Re: [PATCH] x86/CPU/AMD, mm: Extend with mem_encrypt=sme option
From: Borislav Petkov
Date: Tue Oct 03 2017 - 07:20:56 EST
On Tue, Oct 03, 2017 at 12:50:15PM +0200, Paolo Bonzini wrote:
> Stupid question ahead: if it's just about guests, why bother with
> mem_encrypt=xxx at all? kvm_amd should have a sev parameter anyway, you
> can just do kvm_amd.sev=0 to disable it.
Yes, it is only about guests so this could be a viable solution too.
I initially wanted to be able to disable all that SEV code but from a
quick glance over it, it is mostly behind an if (sev_active()) check so
I think the module arg should be good enough too.
Thx.
--
Regards/Gruss,
Boris.
SUSE Linux GmbH, GF: Felix ImendÃrffer, Jane Smithard, Graham Norton, HRB 21284 (AG NÃrnberg)
--