From: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH qemu-server v4 2/4] Convert policy calculation
Date: Tue, 11 Mar 2025 16:04:54 +0100 [thread overview]
Message-ID: <20250311150456.4071232-3-philipp.giersfeld@canarybit.eu> (raw)
In-Reply-To: <20250311150456.4071232-1-philipp.giersfeld@canarybit.eu>
Convert policy calculation to use shift operators and OR operation
instead of binary numbers and addition.
Signed-off-by: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
Reviewed-by: Daniel Kral <d.kral@proxmox.com>
Reviewed-by: Fiona Ebner <f.ebner@proxmox.com>
Tested-by: Markus Frank <m.frank@proxmox.com>
---
changes since v3: https://lists.proxmox.com/pipermail/pve-devel/2025-February/068578.html
* Fix typo in commit description
PVE/QemuServer/CPUConfig.pm | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/PVE/QemuServer/CPUConfig.pm b/PVE/QemuServer/CPUConfig.pm
index e65d8c26..ad0be16e 100644
--- a/PVE/QemuServer/CPUConfig.pm
+++ b/PVE/QemuServer/CPUConfig.pm
@@ -846,12 +846,12 @@ sub get_amd_sev_object {
# guest policy bit calculation as described here:
# https://documentation.suse.com/sles/15-SP5/html/SLES-amd-sev/article-amd-sev.html#table-guestpolicy
- my $policy = 0b0000;
- $policy += 0b0001 if $amd_sev_conf->{'no-debug'};
- $policy += 0b0010 if $amd_sev_conf->{'no-key-sharing'};
- $policy += 0b0100 if $amd_sev_conf->{type} eq 'es';
+ my $policy = 0;
+ $policy |= 1 << 0 if $amd_sev_conf->{'no-debug'};
+ $policy |= 1 << 1 if $amd_sev_conf->{'no-key-sharing'};
+ $policy |= 1 << 2 if $amd_sev_conf->{type} eq 'es';
# disable migration with bit 3 nosend to prevent amd-sev-migration-attack
- $policy += 0b1000;
+ $policy |= 1 << 3;
$sev_mem_object .= ',policy='.sprintf("%#x", $policy);
$sev_mem_object .= ',kernel-hashes=on' if ($amd_sev_conf->{'kernel-hashes'});
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-03-11 15:05 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-11 15:04 [pve-devel] [PATCH edk2-firmware/qemu-server/manager v3 0/4] AMD SEV-SNP Philipp Giersfeld
2025-03-11 15:04 ` [pve-devel] [PATCH edk2-firmware v4 1/4] Add OVMF targets for AMD SEV-ES and SEV-SNP Philipp Giersfeld
2025-03-11 15:04 ` Philipp Giersfeld [this message]
2025-03-11 15:04 ` [pve-devel] [PATCH qemu-server v4 3/4] config: add AMD SEV-SNP support Philipp Giersfeld
2025-03-11 15:04 ` [pve-devel] [PATCH pve-manager v4 4/4] Add configuration options for AMD SEV-SNP Philipp Giersfeld
2025-03-17 10:13 ` Markus Frank
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250311150456.4071232-3-philipp.giersfeld@canarybit.eu \
--to=philipp.giersfeld@canarybit.eu \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal