| Message ID | 20240320083945.991426-29-michael.roth@amd.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Add AMD Secure Nested Paging (SEV-SNP) support | expand |
On Wed, Mar 20, 2024 at 03:39:24AM -0500, Michael Roth wrote: > SNP does not support SMM. > > Signed-off-by: Michael Roth <michael.roth@amd.com> > --- > target/i386/sev.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/target/i386/sev.c b/target/i386/sev.c > index b06c796aae..134e8f7c22 100644 > --- a/target/i386/sev.c > +++ b/target/i386/sev.c > @@ -881,6 +881,7 @@ static int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) > { > SevCommonState *sev_common = SEV_COMMON(cgs); > MachineState *ms = MACHINE(qdev_get_machine()); > + X86MachineState *x86ms = X86_MACHINE(ms); > char *devname; > int ret, fw_error, cmd; > uint32_t ebx; > @@ -1003,6 +1004,13 @@ static int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) > > if (sev_snp_enabled()) { > ms->require_guest_memfd = true; > + > + if (x86ms->smm == ON_OFF_AUTO_AUTO) { > + x86ms->smm = ON_OFF_AUTO_OFF; > + } else if (x86ms->smm == ON_OFF_AUTO_ON) { > + error_report("SEV-SNP does not support SMM."); > + goto err; > + } > } This method has a 'Error **errp' parameter, so you must use error_setg, not error_report. With regards, Daniel
diff --git a/target/i386/sev.c b/target/i386/sev.c index b06c796aae..134e8f7c22 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -881,6 +881,7 @@ static int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) { SevCommonState *sev_common = SEV_COMMON(cgs); MachineState *ms = MACHINE(qdev_get_machine()); + X86MachineState *x86ms = X86_MACHINE(ms); char *devname; int ret, fw_error, cmd; uint32_t ebx; @@ -1003,6 +1004,13 @@ static int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) if (sev_snp_enabled()) { ms->require_guest_memfd = true; + + if (x86ms->smm == ON_OFF_AUTO_AUTO) { + x86ms->smm = ON_OFF_AUTO_OFF; + } else if (x86ms->smm == ON_OFF_AUTO_ON) { + error_report("SEV-SNP does not support SMM."); + goto err; + } } qemu_add_vm_change_state_handler(sev_vm_state_change, sev_common);
SNP does not support SMM. Signed-off-by: Michael Roth <michael.roth@amd.com> --- target/i386/sev.c | 8 ++++++++ 1 file changed, 8 insertions(+)