qemu-e2k/hw/i386
David Gibson aacdb84413 sev: Remove false abstraction of flash encryption
When AMD's SEV memory encryption is in use, flash memory banks (which are
initialed by pc_system_flash_map()) need to be encrypted with the guest's
key, so that the guest can read them.

That's abstracted via the kvm_memcrypt_encrypt_data() callback in the KVM
state.. except, that it doesn't really abstract much at all.

For starters, the only call site is in code specific to the 'pc'
family of machine types, so it's obviously specific to those and to
x86 to begin with.  But it makes a bunch of further assumptions that
need not be true about an arbitrary confidential guest system based on
memory encryption, let alone one based on other mechanisms:

 * it assumes that the flash memory is defined to be encrypted with the
   guest key, rather than being shared with hypervisor
 * it assumes that that hypervisor has some mechanism to encrypt data into
   the guest, even though it can't decrypt it out, since that's the whole
   point
 * the interface assumes that this encrypt can be done in place, which
   implies that the hypervisor can write into a confidential guests's
   memory, even if what it writes isn't meaningful

So really, this "abstraction" is actually pretty specific to the way SEV
works.  So, this patch removes it and instead has the PC flash
initialization code call into a SEV specific callback.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
2021-02-08 16:57:38 +11:00
..
kvm qdev: Move softmmu properties to qdev-properties-system.h 2020-12-18 15:20:17 -05:00
xen hw: Use the PCI_SLOT() macro from 'hw/pci/pci.h' 2021-01-04 23:24:44 +01:00
acpi-build.c acpi: Permit OEM ID and OEM table ID fields to be changed 2021-02-05 08:52:59 -05:00
acpi-build.h
acpi-common.c acpi: Permit OEM ID and OEM table ID fields to be changed 2021-02-05 08:52:59 -05:00
acpi-common.h acpi: Permit OEM ID and OEM table ID fields to be changed 2021-02-05 08:52:59 -05:00
acpi-microvm.c acpi: Permit OEM ID and OEM table ID fields to be changed 2021-02-05 08:52:59 -05:00
acpi-microvm.h
amd_iommu.c
amd_iommu.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
e820_memory_layout.c
e820_memory_layout.h
fw_cfg.c i386: move kvm accel files into kvm/ 2020-12-16 14:06:52 -05:00
fw_cfg.h
generic_event_device_x86.c
intel_iommu_internal.h
intel_iommu.c i386: move kvm accel files into kvm/ 2020-12-16 14:06:52 -05:00
Kconfig hw/misc/pvpanic: split-out generic and bus dependent code 2021-01-29 10:47:28 +00:00
kvmvapic.c remove TCG includes from common code 2021-01-02 21:03:36 +01:00
meson.build
microvm.c acpi: use constants as strncpy limit 2021-02-05 08:52:59 -05:00
multiboot.c
multiboot.h
pc_piix.c hw/i386: Remove the deprecated pc-1.x machine types 2021-02-05 08:52:59 -05:00
pc_q35.c hw: add compat machines for 6.0 2020-12-08 13:48:58 -05:00
pc_sysfw.c sev: Remove false abstraction of flash encryption 2021-02-08 16:57:38 +11:00
pc.c acpi: use constants as strncpy limit 2021-02-05 08:52:59 -05:00
port92.c Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
trace-events
trace.h
vmmouse.c Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
vmport.c i386: do not use ram_size global 2020-12-10 12:15:08 -05:00
x86-iommu-stub.c
x86-iommu.c
x86.c i386: move kvm accel files into kvm/ 2020-12-16 14:06:52 -05:00