This allows an external program to act as a hotness tracker.
Signed-off-by: Jonathan Cameron
---
contrib/plugins/cache.c | 75 +
1 file changed, 68 insertions(+), 7 deletions(-)
diff --git a/contrib/plugins/cache.c b/contrib/plugins/cache.c
index 7baff868
Implement the FPCR.AH semantics for FMAXV and FMINV. These are the
"recursively reduce all lanes of a vector to a scalar result" insns;
we just need to use the _ah_ helper for the reduction step when
FPCR.AH == 1.
Signed-off-by: Peter Maydell
---
target/arm/tcg/translate-a64.c | 28
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/riscv/cpu.h | 9 +
target/riscv/internals.h | 3 ---
target/riscv/cpu.c | 8 +++-
3 files changed, 8 insertions(+), 12 deletions(-)
diff --git a/target/riscv/cpu.h b/tar
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/hppa/cpu.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Reviewed-by: Richard Henderson
r~
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/rx/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Richard Henderson
r~
Queued, thanks.
Paolo
- Parity in realize / unrealize
- Define TypeInfo structure
Philippe Mathieu-Daudé (2):
hw/char/sh_serial: Delete fifo_timeout_timer in DeviceUnrealize
hw/char/sh_serial: Convert to TypeInfo
hw/char/sh_serial.c | 24 ++--
1 file changed, 14 insertions(+), 10 deletions(-)
On 1/24/25 18:45, Thomas Huth wrote:
The tacoma-bmc machine has recently been removed, so let's remove
it from the documentation now, too.
Fixes: 2b1b66e01f ("arm: Remove tacoma-bmc machine")
Signed-off-by: Thomas Huth
Reviewed-by: Cédric Le Goater
Thanks,
C.
---
docs/system/arm/aspe
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
In order to expand cpu_has_work(), un-inline it.
Signed-off-by: Philippe Mathieu-Daudé
---
include/hw/core/cpu.h | 6 +-
hw/core/cpu-system.c | 6 ++
2 files changed, 7 insertions(+), 5 deletions(-)
Reviewed-by: Richard Henderson
r
On Fri, Jan 24, 2025 at 03:15:27PM +0100, Thomas Huth wrote:
> Move the mipsel replay tests from tests/avocado/replay_kernel.py to
> the functional framework. Since the functional tests should be run per
> target, we cannot stick all replay tests in one file. Thus let's add
> these tests to the fil
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Move has_work() from CPUClass to SysemuCPUOps and
cpu_mips_hw_interrupts_enabled() to system.
Signed-off-by: Philippe Mathieu-Daudé
---
target/mips/internal.h | 4 ++--
target/mips/cpu.c | 4 +++-
2 files changed, 5 insertions(+), 3 delet
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Remove as unreachable code.
Signed-off-by: Philippe Mathieu-Daudé
---
target/hexagon/cpu.c | 6 --
1 file changed, 6 deletions(-)
Reviewed-by: Richard Henderson
r~
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
This method is not used on user emulation, because there
is always work to do there.
Signed-off-by: Philippe Mathieu-Daudé
---
include/hw/core/cpu.h | 28 ++--
1 file changed, 14 insertions(+), 14 deletions(-)
Reviewed
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/m68k/cpu.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Reviewed-by: Richard Henderson
r~
diff --git a/target/m68k/cpu.c b/target/m68k/cpu.c
index 41dfdf58045..eb7fb4f7e4c 100644
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/microblaze/cpu.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Reviewed-by: Richard Henderson
r~
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Move has_work() from CPUClass to SysemuCPUOps, move
s390_cpu_has_work() to cpu-system.c so it is only build
for system emulation binaries, restrict functions not
used anymore on user emulation in interrupt.c.
Signed-off-by: Philippe Mathieu-Daudé
-
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/tricore/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Richard Henderson
r~
Hi,
On 1/24/25 4:41 AM, Jason Wang wrote:
> On Fri, Jan 24, 2025 at 11:30 AM Jason Wang wrote:
>> On Fri, Jan 24, 2025 at 10:44 AM Duan, Zhenzhong
>> wrote:
>>>
>>>
-Original Message-
From: Eric Auger
Subject: Re: [PATCH] hw/virtio/vhost: Disable IOTLB callbacks when IOM
From: Helge Deller
Commit 20f7b890173b ("hw/hppa: Reset vCPUs calling resettable_reset()")
broke booting the Linux kernel with initrd which may have been provided
on the command line. The problem is, that the mentioned commit zeroes
out initial registers which were preset with addresses for the L
From: Helge Deller
Allow up to 256 GB RAM, which is the maximum a rp8440 machine (the very
last 64-bit PA-RISC machine) physically supports.
