machine: add memory-encryption option
When CPU supports memory encryption feature, the property can be used to specify the encryption object to use when launching an encrypted guest. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: Marcel Apfelbaum <marcel@redhat.com> Cc: Stefan Hajnoczi <stefanha@gmail.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
parent
e13713db5b
commit
db5881949f
@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object *obj, Error **errp)
|
|||||||
return ms->enforce_config_section;
|
return ms->enforce_config_section;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static char *machine_get_memory_encryption(Object *obj, Error **errp)
|
||||||
|
{
|
||||||
|
MachineState *ms = MACHINE(obj);
|
||||||
|
|
||||||
|
return g_strdup(ms->memory_encryption);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void machine_set_memory_encryption(Object *obj, const char *value,
|
||||||
|
Error **errp)
|
||||||
|
{
|
||||||
|
MachineState *ms = MACHINE(obj);
|
||||||
|
|
||||||
|
g_free(ms->memory_encryption);
|
||||||
|
ms->memory_encryption = g_strdup(value);
|
||||||
|
}
|
||||||
|
|
||||||
void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type)
|
void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type)
|
||||||
{
|
{
|
||||||
strList *item = g_new0(strList, 1);
|
strList *item = g_new0(strList, 1);
|
||||||
@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void *data)
|
|||||||
&error_abort);
|
&error_abort);
|
||||||
object_class_property_set_description(oc, "enforce-config-section",
|
object_class_property_set_description(oc, "enforce-config-section",
|
||||||
"Set on to enforce configuration section migration", &error_abort);
|
"Set on to enforce configuration section migration", &error_abort);
|
||||||
|
|
||||||
|
object_class_property_add_str(oc, "memory-encryption",
|
||||||
|
machine_get_memory_encryption, machine_set_memory_encryption,
|
||||||
|
&error_abort);
|
||||||
|
object_class_property_set_description(oc, "memory-encryption",
|
||||||
|
"Set memory encyption object to use", &error_abort);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void machine_class_base_init(ObjectClass *oc, void *data)
|
static void machine_class_base_init(ObjectClass *oc, void *data)
|
||||||
|
@ -243,6 +243,7 @@ struct MachineState {
|
|||||||
bool suppress_vmdesc;
|
bool suppress_vmdesc;
|
||||||
bool enforce_config_section;
|
bool enforce_config_section;
|
||||||
bool enable_graphics;
|
bool enable_graphics;
|
||||||
|
char *memory_encryption;
|
||||||
|
|
||||||
ram_addr_t ram_size;
|
ram_addr_t ram_size;
|
||||||
ram_addr_t maxram_size;
|
ram_addr_t maxram_size;
|
||||||
|
@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
|
|||||||
" suppress-vmdesc=on|off disables self-describing migration (default=off)\n"
|
" suppress-vmdesc=on|off disables self-describing migration (default=off)\n"
|
||||||
" nvdimm=on|off controls NVDIMM support (default=off)\n"
|
" nvdimm=on|off controls NVDIMM support (default=off)\n"
|
||||||
" enforce-config-section=on|off enforce configuration section migration (default=off)\n"
|
" enforce-config-section=on|off enforce configuration section migration (default=off)\n"
|
||||||
" s390-squash-mcss=on|off (deprecated) controls support for squashing into default css (default=off)\n",
|
" s390-squash-mcss=on|off (deprecated) controls support for squashing into default css (default=off)\n"
|
||||||
|
" memory-encryption=@var{} memory encryption object to use (default=none)\n",
|
||||||
QEMU_ARCH_ALL)
|
QEMU_ARCH_ALL)
|
||||||
STEXI
|
STEXI
|
||||||
@item -machine [type=]@var{name}[,prop=@var{value}[,...]]
|
@item -machine [type=]@var{name}[,prop=@var{value}[,...]]
|
||||||
@ -110,6 +111,8 @@ code to send configuration section even if the machine-type sets the
|
|||||||
@option{migration.send-configuration} property to @var{off}.
|
@option{migration.send-configuration} property to @var{off}.
|
||||||
NOTE: this parameter is deprecated. Please use @option{-global}
|
NOTE: this parameter is deprecated. Please use @option{-global}
|
||||||
@option{migration.send-configuration}=@var{on|off} instead.
|
@option{migration.send-configuration}=@var{on|off} instead.
|
||||||
|
@item memory-encryption=@var{}
|
||||||
|
Memory encryption object to use. The default is none.
|
||||||
@end table
|
@end table
|
||||||
ETEXI
|
ETEXI
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user