672f70aa3d
Update to 2.11.1, plus a few other fixes. OBS-URL: https://build.opensuse.org/request/show/579209 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=392
87 lines
3.0 KiB
Diff
87 lines
3.0 KiB
Diff
From 969964dd7f15ac507887f58fccbb2623110bd8f6 Mon Sep 17 00:00:00 2001
|
|
From: Brijesh Singh <brijesh.singh@amd.com>
|
|
Date: Thu, 15 Feb 2018 09:03:20 -0600
|
|
Subject: [PATCH] machine: add -memory-encryption property
|
|
|
|
When CPU supports memory encryption feature, the property can be used to
|
|
specify the encryption object to use when launching an encrypted guest.
|
|
|
|
Cc: Paolo Bonzini <pbonzini@redhat.com>
|
|
Cc: Eduardo Habkost <ehabkost@redhat.com>
|
|
Cc: Marcel Apfelbaum <marcel@redhat.com>
|
|
Cc: Stefan Hajnoczi <stefanha@gmail.com>
|
|
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
|
|
[BR: FATE#322124]
|
|
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
|
---
|
|
hw/core/machine.c | 22 ++++++++++++++++++++++
|
|
include/hw/boards.h | 1 +
|
|
qemu-options.hx | 2 ++
|
|
3 files changed, 25 insertions(+)
|
|
|
|
diff --git a/hw/core/machine.c b/hw/core/machine.c
|
|
index 36c2fb069c..132c57bc51 100644
|
|
--- a/hw/core/machine.c
|
|
+++ b/hw/core/machine.c
|
|
@@ -335,6 +335,22 @@ static bool machine_get_enforce_config_section(Object *obj, Error **errp)
|
|
return ms->enforce_config_section;
|
|
}
|
|
|
|
+static char *machine_get_memory_encryption(Object *obj, Error **errp)
|
|
+{
|
|
+ MachineState *ms = MACHINE(obj);
|
|
+
|
|
+ return g_strdup(ms->memory_encryption);
|
|
+}
|
|
+
|
|
+static void machine_set_memory_encryption(Object *obj, const char *value,
|
|
+ Error **errp)
|
|
+{
|
|
+ MachineState *ms = MACHINE(obj);
|
|
+
|
|
+ g_free(ms->memory_encryption);
|
|
+ ms->memory_encryption = g_strdup(value);
|
|
+}
|
|
+
|
|
static void error_on_sysbus_device(SysBusDevice *sbdev, void *opaque)
|
|
{
|
|
error_report("Option '-device %s' cannot be handled by this machine",
|
|
@@ -598,6 +614,12 @@ static void machine_class_init(ObjectClass *oc, void *data)
|
|
&error_abort);
|
|
object_class_property_set_description(oc, "enforce-config-section",
|
|
"Set on to enforce configuration section migration", &error_abort);
|
|
+
|
|
+ object_class_property_add_str(oc, "memory-encryption",
|
|
+ machine_get_memory_encryption, machine_set_memory_encryption,
|
|
+ &error_abort);
|
|
+ object_class_property_set_description(oc, "memory-encryption",
|
|
+ "Set memory encyption object to use", &error_abort);
|
|
}
|
|
|
|
static void machine_class_base_init(ObjectClass *oc, void *data)
|
|
diff --git a/include/hw/boards.h b/include/hw/boards.h
|
|
index 156b16f7a6..41fa577955 100644
|
|
--- a/include/hw/boards.h
|
|
+++ b/include/hw/boards.h
|
|
@@ -238,6 +238,7 @@ struct MachineState {
|
|
bool suppress_vmdesc;
|
|
bool enforce_config_section;
|
|
bool enable_graphics;
|
|
+ char *memory_encryption;
|
|
|
|
ram_addr_t ram_size;
|
|
ram_addr_t maxram_size;
|
|
diff --git a/qemu-options.hx b/qemu-options.hx
|
|
index 57f2c6a75f..617e5d5c20 100644
|
|
--- a/qemu-options.hx
|
|
+++ b/qemu-options.hx
|
|
@@ -104,6 +104,8 @@ code to send configuration section even if the machine-type sets the
|
|
@option{migration.send-configuration} property to @var{off}.
|
|
NOTE: this parameter is deprecated. Please use @option{-global}
|
|
@option{migration.send-configuration}=@var{on|off} instead.
|
|
+@item memory-encryption=@var{}
|
|
+Memory encryption object to use. The default is none.
|
|
@end table
|
|
ETEXI
|
|
|