diff options
| author | David Gibson | 2020-06-04 07:24:27 +0200 |
|---|---|---|
| committer | David Gibson | 2021-02-08 06:57:38 +0100 |
| commit | 6742eefc9314678bba39e461fe8cdd0a841c3e92 (patch) | |
| tree | a45d59b88f53da52f694f6cd2e6ac312e6a47f14 | |
| parent | spapr: Add PEF based confidential guest support (diff) | |
| download | qemu-6742eefc9314678bba39e461fe8cdd0a841c3e92.tar.gz qemu-6742eefc9314678bba39e461fe8cdd0a841c3e92.tar.xz qemu-6742eefc9314678bba39e461fe8cdd0a841c3e92.zip | |
spapr: PEF: prevent migration
We haven't yet implemented the fairly involved handshaking that will be
needed to migrate PEF protected guests. For now, just use a migration
blocker so we get a meaningful error if someone attempts this (this is the
same approach used by AMD SEV).
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
| -rw-r--r-- | hw/ppc/pef.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/hw/ppc/pef.c b/hw/ppc/pef.c index f9fd1f2a71..573be3ed79 100644 --- a/hw/ppc/pef.c +++ b/hw/ppc/pef.c @@ -44,6 +44,8 @@ struct PefGuest { static int kvmppc_svm_init(Error **errp) { #ifdef CONFIG_KVM + static Error *pef_mig_blocker; + if (!kvm_check_extension(kvm_state, KVM_CAP_PPC_SECURE_GUEST)) { error_setg(errp, "KVM implementation does not support Secure VMs (is an ultravisor running?)"); @@ -58,6 +60,11 @@ static int kvmppc_svm_init(Error **errp) } } + /* add migration blocker */ + error_setg(&pef_mig_blocker, "PEF: Migration is not implemented"); + /* NB: This can fail if --only-migratable is used */ + migrate_add_blocker(pef_mig_blocker, &error_fatal); + return 0; #else g_assert_not_reached(); |