[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[RFC PATCH 12/23] target/i386/tdx: Finalize the TD's measurement when ma
From: |
Isaku Yamahata |
Subject: |
[RFC PATCH 12/23] target/i386/tdx: Finalize the TD's measurement when machine is done |
Date: |
Mon, 15 Feb 2021 18:13:08 -0800 |
From: Xiaoyao Li <xiaoyao.li@intel.com>
Invoke KVM_TDX_FINALIZEMR to finalize the TD's measurement and make the
TD vCPUs runnable once machine initialization is complete.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
target/i386/kvm/kvm.c | 7 +++++++
target/i386/kvm/tdx.c | 20 ++++++++++++++++++++
target/i386/kvm/tdx.h | 3 +++
3 files changed, 30 insertions(+)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index beb768a7d3..018a757dc6 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -51,6 +51,7 @@
#include "migration/blocker.h"
#include "exec/memattrs.h"
#include "trace.h"
+#include "tdx.h"
//#define DEBUG_KVM
@@ -2184,6 +2185,12 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
return ret;
}
+ ret = tdx_kvm_init(ms->cgs, &local_err);
+ if (ret < 0) {
+ error_report_err(local_err);
+ return ret;
+ }
+
if (!kvm_check_extension(s, KVM_CAP_IRQ_ROUTING)) {
error_report("kvm: KVM_CAP_IRQ_ROUTING not supported by KVM");
return -ENOTSUP;
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 00eda80725..d8b79e975f 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -56,6 +56,26 @@ static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
#define tdx_ioctl(ioctl_no, metadata, data) \
__tdx_ioctl(ioctl_no, stringify(ioctl_no), metadata, data)
+static void tdx_finalize_vm(Notifier *notifier, void *unused)
+{
+ tdx_ioctl(KVM_TDX_FINALIZE_VM, 0, NULL);
+}
+
+static Notifier tdx_machine_done_late_notify = {
+ .notify = tdx_finalize_vm,
+};
+
+int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
+{
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(cgs),
+ TYPE_TDX_GUEST);
+ if (tdx) {
+ qemu_add_machine_init_done_late_notifier(
+ &tdx_machine_done_late_notify);
+ }
+ return 0;
+}
+
void tdx_pre_create_vcpu(CPUState *cpu)
{
struct {
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
index 6ad6c9a313..e15657d272 100644
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@@ -2,6 +2,7 @@
#define QEMU_I386_TDX_H
#include "qom/object.h"
+#include "qapi/error.h"
#include "exec/confidential-guest-support.h"
#define TYPE_TDX_GUEST "tdx-guest"
@@ -21,4 +22,6 @@ typedef struct TdxGuest {
bool debug;
} TdxGuest;
+int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
+
#endif
--
2.17.1
- [RFC PATCH 07/23] i386/kvm: Squash getting/putting guest state for TDX VMs, (continued)
- [RFC PATCH 07/23] i386/kvm: Squash getting/putting guest state for TDX VMs, Isaku Yamahata, 2021/02/15
- [RFC PATCH 03/23] KVM: i386: use VM capability check for KVM_CAP_X86_SMM, Isaku Yamahata, 2021/02/15
- [RFC PATCH 08/23] i386/kvm: Skip KVM_X86_SETUP_MCE for TDX guests, Isaku Yamahata, 2021/02/15
- [RFC PATCH 04/23] i386/kvm: Move architectural CPUID leaf generation to separarte helper, Isaku Yamahata, 2021/02/15
- [RFC PATCH 09/23] target/i386: kvm: don't synchronize guest tsc for TD guest, Isaku Yamahata, 2021/02/15
- [RFC PATCH 01/23] target/i386: Expose x86_cpu_get_supported_feature_word() for TDX, Isaku Yamahata, 2021/02/15
- [RFC PATCH 10/23] linux-headers: Update headers to pull in TDX API changes, Isaku Yamahata, 2021/02/15
- [RFC PATCH 13/23] i386/tdx: Frame in tdx_get_supported_cpuid with KVM_TDX_CAPABILITIES, Isaku Yamahata, 2021/02/15
- [RFC PATCH 11/23] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX, Isaku Yamahata, 2021/02/15
- [RFC PATCH 14/23] i386/tdx: Frame in the call for KVM_TDX_INIT_VCPU, Isaku Yamahata, 2021/02/15
- [RFC PATCH 12/23] target/i386/tdx: Finalize the TD's measurement when machine is done,
Isaku Yamahata <=
- [RFC PATCH 15/23] i386/tdx: Add hook to require generic device loader, Isaku Yamahata, 2021/02/15
- [RFC PATCH 17/23] i386/tdx: Add definitions for TDVF metadata, Isaku Yamahata, 2021/02/15
- [RFC PATCH 16/23] hw/i386: Add definitions from UEFI spec for volumes, resources, etc..., Isaku Yamahata, 2021/02/15
- [RFC PATCH 18/23] i386/tdx: Parse tdvf metadata and store the result into TdxGuest, Isaku Yamahata, 2021/02/15
- [RFC PATCH 20/23] i386/tdx: Add TDVF memory via INIT_MEM_REGION, Isaku Yamahata, 2021/02/15
- [RFC PATCH 19/23] i386/tdx: Create the TD HOB list upon machine init done, Isaku Yamahata, 2021/02/15
- [RFC PATCH 22/23] i386/tdx: Force x2apic mode and routing for TDs, Isaku Yamahata, 2021/02/15
- [RFC PATCH 21/23] i386/tdx: Use KVM_TDX_INIT_VCPU to pass HOB to TDVF, Isaku Yamahata, 2021/02/15
- [RFC PATCH 23/23] target/i386: Add machine option to disable PIC/8259, Isaku Yamahata, 2021/02/15