From: Oliver Steffen <osteffen@redhat.com>
To: qemu-devel@nongnu.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Eduardo Habkost <eduardo@habkost.net>,
Gerd Hoffmann <kraxel@redhat.com>,
Stefano Garzarella <sgarzare@redhat.com>,
Zhao Liu <zhao1.liu@intel.com>,
Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,
Igor Mammedov <imammedo@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
Richard Henderson <richard.henderson@linaro.org>,
Ani Sinha <anisinha@redhat.com>,
kvm@vger.kernel.org, "Michael S. Tsirkin" <mst@redhat.com>,
Luigi Leonardi <leonardi@redhat.com>,
Joerg Roedel <joerg.roedel@amd.com>,
Oliver Steffen <osteffen@redhat.com>
Subject: [PATCH v5 5/6] igvm: Pass machine state to IGVM file processing
Date: Tue, 27 Jan 2026 11:02:56 +0100 [thread overview]
Message-ID: <20260127100257.1074104-6-osteffen@redhat.com> (raw)
In-Reply-To: <20260127100257.1074104-1-osteffen@redhat.com>
Pass the full MachineState to the IGVM backend during file processing,
instead of just the ConfidentialGuestSupport struct (which is a member
of the MachineState).
This replaces the cgs parameter of qigvm_process_file() with the machine
state to make it available in the IGVM processing context.
We will use it later to generate MADT data there to pass to the guest
as IGVM parameter.
Reviewed-by: Luigi Leonardi <leonardi@redhat.com>
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
---
backends/igvm-cfg.c | 2 +-
backends/igvm.c | 31 ++++++++++++++++++-------------
include/system/igvm-cfg.h | 3 ++-
include/system/igvm.h | 5 +++--
target/i386/sev.c | 3 +--
5 files changed, 25 insertions(+), 19 deletions(-)
diff --git a/backends/igvm-cfg.c b/backends/igvm-cfg.c
index f236b523df..64589ca34f 100644
--- a/backends/igvm-cfg.c
+++ b/backends/igvm-cfg.c
@@ -52,7 +52,7 @@ static void igvm_reset_hold(Object *obj, ResetType type)
trace_igvm_reset_hold(type);
- qigvm_process_file(igvm, ms->cgs, false, &error_fatal);
+ qigvm_process_file(igvm, ms, false, &error_fatal);
}
static void igvm_reset_exit(Object *obj, ResetType type)
diff --git a/backends/igvm.c b/backends/igvm.c
index 0a0092fb55..f26eb633f8 100644
--- a/backends/igvm.c
+++ b/backends/igvm.c
@@ -11,6 +11,7 @@
#include "qemu/osdep.h"
+#include "hw/core/boards.h"
#include "qapi/error.h"
#include "qemu/error-report.h"
#include "qemu/target-info-qapi.h"
@@ -73,7 +74,7 @@ struct QEMU_PACKED sev_id_authentication {
*/
typedef struct QIgvm {
IgvmHandle file;
- ConfidentialGuestSupport *cgs;
+ MachineState *machine_state;
ConfidentialGuestSupportClass *cgsc;
uint32_t compatibility_mask;
unsigned current_header_index;
@@ -239,7 +240,8 @@ static void *qigvm_prepare_memory(QIgvm *ctx, uint64_t addr, uint64_t size,
g_autofree char *region_name =
g_strdup_printf("igvm.%X", region_identifier);
igvm_pages = g_new0(MemoryRegion, 1);
- if (ctx->cgs && ctx->cgs->require_guest_memfd) {
+ if (ctx->machine_state->cgs &&
+ ctx->machine_state->cgs->require_guest_memfd) {
if (!memory_region_init_ram_guest_memfd(igvm_pages, NULL,
region_name, size, errp)) {
return NULL;
@@ -359,7 +361,7 @@ static int qigvm_process_mem_region(QIgvm *ctx, unsigned start_index,
* If a confidential guest support object is provided then use it to set the
* guest state.
