In realm state, stage-2 translation tables are fetched from the realm
physical address space (R_PGRQD).
Signed-off-by: Jean-Philippe Brucker
---
target/arm/ptw.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
index d1de934702
This causes
problems with RMM, which issues TLBI VAE2IS instructions with
HCR_EL2.E2H enabled. Update vae2_tlbmask() to take HCR_EL2.E2H into
account.
Signed-off-by: Jean-Philippe Brucker
---
target/arm/helper.c | 26 ++
1 file changed, 18 insertions(+), 8 deletions(-)
.
Rename get_phys_addr_with_secure(), since it's only used to handle AT
instructions.
Signed-off-by: Jean-Philippe Brucker
---
This incidentally fixes a problem with AT S1E1 instructions which can
output an IPA and should definitely not cause a GPC.
---
target/arm/internals.h
When FEAT_RME is implemented, these bits override the value of
CNT[VP]_CTL_EL0.IMASK in Realm and Root state.
Signed-off-by: Jean-Philippe Brucker
---
target/arm/helper.c | 21 +++--
1 file changed, 19 insertions(+), 2 deletions(-)
diff --git a/target/arm/helper.c b/target/arm
().
Signed-off-by: Jean-Philippe Brucker
---
I haven't tested AT instructions in Realm/Root space yet, but it looks
like the patch is needed. RMM doesn't issue AT instructions like KVM
does in non-secure state (which triggered the bug in the previous
patch).
---
target/arm/intern
Linux host fails to boot because hyp-stub accesses to SME
regs are trapped to EL3, which doesn't support RME+SME at the moment.
The right fix is probably in TF-A but I haven't investigated yet.
Jean-Philippe Brucker (5):
target/arm/ptw: Load stage-2 tables from realm physical space
2180 ("virtio-iommu: Fix 64kB host page size VFIO device
> assignment")
Reviewed-by: Jean-Philippe Brucker
> ---
> hw/virtio/virtio-iommu.c | 8 +---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/hw/virtio/virtio-iommu.c b/hw/virtio/virtio-io
On Thu, Jul 20, 2023 at 01:05:58PM +0100, Peter Maydell wrote:
> On Wed, 19 Jul 2023 at 16:56, Jean-Philippe Brucker
> wrote:
> >
> > With these patches I'm able to boot a Realm guest under
> > "-cpu max,x-rme=on". They are based on Peter's series wh
On Thu, Jul 20, 2023 at 05:35:49PM +0100, Peter Maydell wrote:
> On Wed, 19 Jul 2023 at 16:56, Jean-Philippe Brucker
> wrote:
> >
> > When HCR_EL2.E2H is enabled, TLB entries are formed using the EL2&0
> > translation regime, instead of the EL2 translation regime. Th
On Thu, Jul 20, 2023 at 05:39:56PM +0100, Peter Maydell wrote:
> On Wed, 19 Jul 2023 at 16:56, Jean-Philippe Brucker
> wrote:
> >
> > GPC checks are not performed on the output address for AT instructions,
> > as stated by ARM DDI 0487J in D8.12.2:
> >
> >
().
Signed-off-by: Jean-Philippe Brucker
Reviewed-by: Peter Maydell
---
target/arm/internals.h | 18 +-
target/arm/helper.c| 27 ---
target/arm/ptw.c | 12 ++--
3 files changed, 27 insertions(+), 30 deletions(-)
diff --git a/target/arm
This causes
problems with RMM, which issues TLBI VAE2IS instructions with
HCR_EL2.E2H enabled. Update vae2_tlbmask() to take HCR_EL2.E2H into
account.
Add vae2_tlbbits() as well, since the top-byte-ignore configuration is
different between the EL2&0 and EL2 regime.
Signed-off-by: Jean-Philippe
add a new
trace event for gt_update_irq().