Signed-off-by: Helge Deller
Reviewed-by: Richard Henderson
---
hw/hppa/hppa_hardware.h | 2 ++
hw/hppa/machine.c | 26 +++---
From: Helge Deller
The following changes since commit 32a97c5d05c5deb54a42315d48cecf86cbeadaf4:
Merge tag 'pull-tcg-20250117' of https://gitlab.com/rth7680/qemu into staging
(2025-01-21 08:28:33 -0500)
are available in the Git repository at:
https://github.com/hdeller/qemu-hppa.git tags/h
On 1/24/25 13:10, Michael Clark wrote:
this metadata is based on x86-csv with numerous inaccuracies
fixed plus conversion of legacy instructions to a new LEX format.
this metadata has been fuzz-tested against the LLVM disassembler
for x86-64 with 64-bit ISA coverage in the order of ~99.9%.
addi
On Sat, 25 Jan 2025 03:12:45 +0800
Tomita Moeko wrote:
> Both enable opregion option (x-igd-opregion) and legacy mode require
> setting up OpRegion copy for IGD devices. Move x-igd-opregion handler
> in vfio_realize() to vfio_probe_igd_config_quirk() to elimate duplicate
> code. Finally we moved
On Fri, Jan 24, 2025 at 05:47:45PM +0800, Xu Yilun wrote:
> On Thu, Jan 23, 2025 at 11:47:17AM -0500, Peter Xu wrote:
> > On Thu, Jan 23, 2025 at 05:33:53PM +0800, Xu Yilun wrote:
> > > On Wed, Jan 22, 2025 at 11:43:01AM -0500, Peter Xu wrote:
> > > > On Wed, Jan 22, 2025 at 05:41:31PM +0800, Xu Yi
The negation steps in FCADD must honour FPCR.AH's "don't change the
sign of a NaN" semantics. Implement this in the same way we did for
the base ASIMD FCADD, by encoding FPCR.AH into the SIMD data field
passed to the helper and using that to decide whether to negate the
values.
Signed-off-by: Pet
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Currently only system emulation is supported.
Assert no target code is built for user emulation.
Remove #ifdef'ry since more work is required before
being able to emulate a user process.
Signed-off-by: Philippe Mathieu-Daudé
---
target/rx/cpu.h
On 1/21/2025 8:23 AM, Philippe Mathieu-Daudé wrote:
Remove as unreachable code.
Signed-off-by: Philippe Mathieu-Daudé
---
Reviewed-by: Brian Cain
target/hexagon/cpu.c | 6 --
1 file changed, 6 deletions(-)
diff --git a/target/hexagon/cpu.c b/target/hexagon/cpu.c
index 0b7fc98f6c
Hi Zhenzhong,
On 1/24/25 3:44 AM, Duan, Zhenzhong wrote:
>
>> -Original Message-
>> From: Eric Auger
>> Subject: Re: [PATCH] hw/virtio/vhost: Disable IOTLB callbacks when IOMMU gets
>> disabled
>>
>> Hi Jason,
>>
>>
>> On 1/23/25 2:34 AM, Jason Wang wrote:
>>> On Wed, Jan 22, 2025 at 3:5
On 1/22/25 10:09, del...@kernel.org wrote:
From: Helge Deller
Commit 20f7b890173b ("hw/hppa: Reset vCPUs calling resettable_reset()")
broke booting the Linux kernel with initrd which may have been provided
on the command line. The problem is, that the mentioned commit zeroes
out initial register
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
diff --git a/hw/core/cpu-system.c b/hw/core/cpu-system.c
index 7b16bda2250..7f287984aa6 100644
--- a/hw/core/cpu-system.c
+++ b/hw/core/cpu-system.c
@@ -25,12 +25,8 @@
bool cpu_has_work(CPUState *cpu)
{
-if (cpu->cc->sysemu_ops->has_work
On 1/22/25 10:09, del...@kernel.org wrote:
From: Helge Deller
Allow up to 256 GB RAM, which is the maximum a rp8440 machine (the very
last 64-bit PA-RISC machine) physically supports.
