Re: [RFC PATCH 25/35] KVM: x86: Update __get_sregs() / __set_sregs() to support SEV-ES

From: Sean Christopherson
Date: Mon Sep 14 2020 - 17:37:20 EST

Next message: Ralph Campbell: "[PATCH] hmm/test: remove unused dmirror_zero_page"
Previous message: Douglas Gilbert: "[PATCH] tools/io_uring: fix compile breakage"
In reply to: Tom Lendacky: "[RFC PATCH 25/35] KVM: x86: Update __get_sregs() / __set_sregs() to support SEV-ES"
Next in thread: Tom Lendacky: "Re: [RFC PATCH 25/35] KVM: x86: Update __get_sregs() / __set_sregs() to support SEV-ES"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Sep 14, 2020 at 03:15:39PM -0500, Tom Lendacky wrote:
> From: Tom Lendacky <thomas.lendacky@xxxxxxx>
>
> Since many of the registers used by the SEV-ES are encrypted and cannot
> be read or written, adjust the __get_sregs() / __set_sregs() to only get
> or set the registers being tracked (efer, cr0, cr4 and cr8) once the VMSA
> is encrypted.

Is there an actual use case for writing said registers after the VMSA is
encrypted? Assuming there's a separate "debug mode" and live migration has
special logic, can KVM simply reject the ioctl() if guest state is protected?

Next message: Ralph Campbell: "[PATCH] hmm/test: remove unused dmirror_zero_page"
Previous message: Douglas Gilbert: "[PATCH] tools/io_uring: fix compile breakage"
In reply to: Tom Lendacky: "[RFC PATCH 25/35] KVM: x86: Update __get_sregs() / __set_sregs() to support SEV-ES"
Next in thread: Tom Lendacky: "Re: [RFC PATCH 25/35] KVM: x86: Update __get_sregs() / __set_sregs() to support SEV-ES"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]