Signed-off-by: Jean-Philippe Brucker
---
target/arm/cpu.h| 3 +++
target/arm/helper.c | 54 -
target/arm/trace-events | 7 +++---
3 files changed, 50 insertions(+), 14 deletions(-)
diff --git a/targe
.
Rename get_phys_addr_with_secure(), since it's only used to handle AT
instructions.
Signed-off-by: Jean-Philippe Brucker
Reviewed-by: Peter Maydell
---
target/arm/internals.h | 25 ++---
target/arm/helper.c| 8 ++--
target/arm/ptw.c | 11 ++-
3
In realm state, stage-2 translation tables are fetched from the realm
physical address space (R_PGRQD).
Signed-off-by: Jean-Philippe Brucker
---
target/arm/ptw.c | 26 ++
1 file changed, 18 insertions(+), 8 deletions(-)
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
The AT instruction is UNDEFINED if the {NSE,NS} configuration is
invalid. Add a function to check this on all AT instructions that apply
to an EL lower than 3.
Suggested-by: Peter Maydell
Signed-off-by: Jean-Philippe Brucker
---
target/arm/helper.c | 36 +---
1
a new
function, which is a bit invasive but seems cleaner.
v1:
https://lore.kernel.org/qemu-devel/20230719153018.1456180-2-jean-phili...@linaro.org/
Jean-Philippe Brucker (6):
target/arm/ptw: Load stage-2 tables from realm physical space
target/arm/helper: Fix tlbmask and tlbbits for TLBI
On Wed, Feb 21, 2024 at 11:41:57AM +0100, Eric Auger wrote:
> Hi,
>
> On 2/13/24 13:00, Michael S. Tsirkin wrote:
> > On Tue, Feb 13, 2024 at 12:24:22PM +0100, Eric Auger wrote:
> >> Hi Michael,
> >> On 2/13/24 12:09, Michael S. Tsirkin wrote:
> >>> On Tue, Feb 13, 2024 at 11:32:13AM +0100, Eric A
Hi Eric,
On Tue, Jan 23, 2024 at 07:15:54PM +0100, Eric Auger wrote:
> In [1] and [2] we attempted to fix a case where a VFIO-PCI device
> protected with a virtio-iommu is assigned to an x86 guest. On x86
> the physical IOMMU may have an address width (gaw) of 39 or 48 bits
> whereas the virtio-io
On Mon, Jan 29, 2024 at 03:07:41PM +0100, Eric Auger wrote:
> Hi Jean-Philippe,
>
> On 1/29/24 13:23, Jean-Philippe Brucker wrote:
> > Hi Eric,
> >
> > On Tue, Jan 23, 2024 at 07:15:54PM +0100, Eric Auger wrote:
> >> In [1] and [2] we attempted to fix a case wh
On Mon, Jan 29, 2024 at 05:38:55PM +0100, Eric Auger wrote:
> > There may be a separate argument for clearing bypass. With a coldplugged
> > VFIO device the flow is:
> >
> > 1. Map the whole guest address space in VFIO to implement boot-bypass.
> >This allocates all guest pages, which takes a w
Hi Eric,
On Thu, Feb 01, 2024 at 05:32:22PM +0100, Eric Auger wrote:
> aw-bits is a new option that allows to set the bit width of
> the input address range. This value will be used as a default for
> the device config input_range.end. By default it is set to 64 bits
> which is the current value.
On Thu, Feb 08, 2024 at 09:16:35AM +0100, Eric Auger wrote:
> >> diff --git a/hw/virtio/virtio-iommu.c b/hw/virtio/virtio-iommu.c
> >> index ec2ba11d1d..7870bdbeee 100644
> >> --- a/hw/virtio/virtio-iommu.c
> >> +++ b/hw/virtio/virtio-iommu.c
> >> @@ -1314,7 +1314,11 @@ static void virtio_iommu_dev
r machines older than 9.0 to behave similarly. We use
> hw_compat_8_2 to acheive that goal.
