[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH for-9.1 00/26] x86, kvm: common confidential computing subset
From: |
Paolo Bonzini |
Subject: |
[PATCH for-9.1 00/26] x86, kvm: common confidential computing subset |
Date: |
Fri, 22 Mar 2024 19:10:50 +0100 |
These are the common bits for TDX and SEV-SNP support for QEMU 9.1.
The main changes compared to what Michael posted is:
1) I am including KVM_SEV_INIT2 support patches without the linux-headers
update hack (however the linux-headers update in these patches is still
not final). This also includes the bits to track whether guest state
are encrypted, that are needed by TDX as well as SEV-ES/SNP.
2) VFIO currently is blocked, pending a decision on what is worse
between possibly consuming twice the memory and disallowing device
assignment; or someone biting the bullet and implementing the
RamDiscardManager interface.
3) I included another easy patch from the TDX series, "i386/kvm: Move
architectural CPUID leaf generation to separate helper".
Please test. :)
Paolo
Chao Peng (2):
kvm: Enable KVM_SET_USER_MEMORY_REGION2 for memslot
kvm: handle KVM_EXIT_MEMORY_FAULT
Isaku Yamahata (2):
pci-host/q35: Move PAM initialization above SMRAM initialization
q35: Introduce smm_ranges property for q35-pci-host
Michael Roth (5):
scripts/update-linux-headers: Add setup_data.h to import list
scripts/update-linux-headers: Add bits.h to file imports
[HACK] linux-headers: Update headers for 6.8 + kvm-coco-queue + SNP
[TO SQUASH] hw/i386: Remove redeclaration of struct setup_data
RAMBlock: Add support of KVM private guest memfd
Paolo Bonzini (7):
runstate: skip initial CPU reset if reset is not actually possible
KVM: track whether guest state is encrypted
KVM: remove kvm_arch_cpu_check_are_resettable
target/i386: introduce x86-confidential-guest
target/i386: Implement mc->kvm_type() to get VM type
target/i386: SEV: use KVM_SEV_INIT2 if possible
RAMBlock: make guest_memfd require uncoordinated discard
Sean Christopherson (1):
i386/kvm: Move architectural CPUID leaf generation to separate helper
Xiaoyao Li (9):
confidential guest support: Add kvm_init() and kvm_reset() in class
i386/sev: Switch to use confidential_guest_kvm_init()
ppc/pef: switch to use confidential_guest_kvm_init/reset()
s390: Switch to use confidential_guest_kvm_init()
trace/kvm: Split address space and slot id in
trace_kvm_set_user_memory()
kvm: Introduce support for memory_attributes
kvm/memory: Make memory type private by default if it has guest memfd
backend
HostMem: Add mechanism to opt in kvm guest memfd via MachineState
physmem: Introduce ram_block_discard_guest_memfd_range()
include/exec/confidential-guest-support.h | 34 +-
include/exec/cpu-common.h | 2 +
include/exec/memory.h | 20 +-
include/exec/ram_addr.h | 2 +-
include/exec/ramblock.h | 1 +
include/hw/boards.h | 2 +
include/hw/i386/pc.h | 1 +
include/hw/pci-host/q35.h | 1 +
include/hw/ppc/pef.h | 17 -
include/standard-headers/asm-x86/bootparam.h | 17 +-
include/standard-headers/asm-x86/kvm_para.h | 3 +-
include/standard-headers/asm-x86/setup_data.h | 83 ++
include/standard-headers/linux/ethtool.h | 48 ++
