Message ID | 20231115071519.2864957-15-xiaoyao.li@intel.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | QEMU Guest memfd + QEMU TDX support | expand |
On Wed, Nov 15, 2023 at 02:14:23AM -0500, Xiaoyao Li wrote: > Implement mc->kvm_type() for i386 machines. It provides a way for user > to create SW_PROTECTE_VM. Small typo there missing final 'D' in 'PROTECTED' > > Also store the vm_type in machinestate to other code to query what the > VM type is. > > Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> > --- > hw/i386/x86.c | 12 ++++++++++++ > include/hw/i386/x86.h | 1 + > target/i386/kvm/kvm.c | 25 +++++++++++++++++++++++++ > target/i386/kvm/kvm_i386.h | 1 + > 4 files changed, 39 insertions(+) > > diff --git a/hw/i386/x86.c b/hw/i386/x86.c > index b3d054889bba..55678279bf3b 100644 > --- a/hw/i386/x86.c > +++ b/hw/i386/x86.c > @@ -1377,6 +1377,17 @@ static void machine_set_sgx_epc(Object *obj, Visitor *v, const char *name, > qapi_free_SgxEPCList(list); > } > > +static int x86_kvm_type(MachineState *ms, const char *vm_type) > +{ > + X86MachineState *x86ms = X86_MACHINE(ms); > + int kvm_type; > + > + kvm_type = kvm_get_vm_type(ms, vm_type); > + x86ms->vm_type = kvm_type; > + > + return kvm_type; > +} > + > static void x86_machine_initfn(Object *obj) > { > X86MachineState *x86ms = X86_MACHINE(obj); > @@ -1401,6 +1412,7 @@ static void x86_machine_class_init(ObjectClass *oc, void *data) > mc->cpu_index_to_instance_props = x86_cpu_index_to_props; > mc->get_default_cpu_node_id = x86_get_default_cpu_node_id; > mc->possible_cpu_arch_ids = x86_possible_cpu_arch_ids; > + mc->kvm_type = x86_kvm_type; > x86mc->save_tsc_khz = true; > x86mc->fwcfg_dma_enabled = true; > nc->nmi_monitor_handler = x86_nmi; > diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h > index da19ae15463a..ab1d38569019 100644 > --- a/include/hw/i386/x86.h > +++ b/include/hw/i386/x86.h > @@ -41,6 +41,7 @@ struct X86MachineState { > MachineState parent; > > /*< public >*/ > + unsigned int vm_type; > > /* Pointers to devices and objects: */ > ISADevice *rtc; > diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c > index b4b9ce89842f..2e47fda25f95 100644 > --- a/target/i386/kvm/kvm.c > +++ b/target/i386/kvm/kvm.c > @@ -161,6 +161,31 @@ static KVMMSRHandlers msr_handlers[KVM_MSR_FILTER_MAX_RANGES]; > static RateLimit bus_lock_ratelimit_ctrl; > static int kvm_get_one_msr(X86CPU *cpu, int index, uint64_t *value); > > +static const char* vm_type_name[] = { nitpick 'char *vm_type_name[]', is normal style > + [KVM_X86_DEFAULT_VM] = "default", > + [KVM_X86_SW_PROTECTED_VM] = "sw-protected-vm", > +}; > + > +int kvm_get_vm_type(MachineState *ms, const char *vm_type) > +{ > + int kvm_type = KVM_X86_DEFAULT_VM; > + > + /* > + * old KVM doesn't support KVM_CAP_VM_TYPES and KVM_X86_DEFAULT_VM > + * is always supported > + */ > + if (kvm_type == KVM_X86_DEFAULT_VM) { > + return kvm_type; > + } > + > + if (!(kvm_check_extension(KVM_STATE(ms->accelerator), KVM_CAP_VM_TYPES) & BIT(kvm_type))) { > + error_report("vm-type %s not supported by KVM", vm_type_name[kvm_type]); > + exit(1); > + } > + > + return kvm_type; > +} > + > bool kvm_has_smm(void) > { > return kvm_vm_check_extension(kvm_state, KVM_CAP_X86_SMM); > diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h > index 30fedcffea3e..55fb25fa8e2e 100644 > --- a/target/i386/kvm/kvm_i386.h > +++ b/target/i386/kvm/kvm_i386.h > @@ -37,6 +37,7 @@ bool kvm_hv_vpindex_settable(void); > bool kvm_enable_sgx_provisioning(KVMState *s); > bool kvm_hyperv_expand_features(X86CPU *cpu, Error **errp); > > +int kvm_get_vm_type(MachineState *ms, const char *vm_type); > void kvm_arch_reset_vcpu(X86CPU *cs); > void kvm_arch_after_reset_vcpu(X86CPU *cpu); > void kvm_arch_do_init_vcpu(X86CPU *cs); > -- > 2.34.1 > With regards, Daniel
