On Fri, Mar 17, 2017 at 12:03:31PM +0100, Paolo Bonzini wrote:
> If it is possible to do it in a fairly hypervisor-independent manner,
> I'm all for it. That is, only by looking at AMD-specified CPUID leaves
> and at kernel ELF sections.
Not even that.
What that needs to be able to do is:
kvm_map_percpu_hv_shared(st, sizeof(*st)))
where st is the percpu steal time ptr:
struct kvm_steal_time *st = &per_cpu(steal_time, cpu);
Underneath, what it does basically is it clears the encryption mask from
the pte, see patch 16/32.
And I keep talking about SEV-ES because this is going to expand on the
need of having a shared memory region which the hypervisor and the guest
needs to access, thus unencrypted. See
http://support.amd.com/TechDocs/Protecting%20VM%20Register%20State%20with%20SEV-ES.pdf
This is where you come in and say what would be the best approach there...
--
Regards/Gruss,
Boris.
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284
(AG Nürnberg)
--
_______________________________________________
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
