mirror of
https://github.com/qemu/qemu.git
synced 2024-12-15 15:33:29 +08:00
f91f9f254b
Several architectures have mechanisms which are designed to protect guest memory from interference or eavesdropping by a compromised hypervisor. AMD SEV does this with in-chip memory encryption and Intel's TDX can do similar things. POWER's Protected Execution Framework (PEF) accomplishes a similar goal using an ultravisor and new memory protection features, instead of encryption. To (partially) unify handling for these, this introduces a new ConfidentialGuestSupport QOM base class. "Confidential" is kind of vague, but "confidential computing" seems to be the buzzword about these schemes, and "secure" or "protected" are often used in connection to unrelated things (such as hypervisor-from-guest or guest-from-guest security). The "support" in the name is significant because in at least some of the cases it requires the guest to take specific actions in order to protect itself from hypervisor eavesdropping. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
34 lines
751 B
C
34 lines
751 B
C
/*
|
|
* QEMU Confidential Guest support
|
|
*
|
|
* Copyright Red Hat.
|
|
*
|
|
* Authors:
|
|
* David Gibson <david@gibson.dropbear.id.au>
|
|
*
|
|
* This work is licensed under the terms of the GNU GPL, version 2 or
|
|
* later. See the COPYING file in the top-level directory.
|
|
*
|
|
*/
|
|
|
|
#include "qemu/osdep.h"
|
|
|
|
#include "exec/confidential-guest-support.h"
|
|
|
|
OBJECT_DEFINE_ABSTRACT_TYPE(ConfidentialGuestSupport,
|
|
confidential_guest_support,
|
|
CONFIDENTIAL_GUEST_SUPPORT,
|
|
OBJECT)
|
|
|
|
static void confidential_guest_support_class_init(ObjectClass *oc, void *data)
|
|
{
|
|
}
|
|
|
|
static void confidential_guest_support_init(Object *obj)
|
|
{
|
|
}
|
|
|
|
static void confidential_guest_support_finalize(Object *obj)
|
|
{
|
|
}
|