From: "Daniel P. Berrangé" <berrange@redhat.com>
To: marcandre.lureau@redhat.com
Cc: qemu-devel@nongnu.org, Eric Blake <eblake@redhat.com>,
Markus Armbruster <armbru@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
"open list:X86 KVM CPUs" <kvm@vger.kernel.org>
Subject: Re: [PATCH] Add query-tdx-capabilities
Date: Wed, 7 Jan 2026 10:27:21 +0000 [thread overview]
Message-ID: <aV41CQP0JODTdRqy@redhat.com> (raw)
In-Reply-To: <20260106183620.2144309-1-marcandre.lureau@redhat.com>
On Tue, Jan 06, 2026 at 10:36:20PM +0400, marcandre.lureau@redhat.com wrote:
> From: Marc-André Lureau <marcandre.lureau@redhat.com>
>
> Return an empty TdxCapability struct, for extensibility and matching
> query-sev-capabilities return type.
>
> Fixes: https://issues.redhat.com/browse/RHEL-129674
> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> ---
> qapi/misc-i386.json | 30 ++++++++++++++++++++++++++++++
> target/i386/kvm/kvm_i386.h | 1 +
> target/i386/kvm/kvm.c | 5 +++++
> target/i386/kvm/tdx-stub.c | 8 ++++++++
> target/i386/kvm/tdx.c | 21 +++++++++++++++++++++
> 5 files changed, 65 insertions(+)
>
> diff --git a/qapi/misc-i386.json b/qapi/misc-i386.json
> index 05a94d6c416..f10e4338b48 100644
> --- a/qapi/misc-i386.json
> +++ b/qapi/misc-i386.json
> @@ -225,6 +225,36 @@
> ##
> { 'command': 'query-sev-capabilities', 'returns': 'SevCapability' }
>
> +##
> +# @TdxCapability:
> +#
> +# The struct describes capability for Intel Trust Domain Extensions
> +# (TDX) feature.
> +#
> +# Since: 11.0
> +##
> +{ 'struct': 'TdxCapability',
> + 'data': { } }
> +
> +##
> +# @query-tdx-capabilities:
> +#
> +# Get TDX capabilities.
> +#
> +# This is only supported on Intel X86 platforms with KVM enabled.
> +#
> +# Errors:
> +# - If TDX is not available on the platform, GenericError
> +#
> +# Since: 11.0
> +#
> +# .. qmp-example::
> +#
> +# -> { "execute": "query-tdx-capabilities" }
> +# <- { "return": {} }
> +##
> +{ 'command': 'query-tdx-capabilities', 'returns': 'TdxCapability' }
This matches the conceptual design used with query-sev-capabilities,
where the lack of SEV support has to be inferred from the command
returning "GenericError". On the one hand this allows the caller to
distinguish different scenarios - unsupported due to lack of HW
support, vs unsupported due to lack of KVM support. On the other
hand 'GenericError' might reflect other things that should be
considered fatal errors, rather than indicitive of lack of support
in the host.
With the other 'query-sev' command, we have "enabled: bool" field,
and when enabled == false, the other fields are documented to have
undefined values.
I tend towards suggesting that 'query-sev-capabilities' (and thus
also this new query-tdx-capabilities) should have been more like
query-sev, and had a a "supported: bool" field to denote the lack
of support in the host.
This would not have allowed callers to disinguish the reason why
SEV/TDX is not supported (hardware vs KVM), but I'm not sure that
reason matters for callers - lack of KVM support is more of an
OS integration problem.
