From: Jinhao Gao
When VM migrate VMState of spapr_pci, the field(msi_devs) of spapr_pci
having a flag of VMS_ALLOC need to allocate memory. If the src doesn't free
memory of msi_devs in SaveStateEntry of spapr_pci after QEMUFile save
VMState of spapr_pci, it may result in memory leak of msi_devs.
* Dr. David Alan Gilbert (dgilb...@redhat.com) wrote:
> * Jinhao Gao (gaojin...@huawei.com) wrote:
> > Some memory allocated for fields having a flag of VMS_ALLOC in SaveState
> > may not free before VM load vmsd in migration. So we pre-free memory before
> > allocation in vmstate_handle_alloc() to
Hi Doug,
On 2/3/21 10:37 PM, dje--- via wrote:
> ... in preparation for adding ipv6 host forwarding support.
Please duplicate subject line, else this commit description as it
doesn't make sense.
> ---
> net/slirp.c | 200 +---
> slirp | 2
While it is important we chase down the symlinks to copy the correct
data we can confuse the kernel by renaming the interpreter to what is
in the binary. Extend _copy_with_mkdir to preserve the original name
of the file when asked.
Fixes: 5e33f7fead ("tests/docker: better handle symlinked libs")
S
* Peter Maydell (peter.mayd...@linaro.org) wrote:
> On Thu, 4 Feb 2021 at 17:16, Dr. David Alan Gilbert (git)
> wrote:
> >
> > From: "Dr. David Alan Gilbert"
> >
> > The following changes since commit 1ba089f2255bfdb071be3ce6ac6c3069e8012179:
> >
> > Merge remote-tracking branch 'remotes/armbru
* Stefan Reiter (s.rei...@proxmox.com) wrote:
> Postcopy may also be advised for dirty-bitmap migration only, in which
> case the remote page size will not be available and we'll instead read
> bogus data, blocking migration with a mismatch error if the VM uses
> hugepages.
>
> Fixes: 58110f0acb (
Depending on the linker/ldd setup we might get a file with no path.
Typically this is the psuedo library linux-vdso.so which doesn't
actually exist on the disk. Rather than try and catch these distro
specific edge cases just shout about it and try and continue.
Signed-off-by: Alex Bennée
Tested-b
On Thu, 4 Feb 2021 at 16:08, Thomas Huth wrote:
>
> On 22/01/2021 21.32, Peter Maydell wrote:
> > Hi; I've been looking at why the s390 cdrom test has an intermittent
> > failure on my aarch64 box. Looking at some TCG debug log output
> > I think what is happening is that sometimes execution diver
On 2/8/21 11:09 AM, Thomas Huth wrote:
> On 08/02/2021 10.16, Philippe Mathieu-Daudé wrote:
>> Hi Thomas,
>>
>> On 2/8/21 6:54 AM, Thomas Huth wrote:
>>> On 06/02/2021 21.05, Philippe Mathieu-Daudé wrote:
Travis-CI seems to have enforced memory limit on containers,
and the 'GCC check-tcg'
On 08/02/2021 10.16, Philippe Mathieu-Daudé wrote:
Hi Thomas,
On 2/8/21 6:54 AM, Thomas Huth wrote:
On 06/02/2021 21.05, Philippe Mathieu-Daudé wrote:
Travis-CI seems to have enforced memory limit on containers,
and the 'GCC check-tcg' job started to fail [*]:
[2041/3679] Compiling C++ ob
On 1/28/21 8:04 AM, Cédric Le Goater wrote:
> Hello Bin,
>
> On 1/28/21 7:43 AM, Bin Meng wrote:
>> From: Bin Meng
>>
>> These APIs and macros may be referenced by functions that are
>> currently before them. Move them ahead a little bit.
>
> We could also change fprintf() by qemu_log_mask()
Hm
On 08-02-2021 09:25, Klaus Jensen wrote:
> The Zone Append Size Limit (ZASL) must be at least 4096 bytes, so
> improve the user experience by adding an early parameter check in
> nvme_check_constraints.
I have confirmed this and it works for me, I don't think I am actually
qualified or understand
On 02/08/21 06:34, schspa wrote:
> On Fri, 2021-02-05 at 15:08 +0100, Edgar E. Iglesias wrote:
>> Thanks, that matches how I thought things should work.
>>
>> I wonder if virtio_mmio_bus_get_dev_path() really should be peeking
>> into
>> Sysbus internals mmio[].addr?
>>
> I think mmio[].addr needs
On Fri, 2021-02-05 at 15:08 +0100, Edgar E. Iglesias wrote:
> Thanks, that matches how I thought things should work.
>
> I wonder if virtio_mmio_bus_get_dev_path() really should be peeking
> into
> Sysbus internals mmio[].addr?
>
I think mmio[].addr needs to be given a meaningful value even if we
On 1/28/21 7:43 AM, Bin Meng wrote:
> From: Bin Meng
>
> For high capacity memory cards, the erase start address and end
> address are multiplied by 512, but the address check is still
> based on the original block number in sd->erase_{start, end}.
Oops, good catch.
Reviewed-by: Philippe Mathie
On 02/02/21 14:21, P J P wrote:
From: Prasad J Pandit
While processing SCSI i/o requests in mptsas_process_scsi_io_request(),
the Megaraid emulator appends new MPTSASRequest object 'req' to
the 's->pending' queue. In case of an error, this same object gets
dequeued in mptsas_free_request() only
On 1/28/21 7:43 AM, Bin Meng wrote:
> From: Bin Meng
>
> At present the sd_erase() does not erase the requested range of card
> data to 0xFFs. Let's make the erase operation actually happen.
>
> Signed-off-by: Bin Meng
>
> ---
>
> hw/sd/sd.c | 9 +
> 1 file changed, 9 insertions(+)
>
On Fri, Feb 05, 2021 at 12:57:05PM -0600, Eric Blake wrote:
> Our default of a backlog of 1 connection is rather puny, particularly
> for scenarios where we expect multiple listeners to connect (such as
> qemu-nbd -e X). This is especially important for Unix sockets, as a
> definite benefit to cli
From: Daniel P. Berrangé
The traditional HMP "savevm" command will overwrite an existing snapshot
if it already exists with the requested name. This new flag allows this
to be controlled allowing for safer behaviour with a future QMP command.
Reviewed-by: Eric Blake
Signed-off-by: Daniel P. Ber
* Paolo Bonzini (pbonz...@redhat.com) wrote:
> On 05/02/21 12:37, Daniel P. Berrangé wrote:
> > On Fri, Feb 05, 2021 at 11:58:26AM +0100, Paolo Bonzini wrote:
> > > On 05/02/21 10:51, Daniel P. Berrangé wrote:
> > > > > +if (!pc_system_ovmf_table_find(SEV_SECRET_GUID, &data,
> > > > > NULL
On 2/8/21 10:27 AM, Stefan Hajnoczi wrote:
> On Sat, Feb 06, 2021 at 05:03:20PM +, Peter Maydell wrote:
>> On Fri, 5 Feb 2021 at 22:53, Peter Maydell wrote:
>>>
>>> On Fri, 5 Feb 2021 at 16:45, Stefan Hajnoczi wrote:
The following changes since commit
e2c5093c993ef646e4e28f7aa
From: "Dr. David Alan Gilbert"
Modify query-migrate so that it has a flag indicating if outbound
migration is blocked, and if it is a list of reasons.
Signed-off-by: Dr. David Alan Gilbert
Message-Id: <20210202135522.127380-2-dgilb...@redhat.com>
Reviewed-by: Eric Blake
Reviewed-by: Peter Xu
05.02.2021 19:26, Kevin Wolf wrote:
Am 27.11.2020 um 15:45 hat Vladimir Sementsov-Ogievskiy geschrieben:
Split out no-perm part of bdrv_set_backing_hd() as a separate
transaction action. Note the in case of existing BdrvChild we reuse it,
not recreate, just to do less actions.
Signed-off-by: Vl
On Sat, Feb 06, 2021 at 05:03:20PM +, Peter Maydell wrote:
> On Fri, 5 Feb 2021 at 22:53, Peter Maydell wrote:
> >
> > On Fri, 5 Feb 2021 at 16:45, Stefan Hajnoczi wrote:
> > >
> > > The following changes since commit
> > > e2c5093c993ef646e4e28f7aa78429853bcc06ac:
> > >
> > > iotests: 30:
On Thu, Feb 04, 2021 at 07:09:48PM +0200, Andrew Melnychenko wrote:
> From: Andrew
>
> Added function that loads RSS eBPF program.
> Added stub functions for RSS eBPF loader.
> Added meson and configuration options.
>
> By default, eBPF feature enabled if libbpf is present in the build system.
>
From: Andrey Gruzdev
Introducing implementation of 'background' snapshot thread
which in overall follows the logic of precopy migration
while internally utilizes completely different mechanism
to 'freeze' vmstate at the start of snapshot creation.
This mechanism is based on userfault_fd with wr-
From: Bin Meng
There are several bits in L2CSR0 (exists in the e500mc/e5500/e6500
core) that should be self-cleared when written:
- L2FI (L2 cache flash invalidate)
- L2FL (L2 cache flush)
- L2LFC (L2 cache lock flash clear)
Add a write helper to emulate this behavior.
Signed-off-by: Bin Men
+Eduardo/Richard.
On 2/7/21 8:43 PM, Peter Maydell wrote:
> On Sun, 7 Feb 2021 at 17:10, Philippe Mathieu-Daudé wrote:
>>
>> On 10/22/20 2:08 PM, Peter Maydell wrote:
>>> Commit ef96e3ae9698d6 in January 2019 removed the last user of the
>>> VMSTATE_FLOAT64* macros. These were used by targets whi
From: Andrey Gruzdev
In this particular implementation the same single migration
thread is responsible for both normal linear dirty page
migration and procesing UFFD page fault events.
Processing write faults includes reading UFFD file descriptor,
finding respective RAM block and saving faulting
On Feb 8 10:03, Philippe Mathieu-Daudé wrote:
> Hi Dmitry, Klaus.
>
> On 2/8/21 1:32 AM, Dmitry Fomichev wrote:
> > Implicitly and Explicitly Open zones can be closed by Close Zone
> > management function. This got broken by a recent commit and now such
> > commands fail with Invalid Zone State T
On 08/02/21 10:20, Peter Maydell wrote:
+
+if get_option('tcg_interpreter')
+ libffi = dependency('libffi', version: '>=3.0',
+ static: enable_static, method: 'pkg-config',
+ required: true)
+ specific_ss.add(libffi)
+ specific_ss.add(files('tcg/tci.c'
From: Andrey Gruzdev
Glue code to the userfaultfd kernel implementation.
Querying feature support, createing file descriptor, feature control,
memory region registration, IOCTLs on registered registered regions.
Signed-off-by: Andrey Gruzdev
Reviewed-by: Peter Xu
Message-Id: <20210129101407.10
From: Andrey Gruzdev
Add new capability to 'qapi/migration.json' schema.
Update migrate_caps_check() to validate enabled capability set
against introduced one. Perform checks for required kernel features
and compatibility with guest memory backends.
Signed-off-by: Andrey Gruzdev
Reviewed-by: Pe
On Sun, 7 Feb 2021 at 20:12, Richard Henderson
wrote:
>
> On 2/7/21 11:52 AM, Peter Maydell wrote:
> > On Sun, 7 Feb 2021 at 17:41, Richard Henderson
> > wrote:
> >>
> >> On 2/7/21 8:25 AM, Stefan Weil wrote:
> +#include "qemu-common.h"
> +#include "tcg/tcg.h" /* MAX_OPC_PARAM
On Feb 8 10:15, i...@dantalion.nl wrote:
> On 08-02-2021 09:25, Klaus Jensen wrote:
> > The Zone Append Size Limit (ZASL) must be at least 4096 bytes, so
> > improve the user experience by adding an early parameter check in
> > nvme_check_constraints.
>
> I have confirmed this and it works for me
From: Klaus Jensen
The Zone Append Size Limit (ZASL) must be at least 4096 bytes, so
improve the user experience by adding an early parameter check in
nvme_check_constraints.
When ZASL is still too small due to the host configuring the device for
an even larger page size, convert the trace point
On 2/3/21 6:23 PM, Cleber Rosa wrote:
> Which is useful to select tests that depend/use a particular feature.
Is that a question?
Why keep this last in your series?
> Signed-off-by: Cleber Rosa
> ---
> tests/acceptance/virtiofs_submounts.py | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --g
On Feb 8 10:03, Philippe Mathieu-Daudé wrote:
> Hi Dmitry, Klaus.
>
> On 2/8/21 1:32 AM, Dmitry Fomichev wrote:
> > Implicitly and Explicitly Open zones can be closed by Close Zone
> > management function. This got broken by a recent commit and now such
> > commands fail with Invalid Zone State T
Hi Thomas,
On 2/8/21 6:54 AM, Thomas Huth wrote:
> On 06/02/2021 21.05, Philippe Mathieu-Daudé wrote:
>> Travis-CI seems to have enforced memory limit on containers,
>> and the 'GCC check-tcg' job started to fail [*]:
>>
>> [2041/3679] Compiling C++ object libcommon.fa.p/disas_nanomips.cpp.o
>>
On 2/3/21 6:23 PM, Cleber Rosa wrote:
> AFAICT, there should not be a situation where IP and port do not have
> at least one whitespace character separating them.
>
> This may be true for other '\s*' patterns in the same regex too.
>
> Signed-off-by: Cleber Rosa
> ---
> tests/acceptance/virtiof
On Sat, Feb 06, 2021 at 01:39:55PM +0100, Laurent Vivier wrote:
failover_add_primary() calls qdev_device_add() and doesn't unref
the device. Because of that, when the device is unplugged a reference
is remaining and prevents the cleanup of the object.
This prevents to be able to plugin back the
On Mon, 8 Feb 2021 at 09:32, Philippe Mathieu-Daudé wrote:
>
> +Eduardo/Richard.
>
> On 2/7/21 8:43 PM, Peter Maydell wrote:
> > On Sun, 7 Feb 2021 at 17:10, Philippe Mathieu-Daudé wrote:
> >>
> >> On 10/22/20 2:08 PM, Peter Maydell wrote:
> >>> Commit ef96e3ae9698d6 in January 2019 removed the l
Enable FEAT_DIT for the "max" 32-bit CPU.
Signed-off-by: Rebecca Cran
Reviewed-by: Richard Henderson
---
target/arm/cpu.c | 4
1 file changed, 4 insertions(+)
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 8ddb2556f8cf..5cf6c056c50f 100644
--- a/target/arm/cpu.c
+++ b/target/arm/c
Public bug reported:
This is latest release QEMU-5.2.0 on Arch Linux running kernel 5.10.13,
latest OVMF etc.
I'm seeing the following crash when loading an audio driver from the
OpenCore[1] project in the UEFI shell:
KVM internal error. Suberror: 1
emulation failure
RAX= RBX=000
On Sat, Feb 06, 2021 at 01:39:54PM +0100, Laurent Vivier wrote:
Commit a1190ab628 has added a "allow_unplug_during_migration = true" at
the end of the main "if" block, so it is not needed to set it anymore
in the previous checking.
