From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Isaku Yamahata" <isaku.yamahata@intel.com>,
"Xiaoyao Li" <xiaoyao.li@intel.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Zhao Liu" <zhao1.liu@intel.com>
Subject: [PULL 22/77] i386/tdx: Make sept_ve_disable set by default
Date: Fri, 30 May 2025 09:11:52 +0200 [thread overview]
Message-ID: <20250530071250.2050910-23-pbonzini@redhat.com> (raw)
In-Reply-To: <20250530071250.2050910-1-pbonzini@redhat.com>
From: Isaku Yamahata <isaku.yamahata@intel.com>
For TDX KVM use case, Linux guest is the most major one. It requires
sept_ve_disable set. Make it default for the main use case. For other use
case, it can be enabled/disabled via qemu command line.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
Link: https://lore.kernel.org/r/20250508150002.689633-11-xiaoyao.li@intel.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/kvm/tdx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 32ba3982ff1..a30731b1a3b 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -288,7 +288,7 @@ static void tdx_guest_init(Object *obj)
qemu_mutex_init(&tdx->lock);
cgs->require_guest_memfd = true;
- tdx->attributes = 0;
+ tdx->attributes = TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE;
object_property_add_uint64_ptr(obj, "attributes", &tdx->attributes,
OBJ_PROP_FLAG_READWRITE);
--
2.49.0
next prev parent reply other threads:[~2025-05-30 7:20 UTC|newest]
Thread overview: 92+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-30 7:11 [PULL 00/77] i386, build system changes for 2025-05-30 Paolo Bonzini
2025-05-30 7:11 ` [PULL 01/77] meson: build target libraries with common dependencies Paolo Bonzini
2025-05-30 7:11 ` [PULL 02/77] hw/arm: remove explicit dependencies listed Paolo Bonzini
2025-06-02 13:59 ` Cédric Le Goater
2025-06-02 18:39 ` Pierrick Bouvier
2025-06-02 20:53 ` Nabih Estefan
2025-06-02 21:11 ` Cédric Le Goater
2025-06-02 22:37 ` Pierrick Bouvier
2025-06-02 23:40 ` Pierrick Bouvier
2025-05-30 7:11 ` [PULL 03/77] target/arm: " Paolo Bonzini
2025-05-30 7:11 ` [PULL 04/77] meson: apply target config for picking files from lib{system, user} Paolo Bonzini
2025-05-30 7:11 ` [PULL 05/77] meson: merge lib{system, user}_ss with {system, user}_ss Paolo Bonzini
2025-05-30 7:11 ` [PULL 06/77] meson: remove lib{system, user}_ss aliases Paolo Bonzini
2025-05-30 7:11 ` [PULL 07/77] meson: merge hw_common_arch in target_common_system_arch Paolo Bonzini
2025-05-30 7:11 ` [PULL 08/77] hw/timer/hpet: Reorganize register decoding Paolo Bonzini
2025-05-30 7:11 ` [PULL 09/77] rust: Fix Zhao's email address Paolo Bonzini
2025-05-30 7:11 ` [PULL 10/77] rust: Fix the typos in doc Paolo Bonzini
2025-05-30 7:11 ` [PULL 11/77] rust: hpet: rename hpet module to "device" Paolo Bonzini
2025-05-30 7:11 ` [PULL 12/77] target/i386/emulate: more lflags cleanups Paolo Bonzini
2025-05-30 7:11 ` [PULL 13/77] rocker: do not pollute the namespace Paolo Bonzini
2025-06-10 7:53 ` Philippe Mathieu-Daudé
2025-06-10 7:54 ` Philippe Mathieu-Daudé
2025-05-30 7:11 ` [PULL 14/77] i386: Introduce tdx-guest object Paolo Bonzini
2025-05-30 7:11 ` [PULL 15/77] i386/tdx: Implement tdx_kvm_type() for TDX Paolo Bonzini