For the series:
Reviewed-by: Jean-Philippe Brucker
>
> Outstanding series [2] remains useful to let resv regions beeing
> communicated on time before the probe request.
>
> [1] [PATCH
The confidential guest support in KVM limits the number of registers
that we can read and write. Split the get/put_registers function to
prepare for it.
Signed-off-by: Jean-Philippe Brucker
---
target/arm/kvm.c | 30 --
1 file changed, 28 insertions(+), 2 deletions
in following patches.
Cc: Eric Blake
Cc: Markus Armbruster
Cc: Daniel P. Berrangé
Cc: Eduardo Habkost
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
Signed-off-by: Jean-Philippe Brucker
---
docs/system/confidential-guest-support.rst | 1 +
qapi/qom.json
When RME is enabled, the upper GPA bit is used to distinguish protected
from unprotected addresses. Reserve it when setting up the guest memory
map.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: separate patch
---
hw/arm/virt.c | 14 --
1 file changed, 12 insertions(+)
to probe the VM's
capabilities.
KVM only reports the maximum IPA it supports, but RMM may support
smaller sizes. If the VM creation fails with the value returned by KVM,
then retry with the smaller working address. This needs a better
solution.
Signed-off-by: Jean-Philippe Brucker
---
targe
When confidential-guest-support is enabled for the virt machine, call
the RME init function, and add the RME flag to the VM type.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2:
* Don't explicitly disable steal_time, it's now done through KVM capabilities
* Split patch
---
hw/ar
. Berrangé
Cc: Eduardo Habkost
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: Move parsing early, store as-is rather than reverted
---
qapi/qom.json| 15 +-
target/arm/kvm-rme.c | 111 +++
2 files changed, 125 insertions(+), 1 delet
kernel.org/kvm/875ybi0ytc@redhat.com/
[3] https://github.com/torvalds/linux/commit/92b591a4c46b
Cc: Marcelo Tosatti
Cc: Nicholas Piggin
Cc: Daniel Henrique Barboza
Cc: qemu-...@nongnu.org
Suggested-by: Cornelia Huck
Signed-off-by: Jean-Philippe Brucker
---
v1:
https://lore.kernel.org/
Returning an error to kvm_init() is fatal anyway, no need to continue
the initialization.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: new
---
target/arm/kvm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 3371ffa
/20240322181116.1228416-1-pbonz...@redhat.com/
Jean-Philippe Brucker (22):
kvm: Merge kvm_check_extension() and kvm_vm_check_extension()
target/arm: Add confidential guest support
target/arm/kvm: Return immediately on error in kvm_arch_init()
target/arm/kvm-rme: Initialize realm
hw/arm/virt: Add support
e any
information to the host, hence will not store its variables in clear
persistent memory. We can therefore replace the flash device with RAM,
and load the firmware there.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: new
---
include/hw/arm/boot.h | 9 +
hw/arm/boot.c
se ms->require_guest_memfd is not yet
merged.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: new
---
target/arm/kvm-rme.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/target/arm/kvm-rme.c b/target/arm/kvm-rme.c
index 8f39e54aaa..71cc1d4147 100644
--- a/target/arm/kvm-rme.c
+++ b/target/arm/kvm-rme.
Add a "num-pmu-counters" CPU parameter to configure the number of
counters that KVM presents to the guest. This is needed for Realm VMs,
whose parameters include the number of PMU counters and influence the
Realm Initial Measurement.
