From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765551912; cv=none;
	d=zohomail.com; s=zohoarc;
	b=FmjUU5Sad2AhzsJL1kBrbF6zUCa/MFL/bhxh8XEFiScBS3PLmH3Xd6k3Bq1IXm7tHfGQYhLngICFY4lJGkQ0dFkKQGA6GFtYxl0weFDU+A7n5Tk64CsNXjRuX+cz/OSdgjtISiQCbvScNaWWQO/4+lsdTVMMlmn15tcITPHmH7U=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765551912;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=d+6NaZj6uCcfjgVjpMn6N6VF0Wu9Lu6jAdnQUGrVPW0=;
	b=NzQzc67ifJiVXsIIzVFIhEwPRT+ko16aE3OAOQaIVLYV7suIZRegczyXPZveW0WFPAi9O3kr3dzdLJ338L3iH45OEKxsIGrWi278xewl6MoRIA4Gg2Uv8hLNdkuO4QnyukDm7+IkxzHyZUAyjocnT3WQHXzHv0ySy8S4zV18RL0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765551912764711.7528638677991;
 Fri, 12 Dec 2025 07:05:12 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hF-0001os-FG; Fri, 12 Dec 2025 10:04:44 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4h8-0001lx-JU
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:35 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4h6-0005c6-T1
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:34 -0500
Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com
 [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-306-pFRA2Vd1NS6LV40gbHjMxg-1; Fri, 12 Dec 2025 10:04:27 -0500
Received: by mail-pl1-f199.google.com with SMTP id
 d9443c01a7336-2956cdcdc17so14640055ad.3
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:04:27 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.22
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551870;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=d+6NaZj6uCcfjgVjpMn6N6VF0Wu9Lu6jAdnQUGrVPW0=;
 b=hY/xserBZpUR1J8nJY3qt+gcp0FFDT/KMqVfVbMd2iy8oV67GtwT9B5MVc3zX+K3V38mQ5
 8mjyj0VL1weNPC/S/7WZfge73TdRjobS+8mXKnfi60waP7RXwSZKaWxeDr5bt+qm18kmuI
 Abl6r0bAdkA33kz+6g4Nqm/Xq5mtGNM=
X-MC-Unique: pFRA2Vd1NS6LV40gbHjMxg-1
X-Mimecast-MFC-AGG-ID: pFRA2Vd1NS6LV40gbHjMxg_1765551866
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551866; x=1766156666; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=d+6NaZj6uCcfjgVjpMn6N6VF0Wu9Lu6jAdnQUGrVPW0=;
 b=IU7MwHK1MROYo9GsqHIrFsKXa9uGZDvolYeqp46ze6O1Iw7Y2ElTUYRR88N3/SQTUT
 ymQqxBxy5ka1+MlC1RPv+i98PFX52jmHi8bUtAAIoM/gPFgkE3EWcPrm9aYp7I1HWw89
 Ce94001zA6Q/MvWovHJX/79hx98AcYhkOiMZC2old3M3swALUusJ4LC2Bs4c3bUWhS2c
 VArODtlT3TrT1LEIoIkn4niVR/IKVTabASVscbj6j+rmZYSPdZ7YFGPmQeVvqaLIcwFh
 hB5rrUG+Ldt9pH1KxG5lT24ZA1Pn8vJscfgxdxa32V5deGursT8Yg7EqRfqatDnRSYgA
 0UDw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551866; x=1766156666;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=d+6NaZj6uCcfjgVjpMn6N6VF0Wu9Lu6jAdnQUGrVPW0=;
 b=tGzW6wU1YIHJaWskViu+IJZZ96FunyhVUiYCzke9NattZZ7cFzD/6YmSrWqaojtmAl
 rX5+tpM7n+pKMRdqdsbv1WOxB4gaetXrJBm/8WIdG7fOJITNzeWoRVgD2DY2/Sc8/UZr
 AWE2KwaVs2u6yiwuqDRkXF3nEMIVqDNiBhJggqyQAMJ2IX3MyzTNca3UUOtoj5PfK51o
 +ZB60OeCqKWSx/jS66ZkJf60cGqKJGpR8/cm1EVN9PgB/aLpKNbaUcw+tLvkmsNHFKIS
 kaVGJj4/9R1eogqz6F/7hn0toHkRven/+5ohc0i0VJGZFuaOD4o8cD27mSxFdfykFPPm
 81RQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCW0K0xAoCpoVxuDHpwdWM+mkpMUsr2uUIZLUtuciYbgeGpuFdy8zEMmk6TAHmOwKkMhP9URbthn7k+3@nongnu.org
X-Gm-Message-State: AOJu0YyRafJcVjqfHPKwjQtOSW0pzRCkFer3luhaY5/x9XKEuLJPSKMK
 lDZ65OyA7HWGGmOmywiOSBBe4v1u3XXXjr6dhVHtDVDqMIkJeeKylSQ6IasN2YRwvAJ3xPTl1vt
 zJO3Et+m+QoIhOh1Ndnv831XRd3tdeK2+lJGDR8zMrAlXWR22tAKOc8ce
X-Gm-Gg: AY/fxX7DLndv2QzGNPIUuhdZNF+H3U/nwz3ld18nmfu/HPkJc3Dep6khQD4T+gxsnW4
 f/aOqRymOjHt21ov6P5wyfE7xVJNr7Lujfb6MAs4H1TELnTqP8iLjpmnjpvuJGUsNkcPUsJ7pBS
 TDAFC+eyyURjQqS8m3yOASMh3UuzQxv4bEBWdaNvfytme2vrOg+PBYf0ZM+FZzrIRwGL720OgQO
 SmmCZOCCZRoVN58kVcri5aJsl7khFxLGTlo+e2PW6srgrENvIY7I4KiZKvOhh15e9cXxU/zJiHw
 7MQUuaqArCQfTtjhzysjGEiekmNxcVHYiLvCMADvfsPKjX/G4YUnu5YiJFlNjDYMFJspWO9XgB5
 r+tBwzbtQa3+q3wiVLPE1Gr6/WsCUIg8vezyQYbXeU5k=
X-Received: by 2002:a17:903:1251:b0:294:f6e2:cea1 with SMTP id
 d9443c01a7336-29f2403ae65mr20162735ad.38.1765551866240;
 Fri, 12 Dec 2025 07:04:26 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IEV1fQTYZ+clwq9ydcPTOFwaYkLMqAp/AA+rJcxVTgTzUunLMGJFAylqzmwqrNF009OwJdo4g==
X-Received: by 2002:a17:903:1251:b0:294:f6e2:cea1 with SMTP id
 d9443c01a7336-29f2403ae65mr20162125ad.38.1765551865342;
 Fri, 12 Dec 2025 07:04:25 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 01/28] i386/kvm: avoid installing duplicate msr entries in
 msr_handlers
Date: Fri, 12 Dec 2025 20:33:29 +0530
Message-ID: <20251212150359.548787-2-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765551914580158500
Content-Type: text/plain; charset="utf-8"

kvm_filter_msr() does not check if an msr entry is already present in the
msr_handlers table and installs a new handler unconditionally. If the funct=
ion
is called again with the same MSR, it will result in duplicate entries in t=
he
table and multiple such calls will fill up the table needlessly. Fix that.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/kvm.c | 26 ++++++++++++++++----------
 1 file changed, 16 insertions(+), 10 deletions(-)

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 60c7981138..02819de625 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -5925,27 +5925,33 @@ static int kvm_install_msr_filters(KVMState *s)
 static int kvm_filter_msr(KVMState *s, uint32_t msr, QEMURDMSRHandler *rdm=
sr,
                           QEMUWRMSRHandler *wrmsr)
 {
-    int i, ret;
+    int i, ret =3D 0;
=20
     for (i =3D 0; i < ARRAY_SIZE(msr_handlers); i++) {
-        if (!msr_handlers[i].msr) {
+        if (msr_handlers[i].msr =3D=3D msr) {
+            break;
+        } else if (!msr_handlers[i].msr) {
             msr_handlers[i] =3D (KVMMSRHandlers) {
                 .msr =3D msr,
                 .rdmsr =3D rdmsr,
                 .wrmsr =3D wrmsr,
             };
+            break;
+        }
+    }
=20
-            ret =3D kvm_install_msr_filters(s);
-            if (ret) {
-                msr_handlers[i] =3D (KVMMSRHandlers) { };
-                return ret;
-            }
+    if (i =3D=3D ARRAY_SIZE(msr_handlers)) {
+        ret =3D -EINVAL;
+        goto end;
+    }
=20
-            return 0;
-        }
+    ret =3D kvm_install_msr_filters(s);
+    if (ret) {
+        msr_handlers[i] =3D (KVMMSRHandlers) { };
     }
=20
-    return -EINVAL;
+ end:
+    return ret;
 }
=20
 static int kvm_handle_rdmsr(X86CPU *cpu, struct kvm_run *run)
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765551978; cv=none;
	d=zohomail.com; s=zohoarc;
	b=BJWZEf59TObwD1fAgGL183i7khcfNEXs8NL38eStkHdfY+4gQWzFKGXqJBUibIDCvfx7L23J9MpT/aYbmKFJLaqECg2lKt7F7ms3oUwLvGKSTByTaUQUGEvFicwKrulvOQPJ8q0tXsPhUK2uOvPBPmVxc1ghFQJlYSaR/dmycU4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765551978;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=fgE5JBgOck8bhBbl4vJwL9OjfVs83p8a3NNrk0CxA1U=;
	b=h/rHwkKxcHh3TMugVkK97HzW1Nc+kQQIvLcEbGqILorUm7qy7pCqH0LWni4Oj0pCyoNBYxyBc37XGkAOQEsAhJi2TBSHrmCz1Vb4Jt3xfE88QOdESMQ04MBSZ3vid5VW1zio88wzSQuFgay4ahfDJOMPCSeHggZcWgNavRitKdw=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765551978718367.16487291709393;
 Fri, 12 Dec 2025 07:06:18 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hN-0001s3-QV; Fri, 12 Dec 2025 10:04:49 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4h9-0001mN-RU
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:35 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4h7-0005d7-OF
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:35 -0500
Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com
 [209.85.214.197]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-497-CaLLAvAPN_-WYZ-JiYp2Cg-1; Fri, 12 Dec 2025 10:04:30 -0500
Received: by mail-pl1-f197.google.com with SMTP id
 d9443c01a7336-2982b47ce35so15028315ad.2
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:04:29 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.25
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551872;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=fgE5JBgOck8bhBbl4vJwL9OjfVs83p8a3NNrk0CxA1U=;
 b=ajfUlMUs5BZuSQDmOnu5FIsYBO3pynkzOJOZaJ+k5VOgzIduDY4/eX7iIDGaplj0AJxhL2
 jrakPiEPs3+yh3s4nkEQysKQ0++Gb6PNqV3BJ1XEfMkR82p0uRZc7KcXQpHOwnj19J2eRo
 2jMhzQHu5NReVQwuYBJY0/VqNLnbCw8=
X-MC-Unique: CaLLAvAPN_-WYZ-JiYp2Cg-1
X-Mimecast-MFC-AGG-ID: CaLLAvAPN_-WYZ-JiYp2Cg_1765551869
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551869; x=1766156669; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=fgE5JBgOck8bhBbl4vJwL9OjfVs83p8a3NNrk0CxA1U=;
 b=TNTAkGCgRIu4AzqhTjz1ceTWjiWWkd5+jGhuatiUUj1Dyr1jdIqnZq7OuQHQkSHtUj
 wvfgutqKz+GmB8jLohnYmCAMwvxAuQDdJcD0ZFnzFWHrLzCVozxtTcbNx9WT5xD1ySkN
 mhEU6XTc+cBQo+eorCsXCf/IlY0SD/XWwedc0AHQolA9vE/pqWDqagc8xedQ+KsPGm8D
 orpQNDfMNQl3aFVa/towONeDy5h3X2Tr06bX+6r3WV/Feb2pMc5Urkd5EFtzQy/Z3NPw
 cBLoCjz1GRTh2UhGVsmJPO+NmADFjNMCf6O/lwEYJVu8MCIemzvWnLC3RZqYnllvKcnU
 o62g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551869; x=1766156669;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=fgE5JBgOck8bhBbl4vJwL9OjfVs83p8a3NNrk0CxA1U=;
 b=dgmXK7Wa8G8mhboYt18jdb73FZMIG9rJqXlFF3iohv2X/DWDX7Z2E/M4SwB9SIMjWN
 3Zi2vr+/Pz5/7AYa5VlSKn4iV0mAjV1Laimab6CBQtLAJhVmCKhiYuRk1bSyd0xHpjTM
 GHVky+3+wlZMtjzWO3ALd2KqO+SkMqQbPWEU7aeOEtiaPAkYZiFZwxrRzELHS7Jw5zsW
 ZUBV+ZhyFMxCri7WwTHTSMqbzO+UwvMShnw5nzofhWOUJojcOA5fG/guvOBJltSIniNN
 4lEV5qikCumSboWdqz7YipYp5Yj5MBkWnXPsoVqQelAtLV7WDga5ighysUEshaCogGhM
 /Xfg==
X-Forwarded-Encrypted: i=1;
 AJvYcCWECcj2492ROB1fUpn8+RpqekCvhmv8lPdRcHrMByolrN97AhoTiVsTPE4L4KBwQGQIruhqMfQmWaV8@nongnu.org
X-Gm-Message-State: AOJu0YwvmFNzx1Q4IRMtcK5BI13fprvFXsXlFp29jF8IbGeP5HBpvfhQ
 TmTqJj2IEvcWz+Y3AWIS7zC81Ghpbt9OOf8J3K/CxmqF45kCUqLMjCWglLTW49gD0aZgfNPd5M5
 ohx+F9gSqIFCduk/RAswSM0dmBjMYATppbAMorYndsgYQFvXnRoNIazhX
X-Gm-Gg: AY/fxX7AjGqO0pwac2AGCGIDZwfkSCXgWY0aD1O15CPEj/5LQDU2Ry/v7s9HvDmdVbw
 iAe41YYaCfzaZodvfPIXCjDxqY1vhOG1ZsR/M00aGWfjX12TT52ttagkEjbq3CB51P91egMYPAG
 KswWZiv3RvFCHhbbCFLqf5d8fKKA8xrV1YmUuGN0/lmVo6hRVUM6p575MdJqTbZnLH59pzAadxF
 ydGqFqGcgVheWREAC5zL7HLpqsB9hG/IfU5PCjWIQ59X3Dvz0n5tI1DomfpK+H/2SvsCMrX2Uk1
 TpCWpNMforavBBIZQQfMdSLMVhinZLy6b77z2Vzd/LJ3p84QKqCdbk7ie8ErqTWQzUQqjLA1pAy
 +MoN/GLMdK1wVEnG3g1/OpryP2wDkfqeqIsP2lLI9+tQ=
X-Received: by 2002:a17:902:bccb:b0:297:dde4:8024 with SMTP id
 d9443c01a7336-29f23e365b8mr18432405ad.23.1765551868827;
 Fri, 12 Dec 2025 07:04:28 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IH+PdmcFYkkR2Z9SqvslbvGatym9KzL9pUSuCUc+p0DbYISKKoUV5SGEo/iS8H22JX9vmWfeA==
X-Received: by 2002:a17:902:bccb:b0:297:dde4:8024 with SMTP id
 d9443c01a7336-29f23e365b8mr18432065ad.23.1765551868285;
 Fri, 12 Dec 2025 07:04:28 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Richard Henderson <richard.henderson@linaro.org>,
 Paolo Bonzini <pbonzini@redhat.com>,
 =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>
Subject: [PATCH v1 02/28] hw/accel: add a per-accelerator callback to change
 VM accelerator handle
Date: Fri, 12 Dec 2025 20:33:30 +0530
Message-ID: <20251212150359.548787-3-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765551979572158500
Content-Type: text/plain; charset="utf-8"

When a confidential virtual machine is reset, a new guest context in the
accelerator must be generated post reset. Therefore, the old accelerator gu=
est
file handle must closed and a new one created. To this end, a per-accelerat=
or
callback, "reset_vmfd" is introduced that would get called when a confident=
ial
guest is reset. Subsequent patches will introduce specific implementation of
this callback for KVM accelerator.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 include/accel/accel-ops.h |  1 +
 system/runstate.c         | 20 ++++++++++++++++++++
 2 files changed, 21 insertions(+)

diff --git a/include/accel/accel-ops.h b/include/accel/accel-ops.h
index 23a8c246e1..998a95ca69 100644
--- a/include/accel/accel-ops.h
+++ b/include/accel/accel-ops.h
@@ -23,6 +23,7 @@ struct AccelClass {
     AccelOpsClass *ops;
=20
     int (*init_machine)(AccelState *as, MachineState *ms);
+    int (*reset_vmfd)(MachineState *ms);
     bool (*cpu_common_realize)(CPUState *cpu, Error **errp);
     void (*cpu_common_unrealize)(CPUState *cpu);
     /* get_stats: Append statistics to @buf */
diff --git a/system/runstate.c b/system/runstate.c
index e3ec16ab74..f5e57fd1f7 100644
--- a/system/runstate.c
+++ b/system/runstate.c
@@ -42,6 +42,7 @@
 #include "qapi/qapi-commands-run-state.h"
 #include "qapi/qapi-events-run-state.h"
 #include "qemu/accel.h"
+#include "accel/accel-ops.h"
 #include "qemu/error-report.h"
 #include "qemu/job.h"
 #include "qemu/log.h"
@@ -508,6 +509,8 @@ void qemu_system_reset(ShutdownCause reason)
 {
     MachineClass *mc;
     ResetType type;
+    AccelClass *ac =3D ACCEL_GET_CLASS(current_accel());
+    int ret;
=20
     mc =3D current_machine ? MACHINE_GET_CLASS(current_machine) : NULL;
=20
@@ -520,6 +523,23 @@ void qemu_system_reset(ShutdownCause reason)
     default:
         type =3D RESET_TYPE_COLD;
     }
+
+    /*
+     * different accelerators implement how to close the old file handle of
+     * the accelerator descriptor and create a new one here. Resetting
+     * file handle is necessary to create a new confidential VM context po=
st
+     * VM reset.
+     */
+    if (current_machine->cgs && reason =3D=3D SHUTDOWN_CAUSE_GUEST_RESET) {
+        if (ac->reset_vmfd) {
+            ret =3D ac->reset_vmfd(current_machine);
+            if (ret < 0) {
+                error_report("unable to reset vmfd: %d", ret);
+                abort();
+            }
+        }
+    }
+
     if (mc && mc->reset) {
         mc->reset(current_machine, type);
     } else {
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765551995; cv=none;
	d=zohomail.com; s=zohoarc;
	b=MqHwnMdLugFDdodbFURldBq1M1Oz+2VGSBuYsNo8ohfkWrqphJd64/zAUZuDgFqyoQ33vfFaiuUO++F93AG5LVFWzac7eto+3On9PVidEuX5WfbBMeFWIHufhf6NpEqWxJzYFuFwl1pGCG3L+J+qFqmclASJYgUZPaIiQVnKSG8=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765551995;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=C6wSYJ8ap6r0Z/WMP8uHRmbaJ+AkxxgFyz2Vc2Mo7DI=;
	b=iPxd/N2rGCNcfrZXBKqsRY3KtpgwASCx/yT+AOE4r8HujJ9LpFUnXSpkEwD7NJHLnWX1zTR0zvQuN8PB2s6s+HiHiSXwFBK82Uxehd1oSU3tSouRBn2wzqdS3xXszGKkZ/RUPDREwAffgiU6CG87tNg0BZK64D22QeO5FvmPedc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765551995475662.0336151702502;
 Fri, 12 Dec 2025 07:06:35 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hO-0001uE-Ep; Fri, 12 Dec 2025 10:04:50 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hA-0001nV-K4
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:38 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4h9-0005dV-5m
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:36 -0500
Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com
 [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-159-Uk9SAxWUP2yC5aX5ZhXTEQ-1; Fri, 12 Dec 2025 10:04:33 -0500
Received: by mail-pl1-f200.google.com with SMTP id
 d9443c01a7336-29be4d2ef78so24271385ad.2
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:04:32 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.28
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551874;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=C6wSYJ8ap6r0Z/WMP8uHRmbaJ+AkxxgFyz2Vc2Mo7DI=;
 b=HTe5aFuLXUcGEAZBKoftb2fC+PZX+6LDNd+VptsLLvpecVZQZSeemQaWk+mLltwnxMS+d+
 6xVT4eohDvO+fKWseK1ds23UqPa5kaZFPxKRkXyzzy4WzuOHa8++tWMfjUOvOlB2RfMiNC
 TKBTXcz6yN6dWxoOxlkbdA6feOXIqgU=
X-MC-Unique: Uk9SAxWUP2yC5aX5ZhXTEQ-1
X-Mimecast-MFC-AGG-ID: Uk9SAxWUP2yC5aX5ZhXTEQ_1765551872
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551872; x=1766156672; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=C6wSYJ8ap6r0Z/WMP8uHRmbaJ+AkxxgFyz2Vc2Mo7DI=;
 b=OHuNUFR+SjHmsm6agjWMvihegwmI7ulUjYBgR5Ks6P2S3GXRdvYcD2Nbe7JlR19afR
 qp2aUYozZCNUJnq5LjYi05N7OJuZgFmAApTJHhhys0Um4axkFd5hw2ksaqnO61xUotyg
 LqiE/dMKgIWIwRNmeQIYeuJlx/JJHrXNB6SDEtErzH0Xi1jYhi4W74yKX92Wsb6+bk9l
 +f3bdkUjGE3pxn0kYu20TJFpOlpPisPV0SWd0lXJ5B/pPrEgLpRr5t7gYW/UEs4bZyvV
 u1gqbD/h4datRFdPG60CepLEuqZz4+7f66QSBO5pAwOS1NDWMBfBEIJcbaa2QVlFSGmw
 kQpg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551872; x=1766156672;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=C6wSYJ8ap6r0Z/WMP8uHRmbaJ+AkxxgFyz2Vc2Mo7DI=;
 b=jrAIMJiPGl1cjLavRRqMVOACUEfdjfG5AbmruksbGZBd7JNmFcnY9qfmEv/GZ7fxJU
 4zhuGfwbLqnrM08Fkkcf6m4TUN81D8UUUAEP1CPTgjLtSzc3WClaQ/eEwU9DrHKwgBLV
 oXP6K7V9X2pMZZkm97RWtGg5ubKMftlroE9o+jNu//h8/bTkbD6woA+QqXEDBRuBE/OA
 Y9CCoNLOldzUyCnZCkPYmK9g655RHvZmexqxCGguv7fK7dUJYJhX0ekOLYN9aMaJFZIP
 +q3EY/IEuyKpDqKAiBltuV5CxCIxWntNvm9VztmW/r5HmY79pW2Hop31xVcUR0SmoyeX
 m7mQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCVqdhrz3m9wt75h+aI9hmB0q5WimyGPD/132MFrcG3SfvwVEzzV2IRlCMLyjdXd1OFbKsbdf6Zmr2p0@nongnu.org
X-Gm-Message-State: AOJu0YwxxTSruOSE/cCS/h6KYhyH38vHLLgafRqxlsboSvjVIMt3qGvI
 1i7Y2+OSYnDNSgsJocF8Zi6n9wU50rh0mXjG4oOcEB4yLbs3fIBn10eKQIHir+w86lwRKDOQmRs
 +8/qWkaFIPlMzhw0ODlHNwuM2OfvRhCHRbPDwnKMpZkAWR98WAr10WHue
X-Gm-Gg: AY/fxX68BBch5Npuf8yc2R8IinfWq/Y6so+z/56s6d9r7khh3UmEuLPrMqETJZWDdRa
 ZseBZoHO4aTDiKviUTp17IkY9VkXHyRxb6wy/645j4nopoXhv9aZR8ryUh34zIUGhttS85q7j9f
 zIbOYbfsx8gQNN3T8VL++FQ+PePSt30oWk4fqHJtC9vI2236J+sqecC6yQAZv3yFj/a2UB0LI5I
 5Q++GcZhh67riAmX9FhFV7zODbwQY7TUTKYmLQ8DFwfWY6Eh/+tZzYvQ98jQWDfFfYsHfiZL8Oh
 dIxs/iSF9bLbUJpQ6xojLGy3SjGLc1a5OZQOLdXTUv7MshDTE06vba8yLAcyqT1IZ49SXnh1ISe
 KE1BAl4eG702gsDhNyOXJmQIUZ7VKPtArTG8gkMkibOU=
X-Received: by 2002:a17:903:1aa8:b0:29e:9387:f2b7 with SMTP id
 d9443c01a7336-29f23de5f93mr22668985ad.11.1765551871873;
 Fri, 12 Dec 2025 07:04:31 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IE08PQKtH01txzVb58tmhQN8dUCENuVM80YududBQ2mzo4i2lT2A+k0CkldiCwWeXjkA3Bp3A==
X-Received: by 2002:a17:903:1aa8:b0:29e:9387:f2b7 with SMTP id
 d9443c01a7336-29f23de5f93mr22668515ad.11.1765551871328;
 Fri, 12 Dec 2025 07:04:31 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Peter Xu <peterx@redhat.com>,
 David Hildenbrand <david@kernel.org>,
 =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>
Subject: [PATCH v1 03/28] system/physmem: add helper to reattach existing
 memory after KVM VM fd change
Date: Fri, 12 Dec 2025 20:33:31 +0530
Message-ID: <20251212150359.548787-4-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765551995664158501
Content-Type: text/plain; charset="utf-8"

