Re: [RFC PATCH v3 16/36] i386/tdx: Set kvm_readonly_mem

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH v3 16/36] i386/tdx: Set kvm_readonly_mem_enabled to false

From:	Isaku Yamahata
Subject:	Re: [RFC PATCH v3 16/36] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM
Date:	Fri, 18 Mar 2022 10:11:17 -0700

On Thu, Mar 17, 2022 at 09:58:53PM +0800,
Xiaoyao Li <xiaoyao.li@intel.com> wrote:

> TDX only supports readonly for shared memory but not for private memory.
> 
> In the view of QEMU, it has no idea whether a memslot is used by shared
> memory of private. Thus just mark kvm_readonly_mem_enabled to false to
> TDX VM for simplicity.
> 
> Note, pflash has dependency on readonly capability from KVM while TDX
> wants to reuse pflash interface to load TDVF (as OVMF). Excuse TDX VM
> for readonly check in pflash.
> 
> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
> ---
>  hw/i386/pc_sysfw.c    | 2 +-
>  target/i386/kvm/tdx.c | 9 +++++++++
>  2 files changed, 10 insertions(+), 1 deletion(-)
> 
> diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
> index c8b17af95353..75b34d02cb4f 100644
> --- a/hw/i386/pc_sysfw.c
> +++ b/hw/i386/pc_sysfw.c
> @@ -245,7 +245,7 @@ void pc_system_firmware_init(PCMachineState *pcms,
>          /* Machine property pflash0 not set, use ROM mode */
>          x86_bios_rom_init(MACHINE(pcms), "bios.bin", rom_memory, false);
>      } else {
> -        if (kvm_enabled() && !kvm_readonly_mem_enabled()) {
> +        if (kvm_enabled() && (!kvm_readonly_mem_enabled() && !is_tdx_vm())) {

Is this called before tdx_kvm_init()?

Thanks,


>              /*
>               * Older KVM cannot execute from device memory. So, flash
>               * memory cannot be used unless the readonly memory kvm
> diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
> index 94a9c1ea7e9c..1bb8211e74e6 100644
> --- a/target/i386/kvm/tdx.c
> +++ b/target/i386/kvm/tdx.c
> @@ -115,6 +115,15 @@ int tdx_kvm_init(MachineState *ms, Error **errp)
>          get_tdx_capabilities();
>      }
>  
> +    /*
> +     * Set kvm_readonly_mem_allowed to false, because TDX only supports 
> readonly
> +     * memory for shared memory but not for private memory. Besides, whether 
> a
> +     * memslot is private or shared is not determined by QEMU.
> +     *
> +     * Thus, just mark readonly memory not supported for simplicity.
> +     */
> +    kvm_readonly_mem_allowed = false;
> +
>      tdx_guest = tdx;
>  
>      return 0;
> -- 
> 2.27.0
> 
> 

-- 
Isaku Yamahata <isaku.yamahata@gmail.com>

[Prev in Thread]

Current Thread

[Next in Thread]

[RFC PATCH v3 09/36] KVM: Introduce kvm_arch_pre_create_vcpu(), (continued)
- [RFC PATCH v3 09/36] KVM: Introduce kvm_arch_pre_create_vcpu(), Xiaoyao Li, 2022/03/17
  - Re: [RFC PATCH v3 09/36] KVM: Introduce kvm_arch_pre_create_vcpu(), Isaku Yamahata, 2022/03/18
    - Re: [RFC PATCH v3 09/36] KVM: Introduce kvm_arch_pre_create_vcpu(), Xiaoyao Li, 2022/03/21
- [RFC PATCH v3 10/36] i386/kvm: Move architectural CPUID leaf generation to separate helper, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 11/36] i386/tdx: Initialize TDX before creating TD vcpus, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 12/36] i386/tdx: Add property sept-ve-disable for tdx-guest object, Xiaoyao Li, 2022/03/17
  - Re: [RFC PATCH v3 12/36] i386/tdx: Add property sept-ve-disable for tdx-guest object, Gerd Hoffmann, 2022/03/22
- [RFC PATCH v3 13/36] i386/tdx: Wire CPU features up with attributes of TD guest, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 14/36] i386/tdx: Validate TD attributes, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 16/36] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM, Xiaoyao Li, 2022/03/17
  - Re: [RFC PATCH v3 16/36] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM, Isaku Yamahata <=
    - Re: [RFC PATCH v3 16/36] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM, Xiaoyao Li, 2022/03/21
- [RFC PATCH v3 15/36] i386/tdx: Implement user specified tsc frequency, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF, Xiaoyao Li, 2022/03/17
  - Re: [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF, Philippe Mathieu-Daudé, 2022/03/18
    - Re: [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF, Xiaoyao Li, 2022/03/21
    - Re: [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF, Isaku Yamahata, 2022/03/21
    - Re: [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF, Gerd Hoffmann, 2022/03/22
    - Re: [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF, Daniel P . Berrangé, 2022/03/22
    - Re: [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF, Gerd Hoffmann, 2022/03/22
    - Re: [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF, Daniel P . Berrangé, 2022/03/22

Prev by Date: Re: [PATCH v2 5/5] i386/cpu: Free env->xsave_buf in x86_cpu_unrealizefn()
Next by Date: Re: QEMU device refcounting when device creates a container MR
Previous by thread: [RFC PATCH v3 16/36] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM
Next by thread: Re: [RFC PATCH v3 16/36] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM
Index(es):
- Date
- Thread