qemu

FORK: QEMU emulator
git clone https://git.neptards.moe/neptards/qemu.git
Log | Files | Refs | Submodules | LICENSE

confidential-guest-support.h (2226B)

      1 /*
      2  * QEMU Confidential Guest support
      3  *   This interface describes the common pieces between various
      4  *   schemes for protecting guest memory or other state against a
      5  *   compromised hypervisor.  This includes memory encryption (AMD's
      6  *   SEV and Intel's MKTME) or special protection modes (PEF on POWER,
      7  *   or PV on s390x).
      8  *
      9  * Copyright Red Hat.
     10  *
     11  * Authors:
     12  *  David Gibson <david@gibson.dropbear.id.au>
     13  *
     14  * This work is licensed under the terms of the GNU GPL, version 2 or
     15  * later.  See the COPYING file in the top-level directory.
     16  *
     17  */
     18 #ifndef QEMU_CONFIDENTIAL_GUEST_SUPPORT_H
     19 #define QEMU_CONFIDENTIAL_GUEST_SUPPORT_H
     20 
     21 #ifndef CONFIG_USER_ONLY
     22 
     23 #include "qom/object.h"
     24 
     25 #define TYPE_CONFIDENTIAL_GUEST_SUPPORT "confidential-guest-support"
     26 OBJECT_DECLARE_SIMPLE_TYPE(ConfidentialGuestSupport, CONFIDENTIAL_GUEST_SUPPORT)
     27 
     28 struct ConfidentialGuestSupport {
     29     Object parent;
     30 
     31     /*
     32      * ready: flag set by CGS initialization code once it's ready to
     33      *        start executing instructions in a potentially-secure
     34      *        guest
     35      *
     36      * The definition here is a bit fuzzy, because this is essentially
     37      * part of a self-sanity-check, rather than a strict mechanism.
     38      *
     39      * It's not feasible to have a single point in the common machine
     40      * init path to configure confidential guest support, because
     41      * different mechanisms have different interdependencies requiring
     42      * initialization in different places, often in arch or machine
     43      * type specific code.  It's also usually not possible to check
     44      * for invalid configurations until that initialization code.
     45      * That means it would be very easy to have a bug allowing CGS
     46      * init to be bypassed entirely in certain configurations.
     47      *
     48      * Silently ignoring a requested security feature would be bad, so
     49      * to avoid that we check late in init that this 'ready' flag is
     50      * set if CGS was requested.  If the CGS init hasn't happened, and
     51      * so 'ready' is not set, we'll abort.
     52      */
     53     bool ready;
     54 };
     55 
     56 typedef struct ConfidentialGuestSupportClass {
     57     ObjectClass parent;
     58 } ConfidentialGuestSupportClass;
     59 
     60 #endif /* !CONFIG_USER_ONLY */
     61 
     62 #endif /* QEMU_CONFIDENTIAL_GUEST_SUPPORT_H */