[PATCH 0/5] qemu-optios: Fix, cleanup and add description of tdx-guest

[PATCH 0/5] qemu-optios: Fix, cleanup and add description of tdx-guest

[Xiaoyao Li]

Patch 1 is the fix to generated doc html.

Patch 2-4 are the cleanup of memory-encryption

Patch 5 add description of tdx-guest.

Xiaoyao Li (5):
  qemu-options: Move sgx-epc options from "M" to "machine"
  i386/sev: Remove the example that references memory-encryption
  qemu-options: Change memory-encryption to confidential-guest-support
    in the example
  qemu-options: Add confidential-guest-support to machine options
  qemu-options: Add description of tdx-guest object

 qemu-options.hx   | 66 ++++++++++++++++++++++++++++++++++++++---------
 target/i386/sev.c |  4 ---
 2 files changed, 54 insertions(+), 16 deletions(-)

-- 
2.43.0

[PATCH 1/5] qemu-options: Move sgx-epc options from "M" to "machine"

[Xiaoyao Li]

It's weird to only put sgx-epc option in "M" while leaving others to
"machine". Besides currently in qemu-manpage.html, the "sgx-epc" option
is listed at the same level of "-machine", which looks incorrect.

Move "sgx-epc" ontion to "-machine" to address all above.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
 qemu-options.hx | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/qemu-options.hx b/qemu-options.hx
index 1f862b19a676..740323f22bc2 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
 #endif
     "                memory-backend='backend-id' specifies explicitly provided backend for main RAM (default=none)\n"
     "                cxl-fmw.0.targets.0=firsttarget,cxl-fmw.0.targets.1=secondtarget,cxl-fmw.0.size=size[,cxl-fmw.0.interleave-granularity=granularity]\n"
-    "                smp-cache.0.cache=cachename,smp-cache.0.topology=topologylevel\n",
+    "                smp-cache.0.cache=cachename,smp-cache.0.topology=topologylevel\n"
+    "                sgx-epc.0.memdev=memid,sgx-epc.0.node=numaid\n",
     QEMU_ARCH_ALL)
 SRST
 ``-machine [type=]name[,prop=value[,...]]``
@@ -200,17 +201,13 @@ SRST
         ::
 
             -machine smp-cache.0.cache=l1d,smp-cache.0.topology=core,smp-cache.1.cache=l1i,smp-cache.1.topology=core
-ERST
-
-DEF("M", HAS_ARG, QEMU_OPTION_M,
-    "                sgx-epc.0.memdev=memid,sgx-epc.0.node=numaid\n",
-    QEMU_ARCH_ALL)
 
-SRST
-``sgx-epc.0.memdev=@var{memid},sgx-epc.0.node=@var{numaid}``
-    Define an SGX EPC section.
+    ``sgx-epc.0.memdev=@var{memid},sgx-epc.0.node=@var{numaid}``
+        Define an SGX EPC section.
 ERST
 
+DEF("M", HAS_ARG, QEMU_OPTION_M, "", QEMU_ARCH_ALL)
+
 DEF("cpu", HAS_ARG, QEMU_OPTION_cpu,
     "-cpu cpu        select CPU ('-cpu help' for list)\n", QEMU_ARCH_ALL)
 SRST
-- 
2.43.0

[PATCH 2/5] i386/sev: Remove the example that references memory-encryption

[Xiaoyao Li]

"confidential-guest-support" is the recommended property to configure
sev for the machine, and amd-memory-encryption.rst has already switched
to use "confidential-guest-support" in the example.

Instead of changing "memory-encryption" to "confidential-guest-support"
in the comment of struct SevGuestState, just drop the example for
simplicity.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
 target/i386/sev.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/target/i386/sev.c b/target/i386/sev.c
index 1a12f0671cc6..b1831e9ab14e 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -131,10 +131,6 @@ struct SevCommonStateClass {
  *
  * The SevGuestState object is used for creating and managing a SEV
  * guest.
- *
- * # $QEMU \
- *         -object sev-guest,id=sev0 \
- *         -machine ...,memory-encryption=sev0
  */
 struct SevGuestState {
     SevCommonState parent_obj;
-- 
2.43.0

[PATCH 3/5] qemu-options: Change memory-encryption to confidential-guest-support in the example

[Xiaoyao Li]

"confidential-guest-support" is the recommended property instead of
"memory-encryption". Switch to "confidential-guest-support" in the
example of sev-guest.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
 qemu-options.hx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qemu-options.hx b/qemu-options.hx
index 740323f22bc2..27b7b79c6cad 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -5986,7 +5986,7 @@ SRST
              # |qemu_system_x86| \\
                  ...... \\
                  -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1 \\
-                 -machine ...,memory-encryption=sev0 \\
+                 -machine ...,confidential-guest-support=sev0 \\
                  .....
 
     ``-object authz-simple,id=id,identity=string``
-- 
2.43.0

[PATCH 4/5] qemu-options: Add confidential-guest-support to machine options

[Xiaoyao Li]

"confidential-guest-support" is the recommended property to configure
machine with confidential computing technology instead of
"memory-encryption".

