[PATCH v3 29/49] i386/sev: Don't disable block discarding for SNP

Wed, 20 Mar 2024 01:49:10 -0700 

SEV/SEV-ES rely on pinned memory to back guest RAM so discarding
isn't actually possible. With SNP, only guest_memfd pages are used
for private guest memory, so discarding of shared memory is still
possible, so only disable discard for SEV/SEV-ES.

Signed-off-by: Michael Roth <michael.r...@amd.com>
---
 target/i386/sev.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/target/i386/sev.c b/target/i386/sev.c
index 134e8f7c22..43e6c0172f 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -888,10 +888,18 @@ static int sev_kvm_init(ConfidentialGuestSupport *cgs, 
Error **errp)
     uint32_t host_cbitpos;
     struct sev_user_data_status status = {};
 
-    ret = ram_block_discard_disable(true);
-    if (ret) {
-        error_report("%s: cannot disable RAM discard", __func__);
-        return -1;
+    /*
+     * SEV/SEV-ES rely on pinned memory to back guest RAM so discarding
+     * isn't actually possible. With SNP, only guest_memfd pages are used
+     * for private guest memory, so discarding of shared memory is still
+     * possible..
+     */
+    if (!sev_snp_enabled()) {
+        ret = ram_block_discard_disable(true);
+        if (ret) {
+            error_report("%s: cannot disable RAM discard", __func__);
+            return -1;
+        }
     }
 
     sev_common->state = SEV_STATE_UNINIT;
-- 
2.25.1

Reply via email to