Hi Roy,
On Thu, 27 Feb 2025 at 14:47, Roy Hopkins <roy.hopk...@randomman.co.uk> wrote:
>
> Here is v7 of the set of patches to add support for IGVM files to QEMU. This
> is
> based on commit 40efe733e10cc00e4fb4f9f5790a28e744e63c62 of qemu.
>
> Firstly, apologies for the amount of time between the last version and this
> one.
> I moved roles to a different company and, although I always planned to see
> this
> patch series to completion, it took a while before I found time to setup a
> development environment and be in a position to send a new version. I will
> continue this series using a personal email address for now, hence the change
> to the author and signed-off-by emails.
>
> The only changes in this version are to rebase on the current master branch
> and
> update commit metadata, including Signed-Off-By and Author emails for my
> replacement email address, and to include the final Reviewed-By that were
> added
> in the last review. There were no requested changes on the previous version
> [1]
> so I believe this series is ready to merge.
>
> As always, thanks to those that have been following along, reviewing and
> testing
> this series. This v7 patch series is also available on github: [2]
>
> For testing IGVM support in QEMU you need to generate an IGVM file that is
> configured for the platform you want to launch. You can use the `buildigvm`
> test tool [3] to allow generation of IGVM files for all currently supported
> platforms. Patch 11/17 contains information on how to generate an IGVM file
> using this tool.
I was testing this series with the IGVM file generated by COCONUT SVSM,
but QEMU was failing in this way:
qemu-system-x86_64: KVM does not support guest_memfd
qemu-system-x86_64: failed to initialize kvm: Operation not permitted
After spending some time debugging, I found that IGVM is parsed in
kvm_arch_init(). One of the handler called during the parsing is
qigvm_prepare_memory(), which adds a new memory region calling
memory_region_init_ram_guest_memfd(), but it fails:
kvm_arch_init()
-> qigvm_prepare_memory()
-> memory_region_init_ram_guest_memfd()
-> kvm_create_guest_memfd()
...
if (!kvm_guest_memfd_supported) {
error_setg(errp, "KVM does not support guest_memfd");
return -1;
}
So, I applied the following change and SVSM booted!
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index f89568bfa3..840f36675e 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2722,17 +2722,17 @@ static int kvm_init(MachineState *ms)
kvm_state = s;
- ret = kvm_arch_init(ms, s);
- if (ret < 0) {
- goto err;
- }
-
kvm_supported_memory_attributes = kvm_vm_check_extension(s,
KVM_CAP_MEMORY_ATTRIBUTES);
kvm_guest_memfd_supported =
kvm_check_extension(s, KVM_CAP_GUEST_MEMFD) &&
kvm_check_extension(s, KVM_CAP_USER_MEMORY2) &&
(kvm_supported_memory_attributes & KVM_MEMORY_ATTRIBUTE_PRIVATE);
+ ret = kvm_arch_init(ms, s);
+ if (ret < 0) {
+ goto err;
+ }
+
if (s->kernel_irqchip_split == ON_OFF_AUTO_AUTO) {
s->kernel_irqchip_split = mc->default_kernel_irqchip_split ?
ON_OFF_AUTO_ON : ON_OFF_AUTO_OFF;
}
Checking, I discovered that it was done on purpose by Paolo, so not sure
if my fix is valid:
commit 586d708c1e3e5e29a0b3c05c347290aed9478854
Author: Paolo Bonzini <pbonz...@redhat.com>
Date: Fri Oct 11 10:39:58 2024 +0200
accel/kvm: check for KVM_CAP_MEMORY_ATTRIBUTES on vm
The exact set of available memory attributes can vary by VM. In the
future it might vary depending on enabled capabilities, too. Query the
extension on the VM level instead of on the KVM level, and only after
architecture-specific initialization.
Inspired by an analogous patch by Tom Dohrmann.
Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
@Paolo any suggestion?
Thanks,
Stefano
