i386: Introduce tdx-guest object

Introduce tdx-guest object which inherits X86_CONFIDENTIAL_GUEST, and will be used to create TDX VMs (TDs) by qemu -machine ...,confidential-guest-support=tdx0 \ -object tdx-guest,id=tdx0 It has one QAPI member 'attributes' defined, which allows user to set TD's attributes directly. Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Zhao Liu <zhao1.liu@intel.com> Link: https://lore.kernel.org/r/20250508150002.689633-3-xiaoyao.li@intel.com Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2025-08-04 00:03:54 -06:00 · 2025-05-08 10:59:08 -04:00 · 2025-05-08 10:59:08 -04:00 · 756e12e791
commit 756e12e791
parent 5150004ccf
6 changed files with 87 additions and 0 deletions
--- a/configs/devices/i386-softmmu/default.mak
+++ b/configs/devices/i386-softmmu/default.mak
@ -18,6 +18,7 @@
 #CONFIG_QXL=n
 #CONFIG_SEV=n
 #CONFIG_SGA=n
+#CONFIG_TDX=n
 #CONFIG_TEST_DEVICES=n
 #CONFIG_TPM_CRB=n
 #CONFIG_TPM_TIS_ISA=n
--- a/hw/i386/Kconfig
+++ b/hw/i386/Kconfig
@ -10,6 +10,10 @@ config SGX
    bool
    depends on KVM

+config TDX
+    bool
+    depends on KVM
+
 config PC
    bool
    imply APPLESMC
@ -26,6 +30,7 @@ config PC
    imply QXL
    imply SEV
    imply SGX
+    imply TDX
    imply TEST_DEVICES
    imply TPM_CRB
    imply TPM_TIS_ISA
--- a/qapi/qom.json
+++ b/qapi/qom.json
@ -1047,6 +1047,19 @@
            '*host-data': 'str',
            '*vcek-disabled': 'bool' } }

+##
+# @TdxGuestProperties:
+#
+# Properties for tdx-guest objects.
+#
+# @attributes: The 'attributes' of a TD guest that is passed to
+#     KVM_TDX_INIT_VM
+#
+# Since: 10.1
+##
+{ 'struct': 'TdxGuestProperties',
+  'data': { '*attributes': 'uint64' } }
+
 ##
 # @ThreadContextProperties:
 #
@ -1132,6 +1145,7 @@
    'sev-snp-guest',
    'thread-context',
    's390-pv-guest',
+    'tdx-guest',
    'throttle-group',
    'tls-creds-anon',
    'tls-creds-psk',
@ -1204,6 +1218,7 @@
                                      'if': 'CONFIG_SECRET_KEYRING' },
      'sev-guest':                  'SevGuestProperties',
      'sev-snp-guest':              'SevSnpGuestProperties',
+      'tdx-guest':                  'TdxGuestProperties',
      'thread-context':             'ThreadContextProperties',
      'throttle-group':             'ThrottleGroupProperties',
      'tls-creds-anon':             'TlsCredsAnonProperties',
--- a/target/i386/kvm/meson.build
+++ b/target/i386/kvm/meson.build
@ -8,6 +8,8 @@ i386_kvm_ss.add(files(

 i386_kvm_ss.add(when: 'CONFIG_XEN_EMU', if_true: files('xen-emu.c'))

+i386_kvm_ss.add(when: 'CONFIG_TDX', if_true: files('tdx.c'))
+
 i386_system_ss.add(when: 'CONFIG_HYPERV', if_true: files('hyperv.c'), if_false: files('hyperv-stub.c'))

 i386_system_ss.add_all(when: 'CONFIG_KVM', if_true: i386_kvm_ss)
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@ -0,0 +1,43 @@
+/*
+ * QEMU TDX support
+ *
+ * Copyright (c) 2025 Intel Corporation
+ *
+ * Author:
+ *      Xiaoyao Li <xiaoyao.li@intel.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qom/object_interfaces.h"
+
+#include "tdx.h"
+
+/* tdx guest */
+OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest,
+                                   tdx_guest,
+                                   TDX_GUEST,
+                                   X86_CONFIDENTIAL_GUEST,
+                                   { TYPE_USER_CREATABLE },
+                                   { NULL })
+
+static void tdx_guest_init(Object *obj)
+{
+    ConfidentialGuestSupport *cgs = CONFIDENTIAL_GUEST_SUPPORT(obj);
+    TdxGuest *tdx = TDX_GUEST(obj);
+
+    cgs->require_guest_memfd = true;
+    tdx->attributes = 0;
+
+    object_property_add_uint64_ptr(obj, "attributes", &tdx->attributes,
+                                   OBJ_PROP_FLAG_READWRITE);
+}
+
+static void tdx_guest_finalize(Object *obj)
+{
+}
+
+static void tdx_guest_class_init(ObjectClass *oc, const void *data)
+{
+}
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@ -0,0 +1,21 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+
+#ifndef QEMU_I386_TDX_H
+#define QEMU_I386_TDX_H
+
+#include "confidential-guest.h"
+
+#define TYPE_TDX_GUEST "tdx-guest"
+#define TDX_GUEST(obj)  OBJECT_CHECK(TdxGuest, (obj), TYPE_TDX_GUEST)
+
+typedef struct TdxGuestClass {
+    X86ConfidentialGuestClass parent_class;
+} TdxGuestClass;
+
+typedef struct TdxGuest {
+    X86ConfidentialGuest parent_obj;
+
+    uint64_t attributes;    /* TD attributes */
+} TdxGuest;
+
+#endif /* QEMU_I386_TDX_H */