All of lore.kernel.org
 help / color / mirror / Atom feed
From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: xiaoyao.li@intel.com, michael.roth@amd.com
Subject: [PATCH 0/7] target/i386: VM type infrastructure and KVM_SEV_INIT2 support
Date: Tue, 19 Mar 2024 14:59:53 +0100	[thread overview]
Message-ID: <20240319140000.1014247-1-pbonzini@redhat.com> (raw)

This series adds another vendor-neutral part of the SEV-SNP/TDX support
patches, namely support for KVM_CAP_VM_TYPES.  In Linux 6.10 this will
also be available for SEV and SEV-ES, so introduce it now already.

Also, Linux 6.10 will _not_ allow KVM_GET/SET_* ioctls for VMs with
encrypted state and a VM type other than KVM_X86_DEFAULT_VM, so prepare
for that.

The patches are not yet available in kvm.git, hence the hackish
linux-headers update in patch 1.  Apart from that, however, the API
should be final.

Tested by booting a SEV-ES guest.

Paolo

Based-on: <20240229060038.606591-1-xiaoyao.li@intel.com>

Paolo Bonzini (6):
  linux-headers hack
  runstate: skip initial CPU reset if reset is not actually possible
  KVM: track whether guest state is encrypted
  KVM: remove kvm_arch_cpu_check_are_resettable
  target/i386: introduce x86-confidential-guest
  target/i386: SEV: use KVM_SEV_INIT2 if possible

Xiaoyao Li (1):
  target/i386: Implement mc->kvm_type() to get VM type

 include/sysemu/kvm.h             | 12 ++-----
 include/sysemu/kvm_int.h         |  1 +
 linux-headers/asm-x86/kvm.h      |  8 +++++
 linux-headers/linux/kvm.h        |  2 ++
 target/i386/confidential-guest.h | 59 ++++++++++++++++++++++++++++++++
 target/i386/kvm/kvm_i386.h       |  2 ++
 accel/kvm/kvm-accel-ops.c        |  2 +-
 accel/kvm/kvm-all.c              | 19 ++++++----
 hw/i386/x86.c                    |  6 ++++
 system/runstate.c                | 15 +++++++-
 target/arm/kvm.c                 |  5 ---
 target/i386/confidential-guest.c | 33 ++++++++++++++++++
 target/i386/kvm/kvm.c            | 49 +++++++++++++++++++++++---
 target/i386/sev.c                | 48 ++++++++++++++++++++++----
 target/loongarch/kvm/kvm.c       |  5 ---
 target/mips/kvm.c                |  5 ---
 target/ppc/kvm.c                 |  5 ---
 target/riscv/kvm/kvm-cpu.c       |  5 ---
 target/s390x/kvm/kvm.c           |  5 ---
 target/i386/meson.build          |  2 +-
 20 files changed, 226 insertions(+), 62 deletions(-)
 create mode 100644 target/i386/confidential-guest.h
 create mode 100644 target/i386/confidential-guest.c

-- 
2.44.0



             reply	other threads:[~2024-03-19 14:01 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-03-19 13:59 Paolo Bonzini [this message]
2024-03-19 13:59 ` [PATCH 1/7] linux-headers hack Paolo Bonzini
2024-03-19 13:59 ` [PATCH 2/7] runstate: skip initial CPU reset if reset is not actually possible Paolo Bonzini
2024-03-19 14:16   ` Daniel P. Berrangé
2024-03-19 13:59 ` [PATCH 3/7] KVM: track whether guest state is encrypted Paolo Bonzini
2024-03-22 16:44   ` Xiaoyao Li
2024-03-19 13:59 ` [PATCH 4/7] KVM: remove kvm_arch_cpu_check_are_resettable Paolo Bonzini
2024-03-22 16:45   ` Xiaoyao Li
2024-03-19 13:59 ` [PATCH 5/7] target/i386: introduce x86-confidential-guest Paolo Bonzini
2024-03-22 15:23   ` Xiaoyao Li
2024-03-19 13:59 ` [PATCH 6/7] target/i386: Implement mc->kvm_type() to get VM type Paolo Bonzini
2024-03-19 14:15   ` Daniel P. Berrangé
2024-03-19 14:25     ` Paolo Bonzini
2024-03-19 14:27       ` Daniel P. Berrangé
2024-03-19 14:29         ` Paolo Bonzini
2024-03-19 14:39           ` Daniel P. Berrangé
2024-03-22 15:06   ` Xiaoyao Li
2024-03-19 14:00 ` [PATCH 7/7] target/i386: SEV: use KVM_SEV_INIT2 if possible Paolo Bonzini

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240319140000.1014247-1-pbonzini@redhat.com \
    --to=pbonzini@redhat.com \
    --cc=michael.roth@amd.com \
    --cc=qemu-devel@nongnu.org \
    --cc=xiaoyao.li@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.