2025-05-30 7:11 ` [PULL 16/77] i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context Paolo Bonzini
2025-05-30 7:11 ` [PULL 17/77] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES Paolo Bonzini
2025-05-30 7:11 ` [PULL 18/77] i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object Paolo Bonzini
2025-05-30 7:11 ` [PULL 19/77] kvm: Introduce kvm_arch_pre_create_vcpu() Paolo Bonzini
2025-05-30 7:11 ` [PULL 20/77] i386/tdx: Initialize TDX before creating TD vcpus Paolo Bonzini
2025-07-17 9:40 ` Peter Maydell
2025-07-17 10:10 ` Xiaoyao Li
2025-05-30 7:11 ` [PULL 21/77] i386/tdx: Add property sept-ve-disable for tdx-guest object Paolo Bonzini
2025-05-30 7:11 ` Paolo Bonzini [this message]
2025-05-30 7:11 ` [PULL 23/77] i386/tdx: Wire CPU features up with attributes of TD guest Paolo Bonzini
2025-05-30 7:11 ` [PULL 24/77] i386/tdx: Validate TD attributes Paolo Bonzini
2025-05-30 7:11 ` [PULL 25/77] i386/tdx: Support user configurable mrconfigid/mrowner/mrownerconfig Paolo Bonzini
2025-05-30 7:11 ` [PULL 26/77] i386/tdx: Set APIC bus rate to match with what TDX module enforces Paolo Bonzini
2025-05-30 7:11 ` [PULL 27/77] i386/tdx: Implement user specified tsc frequency Paolo Bonzini
2025-05-30 7:11 ` [PULL 28/77] i386/tdx: load TDVF for TD guest Paolo Bonzini
2025-05-30 7:11 ` [PULL 29/77] i386/tdvf: Introduce function to parse TDVF metadata Paolo Bonzini
2025-05-30 7:12 ` [PULL 30/77] i386/tdx: Parse TDVF metadata for TDX VM Paolo Bonzini
2025-05-30 7:12 ` [PULL 31/77] i386/tdx: Don't initialize pc.rom for TDX VMs Paolo Bonzini
2025-05-30 7:12 ` [PULL 32/77] i386/tdx: Track mem_ptr for each firmware entry of TDVF Paolo Bonzini
2025-05-30 7:12 ` [PULL 33/77] i386/tdx: Track RAM entries for TDX VM Paolo Bonzini
2025-05-30 7:12 ` [PULL 34/77] headers: Add definitions from UEFI spec for volumes, resources, etc Paolo Bonzini
2025-05-30 7:12 ` [PULL 35/77] i386/tdx: Setup the TD HOB list Paolo Bonzini
2025-05-30 7:12 ` [PULL 36/77] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION Paolo Bonzini
2025-05-30 7:12 ` [PULL 37/77] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu Paolo Bonzini
2025-05-30 7:12 ` [PULL 38/77] i386/tdx: Finalize TDX VM Paolo Bonzini
2025-05-30 7:12 ` [PULL 39/77] i386/tdx: Enable user exit on KVM_HC_MAP_GPA_RANGE Paolo Bonzini
2025-05-30 7:12 ` [PULL 40/77] i386/tdx: Handle KVM_SYSTEM_EVENT_TDX_FATAL Paolo Bonzini
2025-05-30 7:12 ` [PULL 41/77] i386/tdx: Wire TDX_REPORT_FATAL_ERROR with GuestPanic facility Paolo Bonzini
2025-05-30 7:12 ` [PULL 42/77] kvm: Check KVM_CAP_MAX_VCPUS at vm level Paolo Bonzini
2025-05-30 7:12 ` [PULL 43/77] i386/cpu: introduce x86_confidential_guest_cpu_instance_init() Paolo Bonzini
2025-05-30 7:12 ` [PULL 44/77] i386/tdx: implement tdx_cpu_instance_init() Paolo Bonzini
2025-05-30 7:12 ` [PULL 45/77] i386/cpu: Introduce enable_cpuid_0x1f to force exposing CPUID 0x1f Paolo Bonzini
2025-05-30 7:12 ` [PULL 46/77] i386/tdx: Force " Paolo Bonzini
2025-05-30 7:12 ` [PULL 47/77] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM Paolo Bonzini
2025-05-30 7:12 ` [PULL 48/77] i386/tdx: Disable SMM for TDX VMs Paolo Bonzini
2025-05-30 7:12 ` [PULL 49/77] i386/tdx: Disable PIC " Paolo Bonzini
