motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2025-08-08 18:23:57 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

i386/tdx: Add property sept-ve-disable for tdx-guest object

Browse source 
Bit 28 of TD attribute, named SEPT_VE_DISABLE. When set to 1, it disables
EPT violation conversion to #VE on guest TD access of PENDING pages.

Some guest OS (e.g., Linux TD guest) may require this bit as 1.
Otherwise refuse to boot.

Add sept-ve-disable property for tdx-guest object, for user to configure
this bit.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
Link: https://lore.kernel.org/r/20250508150002.689633-10-xiaoyao.li@intel.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
Xiaoyao Li 2025-05-08 10:59:15 -04:00 committed by Paolo Bonzini
parent f15898b0f5
commit 6016e2972d
2 changed files with 30 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
qapi/qom.json
View file

@ -1055,10 +1055,16 @@
# @attributes: The 'attributes' of a TD guest that is passed to # @attributes: The 'attributes' of a TD guest that is passed to
# KVM_TDX_INIT_VM # KVM_TDX_INIT_VM
# #
# @sept-ve-disable: toggle bit 28 of TD attributes to control disabling
# of EPT violation conversion to #VE on guest TD access of PENDING
# pages. Some guest OS (e.g., Linux TD guest) may require this to
# be set, otherwise they refuse to boot.
#
# Since: 10.1 # Since: 10.1
## ##
{ 'struct': 'TdxGuestProperties', { 'struct': 'TdxGuestProperties',
'data': { '*attributes': 'uint64' } } 'data': { '*attributes': 'uint64',
'*sept-ve-disable': 'bool' } }
## ##
# @ThreadContextProperties: # @ThreadContextProperties:

23
target/i386/kvm/tdx.c
View file

@ -18,6 +18,8 @@
#include "kvm_i386.h" #include "kvm_i386.h"
#include "tdx.h" #include "tdx.h"
#define TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE BIT_ULL(28)
static TdxGuest *tdx_guest; static TdxGuest *tdx_guest;
static struct kvm_tdx_capabilities *tdx_caps; static struct kvm_tdx_capabilities *tdx_caps;
@ -252,6 +254,24 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp)
return 0; return 0;
} }
static bool tdx_guest_get_sept_ve_disable(Object *obj, Error **errp)
{
TdxGuest *tdx = TDX_GUEST(obj);
return !!(tdx->attributes & TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE);
}
static void tdx_guest_set_sept_ve_disable(Object *obj, bool value, Error **errp)
{
TdxGuest *tdx = TDX_GUEST(obj);
if (value) {
tdx->attributes |= TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE;
} else {
tdx->attributes &= ~TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE;
}
}
/* tdx guest */ /* tdx guest */
OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest, OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest,
tdx_guest, tdx_guest,
@ -272,6 +292,9 @@ static void tdx_guest_init(Object *obj)
object_property_add_uint64_ptr(obj, "attributes", &tdx->attributes, object_property_add_uint64_ptr(obj, "attributes", &tdx->attributes,
OBJ_PROP_FLAG_READWRITE); OBJ_PROP_FLAG_READWRITE);
object_property_add_bool(obj, "sept-ve-disable",
tdx_guest_get_sept_ve_disable,
tdx_guest_set_sept_ve_disable);
} }
static void tdx_guest_finalize(Object *obj) static void tdx_guest_finalize(Object *obj)