CPU hotplug with Secure Boot was not really supported and firmware wasn't aware of hotplugged CPUs (which might lead to guest crashes). During 4.2 we introduced locked SMI handler RAM arrea to make sure that guest OS wasn't able to inject its own SMI handler and OVMF added initial CPU hotplug support.
This series is QEMU part of that support [1] which lets QMVF tell QEMU that CPU hotplug with SMI broadcast enabled is supported so that QEMU would be able to prevent hotplug in case it's not supported and trigger SMI on hotplug when it's necessary. 1) CPU hotplug negotiation part was introduced later so it might not be in upstream OVMF yet or I might have missed the patch on edk2-devel (Laszlo will point out to it/post formal patch) Igor Mammedov (3): x86: lpc9: let firmware negotiate CPU hotplug SMI feature x86: cphp: prevent guest crash on CPU hotplug when broadcast SMI is in use x68: acpi: trigger SMI before scanning for hotplugged CPUs include/hw/acpi/cpu.h | 1 + include/hw/i386/ich9.h | 1 + hw/acpi/cpu.c | 6 ++++++ hw/acpi/ich9.c | 12 +++++++++++- hw/i386/acpi-build.c | 33 ++++++++++++++++++++++++++++++++- hw/i386/pc.c | 15 ++++++++++++++- hw/isa/lpc_ich9.c | 10 ++++++++++ 7 files changed, 75 insertions(+), 3 deletions(-) -- 2.26.2