* [PATCH 0/2] system/confidential-guest-support: Header cleanups
@ 2024-12-18 15:59 Philippe Mathieu-Daudé
2024-12-18 15:59 ` [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to system/ Philippe Mathieu-Daudé
2024-12-18 15:59 ` [PATCH 2/2] target/i386/sev: Reduce system specific declarations Philippe Mathieu-Daudé
0 siblings, 2 replies; 11+ messages in thread
From: Philippe Mathieu-Daudé @ 2024-12-18 15:59 UTC (permalink / raw)
To: qemu-devel
Cc: Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand,
Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza,
Richard Henderson, Thomas Huth, Paolo Bonzini, qemu-ppc, Zhao Liu,
qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost,
Marcel Apfelbaum, Harsh Prateek Bora, Philippe Mathieu-Daudé,
Michael S. Tsirkin, Halil Pasic
Restrict "confidential-guest-support.h" to system
emulation, remove few SEV declarations on user mode.
Philippe Mathieu-Daudé (2):
system: Move 'exec/confidential-guest-support.h' to system/
target/i386/sev: Reduce system specific declarations
.../confidential-guest-support.h | 6 ++--
target/i386/confidential-guest.h | 2 +-
target/i386/sev.h | 29 ++++++++++---------
backends/confidential-guest-support.c | 2 +-
hw/core/machine.c | 2 +-
hw/i386/pc_sysfw.c | 2 +-
hw/ppc/pef.c | 2 +-
hw/ppc/spapr.c | 2 +-
hw/s390x/s390-virtio-ccw.c | 2 +-
system/vl.c | 2 +-
target/s390x/kvm/pv.c | 2 +-
11 files changed, 28 insertions(+), 25 deletions(-)
rename include/{exec => system}/confidential-guest-support.h (96%)
--
2.45.2
^ permalink raw reply [flat|nested] 11+ messages in thread* [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to system/ 2024-12-18 15:59 [PATCH 0/2] system/confidential-guest-support: Header cleanups Philippe Mathieu-Daudé @ 2024-12-18 15:59 ` Philippe Mathieu-Daudé 2024-12-18 16:02 ` Thomas Huth 2024-12-18 16:30 ` Zhao Liu 2024-12-18 15:59 ` [PATCH 2/2] target/i386/sev: Reduce system specific declarations Philippe Mathieu-Daudé 1 sibling, 2 replies; 11+ messages in thread From: Philippe Mathieu-Daudé @ 2024-12-18 15:59 UTC (permalink / raw) To: qemu-devel Cc: Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand, Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza, Richard Henderson, Thomas Huth, Paolo Bonzini, qemu-ppc, Zhao Liu, qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost, Marcel Apfelbaum, Harsh Prateek Bora, Philippe Mathieu-Daudé, Michael S. Tsirkin, Halil Pasic "exec/confidential-guest-support.h" is specific to system emulation, so move it under the system/ namespace. Mechanical change doing: $ sed -i \ -e 's,exec/confidential-guest-support.h,sysemu/confidential-guest-support.h,' \ $(git grep -l exec/confidential-guest-support.h) Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> --- include/{exec => system}/confidential-guest-support.h | 6 +++--- target/i386/confidential-guest.h | 2 +- target/i386/sev.h | 2 +- backends/confidential-guest-support.c | 2 +- hw/core/machine.c | 2 +- hw/ppc/pef.c | 2 +- hw/ppc/spapr.c | 2 +- hw/s390x/s390-virtio-ccw.c | 2 +- system/vl.c | 2 +- target/s390x/kvm/pv.c | 2 +- 10 files changed, 12 insertions(+), 12 deletions(-) rename include/{exec => system}/confidential-guest-support.h (96%) diff --git a/include/exec/confidential-guest-support.h b/include/system/confidential-guest-support.h similarity index 96% rename from include/exec/confidential-guest-support.h rename to include/system/confidential-guest-support.h index 02dc4e518f0..b68c4bebbc1 100644 --- a/include/exec/confidential-guest-support.h +++ b/include/system/confidential-guest-support.h @@ -18,7 +18,9 @@ #ifndef QEMU_CONFIDENTIAL_GUEST_SUPPORT_H #define QEMU_CONFIDENTIAL_GUEST_SUPPORT_H -#ifndef CONFIG_USER_ONLY +#ifdef CONFIG_USER_ONLY +#error Cannot include system/confidential-guest-support.h from user emulation +#endif #include "qom/object.h" @@ -94,6 +96,4 @@ static inline int confidential_guest_kvm_reset(ConfidentialGuestSupport *cgs, return 0; } -#endif /* !CONFIG_USER_ONLY */ - #endif /* QEMU_CONFIDENTIAL_GUEST_SUPPORT_H */ diff --git a/target/i386/confidential-guest.h b/target/i386/confidential-guest.h index 7342d2843aa..0afb8317b58 100644 --- a/target/i386/confidential-guest.h +++ b/target/i386/confidential-guest.h @@ -14,7 +14,7 @@ #include "qom/object.h" -#include "exec/confidential-guest-support.h" +#include "system/confidential-guest-support.h" #define TYPE_X86_CONFIDENTIAL_GUEST "x86-confidential-guest" diff --git a/target/i386/sev.h b/target/i386/sev.h index 858005a119c..2664c0b1b6c 100644 --- a/target/i386/sev.h +++ b/target/i386/sev.h @@ -18,7 +18,7 @@ #include CONFIG_DEVICES /* CONFIG_SEV */ #endif -#include "exec/confidential-guest-support.h" +#include "system/confidential-guest-support.h" #define TYPE_SEV_COMMON "sev-common" #define TYPE_SEV_GUEST "sev-guest" diff --git a/backends/confidential-guest-support.c b/backends/confidential-guest-support.c index 052fde8db04..1cd9bed505d 100644 --- a/backends/confidential-guest-support.c +++ b/backends/confidential-guest-support.c @@ -13,7 +13,7 @@ #include "qemu/osdep.h" -#include "exec/confidential-guest-support.h" +#include "system/confidential-guest-support.h" OBJECT_DEFINE_ABSTRACT_TYPE(ConfidentialGuestSupport, confidential_guest_support, diff --git a/hw/core/machine.c b/hw/core/machine.c index ba819fec0af..0e8af37194f 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -30,7 +30,7 @@ #include "hw/pci/pci_bridge.h" #include "hw/mem/nvdimm.h" #include "migration/global_state.h" -#include "exec/confidential-guest-support.h" +#include "system/confidential-guest-support.h" #include "hw/virtio/virtio-pci.h" #include "hw/virtio/virtio-net.h" #include "hw/virtio/virtio-iommu.h" diff --git a/hw/ppc/pef.c b/hw/ppc/pef.c index cffda44602e..8b2d726e008 100644 --- a/hw/ppc/pef.c +++ b/hw/ppc/pef.c @@ -14,7 +14,7 @@ #include "qom/object_interfaces.h" #include "system/kvm.h" #include "migration/blocker.h" -#include "exec/confidential-guest-support.h" +#include "system/confidential-guest-support.h" #define TYPE_PEF_GUEST "pef-guest" OBJECT_DECLARE_SIMPLE_TYPE(PefGuest, PEF_GUEST) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index ad21018b5aa..623842f8064 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -75,7 +75,7 @@ #include "hw/virtio/vhost-scsi-common.h" #include "exec/ram_addr.h" -#include "exec/confidential-guest-support.h" +#include "system/confidential-guest-support.h" #include "hw/usb.h" #include "qemu/config-file.h" #include "qemu/error-report.h" diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c index f4d64d64f94..b45d8963b36 100644 --- a/hw/s390x/s390-virtio-ccw.c +++ b/hw/s390x/s390-virtio-ccw.c @@ -14,7 +14,7 @@ #include "qemu/osdep.h" #include "qapi/error.h" #include "exec/ram_addr.h" -#include "exec/confidential-guest-support.h" +#include "system/confidential-guest-support.h" #include "hw/boards.h" #include "hw/s390x/s390-virtio-hcall.h" #include "hw/s390x/sclp.h" diff --git a/system/vl.c b/system/vl.c index a271ecc1acf..4785b3ff09a 100644 --- a/system/vl.c +++ b/system/vl.c @@ -107,7 +107,7 @@ #include "qemu/plugin.h" #include "qemu/queue.h" #include "system/arch_init.h" -#include "exec/confidential-guest-support.h" +#include "system/confidential-guest-support.h" #include "ui/qemu-spice.h" #include "qapi/string-input-visitor.h" diff --git a/target/s390x/kvm/pv.c b/target/s390x/kvm/pv.c index e4b0d17a48a..69c1811e156 100644 --- a/target/s390x/kvm/pv.c +++ b/target/s390x/kvm/pv.c @@ -19,7 +19,7 @@ #include "system/kvm.h" #include "system/cpus.h" #include "qom/object_interfaces.h" -#include "exec/confidential-guest-support.h" +#include "system/confidential-guest-support.h" #include "hw/s390x/ipl.h" #include "hw/s390x/sclp.h" #include "target/s390x/kvm/kvm_s390x.h" -- 2.45.2 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to system/ 2024-12-18 15:59 ` [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to system/ Philippe Mathieu-Daudé @ 2024-12-18 16:02 ` Thomas Huth 2024-12-18 16:30 ` Zhao Liu 1 sibling, 0 replies; 11+ messages in thread From: Thomas Huth @ 2024-12-18 16:02 UTC (permalink / raw) To: Philippe Mathieu-Daudé, qemu-devel Cc: Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand, Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza, Richard Henderson, Paolo Bonzini, qemu-ppc, Zhao Liu, qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost, Marcel Apfelbaum, Harsh Prateek Bora, Michael S. Tsirkin, Halil Pasic On 18/12/2024 16.59, Philippe Mathieu-Daudé wrote: > "exec/confidential-guest-support.h" is specific to system > emulation, so move it under the system/ namespace. > Mechanical change doing: > > $ sed -i \ > -e 's,exec/confidential-guest-support.h,sysemu/confidential-guest-support.h,' \ > $(git grep -l exec/confidential-guest-support.h) > > Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> > --- > include/{exec => system}/confidential-guest-support.h | 6 +++--- > target/i386/confidential-guest.h | 2 +- > target/i386/sev.h | 2 +- > backends/confidential-guest-support.c | 2 +- > hw/core/machine.c | 2 +- > hw/ppc/pef.c | 2 +- > hw/ppc/spapr.c | 2 +- > hw/s390x/s390-virtio-ccw.c | 2 +- > system/vl.c | 2 +- > target/s390x/kvm/pv.c | 2 +- > 10 files changed, 12 insertions(+), 12 deletions(-) > rename include/{exec => system}/confidential-guest-support.h (96%) Reviewed-by: Thomas Huth <thuth@redhat.com> ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to system/ 2024-12-18 15:59 ` [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to system/ Philippe Mathieu-Daudé 2024-12-18 16:02 ` Thomas Huth @ 2024-12-18 16:30 ` Zhao Liu 2024-12-18 16:16 ` Philippe Mathieu-Daudé 1 sibling, 1 reply; 11+ messages in thread From: Zhao Liu @ 2024-12-18 16:30 UTC (permalink / raw) To: Philippe Mathieu-Daudé Cc: qemu-devel, Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand, Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza, Richard Henderson, Thomas Huth, Paolo Bonzini, qemu-ppc, qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost, Marcel Apfelbaum, Harsh Prateek Bora, Michael S. Tsirkin, Halil Pasic On Wed, Dec 18, 2024 at 04:59:12PM +0100, Philippe Mathieu-Daudé wrote: > Date: Wed, 18 Dec 2024 16:59:12 +0100 > From: Philippe Mathieu-Daudé <philmd@linaro.org> > Subject: [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to > system/ > X-Mailer: git-send-email 2.45.2 > > "exec/confidential-guest-support.h" is specific to system > emulation, so move it under the system/ namespace. > Mechanical change doing: > > $ sed -i \ > -e 's,exec/confidential-guest-support.h,sysemu/confidential-guest-support.h,' \ > $(git grep -l exec/confidential-guest-support.h) > > Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> > --- > include/{exec => system}/confidential-guest-support.h | 6 +++--- > target/i386/confidential-guest.h | 2 +- > target/i386/sev.h | 2 +- > backends/confidential-guest-support.c | 2 +- > hw/core/machine.c | 2 +- > hw/ppc/pef.c | 2 +- > hw/ppc/spapr.c | 2 +- > hw/s390x/s390-virtio-ccw.c | 2 +- > system/vl.c | 2 +- > target/s390x/kvm/pv.c | 2 +- > 10 files changed, 12 insertions(+), 12 deletions(-) > rename include/{exec => system}/confidential-guest-support.h (96%) > Reviewed-by: Zhao Liu <zhao1.liu@intel.com> (MAINTAINERS is missed to change? :-)) ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to system/ 2024-12-18 16:30 ` Zhao Liu @ 2024-12-18 16:16 ` Philippe Mathieu-Daudé 0 siblings, 0 replies; 11+ messages in thread From: Philippe Mathieu-Daudé @ 2024-12-18 16:16 UTC (permalink / raw) To: Zhao Liu Cc: qemu-devel, Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand, Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza, Richard Henderson, Thomas Huth, Paolo Bonzini, qemu-ppc, qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost, Marcel Apfelbaum, Harsh Prateek Bora, Michael S. Tsirkin, Halil Pasic On 18/12/24 17:30, Zhao Liu wrote: > On Wed, Dec 18, 2024 at 04:59:12PM +0100, Philippe Mathieu-Daudé wrote: >> Date: Wed, 18 Dec 2024 16:59:12 +0100 >> From: Philippe Mathieu-Daudé <philmd@linaro.org> >> Subject: [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to >> system/ >> X-Mailer: git-send-email 2.45.2 >> >> "exec/confidential-guest-support.h" is specific to system >> emulation, so move it under the system/ namespace. >> Mechanical change doing: >> >> $ sed -i \ >> -e 's,exec/confidential-guest-support.h,sysemu/confidential-guest-support.h,' \ >> $(git grep -l exec/confidential-guest-support.h) >> >> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> >> --- >> include/{exec => system}/confidential-guest-support.h | 6 +++--- >> target/i386/confidential-guest.h | 2 +- >> target/i386/sev.h | 2 +- >> backends/confidential-guest-support.c | 2 +- >> hw/core/machine.c | 2 +- >> hw/ppc/pef.c | 2 +- >> hw/ppc/spapr.c | 2 +- >> hw/s390x/s390-virtio-ccw.c | 2 +- >> system/vl.c | 2 +- >> target/s390x/kvm/pv.c | 2 +- >> 10 files changed, 12 insertions(+), 12 deletions(-) >> rename include/{exec => system}/confidential-guest-support.h (96%) >> > > Reviewed-by: Zhao Liu <zhao1.liu@intel.com> > > (MAINTAINERS is missed to change? :-)) Yeah there is no entry for CGS in MAINTAINERS :( ^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH 2/2] target/i386/sev: Reduce system specific declarations 2024-12-18 15:59 [PATCH 0/2] system/confidential-guest-support: Header cleanups Philippe Mathieu-Daudé 2024-12-18 15:59 ` [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to system/ Philippe Mathieu-Daudé @ 2024-12-18 15:59 ` Philippe Mathieu-Daudé 2024-12-18 16:04 ` Thomas Huth ` (3 more replies) 1 sibling, 4 replies; 11+ messages in thread From: Philippe Mathieu-Daudé @ 2024-12-18 15:59 UTC (permalink / raw) To: qemu-devel Cc: Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand, Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza, Richard Henderson, Thomas Huth, Paolo Bonzini, qemu-ppc, Zhao Liu, qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost, Marcel Apfelbaum, Harsh Prateek Bora, Philippe Mathieu-Daudé, Michael S. Tsirkin, Halil Pasic "system/confidential-guest-support.h" is not needed, remove it. Reorder #ifdef'ry to reduce declarations exposed on user emulation. Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> --- target/i386/sev.h | 29 ++++++++++++++++------------- hw/i386/pc_sysfw.c | 2 +- 2 files changed, 17 insertions(+), 14 deletions(-) diff --git a/target/i386/sev.h b/target/i386/sev.h index 2664c0b1b6c..373669eaace 100644 --- a/target/i386/sev.h +++ b/target/i386/sev.h @@ -18,7 +18,17 @@ #include CONFIG_DEVICES /* CONFIG_SEV */ #endif -#include "system/confidential-guest-support.h" +#if !defined(CONFIG_SEV) || defined(CONFIG_USER_ONLY) +#define sev_enabled() 0 +#define sev_es_enabled() 0 +#define sev_snp_enabled() 0 +#else +bool sev_enabled(void); +bool sev_es_enabled(void); +bool sev_snp_enabled(void); +#endif + +#if !defined(CONFIG_USER_ONLY) #define TYPE_SEV_COMMON "sev-common" #define TYPE_SEV_GUEST "sev-guest" @@ -45,18 +55,6 @@ typedef struct SevKernelLoaderContext { size_t cmdline_size; } SevKernelLoaderContext; -#ifdef CONFIG_SEV -bool sev_enabled(void); -bool sev_es_enabled(void); -bool sev_snp_enabled(void); -#else -#define sev_enabled() 0 -#define sev_es_enabled() 0 -#define sev_snp_enabled() 0 -#endif - -uint32_t sev_get_cbit_position(void); -uint32_t sev_get_reduced_phys_bits(void); bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp); int sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp); @@ -68,4 +66,9 @@ void sev_es_set_reset_vector(CPUState *cpu); void pc_system_parse_sev_metadata(uint8_t *flash_ptr, size_t flash_size); +#endif /* !CONFIG_USER_ONLY */ + +uint32_t sev_get_cbit_position(void); +uint32_t sev_get_reduced_phys_bits(void); + #endif diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index da7ed121292..1eeb58ab37f 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -36,7 +36,7 @@ #include "hw/qdev-properties.h" #include "hw/block/flash.h" #include "system/kvm.h" -#include "sev.h" +#include "target/i386/sev.h" #define FLASH_SECTOR_SIZE 4096 -- 2.45.2 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH 2/2] target/i386/sev: Reduce system specific declarations 2024-12-18 15:59 ` [PATCH 2/2] target/i386/sev: Reduce system specific declarations Philippe Mathieu-Daudé @ 2024-12-18 16:04 ` Thomas Huth 2024-12-18 16:17 ` Daniel P. Berrangé ` (2 subsequent siblings) 3 siblings, 0 replies; 11+ messages in thread From: Thomas Huth @ 2024-12-18 16:04 UTC (permalink / raw) To: Philippe Mathieu-Daudé, qemu-devel Cc: Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand, Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza, Richard Henderson, Paolo Bonzini, qemu-ppc, Zhao Liu, qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost, Marcel Apfelbaum, Harsh Prateek Bora, Michael S. Tsirkin, Halil Pasic On 18/12/2024 16.59, Philippe Mathieu-Daudé wrote: > "system/confidential-guest-support.h" is not needed, > remove it. Reorder #ifdef'ry to reduce declarations > exposed on user emulation. > > Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> > --- > target/i386/sev.h | 29 ++++++++++++++++------------- > hw/i386/pc_sysfw.c | 2 +- > 2 files changed, 17 insertions(+), 14 deletions(-) Reviewed-by: Thomas Huth <thuth@redhat.com> ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 2/2] target/i386/sev: Reduce system specific declarations 2024-12-18 15:59 ` [PATCH 2/2] target/i386/sev: Reduce system specific declarations Philippe Mathieu-Daudé 2024-12-18 16:04 ` Thomas Huth @ 2024-12-18 16:17 ` Daniel P. Berrangé 2024-12-18 16:22 ` Philippe Mathieu-Daudé 2024-12-18 16:18 ` Philippe Mathieu-Daudé 2024-12-18 16:34 ` Zhao Liu 3 siblings, 1 reply; 11+ messages in thread From: Daniel P. Berrangé @ 2024-12-18 16:17 UTC (permalink / raw) To: Philippe Mathieu-Daudé Cc: qemu-devel, Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand, Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza, Richard Henderson, Thomas Huth, Paolo Bonzini, qemu-ppc, Zhao Liu, qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost, Marcel Apfelbaum, Harsh Prateek Bora, Michael S. Tsirkin, Halil