[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[RFC PATCH v2 15/44] i386/tdx: Add hook to require generic device loader
|
From: |
isaku . yamahata |
|
Subject: |
[RFC PATCH v2 15/44] i386/tdx: Add hook to require generic device loader |
|
Date: |
Wed, 7 Jul 2021 17:54:45 -0700 |
From: Sean Christopherson <sean.j.christopherson@intel.com>
Add a hook for TDX to denote that the TD Virtual Firmware must be
provided via the "generic" device loader. Error out if pflash is used
in conjuction with TDX.
Suggested-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
hw/i386/pc_sysfw.c | 6 ++++++
include/sysemu/tdx.h | 2 ++
target/i386/kvm/tdx-stub.c | 5 +++++
target/i386/kvm/tdx.c | 25 +++++++++++++++++++++++++
4 files changed, 38 insertions(+)
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 6ce37a2b05..5ff571af36 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -38,6 +38,7 @@
#include "hw/block/flash.h"
#include "sysemu/kvm.h"
#include "sysemu/sev.h"
+#include "sysemu/tdx.h"
#define FLASH_SECTOR_SIZE 4096
@@ -328,6 +329,11 @@ void pc_system_firmware_init(PCMachineState *pcms,
int i;
BlockBackend *pflash_blk[ARRAY_SIZE(pcms->flash)];
+ if (!tdx_system_firmware_init(pcms, rom_memory)) {
+ pc_system_flash_cleanup_unused(pcms);
+ return;
+ }
+
if (!pcmc->pci_enabled) {
x86_bios_rom_init(MACHINE(pcms), "bios.bin", rom_memory, true);
return;
diff --git a/include/sysemu/tdx.h b/include/sysemu/tdx.h
index 03461b6ae8..70eb01348f 100644
--- a/include/sysemu/tdx.h
+++ b/include/sysemu/tdx.h
@@ -3,8 +3,10 @@
#ifndef CONFIG_USER_ONLY
#include "sysemu/kvm.h"
+#include "hw/i386/pc.h"
bool kvm_has_tdx(KVMState *s);
+int tdx_system_firmware_init(PCMachineState *pcms, MemoryRegion *rom_memory);
#endif
void tdx_pre_create_vcpu(CPUState *cpu);
diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
index 93afe07ddb..4e1a0a4280 100644
--- a/target/i386/kvm/tdx-stub.c
+++ b/target/i386/kvm/tdx-stub.c
@@ -7,6 +7,11 @@ bool kvm_has_tdx(KVMState *s)
{
return false;
}
+
+int tdx_system_firmware_init(PCMachineState *pcms, MemoryRegion *rom_memory)
+{
+ return -ENOSYS;
+}
#endif
void tdx_pre_create_vcpu(CPUState *cpu)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 67fb03b4b5..48c04d344d 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -109,6 +109,31 @@ int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error
**errp)
return 0;
}
+int tdx_system_firmware_init(PCMachineState *pcms, MemoryRegion *rom_memory)
+{
+ MachineState *ms = MACHINE(pcms);
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs),
+ TYPE_TDX_GUEST);
+ int i;
+
+ if (!tdx) {
+ return -ENOSYS;
+ }
+
+ /*
+ * Sanitiy check for tdx:
+ * TDX uses generic loader to load bios instead of pflash.
+ */
+ for (i = 0; i < ARRAY_SIZE(pcms->flash); i++) {
+ if (drive_get(IF_PFLASH, 0, i)) {
+ error_report("pflash not supported by VM type, "
+ "use -device loader,file=<path>");
+ exit(1);
+ }
+ }
+ return 0;
+}
+
void tdx_get_supported_cpuid(KVMState *s, uint32_t function,
uint32_t index, int reg, uint32_t *ret)
{
--
2.25.1
- [RFC PATCH v2 07/44] i386/kvm: Squash getting/putting guest state for TDX VMs, (continued)
- [RFC PATCH v2 07/44] i386/kvm: Squash getting/putting guest state for TDX VMs, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 14/44] i386/tdx: Frame in the call for KVM_TDX_INIT_VCPU, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 16/44] hw/i386: Add definitions from UEFI spec for volumes, resources, etc..., isaku . yamahata, 2021/07/07
- [RFC PATCH v2 37/44] hw/i386: add option to forcibly report edge trigger in acpi tables, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 39/44] ioapic: add property to disallow SMI delivery mode, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 34/44] target/i386/tdx: set reboot action to shutdown when tdx, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 06/44] hw/i386: Introduce kvm-type for TDX guest, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 05/44] linux-headers: Update headers to pull in TDX API changes, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 15/44] i386/tdx: Add hook to require generic device loader,
isaku . yamahata <=
- [RFC PATCH v2 18/44] hw/i386: refactor e820_add_entry(), isaku . yamahata, 2021/07/07
- [RFC PATCH v2 19/44] hw/i386/e820: introduce a helper function to change type of e820, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 41/44] ioapic: add property to disallow INIT/SIPI delivery mode, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 22/44] i386/tdx: Add TDVF memory via INIT_MEM_REGION, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 21/44] i386/tdx: Create the TD HOB list upon machine init done, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 40/44] hw/i386: add a flag to disallow SMI, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 43/44] i386/tdx: disallow level interrupt and SMI/INIT/SIPI delivery mode, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 44/44] i386/tdx: disable S3/S4 unconditionally, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 25/44] q35: Move PCIe BAR check above PAM check in mch_write_config(), isaku . yamahata, 2021/07/07