git.baikalelectronics.ru Git - kernel.git/commit

author	Brijesh Singh <brijesh.singh@amd.com>
	Mon, 4 Dec 2017 16:57:38 +0000 (10:57 -0600)
committer	Brijesh Singh <brijesh.singh@amd.com>
	Mon, 4 Dec 2017 19:33:14 +0000 (13:33 -0600)
commit	857a51d95b73cbfc1d6ad6a2a1b347a548721e5e
tree	e7a8c7b8db46b98843cf51f655074c58795dae90	tree \| snapshot
parent	aea4c83f8469d6bd7489033dd8d2faac7546860c	commit \| diff

KVM: SVM: Pin guest memory when SEV is active

The SEV memory encryption engine uses a tweak such that two identical
plaintext pages at different location will have different ciphertext.
So swapping or moving ciphertext of two pages will not result in
plaintext being swapped. Relocating (or migrating) physical backing
pages for a SEV guest will require some additional steps. The current SEV
key management spec does not provide commands to swap or migrate (move)
ciphertext pages. For now, we pin the guest memory registered through
KVM_MEMORY_ENCRYPT_REG_REGION ioctl.

Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Borislav Petkov <bp@suse.de>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: x86@kernel.org
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>

arch/x86/include/asm/kvm_host.h		diff \| blob \| history
arch/x86/kvm/svm.c		diff \| blob \| history