cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

confidential-guest-support.h (2226B)

      1/*
      2 * QEMU Confidential Guest support
      3 *   This interface describes the common pieces between various
      4 *   schemes for protecting guest memory or other state against a
      5 *   compromised hypervisor.  This includes memory encryption (AMD's
      6 *   SEV and Intel's MKTME) or special protection modes (PEF on POWER,
      7 *   or PV on s390x).
      8 *
      9 * Copyright Red Hat.
     10 *
     11 * Authors:
     12 *  David Gibson <david@gibson.dropbear.id.au>
     13 *
     14 * This work is licensed under the terms of the GNU GPL, version 2 or
     15 * later.  See the COPYING file in the top-level directory.
     16 *
     17 */
     18#ifndef QEMU_CONFIDENTIAL_GUEST_SUPPORT_H
     19#define QEMU_CONFIDENTIAL_GUEST_SUPPORT_H
     20
     21#ifndef CONFIG_USER_ONLY
     22
     23#include "qom/object.h"
     24
     25#define TYPE_CONFIDENTIAL_GUEST_SUPPORT "confidential-guest-support"
     26OBJECT_DECLARE_SIMPLE_TYPE(ConfidentialGuestSupport, CONFIDENTIAL_GUEST_SUPPORT)
     27
     28struct ConfidentialGuestSupport {
     29    Object parent;
     30
     31    /*
     32     * ready: flag set by CGS initialization code once it's ready to
     33     *        start executing instructions in a potentially-secure
     34     *        guest
     35     *
     36     * The definition here is a bit fuzzy, because this is essentially
     37     * part of a self-sanity-check, rather than a strict mechanism.
     38     *
     39     * It's not feasible to have a single point in the common machine
     40     * init path to configure confidential guest support, because
     41     * different mechanisms have different interdependencies requiring
     42     * initialization in different places, often in arch or machine
     43     * type specific code.  It's also usually not possible to check
     44     * for invalid configurations until that initialization code.
     45     * That means it would be very easy to have a bug allowing CGS
     46     * init to be bypassed entirely in certain configurations.
     47     *
     48     * Silently ignoring a requested security feature would be bad, so
     49     * to avoid that we check late in init that this 'ready' flag is
     50     * set if CGS was requested.  If the CGS init hasn't happened, and
     51     * so 'ready' is not set, we'll abort.
     52     */
     53    bool ready;
     54};
     55
     56typedef struct ConfidentialGuestSupportClass {
     57    ObjectClass parent;
     58} ConfidentialGuestSupportClass;
     59
     60#endif /* !CONFIG_USER_ONLY */
     61
     62#endif /* QEMU_CONFIDENTIAL_GUEST_SUPPORT_H */