After the guest KVM file descriptor has changed as a part of the process of
confidential guest reset mechanism, existing memory needs to be reattached =
to
the new file descriptor. This change adds a helper function ram_block_rebin=
d()
for this purpose. The next patch will make use of this function.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 include/system/physmem.h |  1 +
 system/physmem.c         | 28 ++++++++++++++++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/include/system/physmem.h b/include/system/physmem.h
index 879f6eae38..bfc0a623ac 100644
--- a/include/system/physmem.h
+++ b/include/system/physmem.h
@@ -50,5 +50,6 @@ physical_memory_snapshot_and_clear_dirty(MemoryRegion *mr=
, hwaddr offset,
 bool physical_memory_snapshot_get_dirty(DirtyBitmapSnapshot *snap,
                                         ram_addr_t start,
                                         ram_addr_t length);
+int ram_block_rebind(Error **errp);
=20
 #endif
diff --git a/system/physmem.c b/system/physmem.c
index c9869e4049..9a3e3c16f8 100644
--- a/system/physmem.c
+++ b/system/physmem.c
@@ -2839,6 +2839,34 @@ found:
     return block;
 }
=20
+/*
+ * Creates new guest memfd for the ramblocks and closes the
+ * existing memfd.
+ */
+int ram_block_rebind(Error **errp)
+{
+    RAMBlock *block;
+
+    qemu_mutex_lock_ramlist();
+
+    RAMBLOCK_FOREACH(block) {
+        if (block->flags & RAM_GUEST_MEMFD) {
+            if (block->guest_memfd >=3D 0) {
+                close(block->guest_memfd);
+            }
+            block->guest_memfd =3D kvm_create_guest_memfd(block->max_lengt=
h,
+                                                        0, errp);
+            if (block->guest_memfd < 0) {
+                qemu_mutex_unlock_ramlist();
+                return -1;
+            }
+
+        }
+    }
+    qemu_mutex_unlock_ramlist();
+    return 0;
+}
+
 /*
  * Finds the named RAMBlock
  *
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552145; cv=none;
	d=zohomail.com; s=zohoarc;
	b=TD3pqtyiX713zNzSHPt1BTGt4s0zk263h6iYsdrSUmqhEqt7Bh+mgNmn642lpq9aQnubVNBd4wFgyFECt6YSJV8aj7OvHdfN6jc4v3C5LNBtVGcXZP8yTUkQlGyCAwC8qvxMaJKWtylM4NXNHeHGMmwtAzhuliaC3OZSZr4PIV4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552145;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=PjEcZQ1uHJTqefFeQEkw1uWuzKF1uPikpHMJbHt4BwE=;
	b=Afa4/P2LbVpMIhAXvMcGk1GpIp3zo/ERGIVQEOZ3FawJgcVKbISelRk1JFz/iNRBUjkQBtasXg5e0aJZBs1e0ZBgIoY8+kxOJVlKMMUoXdDFiXzJufDbPUgFg5roGGnsXIL+COhce98g2IpZ/8VdhfvNmKGadTURP/jaaf3OTjs=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 176555214525822.50571723158089;
 Fri, 12 Dec 2025 07:09:05 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hQ-0001we-Pz; Fri, 12 Dec 2025 10:04:52 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hN-0001sH-1E
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:49 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hI-0005f5-Qo
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:47 -0500
Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com
 [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-479-Q9dWWLpHOde8MA3jf8Db1A-1; Fri, 12 Dec 2025 10:04:42 -0500
Received: by mail-pl1-f199.google.com with SMTP id
 d9443c01a7336-29557f43d56so16160475ad.3
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:04:42 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.31
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551884;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=PjEcZQ1uHJTqefFeQEkw1uWuzKF1uPikpHMJbHt4BwE=;
 b=RuESubHuIvr7XIO8mJKF+fI4jYiUoTyNfVFn3w0F/8PMtvsddB13x7l3OBPGx1DH0PSrMO
 PiW0Ehkpd3JMwWBPhWndNH1WeMph8T03SrdRpNEBx5VAKzQc7OgZQMyPif9rndgzsdsesk
 alrV5FbwCl1ZH3zhAD54KCZ0ROcEg20=
X-MC-Unique: Q9dWWLpHOde8MA3jf8Db1A-1
X-Mimecast-MFC-AGG-ID: Q9dWWLpHOde8MA3jf8Db1A_1765551882
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551881; x=1766156681; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=PjEcZQ1uHJTqefFeQEkw1uWuzKF1uPikpHMJbHt4BwE=;
 b=IpDv+S5os0ozC3oFdt+KV5xFfhyUpkftotkdYettq5BGy+SRhethdxAJmbJJVvwphA
 X/ZdQX7DpZ4hphIsqiD0E2M0ejvG1wZsaZ8eVlhG/Xtwa1uaDBeijNFIRoAIm1M4IeEI
 O7+FKONfUMz+HKmlLxCjk4QRQgbQJYkIOK05pzuoCLMX7StOxhsGKV6m/SZW0/ISVUi+
 27IU+rNUNpd+wFFYF+Fq5OrmQr3TX4gg2npBI3VBRkZZrmm0pvHJ59k7nPEehGOI3y4U
 pk0ysJfprsjwVcvt07tnXB3FREcQKOlsqRgIP6PziFJFUbb6Cc/Nzntrz6RR+MZDgN1r
 0dtw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551881; x=1766156681;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=PjEcZQ1uHJTqefFeQEkw1uWuzKF1uPikpHMJbHt4BwE=;
 b=aZg7xQCHaN42R4E/f8MkXrxevAw07cAiw3sT+phzroF8IQdk9U6RPKMIehwlXonx8B
 Av6hrSg8IneOhxasLc1XrXtQ8LVJT0mHzQyxQNoLwnQKLVTBa0goy3uF0eP8Z/H078N9
 /9iLHW2B9YAn4dP9aeZHgVMRVo/uT1g8KMatfZx213+YzEEJ6xiOPBsdEaKlaXawUCbO
 vsCqCNXdegVdEzJ3KhF5bFUTxxy/ryh/ahujP+Q6ujGDGOnmayLj8n3kfiWtgm3Z7j7B
 EjvnPC9OLgATrEd0Lgivu5CYT5UUHe8zlPKzAa9thSO9/dWlwmYugvZdIK/i0fMtayoK
 ph+w==
X-Forwarded-Encrypted: i=1;
 AJvYcCU0AJNnd6rkTdtixVHvVVolU/UmzIT2/nZWamvNMVParFLJgDpzkaoxPYLKa+lMnqHh3ScLQJPAuJeu@nongnu.org
X-Gm-Message-State: AOJu0Ywk/Qt38rUfvIBdwueE097Xc8R2lX+/31FElWdtv5NJOeWdT9TB
 o7ifK8tqrPAv1eduItwPpR16x8y5u0xJsqkDmT3/Qyx8Uplfj1JjLrGjqo7vUXPLhxwguj9EUox
 vYGyz1KGGKNI/P8cM8X1oHkb1sgwX5pTSdCJlDn3qtGbXaleg9/R+dZet
X-Gm-Gg: AY/fxX4w2/o7u8Ouj/Nt2+Oh5PrpHgrHOy8rI8WmM4TRQ/gjLnsTCyh3XesDB6b9FeA
 HtdJQdTUjqHXZ+NRhxfu5stQk6SMMLvOLNa4OXeWCbcyF2t9Kk9clgJZWE4tnPqZ/ENgtkChYtz
 Zo5vAi5/HvfYv4hOVfC6MgzKz4r8zUvQ0oHj6JUaMUqekau/JU6MhZVnvFJQWm+ZliKa+ROV3qU
 9O/JG6G/nYNKS2QS3n76JCO6szYva55af6FJc1zNZXn1Aejbo02P6ADv9W2rV//6MNzpGo9/n7f
 MER7/1BaMzzSMB/ZqTxwiCsWlb8s9F4JO1PzuTUHrgPykAutrlIXXO0grHDnAcxlY8gDLrcnFGn
 Jf/wpGvoKYYow5gULxEECxnhK1rYKaOrtbgSHPfbxlDg=
X-Received: by 2002:a17:903:230a:b0:2a0:81c1:6194 with SMTP id
 d9443c01a7336-2a081c16442mr6958315ad.47.1765551881154;
 Fri, 12 Dec 2025 07:04:41 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IH8yblFgCzrr9m/ubmrYBSTPLesJuI39hqhYZI5/jPqA3lpx4dP+VaBeRXVg2kOQXvwTndbgA==
X-Received: by 2002:a17:903:230a:b0:2a0:81c1:6194 with SMTP id
 d9443c01a7336-2a081c16442mr6957515ad.47.1765551880158;
 Fri, 12 Dec 2025 07:04:40 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Peter Maydell <peter.maydell@linaro.org>,
 Marcelo Tosatti <mtosatti@redhat.com>, Song Gao <gaosong@loongson.cn>,
 Huacai Chen <chenhuacai@kernel.org>,
 =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>,
 Aurelien Jarno <aurelien@aurel32.net>,
 Jiaxun Yang <jiaxun.yang@flygoat.com>,
 Aleksandar Rikalo <arikalo@gmail.com>, Nicholas Piggin <npiggin@gmail.com>,
 Harsh Prateek Bora <harshpb@linux.ibm.com>,
 Chinmay Rath <rathc@linux.ibm.com>, Palmer Dabbelt <palmer@dabbelt.com>,
 Alistair Francis <alistair.francis@wdc.com>,
 Weiwei Li <liwei1518@gmail.com>,
 Daniel Henrique Barboza <dbarboza@ventanamicro.com>,
 Liu Zhiwei <zhiwei_liu@linux.alibaba.com>,
 Halil Pasic <pasic@linux.ibm.com>,
 Christian Borntraeger <borntraeger@linux.ibm.com>,
 Eric Farman <farman@linux.ibm.com>,
 Matthew Rosato <mjrosato@linux.ibm.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Ilya Leoshkevich <iii@linux.ibm.com>, David Hildenbrand <david@kernel.org>,
 Thomas Huth <thuth@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org, qemu-arm@nongnu.org,
 qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, qemu-s390x@nongnu.org
Subject: [PATCH v1 04/28] accel/kvm: add changes required to support KVM VM
 file descriptor change
Date: Fri, 12 Dec 2025 20:33:32 +0530
Message-ID: <20251212150359.548787-5-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552147546158500
Content-Type: text/plain; charset="utf-8"

This change adds common kvm specific support to handle KVM VM file descript=
or
change. KVM VM file descriptor can change as a part of confidential guest r=
eset
mechanism. A new function api kvm_arch_vmfd_change_ops() per
architecture platform is added in order to implement architecture specific
changes required to support it. A subsequent patch will add x86 specific
implementation for kvm_arch_vmfd_change_ops as currently only x86 supports
confidential guest reset.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c        | 70 ++++++++++++++++++++++++++++++++++++--
 include/system/kvm.h       |  1 +
 target/arm/kvm.c           |  5 +++
 target/i386/kvm/kvm.c      |  5 +++
 target/loongarch/kvm/kvm.c |  5 +++
 target/mips/kvm.c          |  5 +++
 target/ppc/kvm.c           |  5 +++
 target/riscv/kvm/kvm-cpu.c |  5 +++
 target/s390x/kvm/kvm.c     |  5 +++
 9 files changed, 103 insertions(+), 3 deletions(-)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 28006d73c5..c9564bf681 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2415,11 +2415,9 @@ void kvm_irqchip_set_qemuirq_gsi(KVMState *s, qemu_i=
rq irq, int gsi)
     g_hash_table_insert(s->gsimap, irq, GINT_TO_POINTER(gsi));
 }
=20
-static void kvm_irqchip_create(KVMState *s)
+static void do_kvm_irqchip_create(KVMState *s)
 {
     int ret;
-
-    assert(s->kernel_irqchip_split !=3D ON_OFF_AUTO_AUTO);
     if (kvm_check_extension(s, KVM_CAP_IRQCHIP)) {
         ;
     } else if (kvm_check_extension(s, KVM_CAP_S390_IRQCHIP)) {
@@ -2452,7 +2450,13 @@ static void kvm_irqchip_create(KVMState *s)
         fprintf(stderr, "Create kernel irqchip failed: %s\n", strerror(-re=
t));
         exit(1);
     }
+}
=20
+static void kvm_irqchip_create(KVMState *s)
+{
+    assert(s->kernel_irqchip_split !=3D ON_OFF_AUTO_AUTO);
+
+    do_kvm_irqchip_create(s);
     kvm_kernel_irqchip =3D true;
     /* If we have an in-kernel IRQ chip then we must have asynchronous
      * interrupt delivery (though the reverse is not necessarily true)
@@ -2607,6 +2611,65 @@ static int kvm_setup_dirty_ring(KVMState *s)
     return 0;
 }
=20
+static int kvm_reset_vmfd(MachineState *ms)
+{
+    KVMState *s;
+    KVMMemoryListener *kml;
+    int ret, type;
+    Error *err =3D NULL;
+
+    s =3D KVM_STATE(ms->accelerator);
+    kml =3D &s->memory_listener;
+
+    memory_listener_unregister(&kml->listener);
+    memory_listener_unregister(&kvm_io_listener);
+
+    if (s->vmfd >=3D 0) {
+        close(s->vmfd);
+    }
+
+    type =3D find_kvm_machine_type(ms);
+    if (type < 0) {
+        return -EINVAL;
+    }
+
+    ret =3D do_kvm_create_vm(s, type);
+    if (ret < 0) {
+        return ret;
+    }
+
+    s->vmfd =3D ret;
+
+    kvm_setup_dirty_ring(s);
+
+    /* rebind memory to new vm fd */
+    ret =3D ram_block_rebind(&err);
+    if (ret < 0) {
+        return ret;
+    }
+    assert(!err);
+
+    ret =3D kvm_arch_vmfd_change_ops(ms, s);
+    if (ret < 0) {
+        return ret;
+    }
+
+    if (s->kernel_irqchip_allowed) {
+        do_kvm_irqchip_create(s);
+    }
+
+    /* these can be only called after ram_block_rebind() */
+    memory_listener_register(&kml->listener, &address_space_memory);
+    memory_listener_register(&kvm_io_listener, &address_space_io);
+
+    /*
+     * kvm fd has changed. Commit the irq routes to KVM once more.
+     */
+    kvm_irqchip_commit_routes(s);
+
+    return ret;
+}
+
 static int kvm_init(AccelState *as, MachineState *ms)
 {
     MachineClass *mc =3D MACHINE_GET_CLASS(ms);
@@ -4014,6 +4077,7 @@ static void kvm_accel_class_init(ObjectClass *oc, con=
st void *data)
     AccelClass *ac =3D ACCEL_CLASS(oc);
     ac->name =3D "KVM";
     ac->init_machine =3D kvm_init;
+    ac->reset_vmfd =3D kvm_reset_vmfd;
     ac->has_memory =3D kvm_accel_has_memory;
     ac->allowed =3D &kvm_allowed;
     ac->gdbstub_supported_sstep_flags =3D kvm_gdbstub_sstep_flags;
diff --git a/include/system/kvm.h b/include/system/kvm.h
index 8f9eecf044..ade13dd8cc 100644
--- a/include/system/kvm.h
+++ b/include/system/kvm.h
@@ -358,6 +358,7 @@ int kvm_arch_init(MachineState *ms, KVMState *s);
 int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp);
 int kvm_arch_init_vcpu(CPUState *cpu);
 int kvm_arch_destroy_vcpu(CPUState *cpu);
+int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s);
=20
 #ifdef TARGET_KVM_HAVE_RESET_PARKED_VCPU
 void kvm_arch_reset_parked_vcpu(unsigned long vcpu_id, int kvm_fd);
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 0d57081e69..919bf95ae1 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -1568,6 +1568,11 @@ void kvm_arch_init_irq_routing(KVMState *s)
 {
 }
=20
+int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s)
+{
+    abort();
+}
+
 int kvm_arch_irqchip_create(KVMState *s)
 {
     if (kvm_kernel_irqchip_split()) {
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 02819de625..cdfcb70f40 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -3252,6 +3252,11 @@ static int kvm_vm_enable_energy_msrs(KVMState *s)
     return 0;
 }
=20
+int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s)
+{
+    abort();
+}
+
 int kvm_arch_init(MachineState *ms, KVMState *s)
 {
     int ret;
diff --git a/target/loongarch/kvm/kvm.c b/target/loongarch/kvm/kvm.c
index 26e40c9bdc..4171781346 100644
--- a/target/loongarch/kvm/kvm.c
+++ b/target/loongarch/kvm/kvm.c
@@ -1312,6 +1312,11 @@ int kvm_arch_irqchip_create(KVMState *s)
     return kvm_check_extension(s, KVM_CAP_DEVICE_CTRL);
 }
=20
+int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s)
+{
+    return 0;
+}
+
 void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run)
 {
 }
diff --git a/target/mips/kvm.c b/target/mips/kvm.c
index 912cd5dfa0..28730da06b 100644
--- a/target/mips/kvm.c
+++ b/target/mips/kvm.c
@@ -44,6 +44,11 @@ unsigned long kvm_arch_vcpu_id(CPUState *cs)
     return cs->cpu_index;
 }
=20
+int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s)
+{
+    return 0;
+}
+
 int kvm_arch_init(MachineState *ms, KVMState *s)
 {
     /* MIPS has 128 signals */
diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c
index 43124bf1c7..a48dc7670b 100644
--- a/target/ppc/kvm.c
+++ b/target/ppc/kvm.c
@@ -180,6 +180,11 @@ int kvm_arch_irqchip_create(KVMState *s)
     return 0;
 }
=20
+int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s)
+{
+    return 0;
+}
+
 static int kvm_arch_sync_sregs(PowerPCCPU *cpu)
 {
     CPUPPCState *cenv =3D &cpu->env;
diff --git a/target/riscv/kvm/kvm-cpu.c b/target/riscv/kvm/kvm-cpu.c
index 47e672c7aa..ca384a8b85 100644
--- a/target/riscv/kvm/kvm-cpu.c
+++ b/target/riscv/kvm/kvm-cpu.c
@@ -1545,6 +1545,11 @@ int kvm_arch_irqchip_create(KVMState *s)
     return kvm_check_extension(s, KVM_CAP_DEVICE_CTRL);
 }
=20
+int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s)
+{
+    return 0;
+}
+
 int kvm_arch_process_async_events(CPUState *cs)
 {
     return 0;
diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c
index 916dac1f14..671c854634 100644
--- a/target/s390x/kvm/kvm.c
+++ b/target/s390x/kvm/kvm.c
@@ -393,6 +393,11 @@ int kvm_arch_irqchip_create(KVMState *s)
     return 0;
 }
=20
+int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s)
+{
+    return 0;
+}
+
 unsigned long kvm_arch_vcpu_id(CPUState *cpu)
 {
     return cpu->cpu_index;
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552230; cv=none;
	d=zohomail.com; s=zohoarc;
	b=E8PRultNaX3s/7CenNkBMq/navFBC6DOxyQ+qmFoSTf3CtMjKyDhZX5sww+YyUcvGQRCUgooaV8FdeLbtZ88tSu99lWre0aPlwYNLZQC7zy6ctSAhw909wQplOVp6JrU8o92qy+hb0Ni44G0RpTQGEfvIHzh61sDDB5iwVUCqNQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552230;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=oJX2Vfp3U0oN7mc0xwcEAGTGJFdhzh3zAsgh+2IEEL4=;
	b=jRO3oWwpuzoZs9Y2cof4gYCQkRRemBfcuJ8nPAEvDpLu9fOmmtuydxsPoQSxFFhhw96VhQfIkvpJ2860UCisEA8ZEoUFf5FffprHt1yGY0qt7jeup82S3Hbh4cdk36vWP2jtyroecSDX4YaT4NXDq+1ZTKEVwky/y129PTIu0Wo=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 176555223039369.04094948063653;
 Fri, 12 Dec 2025 07:10:30 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hQ-0001wg-Pw; Fri, 12 Dec 2025 10:04:52 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hN-0001sI-0Y
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:49 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hK-0005fc-Va
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:48 -0500
Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com
 [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-65-IocfHG-gM1y7Uk7XdbaWJQ-1; Fri, 12 Dec 2025 10:04:44 -0500
Received: by mail-pl1-f200.google.com with SMTP id
 d9443c01a7336-29f1f69eec6so9643215ad.1
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:04:44 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.40
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551886;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=oJX2Vfp3U0oN7mc0xwcEAGTGJFdhzh3zAsgh+2IEEL4=;
 b=QFCQqJa8Znh2NHfUZkquyjbHlvlldxXRPpLQui1IMRDR5hF2TULF83Rq1ZQbymrl7GZm+B
 uABNyPAazQbFwsbnJ3cjmv0i6SH2Ocamyt82Wk4lzSxxujgFEJBhVFzFvDzVKjRofA6khP
 w/AnWuxQsGKehVKCZ77mVMH1d4ViXH8=
X-MC-Unique: IocfHG-gM1y7Uk7XdbaWJQ-1
X-Mimecast-MFC-AGG-ID: IocfHG-gM1y7Uk7XdbaWJQ_1765551884
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551884; x=1766156684; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=oJX2Vfp3U0oN7mc0xwcEAGTGJFdhzh3zAsgh+2IEEL4=;
 b=h1QiRzFts2Jtlou8pF0P1aaa3fP6NHvQ04fJse17Nxali9EQZw8zHO9PRj7Iu61KYB
 K65r9M4SFGH37JJUXiZRfc80V3naE1Rbdbkoo8AyGIvr2rHGDo3tO+glDeXJ6mr7qV1Q
 5cnl80/VC8ZxzA/FjtBOKb/UgYk4vromm+qtSk3zksfewLFy7niFfiECVDwYHurf4mXY
 pkVj6eCSj5xtMlZW+W+6w2MJgw5WNPVNNT/M0NkuXuB3uKJgaxtLN8OGgS7I3Uza2Dyx
 mR/smXFY+wrodpsRwvFxkrayi6iwU1nkYHip4J4R8tpRhJJgoRAeCN8KuS+t2MBtQ74h
 BYCw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551884; x=1766156684;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=oJX2Vfp3U0oN7mc0xwcEAGTGJFdhzh3zAsgh+2IEEL4=;
 b=kLojrNdpMjrhhE0Oz5Oj/9pcjCvmb/y6KTJMVcp25Fr6HnfLkf5NZADHYIZKTWLSkE
 MOZSEzmuj4TV2oJ0QttqLIbsQ0LkG+uoXmxSJiN0JTSsmfBlkHWvSTJbLVeIa0ZZzqB/
 3tYf52NXj0XNpU2+7BVMZhrFaWuCeIH1me3IA+KcQhu4N3sA2x9FlIohlm6RTgIlg7cs
 cV/c6okdWKIr9itoWSKrwmSy3Xcl5A3H4IHeQ0gPQqoME915RSQ8oJraD34iiRLocyPI
 DzwgcxjRZKZT72xWNK2lEGLiIONLoY9JxRCupbyXeKXscLuz072ZmCuCkIaH/3QxsmDx
 +kwA==
X-Forwarded-Encrypted: i=1;
 AJvYcCWoKdy+XZNOkDzssczqE5uwI4alTiOU4OJoylZmsR36NLn2796zS9G0gQtH8+zWtG4pTPjm9ydkq0l6@nongnu.org
X-Gm-Message-State: AOJu0Yz1ydjRkqdwz0+O5FtedV2cGPSwpy3bBDXjjUw3wsEMJ1ydw5Nb
 mHe2ckYpw+WJpG+KeSSM6cNxAmXjTEbZZOJivtj1fYy4PjKIHSOC8osMOOJPBv8ACiQAZPqSyG/
 6libUqzYK6VE/8kE8bc6sKOtlPXwK8m18WG/V3BKbMBqt6FT2nAZWPDNz
X-Gm-Gg: AY/fxX4IC8Tpt4payV6NWtK+Ki2XzIyTTSqYGO10GQtWObv+yf2ixGr6ZE58hGbw4qB
 t2iv6uihzHRPEfgRvkvosHRjFaD54mZQ7mvs/7l67eE10zIxV5sJgF2Lv4ch5MPD4mKU9bpu2l8
 9hc4qeQsyM0H33mO6f4bA6BUZDEHhcMsXffvd69Up/82/LsYLZuGXaeMgez5uUdLR40kLVlmEf4
 OKdqFVe2y3gp2Esk5C5F37tc/anGk7FiFV/HvLrb7dhh5rzSVoye3ENpA+v8u3+rJ7wg3bSfrwU
 03pWrBfSXl3CXSsUoEDE3TfpvZ/z3Q0PL7oboqL2P/nsZxAU1wQIfpEPEbht0GcqlTS6cVZJM/Q
 7NTM5kZDvQjdQDIUyXQ0av7ZB0bM4yUNU8jKod9lnXgo=
X-Received: by 2002:a17:902:e943:b0:297:f09a:51db with SMTP id
 d9443c01a7336-29f23e18ba9mr25217305ad.15.1765551883464;
 Fri, 12 Dec 2025 07:04:43 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IGHr+3Yeke6CZ/UMZxEuq21IFxmSWHsTNUIAGUDU9/pwfuXux37Cj9LYKCOd+ZD6dBE5chS9Q==
X-Received: by 2002:a17:902:e943:b0:297:f09a:51db with SMTP id
 d9443c01a7336-29f23e18ba9mr25216895ad.15.1765551882964;
 Fri, 12 Dec 2025 07:04:42 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 05/28] accel/kvm: mark guest state as unprotected after vm
 file descriptor change
Date: Fri, 12 Dec 2025 20:33:33 +0530
Message-ID: <20251212150359.548787-6-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552230945158500
Content-Type: text/plain; charset="utf-8"

