Re: [RFC PATCH 5/7] hw/arm/virt: Add machine option 'mec'

Thu, 19 Mar 2026 10:29:09 -0700 

Hi Jonathan,

On 3/19/26 06:46, Jonathan Cameron wrote:

On Wed, 18 Mar 2026 23:23:33 -0300
Gustavo Romero <[email protected]> wrote:


Add new machine option 'mec' that enables and sets the memory used by
FEAT_MEC.

Signed-off-by: Gustavo Romero <[email protected]>


Drive by comments only. I'm curious enough to read the patches
but no idea if this is how people would like to see this implemented!


Thanks for taking a look at it and for you comments.
In which sense do you mean exactly? Do mind to elaborate a bit more on it? If it's about the whole implementation, would it be about not 
really encrypting data or something else? Please help me to understand it :)
I'm not sure if you're talking about just this patch or the whole FEAT_MEC design. 


Cheers,
Gustavo


Jonathan


  static void create_secure_ram(VirtMachineState *vms,
                                MemoryRegion *secure_sysmem,
                                MemoryRegion *secure_tag_sysmem)
@@ -2267,6 +2288,8 @@ static void machvirt_init(MachineState *machine)
      MemoryRegion *secure_sysmem = NULL;
      MemoryRegion *tag_sysmem = NULL;
      MemoryRegion *secure_tag_sysmem = NULL;
+    MemoryRegion *pseudo_encrypted_page = NULL;
+    MemoryRegion *tuple_memory = NULL;
      int n, virt_max_cpus;
      bool firmware_loaded;
      bool aarch64 = true;
@@ -2495,6 +2518,28 @@ static void machvirt_init(MachineState *machine)
              }
          }
+ if (vms->mec) { 
+            if (tcg_enabled()) {
+                if (tuple_memory == NULL) {
+                    /* XXX(gromero): Add object_property_find(cpuobj, 
"tuple-memory", ...) here. */
+
+                    tuple_memory = g_new(MemoryRegion, 1);
+                    memory_region_init(tuple_memory, OBJECT(machine), "mec", 
UINT64_MAX / 32);
+
+                    pseudo_encrypted_page = g_new(MemoryRegion, 1);
+                    memory_region_init(pseudo_encrypted_page, OBJECT(machine), 
"mec-page", 4 * 1024 /* 4 KiB */);
+                }
+
+                object_property_set_link(cpuobj, "mec",  OBJECT(tuple_memory), 
&error_abort);
+                object_property_set_link(cpuobj, "mec-page",  
OBJECT(pseudo_encrypted_page), &error_abort);

Trivial but some bonus spaces.


+
+                } else {


Indent seems off.


+                    /* Check for other accels here. */
+                    error_report("MEC requested, but not supported");
+                    exit(1);
+                }
+        }
+
          qdev_realize(DEVICE(cpuobj), NULL, &error_fatal);
          object_unref(cpuobj);
      }

Reply via email to