| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 08 Apr 2021 10:43:37 -0700
From: James Bottomley <jejb@...ux.ibm.com>
To: Paolo Bonzini <pbonzini@...hat.com>,
Ashish Kalra <ashish.kalra@....com>,
Nathan Tempelman <natet@...gle.com>
Cc: thomas.lendacky@....com, x86@...nel.org, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, srutherford@...gle.com,
seanjc@...gle.com, rientjes@...gle.com, brijesh.singh@....com,
dovmurik@...ux.vnet.ibm.com, lersek@...hat.com, frankeh@...ibm.com
Subject: Re: [RFC v2] KVM: x86: Support KVM VMs sharing SEV context
On Fri, 2021-04-02 at 16:20 +0200, Paolo Bonzini wrote:
> On 02/04/21 13:58, Ashish Kalra wrote:
> > Hi Nathan,
> >
> > Will you be posting a corresponding Qemu patch for this ?
>
> Hi Ashish,
>
> as far as I know IBM is working on QEMU patches for guest-based
> migration helpers.
Yes, that's right, we'll take on this part.
> However, it would be nice to collaborate on the low-level (SEC/PEI)
> firmware patches to detect whether a CPU is part of the primary VM
> or the mirror. If Google has any OVMF patches already done for that,
> it would be great to combine it with IBM's SEV migration code and
> merge it into upstream OVMF.
We've reached the stage with our prototyping where not having the OVMF
support is blocking us from working on QEMU. If we're going to have to
reinvent the wheel in OVMF because Google is unwilling to publish the
patches, can you at least give some hints about how you did it?
Thanks,
James
Powered by blists - more mailing lists