diff options
| author | Maxime Ripard <maxime@cerno.tech> | 2020-04-04 11:02:15 +0200 |
|---|---|---|
| committer | Maxime Ripard <maxime@cerno.tech> | 2020-04-04 11:02:15 +0200 |
| commit | cc46c03397c1865a181f1a4f66d4645806e5a943 (patch) | |
| tree | e3a762d8961219a61b96ae6e5ec875ba9fbe2314 /Documentation/virt/kvm/amd-memory-encryption.rst | |
| parent | d8a26d8fc37c5b8b9e95f2fa194f287cf8cab3f4 (diff) | |
| parent | 0e7e6198af28c1573267aba1be33dd0b7fb35691 (diff) | |
| download | kernel_replicant_linux-cc46c03397c1865a181f1a4f66d4645806e5a943.tar.gz kernel_replicant_linux-cc46c03397c1865a181f1a4f66d4645806e5a943.tar.bz2 kernel_replicant_linux-cc46c03397c1865a181f1a4f66d4645806e5a943.zip | |
Merge drm/drm-next into drm-misc-next-fixes
Alex needs v5.6 into drm-misc-next-fixes to merge a fix for a regression in
the scatterlist processing in PRIME.
Signed-off-by: Maxime Ripard <maxime@cerno.tech>
Diffstat (limited to 'Documentation/virt/kvm/amd-memory-encryption.rst')
| -rw-r--r-- | Documentation/virt/kvm/amd-memory-encryption.rst | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/Documentation/virt/kvm/amd-memory-encryption.rst b/Documentation/virt/kvm/amd-memory-encryption.rst index d18c97b4e140..c3129b9ba5cb 100644 --- a/Documentation/virt/kvm/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/amd-memory-encryption.rst @@ -53,6 +53,29 @@ key management interface to perform common hypervisor activities such as encrypting bootstrap code, snapshot, migrating and debugging the guest. For more information, see the SEV Key Management spec [api-spec]_ +The main ioctl to access SEV is KVM_MEM_ENCRYPT_OP. If the argument +to KVM_MEM_ENCRYPT_OP is NULL, the ioctl returns 0 if SEV is enabled +and ``ENOTTY` if it is disabled (on some older versions of Linux, +the ioctl runs normally even with a NULL argument, and therefore will +likely return ``EFAULT``). If non-NULL, the argument to KVM_MEM_ENCRYPT_OP +must be a struct kvm_sev_cmd:: + + struct kvm_sev_cmd { + __u32 id; + __u64 data; + __u32 error; + __u32 sev_fd; + }; + + +The ``id`` field contains the subcommand, and the ``data`` field points to +another struct containing arguments specific to command. The ``sev_fd`` +should point to a file descriptor that is opened on the ``/dev/sev`` +device, if needed (see individual commands). + +On output, ``error`` is zero on success, or an error code. Error codes +are defined in ``<linux/psp-dev.h>`. + KVM implements the following commands to support common lifecycle events of SEV guests, such as launching, running, snapshotting, migrating and decommissioning. @@ -90,6 +113,8 @@ Returns: 0 on success, -negative on error On success, the 'handle' field contains a new handle and on error, a negative value. +KVM_SEV_LAUNCH_START requires the ``sev_fd`` field to be valid. + For more details, see SEV spec Section 6.2. 3. KVM_SEV_LAUNCH_UPDATE_DATA |