> +
> ##
> # @sev-inject-launch-secret:
> #
> diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h
> index 2b653442f4d..71dd45be47a 100644
> --- a/target/i386/kvm/kvm_i386.h
> +++ b/target/i386/kvm/kvm_i386.h
> @@ -61,6 +61,7 @@ void kvm_put_apicbase(X86CPU *cpu, uint64_t value);
>
> bool kvm_has_x2apic_api(void);
> bool kvm_has_waitpkg(void);
> +bool kvm_has_tdx(void);
>
> uint64_t kvm_swizzle_msi_ext_dest_id(uint64_t address);
> void kvm_update_msi_routes_all(void *private, bool global,
> diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
> index 7b9b740a8e5..8ce25d7e785 100644
> --- a/target/i386/kvm/kvm.c
> +++ b/target/i386/kvm/kvm.c
> @@ -6582,6 +6582,11 @@ bool kvm_has_waitpkg(void)
> return has_msr_umwait;
> }
>
> +bool kvm_has_tdx(void)
> +{
> + return kvm_is_vm_type_supported(KVM_X86_TDX_VM);
> +}
> +
> #define ARCH_REQ_XCOMP_GUEST_PERM 0x1025
>
> void kvm_request_xsave_components(X86CPU *cpu, uint64_t mask)
> diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
> index 1f0e108a69e..c4e7f2c58c8 100644
> --- a/target/i386/kvm/tdx-stub.c
> +++ b/target/i386/kvm/tdx-stub.c
> @@ -1,6 +1,8 @@
> /* SPDX-License-Identifier: GPL-2.0-or-later */
>
> #include "qemu/osdep.h"
> +#include "qapi/error.h"
> +#include "qapi/qapi-commands-misc-i386.h"
>
> #include "tdx.h"
>
> @@ -30,3 +32,9 @@ void tdx_handle_get_tdvmcall_info(X86CPU *cpu, struct kvm_run *run)
> void tdx_handle_setup_event_notify_interrupt(X86CPU *cpu, struct kvm_run *run)
> {
> }
> +
> +TdxCapability *qmp_query_tdx_capabilities(Error **errp)
> +{
> + error_setg(errp, "TDX is not available in this QEMU");
> + return NULL;
> +}
> diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
> index 01619857685..b5ee3b1ab92 100644
> --- a/target/i386/kvm/tdx.c
> +++ b/target/i386/kvm/tdx.c
> @@ -14,6 +14,7 @@
> #include "qemu/base64.h"
> #include "qemu/mmap-alloc.h"
> #include "qapi/error.h"
> +#include "qapi/qapi-commands-misc-i386.h"
> #include "qapi/qapi-visit-sockets.h"
> #include "qom/object_interfaces.h"
> #include "crypto/hash.h"
> @@ -1537,6 +1538,26 @@ static void tdx_guest_finalize(Object *obj)
> {
> }
>
> +static TdxCapability *tdx_get_capabilities(Error **errp)
> +{
> + if (!kvm_enabled()) {
> + error_setg(errp, "TDX is not available without KVM");
> + return NULL;
> + }
> +
> + if (!kvm_has_tdx()) {
> + error_setg(errp, "TDX is not supported by this host");
> + return NULL;
> + }
> +
> + return g_new0(TdxCapability, 1);
> +}
> +
> +TdxCapability *qmp_query_tdx_capabilities(Error **errp)
> +{
> + return tdx_get_capabilities(errp);
> +}
> +
> static void tdx_guest_class_init(ObjectClass *oc, const void *data)
> {
> ConfidentialGuestSupportClass *klass = CONFIDENTIAL_GUEST_SUPPORT_CLASS(oc);
> --
> 2.52.0
>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2026-01-07 10:27 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-06 18:36 [PATCH] Add query-tdx-capabilities marcandre.lureau
2026-01-07 10:27 ` Daniel P. Berrangé [this message]
2026-01-09 9:30 ` Markus Armbruster
2026-01-09 9:37 ` Daniel P. Berrangé
2026-01-09 10:01 ` Markus Armbruster
2026-01-09 10:07 ` Daniel P. Berrangé
2026-01-09 10:29 ` Markus Armbruster
2026-01-09 10:38 ` Daniel P. Berrangé
2026-01-09 12:26 ` Markus Armbruster
2026-01-26 15:20 ` Marc-André Lureau
2026-02-03 7:03 ` Markus Armbruster
2026-02-09 14:01 ` Daniel P. Berrangé
2026-02-09 13:55 ` Marc-André Lureau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aV41CQP0JODTdRqy@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=eblake@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=marcandre.lureau@redhat.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox