[PATCH v1 31/40] i386/tdx: Disable SMM for TDX VMs

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v1 31/40] i386/tdx: Disable SMM for TDX VMs

From:	Xiaoyao Li
Subject:	[PATCH v1 31/40] i386/tdx: Disable SMM for TDX VMs
Date:	Tue, 2 Aug 2022 15:47:41 +0800

TDX doesn't support SMM and VMM cannot emulate SMM for TDX VMs because
VMM cannot manipulate TDX VM's memory.

Disable SMM for TDX VMs and error out if user requests to enable SMM.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
---
 target/i386/kvm/tdx.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 1de767a990ba..70c56b7ba32c 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -657,9 +657,17 @@ static Notifier tdx_machine_done_notify = {
 
 int tdx_kvm_init(MachineState *ms, Error **errp)
 {
+    X86MachineState *x86ms = X86_MACHINE(ms);
     TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs),
                                                     TYPE_TDX_GUEST);
 
+    if (x86ms->smm == ON_OFF_AUTO_AUTO) {
+        x86ms->smm = ON_OFF_AUTO_OFF;
+    } else if (x86ms->smm == ON_OFF_AUTO_ON) {
+        error_setg(errp, "TDX VM doesn't support SMM");
+        return -EINVAL;
+    }
+
     if (!tdx_caps) {
         get_tdx_capabilities();
     }
-- 
2.27.0

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v1 19/40] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM, (continued)
- [PATCH v1 19/40] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM, Xiaoyao Li, 2022/08/02
- [PATCH v1 20/40] i386/tdvf: Introduce function to parse TDVF metadata, Xiaoyao Li, 2022/08/02
  - Re: [PATCH v1 20/40] i386/tdvf: Introduce function to parse TDVF metadata, Gerd Hoffmann, 2022/08/26
- [PATCH v1 22/40] i386/tdx: Skip BIOS shadowing setup, Xiaoyao Li, 2022/08/02
  - Re: [PATCH v1 22/40] i386/tdx: Skip BIOS shadowing setup, Gerd Hoffmann, 2022/08/26
- [PATCH v1 21/40] i386/tdx: Parse TDVF metadata for TDX VM, Xiaoyao Li, 2022/08/02
- [PATCH v1 26/40] headers: Add definitions from UEFI spec for volumes, resources, etc..., Xiaoyao Li, 2022/08/02
  - Re: [PATCH v1 26/40] headers: Add definitions from UEFI spec for volumes, resources, etc..., Gerd Hoffmann, 2022/08/26
- [PATCH v1 27/40] i386/tdx: Setup the TD HOB list, Xiaoyao Li, 2022/08/02
  - Re: [PATCH v1 27/40] i386/tdx: Setup the TD HOB list, Gerd Hoffmann, 2022/08/26
- [PATCH v1 31/40] i386/tdx: Disable SMM for TDX VMs, Xiaoyao Li <=
- [PATCH v1 32/40] i386/tdx: Disable PIC for TDX VMs, Xiaoyao Li, 2022/08/02
- [PATCH v1 28/40] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION, Xiaoyao Li, 2022/08/02
- [PATCH v1 25/40] i386/tdx: Track RAM entries for TDX VM, Xiaoyao Li, 2022/08/02
  - Re: [PATCH v1 25/40] i386/tdx: Track RAM entries for TDX VM, Gerd Hoffmann, 2022/08/26
- [PATCH v1 23/40] i386/tdx: Don't initialize pc.rom for TDX VMs, Xiaoyao Li, 2022/08/02
- [PATCH v1 33/40] i386/tdx: Don't allow system reset for TDX VMs, Xiaoyao Li, 2022/08/02
- [PATCH v1 29/40] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu, Xiaoyao Li, 2022/08/02
- [PATCH v1 30/40] i386/tdx: Finalize TDX VM, Xiaoyao Li, 2022/08/02
- [PATCH v1 24/40] i386/tdx: Track mem_ptr for each firmware entry of TDVF, Xiaoyao Li, 2022/08/02
- [PATCH v1 34/40] hw/i386: add eoi_intercept_unsupported member to X86MachineState, Xiaoyao Li, 2022/08/02

Prev by Date: [PATCH v1 27/40] i386/tdx: Setup the TD HOB list
Next by Date: [PATCH v1 32/40] i386/tdx: Disable PIC for TDX VMs
Previous by thread: Re: [PATCH v1 27/40] i386/tdx: Setup the TD HOB list
Next by thread: [PATCH v1 32/40] i386/tdx: Disable PIC for TDX VMs
Index(es):
- Date
- Thread