When the KVM VM file descriptor has changed and a new one created, the guest
state is no longer in protected state. Mark it as such.
The guest state becomes protected again when TDX and SEV-ES and SEV-SNP mark
it as such.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index c9564bf681..abdf91c0de 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2640,6 +2640,9 @@ static int kvm_reset_vmfd(MachineState *ms)
=20
     s->vmfd =3D ret;
=20
+    /* guest state is now unprotected again */
+    kvm_state->guest_state_protected =3D false;
+
     kvm_setup_dirty_ring(s);
=20
     /* rebind memory to new vm fd */
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552017; cv=none;
	d=zohomail.com; s=zohoarc;
	b=FCL4/0WLL5atRWSNOly1YBbwlat5pH+WHQGynjsHTgxu6HPxm8TkHDO/5bYq2LP4LGoi+Ysv59ym3KBr1YPL8YJidodNNEk2QQygwvoDFWuDVnai9tAKTgIJwjh/MxU/DFlnYtToTHYc9OJrgdvlXmhINXqzfRrcIIB9EZEsKxs=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552017;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=1bVGFXFJOeA9joOcTSQUXwNCiI9IN8A2ai1h2FlFtiU=;
	b=eNv9W2DEmuS/dZRoKhc4SaCf4pYa+ytX+qNkGDhFLe3EH5Ay7lz7A866txnY2hQNe2tbqnsW1YhIOPgTyatrSQAVvMyV+mpPpqnhVqeb34wE82tsagY7uvN0InXhKcKURYopyAAoqRJ9BkyEze/+bVQE8h3Ub3OiQXCsHQ/PHGU=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552017425614.3640469840053;
 Fri, 12 Dec 2025 07:06:57 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hS-0001x3-AS; Fri, 12 Dec 2025 10:04:54 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hO-0001uf-QQ
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:50 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hN-0005g8-5G
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:50 -0500
Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com
 [209.85.214.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-690-nNf4JzEYM-avwRfx-J0Iqw-1; Fri, 12 Dec 2025 10:04:47 -0500
Received: by mail-pl1-f198.google.com with SMTP id
 d9443c01a7336-295952a4dd6so13065555ad.1
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:04:47 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.43
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551888;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=1bVGFXFJOeA9joOcTSQUXwNCiI9IN8A2ai1h2FlFtiU=;
 b=JHLNhaWCsNrD952PkJnszPhsqNffIDYNHxEnWi4htPpS7NFLwvqz2vRRfoRZoyJj5PYhXh
 1d0GyXWkFf0j3oZ8B/7i9y2bRrpgWJZoPMLDoGtpuM68nocPzq/YvtHpYnw6clnmklGq/6
 YGKK2CMYLmLR+o4JfKkN2iBnQIyCmiE=
X-MC-Unique: nNf4JzEYM-avwRfx-J0Iqw-1
X-Mimecast-MFC-AGG-ID: nNf4JzEYM-avwRfx-J0Iqw_1765551886
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551886; x=1766156686; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=1bVGFXFJOeA9joOcTSQUXwNCiI9IN8A2ai1h2FlFtiU=;
 b=XwwRP24RNA9ImLTbWPigboqZTrPghYb5yhb/wYxIVezGNOksp9tWfwzy6x64+kefKP
 rA6S+2yXQlOUOkw01B1V3vlwH+ylNQELX96Pgxqi0Y4YPbUSNGCDO8zr7XUrF0+khiXn
 fnvDH7cnpS3K+tqFCTsm7pxqx+junudIZFrKP9Xao61rny5FBM6l8oJ3H+MZ3Kfdj/lr
 7WTwohBFoFFXtr+u/CVN01ii54qE+X6F1PHd20H5z5PWXzt6CdltILKftxDekYmev00/
 kYOQ5nf/KsXk1I5c1r0gTW5w0d5CaJxx8l1s72O4SEKtdx/0XB7j3akVB0XfEAODGDL1
 iTyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551886; x=1766156686;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=1bVGFXFJOeA9joOcTSQUXwNCiI9IN8A2ai1h2FlFtiU=;
 b=Iyq4dd2iUb+l00+PmwPhtSCEabaOaFQl5l90whsFiEClMhjdlILhHxD8PAvFUWAkhq
 xqiOxS75D7qTci1380frdiLmfNDkPKSFBhqP0FD4L8Fvccid9oj2aCMW/B+PoXEkFqD6
 zdqvJmrIoI9HwzmOR9LkOkXKGRvsXCgCHS2pVEf0lM2HR3wSI4iiXWTTDyVmiFya+Cb+
 x97y1PNkc4aV9utBo51GD3sggrgTNiDVsbyxawQ3KONrXYxiM7bSXHYaT5FNWGoqpjBz
 o3NUtN+GVrrbZZNDoiWytmvuawKf09W95RtIspS8QVz8u11dLzlijbtBsxcNG4tlBtcZ
 0fSQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCXL5XrahgbJrAl0C1js/WJ+SU22tGRX2SFipacLTZYL7dUcOWaHWPgoggUNNDRE3NauZ+9t9EXb+o86@nongnu.org
X-Gm-Message-State: AOJu0YzbYC4tMge0gpAmlTHxneP1duJfIiy/i/UBvrJm7L8wW1WGmeCQ
 agx7vtoG14oNsVOuhayfkV82U8fa7J2TsRuTZ2fAu8trWfLfBuV+uXc4+wpEk9Slm1scJ15ezHU
 0OsVpmCruKIbAxWRNpbdWtPvLle1ZS4b/da2ibgCPv7pyFAauhL9BY8zi
X-Gm-Gg: AY/fxX7VyIgwQ5alIIXx4hbMQpTwmQKgmA7vjS2Nt4bJCUaKSqvQMm5a8rnaxWuLr7k
 FBWkTmxHL3tTCQkL5U0wzNV4D17NBg3IYfmXN85jQdRDm5yHDuaWQONnO1Q+WoFyca30KKpM/Th
 GA5KM4UsPzt1BFAksRDRI0wnyQR8kpT9UEMQzCFZ8dOlnMA0K8Khc2cYA4MpsDpCHDpI1xUukxI
 rjf/j1heOS+L+XafY8u5nOXTIVJRETElAoEg3bpMgXoEbQquMipOQmJXwE65q1b24g8E8bNNNph
 IrxoiGwFUggDAKhDhzkKSvhexQuH3wwBjaf3y6eEcLhoLEnF1SHbU7Z0UvfUP3s1VJdsRTceWf2
 riu5Sy1r2ZD7Jz6yO/2QLDfOrlqvSqvlOHMQrN1L5PO0=
X-Received: by 2002:a17:903:15cf:b0:297:c079:4c32 with SMTP id
 d9443c01a7336-29eeea0686dmr57884685ad.11.1765551886064;
 Fri, 12 Dec 2025 07:04:46 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IHkjpSMTWKqwt1A7tVr9+iysMnzsonOe3OLhAtCzR04vkiSW5RhmALupyANyX+IIjejo60RoQ==
X-Received: by 2002:a17:903:15cf:b0:297:c079:4c32 with SMTP id
 d9443c01a7336-29eeea0686dmr57884455ad.11.1765551885605;
 Fri, 12 Dec 2025 07:04:45 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 06/28] accel/kvm: add a notifier to indicate KVM VM file
 descriptor has changed
Date: Fri, 12 Dec 2025 20:33:34 +0530
Message-ID: <20251212150359.548787-7-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552017859158500
Content-Type: text/plain; charset="utf-8"

A notifier callback can be used by various subsystems to perform actions wh=
en
KVM file descriptor for a virtual machine changes as a part of confidential
guest reset process. This change adds this notifier mechanism. Subsequent
patches will add specific implementations for various notifier callbacks
corresponding to various subsystems that need to take action when KVM VM fi=
le
descriptor changed.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c    | 30 ++++++++++++++++++++++++++++++
 accel/stubs/kvm-stub.c |  8 ++++++++
 include/system/kvm.h   | 21 +++++++++++++++++++++
 3 files changed, 59 insertions(+)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index abdf91c0de..679cf04375 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -90,6 +90,7 @@ struct KVMParkedVcpu {
 };
=20
 KVMState *kvm_state;
+VmfdChangeNotifier vmfd_notifier;
 bool kvm_kernel_irqchip;
 bool kvm_split_irqchip;
 bool kvm_async_interrupts_allowed;
@@ -123,6 +124,9 @@ static const KVMCapabilityInfo kvm_required_capabilites=
[] =3D {
 static NotifierList kvm_irqchip_change_notifiers =3D
     NOTIFIER_LIST_INITIALIZER(kvm_irqchip_change_notifiers);
=20
+static NotifierWithReturnList register_vmfd_changed_notifiers =3D
+    NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_changed_notifiers);
+
 struct KVMResampleFd {
     int gsi;
     EventNotifier *resample_event;
@@ -2173,6 +2177,22 @@ void kvm_irqchip_change_notify(void)
     notifier_list_notify(&kvm_irqchip_change_notifiers, NULL);
 }
=20
+void kvm_vmfd_add_change_notifier(NotifierWithReturn *n)
+{
+    notifier_with_return_list_add(&register_vmfd_changed_notifiers, n);
+}
+
+void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n)
+{
+    notifier_with_return_remove(n);
+}
+
+static int kvm_vmfd_change_notify(Error **errp)
+{
+    return notifier_with_return_list_notify(&register_vmfd_changed_notifie=
rs,
+                                            &vmfd_notifier, errp);
+}
+
 int kvm_irqchip_get_virq(KVMState *s)
 {
     int next_virq;
@@ -2661,6 +2681,16 @@ static int kvm_reset_vmfd(MachineState *ms)
         do_kvm_irqchip_create(s);
     }
=20
+    /*
+     * notify everyone that vmfd has changed.
+     */
+    vmfd_notifier.vmfd =3D s->vmfd;
+    ret =3D kvm_vmfd_change_notify(&err);
+    if (ret < 0) {
+        return ret;
+    }
+    assert(!err);
+
     /* these can be only called after ram_block_rebind() */
     memory_listener_register(&kml->listener, &address_space_memory);
     memory_listener_register(&kvm_io_listener, &address_space_io);
diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c
index 68cd33ba97..a6e8a6e16c 100644
--- a/accel/stubs/kvm-stub.c
+++ b/accel/stubs/kvm-stub.c
@@ -79,6 +79,14 @@ void kvm_irqchip_change_notify(void)
 {
 }
=20
+void kvm_vmfd_add_change_notifier(NotifierWithReturn *n)
+{
+}
+
+void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n)
+{
+}
+
 int kvm_irqchip_add_irqfd_notifier_gsi(KVMState *s, EventNotifier *n,
                                        EventNotifier *rn, int virq)
 {
diff --git a/include/system/kvm.h b/include/system/kvm.h
index ade13dd8cc..6844ebd56d 100644
--- a/include/system/kvm.h
+++ b/include/system/kvm.h
@@ -181,6 +181,7 @@ DECLARE_INSTANCE_CHECKER(KVMState, KVM_STATE,
=20
 extern KVMState *kvm_state;
 typedef struct Notifier Notifier;
+typedef struct NotifierWithReturn NotifierWithReturn;
=20
 typedef struct KVMRouteChange {
      KVMState *s;
@@ -565,4 +566,24 @@ int kvm_set_memory_attributes_shared(hwaddr start, uin=
t64_t size);
=20
 int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private);
=20
+/* argument to vmfd change notifier */
+typedef struct VmfdChangeNotifier {
+    int vmfd;
+} VmfdChangeNotifier;
+
+/**
+ * kvm_vmfd_add_change_notifier - register a notifier to get notified when
+ * a KVM vm file descriptor changes as a part of the confidential guest "r=
eset"
+ * process. Various subsystems should use this mechanism to take actions s=
uch
+ * as creating new fds against this new vm file descriptor.
+ * @n: notifier with return value.
+ */
+void kvm_vmfd_add_change_notifier(NotifierWithReturn *n);
+/**
+ * kvm_vmfd_remove_change_notifier - de-register a notifer previously
+ * registered with kvm_vmfd_add_change_notifier call.
+ * @n: notifier that was previously registered.
+ */
+void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n);
+
 #endif
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765551946; cv=none;
	d=zohomail.com; s=zohoarc;
	b=VyfCZNwctr3T0NQkqWWJZhZUB1cJ2Otc3H/cVH/UDg/z+qHW7KHUm560EL5wKpZCNisIPuC/FeK6nCtnth6VhjBqwrCOItVMRGwQ5Z3bhJdAY2BwPTFQ+bQ57PDl343MSN5Wi16YFV0nIiTKioEyZEAIYS22VZV+//gQPE3tV8Y=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765551946;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=tEQtRpZIU+af5B0NJVC06k5FBVfVHxHqEV2FPCkoDHk=;
	b=AILMRJ+Sog4UhfZ5JJ/Zvmasl4Ssrx6SWysNQLUmtDxVSzfVZSlxnn7YZr6kP9gor5tIbldEhJgJUpUwBdZPVmD47DFrqWPr9EslKbEuqOtmgKbKyQS+rlD9gWYBVvaY8R+jno4nPbx+qHwD51tr0n5Usc3w197LxC+lyns7/ow=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765551946049739.2840468985341;
 Fri, 12 Dec 2025 07:05:46 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hV-0001yC-E6; Fri, 12 Dec 2025 10:04:57 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hT-0001xZ-Qz
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:55 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hS-0005hI-87
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:55 -0500
Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com
 [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-677-Lvfprj8hOeymQPDVhC2skA-1; Fri, 12 Dec 2025 10:04:50 -0500
Received: by mail-pl1-f200.google.com with SMTP id
 d9443c01a7336-29f1450189eso10049505ad.1
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:04:50 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.46
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551893;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=tEQtRpZIU+af5B0NJVC06k5FBVfVHxHqEV2FPCkoDHk=;
 b=dn6NPvbVyPEcJHFYPW1z4VDF/kLQeM+waU7RDZGsinNkYwzaVaeFz0ds9V2RRFcbAy5WUq
 RSCzFk4aMp2ONH5VYHhxPiad5Poqfj+Yh6kP0OjI7CHIy7hZ07rbmaOOhLgT4yrj443IlV
 t6vzsi3tgQgvigy3FDK5SfC8OHIqmtk=
X-MC-Unique: Lvfprj8hOeymQPDVhC2skA-1
X-Mimecast-MFC-AGG-ID: Lvfprj8hOeymQPDVhC2skA_1765551889
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551889; x=1766156689; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=tEQtRpZIU+af5B0NJVC06k5FBVfVHxHqEV2FPCkoDHk=;
 b=dl/zmL5Q8b5ZqKztLiRugYsWD01tAQ7xyonUU22ovCbY1bRHPAJvGWd/ZhjaGdeyFo
 DYovNy/hMYRg04W2eVtOl7/YlMvyBfx5fgDqAHOR+DthyfmN7n7bd05HRVUJG0CYrEzG
 8nD5VuFJLlP3PyVV6U/RR7yDSiwXK5ftqdeEFbFyqxLfjXbEyj47jfMC3RcphN8CZdAo
 O4eAk109uTPkgURKUb+HdpTebLQcHxS6VDlCSpqyVO0WGeJ/ftx+gQkagcnoCUAOQjPO
 CMuyLeGARop3CKtI8YqO723ocz6S8kDiuKRoHlZb1zFavfPwmnVuC8nE/h1bDgxqBxNK
 Qtew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551889; x=1766156689;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=tEQtRpZIU+af5B0NJVC06k5FBVfVHxHqEV2FPCkoDHk=;
 b=nV7qiqNmt3X9Y0xEpXPvU7fmH7EmhPIExl78zWhb8KMhPM9JCClSU4Bbgj/osJIrTf
 IJkNp+HoBJV63tz+5hXRTivxfplpj0wgxeytksDnO+FmE63um7jprIsFU08jnNtW33jM
 NXW4VvzohnFhUtBXzHVWEPmXUCI6FimiBBa63D4XPikUmiNrfHT05Td45awCPPCcYQAB
 6r8M4LZQ9A2LYdXEcaEZH1sPUutDvIfrdH2sCdeFb3J3npId5dYMmqU0bDjaG4SpaD7E
 t4lr68VcFKguGjKKhklNdepyZMCV7HqMbQj5/4EvxzLFHPrET1ZelDAncjSSNgjPbol+
 Yn0w==
X-Forwarded-Encrypted: i=1;
 AJvYcCW2doYy9Mo6+bRXlGSm8S4kd/zcvwkC03oBy85KX4IQ1lOfenXIOuyr64q1RX7zVNvklO6KoZ/Pv55G@nongnu.org
X-Gm-Message-State: AOJu0Yx6EQtNOpLyp+bcGf7oPBxZbmrH3ib0wl/Egl2apE9Mq91XZ1CX
 KvwWl6MC3K4AyP8nvH7Qx1uIAZAwf8YRPBP+bWgHx2xxJe6W2ZpL9zoPPp/IBIrCXDe0WO1iJkd
 oF81jVQ/482zhXTwZzfP3lIozY1X03xzr7axEGGDzZAi1SyTlIysvggI6
X-Gm-Gg: AY/fxX6WmmelpDu+xC4xEihvdI4iydtX1izYtfyRWlWQa4JzNJYOSmVfwOLAmw194Hw
 /Lwb/92omyBatq3c14eJjrsFC7z+MGW6YH4FIkqjkJoXSIad1is/Yjb9/p5KqjI2ulJqWAtGpeV
 6BPTnnEL7TTJfL+xh4ZNaNGqE605QaIc3kKiifXfzFOk4mj0Acrp/6q6Y2T88HdqPCGBYbuNd8q
 mnFMA4+C1yjo3UceGmB+9aDFVlyE7S3FYPjhze0Y70JDPCJ6GO7lYtBDIniwAfQ2UXsHdOKbNBM
 8LfLlDO3Gylq0a2zasbZwvThiqaEM0AnvzwrEjHjNjSE8OvBacfAVoUgiAGWZDUkoQZpLcWKc/d
 Gjs+2Mnq1sMH3C2bHV/r8E8ffqd2Z2ilxR4wROOYKJmU=
X-Received: by 2002:a17:903:8cd:b0:29a:4a5:d688 with SMTP id
 d9443c01a7336-29eeebcedb9mr67342415ad.15.1765551889050;
 Fri, 12 Dec 2025 07:04:49 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IGZBw3cmTdXgss3nJnSVhW4vDvRaSjlwKI3kdKjvhl/302qsw+kjO/S5XkgEuKUu8iYibkyig==
X-Received: by 2002:a17:903:8cd:b0:29a:4a5:d688 with SMTP id
 d9443c01a7336-29eeebcedb9mr67341775ad.15.1765551888392;
 Fri, 12 Dec 2025 07:04:48 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 07/28] kvm/i386: implement architecture support for kvm
 file descriptor change
Date: Fri, 12 Dec 2025 20:33:35 +0530
Message-ID: <20251212150359.548787-8-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765551946837158500
Content-Type: text/plain; charset="utf-8"

