summaryrefslogtreecommitdiff
path: root/arch/x86/kvm/Kconfig
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2024-06-03 20:19:46 +0300
committerPaolo Bonzini <pbonzini@redhat.com>2024-06-03 20:19:46 +0300
commitab978c62e72d6b2d41842210e0cc435d9ed0dadb (patch)
tree71bf56a9d023865588f743c909093c1cd4a667f2 /arch/x86/kvm/Kconfig
parentf9d1b541d057bf94453201d77ffbbfba659c9ad3 (diff)
parentb2ec042347fde5df1239d228b4d86ca642944870 (diff)
downloadlinux-ab978c62e72d6b2d41842210e0cc435d9ed0dadb.tar.xz
Merge branch 'kvm-6.11-sev-snp' into HEAD
Pull base x86 KVM support for running SEV-SNP guests from Michael Roth: * add some basic infrastructure and introduces a new KVM_X86_SNP_VM vm_type to handle differences versus the existing KVM_X86_SEV_VM and KVM_X86_SEV_ES_VM types. * implement the KVM API to handle the creation of a cryptographic launch context, encrypt/measure the initial image into guest memory, and finalize it before launching it. * implement handling for various guest-generated events such as page state changes, onlining of additional vCPUs, etc. * implement the gmem/mmu hooks needed to prepare gmem-allocated pages before mapping them into guest private memory ranges as well as cleaning them up prior to returning them to the host for use as normal memory. Because those cleanup hooks supplant certain activities like issuing WBINVDs during KVM MMU invalidations, avoid duplicating that work to avoid unecessary overhead. This merge leaves out support support for attestation guest requests and for loading the signing keys to be used for attestation requests.
Diffstat (limited to 'arch/x86/kvm/Kconfig')
-rw-r--r--arch/x86/kvm/Kconfig3
1 files changed, 3 insertions, 0 deletions
diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig
index fec95a770270..80e5afde69f4 100644
--- a/arch/x86/kvm/Kconfig
+++ b/arch/x86/kvm/Kconfig
@@ -139,6 +139,9 @@ config KVM_AMD_SEV
depends on KVM_AMD && X86_64
depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m)
select ARCH_HAS_CC_PLATFORM
+ select KVM_GENERIC_PRIVATE_MEM
+ select HAVE_KVM_GMEM_PREPARE
+ select HAVE_KVM_GMEM_INVALIDATE
help
Provides support for launching Encrypted VMs (SEV) and Encrypted VMs
with Encrypted State (SEV-ES) on AMD processors.