On Wed, Mar 20, 2024 at 03:39:25AM -0500, Michael Roth wrote:
> SEV/SEV-ES rely on pinned memory to back guest RAM so discarding
> isn't actually possible. With SNP, only guest_memfd pages are used
> for private guest memory, so discarding of shared memory is still
> possible, so only disable discard for SEV/SEV-ES.
>
> Signed-off-by: Michael Roth <michael.r...@amd.com>
> ---
> target/i386/sev.c | 16 ++++++++++++----
> 1 file changed, 12 insertions(+), 4 deletions(-)
>
> diff --git a/target/i386/sev.c b/target/i386/sev.c
> index 134e8f7c22..43e6c0172f 100644
> --- a/target/i386/sev.c
> +++ b/target/i386/sev.c
> @@ -888,10 +888,18 @@ static int sev_kvm_init(ConfidentialGuestSupport *cgs,
> Error **errp)
> uint32_t host_cbitpos;
> struct sev_user_data_status status = {};
>
> - ret = ram_block_discard_disable(true);
> - if (ret) {
> - error_report("%s: cannot disable RAM discard", __func__);
> - return -1;
> + /*
> + * SEV/SEV-ES rely on pinned memory to back guest RAM so discarding
> + * isn't actually possible. With SNP, only guest_memfd pages are used
> + * for private guest memory, so discarding of shared memory is still
> + * possible..
> + */
> + if (!sev_snp_enabled()) {
> + ret = ram_block_discard_disable(true);
> + if (ret) {
> + error_report("%s: cannot disable RAM discard", __func__);
> + return -1;
> + }
> }
Pre-existing code bug, but this method must use 'error_setg' to fill
the 'Error **errp' parameter.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