When the kvm file descriptor changes as a part of confidential guest reset,
some architecture specific setups including SEV/SEV-SNP/TDX specific setups
needs to be redone. These changes are implemented as a part of the
kvm_arch_vmfd_change_ops() call which was introduced previously.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/kvm.c | 132 +++++++++++++++++++++++++++++++++++++-----
 1 file changed, 119 insertions(+), 13 deletions(-)

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index cdfcb70f40..e971f5f8c4 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -3252,9 +3252,126 @@ static int kvm_vm_enable_energy_msrs(KVMState *s)
     return 0;
 }
=20
+static int xen_init_wrapper(MachineState *ms, KVMState *s);
+
 int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s)
 {
-    abort();
+    Error *local_err =3D NULL;
+    int ret;
+
+    /*
+     * Initialize confidential context, if required
+     *
+     * If no memory encryption is requested (ms->cgs =3D=3D NULL) this is
+     * a no-op.
+     *
+     */
+    if (ms->cgs) {
+        ret =3D confidential_guest_kvm_init(ms->cgs, &local_err);
+        if (ret < 0) {
+            error_report_err(local_err);
+            return ret;
+        }
+    }
+
+    ret =3D kvm_vm_enable_exception_payload(s);
+    if (ret < 0) {
+        return ret;
+    }
+
+    ret =3D kvm_vm_enable_triple_fault_event(s);
+    if (ret < 0) {
+        return ret;
+    }
+
+    if (s->xen_version) {
+        ret =3D xen_init_wrapper(ms, s);
+        if (ret < 0) {
+            return ret;
+        }
+    }
+
+    ret =3D kvm_vm_set_identity_map_addr(s, KVM_IDENTITY_BASE);
+    if (ret < 0) {
+        return ret;
+    }
+
+    ret =3D kvm_vm_set_tss_addr(s, KVM_IDENTITY_BASE + 0x1000);
+    if (ret < 0) {
+        return ret;
+    }
+    ret =3D kvm_vm_set_nr_mmu_pages(s);
+    if (ret < 0) {
+        return ret;
+    }
+
+    if (object_dynamic_cast(OBJECT(ms), TYPE_X86_MACHINE) &&
+        x86_machine_is_smm_enabled(X86_MACHINE(ms))) {
+        memory_listener_register(&smram_listener.listener,
+                                 &smram_address_space);
+    }
+
+    if (enable_cpu_pm) {
+        ret =3D kvm_vm_enable_disable_exits(s);
+        if (ret < 0) {
+            error_report("kvm: guest stopping CPU not supported: %s",
+                         strerror(-ret));
+            return ret;
+        }
+    }
+
+    if (object_dynamic_cast(OBJECT(ms), TYPE_X86_MACHINE)) {
+        X86MachineState *x86ms =3D X86_MACHINE(ms);
+
+        if (x86ms->bus_lock_ratelimit > 0) {
+            ret =3D kvm_vm_enable_bus_lock_exit(s);
+            if (ret < 0) {
+                return ret;
+            }
+        }
+        kvm_set_max_apic_id(x86ms->apic_id_limit);
+    }
+
+    if (kvm_check_extension(s, KVM_CAP_X86_NOTIFY_VMEXIT)) {
+        ret =3D kvm_vm_enable_notify_vmexit(s);
+        if (ret < 0) {
+            return ret;
+        }
+    }
+
+    if (kvm_vm_check_extension(s, KVM_CAP_X86_USER_SPACE_MSR)) {
+        ret =3D kvm_vm_enable_userspace_msr(s);
+        if (ret < 0) {
+            return ret;
+        }
+
+        if (s->msr_energy.enable =3D=3D true) {
+            ret =3D kvm_vm_enable_energy_msrs(s);
+            if (ret < 0) {
+                return ret;
+            }
+        }
+    }
+
+    return 0;
+}
+
+static int xen_init_wrapper(MachineState *ms, KVMState *s)
+{
+    int ret =3D 0;
+#ifdef CONFIG_XEN_EMU
+    if (!object_dynamic_cast(OBJECT(ms), TYPE_PC_MACHINE)) {
+        error_report("kvm: Xen support only available in PC machine");
+        return -ENOTSUP;
+    }
+    /* hyperv_enabled() doesn't work yet. */
+    uint32_t msr =3D XEN_HYPERCALL_MSR;
+    ret =3D kvm_xen_init(s, msr);
+#else
+    error_report("kvm: Xen support not enabled in qemu");
+    return -ENOTSUP;
+#endif
+    return ret;
 }
=20
 int kvm_arch_init(MachineState *ms, KVMState *s)
@@ -3290,21 +3407,10 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
     }
=20
     if (s->xen_version) {
-#ifdef CONFIG_XEN_EMU
-        if (!object_dynamic_cast(OBJECT(ms), TYPE_PC_MACHINE)) {
-            error_report("kvm: Xen support only available in PC machine");
-            return -ENOTSUP;
-        }
-        /* hyperv_enabled() doesn't work yet. */
-        uint32_t msr =3D XEN_HYPERCALL_MSR;
-        ret =3D kvm_xen_init(s, msr);
+        ret =3D xen_init_wrapper(ms, s);
         if (ret < 0) {
             return ret;
         }
-#else
-        error_report("kvm: Xen support not enabled in qemu");
-        return -ENOTSUP;
-#endif
     }
=20
     ret =3D kvm_get_supported_msrs(s);
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552016; cv=none;
	d=zohomail.com; s=zohoarc;
	b=L4BHQAfiBfCQGm8YHZfguP9omC0ZOYYbfEup0Zjd2LSg9T6fbo1iSQ4zp192AVsoI/qg7LQls8m8rNAIboQYQS2mi8o0ChleTCN8MEhE2WMzpo0Tdd23mJHXhAXJ9YOWVaG5i/Mv3FE3TqnreEqAvsZn2tak4GC7BtVpa99kSzM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552016;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=cKeUZPc4i8r5RqBQh7JN1YPGnsgStLJoY8vQlAxmBok=;
	b=TJ4/CwIdcpPw0H5+emh9ObBjpUEBbABj5mUqv/R4fw0Cpiq4IvmK0gTKNQiUegKREsf3FXfZYG/wJPXEDHzakb/rA+ZANKbUZR+xy3Z0MRWO7r5mVAljv9PKZrwVcxdYUTXKFHvH2ms1tlbdgCbODkWJZ+Smwt5bLfLWqZEpgSA=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552015949723.1173834663435;
 Fri, 12 Dec 2025 07:06:55 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hV-0001yY-TP; Fri, 12 Dec 2025 10:04:57 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hV-0001yA-8Q
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:57 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hT-0005hU-Nw
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:56 -0500
Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com
 [209.85.214.197]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-408-NaWAr19zN_-G8qVRxElkwg-1; Fri, 12 Dec 2025 10:04:53 -0500
Received: by mail-pl1-f197.google.com with SMTP id
 d9443c01a7336-295952a4dd6so13066625ad.1
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:04:53 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.48
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551895;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=cKeUZPc4i8r5RqBQh7JN1YPGnsgStLJoY8vQlAxmBok=;
 b=JTvgPh5uYJW3ZSo9hzDN9FCL9M8EkC6N+kcipf2PTA6sejRuhP3UMJjKrdJif+HzUfndxQ
 RzU4tv+pPTpkqA0lCi2cgD8Bj2gkHIRDCQzrVaRZvPJdg/BHFLp1dxDYcsec1EsZvsHwgG
 5xAxJMskX0TMGPbqJ2lgHSbynjeNAvI=
X-MC-Unique: NaWAr19zN_-G8qVRxElkwg-1
X-Mimecast-MFC-AGG-ID: NaWAr19zN_-G8qVRxElkwg_1765551893
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551892; x=1766156692; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=cKeUZPc4i8r5RqBQh7JN1YPGnsgStLJoY8vQlAxmBok=;
 b=aokp78rkPurY58XiZ1Ww4bke3E6X0sfJF5AGy6K+20wM9+vgtYNj8K58QldZQG9S5h
 GQzWbdXcvxUBnUkR1svevhICqGx4njKWzGd1xGM7j6epx9VDi5UA8azaJ70sA/NBh7VR
 XajEFu5cywAZ0MvXyOfhX0/DjfUoi//DWQ6hrE8JQj2bVj49q4X422OBA8bSpKcC0aKj
 jnEJhvvxfa+KeRIY3dGznxHk4MkaRupcjY/V358etvRn/f12DBDSBgoI0YqMzCjbFNHf
 FIaiSdEkpn1aEGyPxo2FOy7bf2uQR7hFy5aoyrWAH9B/M5BHQ0Y0SMsodTXY5S5x0ops
 rSRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551892; x=1766156692;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=cKeUZPc4i8r5RqBQh7JN1YPGnsgStLJoY8vQlAxmBok=;
 b=XASYVQgVTxiyEzz/rNt8COqwWtr1VLKnvdr5E603za6YIvfPSKqh+b6CoFH6P6iUMu
 HpOnJki4R5HOLxafaL5TcnFkiivUFqk9vhubhL6EFtJQ1qCfIqTS4rIpotC3gp2g/oAG
 hcBc4S12W9PgN5YidhsCft2dvk6+UHUeIaD6gVhFNklieM8qtZ/4vI5F7fM2at1cK/ce
 Tcci2tkKOLWPvqQDkckrjOMYpvpRAD4SRy/gcjI8eYWiC0gGUPmlasphBKhfxYiRLgfP
 ksm4QTyj+VqY/7qD+6NybZf9H/yeWwW4yJELlJnEl6guW0WZmhGCbhM2c6k3U+Eqp4sP
 0hwA==
X-Forwarded-Encrypted: i=1;
 AJvYcCWIjMoglhH7o3WFDn7HxFA733j9B2bu+iSUZwq5WIuH3ncxvUlmhep2AbIZ9QFB7QupJAPAN1aGYlI7@nongnu.org
X-Gm-Message-State: AOJu0YyinOYN4Oir1j13UG1mB3Jr7A6zvHkzbL1swfZwJKF8R0HAuBaJ
 xvH0hphiP6nEpWnJRsfSQNu28kryXeso3gxPf8lv2J4ZufXcu7DGs6cLKEyy73fA0Uykt2j6Rlx
 XjZ9P0E+1bbjO+hNV292U11uZlyOePS0UH8CgHTV0nAYDVfOp6kj9kNJA
X-Gm-Gg: AY/fxX5TsMklwwR0DXaw7yfoYn8VpBLCH1HGcmUS1q8h7Xr2bY1mIkty+NG3ZoHkRBr
 QFRqzAn4ofw+wYFmP3PKEFMAxnacXMk7NXeEetgjK8T61D6CQ3OmjvZ91vQxe+yn8jITeMEe6pk
 XR7bWO9wjeeKMTk8Nb/vqf15VXKJPx7OM2dSZqVmBJQC1vNdxcvI3xud1G3AQdkqHKrTibt/5JC
 IWdhMM7Y8TnP8tAiE4KaAYqOjiFtrN0wFNzSXyZqJetHaTm8SECExjSWJpGULVr2UYOmhneW5BD
 6bAXGLj7nCtKTQFJ7gHAH4ugdYKKJnauK7PBDoDgDWyi59SHmXOPiAKNcjPb9j4AzVuWJ9gSgHN
 878y+RPqcYAmzn/a9ydZg7SH/OEEPJQ3uVUkLh6n9Ggw=
X-Received: by 2002:a17:903:ac4:b0:29f:13d2:1c71 with SMTP id
 d9443c01a7336-29f24d7350cmr26334035ad.7.1765551892361;
 Fri, 12 Dec 2025 07:04:52 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IH9If50C4EjDHIO7qHkYNkUYveZgS1Ff2+daiW3CTqx8dYl3Yx+9HFbHDddk6CK2Hrz9tXt5w==
X-Received: by 2002:a17:903:ac4:b0:29f:13d2:1c71 with SMTP id
 d9443c01a7336-29f24d7350cmr26333535ad.7.1765551891826;
 Fri, 12 Dec 2025 07:04:51 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>,
 "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>
Subject: [PATCH v1 08/28] hw/i386: refactor x86_bios_rom_init for reuse in
 confidential guest reset
Date: Fri, 12 Dec 2025 20:33:36 +0530
Message-ID: <20251212150359.548787-9-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552017840158500
Content-Type: text/plain; charset="utf-8"

For confidential guests, bios image must be reinitialized upon reset. This
is because bios memory is encrypted and hence once the old confidential
kvm context is destroyed, it cannot be decrypted. It needs to be reinitiliz=
ed.
In order to do that, this change refactors x86_bios_rom_init() code so that
parts of it can be called during confidential guest reset.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/x86-common.c  | 50 ++++++++++++++++++++++++++++++++-----------
 include/hw/i386/x86.h |  5 ++++-
 2 files changed, 41 insertions(+), 14 deletions(-)

diff --git a/hw/i386/x86-common.c b/hw/i386/x86-common.c
index c844749900..81fa4f47fb 100644
--- a/hw/i386/x86-common.c
+++ b/hw/i386/x86-common.c
@@ -1024,17 +1024,11 @@ void x86_isa_bios_init(MemoryRegion *isa_bios, Memo=
ryRegion *isa_memory,
     memory_region_set_readonly(isa_bios, read_only);
 }
=20
-void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar=
e,
-                       MemoryRegion *rom_memory, bool isapc_ram_fw)
+int get_bios_size(X86MachineState *x86ms,
+                  const char *bios_name, char *filename)
 {
-    const char *bios_name;
-    char *filename;
     int bios_size;
-    ssize_t ret;
=20
-    /* BIOS load */
-    bios_name =3D MACHINE(x86ms)->firmware ?: default_firmware;
-    filename =3D qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
     if (filename) {
         bios_size =3D get_image_size(filename, NULL);
     } else {
@@ -1044,6 +1038,20 @@ void x86_bios_rom_init(X86MachineState *x86ms, const=
 char *default_firmware,
         (bios_size % 65536) !=3D 0) {
         goto bios_error;
     }
+
+    return bios_size;
+
+ bios_error:
+    fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name);
+    exit(1);
+}
+
+void load_bios_from_file(X86MachineState *x86ms, const char *bios_name,
+                         char *filename, int bios_size, bool isapc_ram_fw)
+{
+    ssize_t ret;
+
+    /* BIOS load */
     if (machine_require_guest_memfd(MACHINE(x86ms))) {
         memory_region_init_ram_guest_memfd(&x86ms->bios, NULL, "pc.bios",
                                            bios_size, &error_fatal);
@@ -1072,7 +1080,26 @@ void x86_bios_rom_init(X86MachineState *x86ms, const=
 char *default_firmware,
             goto bios_error;
         }
     }
-    g_free(filename);
+
+    return;
+
+ bios_error:
+    fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name);
+    exit(1);
+}
+
+void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar=
e,
+                       MemoryRegion *rom_memory, bool isapc_ram_fw)
+{
+    int bios_size;
+    const char *bios_name;
+    char *filename;
+
+    bios_name =3D MACHINE(x86ms)->firmware ?: default_firmware;
+    filename =3D qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
+
+    bios_size =3D get_bios_size(x86ms, bios_name, filename);
+    load_bios_from_file(x86ms, bios_name, filename, bios_size, isapc_ram_f=
w);
=20
     if (!machine_require_guest_memfd(MACHINE(x86ms))) {
         /* map the last 128KB of the BIOS in ISA space */
@@ -1084,9 +1111,6 @@ void x86_bios_rom_init(X86MachineState *x86ms, const =
char *default_firmware,
     memory_region_add_subregion(rom_memory,
                                 (uint32_t)(-bios_size),
                                 &x86ms->bios);
+    g_free(filename);
     return;
-
-bios_error:
-    fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name);
-    exit(1);
 }
diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h
index 8755cad50a..8871f95891 100644
--- a/include/hw/i386/x86.h
+++ b/include/hw/i386/x86.h
@@ -122,7 +122,10 @@ void x86_cpu_unplug_request_cb(HotplugHandler *hotplug=
_dev,
                                DeviceState *dev, Error **errp);
 void x86_cpu_unplug_cb(HotplugHandler *hotplug_dev,
                        DeviceState *dev, Error **errp);
-
+int get_bios_size(X86MachineState *x86ms,
+                  const char *bios_name, char *filename);
+void load_bios_from_file(X86MachineState *x86ms, const char *bios_name,
+                         char *filename, int bios_size, bool isapc_ram_fw);
 void x86_isa_bios_init(MemoryRegion *isa_bios, MemoryRegion *isa_memory,
                        MemoryRegion *bios, bool read_only);
 void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar=
e,
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765551915; cv=none;
	d=zohomail.com; s=zohoarc;
	b=A9u8m+5zHyoasaH8CAATP/hXH3zNyLSAmw5sDeivCTlMZbjwOQ/piVb8ICBBWnYTU/1x3j1HhAFA060ZX5bJi066p3EHoFdNkhT5z9PHCJHiaCkPbjOqEAivYYbx8dgIeZyyBP5u3QCwY/PmJy4q4Ijy0QYudsMFQ3KMignXlOA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765551915;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=33QlZAhGXHGFDxYNTuc7M9dXD1Jmdy+6/iC4UFNG7jM=;
	b=eq2bZoyomjR1aG+wf9II4OOGyoZyuwTbDqyox5VznMM+FK0UPHHaR97CEpuovjIWuVgOUppX8r1K2mhAyVe5dZ/5f85KSsSVtSxeTrv/huM6olwDzUF6lpIqci191zOT1QVnz8h4QA9kGKKEtoHQQonn9cGuX539mI7HH6qcGtw=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765551915801837.5834669663515;
 Fri, 12 Dec 2025 07:05:15 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hY-00020f-RC; Fri, 12 Dec 2025 10:05:00 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hX-0001z1-RD
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:59 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hW-0005iL-CQ
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:04:59 -0500
Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com
 [209.85.214.197]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-613-Q6_suZTtMLitH1vPAtlwcQ-1; Fri, 12 Dec 2025 10:04:56 -0500
Received: by mail-pl1-f197.google.com with SMTP id
 d9443c01a7336-29be4d2ef78so24282975ad.2
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:04:56 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.52
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551897;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=33QlZAhGXHGFDxYNTuc7M9dXD1Jmdy+6/iC4UFNG7jM=;
 b=bKZxlpdgx8l5wPsvs+apukiKLHIn1JUttOlZgVovWBzoueU32E4qsv6Ik46ORruWY6Pm/X
 BqHuB5jhBnwhm906JbAMySKhJeudGgIacl3Byyb6Pw0GmUE0UEVwC2tul9BTDo3WTJ+O0q
 NX+76rwbxhwnUdQRhQiS19NG4szG07s=
X-MC-Unique: Q6_suZTtMLitH1vPAtlwcQ-1
X-Mimecast-MFC-AGG-ID: Q6_suZTtMLitH1vPAtlwcQ_1765551895
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551895; x=1766156695; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=33QlZAhGXHGFDxYNTuc7M9dXD1Jmdy+6/iC4UFNG7jM=;
 b=S1uWxX83NwpMz4YOWJU9opc7t3JrH02VXRfd4cC7dc46tjyW/xxBpeyntDW35qqML1
 NBY6X+Tt4vWk5uEA/dtFfUj8mkf2eN/kxXgDc8L/kBVoRKK37DyYKesvR5PKw5o6SsPv
 lN58VrU4WGnWJyZMUUJqVLX9yprlTVHKozVtU/swtLCUhfMG/aF+/+2aIbxJrSfNYy+m
 XR/pSebZWPVeVPmXRiw652I/6/dQ7qS9aRH8swLROsOYYJjlX9ALamkZGqr0Ee3dBCHp
 KXHLNKoDOZg9MjBhink5CwpsWnFPBsUloblsEYYnVTOCGbm0tViB7Mz7sDNBm7JgwHNx
 7uPg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551895; x=1766156695;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=33QlZAhGXHGFDxYNTuc7M9dXD1Jmdy+6/iC4UFNG7jM=;
 b=Ri9MGwXZqIlCyCNZ/nB9lm1dYY37cleMkLVIKo3W2qAYGHr2BkYB9e4TaCnd8RDXtj
 G73mStDElRnqhXCOPShkvLw8G6kG0VcOm8pS5f4wY8V/VFVa3WVmg9KKwmSpMBWmlBVy
 JNUKUWoG1qRnBKP8le/rajHpDbt7kTN9TzWnShkq3af59243U30bfcl3RbHK7yjAUxkr
 6vzz1pM6NnF9H92+SJ8vs8vFs6+RdR2za/gqK//Ds6srndJ24mcKZhA+lEnGeQIGwkoW
 pjr9AcGPDCt8XkzCdkMdnqhM4DvoqEWowTQayNAPW8Xvt37F0paEvHla3NkrO/crKZ59
 LbUA==
X-Forwarded-Encrypted: i=1;
 AJvYcCWIk1o7NTDiABQ4YTEKvqRDNvTSQR6c28+zBYb02tSoL8SQndUrxFzg91D+Sjajg38d6+pZHbL0tG5W@nongnu.org
X-Gm-Message-State: AOJu0Yzx45gPJNN/EJ7wYEQUMJcy8EIZdusEhLrfk9nA0gc5L7ECbBHr
 VLBimvYsD9dgJg3+5go4eqxrxIoz2AJrTrgp7iiQFH7vT4Bo7pCxHBHniYYOE82DLQrry0JfvEJ
 STanZDff78xgrBdD9cjaKZmwrDa4wgI5NWipu2jTWGtD/QvmDXoVlqRyD
X-Gm-Gg: AY/fxX44x1kscX1Vjv/Co5BbN7WS46HCaZvHaNwDkPOvIb7zwi+ib3uIb/mZm0b47B/
 LpWU1FszNBvYMFwYNOGAEgeHQa9NQ2KiT17ylYYc2uZkKXPhtUQyiRaE51eqGzoc+5Hjmqm6Gmn
 HBe1acc0II5Fhm2W57YBAQQYviZ6FyiUOUDAohpHB+8AeiABSXC3FJe/l6bbu5Tg5xkBqg4eh5n
 p0tWUWOK+dEOpahofO2wAVhXJtc6ExCk8s6GT6zr56bgt6oaHj4usDyg1LUaktcZf49RFC/8D0O
 MgFy2fxPKJrdrNePrIGW1CtPQciAH2IKlYYDwasxoBi/krZVK0oiU8/fsUDPzSmcV+6LcbT4m0T
 QFcWXjEChUjlvV3tSAuiJL2V0tRQ9LWrR1sXoBDzTVuY=
X-Received: by 2002:a17:903:1aa8:b0:29e:9387:f2b7 with SMTP id
 d9443c01a7336-29f23de5f93mr22685875ad.11.1765551895150;
 Fri, 12 Dec 2025 07:04:55 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IGmliy17NoT9CiscMYxPRgRHMqJ1Rk/M5PpK27wtcCKth2RCOVldpTXTYQq/2I2N1+rv1xg1g==
X-Received: by 2002:a17:903:1aa8:b0:29e:9387:f2b7 with SMTP id
 d9443c01a7336-29f23de5f93mr22685435ad.11.1765551894711;
 Fri, 12 Dec 2025 07:04:54 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 09/28] kvm/i386: reload firmware for confidential guest
 reset
Date: Fri, 12 Dec 2025 20:33:37 +0530
Message-ID: <20251212150359.548787-10-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765551916831158500
Content-Type: text/plain; charset="utf-8"

