From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Igor Mammedov" <imammedo@redhat.com>,
"Zhao Liu" <zhao1.liu@intel.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Eric Blake" <eblake@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Peter Maydell" <peter.maydell@linaro.org>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
"Huacai Chen" <chenhuacai@kernel.org>,
"Rick Edgecombe" <rick.p.edgecombe@intel.com>,
"Francesco Lavra" <francescolavra.fl@gmail.com>,
qemu-devel@nongnu.org, kvm@vger.kernel.org
Subject: Re: [PATCH v7 52/52] docs: Add TDX documentation
Date: Wed, 26 Mar 2025 09:22:09 +0000 [thread overview]
Message-ID: <Z-PHQW9lVao-DY1F@redhat.com> (raw)
In-Reply-To: <81e9d055-377c-4521-9588-a6bad60b3a6d@intel.com>
On Wed, Mar 26, 2025 at 11:36:09AM +0800, Xiaoyao Li wrote:
> On 3/26/2025 2:46 AM, Daniel P. Berrangé wrote:
> > On Fri, Jan 24, 2025 at 08:20:48AM -0500, Xiaoyao Li wrote:
> > > Add docs/system/i386/tdx.rst for TDX support, and add tdx in
> > > confidential-guest-support.rst
> > >
> > > Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
> > > ---
> >
> > > ---
> > > docs/system/confidential-guest-support.rst | 1 +
> > > docs/system/i386/tdx.rst | 156 +++++++++++++++++++++
> > > docs/system/target-i386.rst | 1 +
> > > 3 files changed, 158 insertions(+)
> > > create mode 100644 docs/system/i386/tdx.rst
> >
> >
> > > +Launching a TD (TDX VM)
> > > +-----------------------
> > > +
> > > +To launch a TD, the necessary command line options are tdx-guest object and
> > > +split kernel-irqchip, as below:
> > > +
> > > +.. parsed-literal::
> > > +
> > > + |qemu_system_x86| \\
> > > + -object tdx-guest,id=tdx0 \\
> > > + -machine ...,kernel-irqchip=split,confidential-guest-support=tdx0 \\
> > > + -bios OVMF.fd \\
> > > +
> > > +Restrictions
> > > +------------
> > > +
> > > + - kernel-irqchip must be split;
> >
> > Is there a reason why we don't make QEMU set kernel-irqchip=split
> > automatically when tdx-guest is enabled ?
> >
> > It feels silly to default to a configuration that is known to be
> > broken with TDX. I thought about making libvirt automatically
> > set kernel-irqchip=split, or even above that making virt-install
> > automatically set it. Addressing it in QEMU would seem the most
> > appropriate place though.
>
> For x86, if not with machine older than machine-4.0, the default
> kernel_irqchip is set to split when users don't set a value explicitly:
I think you may have mis-read the code. *ONLY* pc-q35-4.0 uses
the split IRQ chip. Everything both older and newer than that
uses kernel IRQ chip by default. So our default machine type
settings are incompatible with TDX, except for pc-q35-4.0
We initially tried to use the split IRQ chip by default for 4.0:
commit b2fc91db84470a78f8e93f5b5f913c17188792c8
Author: Peter Xu <peterx@redhat.com>
Date: Thu Dec 20 13:40:35 2018 +0800
q35: set split kernel irqchip as default
Starting from QEMU 4.0, let's specify "split" as the default value for
kernel-irqchip.
but had to revert this in the very next release
commit c87759ce876a7a0b17c2bf4f0b964bd51f0ee871
Author: Alex Williamson <alex.williamson@redhat.com>
Date: Tue May 14 14:14:41 2019 -0600
q35: Revert to kernel irqchip
Commit b2fc91db8447 ("q35: set split kernel irqchip as default") changed
the default for the pc-q35-4.0 machine type to use split irqchip, which
turned out to have disasterous effects on vfio-pci INTx support.
>
> if (s->kernel_irqchip_split == ON_OFF_AUTO_AUTO) {
> s->kernel_irqchip_split = mc->default_kernel_irqchip_split ?
> ON_OFF_AUTO_ON : ON_OFF_AUTO_OFF;
> }
>
>
> I think QEMU should only set it to split automatically for TDX guest when
> users don't provide a explicit value. And current code just works as
> expected.
>
> Further, I think we can at least add the check in tdx_kvm_init() like this
>
> if (kvm_state->kernel_irqchip_split != ON_OFF_AUTO_ON) {
> error_setg(errp, "TDX VM requires kernel_irqchip to be split");
> return -EINVAL;
> }
>
> Are you OK with it?
IMHO we need to modify the current check for
"kernel_irqchip_split == ON_OFF_AUTO_AUTO"
so that it sets to 'ON_OFF_AUTO_ON', if TDX is enabled.
ie something more like
if (s->kernel_irqchip_split == ON_OFF_AUTO_AUTO) {
if (...tdx...) {
s->kernel_irqchip_split = ON_OFF_AUTO_ON;
} else {
s->kernel_irqchip_split = mc->default_kernel_irqchip_split ?
