Hi Herbert and Paolo,
On 10/19/17 9:33 PM, Brijesh Singh wrote: > This part of Secure Encryted Virtualization (SEV) patch series focuses on KVM > changes required to create and manage SEV guests. > > SEV is an extension to the AMD-V architecture which supports running encrypted > virtual machine (VMs) under the control of a hypervisor. Encrypted VMs have > their > pages (code and data) secured such that only the guest itself has access to > unencrypted version. Each encrypted VM is associated with a unique encryption > key; > if its data is accessed to a different entity using a different key the > encrypted > guest's data will be incorrectly decrypted, leading to unintelligible data. > This security model ensures that hypervisor will no longer able to inspect or > alter any guest code or data. > > The key management of this feature is handled by a separate processor known as > the AMD Secure Processor (AMD-SP) which is present on AMD SOCs. The SEV Key > Management Specification (see below) provides a set of commands which can be > used by hypervisor to load virtual machine keys through the AMD-SP driver. Since the PSP patches touches both the CCP and KVM driver, hence I was wondering if you guys have any thought on how PSP patches will be merged? I am talking about Patch 9 to 20 from this series. I have ensured that patches apply cleanly on both kvm/master and cryptodev-2.6/master. We can do this in one of two ways: - Paolo can merge the PSP support through the KVM branch or - Herbert can create a topic branch with PSP changes and Paolo can use that topic branch. Any visibility will help my next submission. thank you. -Brijesh
