[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5813902a-f272-a6fe-b32c-c470cb18c1ff@redhat.com>
Date: Sun, 6 Dec 2020 11:25:18 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: Ashish Kalra <ashish.kalra@....com>,
"Dr. David Alan Gilbert" <dgilbert@...hat.com>
Cc: tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
joro@...tes.org, bp@...e.de, thomas.lendacky@....com,
x86@...nel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
srutherford@...gle.com, brijesh.singh@....com,
dovmurik@...ux.vnet.ibm.com, tobin@....com, jejb@...ux.ibm.com,
frankeh@...ibm.com
Subject: Re: [PATCH v2 2/9] KVM: X86: Introduce KVM_HC_PAGE_ENC_STATUS
hypercall
On 02/12/20 22:22, Ashish Kalra wrote:
> Hello Dave,
>
> On Wed, Dec 02, 2020 at 04:54:20PM +0000, Dr. David Alan Gilbert wrote:
>> * Ashish Kalra (Ashish.Kalra@....com) wrote:
>>> From: Brijesh Singh <brijesh.singh@....com>
>>>
>>> This hypercall is used by the SEV guest to notify a change in the page
>>> encryption status to the hypervisor. The hypercall should be invoked
>>> only when the encryption attribute is changed from encrypted -> decrypted
>>> and vice versa. By default all guest pages are considered encrypted.
>>
>> Is it defined whether these are supposed to be called before or after
>> the the page type has been changed; is it change the type and then
>> notify or the other way around?
It doesn't matter. However, you have do it before writing to the page,
and the content of the page is unspecified between the hypercall and the
write to the page.
So you cannot for example encrypt a page in place (using the same PFN
but different settings of the C bit), you need to do:
hypercall(); /* mark enc_data as encrypted */
/*
* The contents of enc_data is now undefined as it can change
* across migration.
*/
memset(enc_data, unenc_data, PAGE_SIZE);
Paolo
Powered by blists - more mailing lists