[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v5 55/65] i386/tdx: Disable SMM for TDX VMs
|
From: |
Xiaoyao Li |
|
Subject: |
[PATCH v5 55/65] i386/tdx: Disable SMM for TDX VMs |
|
Date: |
Thu, 29 Feb 2024 01:37:16 -0500 |
TDX doesn't support SMM and VMM cannot emulate SMM for TDX VMs because
VMM cannot manipulate TDX VM's memory.
Disable SMM for TDX VMs and error out if user requests to enable SMM.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
---
target/i386/kvm/tdx.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 811a3b81af99..c3fadbc5c58e 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -707,11 +707,19 @@ static Notifier tdx_machine_done_notify = {
static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
{
MachineState *ms = MACHINE(qdev_get_machine());
+ X86MachineState *x86ms = X86_MACHINE(ms);
TdxGuest *tdx = TDX_GUEST(cgs);
int r = 0;
ms->require_guest_memfd = true;
+ if (x86ms->smm == ON_OFF_AUTO_AUTO) {
+ x86ms->smm = ON_OFF_AUTO_OFF;
+ } else if (x86ms->smm == ON_OFF_AUTO_ON) {
+ error_setg(errp, "TDX VM doesn't support SMM");
+ return -EINVAL;
+ }
+
if (!tdx_caps) {
r = get_tdx_capabilities(errp);
if (r) {
--
2.34.1
- [PATCH v5 45/65] i386/tdx: Populate TDVF private memory via KVM_MEMORY_MAPPING, (continued)
- [PATCH v5 45/65] i386/tdx: Populate TDVF private memory via KVM_MEMORY_MAPPING, Xiaoyao Li, 2024/02/29
- [PATCH v5 46/65] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu, Xiaoyao Li, 2024/02/29
- [PATCH v5 47/65] i386/tdx: Finalize TDX VM, Xiaoyao Li, 2024/02/29
- [PATCH v5 48/65] i386/tdx: handle TDG.VP.VMCALL<SetupEventNotifyInterrupt>, Xiaoyao Li, 2024/02/29
- [PATCH v5 50/65] i386/tdx: handle TDG.VP.VMCALL<MapGPA> hypercall, Xiaoyao Li, 2024/02/29
- [PATCH v5 49/65] i386/tdx: handle TDG.VP.VMCALL<GetQuote>, Xiaoyao Li, 2024/02/29
- [PATCH v5 51/65] i386/tdx: Handle TDG.VP.VMCALL<REPORT_FATAL_ERROR>, Xiaoyao Li, 2024/02/29
- [PATCH v5 52/65] i386/tdx: Wire TDX_REPORT_FATAL_ERROR with GuestPanic facility, Xiaoyao Li, 2024/02/29
- [PATCH v5 53/65] pci-host/q35: Move PAM initialization above SMRAM initialization, Xiaoyao Li, 2024/02/29
- [PATCH v5 54/65] q35: Introduce smm_ranges property for q35-pci-host, Xiaoyao Li, 2024/02/29
- [PATCH v5 55/65] i386/tdx: Disable SMM for TDX VMs,
Xiaoyao Li <=
- [PATCH v5 56/65] i386/tdx: Disable PIC for TDX VMs, Xiaoyao Li, 2024/02/29
- [PATCH v5 57/65] i386/tdx: Don't allow system reset for TDX VMs, Xiaoyao Li, 2024/02/29
- [PATCH v5 58/65] i386/tdx: LMCE is not supported for TDX, Xiaoyao Li, 2024/02/29
- [PATCH v5 59/65] hw/i386: add eoi_intercept_unsupported member to X86MachineState, Xiaoyao Li, 2024/02/29
- [PATCH v5 60/65] hw/i386: add option to forcibly report edge trigger in acpi tables, Xiaoyao Li, 2024/02/29
- [PATCH v5 61/65] i386/tdx: Don't synchronize guest tsc for TDs, Xiaoyao Li, 2024/02/29
- [PATCH v5 62/65] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() for TDs, Xiaoyao Li, 2024/02/29
- [PATCH v5 63/65] i386/tdx: Skip kvm_put_apicbase() for TDs, Xiaoyao Li, 2024/02/29
- [PATCH v5 64/65] i386/tdx: Don't get/put guest state for TDX VMs, Xiaoyao Li, 2024/02/29
- [PATCH v5 65/65] docs: Add TDX documentation, Xiaoyao Li, 2024/02/29