From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Stefano Garzarella <sgarzare@redhat.com>
Cc: "Roy Hopkins" <roy.hopkins@suse.com>,
qemu-devel@nongnu.org, "Paolo Bonzini" <pbonzini@redhat.com>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
"Michael S . Tsirkin" <mst@redhat.com>,
"Cornelia Huck" <cohuck@redhat.com>,
"Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
"Sergio Lopez" <slp@redhat.com>,
"Eduardo Habkost" <eduardo@habkost.net>,
"Alistair Francis" <alistair@alistair23.me>,
"Peter Xu" <peterx@redhat.com>,
"David Hildenbrand" <david@redhat.com>,
"Igor Mammedov" <imammedo@redhat.com>,
"Tom Lendacky" <thomas.lendacky@amd.com>,
"Michael Roth" <michael.roth@amd.com>,
"Ani Sinha" <anisinha@redhat.com>,
"Jörg Roedel" <jroedel@suse.com>
Subject: Re: [PATCH v3 03/15] backends/igvm: Add IGVM loader and configuration
Date: Thu, 27 Jun 2024 10:14:17 +0100 [thread overview]
Message-ID: <Zn0taV-uq0MlSalm@redhat.com> (raw)
In-Reply-To: <jyfhkynory4jydxrlx7cfvbrnibq2klk5lekn656gcob4kls6m@3u7qugxmxjsq>
On Thu, Jun 27, 2024 at 11:06:50AM +0200, Stefano Garzarella wrote:
> On Fri, Jun 21, 2024 at 03:29:06PM GMT, Roy Hopkins wrote:
> > Adds an IGVM loader to QEMU which processes a given IGVM file and
> > applies the directives within the file to the current guest
> > configuration.
> >
> > The IGVM loader can be used to configure both confidential and
> > non-confidential guests. For confidential guests, the
> > ConfidentialGuestSupport object for the system is used to encrypt
> > memory, apply the initial CPU state and perform other confidential guest
> > operations.
> >
> > The loader is configured via a new IgvmCfg QOM object which allows the
> > user to provide a path to the IGVM file to process.
> >
> > Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
> > ---
> > qapi/qom.json | 16 +
> > backends/igvm.h | 37 ++
> > include/sysemu/igvm-cfg.h | 54 +++
> > backends/igvm-cfg.c | 66 ++++
> > backends/igvm.c | 791 ++++++++++++++++++++++++++++++++++++++
> > backends/meson.build | 2 +
> > 6 files changed, 966 insertions(+)
> > create mode 100644 backends/igvm.h
> > create mode 100644 include/sysemu/igvm-cfg.h
> > create mode 100644 backends/igvm-cfg.c
> > create mode 100644 backends/igvm.c
> >
> > diff --git a/qapi/qom.json b/qapi/qom.json
> > index 8bd299265e..e586707c4c 100644
> > --- a/qapi/qom.json
> > +++ b/qapi/qom.json
> > @@ -874,6 +874,18 @@
> > 'base': 'RngProperties',
> > 'data': { '*filename': 'str' } }
> >
> > +##
> > +# @IgvmCfgProperties:
> > +#
> > +# Properties common to objects that handle IGVM files.
> > +#
> > +# @file: IGVM file to use to configure guest (default: none)
> > +#
> > +# Since: 9.1
> > +##
> > +{ 'struct': 'IgvmCfgProperties',
> > + 'data': { '*file': 'str' } }
>
> 'if': 'CONFIG_IGVM'
>
> I recently did a similar modification to QAPIs and Markus suggested to add
> the if here as well, see
> https://lore.kernel.org/qemu-devel/87zfs2z7jo.fsf@pond.sub.org/
Yes, it avoids the code generator emitting an otherwise unusd
struct when CONFIG_IGVM is unset.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2024-06-27 9:15 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-21 14:29 [PATCH v3 00/15] Introduce support for IGVM files Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 01/15] meson: Add optional dependency on IGVM library Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 02/15] backends/confidential-guest-support: Add functions to support IGVM Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 03/15] backends/igvm: Add IGVM loader and configuration Roy Hopkins
2024-06-24 13:29 ` Daniel P. Berrangé
2024-06-28 10:59 ` Roy Hopkins
2024-06-27 9:06 ` Stefano Garzarella
2024-06-27 9:14 ` Daniel P. Berrangé [this message]
2024-06-28 11:00 ` Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 04/15] hw/core/machine: Add igvm-cfg object and processing for IGVM files Roy Hopkins
2024-06-24 14:00 ` Daniel P. Berrangé
2024-06-28 11:09 ` Roy Hopkins
2024-06-28 11:23 ` Daniel P. Berrangé
2024-07-01 11:59 ` Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 05/15] i386/pc_sysfw: Ensure sysfw flash configuration does not conflict with IGVM Roy Hopkins
2024-06-27 12:38 ` Stefano Garzarella
2024-06-28 11:10 ` Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 06/15] sev: Update launch_update_data functions to use Error handling Roy Hopkins
2024-06-27 12:48 ` Stefano Garzarella
2024-06-28 11:20 ` Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 07/15] i386/sev: Refactor setting of reset vector and initial CPU state Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 08/15] i386/sev: Implement ConfidentialGuestSupport functions for SEV Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 09/15] docs/system: Add documentation on support for IGVM Roy Hopkins
2024-06-24 14:09 ` Daniel P. Berrangé
2024-07-01 14:28 ` Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 10/15] docs/interop/firmware.json: Add igvm to FirmwareDevice Roy Hopkins
2024-06-27 12:53 ` Stefano Garzarella
2024-07-02 10:36 ` Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 11/15] backends/confidential-guest-support: Add set_guest_policy() function Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 12/15] backends/igvm: Process initialization sections in IGVM file Roy Hopkins
2024-06-21 14:29 ` [PATCH v3 13/15] backends/igvm: Handle policy for SEV guests Roy Hopkins
2024-06-24 14:56 ` Daniel P. Berrangé
2024-06-21 14:29 ` [PATCH v3 14/15] i386/sev: Add implementation of CGS set_guest_policy() Roy Hopkins
2024-06-24 14:53 ` Daniel P. Berrangé
2024-06-21 14:29 ` [PATCH v3 15/15] sev: Provide sev_features flags from IGVM VMSA to KVM_SEV_INIT2 Roy Hopkins
2024-06-24 14:14 ` Daniel P. Berrangé
2024-07-01 13:50 ` Roy Hopkins
2024-06-24 13:50 ` [PATCH v3 00/15] Introduce support for IGVM files Daniel P. Berrangé
2024-06-28 10:56 ` Roy Hopkins
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zn0taV-uq0MlSalm@redhat.com \
--to=berrange@redhat.com \
--cc=alistair@alistair23.me \
--cc=anisinha@redhat.com \
--cc=cohuck@redhat.com \
--cc=david@redhat.com \
--cc=eduardo@habkost.net \
--cc=imammedo@redhat.com \
--cc=jroedel@suse.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=michael.roth@amd.com \
--cc=mst@redhat.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterx@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=roy.hopkins@suse.com \
--cc=sgarzare@redhat.com \
--cc=slp@redhat.com \
--cc=thomas.lendacky@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.