| Message ID | 20200130175046.85850-1-dgilbert@redhat.com |
|---|---|
| State | New |
| Headers | show |
| Series | machine/memory encryption: Disable mem merge | expand |
On 1/30/20 6:50 PM, Dr. David Alan Gilbert (git) wrote: > From: "Dr. David Alan Gilbert" <dgilbert@redhat.com> > > When a host is running with memory encryption, the memory isn't visible > to the host kernel; attempts to merge that memory are futile because > what it's really comparing is encrypted memory, usually encrypted > with different keys. > > Automatically turn mem-merge off when memory encryption is specified. > > https://bugzilla.redhat.com/show_bug.cgi?id=1796356 > > Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> > --- > hw/core/machine.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/hw/core/machine.c b/hw/core/machine.c > index 3e288bfceb..029e1f85b8 100644 > --- a/hw/core/machine.c > +++ b/hw/core/machine.c > @@ -419,6 +419,14 @@ static void machine_set_memory_encryption(Object *obj, const char *value, > > g_free(ms->memory_encryption); > ms->memory_encryption = g_strdup(value); > + > + /* > + * With memory encryption, the host can't see the real contents of RAM, > + * so there's no point in it trying to merge areas. > + */ > + if (value) { > + machine_set_mem_merge(obj, false, errp); Using the helper is cleaner than accessing ms->mem_merge. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> > + } > } > > static bool machine_get_nvdimm(Object *obj, Error **errp) >
On Thu, Jan 30, 2020 at 05:50:46PM +0000, Dr. David Alan Gilbert (git) wrote: > From: "Dr. David Alan Gilbert" <dgilbert@redhat.com> > > When a host is running with memory encryption, the memory isn't visible > to the host kernel; attempts to merge that memory are futile because > what it's really comparing is encrypted memory, usually encrypted > with different keys. > > Automatically turn mem-merge off when memory encryption is specified. > > https://bugzilla.redhat.com/show_bug.cgi?id=1796356 > > Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Queued, thanks.
diff --git a/hw/core/machine.c b/hw/core/machine.c index 3e288bfceb..029e1f85b8 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -419,6 +419,14 @@ static void machine_set_memory_encryption(Object *obj, const char *value, g_free(ms->memory_encryption); ms->memory_encryption = g_strdup(value); + + /* + * With memory encryption, the host can't see the real contents of RAM, + * so there's no point in it trying to merge areas. + */ + if (value) { + machine_set_mem_merge(obj, false, errp); + } } static bool machine_get_nvdimm(Object *obj, Error **errp)