From: Tom Lendacky <[email protected]> Update the sev_es_enabled() function return value to be based on the SEV policy that has been specified. SEV-ES is enabled if SEV is enabled and the SEV-ES policy bit is set in the policy object.
Cc: Paolo Bonzini <[email protected]> Cc: Richard Henderson <[email protected]> Cc: Eduardo Habkost <[email protected]> Reviewed-by: Dr. David Alan Gilbert <[email protected]> Signed-off-by: Tom Lendacky <[email protected]> Reviewed-by: Venu Busireddy <[email protected]> Message-Id: <c69f81c6029f31fc4c52a9f35f1bd704362476a5.1611682609.git.thomas.lenda...@amd.com> Signed-off-by: Paolo Bonzini <[email protected]> --- target/i386/sev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/i386/sev.c b/target/i386/sev.c index 4b70d4284f..0f414df02f 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -356,7 +356,7 @@ sev_enabled(void) bool sev_es_enabled(void) { - return false; + return sev_enabled() && (sev_guest->policy & SEV_POLICY_ES); } uint64_t -- 2.29.2
