[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[for-6.0 v5 08/13] securable guest memory: Introduce sgm "ready" flag
|
From: |
David Gibson |
|
Subject: |
[for-6.0 v5 08/13] securable guest memory: Introduce sgm "ready" flag |
|
Date: |
Fri, 4 Dec 2020 16:44:10 +1100 |
The platform specific details of mechanisms for implementing securable
guest memory may require setup at various points during initialization.
Thus, it's not really feasible to have a single sgm initialization hook,
but instead each mechanism needs its own initialization calls in arch or
machine specific code.
However, to make it harder to have a bug where a mechanism isn't properly
initialized under some circumstances, we want to have a common place,
relatively late in boot, where we verify that sgm has been initialized if
it was requested.
This patch introduces a ready flag to the SecurableGuestMemory base type
to accomplish this, which we verify just before the machine specific
initialization function.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
hw/core/machine.c | 8 ++++++++
include/exec/securable-guest-memory.h | 2 ++
target/i386/sev.c | 2 ++
3 files changed, 12 insertions(+)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 816ea3ae3e..a67a27d03c 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -1155,6 +1155,14 @@ void machine_run_board_init(MachineState *machine)
}
if (machine->sgm) {
+ /*
+ * Where securable guest memory is initialized depends on the
+ * specific mechanism in use. But, we need to make sure it's
+ * ready by now. If it isn't, that's a bug in the
+ * implementation of that sgm mechanism.
+ */
+ assert(machine->sgm->ready);
+
/*
* With securable guest memory, the host can't see the real
* contents of RAM, so there's no point in it trying to merge
diff --git a/include/exec/securable-guest-memory.h
b/include/exec/securable-guest-memory.h
index 7325b504ba..20cf13777b 100644
--- a/include/exec/securable-guest-memory.h
+++ b/include/exec/securable-guest-memory.h
@@ -36,6 +36,8 @@
struct SecurableGuestMemory {
Object parent;
+
+ bool ready;
};
typedef struct SecurableGuestMemoryClass {
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 7333a60dc0..022ce5fc3a 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -701,6 +701,8 @@ int sev_kvm_init(SecurableGuestMemory *sgm, Error **errp)
qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
qemu_add_vm_change_state_handler(sev_vm_state_change, sev);
+ sgm->ready = true;
+
return 0;
err:
sev_guest = NULL;
--
2.28.0
- [for-6.0 v5 00/13] Generalize memory encryption models, David Gibson, 2020/12/04
- [for-6.0 v5 04/13] securable guest memory: Move side effect out of machine_set_memory_encryption(), David Gibson, 2020/12/04
- [for-6.0 v5 02/13] securable guest memory: Introduce new securable guest memory base class, David Gibson, 2020/12/04
- [for-6.0 v5 01/13] qom: Allow optional sugar props, David Gibson, 2020/12/04
- [for-6.0 v5 03/13] securable guest memory: Handle memory encryption via interface, David Gibson, 2020/12/04
- [for-6.0 v5 08/13] securable guest memory: Introduce sgm "ready" flag,
David Gibson <=
- [for-6.0 v5 06/13] securable guest memory: Decouple kvm_memcrypt_*() helpers from KVM, David Gibson, 2020/12/04
- [for-6.0 v5 11/13] spapr: PEF: prevent migration, David Gibson, 2020/12/04