| Message ID | 20180308124901.83533-25-brijesh.singh@amd.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 08/03/2018 13:48, Brijesh Singh wrote: > sev_set_guest_state(SEV_STATE_RUNNING); > + > + /* add migration blocker */ > + error_setg(&sev_mig_blocker, > + "SEV: Migration is not implemented"); > + ret = migrate_add_blocker(sev_mig_blocker, &local_err); > + if (local_err) { > + error_report_err(local_err); > + error_free(sev_mig_blocker); > + exit(1); > + } > } I think this should be in sev_guest_init instead? Does migration transfer the measurement, or is it lost forever? Not a blocker though. Paolo
On 3/13/18 4:33 AM, Paolo Bonzini wrote: > On 08/03/2018 13:48, Brijesh Singh wrote: >> sev_set_guest_state(SEV_STATE_RUNNING); >> + >> + /* add migration blocker */ >> + error_setg(&sev_mig_blocker, >> + "SEV: Migration is not implemented"); >> + ret = migrate_add_blocker(sev_mig_blocker, &local_err); >> + if (local_err) { >> + error_report_err(local_err); >> + error_free(sev_mig_blocker); >> + exit(1); >> + } >> } > I think this should be in sev_guest_init instead? Does migration > transfer the measurement, or is it lost forever? Not a blocker though. The launch measurement does not get transferred during the migration. During migration we get totally different measurement which is wrapped with transport key etc and that need to send to destination. IIRC, in my first attempt I was adding this blocker in sev_guest_init() but migration_add_blocker() was failing becauseĀ sev_guest_init() is called before the migration_object_init(). > > Paolo
On 13/03/2018 12:28, Brijesh Singh wrote: > > > On 3/13/18 4:33 AM, Paolo Bonzini wrote: >> On 08/03/2018 13:48, Brijesh Singh wrote: >>> sev_set_guest_state(SEV_STATE_RUNNING); >>> + >>> + /* add migration blocker */ >>> + error_setg(&sev_mig_blocker, >>> + "SEV: Migration is not implemented"); >>> + ret = migrate_add_blocker(sev_mig_blocker, &local_err); >>> + if (local_err) { >>> + error_report_err(local_err); >>> + error_free(sev_mig_blocker); >>> + exit(1); >>> + } >>> } >> I think this should be in sev_guest_init instead? Does migration >> transfer the measurement, or is it lost forever? Not a blocker though. > > The launch measurement does not get transferred during the migration. > During migration we get totally different measurement which is wrapped > with transport key etc and that need to send to destination. IIRC, in my > first attempt I was adding this blocker in sev_guest_init() but > migration_add_blocker() was failing becauseĀ sev_guest_init() is called > before the migration_object_init(). I see, thanks. I'm not going to touch this part anyway. :) We can fix it during the freeze period. Paolo
diff --git a/target/i386/sev.c b/target/i386/sev.c index f687e9e40e32..b9bfce95246a 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -24,12 +24,14 @@ #include "sev_i386.h" #include "sysemu/sysemu.h" #include "trace.h" +#include "migration/blocker.h" #define DEFAULT_GUEST_POLICY 0x1 /* disable debug */ #define DEFAULT_SEV_DEVICE "/dev/sev" static SEVState *sev_state; static MemoryRegionRAMReadWriteOps sev_ops; +static Error *sev_mig_blocker; static const char *const sev_fw_errlist[] = { "", @@ -583,6 +585,7 @@ static void sev_launch_finish(SEVState *s) { int ret, error; + Error *local_err = NULL; trace_kvm_sev_launch_finish(); ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_FINISH, 0, &error); @@ -593,6 +596,16 @@ sev_launch_finish(SEVState *s) } sev_set_guest_state(SEV_STATE_RUNNING); + + /* add migration blocker */ + error_setg(&sev_mig_blocker, + "SEV: Migration is not implemented"); + ret = migrate_add_blocker(sev_mig_blocker, &local_err); + if (local_err) { + error_report_err(local_err); + error_free(sev_mig_blocker); + exit(1); + } } static void