diff options
| author | Sean Christopherson <sean.j.christopherson@intel.com> | 2021-07-19 19:21:16 +0800 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2021-09-30 14:50:20 +0200 |
| commit | c22f5467856d7e7fa5ee4a1f0ee9edc3bb80bf5c (patch) | |
| tree | 77c119aa516f544e963b7b78a2ddac0d81e5009d /target/i386/cpu.c | |
| parent | 1dec2e1f19fdb39a0340356ec2d77233837b3d68 (diff) | |
| download | qemu-c22f5467856d7e7fa5ee4a1f0ee9edc3bb80bf5c.zip qemu-c22f5467856d7e7fa5ee4a1f0ee9edc3bb80bf5c.tar.gz qemu-c22f5467856d7e7fa5ee4a1f0ee9edc3bb80bf5c.tar.bz2 | |
i386: kvm: Add support for exposing PROVISIONKEY to guest
If the guest want to fully use SGX, the guest needs to be able to
access provisioning key. Add a new KVM_CAP_SGX_ATTRIBUTE to KVM to
support provisioning key to KVM guests.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Yang Zhong <yang.zhong@intel.com>
Message-Id: <20210719112136.57018-14-yang.zhong@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'target/i386/cpu.c')
| -rw-r--r-- | target/i386/cpu.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 8a62986..de58599 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -5542,7 +5542,10 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count, *ecx |= XSTATE_FP_MASK | XSTATE_SSE_MASK; /* Access to PROVISIONKEY requires additional credentials. */ - *eax &= ~(1U << 4); + if ((*eax & (1U << 4)) && + !kvm_enable_sgx_provisioning(cs->kvm_state)) { + *eax &= ~(1U << 4); + } } #endif break; |