Signed-off-by: Jean-Philippe Brucker
---
v
ine->cgs member.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: new
---
hw/arm/virt.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index eca9a96b5a..bed19d0b79 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -2071,6 +2071,8
Collect the images copied into guest RAM into a sorted list, and issue
POPULATE_REALM KVM ioctls once we've created the Realm Descriptor. The
images are part of the Realm Initial Measurement.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: Use a ROM loader notifier
---
target/arm/k
attestation.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: new
---
include/hw/loader.h | 15 +++
hw/core/loader.c| 15 +++
2 files changed, 30 insertions(+)
diff --git a/include/hw/loader.h b/include/hw/loader.h
index 8685e27334..79fab25dd9 100644
--- a/include
and
watchpoints, and influence the Realm Initial Measurement.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: new
---
target/arm/cpu.h | 4 ++
target/arm/kvm_arm.h | 2 +
target/arm/arm-qmp-cmds.c | 1 +
target/arm/cpu64.c| 77 ++
KVM_GET_REG_LIST.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: only do the GP regs, since they are sync'd explicitly. Other
registers use the existing reglist facility.
---
target/arm/cpu.h | 3 +++
target/arm/kvm_arm.h | 1 +
target/arm/kvm-rme.c | 10
target/arm/kvm.c
which point the realm is sealed.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2:
* Use g_assert_not_reached() in stubs
* Init from kvm_arch_init() rather than hw/arm/virt
* Cache rme_guest
---
target/arm/kvm_arm.h | 16 +++
target/arm/kvm-rme.c |
pport acceleration via FEAT_SHA256 (Armv8.0) and not FEAT_SHA512
(Armv8.2). Future CPUs supporting RME are likely to also support
FEAT_SHA512.
Cc: Eric Blake
Cc: Markus Armbruster
Cc: Daniel P. Berrangé
Cc: Eduardo Habkost
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: use enum, pick
regression of 2.8ms on a fast desktop,
5.7% of the QEMU setup time). On a slower host, the regression could be
much larger.
Instead, add a special case to initialize the kernel's BSS IPA range.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: new
---
target/arm/kvm_arm.h | 5 +
hw/ar
The host cannot access registers of a Realm. Instead of showing all
registers as zero in "info registers", display a message about this
restriction.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: new
---
target/arm/cpu.c | 5 +
1 file changed, 5 insertions(+)
diff --git
EMU to crash with a bus error.
Handle reboot requests by the guest more gracefully, by indicating to
runstate.c that the vCPUs of a Realm are not resettable, and that QEMU
should exit.
Reviewed-by: Richard Henderson
Signed-off-by: Jean-Philippe Brucker
---
target/arm/kvm.c | 3 ++-
1 file chan
Currently the feature is automatically enabled, unless the user disables
it on the command-line. Change it to OnOffAuto, and automatically
disable it for confidential VMs, unless the user explicitly enables it.
Signed-off-by: Jean-Philippe Brucker
---
v1->v2: separate patch, use OnOffAuto
--
On Fri, Apr 19, 2024 at 05:25:12PM +0100, Daniel P. Berrangé wrote:
> On Fri, Apr 19, 2024 at 04:56:50PM +0100, Jean-Philippe Brucker wrote:
> > Add a new RmeGuest object, inheriting from ConfidentialGuestSupport, to
> > support the Arm Realm Management Extension (RME). It is
Hi Eric,
On Fri, Nov 22, 2019 at 07:29:25PM +0100, Eric Auger wrote:
> +typedef struct VirtIOIOMMU {
> +VirtIODevice parent_obj;
> +VirtQueue *req_vq;
> +VirtQueue *event_vq;
> +struct virtio_iommu_config config;
> +uint64_t features;
> +uint64_t acked_features;
We already
On Fri, Nov 22, 2019 at 07:29:26PM +0100, Eric Auger wrote:
> This patch adds the command payload decoding and
> introduces the functions that will do the actual
> command handling. Those functions are not yet implemented.