Signed-off-by: Helge Deller
---
hw/hppa/hppa_hardware.h | 2 ++
hw/hppa/machine.c | 26
QOM types are now registered using as TypeInfo via DEFINE_TYPES()
or type_init(). Update TYPE_SH_SERIAL, removing the empty QOM
instance_init/finalize handlers.
Signed-off-by: Philippe Mathieu-Daudé
---
hw/char/sh_serial.c | 23 +++
1 file changed, 11 insertions(+), 12 deleti
fifo_timeout_timer is created in the DeviceRealize handler,
not in the instance_init one. For parity, delete it in
DeviceUnrealize, rather than instance_finalize.
Signed-off-by: Philippe Mathieu-Daudé
---
hw/char/sh_serial.c | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --
On 22/1/25 19:09, del...@kernel.org wrote:
From: Helge Deller
Allow up to 256 GB RAM, which is the maximum a rp8440 machine (the very
last 64-bit PA-RISC machine) physically supports.
Signed-off-by: Helge Deller
---
hw/hppa/hppa_hardware.h | 2 ++
hw/hppa/machine.c | 26
On Thu, 23 Jan 2025 09:51:51 +
Jonathan Cameron via wrote:
> On Wed, 22 Jan 2025 07:56:24 +0100
> Philippe Mathieu-Daudé wrote:
>
> > Map the component I/O region as UnimplementedDevice
> > to be able to trace guest I/O accesses with '-d unimp'.
> >
> > Signed-off-by: Philippe Mathieu-Daud
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Move has_work() from CPUClass to SysemuCPUOps,
restrict x86_cpu_pending_interrupt() to system.
Signed-off-by: Philippe Mathieu-Daudé
---
target/i386/cpu.h | 4 ++--
target/i386/cpu.c | 8 +++-
2 files changed, 5 insertions(+), 7 deletions(-
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/loongarch/cpu.c | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(-)
Reviewed-by: Richard Henderson
r~
Peter Maydell writes:
> Add a test case which tests some corner case behaviour of
> fused-multiply-add on x86:
> * 0 * Inf + SNaN should raise Invalid
> * 0 * Inf + QNaN shouldh not raise Invalid
> * tininess should be detected after rounding
>
> There is also one currently-disabled test case:
On 24/1/25 13:47, BALATON Zoltan wrote:
The variable is uint64_t so needs %PRIu64 instead of %d.
Fixes: 3ae7eb88c47 ("ehci: fix overflow in frame timer code")
Signed-off-by: BALATON Zoltan
Reviewed-by: Peter Maydell
---
v3: Fixed commit message to match what the patch actually does
hw/usb/h
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/alpha/cpu.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Reviewed-by: Richard Henderson
r~
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/avr/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Richard Henderson
r~
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/ppc/cpu_init.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Reviewed-by: Richard Henderson
r~
On 1/21/25 06:23, Philippe Mathieu-Daudé wrote:
Signed-off-by: Philippe Mathieu-Daudé
---
target/openrisc/cpu.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Reviewed-by: Richard Henderson
r~
Please swap patch 1 and 2 and incorporate the changes of write_event_data
into this patch.
Reviewed-by: Nina Schoetterl-Glausch
See some minor nits below.
On Wed, 2025-01-15 at 14:31 +0100, Shalini Chellathurai Saroja wrote:
> This commit implements the SCLP event type Control-Program
> Identif
The negation step in the SVE FTMAD insn mustn't negate a NaN when
FPCR.AH is set. Pass FPCR.AH to the helper via the SIMD data field
and use that to determine whether to do the negation.
Signed-off-by: Peter Maydell
---
target/arm/tcg/sve_helper.c| 21 +++--
target/arm/tcg/t
Intended to support enabling in kernel. For now this is dumb and the data
made up. That will change in the near future.
Instantiates 3 instances within one CHMU with separate
interrupts.
Signed-off-by: Jonathan Cameron
---
include/hw/cxl/cxl.h| 1 +
include/hw/cxl/cxl_chmu.h | 154
On Fri, 24 Jan 2025 at 04:52, Paolo Bonzini wrote:
>
> The following changes since commit d6430c17d7113d3c38480dc34e59d00b0504e2f7:
>
> Merge tag 'pull-riscv-to-apply-20250119-1' of
> https://github.com/alistair23/qemu into staging (2025-01-19 08:55:46 -0500)
>
> are available in the Git reposi
The IO BAR4 of IGD devices contains a pair of 32-bit address/data
registers, MMIO_Index (0x0) and MMIO_Data (0x4), which provide access
to the MMIO BAR0 (GTTMMADR) from IO space. These registers are probably
only used by the VBIOS, and are not documented by intel. The observed
layout of MMIO_Index
The actual IO BAR4 write quirk in vfio_probe_igd_bar4_quirk() was
removed in previous change, leaving the function not matching its name,
so move it into the newly introduced vfio_config_quirk_setup(). There
is no functional change in this commit. If any failure occurs, the
function simply returns
Though GTT Stolen Memory (GSM) is right below Data Stolen Memory (DSM)
in host address space, direct access to GSM is prohibited, and it is
not mapped to guest address space. Both host and guest accesses GSM
indirectly through the second half of MMIO BAR0 (GTTMMADR).
Guest firmware only need to re
Based on experiments and reverse engineering about the mysterious IO
BAR4, it appears that the current quirk implementation is incorrect.
As discussed in a previous mail thread [1], current implementation
believes VBIOS is writing HPA of Data Stolen Memory (DSM) in GTT
entries, so it intercepts and
Some devices, such as IGD, require device-specific quirks to be applied
to their pci config spaces. Currently, these quirks are either part of
BAR quirk, or being a part of vfio_realize(). Add a placeholder for pci
config quirks for moving the quirks to one place later.
Signed-off-by: Tomita Moeko
Both enable opregion option (x-igd-opregion) and legacy mode require
setting up OpRegion copy for IGD devices. Move x-igd-opregion handler
in vfio_realize() to vfio_probe_igd_config_quirk() to elimate duplicate
code. Finally we moved all the IGD-related code into igd.c.
Signed-off-by: Tomita Moeko
On 1/22/25 01:30, Philippe Mathieu-Daudé wrote:
Directly call cpu_set_pc() instead of open-coding it.
Signed-off-by: Philippe Mathieu-Daudé
---
hw/core/generic-loader.c | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/hw/core/generic-loader.c b/hw/core/generic-loader.c
When receiving a guest mpcifc(4) or mpcifc(6) instruction without the T
bit set, treat this as a request to perform direct mapping instead of
address translation. In order to facilitate this, pin the entirety of
guest memory into the host iommu.
Pinning for the direct mapping case is handled via
On Friday, January 24, 2025 6:12:04 AM CET Akihiko Odaki wrote:
> coreaudio had unnecessary explicit casts and they had extra whitespaces
> around them so remove them.
>
> Signed-off-by: Akihiko Odaki
> ---
> audio/coreaudio.m | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> di
Arrays, pointers and cells use a VMStateField that is based on that
for the inner type. The implementation therefore delegates to the
VMState implementation of the inner type.
Signed-off-by: Paolo Bonzini
---
rust/qemu-api/src/vmstate.rs | 79 +++-
1 file changed
qemu_irqs are not part of the vmstate, therefore they will remain in
PL011State. Update them if needed after regs_read()/regs_write().
Apply #[must_use] to functions that return whether the interrupt state
could have changed, so that it's harder to forget the call to update().
Reviewed-by: Zhao
Use a TCG loop so that it is not necessary to go through the setup steps
of REP and through the I/O check on every iteration. Interestingly, this
is not a particularly effective optimization on its own, though it avoids
the cost of correct RF emulation that was added in the previous patch.
The mai
Reviewed-by: Zhao Liu
Signed-off-by: Paolo Bonzini
---
rust/hw/char/pl011/src/device.rs | 3 ++-
rust/hw/char/pl011/src/device_class.rs | 36 +-
rust/hw/char/pl011/src/lib.rs | 6 +
3 files changed, 26 insertions(+), 19 deletions(-)
diff --git a/rust
Scalar types are those that have their own VMStateInfo. This poses
a problem in that references to VMStateInfo can only be included in
associated consts starting with Rust 1.83.0, when the const_refs_static
was stabilized. Removing the requirement is done by placing a limited
list of VMStateInfos
The only public interfaces for pl011 are TYPE_PL011 and pl011_create.
Remove pub from everything else.
Note: the "allow(dead_code)" is removed later.
