[Qemu-devel] [RFC PATCH v4 10/20] vl: add memory encryption support

Brijesh Singh Wed, 08 Mar 2017 13:29:56 -0800

If memory encryption is enabled then create memory encryption launch
context to ensure that bootstrap data (bios images) get encrypted. Also
release the encryption context after machine is succesfully created.


Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
---
 vl.c |   15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/vl.c b/vl.c
index 71b75ef..c6e7846 100644
--- a/vl.c
+++ b/vl.c
@@ -4521,6 +4521,14 @@ int main(int argc, char **argv, char **envp)
     current_machine->boot_order = boot_order;
     current_machine->cpu_model = cpu_model;
 
+    /* If memory encryption is enabled then create encryption context. */
+    if (kvm_memcrypt_enabled()) {
+        if (kvm_memcrypt_create_launch_context()) {
+            error_report("failed to create memory encryption context");
+            exit(1);
+        }
+    }
+
     machine_class->init(current_machine);
 
     realtime_init();
@@ -4671,6 +4679,13 @@ int main(int argc, char **argv, char **envp)
         vm_start();
     }
 
+    if (kvm_memcrypt_enabled()) {
+        if (kvm_memcrypt_release_launch_context()) {
+            error_report("failed to stop encryption context");
+            exit(1);
+        }
+    }
+
     os_setup_post();
 
     main_loop();

[Qemu-devel] [RFC PATCH v4 10/20] vl: add memory encryption support

Reply via email to