>
> Signed-off-by: Eric Auger
Reviewed-by: Jean-Philippe
Two small things below, but looks good overall
Reviewed-by: Jean-Philippe Brucker
On Fri, Nov 22, 2019 at 07:29:27PM +0100, Eric Auger wrote:
> +static AddressSpace *virtio_iommu_find_add_as(PCIBus *bus, void *opaque,
> + int
On Fri, Nov 22, 2019 at 07:29:28PM +0100, Eric Auger wrote:
> +typedef struct viommu_domain {
> +uint32_t id;
> +GTree *mappings;
> +QLIST_HEAD(, viommu_endpoint) endpoint_list;
> +} viommu_domain;
> +
> +typedef struct viommu_endpoint {
> +uint32_t id;
> +viommu_domain *domain;
On Fri, Nov 22, 2019 at 07:29:29PM +0100, Eric Auger wrote:
> diff --git a/hw/virtio/virtio-iommu.c b/hw/virtio/virtio-iommu.c
> index 235bde2203..138d5b2a9c 100644
> --- a/hw/virtio/virtio-iommu.c
> +++ b/hw/virtio/virtio-iommu.c
> @@ -77,11 +77,12 @@ static gint interval_cmp(gconstpointer a, gcon
On Fri, Nov 22, 2019 at 07:29:30PM +0100, Eric Auger wrote:
> @@ -238,10 +244,35 @@ static int virtio_iommu_map(VirtIOIOMMU *s,
> uint64_t virt_start = le64_to_cpu(req->virt_start);
> uint64_t virt_end = le64_to_cpu(req->virt_end);
> uint32_t flags = le32_to_cpu(req->flags);
> +v
On Fri, Nov 22, 2019 at 07:29:31PM +0100, Eric Auger wrote:
> This patch implements the translate callback
>
> Signed-off-by: Eric Auger
Reviewed-by: Jean-Philippe Brucker
On Fri, Nov 22, 2019 at 07:29:32PM +0100, Eric Auger wrote:
> @@ -443,6 +489,8 @@ static IOMMUTLBEntry
> virtio_iommu_translate(IOMMUMemoryRegion *mr, hwaddr addr,
> if (!ep) {
> if (!bypass_allowed) {
> error_report_once("%s sid=%d is not known!!", __func__, sid);
> +
On Fri, Nov 22, 2019 at 07:29:33PM +0100, Eric Auger wrote:
> This patch adds virtio-iommu-pci, which is the pci proxy for
> the virtio-iommu device.
>
> Signed-off-by: Eric Auger
Reviewed-by: Jean-Philippe Brucker
On Fri, Nov 22, 2019 at 07:29:37PM +0100, Eric Auger wrote:
> +for (i = 0; i < s->nb_reserved_regions; i++) {
> +if (interval.low >= s->reserved_regions[i].low &&
> +interval.low <= s->reserved_regions[i].high) {
> +switch (s->reserved_regions[i].type) {
> +
On Fri, Nov 22, 2019 at 07:29:38PM +0100, Eric Auger wrote:
> The machine may need to pass reserved regions to the
> virtio-iommu-pci device (such as the MSI window on x86).
> So let's add an array of Interval properties.
>
> Signed-off-by: Eric Auger
Reviewed-by: Jean-Philippe Brucker
in VirtIOIOMMU
then, except for acked_features, which (as I pointed out on another patch)
seems redundant anyway since there is vdev->guest_features.
Reviewed-by: Jean-Philippe Brucker
> +VMSTATE_END_OF_LIST()
> +},
> +};
> +
> +
> static cons
gions,
> - qdev_prop_interval, Interval),
Belongs in patch 10?
Apart from that
Reviewed-by: Jean-Philippe Brucker
> + * The output IORT node is the ITS group node (the first node).
> + */
> +fill_iort_idmap(smmu->id_mapping_array, 0, 0, 0x, 0,
nit: the other calls use uppercase hex digits
Reviewed-by: Jean-Philippe Brucker
On Fri, Nov 22, 2019 at 07:29:36PM +0100, Eric Auger wrote:
> This patch implements the PROBE request. At the moment,
> no reserved regions are returned as none are registered
> per device. Only a NONE property is returned.
>
> Signed-off-by: Eric Auger
Reviewed-by: Jean-Philippe Brucker
ace 0x0-0x1 in the ITS group.
