From: Xiaoyao Li <xiaoyao.li@intel.com>
To: "Daniel P . Berrangé" <berrange@redhat.com>,
"Nicholas Piggin" <npiggin@gmail.com>,
"Daniel Henrique Barboza" <danielhb413@gmail.com>,
"Cédric Le Goater" <clg@kaod.org>,
"David Gibson" <david@gibson.dropbear.id.au>,
"Harsh Prateek Bora" <harshpb@linux.ibm.com>,
"Halil Pasic" <pasic@linux.ibm.com>,
"Christian Borntraeger" <borntraeger@linux.ibm.com>,
"Eric Farman" <farman@linux.ibm.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"David Hildenbrand" <david@redhat.com>,
"Ilya Leoshkevich" <iii@linux.ibm.com>,
"Thomas Huth" <thuth@redhat.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Marcelo Tosatti" <mtosatti@redhat.com>
Cc: xiaoyao.li@intel.com, qemu-devel@nongnu.org, qemu-ppc@nongnu.org,
qemu-s390x@nongnu.org
Subject: [PATCH 0/4] Confidential Guest Support: Introduce kvm_init() and kvm_reset() virtual functions
Date: Thu, 29 Feb 2024 01:00:34 -0500 [thread overview]
Message-ID: <20240229060038.606591-1-xiaoyao.li@intel.com> (raw)
This series was inspired and suggested by Daniel:
https://lore.kernel.org/qemu-devel/ZbfoQsEuv6_zwl3b@redhat.com/
I remove the rfc tag in this version, to get more attention.
Currently, different confidential VMs in different architectures have
their own specific *_kvm_init() (and some have *_kvm_reset()) exposed
for KVM stuff when it's a confidential VM. e.g., sev_kmv_init() for x86
SEV, pef_kvm_init() and pef_kvm_reset() for PPC PEF, and s390_pv_init()
for s390 PV VMs.
Introduce a generic .kvm_init() and .kvm_reset() functions in
ConfidentialGuestSupportClass, so that different cgs technologies in
different architectures can implement their own, while common interface
of cgs can be used.
This series implements two helper functions confidential_guest_kvm_init()
and confidential_guest_kvm_reset() in Patch 1. In the following patches,
they are used in each arch to replace specific exposed functions.
X86 will benefit more from the new generic interface when TDX support is
added later.
There is one step forward possible, that calling
confidential_guest_kvm_init() before kvm_arch_init() in kvm_int() in
accel/kvm/kvm-all.c. This way, each arch doesn't need to call their
specific code in arch-specific code.
X86 fits it, however I'm not sure if ppc and s390 fit it as well.
Because currently, both ppc and s390 calls it in MachineClass->init().
I'm not sure if there is any order dependency and need input from
corresponding arch folks.
===
changes from RFC v1:
- remove RFC tag;
- move the !NULL check of ms->cgs into callers;
- delete whole sev-stub.c;
RFC v1:
https://lore.kernel.org/qemu-devel/20240206082852.3333299-1-xiaoyao.li@intel.com/
Xiaoyao Li (4):
confidential guest support: Add kvm_init() and kvm_reset() in class
i386/sev: Switch to use confidential_guest_kvm_init()
ppc/pef: switch to use confidential_guest_kvm_init/reset()
s390: Switch to use confidential_guest_kvm_init()
hw/ppc/pef.c | 9 +-
hw/ppc/spapr.c | 10 +-
hw/s390x/s390-virtio-ccw.c | 5 +-
include/exec/confidential-guest-support.h | 34 +++++-
include/hw/ppc/pef.h | 17 ---
target/i386/kvm/kvm.c | 10 +-
target/i386/kvm/meson.build | 2 -
target/i386/kvm/sev-stub.c | 21 ----
target/i386/sev.c | 120 +++++++++++-----------
target/i386/sev.h | 2 -
target/s390x/kvm/pv.c | 8 ++
target/s390x/kvm/pv.h | 14 ---
12 files changed, 126 insertions(+), 126 deletions(-)
delete mode 100644 include/hw/ppc/pef.h
delete mode 100644 target/i386/kvm/sev-stub.c
--
2.34.1
next reply other threads:[~2024-02-29 6:02 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-29 6:00 Xiaoyao Li [this message]
2024-02-29 6:00 ` [PATCH 1/4] confidential guest support: Add kvm_init() and kvm_reset() in class Xiaoyao Li
2024-02-29 6:00 ` [PATCH 2/4] i386/sev: Switch to use confidential_guest_kvm_init() Xiaoyao Li
2024-03-18 21:51 ` Paolo Bonzini
2024-03-19 2:12 ` Xiaoyao Li
2024-02-29 6:00 ` [PATCH 3/4] ppc/pef: switch to use confidential_guest_kvm_init/reset() Xiaoyao Li
2024-02-29 6:00 ` [PATCH 4/4] s390: Switch to use confidential_guest_kvm_init() Xiaoyao Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240229060038.606591-1-xiaoyao.li@intel.com \
--to=xiaoyao.li@intel.com \
--cc=berrange@redhat.com \
--cc=borntraeger@linux.ibm.com \
--cc=clg@kaod.org \
--cc=danielhb413@gmail.com \
--cc=david@gibson.dropbear.id.au \
--cc=david@redhat.com \
--cc=farman@linux.ibm.com \
--cc=harshpb@linux.ibm.com \
--cc=iii@linux.ibm.com \
--cc=mtosatti@redhat.com \
--cc=npiggin@gmail.com \
--cc=pasic@linux.ibm.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).