2025-05-30 7:12 ` [PULL 50/77] i386/tdx: Set and check kernel_irqchip mode for TDX Paolo Bonzini
2025-05-30 7:12 ` [PULL 51/77] i386/tdx: Don't synchronize guest tsc for TDs Paolo Bonzini
2025-05-30 7:12 ` [PULL 52/77] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() " Paolo Bonzini
2025-05-30 7:12 ` [PULL 53/77] i386/apic: Skip kvm_apic_put() for TDX Paolo Bonzini
2025-05-30 7:12 ` [PULL 54/77] cpu: Don't set vcpu_dirty when guest_state_protected Paolo Bonzini
2025-05-30 7:12 ` [PULL 55/77] i386/cgs: Rename *mask_cpuid_features() to *adjust_cpuid_features() Paolo Bonzini
2025-05-30 7:12 ` [PULL 56/77] i386/tdx: Implement adjust_cpuid_features() for TDX Paolo Bonzini
2025-05-30 7:12 ` [PULL 57/77] i386/tdx: Add TDX fixed1 bits to supported CPUIDs Paolo Bonzini
2025-05-30 7:12 ` [PULL 58/77] i386/tdx: Add supported CPUID bits related to TD Attributes Paolo Bonzini
2025-05-30 7:12 ` [PULL 59/77] i386/tdx: Add supported CPUID bits relates to XFAM Paolo Bonzini
2025-07-10 12:27 ` Peter Maydell
2025-07-10 12:42 ` Xiaoyao Li
2025-07-10 12:57 ` Peter Maydell
2025-05-30 7:12 ` [PULL 60/77] i386/tdx: Add XFD to supported bit of TDX Paolo Bonzini
2025-05-30 7:12 ` [PULL 61/77] i386/tdx: Define supported KVM features for TDX Paolo Bonzini
2025-05-30 7:12 ` [PULL 62/77] i386/cgs: Introduce x86_confidential_guest_check_features() Paolo Bonzini
2025-05-30 7:12 ` [PULL 63/77] i386: Remove unused parameter "uint32_t bit" in feature_word_description() Paolo Bonzini
2025-05-30 7:12 ` [PULL 64/77] target/i386: Print CPUID subleaf info for unsupported feature Paolo Bonzini
2025-05-30 7:12 ` [PULL 65/77] i386/tdx: Fetch and validate CPUID of TD guest Paolo Bonzini
2025-05-30 7:12 ` [PULL 66/77] i386/tdx: Don't treat SYSCALL as unavailable Paolo Bonzini
2025-05-30 7:12 ` [PULL 67/77] i386/tdx: Make invtsc default on Paolo Bonzini
2025-05-30 7:12 ` [PULL 68/77] i386/tdx: Validate phys_bits against host value Paolo Bonzini
2025-05-30 7:12 ` [PULL 69/77] docs: Add TDX documentation Paolo Bonzini
2025-05-30 7:12 ` [PULL 70/77] rust: make declaration of dependent crates more consistent Paolo Bonzini
2025-05-30 7:12 ` [PULL 71/77] target/i386: Update EPYC CPU model for Cache property, RAS, SVM feature bits Paolo Bonzini
2025-05-30 7:12 ` [PULL 72/77] target/i386: Update EPYC-Rome " Paolo Bonzini
2025-05-30 7:12 ` [PULL 73/77] target/i386: Update EPYC-Milan " Paolo Bonzini
2025-05-30 7:12 ` [PULL 74/77] target/i386: Add couple of feature bits in CPUID_Fn80000021_EAX Paolo Bonzini
2025-05-30 7:12 ` [PULL 75/77] target/i386: Update EPYC-Genoa for Cache property, perfmon-v2, RAS and SVM feature bits Paolo Bonzini
2025-05-30 7:12 ` [PULL 76/77] target/i386: Add support for EPYC-Turin model Paolo Bonzini
2025-05-30 7:12 ` [PULL 77/77] target/i386/tcg/helper-tcg: fix file references in comments Paolo Bonzini
2025-05-31 23:05 ` [PULL 00/77] i386, build system changes for 2025-05-30 Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250530071250.2050910-23-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=berrange@redhat.com \
--cc=isaku.yamahata@intel.com \
--cc=qemu-devel@nongnu.org \
--cc=xiaoyao.li@intel.com \
--cc=zhao1.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).