From nobody Wed Nov 27 09:44:02 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass  header.i=@intel.com;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=none dis=none)  header.from=intel.com
ARC-Seal: i=1; a=rsa-sha256; t=1700033151; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Cfez/eeKG/f2A+vhH2tIZ/8FMp70SJ5Z3OBQ5/f8t4/YMl9wAd6/z0apCbyAHY2Urs+Ty7bv8rjBAkw5jRgIwCgXY6tCUWv+wa13U11WFTHYdDPqzmLuwfcWmZAzSWPr4mB60y7MnIYxAOoz1DBXq9lQkNwvKLmvRaeEiUQOYJ0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1700033151;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=coS5oRt9B7eenIhWbS8tw0980OjmeHydeWPBAsa33gc=;
	b=mBYTngVx+BH7GyNvITFt9lvRE3HOH0l2TLLoDjJt4PxcRhy07Tx8pdDWhUTyHSOgpXBolTAnIXj2rnKN8bLUq/XNNKdHAljkWM3MfgR/9/jNG5am3JS1RUahNVMyJWtVCQ1ON2kUVP3sTq+tyNq+25UmzkrsmFqMSOf1t6DplQc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass  header.i=@intel.com;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<xiaoyao.li@intel.com> (p=none dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 170003315165487.48112359825427;
 Tue, 14 Nov 2023 23:25:51 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1r3AFq-0001V7-BM; Wed, 15 Nov 2023 02:24:06 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <xiaoyao.li@intel.com>)
 id 1r3AF6-0000pC-M2
 for qemu-devel@nongnu.org; Wed, 15 Nov 2023 02:23:21 -0500
Received: from mgamail.intel.com ([192.55.52.115])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <xiaoyao.li@intel.com>)
 id 1r3AF4-0006UX-Tk
 for qemu-devel@nongnu.org; Wed, 15 Nov 2023 02:23:20 -0500
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Nov 2023 23:23:17 -0800
Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52])
 by orsmga003.jf.intel.com with ESMTP; 14 Nov 2023 23:23:10 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1700032998; x=1731568998;
 h=from:to:cc:subject:date:message-id:in-reply-to:
 references:mime-version:content-transfer-encoding;
 bh=+ro+2ine6/iGzqXVJ4kIbyKXDnfwjCSieq/UEUCuaoE=;
 b=ntX2nhCTgj9Ss7l6E2pNeBAtF894jaWcoz6Iq0JBe/KHN7/1GquAgSpX
 OWb9RQKaDL+KOmkPhHiPYwiqlZGWpUaUOisyG68oIXyo2qOyQiIn9OWvP
 i+Fx+UI41ScwC5jDpBpKynoWbHbLYZHq2s3vfU+MEVSchfbMe/1HmHydC
 rmCXC3AXuialwTcomgg8bh+R644tFWtOFNjyBCzQhby/Zs2r/Bz/pPOLf
 VkH3bRQYjb3FAk40qtpwxApBLGtkpyQIhqzBWWOBTYh1B2sKbCsGnjJo1
 1JDWFUBsAxx08XtFPRUDkaEVtPB6q2Skhk5rfLmD98jf0V0IWZX62YOH5 g==;
X-IronPort-AV: E=McAfee;i="6600,9927,10894"; a="390623571"
X-IronPort-AV: E=Sophos;i="6.03,304,1694761200"; d="scan'208";a="390623571"
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10894"; a="714800368"
X-IronPort-AV: E=Sophos;i="6.03,304,1694761200"; d="scan'208";a="714800368"
From: Xiaoyao Li <xiaoyao.li@intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>, David Hildenbrand <david@redhat.com>,
 Igor Mammedov <imammedo@redhat.com>,
 "Michael S . Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Peter Xu <peterx@redhat.com>,
 =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>,
 Cornelia Huck <cohuck@redhat.com>,
 =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= <berrange@redhat.com>,
 Eric Blake <eblake@redhat.com>, Markus Armbruster <armbru@redhat.com>,
 Marcelo Tosatti <mtosatti@redhat.com>
Cc: qemu-devel@nongnu.org, kvm@vger.kernel.org, xiaoyao.li@intel.com,
 Michael Roth <michael.roth@amd.com>,
 Sean Christopherson <seanjc@google.com>,
 Claudio Fontana <cfontana@suse.de>, Gerd Hoffmann <kraxel@redhat.com>,
 Isaku Yamahata <isaku.yamahata@gmail.com>,
 Chenyi Qiang <chenyi.qiang@intel.com>
Subject: [PATCH v3 60/70] i386/tdx: Disable SMM for TDX VMs
Date: Wed, 15 Nov 2023 02:15:09 -0500
Message-Id: <20231115071519.2864957-61-xiaoyao.li@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20231115071519.2864957-1-xiaoyao.li@intel.com>
References: <20231115071519.2864957-1-xiaoyao.li@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=192.55.52.115;
 envelope-from=xiaoyao.li@intel.com;
 helo=mgamail.intel.com
X-Spam_score_int: -23
X-Spam_score: -2.4
X-Spam_bar: --
X-Spam_report: (-2.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 HK_RANDOM_ENVFROM=0.999, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @intel.com)
X-ZM-MESSAGEID: 1700033153211100006
Content-Type: text/plain; charset="utf-8"

TDX doesn't support SMM and VMM cannot emulate SMM for TDX VMs because
VMM cannot manipulate TDX VM's memory.

Disable SMM for TDX VMs and error out if user requests to enable SMM.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
---
 target/i386/kvm/tdx.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 23504ba3b05e..45b587ee07c2 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -686,11 +686,19 @@ static Notifier tdx_machine_done_notify =3D {
=20
 int tdx_kvm_init(MachineState *ms, Error **errp)
 {
+    X86MachineState *x86ms =3D X86_MACHINE(ms);
     TdxGuest *tdx =3D TDX_GUEST(OBJECT(ms->cgs));
     int r =3D 0;
=20
     ms->require_guest_memfd =3D true;
=20
+    if (x86ms->smm =3D=3D ON_OFF_AUTO_AUTO) {
+        x86ms->smm =3D ON_OFF_AUTO_OFF;
+    } else if (x86ms->smm =3D=3D ON_OFF_AUTO_ON) {
+        error_setg(errp, "TDX VM doesn't support SMM");
+        return -EINVAL;
+    }
+
     if (!tdx_caps) {
         r =3D get_tdx_capabilities(errp);
         if (r) {
--=20
2.34.1