Add "confidential-guest-support" to machine options and call out
explicitly "memory-encryption" is the alias of it and not recommended.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
 qemu-options.hx | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/qemu-options.hx b/qemu-options.hx
index 27b7b79c6cad..5c400114c2e5 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -36,7 +36,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
     "                dea-key-wrap=on|off controls support for DEA key wrapping (default=on)\n"
     "                suppress-vmdesc=on|off disables self-describing migration (default=off)\n"
     "                nvdimm=on|off controls NVDIMM support (default=off)\n"
-    "                memory-encryption=@var{} memory encryption object to use (default=none)\n"
+    "                confidential-guest-support='object-id' specifies confidential guest support object (default=none)\n"
+    "                memory-encryption='object-id' (memory-encryption is the alias of confidential-guest-support, recommend to use confidential-guest-support)\n"
     "                hmat=on|off controls ACPI HMAT support (default=off)\n"
 #ifdef CONFIG_POSIX
     "                aux-ram-share=on|off allocate auxiliary guest RAM as shared (default: off)\n"
@@ -99,8 +100,12 @@ SRST
     ``nvdimm=on|off``
         Enables or disables NVDIMM support. The default is off.
 
+    ``confidential-guest-support=``
+        confidential guest support object to use. The default is none.
+
     ``memory-encryption=``
-        Memory encryption object to use. The default is none.
+        The alias of ``confidential-guest-support``. Recommend to use
+        confidential-guest-support.
 
     ``hmat=on|off``
         Enables or disables ACPI Heterogeneous Memory Attribute Table
-- 
2.43.0

[PATCH 5/5] qemu-options: Add description of tdx-guest object

[Xiaoyao Li]

Add description of tdx-guest object so that QEMU doc page can have the
description.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
 qemu-options.hx | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/qemu-options.hx b/qemu-options.hx
index 5c400114c2e5..50c7874bbce9 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -5994,6 +5994,46 @@ SRST
                  -machine ...,confidential-guest-support=sev0 \\
                  .....
 
+    ``-object tdx-guest,id=id,[attributes=attrs,sept-ve-disable=on|off,mrconfigid=sha384_digest,mrowner=sha384_digest,mrownerconfig=sha384_digest,quote-generation-socket=socketaddr]``
+        Create an Intel Trusted Domain eXtensions (TDX) guest object, which is
+        the type of ``confidentiala-guest-support`` object. When pass the object
+        ID to machine's ``confidentiala-guest-support`` property, it can create
+        a TDX guest.
+
+        The ``attributes`` is a 64-bit integer, which specifies the TD
+        attributes of the TD.
+
+        The ``sept-ve-disable`` controls the bit 28 of TD attributes
+        specifically. When it's on, the EPT violation conversion to #VE on
+        guest access of PENDING pages is disabled. Some guest OS (e.g., Linux
+        TD guest) may require this to be set, otherwise they refuse to boot.
+        The default value is on.
+
+        The ``mrconfigid`` is base64 encoded SHA384 digest, which provides the
+        ID for non-owner-defined configuration of the guest TD, e.g., run-time
+        or OS configuration. The default value is all zeros.
+
+        The ``mrowner`` is base64 encoded SHA384 digest, which provides the ID
+        for guest TD's owner. The default value is all zeros.
+
+        The ``mrownerconfig`` is base64 encoded SHA384 digest, which provides
+        the ID for owner-defined configuration of the guest TD, e.g., the
+        configuration specific to the workload rather than the run-time of OS.
+        The default value is all zeros.
+
+        The ``quote-generation-socket`` specifies the socket address of the
+        Quote Generation Service (QGS). QGS is a daemon running on the host.
+        QEMU forwards the <GetQuote> request from TD guest to QGS and sents the
+        reply (which contains generated QUOTE on success) from QGS to guest TD.
+
+        .. parsed-literal::
+
+             # |qemu_system_x86| \\
+                 ... \\
+                 -object tdx-guest,id=tdx0, \\
+                 -machine ...,confidential-guest-support=tdx0 \\
+                 ...
+
     ``-object authz-simple,id=id,identity=string``
         Create an authorization object that will control access to
         network services.
-- 
2.43.0

Re: [PATCH 0/5] qemu-optios: Fix, cleanup and add description of tdx-guest

[Xiaoyao Li]

On 7/14/2025 5:19 PM, Xiaoyao Li wrote:
> Patch 1 is the fix to generated doc html.
> 
> Patch 2-4 are the cleanup of memory-encryption
> 
> Patch 5 add description of tdx-guest.

get_maintainer.pl doesn't provide me the maintainer of qemu-options.hx.

I have to send the series to the folks I'm familiar with in the QEMU 
community. Hope you can help cc the correct people.

> Xiaoyao Li (5):
>    qemu-options: Move sgx-epc options from "M" to "machine"
>    i386/sev: Remove the example that references memory-encryption
>    qemu-options: Change memory-encryption to confidential-guest-support
>      in the example
>    qemu-options: Add confidential-guest-support to machine options
>    qemu-options: Add description of tdx-guest object
> 
>   qemu-options.hx   | 66 ++++++++++++++++++++++++++++++++++++++---------
>   target/i386/sev.c |  4 ---
>   2 files changed, 54 insertions(+), 16 deletions(-)
>