Pasic On Wed, Dec 18, 2024 at 04:59:13PM +0100, Philippe Mathieu-Daudé wrote: > "system/confidential-guest-support.h" is not needed, > remove it. Reorder #ifdef'ry to reduce declarations > exposed on user emulation. > > Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> > --- > target/i386/sev.h | 29 ++++++++++++++++------------- > hw/i386/pc_sysfw.c | 2 +- > 2 files changed, 17 insertions(+), 14 deletions(-) > > diff --git a/target/i386/sev.h b/target/i386/sev.h > index 2664c0b1b6c..373669eaace 100644 > --- a/target/i386/sev.h > +++ b/target/i386/sev.h > @@ -18,7 +18,17 @@ > #include CONFIG_DEVICES /* CONFIG_SEV */ > #endif > > -#include "system/confidential-guest-support.h" > +#if !defined(CONFIG_SEV) || defined(CONFIG_USER_ONLY) > +#define sev_enabled() 0 > +#define sev_es_enabled() 0 > +#define sev_snp_enabled() 0 > +#else > +bool sev_enabled(void); > +bool sev_es_enabled(void); > +bool sev_snp_enabled(void); > +#endif > + > +#if !defined(CONFIG_USER_ONLY) I'm surprised any of this header file is relevant to user mode. If something is mistakely calling sev_ functions from user mode compiled code, I'd be inclined to fix the caller such that its #include ".../sev.h" can be wrapped by !CONFIG_USER_ONLY > > #define TYPE_SEV_COMMON "sev-common" > #define TYPE_SEV_GUEST "sev-guest" > @@ -45,18 +55,6 @@ typedef struct SevKernelLoaderContext { > size_t cmdline_size; > } SevKernelLoaderContext; > > -#ifdef CONFIG_SEV > -bool sev_enabled(void); > -bool sev_es_enabled(void); > -bool sev_snp_enabled(void); > -#else > -#define sev_enabled() 0 > -#define sev_es_enabled() 0 > -#define sev_snp_enabled() 0 > -#endif > - > -uint32_t sev_get_cbit_position(void); > -uint32_t sev_get_reduced_phys_bits(void); > bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp); > > int sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp); > @@ -68,4 +66,9 @@ void sev_es_set_reset_vector(CPUState *cpu); > > void pc_system_parse_sev_metadata(uint8_t *flash_ptr, size_t flash_size); > > +#endif /* !CONFIG_USER_ONLY */ > + > +uint32_t sev_get_cbit_position(void); > +uint32_t sev_get_reduced_phys_bits(void); > + > #endif > diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c > index da7ed121292..1eeb58ab37f 100644 > --- a/hw/i386/pc_sysfw.c > +++ b/hw/i386/pc_sysfw.c > @@ -36,7 +36,7 @@ > #include "hw/qdev-properties.h" > #include "hw/block/flash.h" > #include "system/kvm.h" > -#include "sev.h" > +#include "target/i386/sev.h" > > #define FLASH_SECTOR_SIZE 4096 > > -- > 2.45.2 > > With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 2/2] target/i386/sev: Reduce system specific declarations 2024-12-18 16:17 ` Daniel P. Berrangé @ 2024-12-18 16:22 ` Philippe Mathieu-Daudé 0 siblings, 0 replies; 11+ messages in thread From: Philippe Mathieu-Daudé @ 2024-12-18 16:22 UTC (permalink / raw) To: Daniel P. Berrangé Cc: qemu-devel, Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand, Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza, Richard Henderson, Thomas Huth, Paolo Bonzini, qemu-ppc, Zhao Liu, qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost, Marcel Apfelbaum, Harsh Prateek Bora, Michael S. Tsirkin, Halil Pasic On 18/12/24 17:17, Daniel P. Berrangé wrote: > On Wed, Dec 18, 2024 at 04:59:13PM +0100, Philippe Mathieu-Daudé wrote: >> "system/confidential-guest-support.h" is not needed, >> remove it. Reorder #ifdef'ry to reduce declarations >> exposed on user emulation. >> >> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> >> --- >> target/i386/sev.h | 29 ++++++++++++++++------------- >> hw/i386/pc_sysfw.c | 2 +- >> 2 files changed, 17 