On Mon, Mar 25, 2024 at 10:29 AM Philippe Mathieu-Daudé <phi...@linaro.org> wrote: > > On 22/3/24 19:11, Paolo Bonzini wrote: > > KVM is introducing a new API to create confidential guests, which > > will be used by TDX and SEV-SNP but is also available for SEV and > > SEV-ES. The API uses the VM type argument to KVM_CREATE_VM to > > identify which confidential computing technology to use. > > > > Since there are no other expected uses of VM types, delegate > > mc->kvm_type() for x86 boards to the confidential-guest-support > > s/mc/cgs/ here and in subject?
No, this refers to x86_kvm_type(), which is the implementation mc->kvm_type. As the commit message says, mc->kvm_type() is delegated to cgs->kvm_type(), via kvm_get_vm_type(). Paolo > > object pointed to by ms->cgs. > > > > For example, if a sev-guest object is specified to > > confidential-guest-support, > > like, > > > > qemu -machine ...,confidential-guest-support=sev0 \ > > -object sev-guest,id=sev0,... > > > > it will check if a VM type KVM_X86_SEV_VM or KVM_X86_SEV_ES_VM > > is supported, and if so use them together with the KVM_SEV_INIT2 > > function of the KVM_MEMORY_ENCRYPT_OP ioctl. If not, it will fall back to > > KVM_SEV_INIT and KVM_SEV_ES_INIT. > > > > This is a preparatory work towards TDX and SEV-SNP support, but it > > will also enable support for VMSA features such as DebugSwap, which > > are only available via KVM_SEV_INIT2. > > > > Co-developed-by: Xiaoyao Li <xiaoyao...@intel.com> > > Signed-off-by: Xiaoyao Li <xiaoyao...@intel.com> > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> > > --- > > target/i386/confidential-guest.h | 19 ++++++++++++++ > > target/i386/kvm/kvm_i386.h | 2 ++ > > hw/i386/x86.c | 11 ++++++++ > > target/i386/kvm/kvm.c | 44 ++++++++++++++++++++++++++++++++ > > 4 files changed, 76 insertions(+) >
