1. Patchew
  2. QEMU
  3. [Qemu-devel] [RFC PATCH v4 00/20] x86: Secure Encrypted Virtualization (AMD)
  4. View patch

[Qemu-devel] [RFC PATCH v4 10/20] vl: add memory encryption support

Brijesh Singh posted 20 patches 8 years, 8 months ago
There is a newer version of this series
[Qemu-devel] [RFC PATCH v4 10/20] vl: add memory encryption support
Posted by Brijesh Singh 8 years, 8 months ago 
If memory encryption is enabled then create memory encryption launch
context to ensure that bootstrap data (bios images) get encrypted. Also
release the encryption context after machine is succesfully created.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 vl.c |   15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/vl.c b/vl.c
index 71b75ef..c6e7846 100644
--- a/vl.c
+++ b/vl.c
@@ -4521,6 +4521,14 @@ int main(int argc, char **argv, char **envp)
     current_machine->boot_order = boot_order;
     current_machine->cpu_model = cpu_model;
 
+    /* If memory encryption is enabled then create encryption context. */
+    if (kvm_memcrypt_enabled()) {
+        if (kvm_memcrypt_create_launch_context()) {
+            error_report("failed to create memory encryption context");
+            exit(1);
+        }
+    }
+
     machine_class->init(current_machine);
 
     realtime_init();
@@ -4671,6 +4679,13 @@ int main(int argc, char **argv, char **envp)
         vm_start();
     }
 
+    if (kvm_memcrypt_enabled()) {
+        if (kvm_memcrypt_release_launch_context()) {
+            error_report("failed to stop encryption context");
+            exit(1);
+        }
+    }
+
     os_setup_post();
 
     main_loop();

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.