Message ID | 20180308124901.83533-6-brijesh.singh@amd.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Nitpick: the subject makes it seem like you're adding "-memory-encryption" as a CLI arg, but actually its adding support for 'memory-encryption=$VAL' property to the '-machine' CLI arg. Sufficient to just s/-memory-encryption/"memory-encryption"/ On Thu, Mar 08, 2018 at 06:48:38AM -0600, Brijesh Singh wrote: > When CPU supports memory encryption feature, the property can be used to > specify the encryption object to use when launching an encrypted guest. > > Cc: Paolo Bonzini <pbonzini@redhat.com> > Cc: Eduardo Habkost <ehabkost@redhat.com> > Cc: Marcel Apfelbaum <marcel@redhat.com> > Cc: Stefan Hajnoczi <stefanha@gmail.com> > Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> > --- > hw/core/machine.c | 22 ++++++++++++++++++++++ > include/hw/boards.h | 1 + > qemu-options.hx | 5 ++++- > 3 files changed, 27 insertions(+), 1 deletion(-) > > diff --git a/hw/core/machine.c b/hw/core/machine.c > index 5e2bbcdacedb..2040177664d5 100644 > --- a/hw/core/machine.c > +++ b/hw/core/machine.c > @@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object *obj, Error **errp) > return ms->enforce_config_section; > } > > +static char *machine_get_memory_encryption(Object *obj, Error **errp) > +{ > + MachineState *ms = MACHINE(obj); > + > + return g_strdup(ms->memory_encryption); > +} > + > +static void machine_set_memory_encryption(Object *obj, const char *value, > + Error **errp) > +{ > + MachineState *ms = MACHINE(obj); > + > + g_free(ms->memory_encryption); > + ms->memory_encryption = g_strdup(value); > +} > + > void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type) > { > strList *item = g_new0(strList, 1); > @@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void *data) > &error_abort); > object_class_property_set_description(oc, "enforce-config-section", > "Set on to enforce configuration section migration", &error_abort); > + > + object_class_property_add_str(oc, "memory-encryption", > + machine_get_memory_encryption, machine_set_memory_encryption, > + &error_abort); > + object_class_property_set_description(oc, "memory-encryption", > + "Set memory encyption object to use", &error_abort); > } > > static void machine_class_base_init(ObjectClass *oc, void *data) > diff --git a/include/hw/boards.h b/include/hw/boards.h > index efb0a9edfdf1..8ce9a7a21d3d 100644 > --- a/include/hw/boards.h > +++ b/include/hw/boards.h > @@ -243,6 +243,7 @@ struct MachineState { > bool suppress_vmdesc; > bool enforce_config_section; > bool enable_graphics; > + char *memory_encryption; > > ram_addr_t ram_size; > ram_addr_t maxram_size; > diff --git a/qemu-options.hx b/qemu-options.hx > index 6585058c6cde..4c280142c52c 100644 > --- a/qemu-options.hx > +++ b/qemu-options.hx > @@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \ > " suppress-vmdesc=on|off disables self-describing migration (default=off)\n" > " nvdimm=on|off controls NVDIMM support (default=off)\n" > " enforce-config-section=on|off enforce configuration section migration (default=off)\n" > - " s390-squash-mcss=on|off (deprecated) controls support for squashing into default css (default=off)\n", > + " s390-squash-mcss=on|off (deprecated) controls support for squashing into default css (default=off)\n" > + " memory-encryption=@var{} memory encryption object to use (default=none)\n", > QEMU_ARCH_ALL) > STEXI > @item -machine [type=]@var{name}[,prop=@var{value}[,...]] > @@ -110,6 +111,8 @@ code to send configuration section even if the machine-type sets the > @option{migration.send-configuration} property to @var{off}. > NOTE: this parameter is deprecated. Please use @option{-global} > @option{migration.send-configuration}=@var{on|off} instead. > +@item memory-encryption=@var{} > +Memory encryption object to use. The default is none. > @end table > ETEXI > > -- > 2.14.3 > Regards, Daniel
diff --git a/hw/core/machine.c b/hw/core/machine.c index 5e2bbcdacedb..2040177664d5 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object *obj, Error **errp) return ms->enforce_config_section; } +static char *machine_get_memory_encryption(Object *obj, Error **errp) +{ + MachineState *ms = MACHINE(obj); + + return g_strdup(ms->memory_encryption); +} + +static void machine_set_memory_encryption(Object *obj, const char *value, + Error **errp) +{ + MachineState *ms = MACHINE(obj); + + g_free(ms->memory_encryption); + ms->memory_encryption = g_strdup(value); +} + void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type) { strList *item = g_new0(strList, 1); @@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void *data) &error_abort); object_class_property_set_description(oc, "enforce-config-section", "Set on to enforce configuration section migration", &error_abort); + + object_class_property_add_str(oc, "memory-encryption", + machine_get_memory_encryption, machine_set_memory_encryption, + &error_abort); + object_class_property_set_description(oc, "memory-encryption", + "Set memory encyption object to use", &error_abort); } static void machine_class_base_init(ObjectClass *oc, void *data) diff --git a/include/hw/boards.h b/include/hw/boards.h index efb0a9edfdf1..8ce9a7a21d3d 100644 --- a/include/hw/boards.h +++ b/include/hw/boards.h @@ -243,6 +243,7 @@ struct MachineState { bool suppress_vmdesc; bool enforce_config_section; bool enable_graphics; + char *memory_encryption; ram_addr_t ram_size; ram_addr_t maxram_size; diff --git a/qemu-options.hx b/qemu-options.hx index 6585058c6cde..4c280142c52c 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \ " suppress-vmdesc=on|off disables self-describing migration (default=off)\n" " nvdimm=on|off controls NVDIMM support (default=off)\n" " enforce-config-section=on|off enforce configuration section migration (default=off)\n" - " s390-squash-mcss=on|off (deprecated) controls support for squashing into default css (default=off)\n", + " s390-squash-mcss=on|off (deprecated) controls support for squashing into default css (default=off)\n" + " memory-encryption=@var{} memory encryption object to use (default=none)\n", QEMU_ARCH_ALL) STEXI @item -machine [type=]@var{name}[,prop=@var{value}[,...]] @@ -110,6 +111,8 @@ code to send configuration section even if the machine-type sets the @option{migration.send-configuration} property to @var{off}. NOTE: this parameter is deprecated. Please use @option{-global} @option{migration.send-configuration}=@var{on|off} instead. +@item memory-encryption=@var{} +Memory encryption object to use. The default is none. @end table ETEXI
When CPU supports memory encryption feature, the property can be used to specify the encryption object to use when launching an encrypted guest. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: Marcel Apfelbaum <marcel@redhat.com> Cc: Stefan Hajnoczi <stefanha@gmail.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> --- hw/core/machine.c | 22 ++++++++++++++++++++++ include/hw/boards.h | 1 + qemu-options.hx | 5 ++++- 3 files changed, 27 insertions(+), 1 deletion(-)