On 19.03.20 12:55, Janosch Frank wrote:
> On 3/19/20 12:08 PM, Cornelia Huck wrote:
>> On Wed, 18 Mar 2020 10:30:34 -0400
>> Janosch Frank <fran...@linux.ibm.com> wrote:
>>
>>> The unpack facility provides the means to setup a protected guest. A
>>> protected guest cannot be introspected by the hypervisor or any
>>> user/administrator of the machine it is running on.
>>>
>>> Protected guests are encrypted at rest and need a special boot
>>> mechanism via diag308 subcode 8 and 10.
>>>
>>> Code 8 sets the PV specific IPLB which is retained separately from
>>> those set via code 5.
>>>
>>> Code 10 is used to unpack the VM into protected memory, verify its
>>> integrity and start it.
>>>
>>> Signed-off-by: Janosch Frank <fran...@linux.ibm.com>
>>> Co-developed-by: Christian Borntraeger <borntrae...@de.ibm.com> [Changes
>>> to machine]
>>> Reviewed-by: David Hildenbrand <da...@redhat.com>
>>> Reviewed-by: Claudio Imbrenda <imbre...@linux.ibm.com>
>>> ---
>>> hw/s390x/Makefile.objs | 1 +
>>> hw/s390x/ipl.c | 59 +++++++++++++-
>>> hw/s390x/ipl.h | 91 ++++++++++++++++++++-
>>> hw/s390x/pv.c | 98 +++++++++++++++++++++++
>>
>> More of an aside: In MAINTAINERS, this new file will be covered by the
>> general s390x section, the tcg section, and the s390-ccw-virtio machine
>> section, but not by the kvm section. Do we want to tweak that?
>
> @Christian?
Yes, pv.c should be covered by the KVM section.
