projects / qemu.git / blame
| Commit | Line | Data |
|---|---|---|
| 6c8ebe30 DG |
1 | POWER (PAPR) Protected Execution Facility (PEF) |
| 2 | =============================================== | |
| 3 | ||
| 4 | Protected Execution Facility (PEF), also known as Secure Guest support | |
| 5 | is a feature found on IBM POWER9 and POWER10 processors. | |
| 6 | ||
| 7 | If a suitable firmware including an Ultravisor is installed, it adds | |
| 8 | an extra memory protection mode to the CPU. The ultravisor manages a | |
| 9 | pool of secure memory which cannot be accessed by the hypervisor. | |
| 10 | ||
| 11 | When this feature is enabled in QEMU, a guest can use ultracalls to | |
| 12 | enter "secure mode". This transfers most of its memory to secure | |
| 13 | memory, where it cannot be eavesdropped by a compromised hypervisor. | |
| 14 | ||
| 15 | Launching | |
| 16 | --------- | |
| 17 | ||
| 18 | To launch a guest which will be permitted to enter PEF secure mode: | |
| 19 | ||
| 20 | # ${QEMU} \ | |
| 21 | -object pef-guest,id=pef0 \ | |
| 22 | -machine confidential-guest-support=pef0 \ | |
| 23 | ... | |
| 24 | ||
| 25 | Live Migration | |
| 26 | ---------------- | |
| 27 | ||
| 28 | Live migration is not yet implemented for PEF guests. For | |
| 29 | consistency, we currently prevent migration if the PEF feature is | |
| 30 | enabled, whether or not the guest has actually entered secure mode. |