When IGVM is not being used by the confidential guest, the guest firmware h=
as
to be reloaded explictly again into memory. This is because, the memory into
which the firmware was loaded before reset was encrypted and is thus lost
upon reset. When IGVM is used, it is expected that the IGVM will contain the
guest firmware and the execution of the IGVM directives will set up the gue=
st
firmware memory.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/kvm.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index e971f5f8c4..199a224dbf 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -50,6 +50,8 @@
 #include "qemu/config-file.h"
 #include "qemu/error-report.h"
 #include "qemu/memalign.h"
+#include "qemu/datadir.h"
+#include "hw/loader.h"
 #include "hw/i386/x86.h"
 #include "hw/i386/kvm/xen_evtchn.h"
 #include "hw/i386/pc.h"
@@ -3254,6 +3256,22 @@ static int kvm_vm_enable_energy_msrs(KVMState *s)
=20
 static int xen_init_wrapper(MachineState *ms, KVMState *s);
=20
+static void reload_bios_rom(X86MachineState *x86ms)
+{
+    int bios_size;
+    const char *bios_name;
+    char *filename;
+
+    bios_name =3D MACHINE(x86ms)->firmware ?: "bios.bin";
+    filename =3D qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
+
+    bios_size =3D get_bios_size(x86ms, bios_name, filename);
+
+    void *ptr =3D memory_region_get_ram_ptr(&x86ms->bios);
+    load_image_size(filename, ptr, bios_size);
+    x86_firmware_configure(0x100000000ULL - bios_size, ptr, bios_size);
+}
+
 int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s)
 {
     Error *local_err =3D NULL;
@@ -3272,6 +3290,16 @@ int kvm_arch_vmfd_change_ops(MachineState *ms, KVMSt=
ate *s)
             error_report_err(local_err);
             return ret;
         }
+        if (object_dynamic_cast(OBJECT(ms), TYPE_X86_MACHINE)) {
+            X86MachineState *x86ms =3D X86_MACHINE(ms);
+            /*
+             * If an IGVM file is specified then the firmware must be prov=
ided
+             * in the IGVM file.
+             */
+            if (!x86ms->igvm) {
+                reload_bios_rom(x86ms);
+            }
+        }
     }
=20
     ret =3D kvm_vm_enable_exception_payload(s);
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765551943; cv=none;
	d=zohomail.com; s=zohoarc;
	b=ACLT+BY8T+vRk53nszRYj+H8eFaN2ruIIgQEiMlHO84N7pNloSaYDmd8u4sQfuJgVTWJKINiMW9BGdOpHavo/dmRSojmHLU6EXMJRLttULgMnHz1QfUNs9Kjy1NxQQW6ARYxAeMSHDkL539NgGqWPZuZmzsUjYnW6wRZyrmxKe0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765551943;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=rgjX+7Zs4GjKiVepp+8rEO8AQv67kp7/f2WN1WL8v60=;
	b=dj8MWD1Hc2NFyWEqmO650JTuyvw6gSmnqbvOZxMFse1FVYlsFcJnT16IA6ouFibj5l6H+hqWdlDNgCPNqbkYa5ILtYVBFBaXFesSMD10AU83zOpgWxSGpLoIYyziTsgjFK7M5d2DC0EGZg8hbRtjjFRDwVWdb4U7ePSet1IT5co=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765551943221176.33761753577835;
 Fri, 12 Dec 2025 07:05:43 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hd-00026G-4P; Fri, 12 Dec 2025 10:05:05 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hb-00022S-3e
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:03 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hZ-0005j8-Hp
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:02 -0500
Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com
 [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-568-Q0Go8_bDPUaopy_CsB3b9w-1; Fri, 12 Dec 2025 10:04:59 -0500
Received: by mail-pl1-f199.google.com with SMTP id
 d9443c01a7336-297df52c960so25620075ad.1
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:04:59 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.55
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551901;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=rgjX+7Zs4GjKiVepp+8rEO8AQv67kp7/f2WN1WL8v60=;
 b=YMzIVdfOjAnAz5OvnWXXmUoteCaVTw0S9RuFAgKkchsrLyfA1eKKS3MJyYzEi3L7MSjc/I
 r/IAtZ0mb/S5ZkppDkb+LL0vu4CpeVWLc12M3MgPs/mjw6C4Diu2db16O1loUe8VgFoKDH
 COu4XaD37NdcYAjNg9gPsMxF/hfR6lc=
X-MC-Unique: Q0Go8_bDPUaopy_CsB3b9w-1
X-Mimecast-MFC-AGG-ID: Q0Go8_bDPUaopy_CsB3b9w_1765551898
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551898; x=1766156698; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=rgjX+7Zs4GjKiVepp+8rEO8AQv67kp7/f2WN1WL8v60=;
 b=Nbt/FKO7MeCupRPvdQKjApOsV7YlnN8SF3+EdJa3CBTf83Dh/LiGKOdj14Cc1uhpvA
 nENsrGZCnSuuqEyf9zmMbrqzZmRPr52j1w7pJkjeezLPZdmGBF9oy5Nz+kkzLPrvK7fH
 KT8NnCdLafxlADivYQ+VMyHLOXEDvPMDVfiPB9ZoGQfaa4AN/KFmIEC8Cyx4CZZNVD1K
 2w5uBXztLy37LBYMadKG/E+JwkO6XgjX02mUugDdr0wrtLw8oAhbN/CWwSSGgKyePwAE
 KgnbZooj5IJsv9bFT3pTT5ID7GRV7IYpyV9e4vU6m4e35hf7x7s8XW57Vqx2RX+spp/Q
 CDhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551898; x=1766156698;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=rgjX+7Zs4GjKiVepp+8rEO8AQv67kp7/f2WN1WL8v60=;
 b=Mh/JWciqr1m1f3XNh6ic8raTvez91bhGa7qcx4wi1fNUZySbFGHeX0t0A+RIiihZhY
 x92ZmJrQMDHTA5plAoVEUkk0VWTxyFXXaO3txqvVfbu6gNzgAybZLfxXkLAiYyzCB3Ss
 eIsW31NhyfKEtXF2edMFROjslTJ8sR2rF6I4qjj9hKsoLw1JdcGoA+cXtOLaFJaStubr
 CjTLI/BPB+k/fnIVCPGaksx0KQwGi7C2i0fIFfSe4vogPIuEw6EsXkHlXE8bR5R/D7ps
 Y8LyrTctm6vYKQTWA+b9cNfOk3zPvPiEJg8mY1HYychc1Zy0mohKhyymb/ro6SAZvLEM
 VMSg==
X-Forwarded-Encrypted: i=1;
 AJvYcCWqWmwXSQpJYha1hH9/eQ/fGEXo1tBgbRfU0te6VW5NuCe/GsDZ5GsJepXxZA4Psw1DBzXoCLghwf9D@nongnu.org
X-Gm-Message-State: AOJu0YydvgVVO7xZjS6YTLMkvBQwxobTZoM9sPa/I+sbhpTZV/u2AMpu
 2pGP76AbN5g7RtvI6P1hR+XwOlYuTG5dSsKNvNAz+VoNFdlv0KNOQhij++wtJMnJgzp2aETP885
 9Tb6sHlk4xs59Uy+DpJVN9l3jtYIhZgOE7jRIWGLIj3A0pgV10B5X+973
X-Gm-Gg: AY/fxX7YDK6CnKDh+9o7Yr+hK0ioN94EC4fUr2LYlTyi6S5rLf8WXTsGvPBGfvm1d8L
 jR/TWLjlio9hQ6u0n4ERE5fkNuGhI/soIES3KZ+Z8JNX6UfLwVbO3h+eVd0OSLBbaaJ73zJLCXt
 Iv5GGbREDf4Wdi58rnXpBtDPGRiTlcx0EVFd4EVNY3v/l2C98EWQ7W0HymZcA16sgkhJz5TnzQE
 5AWF17Yh6GKraEbdMu9whlYaXLdDAqg6E6Ck4r3OODf5qSGPMdASqqj2JWtH9rGvm9zt1APnSK0
 ZF2OfWdXlrN+hHGef50qA9m6JjLdIiF9ASOvoWNrz2VyA6zxWwtyCn4nxL+pvEiEVCn0m8QX/Ih
 klMMWiyUPyoNR/3EqW1SoKEs4E4d4wB07VLkiw6Mjc6A=
X-Received: by 2002:a17:903:38d0:b0:295:9db1:ff32 with SMTP id
 d9443c01a7336-29f23cc4083mr22674675ad.48.1765551897970;
 Fri, 12 Dec 2025 07:04:57 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IHzZSIzSedS7i5fW89+07VJqVZhC3NyNAYZLpbH9Gha7pzyQN6PN9hZP33q+bh0g/hvLJN8Uw==
X-Received: by 2002:a17:903:38d0:b0:295:9db1:ff32 with SMTP id
 d9443c01a7336-29f23cc4083mr22674195ad.48.1765551897348;
 Fri, 12 Dec 2025 07:04:57 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 10/28] accel/kvm: Add notifier to inform that the KVM VM
 file fd is about to be changed
Date: Fri, 12 Dec 2025 20:33:38 +0530
Message-ID: <20251212150359.548787-11-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765551950807158500
Content-Type: text/plain; charset="utf-8"

Various subsystems might need to take some steps before the KVM file descri=
ptor
for a virtual machine is changed. So a new notifier is added to inform them=
 that
kvm VM file descriptor is about to change.

Subsequent patches will add callback implementations for specific components
that need this notification.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c    | 25 +++++++++++++++++++++++++
 accel/stubs/kvm-stub.c |  8 ++++++++
 include/system/kvm.h   | 15 +++++++++++++++
 3 files changed, 48 insertions(+)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 679cf04375..5b854c9866 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -127,6 +127,9 @@ static NotifierList kvm_irqchip_change_notifiers =3D
 static NotifierWithReturnList register_vmfd_changed_notifiers =3D
     NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_changed_notifiers);
=20
+static NotifierWithReturnList register_vmfd_pre_change_notifiers =3D
+    NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_pre_change_notifie=
rs);
+
 struct KVMResampleFd {
     int gsi;
     EventNotifier *resample_event;
@@ -2193,6 +2196,22 @@ static int kvm_vmfd_change_notify(Error **errp)
                                             &vmfd_notifier, errp);
 }
=20
+void kvm_vmfd_add_pre_change_notifier(NotifierWithReturn *n)
+{
+    notifier_with_return_list_add(&register_vmfd_pre_change_notifiers, n);
+}
+
+void kvm_vmfd_remove_pre_change_notifier(NotifierWithReturn *n)
+{
+    notifier_with_return_remove(n);
+}
+
+static int kvm_vmfd_pre_change_notify(Error **errp)
+{
+    return notifier_with_return_list_notify(&register_vmfd_pre_change_noti=
fiers,
+                                            NULL, errp);
+}
+
 int kvm_irqchip_get_virq(KVMState *s)
 {
     int next_virq;
@@ -2644,6 +2663,12 @@ static int kvm_reset_vmfd(MachineState *ms)
     memory_listener_unregister(&kml->listener);
     memory_listener_unregister(&kvm_io_listener);
=20
+    ret =3D kvm_vmfd_pre_change_notify(&err);
+    if (ret < 0) {
+        return ret;
+    }
+    assert(!err);
+
     if (s->vmfd >=3D 0) {
         close(s->vmfd);
     }
diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c
index a6e8a6e16c..7f4e3c4050 100644
--- a/accel/stubs/kvm-stub.c
+++ b/accel/stubs/kvm-stub.c
@@ -79,6 +79,14 @@ void kvm_irqchip_change_notify(void)
 {
 }
=20
+void kvm_vmfd_add_pre_change_notifier(NotifierWithReturn *n)
+{
+}
+
+void kvm_vmfd_remove_pre_change_notifier(NotifierWithReturn *n)
+{
+}
+
 void kvm_vmfd_add_change_notifier(NotifierWithReturn *n)
 {
 }
diff --git a/include/system/kvm.h b/include/system/kvm.h
index 6844ebd56d..cb5db9ff67 100644
--- a/include/system/kvm.h
+++ b/include/system/kvm.h
@@ -586,4 +586,19 @@ void kvm_vmfd_add_change_notifier(NotifierWithReturn *=
n);
  */
 void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n);
=20
+/**
+ * kvm_vmfd_add_pre_change_notifier - register a notifier to get notified =
when
+ * kvm vm file descriptor is about to be changed as a part of the confiden=
tial
+ * guest "reset" process.
+ * @n: notifier with return value.
+ */
+void kvm_vmfd_add_pre_change_notifier(NotifierWithReturn *n);
+
+/**
+ * kvm_vmfd_remove_pre_change_notifier - de-register a notifier previously
+ * registered with kvm_vmfd_add_pre_change_notifier.
+ * @n: the notifier that was previously registered.
+ */
+void kvm_vmfd_remove_pre_change_notifier(NotifierWithReturn *n);
+
 #endif
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552182; cv=none;
	d=zohomail.com; s=zohoarc;
	b=SJswlofmZ2r+QCfr+s5L9XgbKLJYIaElUPlMU9wbQRgDMj2904F7K/F5zhYX/In/nYgUUjdxlYQ6yiO67LzKG8l6Gjafloub9D1K1TwVMpHwYhAOBXFWr8WbhmLrn2rxbB8q6Aac/G0DniiXXtKkvBtnhgfST8HRNZ7sKpLiVJc=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552182;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=EWbJ3b/FRgtMaf7F/qkvMf2cvadC5nmdaEsA8MbTH9w=;
	b=EW049U3wYVTHvHIM9TXzFk47WTXg3lpIplPBVEQ6Q+TqyV4mXA71EdPb7fax0i5FjKewIYba63+FDJOeED/grVjAzgvJd7A2foaee81mrpMWRM9hiUUkPsqWcrRjktsrRQCZiWRhTgl9BrOYXFdhreyIgcPpEI9e5Nf2CPlHGdQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 176555218205886.11929639031109;
 Fri, 12 Dec 2025 07:09:42 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hu-0002Ff-GX; Fri, 12 Dec 2025 10:05:22 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hi-00028w-Q1
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:11 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hg-0005z5-SU
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:10 -0500
Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com
 [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-37-KeyOaELwOcyYN4Zp6P7krA-1; Fri, 12 Dec 2025 10:05:01 -0500
Received: by mail-pl1-f199.google.com with SMTP id
 d9443c01a7336-2982b47ce35so15036145ad.2
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:01 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.04.57
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:04:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551908;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=EWbJ3b/FRgtMaf7F/qkvMf2cvadC5nmdaEsA8MbTH9w=;
 b=VpMhkquGSj1NKVMbN3IrD4Tr7eKzcQ8fqtFsoVn5tOIsJ0z/15bqyf2KaxYWFhZveJOFFd
 aoNcwYVV9dSSEp1vDpnptxjY9aNH40K3eDgQCgdbsXrEpb3wIphzbreXUUgFCQShymQPtx
 3tgIwyMVux16PLh8hxK4RxlF5BBo/cQ=
X-MC-Unique: KeyOaELwOcyYN4Zp6P7krA-1
X-Mimecast-MFC-AGG-ID: KeyOaELwOcyYN4Zp6P7krA_1765551901
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551901; x=1766156701; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=EWbJ3b/FRgtMaf7F/qkvMf2cvadC5nmdaEsA8MbTH9w=;
 b=Y30FlYf5NNs3FeKvgbZqKsXMHSF47aYgZyeF3QJZJjjEyHlBlS3eAdT42xgitGcalZ
 jHYPHMT6PzqI7O5v2jZADUHYHmvNROEZk22ER0QEWGOn2OcXE1VVW4QUfgpWImXVqDqJ
 HA6pnWuzscywqF92u6scTEUY0O20UfNB9K4OjdGwrEQw3NFps98OO2BTO+uf3cen8WCp
 QM11oGztuFVFROkNj6lUFMauA0eyDAiKYS1XE2OP5G7Y+t8EHPTKNHFtzEfArdkMJzQP
 ntv/isB19RFU5F9XcSJlkKrwSOv09MaLl/XnzeIvKXpIGUkvWvUS1d3gsF+IvrVN8xzT
 Qbkw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551901; x=1766156701;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=EWbJ3b/FRgtMaf7F/qkvMf2cvadC5nmdaEsA8MbTH9w=;
 b=W4zkXYq7gRd/ZIq4anBN/EI4J3U0swqDjTeDBvdBgNnqjWu2+oVNEvjlZjhjlY6ut4
 JF7CFlkPYNOLxKiS8bEyhacMirIIRA72OVzmhw7miManF2+d7ChgFtPEreHglezjxcKq
 9vSKkIXDexxTGf9zF6AmY4CJtqfj07q+WzFd7m/JQiuF1yz81NJ/q07Few5s1m3JbYgJ
 GKnTYKyFvHgKhz2JsKkW172drxLa06SlwoFksBVBZxqSy+utXVC20FfVdoCPBozwbRyC
 2RM4AVmN8vJEftYs6nmAUDFNnc/2/54XUGhYO+LYeU/ImvuSCI8eqLUev8R4cRyJWiv/
 MfUA==
X-Forwarded-Encrypted: i=1;
 AJvYcCVZX7vpsY+LbbqQ5FLK+Yj4uesdj7c/nMuJSbB8koGO2TPIWSAJ44Z2XsSWRLtbPPRmCOi59HuQwxPQ@nongnu.org
X-Gm-Message-State: AOJu0YxXrardhJEMXVHTSpoo8rDtaqpSdzxnzvUg5OM8fsoQy3MzvHLs
 7/Rpqqyqr51zCdFiqdpFaFCAc1Y5A5QUcfF58khA+rRQQxfDqSWHavlwV1QSXa2yuIBcK9xmjup
 kbjFT6T3s7FY1qe8KzDCc1rx5i4m3xcV8YPtU1rxysQGUh5RpJZsfJXpu
X-Gm-Gg: AY/fxX5yCbPlPifGwWgEaIZiiT2JWlv1cjzj8AwYLKj3TDJpE3M4uLiPM0Wr5aVWmW3
 TUVba1hnORwy5Uj3DNXx/Pv7dEfCH3WCEdoUftABJGsw33trGHTtEcMyvS+5YZ9b7cDefgxxeCe
 5gyKMrjNRlThCV5q2H3e5GP9a5yhP2z6WBhAP+WBBdo2JLTO6v+LMaLO8XxO01/r3QfdIU9oifH
 jfUdWFRIQtCOrW6JHnqlXdZXrsuvVKkSyMAYOrzdJwRYb+XzMe0c6IG4VyE08aJ9EczeDSqfNH0
 zBOCdkIZbEsHmUUhrtBjVB6n4P9eOPloa1pUfBlsI988ilQtToEeJLkw27tgy2LXK2wVlVKBOFI
 /NpbEbx4wCQn4ZHhvZbrSKj2SsrE9aFI9PL+GxRExb3Y=
X-Received: by 2002:a17:903:22c4:b0:29e:1415:df95 with SMTP id
 d9443c01a7336-29f2435fd39mr19701815ad.51.1765551900653;
 Fri, 12 Dec 2025 07:05:00 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IGeXsVbGlfUiHlR+wSUHOyHm6iD/qWLG4BYVCfCmsPMHGb4JdQGK7Enc4RBbFandqHGXmbZ/g==
X-Received: by 2002:a17:903:22c4:b0:29e:1415:df95 with SMTP id
 d9443c01a7336-29f2435fd39mr19701405ad.51.1765551899951;
 Fri, 12 Dec 2025 07:04:59 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 11/28] accel/kvm: rebind current VCPUs to the new KVM VM
 file descriptor upon reset
Date: Fri, 12 Dec 2025 20:33:39 +0530
Message-ID: <20251212150359.548787-12-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552182771158500
Content-Type: text/plain; charset="utf-8"