insertions(+), 14 deletions(-) >> >> diff --git a/target/i386/sev.h b/target/i386/sev.h >> index 2664c0b1b6c..373669eaace 100644 >> --- a/target/i386/sev.h >> +++ b/target/i386/sev.h >> @@ -18,7 +18,17 @@ >> #include CONFIG_DEVICES /* CONFIG_SEV */ >> #endif >> >> -#include "system/confidential-guest-support.h" >> +#if !defined(CONFIG_SEV) || defined(CONFIG_USER_ONLY) >> +#define sev_enabled() 0 >> +#define sev_es_enabled() 0 >> +#define sev_snp_enabled() 0 >> +#else >> +bool sev_enabled(void); >> +bool sev_es_enabled(void); >> +bool sev_snp_enabled(void); >> +#endif >> + >> +#if !defined(CONFIG_USER_ONLY) > > I'm surprised any of this header file is relevant to > user mode. If something is mistakely calling sev_ functions > from user mode compiled code, I'd be inclined to fix the > caller such that its #include ".../sev.h" can be wrapped > by !CONFIG_USER_ONLY I forgot to mention and just replied in another post: The motivation is to reduce system-specific definitions exposed to user-mode in target/i386/cpu.c, like hwaddr &co, but I'm not there yet and have too many local patches so starting to send what's ready. WRT SEV what is bugging me is in cpu_x86_cpuid(): target/i386/cpu.c-7137- case 0x8000001F: target/i386/cpu.c-7138- *eax = *ebx = *ecx = *edx = 0; target/i386/cpu.c:7139: if (sev_enabled()) { target/i386/cpu.c-7140- *eax = 0x2; target/i386/cpu.c-7141- *eax |= sev_es_enabled() ? 0x8 : 0; target/i386/cpu.c-7142- *eax |= sev_snp_enabled() ? 0x10 : 0; target/i386/cpu.c-7143- *ebx = sev_get_cbit_position() & 0x3f; /* EBX[5:0] */ target/i386/cpu.c-7144- *ebx |= (sev_get_reduced_phys_bits() & 0x3f) << 6; /* EBX[11:6] */ target/i386/cpu.c-7145- } target/i386/cpu.c-7146- break; but maybe I can use #ifdef'ry around CONFIG_USER_ONLY like with SGX: case 0x12: #ifndef CONFIG_USER_ONLY if (count > 1) { uint64_t epc_addr, epc_size; if (sgx_epc_get_section(count - 2, &epc_addr, &epc_size)) { *eax = *ebx = *ecx = *edx = 0; break; } ... #endif break; > >> >> #define TYPE_SEV_COMMON "sev-common" >> #define TYPE_SEV_GUEST "sev-guest" >> @@ -45,18 +55,6 @@ typedef struct SevKernelLoaderContext { >> size_t cmdline_size; >> } SevKernelLoaderContext; >> >> -#ifdef CONFIG_SEV >> -bool sev_enabled(void); >> -bool sev_es_enabled(void); >> -bool sev_snp_enabled(void); >> -#else >> -#define sev_enabled() 0 >> -#define sev_es_enabled() 0 >> -#define sev_snp_enabled() 0 >> -#endif >> - >> -uint32_t sev_get_cbit_position(void); >> -uint32_t sev_get_reduced_phys_bits(void); >> bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp); >> >> int sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp); ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 2/2] target/i386/sev: Reduce system specific declarations 2024-12-18 15:59 ` [PATCH 2/2] target/i386/sev: Reduce system specific declarations Philippe Mathieu-Daudé 2024-12-18 16:04 ` Thomas Huth 2024-12-18 16:17 ` Daniel P. Berrangé @ 2024-12-18 16:18 ` Philippe Mathieu-Daudé 2024-12-18 16:34 ` Zhao Liu 3 siblings, 0 replies; 11+ messages in thread From: Philippe Mathieu-Daudé @ 2024-12-18 16:18 UTC (permalink / raw) To: qemu-devel Cc: Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand, Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza, Richard Henderson, Thomas Huth, Paolo Bonzini, qemu-ppc, Zhao Liu, qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost, Marcel Apfelbaum, Harsh Prateek Bora, Michael S. Tsirkin, Halil Pasic On 18/12/24 16:59, Philippe Mathieu-Daudé wrote: > "system/confidential-guest-support.h" is not needed, > remove it. Reorder #ifdef'ry to reduce declarations > exposed on user emulation. > > Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> > --- > target/i386/sev.h | 29 ++++++++++++++++------------- > hw/i386/pc_sysfw.c | 2 +- > 2 files changed, 17 insertions(+), 14 deletions(-) > +#if !defined(CONFIG_USER_ONLY) > > #define TYPE_SEV_COMMON "sev-common" > #define TYPE_SEV_GUEST "sev-guest" > @@ -45,18 +55,6 @@ typedef struct SevKernelLoaderContext { > size_t cmdline_size; > } SevKernelLoaderContext; > > -#ifdef CONFIG_SEV > -bool sev_enabled(void); > -bool sev_es_enabled(void); > -bool sev_snp_enabled(void); > -#else > -#define sev_enabled() 0 > -#define sev_es_enabled() 0 > -#define sev_snp_enabled() 0 > -#endif > - > -uint32_t sev_get_cbit_position(void); > -uint32_t sev_get_reduced_phys_bits(void); > bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp); > > int sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp); The motivation is to reduce system-specific definitions exposed to user-mode in target/i386/cpu.c, like hwaddr &co, but I'm not there yet and have too many local patches so starting to send what's ready. > @@ -68,4 +66,9 @@ void sev_es_set_reset_vector(CPUState *cpu); > > void pc_system_parse_sev_metadata(uint8_t *flash_ptr, size_t flash_size); > > +#endif /* !CONFIG_USER_ONLY */ > + > +uint32_t sev_get_cbit_position(void); > +uint32_t sev_get_reduced_phys_bits(void); > + > #endif ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 2/2] target/i386/sev: Reduce system specific declarations 2024-12-18 15:59 ` [PATCH 2/2] target/i386/sev: Reduce system specific declarations Philippe Mathieu-Daudé ` (2 preceding siblings ...) 2024-12-18 16:18 ` Philippe Mathieu-Daudé @ 2024-12-18 16:34 ` Zhao Liu 3 siblings, 0 replies; 11+ messages in thread From: Zhao Liu @ 2024-12-18 16:34 UTC (permalink / raw) To: Philippe Mathieu-Daudé Cc: qemu-devel, Eric Farman, kvm, Marcelo Tosatti, David Hildenbrand, Ilya Leoshkevich, Nicholas Piggin, Daniel Henrique Barboza, Richard Henderson, Thomas Huth, Paolo Bonzini, qemu-ppc, qemu-s390x, Yanan Wang, Christian Borntraeger, Eduardo Habkost, Marcel Apfelbaum, Harsh Prateek Bora, Michael S. Tsirkin, Halil Pasic On Wed, Dec 18, 2024 at 04:59:13PM +0100, Philippe Mathieu-Daudé wrote: > Date: Wed, 18 Dec 2024 16:59:13 +0100 > From: Philippe Mathieu-Daudé <philmd@linaro.org> > Subject: [PATCH 2/2] target/i386/sev: Reduce system specific declarations > X-Mailer: git-send-email 2.45.2 > > "system/confidential-guest-support.h" is not needed, > remove it. Reorder #ifdef'ry to reduce declarations > exposed on user emulation. > > Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> > --- > target/i386/sev.h | 29 ++++++++++++++++------------- > hw/i386/pc_sysfw.c | 2 +- > 2 files changed, 17 insertions(+), 14 deletions(-) > Reviewed-by: Zhao Liu <zhao1.liu@intel.com> ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2024-12-18 16:22 UTC | newest] Thread overview: 11+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2024-12-18 15:59 [PATCH 0/2] system/confidential-guest-support: Header cleanups Philippe Mathieu-Daudé 2024-12-18 15:59 ` [PATCH 1/2] system: Move 'exec/confidential-guest-support.h' to system/ Philippe Mathieu-Daudé 2024-12-18 16:02 ` Thomas Huth 2024-12-18 16:30 ` Zhao Liu 2024-12-18 16:16 ` Philippe Mathieu-Daudé 2024-12-18 15:59 ` [PATCH 2/2] target/i386/sev: Reduce system specific declarations Philippe Mathieu-Daudé 2024-12-18 16:04 ` Thomas Huth 2024-12-18 16:17 ` Daniel P. Berrangé 2024-12-18 16:22 ` Philippe Mathieu-Daudé 2024-12-18 16:18 ` Philippe Mathieu-Daudé 2024-12-18 16:34 ` Zhao Liu
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.