Re: [PATCH v2 05/10] i386/pc: Process IGVM file during PC initialization

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 05/10] i386/pc: Process IGVM file during PC initialization

From:	Daniel P . Berrangé
Subject:	Re: [PATCH v2 05/10] i386/pc: Process IGVM file during PC initialization if present
Date:	Tue, 16 Apr 2024 15:19:59 +0100
User-agent:	Mutt/2.2.12 (2023-09-09)

On Wed, Apr 03, 2024 at 12:11:36PM +0100, Roy Hopkins wrote:
> An IGVM file contains configuration of a guest that supports
> confidential computing hardware. As part of the PC system
> initialisation, the IGVM needs to be processed to apply this
> configuration before the guest is started.
> 
> This patch introduces processing of a provided IGVM file at the end of
> the current PC initialization steps. If an IGVM file has been provided
> then the directives in the file are processed completing the
> initialization of the target.
> 
> If no IGVM file has been specified by the user then no there is no
> intended consequences in these changes.
> 
> Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
> ---
>  backends/confidential-guest-support.c     | 18 ++++++++++++++++++
>  hw/i386/pc_piix.c                         |  4 ++++
>  hw/i386/pc_q35.c                          |  4 ++++
>  include/exec/confidential-guest-support.h | 17 +++++++++++++++++
>  4 files changed, 43 insertions(+)
> 
> diff --git a/backends/confidential-guest-support.c 
> b/backends/confidential-guest-support.c
> index adfe447334..79c0f3fc56 100644
> --- a/backends/confidential-guest-support.c
> +++ b/backends/confidential-guest-support.c
> @@ -88,3 +88,21 @@ static void confidential_guest_support_init(Object *obj)
>  static void confidential_guest_support_finalize(Object *obj)
>  {
>  }
> +
> +bool cgs_is_igvm(ConfidentialGuestSupport *cgs)
> +{
> +#if defined(CONFIG_IGVM)
> +    return cgs && cgs->igvm;
> +#else
> +    return false;
> +#endif
> +}
> +
> +void cgs_process_igvm(ConfidentialGuestSupport *cgs)
> +{
> +#if defined(CONFIG_IGVM)
> +    if (cgs && cgs_is_igvm(cgs)) {

Either remove the 'cgs &&' check which cgs_is_igvm already
does, or fully inline 'cgs_is_igvm'.

> +        igvm_process(cgs, &error_fatal);
> +    }
> +#endif
> +}


With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v2 05/10] i386/pc: Process IGVM file during PC initialization if present, Roy Hopkins, 2024/04/03
- Re: [PATCH v2 05/10] i386/pc: Process IGVM file during PC initialization if present, Daniel P . Berrangé <=

Prev by Date: Re: [PATCH v2 3/5] intel_iommu: Add a framework to do compatibility check with host IOMMU cap/ecap
Next by Date: Re: [PATCH v3 01/22] hw/i386/pc: Deprecate 2.4 to 2.7 pc-i440fx machines
Previous by thread: [PATCH v2 05/10] i386/pc: Process IGVM file during PC initialization if present
Next by thread: [PATCH v2 09/10] docs/system: Add documentation on support for IGVM
Index(es):
- Date
- Thread