Confidential guests needs to generate a new KVM file descriptor upon virtual
machine reset. Existing VCPUs needs to be reattached to this new
KVM VM file descriptor. As a part of this, new VCPU file descriptors against
this new KVM VM file descriptor needs to be created and re-initialized.
Resources allocated against the old VCPU fds needs to be released. This cha=
nge
makes this happen.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c | 201 ++++++++++++++++++++++++++++++++++++--------
 1 file changed, 166 insertions(+), 35 deletions(-)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 5b854c9866..638f193626 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -130,6 +130,12 @@ static NotifierWithReturnList register_vmfd_changed_no=
tifiers =3D
 static NotifierWithReturnList register_vmfd_pre_change_notifiers =3D
     NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_pre_change_notifie=
rs);
=20
+static int kvm_rebind_vcpus(Error **errp);
+
+static int map_kvm_run(KVMState *s, CPUState *cpu, Error **errp);
+static int map_kvm_dirty_gfns(KVMState *s, CPUState *cpu, Error **errp);
+static int vcpu_unmap_regions(KVMState *s, CPUState *cpu);
+
 struct KVMResampleFd {
     int gsi;
     EventNotifier *resample_event;
@@ -423,6 +429,82 @@ err:
     return ret;
 }
=20
+static int kvm_rebind_vcpus(Error **errp)
+{
+    CPUState *cpu;
+    unsigned long vcpu_id;
+    KVMState *s =3D kvm_state;
+    int kvm_fd, ret =3D 0;
+
+    CPU_FOREACH(cpu) {
+        vcpu_id =3D kvm_arch_vcpu_id(cpu);
+
+        if (cpu->kvm_fd) {
+            close(cpu->kvm_fd);
+        }
+
+        ret =3D kvm_arch_destroy_vcpu(cpu);
+        if (ret < 0) {
+            goto err;
+        }
+
+        if (s->coalesced_mmio_ring =3D=3D (void *)cpu->kvm_run + PAGE_SIZE=
) {
+            s->coalesced_mmio_ring =3D NULL;
+        }
+
+        ret =3D vcpu_unmap_regions(s, cpu);
+        if (ret < 0) {
+            goto err;
+        }
+
+        ret =3D kvm_arch_pre_create_vcpu(cpu, errp);
+        if (ret < 0) {
+            goto err;
+        }
+
+        kvm_fd =3D kvm_vm_ioctl(s, KVM_CREATE_VCPU, vcpu_id);
+        if (kvm_fd < 0) {
+            error_report("KVM_CREATE_VCPU IOCTL failed for vCPU %lu (%s)",
+                         vcpu_id, strerror(kvm_fd));
+            return kvm_fd;
+        }
+
+        cpu->kvm_fd =3D kvm_fd;
+
+        cpu->vcpu_dirty =3D false;
+        cpu->dirty_pages =3D 0;
+        cpu->throttle_us_per_full =3D 0;
+
+        ret =3D map_kvm_run(s, cpu, errp);
+        if (ret < 0) {
+            goto err;
+        }
+
+        if (s->kvm_dirty_ring_size) {
+            ret =3D map_kvm_dirty_gfns(s, cpu, errp);
+            if (ret < 0) {
+                goto err;
+            }
+        }
+
+        ret =3D kvm_arch_init_vcpu(cpu);
+        if (ret < 0) {
+            error_setg_errno(errp, -ret,
+                             "kvm_init_vcpu: kvm_arch_init_vcpu failed (%l=
u)",
+                             vcpu_id);
+        }
+
+        close(cpu->kvm_vcpu_stats_fd);
+        cpu->kvm_vcpu_stats_fd =3D kvm_vcpu_ioctl(cpu, KVM_GET_STATS_FD, N=
ULL);
+        kvm_init_cpu_signals(cpu);
+
+        kvm_cpu_synchronize_post_init(cpu);
+    }
+
+ err:
+    return ret;
+}
+
 static void kvm_park_vcpu(CPUState *cpu)
 {
     struct KVMParkedVcpu *vcpu;
@@ -511,19 +593,11 @@ int kvm_create_and_park_vcpu(CPUState *cpu)
     return ret;
 }
=20
-static int do_kvm_destroy_vcpu(CPUState *cpu)
+static int vcpu_unmap_regions(KVMState *s, CPUState *cpu)
 {
-    KVMState *s =3D kvm_state;
     int mmap_size;
     int ret =3D 0;
=20
-    trace_kvm_destroy_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu));
-
-    ret =3D kvm_arch_destroy_vcpu(cpu);
-    if (ret < 0) {
-        goto err;
-    }
-
     mmap_size =3D kvm_ioctl(s, KVM_GET_VCPU_MMAP_SIZE, 0);
     if (mmap_size < 0) {
         ret =3D mmap_size;
@@ -551,39 +625,47 @@ static int do_kvm_destroy_vcpu(CPUState *cpu)
         cpu->kvm_dirty_gfns =3D NULL;
     }
=20
-    kvm_park_vcpu(cpu);
-err:
+ err:
     return ret;
 }
=20
-void kvm_destroy_vcpu(CPUState *cpu)
-{
-    if (do_kvm_destroy_vcpu(cpu) < 0) {
-        error_report("kvm_destroy_vcpu failed");
-        exit(EXIT_FAILURE);
-    }
-}
-
-int kvm_init_vcpu(CPUState *cpu, Error **errp)
+static int do_kvm_destroy_vcpu(CPUState *cpu)
 {
     KVMState *s =3D kvm_state;
-    int mmap_size;
-    int ret;
+    int ret =3D 0;
=20
-    trace_kvm_init_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu));
+    trace_kvm_destroy_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu));
=20
-    ret =3D kvm_arch_pre_create_vcpu(cpu, errp);
+    ret =3D kvm_arch_destroy_vcpu(cpu);
     if (ret < 0) {
         goto err;
     }
=20
-    ret =3D kvm_create_vcpu(cpu);
+    /* If I am the CPU that created coalesced_mmio_ring, then discard it */
+    if (s->coalesced_mmio_ring =3D=3D (void *)cpu->kvm_run + PAGE_SIZE) {
+        s->coalesced_mmio_ring =3D NULL;
+    }
+
+    ret =3D vcpu_unmap_regions(s, cpu);
     if (ret < 0) {
-        error_setg_errno(errp, -ret,
-                         "kvm_init_vcpu: kvm_create_vcpu failed (%lu)",
-                         kvm_arch_vcpu_id(cpu));
         goto err;
     }
+    kvm_park_vcpu(cpu);
+err:
+    return ret;
+}
+
+void kvm_destroy_vcpu(CPUState *cpu)
+{
+    if (do_kvm_destroy_vcpu(cpu) < 0) {
+        error_report("kvm_destroy_vcpu failed");
+        exit(EXIT_FAILURE);
+    }
+}
+
+static int map_kvm_run(KVMState *s, CPUState *cpu, Error **errp)
+{
+    int mmap_size, ret =3D 0;
=20
     mmap_size =3D kvm_ioctl(s, KVM_GET_VCPU_MMAP_SIZE, 0);
     if (mmap_size < 0) {
@@ -608,14 +690,53 @@ int kvm_init_vcpu(CPUState *cpu, Error **errp)
             (void *)cpu->kvm_run + s->coalesced_mmio * PAGE_SIZE;
     }
=20
+ err:
+    return ret;
+}
+
+static int map_kvm_dirty_gfns(KVMState *s, CPUState *cpu, Error **errp)
+{
+    int ret =3D 0;
+    /* Use MAP_SHARED to share pages with the kernel */
+    cpu->kvm_dirty_gfns =3D mmap(NULL, s->kvm_dirty_ring_bytes,
+                               PROT_READ | PROT_WRITE, MAP_SHARED,
+                               cpu->kvm_fd,
+                               PAGE_SIZE * KVM_DIRTY_LOG_PAGE_OFFSET);
+    if (cpu->kvm_dirty_gfns =3D=3D MAP_FAILED) {
+        ret =3D -errno;
+    }
+
+    return ret;
+}
+
+int kvm_init_vcpu(CPUState *cpu, Error **errp)
+{
+    KVMState *s =3D kvm_state;
+    int ret;
+
+    trace_kvm_init_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu));
+
+    ret =3D kvm_arch_pre_create_vcpu(cpu, errp);
+    if (ret < 0) {
+        goto err;
+    }
+
+    ret =3D kvm_create_vcpu(cpu);
+    if (ret < 0) {
+        error_setg_errno(errp, -ret,
+                         "kvm_init_vcpu: kvm_create_vcpu failed (%lu)",
+                         kvm_arch_vcpu_id(cpu));
+        goto err;
+    }
+
+    ret =3D map_kvm_run(s, cpu, errp);
+    if (ret < 0) {
+        goto err;
+    }
+
     if (s->kvm_dirty_ring_size) {
-        /* Use MAP_SHARED to share pages with the kernel */
-        cpu->kvm_dirty_gfns =3D mmap(NULL, s->kvm_dirty_ring_bytes,
-                                   PROT_READ | PROT_WRITE, MAP_SHARED,
-                                   cpu->kvm_fd,
-                                   PAGE_SIZE * KVM_DIRTY_LOG_PAGE_OFFSET);
-        if (cpu->kvm_dirty_gfns =3D=3D MAP_FAILED) {
-            ret =3D -errno;
+        ret =3D map_kvm_dirty_gfns(s, cpu, errp);
+        if (ret < 0) {
             goto err;
         }
     }
@@ -2716,6 +2837,16 @@ static int kvm_reset_vmfd(MachineState *ms)
     }
     assert(!err);
=20
+    /*
+     * rebind new vcpu fds with the new kvm fds
+     * These can only be called after kvm_arch_vmfd_change_ops()
+     */
+    ret =3D kvm_rebind_vcpus(&err);
+    if (ret < 0) {
+        return ret;
+    }
+    assert(!err);
+
     /* these can be only called after ram_block_rebind() */
     memory_listener_register(&kml->listener, &address_space_memory);
     memory_listener_register(&kvm_io_listener, &address_space_io);
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552033; cv=none;
	d=zohomail.com; s=zohoarc;
	b=hJBab79uFpoxX+lD30iEXyhjuMXPdD0anw842cpgUcJj1c3+MDgkcYEDF6jc6NibCWOyIPf8ley8eDQw9ADlw8FQ7SdWvbfSOEwQeiF3UNJY4BVInxDADxUbT46fbfxIROtFpG6+K1UqkVqkn3QdrXGJLWSuY36a6h01oHZSEDE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552033;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=QEPt+WowIb7JNUH1z2t2M9hX2SLVHr72KxzuR57IAVY=;
	b=kHlMwrC0HX9K7s+5C9/YWe0KJni3ArMGeYmkNovr76P+AuY09U8fQrf5diRNOl/bOrb7xkeZTX4E+0bp94szMeQvXxr9HYDIldBdEiNpuS0TtM2lS9Z4KjFhN9dqPytLwqw0EoNoRO2PXPUFywSoxkizUIjPn9anTDTvfdOHOco=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552033748228.81679623336106;
 Fri, 12 Dec 2025 07:07:13 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4hk-000295-E9; Fri, 12 Dec 2025 10:05:12 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hh-000288-0H
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:09 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4he-0005v7-K1
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:08 -0500
Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com
 [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-353-Ej1sKfFBNliVaEGjcEklZQ-1; Fri, 12 Dec 2025 10:05:04 -0500
Received: by mail-pl1-f200.google.com with SMTP id
 d9443c01a7336-29f25a008dbso6580815ad.1
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:04 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.00
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551905;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=QEPt+WowIb7JNUH1z2t2M9hX2SLVHr72KxzuR57IAVY=;
 b=Y9nEdc2kjDpiOmK+LNDX9pKO8+Q7hLNl8z4/HexF5v1FqPKYnrTlQqJSAcUqPNXNEJtzOO
 DpFKVOvHLI/QLo8xK3qDK+4CWUcyLZe/bmY1E/OxlNlePZs7aPmEcReFcRO+5+HI63BXX+
 9BpOZQA7wf9x0JaVbiwrdOxeCkHbMus=
X-MC-Unique: Ej1sKfFBNliVaEGjcEklZQ-1
X-Mimecast-MFC-AGG-ID: Ej1sKfFBNliVaEGjcEklZQ_1765551903
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551903; x=1766156703; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=QEPt+WowIb7JNUH1z2t2M9hX2SLVHr72KxzuR57IAVY=;
 b=VS+wnfQbE1DiQXifXFKAwwlT4PCkMaN80ID12+Wk+mGWGHX5xSEQgBO/H7J/tSK6TX
 bQRFhiKxB91endqz+qg84Cxamap0PA76s5mSypL3Qe74CHIurSc71mHFg2SS+3VUuBdc
 dq5otvwHt4/qRVOmtUqUBT0U/i6nl3SCgF36j/IycX/YTqLwHw9CbqdqOxbZC/PstB2w
 Gt2IjGB5RI5Z3akg5T5LeXBTAEjHGTN+V/h1nERt3sYdLIG08bJkRETuMdWiJEBt3Wx1
 zv2BGuk0BmojPAmg9oea1ZNRwrAA9NZkYUR4VTLxObn1HazMArdiMDxzw4XIE7BqgZIZ
 nRsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551903; x=1766156703;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=QEPt+WowIb7JNUH1z2t2M9hX2SLVHr72KxzuR57IAVY=;
 b=AMuZVbIZKm6RzMFxoBBuR067r0bnF5Ua95KuxIBG3IpoZ/FGIQNm8uOusv47rTOmRA
 vl4IbH8ej1s1ZSakDOXpBicY/Y7Yh2ieQN3PgtMJw2vsiZ3CmqDWcHNC0Qe+JLZI/1bI
 /sUPL/HiGM1daXIA6BMqyikQVOug8cyyZaxm+si2X5SrmXXEk0Uyp6Qheml0pHlFK7+D
 +2HncTIYm5+UFFSoVbzIoJ7HLW0w9ZqbpOOEbIKvatL8PBDeK332BB7JdfiDdILOj/1y
 NFexhmO/U+g5SId1SAUAiMsFwEJRN+PRc0s9wAs/FbuHnoJtk1axOV0YpdYpkFceKRZo
 GrSw==
X-Forwarded-Encrypted: i=1;
 AJvYcCUae6aTXVsLMHeeqtjR3cGDZk9CjuXtu7zLef2RIEcBCAq1scIiJL11YJBGtVJe6y++Rd5kep267kdr@nongnu.org
X-Gm-Message-State: AOJu0Yxh4T2sKJm6dGJi5QNa1UDRd1t6nyzSicyRBwiHyvz97SLW2kx1
 fMM4RUBP1aQUPLpUyhitga4ZC3udUQpQUdqJuwfIm8Op+tnIv7XIpZsHy6WUSO0phKPhbTaYOau
 H58rQ83CyZU46Pk5+QnvxbcYl5CSWzxlRP1AVBeOBJ/cfXjsTxhD0ySUW
X-Gm-Gg: AY/fxX7bmOzI9NUNNRRHkHZ1XmflWs3pT1AIvpq1/RO8wjC5HOmNK7A1CAFShpqlx47
 24pEgCNesVcnX/+IH96oWNwdA1uLu+Y/aLcPKdDrGQrYb7Y4HU3XcBJR6Lxh5dUZOPJ7mN/R+qt
 PVgmtapyEDOmhmZDBIQBQScbUJQKWWbNAgjxinG/I0HXPQ8fdFtMdQiHeHJNyxov1QKtIHijlhT
 ZgkOx7/3lPqZUiBY1gmht5e/DWDY+hGNjDF/trNy2x7bHtFXd1SP0EHllwRc852zTeOtXbGrQXZ
 il2iR1+lVddMlnSzNc7YeUm+8+B8Cl9OasTWASfCGYVsMUl4OhuK8u5lrBBiJkPHSMozYbi7muJ
 fl5+UUh8rKksnTvAPQmT+ZNVyvpaxXTu5MD23+CI8Owg=
X-Received: by 2002:a17:903:3bad:b0:290:91d2:9304 with SMTP id
 d9443c01a7336-29f23dd3f75mr20990425ad.4.1765551903319;
 Fri, 12 Dec 2025 07:05:03 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IGFCuDP1WPBimYZnnChi088VUoRgeHW+JpdMIlzKSP9VG3LKJNNtQYHbpwf2LR+NQccXZsDqQ==
X-Received: by 2002:a17:903:3bad:b0:290:91d2:9304 with SMTP id
 d9443c01a7336-29f23dd3f75mr20990085ad.4.1765551902848;
 Fri, 12 Dec 2025 07:05:02 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 12/28] i386/tdx: refactor TDX firmware memory
 initialization code into a new function
Date: Fri, 12 Dec 2025 20:33:40 +0530
Message-ID: <20251212150359.548787-13-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552035926158500
Content-Type: text/plain; charset="utf-8"

A new helper function is introduced that refactors all firmware memory
initialization code into a separate function. No functional change.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/tdx.c | 73 ++++++++++++++++++++++++-------------------
 1 file changed, 40 insertions(+), 33 deletions(-)

diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index dbf0fa2c91..bafaf62cdb 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -295,14 +295,51 @@ static void tdx_post_init_vcpus(void)
     }
 }
=20
-static void tdx_finalize_vm(Notifier *notifier, void *unused)
+static void tdx_init_fw_mem_region(void)
 {
     TdxFirmware *tdvf =3D &tdx_guest->tdvf;
     TdxFirmwareEntry *entry;
-    RAMBlock *ram_block;
     Error *local_err =3D NULL;
     int r;
=20
+    for_each_tdx_fw_entry(tdvf, entry) {
+        struct kvm_tdx_init_mem_region region;
+        uint32_t flags;
+
+        region =3D (struct kvm_tdx_init_mem_region) {
+            .source_addr =3D (uintptr_t)entry->mem_ptr,
+            .gpa =3D entry->address,
+            .nr_pages =3D entry->size >> 12,
+        };
+
+        flags =3D entry->attributes & TDVF_SECTION_ATTRIBUTES_MR_EXTEND ?
+                KVM_TDX_MEASURE_MEMORY_REGION : 0;
+
+        do {
+            error_free(local_err);
+            local_err =3D NULL;
+            r =3D tdx_vcpu_ioctl(first_cpu, KVM_TDX_INIT_MEM_REGION, flags,
+                               &region, &local_err);
+        } while (r =3D=3D -EAGAIN || r =3D=3D -EINTR);
+        if (r < 0) {
+            error_report_err(local_err);
+            exit(1);
+        }
+
+        if (entry->type =3D=3D TDVF_SECTION_TYPE_TD_HOB ||
+            entry->type =3D=3D TDVF_SECTION_TYPE_TEMP_MEM) {
+            qemu_ram_munmap(-1, entry->mem_ptr, entry->size);
+            entry->mem_ptr =3D NULL;
+        }
+    }
+}
+
+static void tdx_finalize_vm(Notifier *notifier, void *unused)
+{
+    TdxFirmware *tdvf =3D &tdx_guest->tdvf;
+    TdxFirmwareEntry *entry;
+    RAMBlock *ram_block;
+
     tdx_init_ram_entries();
=20
     for_each_tdx_fw_entry(tdvf, entry) {
@@ -339,37 +376,7 @@ static void tdx_finalize_vm(Notifier *notifier, void *=
unused)
     tdvf_hob_create(tdx_guest, tdx_get_hob_entry(tdx_guest));
=20
     tdx_post_init_vcpus();
-
-    for_each_tdx_fw_entry(tdvf, entry) {
-        struct kvm_tdx_init_mem_region region;
-        uint32_t flags;
-
-        region =3D (struct kvm_tdx_init_mem_region) {
-            .source_addr =3D (uintptr_t)entry->mem_ptr,
-            .gpa =3D entry->address,
-            .nr_pages =3D entry->size >> 12,
-        };
-
-        flags =3D entry->attributes & TDVF_SECTION_ATTRIBUTES_MR_EXTEND ?
-                KVM_TDX_MEASURE_MEMORY_REGION : 0;
-
-        do {
-            error_free(local_err);
-            local_err =3D NULL;
-            r =3D tdx_vcpu_ioctl(first_cpu, KVM_TDX_INIT_MEM_REGION, flags,
-                               &region, &local_err);
-        } while (r =3D=3D -EAGAIN || r =3D=3D -EINTR);
-        if (r < 0) {
-            error_report_err(local_err);
-            exit(1);
-        }
-
-        if (entry->type =3D=3D TDVF_SECTION_TYPE_TD_HOB ||
-            entry->type =3D=3D TDVF_SECTION_TYPE_TEMP_MEM) {
-            qemu_ram_munmap(-1, entry->mem_ptr, entry->size);
-            entry->mem_ptr =3D NULL;
-        }
-    }
+    tdx_init_fw_mem_region();
=20
     /*
      * TDVF image has been copied into private region above via
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552040; cv=none;
	d=zohomail.com; s=zohoarc;
	b=H/syKQVzkB6hbM7+vm2zdlbpJ3XpRKjJo8Bb9J2Ca8jMFIrEB4+pyor6siebgr92OXnZX49u6luYhm4ykEGVL9uXI0ZN6sBgVPd4B7z00of6EiRab8QjG45bMeEntDQCXw+LSj/ycA+Lr5UkX1qIYQsNjOqIXNgUv7un1dffeU4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552040;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=oEIEJzPUM8lszorjY76ZFvjs6ACj0dKr14L1nFW+0jg=;
	b=A0xtT/rYmE7VsdmmssCBluw98fmwuJ7oB742Pmdb4b2s+E52UPvF6O8RthS8CzM2smunmzVP8Y37pYDtzVN/Ij1Nd3gjSBgPMVPpsP2Pg2pU4in7BhmFl7/l0vZE6HfOY+OAn5Wmwzbnt1oVoPlzloOzCQVvukDyOi5MDIoLO2Y=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552038203681.5523434323283;
 Fri, 12 Dec 2025 07:07:18 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4i5-0002YT-Cw; Fri, 12 Dec 2025 10:05:33 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hn-0002Fe-A5
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:20 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hl-00062w-N3
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:15 -0500
Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com
 [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-487-nGBj8aMFP-i1ih8c6RjdFA-1; Fri, 12 Dec 2025 10:05:10 -0500
Received: by mail-pl1-f199.google.com with SMTP id
 d9443c01a7336-29f29ae883bso7076255ad.3
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:10 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.03
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551913;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=oEIEJzPUM8lszorjY76ZFvjs6ACj0dKr14L1nFW+0jg=;
 b=TRzNiVyp9W4xfv5pbbZuzFFaG1YBfuqQ61OJUTVYrsJHzztDU/G1irnxF+BxyxjTvX537E
 pTNUFNPr9PM9oDo2vjBjdQT8vWzkCGRJOq3zKB2wvHmILtgEOKQU0uLdFYCJaU8Lz0NbcB
 4rSM0t76KwpHHnCCh0Rcc0WkE//XDkQ=
X-MC-Unique: nGBj8aMFP-i1ih8c6RjdFA-1
X-Mimecast-MFC-AGG-ID: nGBj8aMFP-i1ih8c6RjdFA_1765551910
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551910; x=1766156710; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=oEIEJzPUM8lszorjY76ZFvjs6ACj0dKr14L1nFW+0jg=;
 b=GR5VLnSN2eR98d+/18fQvtW6vnJnwvc92PaCCBVraE9RhYU2UVdtUkkt4cnIoHDVVF
 7MpYFhiMBLKRNiP+zxovslQDhiy5cNn5s0BVBaPqHl2/XOFvBhqZnxuaWYdji5XQMjaP
 UOpUnoWbPNcA6K5hR/PRh2nGW0Ky01u8Od6V2jcwY7LoEEOCw1E2vH4Me/AWxuQ79EU1
 Tbm9r+2+RnOxupd5sWVqAfSUVzr35+7WD1N/GJu/x1vgU8b+xe9VrPiSlzRwm1n3dqTh
 TgFTU+ayyuiWEn9CR9ch6hd0k8zU1gdYHDzuZxpirqhfZJdBYleaVvBnobPzO5HHraDq
 9fyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551910; x=1766156710;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=oEIEJzPUM8lszorjY76ZFvjs6ACj0dKr14L1nFW+0jg=;
 b=Lqq/pMENZ2OvNJeXFwcU2w1IiHPHfOgAtldpOsO1FNwp0AAPAWp8+kLK1vfPMRWbhn
 QxLt2IMyeMCBmMJXaQ5GBMh/eNo9A8mcn2YiwUo4ea/LTTs/DTw0T5Zkt7RtfImBsiQN
 oCmSkFQIxTf/Ax/0yNyntPnhPOS/p7tWDOXVV41u5h4cScZWfmmixN8+AY/9V2n8Qjl0
 nb+pAM2aeAYJMKrOlJcdw84otP1K4qwtS6WpGeqPz0PBdHyRtoab+UCvCcTAI8960NxD
 6CdTFrSlEYqIxPZx5ROUFEgGiz0g8no5AOycIAy4dK+jm3s5rQJngCqHd4bg1254qj2p
 lrEQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCUscJyD7CRI4Fy2S/pYvUePGRp9+J0ptrkJV8evkaTPd5HVwH+AL9SfBgnQmeTvIcc7TlFjs8X6IPGl@nongnu.org
X-Gm-Message-State: AOJu0Yx0ntPy3TcbPHWqJLSSRd+Hs6V1AmxJc6rq6zSiiXvQQAdzDDOq
 tD9rHDl9AoqUTyrLjJECf3qUADiV7z+Ngn6ugcol9urZxy7uwyal5rEwMpKcuMvWylteRtOdwqG
 uZtXBDQ2MVJUZHhL0Inh+osd4Z0RCcGtOTT8AAFy7Rf0iLIsF8jgf3kHn
X-Gm-Gg: AY/fxX6MOllCJXlGZa1unzFkbD8C93F9V00Zowh2xTCMAiI7x6pgpl3MVDoYNhcIrVk
 JvMmuK6fiFRBy4PN+AZXO4FGnQDf3GuxLj3Px1CaWsAacWhUIJJAGDXITylncK8dVs04oF+1wFY
 DViiSwUZ8IO8bvy1uvSngonGNXWub7BXHu9RieBnIsVoVQxdVJkLn2FXfXo6kKIU305814he2HO
 WPgvIZSOIXcxv+CIgISgNrFC1eqhhYyeTGf+UvZrCFn90j6j2BuGOyh7S5cgTMB0A98kt6+KbMA
 WV1glabqurd+kOJlASzEhTPgjeQCjPuoWgH7TbJ3EDF4Ffvd1wfLADqOgYwQTb3kyn+Y0PazFCO
 Xri0N+dHxES/5LtIma3KkvMJi9xD0lZ3Hq/l9PTwXzc0=
X-Received: by 2002:a17:903:244a:b0:295:fc0:5a32 with SMTP id
 d9443c01a7336-29f26ceb95bmr19881655ad.3.1765551909578;
 Fri, 12 Dec 2025 07:05:09 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IET9ImeOBpvT3cnvF8vtwzmhT6W/Ab/9Nek/sYkQoLeG9AkBTnkGRFc8OBeHTEwi3vM/PO5yg==
X-Received: by 2002:a17:903:244a:b0:295:fc0:5a32 with SMTP id
 d9443c01a7336-29f26ceb95bmr19877865ad.3.1765551905720;
 Fri, 12 Dec 2025 07:05:05 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 13/28] i386/tdx: finalize TDX guest state upon reset
Date: Fri, 12 Dec 2025 20:33:41 +0530
Message-ID: <20251212150359.548787-14-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552043972158500
Content-Type: text/plain; charset="utf-8"

When the confidential virtual machine KVM file descriptor changes due to the
guest reset, some TDX specific setup steps needs to be done again. This
includes finalizing the inital guest launch state again. This change
re-executes some parts of the TDX setup during the device reset phaze using=
 a
resettable interface. This finalizes the guest launch state again and locks
it in. Also care has been taken so that notifiers are installed only once.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/tdx.c | 39 +++++++++++++++++++++++++++++++++++++--
 target/i386/kvm/tdx.h |  1 +
 2 files changed, 38 insertions(+), 2 deletions(-)

diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index bafaf62cdb..1903cc2132 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -19,6 +19,7 @@
 #include "crypto/hash.h"
 #include "system/kvm_int.h"
 #include "system/runstate.h"
+#include "system/reset.h"
 #include "system/system.h"
 #include "system/ramblock.h"
 #include "system/address-spaces.h"
@@ -389,6 +390,19 @@ static void tdx_finalize_vm(Notifier *notifier, void *=
unused)
     CONFIDENTIAL_GUEST_SUPPORT(tdx_guest)->ready =3D true;
 }
=20
+static void tdx_handle_reset(Object *obj, ResetType type)
+{
+    if (!runstate_is_running()) {
+        return;
+    }
+
+    if (!kvm_enable_hypercall(BIT_ULL(KVM_HC_MAP_GPA_RANGE))) {
+        error_setg(&error_fatal, "KVM_HC_MAP_GPA_RANGE not enabled for gue=
st");
+    }
+
+    tdx_finalize_vm(NULL, NULL);
+}
+
 static Notifier tdx_machine_done_notify =3D {
     .notify =3D tdx_finalize_vm,
 };
@@ -689,6 +703,7 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs, =
Error **errp)
     X86MachineState *x86ms =3D X86_MACHINE(ms);
     TdxGuest *tdx =3D TDX_GUEST(cgs);
     int r =3D 0;
+    static bool notifier_added;
=20
     kvm_mark_guest_state_protected();
=20
@@ -736,8 +751,10 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs,=
 Error **errp)
      */
     kvm_readonly_mem_allowed =3D false;
=20
-    qemu_add_machine_init_done_notifier(&tdx_machine_done_notify);
-
+    if (!notifier_added) {
+        qemu_add_machine_init_done_notifier(&tdx_machine_done_notify);
+        notifier_added =3D true;
+    }
     tdx_guest =3D tdx;
     return 0;
 }
@@ -1503,6 +1520,7 @@ OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest,
                                    TDX_GUEST,
                                    X86_CONFIDENTIAL_GUEST,
                                    { TYPE_USER_CREATABLE },
+                                   { TYPE_RESETTABLE_INTERFACE },
                                    { NULL })
=20
 static void tdx_guest_init(Object *obj)
@@ -1536,20 +1554,37 @@ static void tdx_guest_init(Object *obj)
=20
     tdx->event_notify_vector =3D -1;
     tdx->event_notify_apicid =3D -1;
+    qemu_register_resettable(obj);
 }
=20
 static void tdx_guest_finalize(Object *obj)
 {
 }
=20
+static ResettableState *tdx_reset_state(Object *obj)
+{
+    TdxGuest *tdx =3D TDX_GUEST(obj);
+    return &tdx->reset_state;
+}
+
 static void tdx_guest_class_init(ObjectClass *oc, const void *data)
 {
     ConfidentialGuestSupportClass *klass =3D CONFIDENTIAL_GUEST_SUPPORT_CL=
ASS(oc);
     X86ConfidentialGuestClass *x86_klass =3D X86_CONFIDENTIAL_GUEST_CLASS(=
oc);
+    ResettableClass *rc =3D RESETTABLE_CLASS(oc);
=20
     klass->kvm_init =3D tdx_kvm_init;
     x86_klass->kvm_type =3D tdx_kvm_type;
     x86_klass->cpu_instance_init =3D tdx_cpu_instance_init;
     x86_klass->adjust_cpuid_features =3D tdx_adjust_cpuid_features;
     x86_klass->check_features =3D tdx_check_features;
+
+    /*
+     * the exit phase makes sure sev handles reset after all legacy resets
+     * have taken place (in the hold phase) and IGVM has also properly
+     * set up the boot state.
+     */
+    rc->phases.exit =3D tdx_handle_reset;
+    rc->get_state =3D tdx_reset_state;
+
 }
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
index 1c38faf983..264fbe530c 100644
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@@ -70,6 +70,7 @@ typedef struct TdxGuest {
=20
     uint32_t event_notify_vector;
     uint32_t event_notify_apicid;
+    ResettableState reset_state;
 } TdxGuest;
=20
 #ifdef CONFIG_TDX
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765551995; cv=none;
	d=zohomail.com; s=zohoarc;
	b=VXAM5Qr0QNDKnGXVfQZfQB0zo+lTjFP4+7vJWgux7OTL/kGlNJGJy6Xf6oHP03h5QuASwDVhWeM1TiGjYDLAZXJSsuscwdLnZqNDMnWJ7+A/0bvNDYpCC2i2xIYhs4gqr3+UZzlpElHHl0+8rVcd1fuhsbkC0mHarPbIKZgI2GA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765551995;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=moaOxubZcgOMwtmXzfQMaVBqmlmt2o6MG1/+E7uthig=;
	b=egpcKrdl2JuYD7Cm/QzCrmEH2okfs+2rPe3YsVUx7lAaQVLRojJXZwKTOWhX60Z1QHP7bgu2GziVwEqkPFm4KVoQju1FlGtiannfxnUJIP11e4CG55xzaJEOfZa7ARRiqXtL5lbY3Wm4chFi3DbfV9UBr3CmFRM4wB1vPyVDx7Q=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765551995663610.4083407154692;
 Fri, 12 Dec 2025 07:06:35 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4i3-0002WD-W2; Fri, 12 Dec 2025 10:05:32 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hl-0002Dv-KE
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:14 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hj-00062R-Vd
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:13 -0500
Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com
 [209.85.214.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-686-DvnSD0alMV6PyOhhL2we3A-1; Fri, 12 Dec 2025 10:05:10 -0500
Received: by mail-pl1-f198.google.com with SMTP id
 d9443c01a7336-29f177f4d02so18928025ad.2
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:09 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.06
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551911;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=moaOxubZcgOMwtmXzfQMaVBqmlmt2o6MG1/+E7uthig=;
 b=YK9zvfmYY5E4hb7YXrZjAzfMYEHrr0y83PngWecn4vid2/il9gBiF6r1nsGdQk9WWgaYOz
 MX5u1WJa0z1WHtdHqqbKt/IYsT3wQI/m7b9bFYkZ6PRPEo4Eb+K5gNvuOX05PI9o6MEAHN
 hlCou588c2m5dWeNxxYaakdYG67yWk8=
X-MC-Unique: DvnSD0alMV6PyOhhL2we3A-1
X-Mimecast-MFC-AGG-ID: DvnSD0alMV6PyOhhL2we3A_1765551909
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551909; x=1766156709; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=moaOxubZcgOMwtmXzfQMaVBqmlmt2o6MG1/+E7uthig=;
 b=kO4W66qrng7pEfQFhvKaHOElzx99befEcejpFoDbAAu6dRBdIb6K99op27GQ0CJiVv
 EiBzXB588vdILMV15/S2OgkiWFlD8SUddRq3jv2w95N56AUH1uypO7QpywC3TcySZu0D
 H2e0KQuMyLeoqsRq1M8QkeBr/yv3AAQpP7DkSkrOp3kS28AbFzmP4ATLzAwlXKx+Qmq5
 6TMiulQaPye3TJUSnMdUZG7hTM61O0Qo4mcv8mfgFBurQIt+OS8/NJNMOXs/CSiZUaaG
 lzflgF+zyUm/KqiPdonD+ZA8+3jyxr7fuh9ijOpffr3PKh6oM5DdTITP9SkS0svdt5wG
 IyGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551909; x=1766156709;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=moaOxubZcgOMwtmXzfQMaVBqmlmt2o6MG1/+E7uthig=;
 b=GEEoMvNN8iZseyqbkqZEVh2+i3fzCfKBWZXW1A/SRCi6IWjhSx5EJJiPlPTPK3gXDJ
 jUX+edtrwqpenqMJUUFtV5fc2qI8/txl9dVXnwuhGR1xNDxqMyBbjp+PfBKe1NbpZBZK
 27a7ery/OH6piTnLhF/5WKlmItwr1B4FKUJqLXDtDB1aaTKzbX5wYQjDeZrEUMMfcbSB
 zu3rWp2Fdd+1cQrVMeNkqn9ytmxwfF2IS7ygexGS69+DRiXGUn9eDH/+1qdHwkblqhtu
 cH3hG4q8SrhjvuEGB63oPxMEPLPT9zkH2GjPqbdq8174YTzhs2ZILbpMYWg6JSeAJ0/p
 sPgA==
X-Forwarded-Encrypted: i=1;
 AJvYcCUax9emD+beih8cK2dhJAhxCjtHcPYPY7PE2pI51Rpz5SXT2wfYwVkei1XYoMs9u98rbHNQLwxAs4es@nongnu.org
X-Gm-Message-State: AOJu0YzbTf54HwLRLvziNvnLHS3zcUinx+ftMh1mo2LqcSIIMVuS7N4w
 jnrNs0AyfD0uPJgrmi4roWd72dB1rO+eVBI72DU2FDmQqIHcoazMgWEp5X9Pj8xwGEH0ivZArI4
 kpfrZF4dxfPwoWOpJt71nBf4OIsP+Jg3A1Sb5XMNELKc/VhMCJ5/uVxPo
X-Gm-Gg: AY/fxX43qNtwnyEpsg7TTLSkb96l5AubGO8csJXhn7dfgG5Fx1C85Fi116Ixh3ecBJI
 ev+FRHrDKVCkVNG1jGWr65tdxKCuwwcByAZaD3yZTnp5A39OF6F2kVp7GomNzgeHxmpJgG6XsKh
 tmwBWjLiSKYmFkCkzg4g1lrq2u71QoP4cajhcrKO5sYPRVLjoLrVFqDpMR7442mBbLYHbhg09Hh
 PMJAYfoJPChhvObanczS/7kH5/nx1sj2PD1ktQIujGzRZrOCWtG77do9AcnbGbmgXJtyghmntSL
 92YL5Y9S4JeGzV+qysNwmpmIxJ3YHlZQ1MfOrhhv4qTnhVUqq7xWGD4UPf+IBhLvwbA08iUdVPR
 hQ8E9/9nqZ4nRSFGMaEW1vmXivhg79Hbm4DDcGh5Bm78=
X-Received: by 2002:a17:902:ef46:b0:294:f711:baa with SMTP id
 d9443c01a7336-29f23b13d60mr27391345ad.2.1765551909052;
 Fri, 12 Dec 2025 07:05:09 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IHC3l5KfoTIzBOvCIgz4vOJbuTkx8ffSsBoioMNy7dyeW+kG8f/r8DTTvFFJOZadKbmgFTs8Q==
X-Received: by 2002:a17:902:ef46:b0:294:f711:baa with SMTP id
 d9443c01a7336-29f23b13d60mr27390725ad.2.1765551908487;
 Fri, 12 Dec 2025 07:05:08 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 14/28] i386/tdx: add a pre-vmfd change notifier to reset
 tdx state
Date: Fri, 12 Dec 2025 20:33:42 +0530
Message-ID: <20251212150359.548787-15-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552001699158500
Content-Type: text/plain; charset="utf-8"

During reset, when the VM file descriptor is changed, the TDX state needs t=
o be
re-initialized. A pre-VMFD notifier callback is implemented to reset the old
state and free memory before the new state is initialized post VM-fd change.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/tdx.c | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 1903cc2132..b6fac162bd 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -403,6 +403,32 @@ static void tdx_handle_reset(Object *obj, ResetType ty=
pe)
     tdx_finalize_vm(NULL, NULL);
 }
=20
+/* TDX guest reset will require us to reinitialize some of tdx guest state=
. */
+static int set_tdx_vm_uninitialized(NotifierWithReturn *notifier,
+                                    void *data, Error** errp)
+{
+    TdxFirmware *fw =3D &tdx_guest->tdvf;
+
+    if (tdx_guest->initialized) {
+        tdx_guest->initialized =3D false;
+    }
+
+    g_free(tdx_guest->ram_entries);
+
+    /*
+     * the firmware entries will be parsed again, see
+     * x86_firmware_configure() -> tdx_parse_tdvf()
+     */
+    fw->entries =3D 0;
+    g_free(fw->entries);
+
+    return 0;
+}
+
+static NotifierWithReturn tdx_vmfd_pre_change_notifier =3D {
+    .notify =3D set_tdx_vm_uninitialized,
+};
+
 static Notifier tdx_machine_done_notify =3D {
     .notify =3D tdx_finalize_vm,
 };
@@ -753,6 +779,7 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs, =
Error **errp)
=20
     if (!notifier_added) {
         qemu_add_machine_init_done_notifier(&tdx_machine_done_notify);
+        kvm_vmfd_add_pre_change_notifier(&tdx_vmfd_pre_change_notifier);
         notifier_added =3D true;
     }
     tdx_guest =3D tdx;
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552073; cv=none;
	d=zohomail.com; s=zohoarc;
	b=aX7c6FEIeARL7Jg1df4qruDYOhfPAdi32JkWpncaQbuKJf23E1ENxOd4VoyPxcBFrT7OUQb3bZYFteNZxLB7lWqWmZtEN4t4JUQ9lVIS8eTxU8R1G0wT/cxWjZ/DMIZIr7lL9Wo2ZTxusTdfENIJnjWYEWzdTGyzYP7y2NLU8cc=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552073;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=LsdNlrFz9EGrun/Uh+cGSSljZDj/Qg580O6DUWM5YJw=;
	b=DL7DKSo1t7JwEh5aDBVUJ4vFNYckvyCpjgsu8MGZzwJ+WZbgdqgOc0GzUcV8ZefzJ9G2TMvhrdRDhERrFyDThuR9nPN/zcKTdAE2Wd+P9NlH7w2+Jv8IMQJQJGyc8yEh4j0c3c6sCtPATm1txJmejOCCzb33L/hxxirf9hGv1uc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552073550595.3768585203185;
 Fri, 12 Dec 2025 07:07:53 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4i6-0002fq-H3; Fri, 12 Dec 2025 10:05:34 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hr-0002Hc-KG
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:20 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hp-00063a-6A
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:19 -0500
Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com
 [209.85.214.197]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-156-AzWvr069MVmNF5Sy5I2yaA-1; Fri, 12 Dec 2025 10:05:13 -0500
Received: by mail-pl1-f197.google.com with SMTP id
 d9443c01a7336-29f2381ea85so12940605ad.0
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:13 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.08
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551915;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=LsdNlrFz9EGrun/Uh+cGSSljZDj/Qg580O6DUWM5YJw=;
 b=VJXV0cbZ4/38EqgeSeyb0gkuzF2BT+BGmDEprqeguWGumngCklpwYgeRzmIN+2uWUj5JDm
 7i0JeqUIqETTt/+SBhgywWL7m3+wFKS87D7hEh0moYyDD5CP46kOuO8NBjQsSYDXLnA/HK
 w7pp7vnS7/1EQ35fO1On4W1lZjRCV1I=
X-MC-Unique: AzWvr069MVmNF5Sy5I2yaA-1
X-Mimecast-MFC-AGG-ID: AzWvr069MVmNF5Sy5I2yaA_1765551912
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551912; x=1766156712; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=LsdNlrFz9EGrun/Uh+cGSSljZDj/Qg580O6DUWM5YJw=;
 b=SU+ZPYuhXdw+MqNVgMyitUKU8nCXScT378V9GZoVow0DQlauU6YWgbRyogmUBq78GT
 1aE1b7gMe6pXolkkmx4qt/M3WHgZCMpjNciMyEwZGUzCXnAQes+HWHfuN8GP9SmAwmKn
 TMlHPjV3wAIAqdSj/xay453lpvZ1yHeit447pdfe0wjizPEPH+l33hfSvTj1f87+ykgG
 MXIsjIEsApnM5dbyKNlDXU9/oagDywgcwnh5tm/DwNATMbzpErE0ZCYU2tsjj7vpUpOQ
 soeGf0eGuwETQzYWsuFxBnPotSmtAgQhG3oSzBMJUwsEAQqiqKI6iwG4GCz+RM+dgU6T
 AUAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551912; x=1766156712;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=LsdNlrFz9EGrun/Uh+cGSSljZDj/Qg580O6DUWM5YJw=;
 b=rrIoag1Exuj3AUFaz/L5iTAp9B2mBMeDiMPU+s9VLF8RZbz039iy5cYft2j6Ia8x/B
 TlOlqDi6P23KigCQQmPfJ/t1E4jfphTk9PuLuWgEhscUG/I/vsp6EgcDe57hIAWfegyr
 13DanQyQAOONrRYPAN1zl/GTnfk32iznCXvGT1fsOUxLsrwfqtTLzScC9LTy6NFJocXT
 AE2gYWgC68SWK4Q6PDcjnXXKAg/vs6v9S5qHPnMvwDBIdJkxzxPHB78VDIvNNEeghlJL
 nNfJjhD1z7Qje0TzA2KEKvZzqj/Dwuqguh5xr4TIHcinwopp6UMH05r5rslL6n7GDZtm
 jlaw==
X-Forwarded-Encrypted: i=1;
 AJvYcCXqem+snMF6U6zU/0pPn49KtZ8XUklh6t5WMhALynvoTDTWES8kJDbdmMavETV0ttZdRcexPpPDETVL@nongnu.org
X-Gm-Message-State: AOJu0Yyrkzepm/xeJvRK1ckN04wykM/ecxVOOHjeM66xB58Aqr7LRhBL
 E5Oly07b3r4ayX23t+j5AjSbPEDlPuVtsXahNY5gdnNpt8g5tKwU/No0rO/NhDl28Tw3eeuRWve
 Y8XUVYwFc5YPKWnKseoGvFPMvuADD5Yaz70WPb/qzf5rygNZEjgz3Hgqy
X-Gm-Gg: AY/fxX6A2tF39Fq8pra2SjluL750cHheHwkhWhDHjdQ+RZgYyiJ4USzmsRB+IsBOzV0
 EUG8+YLitwPhqpUFGOOhU9Zzcvmt/lKSog/nfb2Pbd3V29pFsGEFoKHx2ynXHiWZb6nZqdILrzh
 9N1x/mJTwMblpk5skn3pCEVpX6lKnCNra6O07M8D7GJ1TO+3VLU67ilfxor/rUGCmPNPnS2bII8
 8h4H8gAgkMRzaaeAWXSzYF47Jr+N5JTvrx9lGuHs2bMnvcEp5WmyQ+FJYgTMfHR/ShLnffk7Fqq
 8xOqWWpn1OJon/zK9L+Kavk8tg/TFfSO78iDz2qqAP9NElL1DgpPrtkyvjL4Tpph5FOW/geQtwb
 c/awkA9Je0eo22udEgSLW6P52cydLPy2ditk8gvxYo5E=
X-Received: by 2002:a17:902:ebc2:b0:262:9c4:5470 with SMTP id
 d9443c01a7336-29f2404b199mr28726295ad.28.1765551911996;
 Fri, 12 Dec 2025 07:05:11 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IEkoxBLlDC0IBA4TUcGuzRYGD7mbavLzDucIBkcmhvL5++uimoBU2V3fxAkUHD3REawLNk6eg==
X-Received: by 2002:a17:902:ebc2:b0:262:9c4:5470 with SMTP id
 d9443c01a7336-29f2404b199mr28725795ad.28.1765551911481;
 Fri, 12 Dec 2025 07:05:11 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Zhao Liu <zhao1.liu@intel.com>,
 Marcelo Tosatti <mtosatti@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 15/28] i386/sev: add migration blockers only once
Date: Fri, 12 Dec 2025 20:33:43 +0530
Message-ID: <20251212150359.548787-16-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552074125158500
Content-Type: text/plain; charset="utf-8"