>
> The iommu RID is excluded as described in virtio-iommu
> specification.
>
> Signed-off-by: Eric Auger
Reviewed-by: Jean-Philippe Brucker
Although VIOT changes the layout of the IORT node slightly, the
implementation should stay pretty much the same.
, but this looks OK.
Reviewed-by: Jean-Philippe Brucker
n the registers keeping
their state across reset. Linux for example, relies on this for
GuestPageSize in the legacy MMIO tranport.
Fixes: 44e687a4d9ab ("virtio-mmio: implement modern (v2) personality
(virtio-1)")
Signed-off-by: Jean-Philippe Brucker
---
This fixes kexec of a Linux gues
Hi Eric,
On Fri, Feb 07, 2020 at 10:32:00AM +0100, Eric Auger wrote:
> At the moment, the kernel only supports device tree
> integration of the virtio-iommu. DT bindings between the
> PCI root complex and the IOMMU must be created by the machine
> in conformance to:
>
> Documentation/devicetree/b
On Fri, Feb 07, 2020 at 11:51:55AM +0100, Auger Eric wrote:
> Hi,
>
> On 2/7/20 11:23 AM, Michael S. Tsirkin wrote:
> > On Fri, Feb 07, 2020 at 10:32:00AM +0100, Eric Auger wrote:
> >> At the moment, the kernel only supports device tree
> >> integration of the virtio-iommu. DT bindings between the
Hi,
On Mon, Jan 09, 2023 at 10:11:19PM +0100, Eric Auger wrote:
> > Jean, do you have any idea about how to fix that? Do you think we have a
> > trouble in the acpi/viot setup or virtio-iommu probe sequence. It looks
> > like virtio probe and attach commands are called too early, before the
> > bu
On Fri, Jan 13, 2023 at 10:57:00AM -0700, Alex Williamson wrote:
> On Fri, 13 Jan 2023 12:39:18 +
> Jean-Philippe Brucker wrote:
>
> > Hi,
> >
> > On Mon, Jan 09, 2023 at 10:11:19PM +0100, Eric Auger wrote:
> > > > Jean, do you have any idea about
Hi Eric,
On Mon, Jan 16, 2023 at 07:47:09AM -0500, Eric Auger wrote:
[...]
> once we attempt to plug such devices downstream to the pcie-to-pci
> bridge, those devices are put in a singleton group. The pcie-to-pci
> bridge disappears from the radar (not attached to any group), and the
> pcie root
On Wed, Jan 18, 2023 at 11:28:32AM -0700, Alex Williamson wrote:
> The VT-d spec[2](8.3.1) has a more elegant solution using a path
> described in a device scope, based on a root bus number (not
> susceptible to OS renumbering) and a sequence of devfns to uniquely
> describe a hierarchy or endpoint
On Fri, Jan 20, 2023 at 03:50:18PM +, Robin Murphy wrote:
> On 2023-01-20 15:28, Jean-Philippe Brucker wrote:
>
> For some reason this came through as blank mail with a text attachment,
Ugh sorry about that, looks like I hit ^D in mutt before sending
> so apologies for the lac
Although the VM type does not affect values probed from the scratch vCPU
at the moment, it could later. Ensure we specify the right type when
creating the temporary VM.
Signed-off-by: Jean-Philippe Brucker
---
Does the PA size need changing as well?
---
target/arm/kvm.c | 5 -
1 file
pend 'console=ttyAMA0 earlycon'
-overcommit mem-lock=on
A branch with these patches is available at [3].
[1] https://lore.kernel.org/kvm/20230127112248.136810-1-suzuki.poul...@arm.com/
[2]
https://lore.kernel.org/qemu-devel/20221202061347.1070246-1-chao.p.p...@linux.intel.com/
[3] https://jpbrucke
The Realm configuration takes a SVE enable and vector length parameter.
We cannot reuse the -cpu SVE parameters for this because that
information is needed at Realm Descriptor creation which must happen
before VCPU creation.
Signed-off-by: Jean-Philippe Brucker
---
qapi/qom.json| 5
, though that
might be wasteful in terms of stage-2 mappings if the guest is not going
to use all that RAM.
Signed-off-by: Jean-Philippe Brucker
---
hw/arm/boot.c | 10 --
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index 15c2bf1867..115d3f5dcc
in following patches.
Signed-off-by: Jean-Philippe Brucker
---
docs/system/confidential-guest-support.rst | 1 +
qapi/qom.json | 3 +-
target/arm/kvm-rme.c | 48 ++
target/arm/meson.build | 7 +++-
4
reads should be fine. Flash on the other hand, is used for the
firmware and needs to be both executable and measured. It may be
necessary to replace flash with RAM in order to run firmwares like edk2
in realms.
Signed-off-by: Jean-Philippe Brucker
---
include/sysemu/kvm.h | 2 ++
accel/kvm/kvm
at the end, at which point the realm is sealed.
Signed-off-by: Jean-Philippe Brucker
---
target/arm/kvm_arm.h | 14 ++
target/arm/kvm-rme.c | 101 +++
2 files changed, 115 insertions(+)
diff --git a/target/arm/kvm_arm.h b/target/arm/kvm_arm.h
index
The confidential guest support in KVM limits the number of registers
that we can read and write. Split the get/put_registers function to
prepare for it.
Signed-off-by: Jean-Philippe Brucker
---
target/arm/kvm64.c | 30 --
1 file changed, 28 insertions(+), 2 deletions
EMU to crash with a bus error.
Handle reboot requests by the guest more gracefully, by indicating to
runstate.c that the vCPUs of a Realm are not resettable, and that QEMU
should exit.
Signed-off-by: Jean-Philippe Brucker
---
target/arm/kvm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
located in high memory can still fit.
* pvtime is disabled for the moment. Since the hypervisor has to write
into the shared pvtime page before scheduling a vcpu, it seems
incompatible with confidential guests.
Signed-off-by: Jean-Philippe Brucker
---
hw/arm/virt.c | 48
The target code calls kvm_arm_vcpu_init() to mark the vCPU as part of a
realm. RME support does not use the register lists, because the host can
only set the boot PC and registers x0-x7. The rest is private to the
Realm and saved/restored by the RMM.
Signed-off-by: Jean-Philippe Brucker
This option selects which measurement algorithm to use for attestation.
Supported values are sha256 and sha512.
Signed-off-by: Jean-Philippe Brucker
---
qapi/qom.json| 14 -
target/arm/kvm-rme.c | 71
2 files changed, 84 insertions
Copy the KVM definitions for Arm RME from the development branch.
Don't merge, they will be added from the periodic Linux header sync.
Signed-off-by: Jean-Philippe Brucker
---
linux-headers/asm-arm64/kvm.h | 63 +++
linux-headers/linux/kvm.h
The Realm Personalization Value (RPV) is provided by the user to
distinguish Realms that have the same initial measurement.
The user provides a 512-bit hexadecimal number.
Signed-off-by: Jean-Philippe Brucker
---
qapi/qom.json| 5 ++-
target/arm/kvm-rme.c | 72
Initialize the GPA space and populate it with boot images (kernel,
initrd, firmware, etc). Populating has to be done at VM start time,
because the images are loaded during reset by rom_reset()
Signed-off-by: Jean-Philippe Brucker
---
target/arm/kvm_arm.h | 6
target/arm/kvm-rme.c | 79
Pass the num_cntrs parameter to Realm creation. These parameters
contribute to the initial Realm measurement.
Signed-off-by: Jean-Philippe Brucker
---
qapi/qom.json| 5 -
target/arm/kvm-rme.c | 21 -
2 files changed, 24 insertions(+), 2 deletions(-)
diff --git
Pass the num_bps and num_wps parameters to Realm creation. These
parameters contribute to the initial Realm measurement.
Signed-off-by: Jean-Philippe Brucker
---
qapi/qom.json| 8 +++-
target/arm/kvm-rme.c | 34 +-
2 files changed, 40 insertions
the i386/pc maintainers
> to do the same for PATCH 2.
Both fixes have been merged in v6.2 (9dad363a223d and 739b38630c45)
Thanks,
Jean
>
> Jean-Philippe Brucker writes:
>
> > Since commit d8fb7d0969d5 ("vl: switch -M parsing to keyval"), machine
> > parameter
rnel.org/kvmarm/20230201125328.2186498-1-jean-phili...@linaro.org/
I've been using these patches for pKVM, and also tested the normal stage-2
flow with Linux and VFIO
Tested-by: Jean-Philippe Brucker
Hi,
On Wed, Jun 22, 2022 at 12:20:45PM +0200, Eric Auger wrote:
> Hi,
>
> On 6/17/22 08:20, Zhenzhong Duan wrote:
> > The structure of probe request doesn't include the tail, this leads
> > to a few field missed to be copied. Currently this isn't an issue as
> > those missed field belong to reser
On Wed, Jun 22, 2022 at 02:22:18PM +0200, Eric Auger wrote:
> >> the spec is pretty confusing here though (virtio-v1.2-csd01.pdf) as it
> >> presents the struct as follows:
> >>
> >> struct virtio_iommu_req_probe {
> >> struct virtio_iommu_req_head head;
> >> /* Device-readable */
> >> le32 endpoin
On Thu, Jun 23, 2022 at 01:40:58AM +, Duan, Zhenzhong wrote:
>
>
> >-Original Message-----
> >From: Jean-Philippe Brucker
> >Sent: Wednesday, June 22, 2022 9:58 PM
> >To: Eric Auger
> >Cc: Duan, Zhenzhong ; qemu-
> >de...@nongnu.org; m...@re
field will be used in the future.
>
> Changed 4th parameter of virtio_iommu_iov_to_req() to receive size
> of device-readable part.
>
> Fixes: 1733eebb9e75b ("virtio-iommu: Implement RESV_MEM probe request")
> Signed-off-by: Zhenzhong Duan
Reviewed-by: Jean-Phil
Hello,
On Thu, Apr 13, 2023 at 01:49:43PM +0900, Akihiko Odaki wrote:
> Hi,
>
> Recently I encountered a problem with the combination of Linux's
> virtio-iommu driver and QEMU when a SR-IOV virtual function gets disabled.
> I'd like to ask you what kind of solution is appropriate here and impleme
On Thu, Apr 13, 2023 at 08:01:54PM +0900, Akihiko Odaki wrote:
> Yes, that's right. The guest can dynamically create and delete VFs. The
> device is emulated by QEMU: igb, an Intel NIC recently added to QEMU and
> projected to be released as part of QEMU 8.0.
Ah great, that's really useful, I'll a
kernel.org/kvm/875ybi0ytc@redhat.com/
[3] https://github.com/torvalds/linux/commit/92b591a4c46b
Suggested-by: Cornelia Huck
Signed-off-by: Jean-Philippe Brucker
---
include/sysemu/kvm.h | 2 --
include/sysemu/kvm_int.h | 1 +
accel/kvm/kvm-all.c | 26 +-
targe
On Mon, Apr 24, 2023 at 03:01:54PM +0200, Cornelia Huck wrote:
> > @@ -2480,6 +2471,7 @@ static int kvm_init(MachineState *ms)
> > }
> >
> > s->vmfd = ret;
> > +s->check_extension_vm = kvm_check_extension(s,
> > KVM_CAP_CHECK_EXTENSION_VM);
>
> Hm, it's a bit strange to set s->che
1 - 100 of 503 matches
Mail list logo
