• Brijesh Singh's avatar
    KVM: SVM: Pin guest memory when SEV is active · 1e80fdc0
    Brijesh Singh authored
    The SEV memory encryption engine uses a tweak such that two identical
    plaintext pages at different location will have different ciphertext.
    So swapping or moving ciphertext of two pages will not result in
    plaintext being swapped. Relocating (or migrating) physical backing
    pages for a SEV guest will require some additional steps. The current SEV
    key management spec does not provide commands to swap or migrate (move)
    ciphertext pages. For now, we pin the guest memory registered through
    KVM_MEMORY_ENCRYPT_REG_REGION ioctl.
    
    Cc: Thomas Gleixner <tglx@linutronix.de>
    Cc: Ingo Molnar <mingo@redhat.com>
    Cc: "H. Peter Anvin" <hpa@zytor.com>
    Cc: Paolo Bonzini <pbonzini@redhat.com>
    Cc: "Radim Krčmář" <rkrcmar@redhat.com>
    Cc: Joerg Roedel <joro@8bytes.org>
    Cc: Borislav Petkov <bp@suse.de>
    Cc: Tom Lendacky <thomas.lendacky@amd.com>
    Cc: x86@kernel.org
    Cc: kvm@vger.kernel.org
    Cc: linux-kernel@vger.kernel.org
    Signed-off-by: default avatarBrijesh Singh <brijesh.singh@amd.com>
    1e80fdc0
kvm_host.h 41.6 KB