*/
- if (ctx->cgs) {
+ if (ctx->machine_state->cgs) {
cgs_page_type =
qigvm_type_to_cgs_type(page_type, flags->unmeasured, zero);
if (cgs_page_type < 0) {
@@ -461,7 +463,7 @@ static int qigvm_directive_vp_context(QIgvm *ctx, const uint8_t *header_data,
data = (uint8_t *)igvm_get_buffer(ctx->file, data_handle);
- if (ctx->cgs) {
+ if (ctx->machine_state->cgs) {
result = ctx->cgsc->set_guest_state(
vp_context->gpa, data, igvm_get_buffer_size(ctx->file, data_handle),
CGS_PAGE_TYPE_VMSA, vp_context->vp_index, errp);
@@ -531,7 +533,7 @@ static int qigvm_directive_parameter_insert(QIgvm *ctx,
* If a confidential guest support object is provided then use it to
* set the guest state.
*/
- if (ctx->cgs) {
+ if (ctx->machine_state->cgs) {
result = ctx->cgsc->set_guest_state(param->gpa, region,
param_entry->size,
CGS_PAGE_TYPE_UNMEASURED, 0,
@@ -572,7 +574,7 @@ static int qigvm_directive_memory_map(QIgvm *ctx, const uint8_t *header_data,
ConfidentialGuestMemoryMapEntry cgmm_entry;
int retval = 0;
- if (ctx->cgs && ctx->cgsc->get_mem_map_entry) {
+ if (ctx->machine_state->cgs && ctx->cgsc->get_mem_map_entry) {
get_mem_map_entry = ctx->cgsc->get_mem_map_entry;
} else if (target_arch() == SYS_EMU_TARGET_X86_64) {
@@ -698,7 +700,7 @@ static int qigvm_directive_required_memory(QIgvm *ctx,
if (!region) {
return -1;
}
- if (ctx->cgs) {
+ if (ctx->machine_state->cgs) {
result =
ctx->cgsc->set_guest_state(mem->gpa, region, mem->number_of_bytes,
CGS_PAGE_TYPE_REQUIRED_MEMORY, 0, errp);
@@ -816,14 +818,14 @@ static int qigvm_supported_platform_compat_mask(QIgvm *ctx, Error **errp)
sizeof(
IGVM_VHS_VARIABLE_HEADER));
if ((platform->platform_type == IGVM_PLATFORM_TYPE_SEV_ES) &&
- ctx->cgs) {
+ ctx->machine_state->cgs) {
if (ctx->cgsc->check_support(
CGS_PLATFORM_SEV_ES, platform->platform_version,
platform->highest_vtl, platform->shared_gpa_boundary)) {
compatibility_mask_sev_es = platform->compatibility_mask;
}
} else if ((platform->platform_type == IGVM_PLATFORM_TYPE_SEV) &&
- ctx->cgs) {
+ ctx->machine_state->cgs) {
if (ctx->cgsc->check_support(
CGS_PLATFORM_SEV, platform->platform_version,
platform->highest_vtl, platform->shared_gpa_boundary)) {
@@ -831,7 +833,7 @@ static int qigvm_supported_platform_compat_mask(QIgvm *ctx, Error **errp)
}
} else if ((platform->platform_type ==
IGVM_PLATFORM_TYPE_SEV_SNP) &&
- ctx->cgs) {
+ ctx->machine_state->cgs) {
if (ctx->cgsc->check_support(
CGS_PLATFORM_SEV_SNP, platform->platform_version,
platform->highest_vtl, platform->shared_gpa_boundary)) {
@@ -904,7 +906,7 @@ IgvmHandle qigvm_file_init(char *filename, Error **errp)
return igvm;
}
-int qigvm_process_file(IgvmCfg *cfg, ConfidentialGuestSupport *cgs,
+int qigvm_process_file(IgvmCfg *cfg, MachineState *machine_state,
bool onlyVpContext, Error **errp)
{
int32_t header_count;
@@ -920,13 +922,16 @@ int qigvm_process_file(IgvmCfg *cfg, ConfidentialGuestSupport *cgs,
ctx.file = cfg->file;
trace_igvm_process_file(cfg->file, onlyVpContext);
+ ctx.machine_state = machine_state;
+
/*
* The ConfidentialGuestSupport object is optional and allows a confidential
* guest platform to perform extra processing, such as page measurement, on
* IGVM directives.
