06/12] migration: Skip ROM, non-RAM, and vga.vram memory region during RAM migration Dov Murik
2021-08-23 14:16 ` [RFC PATCH v2 07/12] i386/kvm: Exclude mirror vcpu in kvm_synchronize_all_tsc Dov Murik
2021-08-23 14:16 ` [RFC PATCH v2 08/12] migration: Allow resetting the mirror vcpu to the MH entry point Dov Murik
2021-08-23 14:16 ` [RFC PATCH v2 09/12] migration: Add QMP command start-migration-handler Dov Murik
2021-08-23 14:16 ` [RFC PATCH v2 10/12] migration: Add start-migrate-incoming QMP command Dov Murik
2021-08-23 14:16 ` [RFC PATCH v2 11/12] hw/isa/lpc_ich9: Allow updating an already-running VM Dov Murik
2021-08-23 14:16 ` [RFC PATCH v2 12/12] docs: Add confidential guest live migration documentation Dov Murik
2023-09-05 9:46 ` [RFC PATCH v2 00/12] Confidential guest-assisted live migration Shameerali Kolothum Thodi via
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210823141636.65975-6-dovmurik@linux.ibm.com \
--to=dovmurik@linux.ibm.com \
--cc=ashish.kalra@amd.com \
--cc=brijesh.singh@amd.com \
--cc=dgilbert@redhat.com \
--cc=frankeh@us.ibm.com \
--cc=jejb@linux.ibm.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
--cc=srutherford@google.com \
--cc=thomas.lendacky@amd.com \
--cc=tobin@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.