On 11/15/2023 6:49 PM, Daniel P. Berrangé wrote: > On Wed, Nov 15, 2023 at 02:14:23AM -0500, Xiaoyao Li wrote: >> Implement mc->kvm_type() for i386 machines. It provides a way for user >> to create SW_PROTECTE_VM. > > Small typo there missing final 'D' in 'PROTECTED' Thanks for catching it. I find the "PROTECTED_VM" part is the leftover of previous series. Since this version drop the "protected-vm" part, it should be fall back the earlier version like https://lore.kernel.org/qemu-devel/20220802074750.2581308-4-xiaoyao.li@intel.com/ I will merge next patch into this one, in next version. >> >> Also store the vm_type in machinestate to other code to query what the >> VM type is. >> >> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> >> --- >> hw/i386/x86.c | 12 ++++++++++++ >> include/hw/i386/x86.h | 1 + >> target/i386/kvm/kvm.c | 25 +++++++++++++++++++++++++ >> target/i386/kvm/kvm_i386.h | 1 + >> 4 files changed, 39 insertions(+) >> >> diff --git a/hw/i386/x86.c b/hw/i386/x86.c >> index b3d054889bba..55678279bf3b 100644 >> --- a/hw/i386/x86.c >> +++ b/hw/i386/x86.c >> @@ -1377,6 +1377,17 @@ static void machine_set_sgx_epc(Object *obj, Visitor *v, const char *name, >> qapi_free_SgxEPCList(list); >> } >> >> +static int x86_kvm_type(MachineState *ms, const char *vm_type) >> +{ >> + X86MachineState *x86ms = X86_MACHINE(ms); >> + int kvm_type; >> + >> + kvm_type = kvm_get_vm_type(ms, vm_type); >> + x86ms->vm_type = kvm_type; >> + >> + return kvm_type; >> +} >> + >> static void x86_machine_initfn(Object *obj) >> { >> X86MachineState *x86ms = X86_MACHINE(obj); >> @@ -1401,6 +1412,7 @@ static void x86_machine_class_init(ObjectClass *oc, void *data) >> mc->cpu_index_to_instance_props = x86_cpu_index_to_props; >> mc->get_default_cpu_node_id = x86_get_default_cpu_node_id; >> mc->possible_cpu_arch_ids = x86_possible_cpu_arch_ids; >> + mc->kvm_type = x86_kvm_type; >> x86mc->save_tsc_khz = true; >> x86mc->fwcfg_dma_enabled = true; >> nc->nmi_monitor_handler = x86_nmi; >> diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h >> index da19ae15463a..ab1d38569019 100644 >> --- a/include/hw/i386/x86.h >> +++ b/include/hw/i386/x86.h >> @@ -41,6 +41,7 @@ struct X86MachineState { >> MachineState parent; >> >> /*< public >*/ >> + unsigned int vm_type; >> >> /* Pointers to devices and objects: */ >> ISADevice *rtc; >> diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c >> index b4b9ce89842f..2e47fda25f95 100644 >> --- a/target/i386/kvm/kvm.c >> +++ b/target/i386/kvm/kvm.c >> @@ -161,6 +161,31 @@ static KVMMSRHandlers msr_handlers[KVM_MSR_FILTER_MAX_RANGES]; >> static RateLimit bus_lock_ratelimit_ctrl; >> static int kvm_get_one_msr(X86CPU *cpu, int index, uint64_t *value); >> >> +static const char* vm_type_name[] = { > > nitpick 'char *vm_type_name[]', is normal style will fix it. Thanks! >> + [KVM_X86_DEFAULT_VM] = "default", >> + [KVM_X86_SW_PROTECTED_VM] = "sw-protected-vm", >> +}; >> + >> +int kvm_get_vm_type(MachineState *ms, const char *vm_type) >> +{ >> + int kvm_type = KVM_X86_DEFAULT_VM; >> + >> + /* >> + * old KVM doesn't support KVM_CAP_VM_TYPES and KVM_X86_DEFAULT_VM >> + * is always supported >> + */ >> + if (kvm_type == KVM_X86_DEFAULT_VM) { >> + return kvm_type; >> + } >> + >> + if (!(kvm_check_extension(KVM_STATE(ms->accelerator), KVM_CAP_VM_TYPES) & BIT(kvm_type))) { >> + error_report("vm-type %s not supported by KVM", vm_type_name[kvm_type]); >> + exit(1); >> + } >> + >> + return kvm_type; >> +} >> + >> bool kvm_has_smm(void) >> { >> return kvm_vm_check_extension(kvm_state, KVM_CAP_X86_SMM); >> diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h >> index 30fedcffea3e..55fb25fa8e2e 100644 >> --- a/target/i386/kvm/kvm_i386.h >> +++ b/target/i386/kvm/kvm_i386.h >> @@ -37,6 +37,7 @@ bool kvm_hv_vpindex_settable(void); >> bool kvm_enable_sgx_provisioning(KVMState *s); >> bool kvm_hyperv_expand_features(X86CPU *cpu, Error **errp); >> >> +int kvm_get_vm_type(MachineState *ms, const char *vm_type); >> void kvm_arch_reset_vcpu(X86CPU *cs); >> void kvm_arch_after_reset_vcpu(X86CPU *cpu); >> void kvm_arch_do_init_vcpu(X86CPU *cs); >> -- >> 2.34.1 >> > > With regards, > Daniel
diff --git a/hw/i386/x86.c b/hw/i386/x86.c index b3d054889bba..55678279bf3b 100644 --- a/hw/i386/x86.c +++ b/hw/i386/x86.c @@ -1377,6 +1377,17 @@ static void machine_set_sgx_epc(Object *obj, Visitor *v, const char *name, qapi_free_SgxEPCList(list); } +static int x86_kvm_type(MachineState *ms, const char *vm_type) +{ + X86MachineState *x86ms = X86_MACHINE(ms); + int kvm_type; + + kvm_type = kvm_get_vm_type(ms, vm_type); + x86ms->vm_type = kvm_type; + + return kvm_type; +} + static void x86_machine_initfn(Object *obj) { X86MachineState *x86ms = X86_MACHINE(obj); @@ -1401,6 +1412,7 @@ static void x86_machine_class_init(ObjectClass *oc, void *data) mc->cpu_index_to_instance_props = x86_cpu_index_to_props; mc->get_default_cpu_node_id = x86_get_default_cpu_node_id; mc->possible_cpu_arch_ids = x86_possible_cpu_arch_ids; + mc->kvm_type = x86_kvm_type; x86mc->save_tsc_khz = true; x86mc->fwcfg_dma_enabled = true; nc->nmi_monitor_handler = x86_nmi; diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h index da19ae15463a..ab1d38569019 100644 --- a/include/hw/i386/x86.h +++ b/include/hw/i386/x86.h @@ -41,6 +41,7 @@ struct X86MachineState { MachineState parent; /*< public >*/ + unsigned int vm_type; /* Pointers to devices and objects: */ ISADevice *rtc; diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index b4b9ce89842f..2e47fda25f95 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -161,6 +161,31 @@ static KVMMSRHandlers msr_handlers[KVM_MSR_FILTER_MAX_RANGES]; static RateLimit bus_lock_ratelimit_ctrl; static int kvm_get_one_msr(X86CPU *cpu, int index, uint64_t *value); +static const char* vm_type_name[] = { + [KVM_X86_DEFAULT_VM] = "default", + [KVM_X86_SW_PROTECTED_VM] = "sw-protected-vm", +}; + +int kvm_get_vm_type(MachineState *ms, const char *vm_type) +{ + int kvm_type = KVM_X86_DEFAULT_VM; + + /* + * old KVM doesn't support KVM_CAP_VM_TYPES and KVM_X86_DEFAULT_VM + * is always supported + */ + if (kvm_type == KVM_X86_DEFAULT_VM) { + return kvm_type; + } + + if (!(kvm_check_extension(KVM_STATE(ms->accelerator), KVM_CAP_VM_TYPES) & BIT(kvm_type))) { + error_report("vm-type %s not supported by KVM", vm_type_name[kvm_type]); + exit(1); + } + + return kvm_type; +} + bool kvm_has_smm(void) { return kvm_vm_check_extension(kvm_state, KVM_CAP_X86_SMM); diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h index 30fedcffea3e..55fb25fa8e2e 100644 --- a/target/i386/kvm/kvm_i386.h +++ b/target/i386/kvm/kvm_i386.h @@ -37,6 +37,7 @@ bool kvm_hv_vpindex_settable(void); bool kvm_enable_sgx_provisioning(KVMState *s); bool kvm_hyperv_expand_features(X86CPU *cpu, Error **errp); +int kvm_get_vm_type(MachineState *ms, const char *vm_type); void kvm_arch_reset_vcpu(X86CPU *cs); void kvm_arch_after_reset_vcpu(X86CPU *cpu); void kvm_arch_do_init_vcpu(X86CPU *cs);
Implement mc->kvm_type() for i386 machines. It provides a way for user to create SW_PROTECTE_VM. Also store the vm_type in machinestate to other code to query what the VM type is. Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> --- hw/i386/x86.c | 12 ++++++++++++ include/hw/i386/x86.h | 1 + target/i386/kvm/kvm.c | 25 +++++++++++++++++++++++++ target/i386/kvm/kvm_i386.h | 1 + 4 files changed, 39 insertions(+)