*/
- ctx.cgs = cgs;
- ctx.cgsc = cgs ? CONFIDENTIAL_GUEST_SUPPORT_GET_CLASS(cgs) : NULL;
+ ctx.cgsc = machine_state->cgs ?
+ CONFIDENTIAL_GUEST_SUPPORT_GET_CLASS(machine_state->cgs) :
+ NULL;
/*
* Check that the IGVM file provides configuration for the current
diff --git a/include/system/igvm-cfg.h b/include/system/igvm-cfg.h
index 6c07f30840..e06d611f74 100644
--- a/include/system/igvm-cfg.h
+++ b/include/system/igvm-cfg.h
@@ -12,6 +12,7 @@
#ifndef QEMU_IGVM_CFG_H
#define QEMU_IGVM_CFG_H
+#include "hw/core/boards.h"
#include "qemu/typedefs.h"
#include "qom/object.h"
@@ -27,7 +28,7 @@ typedef struct IgvmCfgClass {
*
* Returns 0 for ok and -1 on error.
*/
- int (*process)(IgvmCfg *cfg, ConfidentialGuestSupport *cgs,
+ int (*process)(IgvmCfg *cfg, MachineState *machine_state,
bool onlyVpContext, Error **errp);
} IgvmCfgClass;
diff --git a/include/system/igvm.h b/include/system/igvm.h
index 8355e54e95..5573a6111a 100644
--- a/include/system/igvm.h
+++ b/include/system/igvm.h
@@ -12,12 +12,13 @@
#ifndef BACKENDS_IGVM_H
#define BACKENDS_IGVM_H
+#include "hw/core/boards.h"
#include "qemu/typedefs.h"
#include "system/confidential-guest-support.h"
#include "qapi/error.h"
-int qigvm_process_file(IgvmCfg *igvm, ConfidentialGuestSupport *cgs,
- bool onlyVpContext, Error **errp);
+int qigvm_process_file(IgvmCfg *igvm, MachineState *machine_state,
+ bool onlyVpContext, Error **errp);
/* x86 native */
int qigvm_x86_get_mem_map_entry(int index,
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 1d70f96ec1..6f86dd710b 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -1891,8 +1891,7 @@ static int sev_common_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
*/
if (x86machine->igvm) {
if (IGVM_CFG_GET_CLASS(x86machine->igvm)
- ->process(x86machine->igvm, machine->cgs, true, errp) ==
- -1) {
+ ->process(x86machine->igvm, machine, true, errp) == -1) {
return -1;
}
/*
--
2.52.0
next prev parent reply other threads:[~2026-01-27 10:03 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-27 10:02 [PATCH v5 0/6] igvm: Supply MADT via IGVM parameter Oliver Steffen
2026-01-27 10:02 ` [PATCH v5 1/6] hw/acpi: Make BIOS linker optional Oliver Steffen
2026-01-29 10:51 ` Luigi Leonardi
2026-01-27 10:02 ` [PATCH v5 2/6] hw/acpi: Add standalone function to build MADT Oliver Steffen
2026-01-27 10:02 ` [PATCH v5 3/6] igvm: Add common function for finding parameter entries Oliver Steffen
2026-01-29 11:09 ` Luigi Leonardi
2026-01-27 10:02 ` [PATCH v5 4/6] igvm: Refactor qigvm_parameter_insert Oliver Steffen
2026-01-29 11:10 ` Luigi Leonardi
2026-01-27 10:02 ` Oliver Steffen [this message]
2026-01-27 10:02 ` [PATCH v5 6/6] igvm: Fill MADT IGVM parameter field Oliver Steffen
2026-01-27 15:54 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260127100257.1074104-6-osteffen@redhat.com \
--to=osteffen@redhat.com \
--cc=anisinha@redhat.com \
--cc=eduardo@habkost.net \
--cc=imammedo@redhat.com \
--cc=joerg.roedel@amd.com \
--cc=kraxel@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=leonardi@redhat.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=mst@redhat.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=sgarzare@redhat.com \
--cc=zhao1.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox