[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/7] target/i386: VM type infrastructure and KVM_SEV_INIT2 suppor
From: |
Paolo Bonzini |
Subject: |
[PATCH 0/7] target/i386: VM type infrastructure and KVM_SEV_INIT2 support |
Date: |
Tue, 19 Mar 2024 14:59:53 +0100 |
This series adds another vendor-neutral part of the SEV-SNP/TDX support
patches, namely support for KVM_CAP_VM_TYPES. In Linux 6.10 this will
also be available for SEV and SEV-ES, so introduce it now already.
Also, Linux 6.10 will _not_ allow KVM_GET/SET_* ioctls for VMs with
encrypted state and a VM type other than KVM_X86_DEFAULT_VM, so prepare
for that.
The patches are not yet available in kvm.git, hence the hackish
linux-headers update in patch 1. Apart from that, however, the API
should be final.
Tested by booting a SEV-ES guest.
Paolo
Based-on: <20240229060038.606591-1-xiaoyao.li@intel.com>
Paolo Bonzini (6):
linux-headers hack
runstate: skip initial CPU reset if reset is not actually possible
KVM: track whether guest state is encrypted
KVM: remove kvm_arch_cpu_check_are_resettable
target/i386: introduce x86-confidential-guest
target/i386: SEV: use KVM_SEV_INIT2 if possible
Xiaoyao Li (1):
target/i386: Implement mc->kvm_type() to get VM type
include/sysemu/kvm.h | 12 ++-----
include/sysemu/kvm_int.h | 1 +
linux-headers/asm-x86/kvm.h | 8 +++++
linux-headers/linux/kvm.h | 2 ++
target/i386/confidential-guest.h | 59 ++++++++++++++++++++++++++++++++
target/i386/kvm/kvm_i386.h | 2 ++
accel/kvm/kvm-accel-ops.c | 2 +-
accel/kvm/kvm-all.c | 19 ++++++----
hw/i386/x86.c | 6 ++++
system/runstate.c | 15 +++++++-
target/arm/kvm.c | 5 ---
target/i386/confidential-guest.c | 33 ++++++++++++++++++
target/i386/kvm/kvm.c | 49 +++++++++++++++++++++++---
target/i386/sev.c | 48 ++++++++++++++++++++++----
target/loongarch/kvm/kvm.c | 5 ---
target/mips/kvm.c | 5 ---
target/ppc/kvm.c | 5 ---
target/riscv/kvm/kvm-cpu.c | 5 ---
target/s390x/kvm/kvm.c | 5 ---
target/i386/meson.build | 2 +-
20 files changed, 226 insertions(+), 62 deletions(-)
create mode 100644 target/i386/confidential-guest.h
create mode 100644 target/i386/confidential-guest.c
--
2.44.0
- [PATCH 0/7] target/i386: VM type infrastructure and KVM_SEV_INIT2 support,
Paolo Bonzini <=
- [PATCH 2/7] runstate: skip initial CPU reset if reset is not actually possible, Paolo Bonzini, 2024/03/19
- [PATCH 4/7] KVM: remove kvm_arch_cpu_check_are_resettable, Paolo Bonzini, 2024/03/19
- [PATCH 3/7] KVM: track whether guest state is encrypted, Paolo Bonzini, 2024/03/19
- [PATCH 5/7] target/i386: introduce x86-confidential-guest, Paolo Bonzini, 2024/03/19
- [PATCH 1/7] linux-headers hack, Paolo Bonzini, 2024/03/19
- [PATCH 6/7] target/i386: Implement mc->kvm_type() to get VM type, Paolo Bonzini, 2024/03/19