include/standard-headers/linux/fuse.h | 39 +-
.../linux/input-event-codes.h | 1 +
include/standard-headers/linux/virtio_gpu.h | 2 +
include/standard-headers/linux/virtio_snd.h | 154 ++++
include/sysemu/hostmem.h | 1 +
include/sysemu/kvm.h | 19 +-
include/sysemu/kvm_int.h | 3 +
linux-headers/asm-arm64/kvm.h | 15 +-
linux-headers/asm-arm64/sve_context.h | 11 +
linux-headers/asm-generic/bitsperlong.h | 4 +
linux-headers/asm-loongarch/kvm.h | 2 -
linux-headers/asm-mips/kvm.h | 2 -
linux-headers/asm-powerpc/kvm.h | 45 +-
linux-headers/asm-riscv/kvm.h | 3 +-
linux-headers/asm-s390/kvm.h | 315 +++++++-
linux-headers/asm-x86/kvm.h | 364 ++++++++-
linux-headers/linux/bits.h | 15 +
linux-headers/linux/kvm.h | 717 +-----------------
linux-headers/linux/psp-sev.h | 71 ++
target/i386/confidential-guest.h | 59 ++
target/i386/kvm/kvm_i386.h | 2 +
target/i386/sev.h | 2 -
target/s390x/kvm/pv.h | 14 -
accel/kvm/kvm-accel-ops.c | 2 +-
accel/kvm/kvm-all.c | 236 +++++-
accel/stubs/kvm-stub.c | 5 +
backends/hostmem-file.c | 1 +
backends/hostmem-memfd.c | 1 +
backends/hostmem-ram.c | 1 +
backends/hostmem.c | 1 +
hw/core/machine.c | 5 +
hw/i386/pc_q35.c | 2 +
hw/i386/x86.c | 19 +-
hw/pci-host/q35.c | 61 +-
hw/ppc/pef.c | 9 +-
hw/ppc/spapr.c | 10 +-
hw/s390x/s390-virtio-ccw.c | 5 +-
system/memory.c | 5 +
system/physmem.c | 65 +-
system/runstate.c | 15 +-
target/arm/kvm.c | 5 -
target/i386/confidential-guest.c | 33 +
target/i386/kvm/kvm.c | 507 +++++++------
target/i386/kvm/sev-stub.c | 21 -
target/i386/sev.c | 173 +++--
target/loongarch/kvm/kvm.c | 5 -
target/mips/kvm.c | 5 -
target/ppc/kvm.c | 5 -
target/riscv/kvm/kvm-cpu.c | 5 -
target/s390x/kvm/kvm.c | 5 -
target/s390x/kvm/pv.c | 8 +
accel/kvm/trace-events | 4 +-
roms/edk2 | 2 +-
scripts/update-linux-headers.sh | 8 +-
target/i386/kvm/meson.build | 2 -
target/i386/meson.build | 2 +-
69 files changed, 2124 insertions(+), 1200 deletions(-)
delete mode 100644 include/hw/ppc/pef.h
create mode 100644 include/standard-headers/asm-x86/setup_data.h
create mode 100644 linux-headers/linux/bits.h
create mode 100644 target/i386/confidential-guest.h
create mode 100644 target/i386/confidential-guest.c
delete mode 100644 target/i386/kvm/sev-stub.c
--
2.44.0
- [PATCH for-9.1 00/26] x86, kvm: common confidential computing subset,
Paolo Bonzini <=
- [PATCH 01/26] pci-host/q35: Move PAM initialization above SMRAM initialization, Paolo Bonzini, 2024/03/22
- [PATCH 02/26] q35: Introduce smm_ranges property for q35-pci-host, Paolo Bonzini, 2024/03/22
- [PATCH 03/26] confidential guest support: Add kvm_init() and kvm_reset() in class, Paolo Bonzini, 2024/03/22
- [PATCH 04/26] i386/sev: Switch to use confidential_guest_kvm_init(), Paolo Bonzini, 2024/03/22
- [PATCH 05/26] ppc/pef: switch to use confidential_guest_kvm_init/reset(), Paolo Bonzini, 2024/03/22
- [PATCH 06/26] s390: Switch to use confidential_guest_kvm_init(), Paolo Bonzini, 2024/03/22
- [PATCH 08/26] scripts/update-linux-headers: Add bits.h to file imports, Paolo Bonzini, 2024/03/22
- [PATCH 07/26] scripts/update-linux-headers: Add setup_data.h to import list, Paolo Bonzini, 2024/03/22