Reviewed-by: Zhao Liu
Signed-off-by: Paolo Bonzini
---
rust/hw/char/pl011/src/device.rs | 2 +-
rust/hw/char/pl011/src/device_class.rs |
Signed-off-by: Paolo Bonzini
---
rust/qemu-api/src/vmstate.rs | 42 ++--
1 file changed, 40 insertions(+), 2 deletions(-)
diff --git a/rust/qemu-api/src/vmstate.rs b/rust/qemu-api/src/vmstate.rs
index 211c3d096b7..2b14d4839df 100644
--- a/rust/qemu-api/src/vmstate
On Friday, January 24, 2025 6:12:05 AM CET Akihiko Odaki wrote:
> Remove extra whitespaces around parentheses.
>
> Signed-off-by: Akihiko Odaki
> ---
> audio/coreaudio.m | 108
> +++---
> 1 file changed, 54 insertions(+), 54 deletions(-)
>
> diff
On 1/24/25 6:05 AM, Max Chou wrote:
In prop_vlen_set function, there is an incorrect comparison between
vlen(bit) and vlenb(byte).
This will cause unexpected error when user applies the `vlen=1024` cpu
option with a vendor predefined cpu type that the default vlen is
1024(vlenb=128).
Fixes:
The following changes since commit d6430c17d7113d3c38480dc34e59d00b0504e2f7:
Merge tag 'pull-riscv-to-apply-20250119-1' of
https://github.com/alistair23/qemu into staging (2025-01-19 08:55:46 -0500)
are available in the Git repository at:
https://gitlab.com/bonzini/qemu.git tags/for-upstrea
On 1/24/25 7:14 AM, Max Chou wrote:
According to the Vector Reduction Operations section in the RISC-V "V"
Vector Extension spec,
"If vl=0, no operation is performed and the destination register is not
updated."
The vd should be updated when vl is larger than 0.
Fixes: fe5c9ab1fc ("target/
Pull all the mutable fields of PL011State into a separate struct.
Reviewed-by: Zhao Liu
Signed-off-by: Paolo Bonzini
---
rust/hw/char/pl011/src/device.rs | 251 ++---
rust/hw/char/pl011/src/device_class.rs | 46 +++--
2 files changed, 168 insertions(+), 129 deletions(
On Wed, 22 Jan 2025 16:46:22 +0100
Mauro Carvalho Chehab wrote:
> Create a new property (x-has-hest-addr) and use it to detect if
> the GHES table offsets can be calculated from the HEST address
> (qemu 9.2 and upper) or via the legacy way via an offset obtained
10.0 by now
> from the hardware_
On Wed, 22 Jan 2025 16:46:25 +0100
Mauro Carvalho Chehab wrote:
> Adds a generic error device to handle generic hardware error
> events as specified at ACPI 6.5 specification at 18.3.2.7.2:
> https://uefi.org/specs/ACPI/6.5/18_Platform_Error_Interfaces.html#event-notification-for-generic-error-so
On Fri, 24 Jan 2025, Akihiko Odaki wrote:
init_out_device may only commit some part of the result and leave the
state inconsistent when it encounters a fatal error or the device gets
unplugged during the operation, which is expressed by
kAudioHardwareBadObjectError or kAudioHardwareBadDeviceError
On Fri, 24 Jan 2025 at 12:27, wrote:
>
> From: Denis Rastyogin
>
> Fix possible overflow in 1 << (DF_BITS(df) - 2) when DF_BITS(df)
> is 64 by using a 64-bit integer for the shift operation.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Reported-by: Dmitriy Fedin
> Si
On Fri, 24 Jan 2025 at 02:53, BALATON Zoltan wrote:
>
> The variable is uint64_t so needs %ld instead of %d.
>
> Fixes: 3ae7eb88c47 ("ehci: fix overflow in frame timer code")
> Signed-off-by: BALATON Zoltan
> ---
> hw/usb/hcd-ehci.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
Revi
On Fri, 24 Jan 2025, BALATON Zoltan wrote:
On Fri, 24 Jan 2025, Akihiko Odaki wrote:
init_out_device may only commit some part of the result and leave the
state inconsistent when it encounters a fatal error or the device gets
unplugged during the operation, which is expressed by
kAudioHardwareBa
On Wed, 22 Jan 2025 16:46:27 +0100
Mauro Carvalho Chehab wrote:
> Creates a QMP command to be used for generic ACPI APEI hardware error
> injection (HEST) via GHESv2, and add support for it for ARM guests.
>
> Error injection uses ACPI_HEST_SRC_ID_QMP source ID to be platform
> independent. This
On Thu, 23 Jan 2025 11:00:32 +
Jonathan Cameron wrote:
> On Wed, 22 Jan 2025 16:46:27 +0100
> Mauro Carvalho Chehab wrote:
>
> > Creates a QMP command to be used for generic ACPI APEI hardware error
> > injection (HEST) via GHESv2, and add support for it for ARM guests.
> >
> > Error injec
TDX advertises core crystal clock with cpuid[0x15] as 25MHz for TD
guests and it's unchangeable from VMM. As a result, TDX guest reads
the APIC timer as the same frequency, 25MHz.
While KVM's default emulated frequency for APIC bus is 1GHz, set the
APIC bus rate to match with TDX explicitly to ens
From: Chao Peng
TDVF(OVMF) needs to run at private memory for TD guest. TDX cannot
support pflash device since it doesn't support read-only private memory.
Thus load TDVF(OVMF) with -bios option for TDs.
Use memory_region_init_ram_guest_memfd() to allocate the MemoryRegion
for TDVF because it ne
KVM provides TDX capabilities via sub command KVM_TDX_CAPABILITIES of
IOCTL(KVM_MEMORY_ENCRYPT_OP). Get the capabilities when initializing
TDX context. It will be used to validate user's setting later.
Since there is no interface reporting how many cpuid configs contains in
KVM_TDX_CAPABILITIES, Q
For QEMU VMs,
- PKS is configured via CPUID_7_0_ECX_PKS, e.g., -cpu xxx,+pks and
- PMU is configured by x86cpu->enable_pmu, e.g., -cpu xxx,pmu=on
While the bit 30 (PKS) and bit 63 (PERFMON) of TD's attributes are also
used to configure the PKS and PERFMON/PMU of TD, reuse the existing
configu
From: Isaku Yamahata
For TDX KVM use case, Linux guest is the most major one. It requires
sept_ve_disable set. Make it default for the main use case. For other use
case, it can be enabled/disabled via qemu command line.
Signed-off-by: Isaku Yamahata
Signed-off-by: Xiaoyao Li
---
target/i38
After TDVF is loaded to bios MemoryRegion, it needs parse TDVF metadata.
Signed-off-by: Xiaoyao Li
Acked-by: Gerd Hoffmann
---
hw/i386/pc_sysfw.c | 7 +++
target/i386/kvm/tdx-stub.c | 5 +
target/i386/kvm/tdx.c | 5 +
target/i386/kvm/tdx.h | 3 +++
4 files changed,
Validate TD attributes with tdx_caps that only supported bits arer
allowed by KVM.
Besides, sanity check the attribute bits that have not been supported by
QEMU yet. e.g., debug bit, it will be allowed in the future when debug
TD support lands in QEMU.
Signed-off-by: Xiaoyao Li
Acked-by: Gerd Ho
From: Isaku Yamahata
TDX VM needs to boot with its specialized firmware, Trusted Domain
Virtual Firmware (TDVF). QEMU needs to parse TDVF and map it in TD
guest memory prior to running the TDX VM.
A TDVF Metadata in TDVF image describes the structure of firmware.
QEMU refers to it to setup memor
For TDs, only MSR_IA32_UCODE_REV in kvm_init_msrs() can be configured
by VMM, while the features enumerated/controlled by other MSRs except
MSR_IA32_UCODE_REV in kvm_init_msrs() are not under control of VMM.
Only configure MSR_IA32_UCODE_REV for TDs.
Signed-off-by: Xiaoyao Li
Acked-by: Gerd Hoff
TDX VM requires VM type to be KVM_X86_TDX_VM. Implement tdx_kvm_type()
as X86ConfidentialGuestClass->kvm_type.
Signed-off-by: Xiaoyao Li
---
Changes in v6:
- new added patch;
---
target/i386/kvm/kvm.c | 1 +
target/i386/kvm/tdx.c | 12
2 files changed, 13 insertions(+)
diff --git
Because for TDX case, there are also fixed-1 bits that enfored by TDX
module.
