On 16/03/2017 19:28, Borislav Petkov wrote: > So how hard would it be if the hypervisor allocated that memory for the > guest instead? It would allocate it decrypted and guest would need to > access it decrypted too. All in preparation for SEV-ES which will need a > block of unencrypted memory for the guest anyway...
The kvmclock memory is initially zero so there is no need for the hypervisor to allocate anything; the point of these patches is just to access the data in a natural way from Linux source code. I also don't really like the patch as is (plus it fails modpost), but IMO reusing __change_page_attr and __split_large_page is the right thing to do. Paolo -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
