Hello Paolo,
On Sat, Sep 26, 2020 at 02:02:20AM +0200, Paolo Bonzini wrote:
> On 26/09/20 01:48, Ashish Kalra wrote:
> > Thanks for your input, i have one additional query with reference to this support :
> >
> > For all explicitly unecrypted guest memory regions such as S/W IOTLB bounce buffers,
> > dma_decrypted() allocated regions and for guest regions marked as "__bss_decrypted",
> > we need to ensure that DBG_DECRYPT API calls are bypassed for such
> > regions and those regions are dumped as un-encrypted.
>
> Yes those would be a bit different as they would be physical memory
> accesses. Those currently go through address_space_read in memory_dump
> (monitor/misc.c), and would have to use the MemoryDebugOps instead.
> That is the place to hook into in order to read the KVM page encryption
> bitmap (which is not per-CPU, so another MemoryDebugOps entry
> get_phys_addr_attrs?); the MemTxAttrs can then be passed to the read
> function in the MemoryDebugOps.
>
Actually, currently we do this in sev_dbg_crypt() in KVM itself by
checking the page encryption bitmap and if it is an un-encrypted guest
memory region then returning the un-encrypted buffer read from user
back to it as it is.