[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[RFC][PATCH v1 00/10] Enable encrypted guest memory access in QEMU
From: |
Ashish Kalra |
Subject: |
[RFC][PATCH v1 00/10] Enable encrypted guest memory access in QEMU |
Date: |
Thu, 2 Sep 2021 14:04:33 +0000 |
> - We introduce another new vm level ioctl focus on the encrypted
> guest memory accessing:
>
> KVM_MEMORY_ENCRYPT_{READ,WRITE}_MEMORY
>
> struct kvm_rw_memory rw;
> rw.addr = gpa_OR_hva;
> rw.buf = (__u64)src;
> rw.len = len;
> kvm_vm_ioctl(kvm_state,
> KVM_MEMORY_ENCRYPT_{READ,WRITE}_MEMORY,
> &rw);
>
> This new ioctl has more neutral and general name for its
> purpose, the debugging support of AMD SEV and INTEL TDX
> can be covered by a unify QEMU implementation on x86 with this
> ioctl. Although only INTEL TD guest is supported in this series,
> AMD SEV could be also supported with implementation of this
> ioctl in KVM, plus small modifications in QEMU to enable the
> unify part.
A general comment, we have sev_ioctl() interface for SEV guests and
probably this new vm level ioctl will not work for us.
It probably makes more sense to do this TDX/SEV level abstraction
using the Memory Region's ram_debug_ops, which can point these to
TDX specific vm level ioctl and SEV specific ioctl at the lowest
level of this interface.
Thanks,
Ashish
- [RFC][PATCH v1 00/10] Enable encrypted guest memory access in QEMU,
Ashish Kalra <=