Re: [PATCH] x86/sev: Add AMD_SEV_ES_GUEST Kconfig for including SEV-ES support

From: Paolo Bonzini
Date: Tue Jan 19 2021 - 12:15:13 EST

Next message: Thierry Reding: "Re: [RESEND PATCH v6 5/6] arm64: tegra: Audio graph header for Tegra210"
Previous message: Pavel Tatashin: "Re: [PATCH v2 0/1] scale loop device lock"
In reply to: Borislav Petkov: "Re: [PATCH] x86/sev: Add AMD_SEV_ES_GUEST Kconfig for including SEV-ES support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 19/01/21 18:09, Borislav Petkov wrote:

It was the AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT dependency that tripped me up. To
get KVM to enable SEV/SEV-ES by default,

By default? What would be the use case for that?

It doesn't enable by default SEV/SEV-ES for all the guests, it only enables the functionality.

But tying that to a Kconfig value is useless, it should just default to 1 (allow creating encrypted guests) if the hardware is available.

Paolo

Next message: Thierry Reding: "Re: [RESEND PATCH v6 5/6] arm64: tegra: Audio graph header for Tegra210"
Previous message: Pavel Tatashin: "Re: [PATCH v2 0/1] scale loop device lock"
In reply to: Borislav Petkov: "Re: [PATCH] x86/sev: Add AMD_SEV_ES_GUEST Kconfig for including SEV-ES support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]