> ON_OFF_AUTO_ON : ON_OFF_AUTO_OFF;
}
}
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
prev parent reply other threads:[~2025-03-26 9:23 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-24 13:19 [PATCH v7 00/52] QEMU TDX support Xiaoyao Li
2025-01-24 13:19 ` [PATCH v7 01/52] *** HACK *** linux-headers: Update headers to pull in TDX API changes Xiaoyao Li
2025-01-24 13:19 ` [PATCH v7 02/52] i386: Introduce tdx-guest object Xiaoyao Li
2025-01-24 13:19 ` [PATCH v7 03/52] i386/tdx: Implement tdx_kvm_type() for TDX Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 04/52] i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 05/52] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES Xiaoyao Li
2025-02-18 19:21 ` Francesco Lavra
2025-02-25 8:59 ` Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 06/52] i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 07/52] kvm: Introduce kvm_arch_pre_create_vcpu() Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 08/52] i386/tdx: Initialize TDX before creating TD vcpus Xiaoyao Li
2025-02-19 10:14 ` Francesco Lavra
2025-02-25 9:55 ` Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 09/52] i386/tdx: Add property sept-ve-disable for tdx-guest object Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 10/52] i386/tdx: Make sept_ve_disable set by default Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 11/52] i386/tdx: Wire CPU features up with attributes of TD guest Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 12/52] i386/tdx: Validate TD attributes Xiaoyao Li
2025-02-05 9:06 ` Markus Armbruster
2025-02-05 10:29 ` Xiaoyao Li
2025-02-05 10:31 ` Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 13/52] i386/tdx: Set APIC bus rate to match with what TDX module enforces Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 14/52] i386/tdx: Implement user specified tsc frequency Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 15/52] i386/tdx: load TDVF for TD guest Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 16/52] i386/tdvf: Introduce function to parse TDVF metadata Xiaoyao Li
2025-02-19 10:58 ` Francesco Lavra
2025-02-25 11:59 ` Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 17/52] i386/tdx: Parse TDVF metadata for TDX VM Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 18/52] i386/tdx: Don't initialize pc.rom for TDX VMs Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 19/52] i386/tdx: Track mem_ptr for each firmware entry of TDVF Xiaoyao Li
2025-02-19 11:26 ` Francesco Lavra
2025-02-26 9:07 ` Xiaoyao Li
2025-02-19 18:40 ` Francesco Lavra
2025-02-26 9:08 ` Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 20/52] i386/tdx: Track RAM entries for TDX VM Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 21/52] headers: Add definitions from UEFI spec for volumes, resources, etc Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 22/52] i386/tdx: Setup the TD HOB list Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 23/52] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 24/52] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 25/52] i386/tdx: Finalize TDX VM Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 26/52] i386/tdx: Enable user exit on KVM_HC_MAP_GPA_RANGE Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 27/52] i386/tdx: Handle KVM_SYSTEM_EVENT_TDX_FATAL Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 28/52] i386/tdx: Wire TDX_REPORT_FATAL_ERROR with GuestPanic facility Xiaoyao Li
2025-02-05 9:19 ` Markus Armbruster
2025-02-05 10:19 ` Xiaoyao Li
2025-02-27 16:30 ` Francesco Lavra
2025-03-03 2:36 ` Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 29/52] i386/cpu: introduce x86_confidential_guest_cpu_instance_init() Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 30/52] i386/tdx: implement tdx_cpu_instance_init() Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 31/52] i386/cpu: Introduce enable_cpuid_0x1f to force exposing CPUID 0x1f Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 32/52] i386/tdx: Force " Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 33/52] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 34/52] i386/tdx: Disable SMM for TDX VMs Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 35/52] i386/tdx: Disable PIC " Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 36/52] i386/tdx: Don't synchronize guest tsc for TDs Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 37/52] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() " Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 38/52] i386/apic: Skip kvm_apic_put() for TDX Xiaoyao Li
2025-02-27 16:57 ` Francesco Lavra
2025-03-03 2:42 ` Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 39/52] cpu: Don't set vcpu_dirty when guest_state_protected Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 40/52] i386/cgs: Rename *mask_cpuid_features() to *adjust_cpuid_features() Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 41/52] i386/tdx: Implement adjust_cpuid_features() for TDX Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 42/52] i386/tdx: Apply TDX fixed0 and fixed1 information to supported CPUIDs Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 43/52] i386/tdx: Mask off CPUID bits by unsupported TD Attributes Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 44/52] i386/cpu: Move CPUID_XSTATE_XSS_MASK to header file and introduce CPUID_XSTATE_MASK Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 45/52] i386/tdx: Mask off CPUID bits by unsupported XFAM Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 46/52] i386/tdx: Mark the configurable bit not reported by KVM as unsupported Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 47/52] i386/cgs: Introduce x86_confidential_guest_check_features() Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 48/52] i386/tdx: Fetch and validate CPUID of TD guest Xiaoyao Li
2025-02-05 9:28 ` Markus Armbruster
2025-02-05 10:29 ` Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 49/52] i386/tdx: Don't treat SYSCALL as unavailable Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 50/52] i386/tdx: Make invtsc default on Xiaoyao Li
2025-01-24 13:20 ` [PATCH v7 51/52] i386/tdx: Validate phys_bits against host value Xiaoyao Li
2025-01-31 18:27 ` Paolo Bonzini
2025-02-02 14:39 ` Xiaoyao Li
2025-02-03 18:15 ` Paolo Bonzini
2025-01-24 13:20 ` [PATCH v7 52/52] docs: Add TDX documentation Xiaoyao Li
2025-03-25 18:46 ` Daniel P. Berrangé
2025-03-26 3:36 ` Xiaoyao Li
2025-03-26 6:48 ` Xiaoyao Li
2025-03-26 9:22 ` Daniel P. Berrangé [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z-PHQW9lVao-DY1F@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=chenhuacai@kernel.org \
--cc=eblake@redhat.com \
--cc=francescolavra.fl@gmail.com \
--cc=imammedo@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=mst@redhat.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=rick.p.edgecombe@intel.com \
--cc=xiaoyao.li@intel.com \
--cc=zhao1.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).