From: "Philippe Mathieu-Daudé" <philmd@linaro.org>
To: "Daniel P. Berrangé" <berrange@redhat.com>,
"Alex Bennée" <alex.bennee@linaro.org>
Cc: qemu-devel@nongnu.org, Paolo Bonzini <pbonzini@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
"open list:X86 KVM CPUs" <kvm@vger.kernel.org>
Subject: Re: [RFC PATCH] target/i386: restrict SEV to 64 bit host builds
Date: Wed, 26 Jun 2024 19:00:20 +0200 [thread overview]
Message-ID: <2756549c-867d-43c0-a332-beac708da443@linaro.org> (raw)
In-Reply-To: <ZnwjtOxQy1iiRoFh@redhat.com>
On 26/6/24 16:20, Daniel P. Berrangé wrote:
> On Wed, Jun 26, 2024 at 03:03:07PM +0100, Alex Bennée wrote:
>> Re-enabling the 32 bit host build on i686 showed the recently merged
>> SEV code doesn't take enough care over its types. While the format
>> strings could use more portable types there isn't much we can do about
>> casting uint64_t into a pointer. The easiest solution seems to be just
>> to disable SEV for a 32 bit build. It's highly unlikely anyone would
>> want this functionality anyway.
>>
>> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>> ---
>> target/i386/sev.h | 2 +-
>> target/i386/meson.build | 4 ++--
>> 2 files changed, 3 insertions(+), 3 deletions(-)
>>
>> diff --git a/target/i386/sev.h b/target/i386/sev.h
>> index 858005a119..b0cb9dd7ed 100644
>> --- a/target/i386/sev.h
>> +++ b/target/i386/sev.h
>> @@ -45,7 +45,7 @@ typedef struct SevKernelLoaderContext {
>> size_t cmdline_size;
>> } SevKernelLoaderContext;
>>
>> -#ifdef CONFIG_SEV
>> +#if defined(CONFIG_SEV) && defined(HOST_X86_64)
>> bool sev_enabled(void);
>> bool sev_es_enabled(void);
>> bool sev_snp_enabled(void);
>> diff --git a/target/i386/meson.build b/target/i386/meson.build
>> index 075117989b..d2a008926c 100644
>> --- a/target/i386/meson.build
>> +++ b/target/i386/meson.build
>> @@ -6,7 +6,7 @@ i386_ss.add(files(
>> 'xsave_helper.c',
>> 'cpu-dump.c',
>> ))
>> -i386_ss.add(when: 'CONFIG_SEV', if_true: files('host-cpu.c', 'confidential-guest.c'))
>> +i386_ss.add(when: ['CONFIG_SEV', 'HOST_X86_64'], if_true: files('host-cpu.c', 'confidential-guest.c'))
>>
>> # x86 cpu type
>> i386_ss.add(when: 'CONFIG_KVM', if_true: files('host-cpu.c'))
>> @@ -21,7 +21,7 @@ i386_system_ss.add(files(
>> 'cpu-apic.c',
>> 'cpu-sysemu.c',
>> ))
>> -i386_system_ss.add(when: 'CONFIG_SEV', if_true: files('sev.c'), if_false: files('sev-sysemu-stub.c'))
>> +i386_system_ss.add(when: ['CONFIG_SEV', 'HOST_X86_64'], if_true: files('sev.c'), if_false: files('sev-sysemu-stub.c'))
>>
>> i386_user_ss = ss.source_set()
>
> Instead of changing each usage of CONFIG_SEV, is it better to
> prevent it getting enabled in the first place ?
>
> eg. move
>
> #CONFIG_SEV=n
>
> From
>
> configs/devices/i386-softmmu/default.mak
>
> to
>
> configs/devices/x86_64-softmmu/default.mak
>
> And then also change
>
> hw/i386/Kconfig
>
> to say
>
> config SEV
> bool
> select X86_FW_OVMF
> depends on KVM && X86_64
Both are *targets*, IIUC we want to disable on *hosts*.
next prev parent reply other threads:[~2024-06-26 17:00 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-26 14:03 [RFC PATCH] target/i386: restrict SEV to 64 bit host builds Alex Bennée
2024-06-26 14:20 ` Daniel P. Berrangé
2024-06-26 16:17 ` Alex Bennée
2024-06-26 17:00 ` Philippe Mathieu-Daudé [this message]
2024-06-26 16:11 ` Richard Henderson
2024-06-26 23:42 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2756549c-867d-43c0-a332-beac708da443@linaro.org \
--to=philmd@linaro.org \
--cc=alex.bennee@linaro.org \
--cc=berrange@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).