Remove it, to have only sub-ifs that check for needed conditions
Add support for FEAT_DIT. DIT (Data Independent Timing) is a required
feature for ARMv8.4. Since virtual machine execution is largely
nondeterministic and TCG is outside of the security domain, it's
implemented as a NOP.
Signed-off-by: Rebecca Cran
Reviewed-by: Richard Henderson
---
target/arm/
On 27.01.21 13:45, Michael S. Tsirkin wrote:
On Thu, Jan 21, 2021 at 12:05:29PM +0100, David Hildenbrand wrote:
A virtio-mem device manages a memory region in guest physical address
space, represented as a single (currently large) memory region in QEMU,
mapped into system memory address space. B
On Thu, Feb 04, 2021 at 07:09:49PM +0200, Andrew Melnychenko wrote:
> From: Andrew
>
> When RSS is enabled the device tries to load the eBPF program
> to select RX virtqueue in the TUN. If eBPF can be loaded
> the RSS will function also with vhost (works with kernel 5.8 and later).
> Software RSS
From: Bin Meng
As of today both slirp and tap networking do not pad short frames
(e.g.: an ARP packet) to the minimum frame size of 60 bytes.
If eTSEC is programmed to reject short frames, ARP requests will be
dropped, preventing the guest from becoming visible on the network.
The same issue wa
Hi Dmitry, Klaus.
On 2/8/21 1:32 AM, Dmitry Fomichev wrote:
> Implicitly and Explicitly Open zones can be closed by Close Zone
> management function. This got broken by a recent commit and now such
> commands fail with Invalid Zone State Transition status.
>
> Modify nvm_zrm_close() function to m
On 2/7/21 10:56 PM, Rebecca Cran wrote:
> cpsr has been treated as being the same as spsr, but it isn't.
> Since PSTATE_SS isn't in cpsr, remove it and move it into env->pstate.
>
> This allows us to add support for CPSR_DIT, adding helper functions
> to merge SPSR_ELx to and from CPSR.
>
> Signe
On Feb 8 00:13, Dmitry Fomichev wrote:
> On Tue, 2021-01-26 at 13:15 +0100, Klaus Jensen wrote:
> > From: Klaus Jensen
> >
> > Firstly, if zoned.max_active is non-zero, zoned.max_open must be less
> > than or equal to zoned.max_active.
> >
> > Secondly, if only zones.max_active is set, we have
Philippe Mathieu-Daudé writes:
> Refactor debug code as tlb_assert_iotlb_entry_for_ptr_present() helper.
>
> Signed-off-by: Philippe Mathieu-Daudé
> ---
> What this code does is out of my league, but refactoring it allow
> keeping tlb_addr_write() local to accel/tcg/cputlb.c in the next
> patc
> From: Peter Xu
> Sent: Sunday, February 7, 2021 10:47 PM
>
> Hi, Kevin,
>
> On Sun, Feb 07, 2021 at 09:04:55AM +, Tian, Kevin wrote:
> > > From: Peter Xu
> > > Sent: Friday, February 5, 2021 11:31 PM
> > >
> > > > >
> > > > >
> > > > >> or virtio-iommu
> > > > >> since dev-iotlb (or PCIe A
** Changed in: qemu
Status: New => Fix Released
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1861946
Title:
qemu-4.2.0 qemu-system-i386 not receive scancode 86 of spanish
keyboard (ascii
cpsr has been treated as being the same as spsr, but it isn't.
Since PSTATE_SS isn't in cpsr, remove it and move it into env->pstate.
This allows us to add support for CPSR_DIT, adding helper functions
to merge SPSR_ELx to and from CPSR.
Signed-off-by: Rebecca Cran
---
target/arm/helper-a64.c |
We haven't yet implemented the fairly involved handshaking that will be
needed to migrate PEF protected guests. For now, just use a migration
blocker so we get a meaningful error if someone attempts this (this is the
same approach used by AMD SEV).
Signed-off-by: David Gibson
Reviewed-by: Dr. Da
The default behaviour for virtio devices is not to use the platforms normal
DMA paths, but instead to use the fact that it's running in a hypervisor
to directly access guest memory. That doesn't work if the guest's memory
is protected from hypervisor access, such as with AMD's SEV or POWER's PEF.
The platform specific details of mechanisms for implementing
confidential guest support may require setup at various points during
initialization. Thus, it's not really feasible to have a single cgs
initialization hook, but instead each mechanism needs its own
initialization calls in arch or machi
On Tue, Jan 19, 2021 at 12:40:31PM +0530, Shivaprasad G Bhat wrote:
> Thanks for the comments!
>
>
> On 12/28/20 2:08 PM, David Gibson wrote:
>
> > On Mon, Dec 21, 2020 at 01:08:53PM +0100, Greg Kurz wrote:
> ...
> > > The overall idea looks good but I think you should consider using
> > > a thr
On 05/02/2021 21.15, John Snow wrote:
On 2/5/21 1:37 AM, Thomas Huth wrote:
On 05/02/2021 01.40, John Snow wrote:
On 2/3/21 12:18 PM, Thomas Huth wrote:
This was only required for the pc-1.0 and earlier machine types.
Now that these have been removed, we can also drop the corresponding
code fr
This allows failures to be reported richly and idiomatically.
Signed-off-by: David Gibson
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
Reviewed-by: Cornelia Huck
---
accel/kvm/kvm-all.c | 4 +++-
accel/kvm/sev-stub.c | 2 +-
include/sysemu/sev.h | 2 +-
target/i386/s
While we've abstracted some (potential) differences between mechanisms for
securing guest memory, the initialization is still specific to SEV. Given
that, move it into x86's kvm_arch_init() code, rather than the generic
kvm_init() code.
Signed-off-by: David Gibson
Reviewed-by: Cornelia Huck
Rev
Add support for FEAT_DIT. DIT (Data Independent Timing) is a required
feature for ARMv8.4.
Changes from v4 to v5:
o Addressed review feedback.
Rebecca Cran (4):
target/arm: Add support for FEAT_DIT, Data Independent Timing
target/arm: Support AA32 DIT by moving PSTATE_SS from cpsr into
On Feb 8 09:32, Dmitry Fomichev wrote:
> Implicitly and Explicitly Open zones can be closed by Close Zone
> management function. This got broken by a recent commit and now such
> commands fail with Invalid Zone State Transition status.
>
> Modify nvm_zrm_close() function to make Close Zone work c
Now that we've implemented a generic machine option for configuring various
confidential guest support mechanisms:
1. Update docs/amd-memory-encryption.txt to reference this rather than
the earlier SEV specific option
2. Add a docs/confidential-guest-support.txt to cover the generalities o
Currently the "memory-encryption" property is only looked at once we
get to kvm_init(). Although protection of guest memory from the
hypervisor isn't something that could really ever work with TCG, it's
not conceptually tied to the KVM accelerator.
In addition, the way the string property is reso
Enable FEAT_DIT for the "max" AARCH64 CPU.
Signed-off-by: Rebecca Cran
Reviewed-by: Richard Henderson
---
target/arm/cpu64.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index 10c51181767d..c255f1bcc393 100644
--- a/target/arm/cpu64.c
+++ b/ta
Several architectures have mechanisms which are designed to protect
guest memory from interference or eavesdropping by a compromised
hypervisor. AMD SEV does this with in-chip memory encryption and
Intel's TDX can do similar things. POWER's Protected Execution
Framework (PEF) accomplishes a simil
When the "memory-encryption" property is set, we also disable KSM
merging for the guest, since it won't accomplish anything.
We want that, but doing it in the property set function itself is
thereoretically incorrect, in the unlikely event of some configuration
environment that set the property th
On 2/3/21 10:19 AM, Richard Henderson wrote:
On 2/2/21 6:58 PM, Rebecca Cran wrote:
@@ -9433,8 +9448,9 @@ static void take_aarch32_exception(CPUARMState *env, int
new_mode,
* For exceptions taken to AArch32 we must clear the SS bit in both
* PSTATE and in the old-state value we sa
Some upcoming POWER machines have a system called PEF (Protected
Execution Facility) which uses a small ultravisor to allow guests to
run in a way that they can't be eavesdropped by the hypervisor. The
effect is roughly similar to AMD SEV, although the mechanisms are
quite different.
Most of the
When AMD's SEV memory encryption is in use, flash memory banks (which are
initialed by pc_system_flash_map()) need to be encrypted with the guest's
key, so that the guest can read them.
That's abstracted via the kvm_memcrypt_encrypt_data() callback in the KVM
state.. except, that it doesn't really
We haven't yet implemented the fairly involved handshaking that will be
needed to migrate PEF protected guests. For now, just use a migration
blocker so we get a meaningful error if someone attempts this (this is the
same approach used by AMD SEV).
Signed-off-by: David Gibson
Reviewed-by: Dr. Da
As of today both slirp and tap networking do not pad short frames
(e.g.: an ARP packet) to the minimum frame size of 60 bytes.
If eTSEC is programmed to reject short frames, ARP requests will be
dropped, preventing the guest from becoming visible on the network.
The same issue was reported on e10
The following changes since commit 5b19cb63d9dfda41b412373b8c9fe14641bcab60:
Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-tcg-20210205' in=
to staging (2021-02-05 22:59:12 +)
are available in the Git repository at:
https://gitlab.com/dgibson/qemu.git tags/cgs-pull-request
From: Greg Kurz
Global properties have an @optional field, which allows to apply a given
property to a given type even if one of its subclasses doesn't support
it. This is especially used in the compat code when dealing with the
"disable-modern" and "disable-legacy" properties and the "virtio-pci
Now that we've implemented a generic machine option for configuring various
confidential guest support mechanisms:
1. Update docs/amd-memory-encryption.txt to reference this rather than
the earlier SEV specific option
2. Add a docs/confidential-guest-support.txt to cover the generalities o
On Wed, Jan 06, 2021 at 07:15:36PM +0100, Greg Kurz wrote:
> On Mon, 28 Dec 2020 19:28:39 +1100
> David Gibson wrote:
>
> > On Fri, Dec 18, 2020 at 11:34:00AM +0100, Greg Kurz wrote:
> > > Modeling DR connectors as individual devices raises some
> > > concerns, as already discussed a year ago in
Some upcoming POWER machines have a system called PEF (Protected
Execution Facility) which uses a small ultravisor to allow guests to
run in a way that they can't be eavesdropped by the hypervisor. The
effect is roughly similar to AMD SEV, although the mechanisms are
quite different.
Most of the
While we've abstracted some (potential) differences between mechanisms for
securing guest memory, the initialization is still specific to SEV. Given
that, move it into x86's kvm_arch_init() code, rather than the generic
kvm_init() code.
Signed-off-by: David Gibson
Reviewed-by: Cornelia Huck
Rev
Currently the "memory-encryption" property is only looked at once we
get to kvm_init(). Although protection of guest memory from the
hypervisor isn't something that could really ever work with TCG, it's
not conceptually tied to the KVM accelerator.
In addition, the way the string property is reso
Patchew URL:
https://patchew.org/QEMU/1612763186-18161-1-git-send-email-tsimp...@quicinc.com/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Type: series
Message-id: 1612763186-18161-1-git-send-email-tsimp...@quicinc.com
Subject: [PATCH v8 00/
The platform specific details of mechanisms for implementing
confidential guest support may require setup at various points during
initialization. Thus, it's not really feasible to have a single cgs
initialization hook, but instead each mechanism needs its own
initialization calls in arch or machi
401 - 484 of 484 matches
Mail list logo
