[RFC,kvmtool,09/31] arm64: Add --realm command line option

Commit Message

Suzuki K Poulose Jan. 27, 2023, 11:39 a.m. UTC

From: Alexandru Elisei <alexandru.elisei@arm.com>

Add the --realm command line option which causes kvmtool to exit with an
error if specified, but which will be enabled once realms are fully
supported by kvmtool.

Signed-off-by: Alexandru Elisei <alexandru.elisei@arm.com>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
---
 arm/aarch64/include/kvm/kvm-config-arch.h |  5 ++++-
 arm/aarch64/kvm.c                         | 20 ++++++++++++++++++--
 arm/include/arm-common/kvm-config-arch.h  |  1 +
 3 files changed, 23 insertions(+), 3 deletions(-)

Patch

diff --git a/arm/aarch64/include/kvm/kvm-config-arch.h b/arm/aarch64/include/kvm/kvm-config-arch.h
index b055fef4..d2df850a 100644
--- a/arm/aarch64/include/kvm/kvm-config-arch.h
+++ b/arm/aarch64/include/kvm/kvm-config-arch.h
@@ -21,7 +21,10 @@  int vcpu_affinity_parser(const struct option *opt, const char *arg, int unset);
 	OPT_BOOLEAN('\0', "no-pvtime", &(cfg)->no_pvtime, "Disable"	\
 			" stolen time"),				\
 	OPT_BOOLEAN('\0', "disable-sve", &(cfg)->disable_sve,		\
-			"Disable SVE"),
+			"Disable SVE"),					\
+	OPT_BOOLEAN('\0', "realm", &(cfg)->is_realm,			\
+			"Create VM running in a realm using Arm RME"),
+
 #include "arm-common/kvm-config-arch.h"
 
 #endif /* KVM__KVM_CONFIG_ARCH_H */
diff --git a/arm/aarch64/kvm.c b/arm/aarch64/kvm.c
index 5a53badb..25be2f2d 100644
--- a/arm/aarch64/kvm.c
+++ b/arm/aarch64/kvm.c
@@ -38,9 +38,8 @@  int vcpu_affinity_parser(const struct option *opt, const char *arg, int unset)
 	return 0;
 }
 
-void kvm__arch_validate_cfg(struct kvm *kvm)
+static void validate_mem_cfg(struct kvm *kvm)
 {
-
 	if (kvm->cfg.ram_addr < ARM_MEMORY_AREA) {
 		die("RAM address is below the I/O region ending at %luGB",
 		    ARM_MEMORY_AREA >> 30);
@@ -52,6 +51,23 @@  void kvm__arch_validate_cfg(struct kvm *kvm)
 	}
 }
 
+static void validate_realm_cfg(struct kvm *kvm)
+{
+	if (!kvm->cfg.arch.is_realm)
+		return;
+
+	if (kvm->cfg.arch.aarch32_guest)
+		die("Realms supported only for 64bit guests");
+
+	die("Realms not supported");
+}
+
+void kvm__arch_validate_cfg(struct kvm *kvm)
+{
+	validate_mem_cfg(kvm);
+	validate_realm_cfg(kvm);
+}
+
 u64 kvm__arch_default_ram_address(void)
 {
 	return ARM_MEMORY_AREA;
diff --git a/arm/include/arm-common/kvm-config-arch.h b/arm/include/arm-common/kvm-config-arch.h
index 6599305b..5eb791da 100644
--- a/arm/include/arm-common/kvm-config-arch.h
+++ b/arm/include/arm-common/kvm-config-arch.h
@@ -11,6 +11,7 @@  struct kvm_config_arch {
 	bool		aarch32_guest;
 	bool		has_pmuv3;
 	bool		mte_disabled;
+	bool		is_realm;
 	u64		kaslr_seed;
 	enum irqchip_type irqchip;
 	u64		fw_addr;