Signed-off-by: Xiaoyao Li
---
target/i386/confidential-guest.h | 20 ++--
target/i386/kvm/kvm.c| 2 +-
target/i386/sev.c| 4 ++--
3 files changed, 13 insertions(+), 13 dele
For TDX, the address below 1MB are entirely general RAM. No need to
initialize pc.rom memory region for TDs.
Signed-off-by: Xiaoyao Li
---
This is more as a workaround of the issue that for q35 machine type, the
real memslot update (which requires memslot deletion )for pc.rom happens
after tdx_in
From: Isaku Yamahata
TDVF firmware (CODE and VARS) needs to be copied to TD's private
memory via KVM_TDX_INIT_MEM_REGION, as well as TD HOB and TEMP memory.
If the TDVF section has TDVF_SECTION_ATTRIBUTES_MR_EXTEND set in the
flag, calling KVM_TDX_EXTEND_MEMORY to extend the measurement.
After
The TD HOB list is used to pass the information from VMM to TDVF. The TD
HOB must include PHIT HOB and Resource Descriptor HOB. More details can
be found in TDVF specification and PI specification.
Build the TD HOB in TDX's machine_init_done callback.
Co-developed-by: Isaku Yamahata
Signed-off-b
TDX architecture forcibly sets some CPUID bits for TD guest that VMM
cannot disable it. It also disallows some CPUID bits though they might
be supported for VMX VMs.
The fixed0 and fixed1 bits may vary on different TDX module and on
different host. It's a huge burden to maintain all combination. T
To do cgs specific feature checking. Note the feature checking in
x86_cpu_filter_features() is valid for non-cgs VMs. For cgs VMs like
TDX, what features can be supported has more restrictions.
Signed-off-by: Xiaoyao Li
---
target/i386/confidential-guest.h | 13 +
target/i386/kvm/kvm
Legacy PIC (8259) cannot be supported for TDX VMs since TDX module
doesn't allow directly interrupt injection. Using posted interrupts
for the PIC is not a viable option as the guest BIOS/kernel will not
do EOI for PIC IRQs, i.e. will leave the vIRR bit set.
Hence disable PIC for TDX VMs and erro
Because it's fixed1 bit that enforced by TDX module.
Signed-off-by: Xiaoyao Li
---
target/i386/kvm/tdx.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 58ea6a4d3156..bb75eb06dad9 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/
Add docs/system/i386/tdx.rst for TDX support, and add tdx in
confidential-guest-support.rst
Signed-off-by: Xiaoyao Li
---
Changes in v6:
- Add more information of "Feature configuration"
- Mark TD Attestation as future work because KVM now drops the support
of it.
Changes in v5:
- Add TD a
KVM neithers allow writing to MSR_IA32_APICBASE for TDs, nor allow for
KVM_SET_LAPIC[*].
Note, KVM_GET_LAPIC is also disallowed for TDX. It is called in the path
do_kvm_cpu_synchronize_state()
-> kvm_arch_get_registers()
-> kvm_get_apic()
and it's already disllowed for confidential gues
Integrate TDX's TDX_REPORT_FATAL_ERROR into QEMU GuestPanic facility
Originated-from: Isaku Yamahata
Signed-off-by: Xiaoyao Li
---
Changes in v6:
- change error_code of GuestPanicInformationTdx from uint64_t to
uint32_t, to only contains the bit 31:0 returned in r12.
Changes in v5:
- mention
TDX doesn't support SMM and VMM cannot emulate SMM for TDX VMs because
VMM cannot manipulate TDX VM's memory.
Disable SMM for TDX VMs and error out if user requests to enable SMM.
Signed-off-by: Xiaoyao Li
Acked-by: Gerd Hoffmann
---
target/i386/kvm/tdx.c | 9 +
1 file changed, 9 inser
Add UEFI definitions for literals, enums, structs, GUIDs, etc... that
will be used by TDX to build the UEFI Hand-Off Block (HOB) that is passed
to the Trusted Domain Virtual Firmware (TDVF).
All values come from the UEFI specification [1], PI spec [2] and TDVF
design guide[3].
[1] UEFI Specificat
This is the v7 series of TDX QEMU enabling. The series is also available
in github:
https://github.com/intel-staging/qemu-tdx/tree/tdx-qemu-upstream-v7
To boot TD guest, please always use the latest TDX module (1.5) and OVMF
available.
Note, this series has a dependency on
https://lore.kernel.org
1 - 100 of 345 matches
Mail list logo
