On 6/18/20 7:05 PM, David Gibson wrote: > Several architectures have mechanisms which are designed to protect guest > memory from interference or eavesdropping by a compromised hypervisor. AMD > SEV does this with in-chip memory encryption and Intel has a similar > mechanism. POWER's Protected Execution Framework (PEF) accomplishes a > similar goal using an ultravisor and new memory protection features, > instead of encryption. > > To (partially) unify handling for these, this introduces a new > HostTrustLimitation QOM interface. > > Signed-off-by: David Gibson <[email protected]> > --- > backends/Makefile.objs | 2 ++ > backends/host-trust-limitation.c | 29 ++++++++++++++++++++++++ > include/exec/host-trust-limitation.h | 33 ++++++++++++++++++++++++++++ > include/qemu/typedefs.h | 1 + > 4 files changed, 65 insertions(+) > create mode 100644 backends/host-trust-limitation.c > create mode 100644 include/exec/host-trust-limitation.h
Reviewed-by: Richard Henderson <[email protected]> r~
