On Fri, Jan 15, 2021 at 01:54:25PM +0100, Cornelia Huck wrote: > On Thu, 14 Jan 2021 10:58:01 +1100 > David Gibson <da...@gibson.dropbear.id.au> wrote: > > > When AMD's SEV memory encryption is in use, flash memory banks (which are > > initialed by pc_system_flash_map()) need to be encrypted with the guest's > > key, so that the guest can read them. > > > > That's abstracted via the kvm_memcrypt_encrypt_data() callback in the KVM > > state.. except, that it doesn't really abstract much at all. > > > > For starters, the only called is in code specific to the 'pc' family of > > s/called/call site/
Fixed, thanks. > > > machine types, so it's obviously specific to those and to x86 to begin > > with. But it makes a bunch of further assumptions that need not be true > > about an arbitrary confidential guest system based on memory encryption, > > let alone one based on other mechanisms: > > > > * it assumes that the flash memory is defined to be encrypted with the > > guest key, rather than being shared with hypervisor > > * it assumes that that hypervisor has some mechanism to encrypt data into > > the guest, even though it can't decrypt it out, since that's the whole > > point > > * the interface assumes that this encrypt can be done in place, which > > implies that the hypervisor can write into a confidential guests's > > memory, even if what it writes isn't meaningful > > > > So really, this "abstraction" is actually pretty specific to the way SEV > > works. So, this patch removes it and instead has the PC flash > > initialization code call into a SEV specific callback. > > > > Signed-off-by: David Gibson <da...@gibson.dropbear.id.au> > > --- > > accel/kvm/kvm-all.c | 31 ++----------------------------- > > accel/kvm/sev-stub.c | 9 ++------- > > accel/stubs/kvm-stub.c | 10 ---------- > > hw/i386/pc_sysfw.c | 17 ++++++----------- > > include/sysemu/kvm.h | 16 ---------------- > > include/sysemu/sev.h | 4 ++-- > > target/i386/sev-stub.c | 5 +++++ > > target/i386/sev.c | 24 ++++++++++++++---------- > > 8 files changed, 31 insertions(+), 85 deletions(-) > > Reviewed-by: Cornelia Huck <coh...@redhat.com> > -- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson
signature.asc
Description: PGP signature