* virtio-blk: remove SCSI passthrough functionality

* require x86-64-v2 baseline ISA * SEV-SNP host support * fix xsave.flat with TCG * fixes for CPUID checks done by TCG -----BEGIN PGP SIGNATURE----- iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmZgKVYUHHBib256aW5p QHJlZGhhdC5jb20ACgkQv/vSX3jHroPKYgf/QkWrNXdjjD3yAsv5LbJFVTVyCYW3 b4Iax29kEDy8k9wbzfLxOfIk9jXIjmbOMO5ZN9LFiHK6VJxbXslsMh6hm50M3xKe 49X1Rvf9YuVA7KZX+dWkEuqLYI6Tlgj3HaCilYWfXrjyo6hY3CxzkPV/ChmaeYlV Ad4Y8biifoUuuEK8OTeTlcDWLhOHlFXylG3AXqULsUsXp0XhWJ9juXQ60eATv/W4 eCEH7CSmRhYFu2/rV+IrWFYMnskLRTk1OC1/m6yXGPKOzgnOcthuvQfiUgPkbR/d llY6Ni5Aaf7+XX3S7Avcyvoq8jXzaaMzOrzL98rxYGDR1sYBYO+4h4ZToA== =qQeP -----END PGP SIGNATURE----- Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging * virtio-blk: remove SCSI passthrough functionality * require x86-64-v2 baseline ISA * SEV-SNP host support * fix xsave.flat with TCG * fixes for CPUID checks done by TCG # -----BEGIN PGP SIGNATURE----- # # iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmZgKVYUHHBib256aW5p # QHJlZGhhdC5jb20ACgkQv/vSX3jHroPKYgf/QkWrNXdjjD3yAsv5LbJFVTVyCYW3 # b4Iax29kEDy8k9wbzfLxOfIk9jXIjmbOMO5ZN9LFiHK6VJxbXslsMh6hm50M3xKe # 49X1Rvf9YuVA7KZX+dWkEuqLYI6Tlgj3HaCilYWfXrjyo6hY3CxzkPV/ChmaeYlV # Ad4Y8biifoUuuEK8OTeTlcDWLhOHlFXylG3AXqULsUsXp0XhWJ9juXQ60eATv/W4 # eCEH7CSmRhYFu2/rV+IrWFYMnskLRTk1OC1/m6yXGPKOzgnOcthuvQfiUgPkbR/d # llY6Ni5Aaf7+XX3S7Avcyvoq8jXzaaMzOrzL98rxYGDR1sYBYO+4h4ZToA== # =qQeP # -----END PGP SIGNATURE----- # gpg: Signature made Wed 05 Jun 2024 02:01:10 AM PDT # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] * tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (46 commits) hw/i386: Add support for loading BIOS using guest_memfd hw/i386/sev: Use guest_memfd for legacy ROMs memory: Introduce memory_region_init_ram_guest_memfd() i386/sev: Allow measured direct kernel boot on SNP i386/sev: Reorder struct declarations i386/sev: Extract build_kernel_loader_hashes i386/sev: Enable KVM_HC_MAP_GPA_RANGE hcall for SNP guests i386/kvm: Add KVM_EXIT_HYPERCALL handling for KVM_HC_MAP_GPA_RANGE i386/sev: Invoke launch_updata_data() for SNP class i386/sev: Invoke launch_updata_data() for SEV class hw/i386/sev: Add support to encrypt BIOS when SEV-SNP is enabled i386/sev: Add support for SNP CPUID validation i386/sev: Add support for populating OVMF metadata pages hw/i386/sev: Add function to get SEV metadata from OVMF header i386/sev: Set CPU state to protected once SNP guest payload is finalized i386/sev: Add handling to encrypt/finalize guest launch data i386/sev: Add the SNP launch start context i386/sev: Update query-sev QAPI format to handle SEV-SNP i386/sev: Add a class method to determine KVM VM type for SNP guests i386/sev: Don't return launch measurements for SEV-SNP guests ... Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2025-08-02 15:23:53 -06:00 · 2024-06-05 07:45:23 -07:00 · 2024-06-05 07:45:23 -07:00 · f1572ab947
commit f1572ab947
parent d16cab541a fc7a69e177
51 changed files with 1849 additions and 614 deletions
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@ -375,7 +375,6 @@ struct MachineState {
    char *dt_compatible;
    bool dump_guest_core;
    bool mem_merge;
-    bool require_guest_memfd;
    bool usb;
    bool usb_disabled;
    char *firmware;
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@ -164,6 +164,34 @@ void pc_acpi_smi_interrupt(void *opaque, int irq, int level);
 #define PCI_HOST_ABOVE_4G_MEM_SIZE     "above-4g-mem-size"
 #define PCI_HOST_PROP_SMM_RANGES       "smm-ranges"

+typedef enum {
+    SEV_DESC_TYPE_UNDEF,
+    /* The section contains the region that must be validated by the VMM. */
+    SEV_DESC_TYPE_SNP_SEC_MEM,
+    /* The section contains the SNP secrets page */
+    SEV_DESC_TYPE_SNP_SECRETS,
+    /* The section contains address that can be used as a CPUID page */
+    SEV_DESC_TYPE_CPUID,
+    /* The section contains the region for kernel hashes for measured direct boot */
+    SEV_DESC_TYPE_SNP_KERNEL_HASHES = 0x10,
+
+} ovmf_sev_metadata_desc_type;
+
+typedef struct __attribute__((__packed__)) OvmfSevMetadataDesc {
+    uint32_t base;
+    uint32_t len;
+    ovmf_sev_metadata_desc_type type;
+} OvmfSevMetadataDesc;
+
+typedef struct __attribute__((__packed__)) OvmfSevMetadata {
+    uint8_t signature[4];
+    uint32_t len;
+    uint32_t version;
+    uint32_t num_desc;
+    OvmfSevMetadataDesc descs[];
+} OvmfSevMetadata;
+
+OvmfSevMetadata *pc_system_get_ovmf_sev_metadata_ptr(void);

 void pc_pci_as_mapping_init(MemoryRegion *system_memory,
                            MemoryRegion *pci_address_space);
--- a/include/hw/i386/x86.h
+++ b/include/hw/i386/x86.h
@ -154,6 +154,6 @@ void ioapic_init_gsi(GSIState *gsi_state, Object *parent);
 DeviceState *ioapic_init_secondary(GSIState *gsi_state);

 /* pc_sysfw.c */
-void x86_firmware_configure(void *ptr, int size);
+void x86_firmware_configure(hwaddr gpa, void *ptr, int size);

 #endif