[PATCH v3 60/70] i386/tdx: Disable SMM for TDX VMs

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v3 60/70] i386/tdx: Disable SMM for TDX VMs

From:	Xiaoyao Li
Subject:	[PATCH v3 60/70] i386/tdx: Disable SMM for TDX VMs
Date:	Wed, 15 Nov 2023 02:15:09 -0500

TDX doesn't support SMM and VMM cannot emulate SMM for TDX VMs because
VMM cannot manipulate TDX VM's memory.

Disable SMM for TDX VMs and error out if user requests to enable SMM.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
---
 target/i386/kvm/tdx.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 23504ba3b05e..45b587ee07c2 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -686,11 +686,19 @@ static Notifier tdx_machine_done_notify = {
 
 int tdx_kvm_init(MachineState *ms, Error **errp)
 {
+    X86MachineState *x86ms = X86_MACHINE(ms);
     TdxGuest *tdx = TDX_GUEST(OBJECT(ms->cgs));
     int r = 0;
 
     ms->require_guest_memfd = true;
 
+    if (x86ms->smm == ON_OFF_AUTO_AUTO) {
+        x86ms->smm = ON_OFF_AUTO_OFF;
+    } else if (x86ms->smm == ON_OFF_AUTO_ON) {
+        error_setg(errp, "TDX VM doesn't support SMM");
+        return -EINVAL;
+    }
+
     if (!tdx_caps) {
         r = get_tdx_capabilities(errp);
         if (r) {
-- 
2.34.1

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v3 49/70] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu, (continued)
- [PATCH v3 49/70] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu, Xiaoyao Li, 2023/11/15
- [PATCH v3 50/70] i386/tdx: Finalize TDX VM, Xiaoyao Li, 2023/11/15
- [PATCH v3 51/70] i386/tdx: handle TDG.VP.VMCALL<SetupEventNotifyInterrupt>, Xiaoyao Li, 2023/11/15
- [PATCH v3 54/70] i386/tdx: handle TDG.VP.VMCALL<MapGPA> hypercall, Xiaoyao Li, 2023/11/15
- [PATCH v3 55/70] i386/tdx: Limit the range size for MapGPA, Xiaoyao Li, 2023/11/15
- [PATCH v3 53/70] i386/tdx: setup a timer for the qio channel, Xiaoyao Li, 2023/11/15
- [PATCH v3 52/70] i386/tdx: handle TDG.VP.VMCALL<GetQuote>, Xiaoyao Li, 2023/11/15
- [PATCH v3 56/70] i386/tdx: Handle TDG.VP.VMCALL<REPORT_FATAL_ERROR>, Xiaoyao Li, 2023/11/15
- [PATCH v3 57/70] i386/tdx: Wire TDX_REPORT_FATAL_ERROR with GuestPanic facility, Xiaoyao Li, 2023/11/15
- [PATCH v3 58/70] pci-host/q35: Move PAM initialization above SMRAM initialization, Xiaoyao Li, 2023/11/15
- [PATCH v3 60/70] i386/tdx: Disable SMM for TDX VMs, Xiaoyao Li <=
- [PATCH v3 61/70] i386/tdx: Disable PIC for TDX VMs, Xiaoyao Li, 2023/11/15
- [PATCH v3 59/70] q35: Introduce smm_ranges property for q35-pci-host, Xiaoyao Li, 2023/11/15
- [PATCH v3 62/70] i386/tdx: Don't allow system reset for TDX VMs, Xiaoyao Li, 2023/11/15
- [PATCH v3 65/70] hw/i386: add option to forcibly report edge trigger in acpi tables, Xiaoyao Li, 2023/11/15
- [PATCH v3 64/70] hw/i386: add eoi_intercept_unsupported member to X86MachineState, Xiaoyao Li, 2023/11/15
- [PATCH v3 63/70] i386/tdx: LMCE is not supported for TDX, Xiaoyao Li, 2023/11/15
- [PATCH v3 66/70] i386/tdx: Don't synchronize guest tsc for TDs, Xiaoyao Li, 2023/11/15
- [PATCH v3 67/70] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() for TDs, Xiaoyao Li, 2023/11/15
- [PATCH v3 68/70] i386/tdx: Skip kvm_put_apicbase() for TDs, Xiaoyao Li, 2023/11/15
- [PATCH v3 69/70] i386/tdx: Don't get/put guest state for TDX VMs, Xiaoyao Li, 2023/11/15

Prev by Date: [PATCH v3 58/70] pci-host/q35: Move PAM initialization above SMRAM initialization
Next by Date: [PATCH v3 61/70] i386/tdx: Disable PIC for TDX VMs
Previous by thread: [PATCH v3 58/70] pci-host/q35: Move PAM initialization above SMRAM initialization
Next by thread: [PATCH v3 61/70] i386/tdx: Disable PIC for TDX VMs
Index(es):
- Date
- Thread