Re: [PATCH] x86/CPU/AMD, mm: Extend with mem_encrypt=sme option

From: Borislav Petkov
Date: Tue Oct 03 2017 - 07:20:56 EST

Next message: Timo Alho: "Re: [PATCH V2] firmware: tegra: add BPMP debugfs support"
Previous message: Bartlomiej Zolnierkiewicz: "[PATCH v2] ide: add missing hwif->portdev freeing on hwif_init() failure"
In reply to: Paolo Bonzini: "Re: [PATCH] x86/CPU/AMD, mm: Extend with mem_encrypt=sme option"
Next in thread: Tom Lendacky: "Re: [PATCH] x86/CPU/AMD, mm: Extend with mem_encrypt=sme option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Oct 03, 2017 at 12:50:15PM +0200, Paolo Bonzini wrote:
> Stupid question ahead: if it's just about guests, why bother with
> mem_encrypt=xxx at all? kvm_amd should have a sev parameter anyway, you
> can just do kvm_amd.sev=0 to disable it.

Yes, it is only about guests so this could be a viable solution too.
I initially wanted to be able to disable all that SEV code but from a
quick glance over it, it is mostly behind an if (sev_active()) check so
I think the module arg should be good enough too.

Thx.

--
Regards/Gruss,
Boris.

SUSE Linux GmbH, GF: Felix ImendÃrffer, Jane Smithard, Graham Norton, HRB 21284 (AG NÃrnberg)
--

Next message: Timo Alho: "Re: [PATCH V2] firmware: tegra: add BPMP debugfs support"
Previous message: Bartlomiej Zolnierkiewicz: "[PATCH v2] ide: add missing hwif->portdev freeing on hwif_init() failure"
In reply to: Paolo Bonzini: "Re: [PATCH] x86/CPU/AMD, mm: Extend with mem_encrypt=sme option"
Next in thread: Tom Lendacky: "Re: [PATCH] x86/CPU/AMD, mm: Extend with mem_encrypt=sme option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]