sev_launch_finish() and sev_snp_launch_finish() could be called multiple ti=
mes
if the confidential guest is capable of being reset/rebooted. The migration
blockers should not be added multiple times, once per invocation. This chan=
ge
makes sure that the migration blockers are added only one time and not every
time upon invocvation of launch_finish() calls.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/sev.c | 30 +++++++++++++++++++-----------
 1 file changed, 19 insertions(+), 11 deletions(-)

diff --git a/target/i386/sev.c b/target/i386/sev.c
index fd2dada013..9a3f488b24 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -1409,6 +1409,7 @@ static void
 sev_launch_finish(SevCommonState *sev_common)
 {
     int ret, error;
+    static bool added_migration_blocker;
=20
     trace_kvm_sev_launch_finish();
     ret =3D sev_ioctl(sev_common->sev_fd, KVM_SEV_LAUNCH_FINISH, 0,
@@ -1421,10 +1422,13 @@ sev_launch_finish(SevCommonState *sev_common)
=20
     sev_set_guest_state(sev_common, SEV_STATE_RUNNING);
=20
-    /* add migration blocker */
-    error_setg(&sev_mig_blocker,
-               "SEV: Migration is not implemented");
-    migrate_add_blocker(&sev_mig_blocker, &error_fatal);
+    if (!added_migration_blocker) {
+        /* add migration blocker */
+        error_setg(&sev_mig_blocker,
+                   "SEV: Migration is not implemented");
+        migrate_add_blocker(&sev_mig_blocker, &error_fatal);
+        added_migration_blocker =3D true;
+    }
 }
=20
 static int snp_launch_update_data(uint64_t gpa, void *hva, size_t len,
@@ -1608,6 +1612,7 @@ sev_snp_launch_finish(SevCommonState *sev_common)
 {
     int ret, error;
     Error *local_err =3D NULL;
+    static bool added_migration_blocker;
     OvmfSevMetadata *metadata;
     SevLaunchUpdateData *data;
     SevSnpGuestState *sev_snp =3D SEV_SNP_GUEST(sev_common);
@@ -1655,13 +1660,16 @@ sev_snp_launch_finish(SevCommonState *sev_common)
     kvm_mark_guest_state_protected();
     sev_set_guest_state(sev_common, SEV_STATE_RUNNING);
=20
-    /* add migration blocker */
-    error_setg(&sev_mig_blocker,
-               "SEV-SNP: Migration is not implemented");
-    ret =3D migrate_add_blocker(&sev_mig_blocker, &local_err);
-    if (local_err) {
-        error_report_err(local_err);
-        exit(1);
+    if (!added_migration_blocker) {
+        /* add migration blocker */
+        error_setg(&sev_mig_blocker,
+                   "SEV-SNP: Migration is not implemented");
+        ret =3D migrate_add_blocker(&sev_mig_blocker, &local_err);
+        if (local_err) {
+            error_report_err(local_err);
+            exit(1);
+        }
+        added_migration_blocker =3D true;
     }
 }
=20
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765551995; cv=none;
	d=zohomail.com; s=zohoarc;
	b=BC+DZP24MtWyfymTfPr80ycgl0jHFmjn5AcXFGCUn3Z5rTkCgrMMAWCxO3sGVD8lzrrocj1pCRR5h1q7UMpR09MFtPYjDBzQPEfUwxHrV8P6C2xR4+2r0S/Axsx4gA6jNEXAF9HPE/mg3oRtvGaojU6+IV955HHeOQJWeV74hEI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765551995;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=W1D9QAx3RYKk+TBo6axZVKqP/pAZIQxzOmmqfA8IeuY=;
	b=PqgIJV442qMht29mZAOb5WsP9BppxtHJTPJ/9XXQESNKbOL8/fNSljfjoL89KeFj8TbSvfem7Oi+deHzBv9M5x9C/A/w5dXmquxg+rY1UDO6HGyS6Mp1irx1ik01Fqxu4WZWA4jJoh3mU/D0TnENBvSBunw2cbriArXSJOnn4Ao=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765551995745102.27140720196553;
 Fri, 12 Dec 2025 07:06:35 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4i6-0002dn-4I; Fri, 12 Dec 2025 10:05:34 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4i0-0002JF-Kp
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:30 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hv-00064N-BA
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:24 -0500
Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com
 [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-326-sYbKolKEPW-hhHRXQ4CY3A-1; Fri, 12 Dec 2025 10:05:19 -0500
Received: by mail-pl1-f200.google.com with SMTP id
 d9443c01a7336-295952a4dd6so13072185ad.1
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:18 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.11
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551920;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=W1D9QAx3RYKk+TBo6axZVKqP/pAZIQxzOmmqfA8IeuY=;
 b=ZgBs001qoQ9x6yTw4wEv3j3LE5Rq6cPfOkJhgnYvZL4BtKBIFEPE9Xg13hgXxETkAAhTxA
 cGk7IMjPBC0CuK1kf/wUbI1IGADtV2Vf8FLX4cFle4T0XabJadSKL/XBc5877HsRZwMZUW
 SqMkp5K+L6aQNxdMj1kGMl3DqC45VpE=
X-MC-Unique: sYbKolKEPW-hhHRXQ4CY3A-1
X-Mimecast-MFC-AGG-ID: sYbKolKEPW-hhHRXQ4CY3A_1765551917
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551917; x=1766156717; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=W1D9QAx3RYKk+TBo6axZVKqP/pAZIQxzOmmqfA8IeuY=;
 b=mw+jVJ+/59YZHKLEoE0go91b6fWj8SPPzWrLiHxH5Ft1wrGreKJor/tZ2hwZw02/Fy
 RcyqYcS9RcHZ3cNqo9SlsJe0amLywWhbMqvA+BlITApiJJDHpl4tNZ7xq2CazSGMZrkd
 +jfDfUkfNxa8MtOPFXY1a5QRtZpjC72kDx/lh9B2BICZSiDDBXfAB8r9qhcSirc27Uss
 +02DBF/NjUha3Md99baHt1tjXbQh/G92qVck+CUXAK3J1xCVXjmS/CG68uaheyckAAJ9
 1bwRXcc7SFBLc40olYx/64lGFbuxT2lQIVSyqStlh7tM28akNTG+Hk3wAsWc2psFby35
 FF4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551917; x=1766156717;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=W1D9QAx3RYKk+TBo6axZVKqP/pAZIQxzOmmqfA8IeuY=;
 b=egSW3hzH31/WflM4qlXcH8BjEBQ02D3gMzTawSJYpw1gy6LGzREKfOSmSwJFN9bXg/
 L3NNMAlUD5C1osMRQcUW9Xd893J7NMps8drGbj7P+Eov7Ls80T7G3FQFF2lK6X+Jd69g
 TWbE9eUdNXxF1ZBBQH21eajmbI6GBflZ6uTpy7v4TMjAnugz0TL1/005br8iETwO5Oqc
 a1ydXN/A4z0zoQdLoNCn0Ec1ZA03thhjfzNggcrTXoXVW+vJ0TVCpUC2dvUHn5801mft
 gJUxL+YUYSaI+DPkp5W1nrF8nWQzk03VjDb8Sms3ifg/60dYgIfhS8vQQLZzRUQJqQnf
 LtTQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCX5K+YkM4VIuCE52bBPrLDS34ekQVx/rlPa4fxz8v+xvQ2L/wyUmwkwZt9Z9nI3l+3aPqJUZ5FAyOSw@nongnu.org
X-Gm-Message-State: AOJu0Yzl6l9EaOX3kUE/+q7XGJtmWjgfuSX/XOgFZdajRgwoKqC2Wzup
 Mix6o/68PiAiGj0BVDG6agoldY3Az0ub7+YcyshGBA1tGkbvuiQt1B+kqTWkVPsjl7OWCElizbZ
 yKnQ7BnnlWSV23CqizIE5k9yR5PGxAV690KZgCJbBCxbc7ommecTEk+saKpghHWeH
X-Gm-Gg: AY/fxX56MJBCSi8EltYsT4Kt53Lri5PbJvPc5mV5MkMqKnVBXv6a+aRT2KDFh2x1UcL
 jJoPGWa4iL8cboiStoksZWF3M/aF7EwSK2WyUqqbGbdAaz3OcR09hiO9xyf/958QAeyliIrSexv
 wKr1qJ3sEUj01XkPl0GCcPMIOdtftZXgEe1fjt0nOeTE3RMYD5KIr5VU0pzNp0YrM1TxlcjKVAI
 b5QfmvBqFDjmmFBYZBAZT6dFGGM8AhuiFdQKTy8Dg5PPkajXQ4G8PZBhVh48OivBw3rC2yWyNiy
 S6HRxj3k11M23elyReW4/95VO4m5/vqTcA+cCoRriXtZQKpaMdmZAEJoKubWS1PX0KjXLxsuJi0
 77E6rjVde6MpBQFMS9sldQcV3fzAv8u/kBRvK1XJ6P/s=
X-Received: by 2002:a17:902:d50f:b0:267:8b4f:df36 with SMTP id
 d9443c01a7336-29eeec1e3edmr62250385ad.29.1765551916622;
 Fri, 12 Dec 2025 07:05:16 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IErKXvfIsf0XdT2uZ5tfa/p411BIgMfaEjii4Bb7zfmVemQkpUTySz8wUPcvpT+r2XZ3sY+qQ==
X-Received: by 2002:a17:902:d50f:b0:267:8b4f:df36 with SMTP id
 d9443c01a7336-29eeec1e3edmr62248315ad.29.1765551914504;
 Fri, 12 Dec 2025 07:05:14 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Zhao Liu <zhao1.liu@intel.com>,
 Marcelo Tosatti <mtosatti@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 16/28] i386/sev: add notifiers only once
Date: Fri, 12 Dec 2025 20:33:44 +0530
Message-ID: <20251212150359.548787-17-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552001703158500
Content-Type: text/plain; charset="utf-8"

The vm state change notifier needs to be added only once and not every time
upon sev state initialization. This is important when the SEV guest can be
reset and the initialization needs to happen once per every reset.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/sev.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/target/i386/sev.c b/target/i386/sev.c
index 9a3f488b24..1212acfaa1 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -1789,6 +1789,7 @@ static int sev_common_kvm_init(ConfidentialGuestSuppo=
rt *cgs, Error **errp)
     int ret, fw_error, cmd;
     uint32_t ebx;
     uint32_t host_cbitpos;
+    static bool notifiers_added;
     struct sev_user_data_status status =3D {};
     SevCommonState *sev_common =3D SEV_COMMON(cgs);
     SevCommonStateClass *klass =3D SEV_COMMON_GET_CLASS(cgs);
@@ -1939,8 +1940,11 @@ static int sev_common_kvm_init(ConfidentialGuestSupp=
ort *cgs, Error **errp)
         return -1;
     }
=20
-    qemu_add_vm_change_state_handler(sev_vm_state_change, sev_common);
-
+    if (!notifiers_added) {
+        /* add notifiers only once */
+        qemu_add_vm_change_state_handler(sev_vm_state_change, sev_common);
+        notifiers_added =3D true;
+    }
     cgs->ready =3D true;
=20
     return 0;
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552041; cv=none;
	d=zohomail.com; s=zohoarc;
	b=IAzVazXUbuJaOflOVttzyh/a+BgaMyIwZau7r+IAQ0wIC6FhTfqdtwhIAV9PTXwNkThkazrc/bfoBWj9rY7Ms4QgddtYbgVb8k/2p3friqd10nNPpsoh6i5YDx0A6+TW8KP/ypN6n7Gtrx7lRkmZ2VMDAvwQAXI1zR5Rzdh1aCU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552041;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=AD5TvnPmaG2p4oioPCNypqz8ubpMGn5del8Os1RElwg=;
	b=LJryXp5gATYpT7xFV5YfNdPnSCvCUBuke/skKdOaCkc4xg+qE4UnqW8qofGes8Uz91gsXJ8cZYZfMHl/JY6vqf/IwwOSrv7ASF6xb5sRnkQ1Hfyl69VJPQVlaY13tGUKd2yk+Y7zI078Xi1Zcx12ZmL5r884OMyEIaB6EZnbrCc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552041580390.67874737361524;
 Fri, 12 Dec 2025 07:07:21 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4iC-0003Gy-E5; Fri, 12 Dec 2025 10:05:40 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4i0-0002JE-Kg
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:30 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hv-00064e-Ct
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:25 -0500
Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com
 [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-303-lw3So-ehO5Kukz2avpCVJA-1; Fri, 12 Dec 2025 10:05:21 -0500
Received: by mail-pl1-f199.google.com with SMTP id
 d9443c01a7336-297e1cf9aedso23819865ad.2
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:20 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.16
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551922;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=AD5TvnPmaG2p4oioPCNypqz8ubpMGn5del8Os1RElwg=;
 b=gAV5sMRWKK+6Zl6mA5Pqadxt92q5LWr6vNsHLpXXvJjXcvZfArhbytN9fst3Ttw8e0lInu
 e4+fJ9SYeVp8pnOnFJ4u5wLd8V+gqK0kp2/Bk2APBOXhvOfAa+K+NHIKDrQvNhwiTBdOMS
 kjJ/1in07IJ82V7kgwvfMBbrFRIRT98=
X-MC-Unique: lw3So-ehO5Kukz2avpCVJA-1
X-Mimecast-MFC-AGG-ID: lw3So-ehO5Kukz2avpCVJA_1765551920
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551920; x=1766156720; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=AD5TvnPmaG2p4oioPCNypqz8ubpMGn5del8Os1RElwg=;
 b=hTguHqd6qToLlck9A9lBA63sGUVAOedLTZhMc4XC3lZyUndDJcw/xXlAGXpV0+z5so
 qswi+yMkEIRzzgBqUFAviMdwpYANZKxjUwqGP1fhCC/ReqKaOQ8u//L3mLTD/V/Im6FU
 F5LTEKe0Naof/7yWlpWz01Xdc+NHbUURhVcsaP+RgNwWtzUMUdDkseoYa96F9xzSBBJA
 9MxCsFAvI8+8BGg6C094gJ+gs2E4yveTGQIgBWbRAjILWF1ChOtrObBvdpWj8U2KYFUj
 ITfO+MniLRaTTxD42Gp5ZrLw+EOkDgIzGbpjkdDajOYBV/bxVsymfp9TDaU7Aux7JP1+
 VtvQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551920; x=1766156720;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=AD5TvnPmaG2p4oioPCNypqz8ubpMGn5del8Os1RElwg=;
 b=TMkf9PoPHc2y29aEzC2KlAsW/4fnVkoFK4kmuTRqeUYkLE5HzQJPQWAEBCRm3O/+21
 OCFHB/8CXbvJqQijpgKB7dyS45V0C+0VrA4i9miS9VjQnBvHG4qbvmQbMP0Qfg+D8csj
 +eFWHM5xJ5LBsLKj2bbdguyRXwL/oo6NNIOVP+bZzhZyZK0oGu0y2vCbMrTDaXaBTVVP
 T4oLA0BT/ykTnHUZ9euPW+uI3XX0FHxjprGTH1jRidiQGwWeZQn3zXiBph9oC3Qhn2Hv
 kybzHBHtmlcBSw0laASPrdBoJ+w+0o5bNUh+Wl8UmGGKrlk9yQ49akv7UTWjkrVLWyD/
 10AQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCWoxVZpeGU0itJPreUdaFr8YV/DuuO+aT7LuItUZ2+VQHcxtdmvAj+pmi3Q42J3rnHC7x+3dd3xL2wJ@nongnu.org
X-Gm-Message-State: AOJu0YwDuTgXH7/pndAL8pcFbgMYcWnMif6Atp+a2FzANUbCRYteJGka
 XzWtrn63jDx76/CPv/YXzcUjLvmDNkpDyUz67F3DVBckiHxkYBXx1tGnav1ZGkm/iB2ZmZ86ZK2
 ifrB3vN4aEBkRaKR3qR6h03wVBueZx4sjxE0Ah0J1WDxywTVtIH/oHR1J
X-Gm-Gg: AY/fxX6cMM9wZtHRA0fNbq94DWZIhESlmtB8dpQLaQd6isXaPs85YWLwDuUutflEdfj
 CMmTOOOItbRtWTizh9dsCtPa7xZsGj8lfCHeA9+txDe/CEgWiJnqYzkXUwra6hpucSxve8RIdsl
 NDogu7ldm3qw03Z+bwyKsmI8E8zZsNmZdhkOWSynJ+fXYzHwLQXfi3py1vQWG4j3C41aTomfUwk
 zcwCB6ayo90KjlARiy4AP1qtt0+0k6W1Q/eNPXZbpi+U/97k+q9flQmqf+3bvhUSqltaDs/h94e
 09WczN9cnjI4lezJtn5rD01lgNgW5YUoD8vEYqAziTZPcae6KW4OEdyLSkHKUc9sALjJt3b9RbI
 c5IJAZgYKpVMXhNg6MoscVxOr75ubawZ/Piw1F3NQKOc=
X-Received: by 2002:a17:903:37ce:b0:295:195:23b6 with SMTP id
 d9443c01a7336-29f26eff462mr21754465ad.55.1765551919604;
 Fri, 12 Dec 2025 07:05:19 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IFtEEFZPyNKKCDsh5aLQtzNZu0DfrwfLsiOJl4sm0R3t6SN2FzDZ5y63d85tglByziYc9oKwA==
X-Received: by 2002:a17:903:37ce:b0:295:195:23b6 with SMTP id
 d9443c01a7336-29f26eff462mr21753995ad.55.1765551919077;
 Fri, 12 Dec 2025 07:05:19 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Marcelo Tosatti <mtosatti@redhat.com>,
 Zhao Liu <zhao1.liu@intel.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 17/28] i386/sev: free existing launch update data and
 kernel hashes data on init
Date: Fri, 12 Dec 2025 20:33:45 +0530
Message-ID: <20251212150359.548787-18-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552043952158500
Content-Type: text/plain; charset="utf-8"

If there is existing launch update data and kernel hashes data, they need t=
o be
freed when initialization code is executed. This is important for resettable
confidential guests where the initialization happens once every reset.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/sev.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/target/i386/sev.c b/target/i386/sev.c
index 1212acfaa1..83b9bfb2ae 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -1791,6 +1791,7 @@ static int sev_common_kvm_init(ConfidentialGuestSuppo=
rt *cgs, Error **errp)
     uint32_t host_cbitpos;
     static bool notifiers_added;
     struct sev_user_data_status status =3D {};
+    SevLaunchUpdateData *data, *next_elm;
     SevCommonState *sev_common =3D SEV_COMMON(cgs);
     SevCommonStateClass *klass =3D SEV_COMMON_GET_CLASS(cgs);
     X86ConfidentialGuestClass *x86_klass =3D
@@ -1798,6 +1799,11 @@ static int sev_common_kvm_init(ConfidentialGuestSupp=
ort *cgs, Error **errp)
=20
     sev_common->state =3D SEV_STATE_UNINIT;
=20
+    /* free existing launch update data if any */
+    QTAILQ_FOREACH_SAFE(data, &launch_update, next, next_elm) {
+        g_free(data);
+    }
+
     host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL);
     host_cbitpos =3D ebx & 0x3f;
=20
@@ -1989,6 +1995,8 @@ static int sev_snp_kvm_init(ConfidentialGuestSupport =
*cgs, Error **errp)
 {
     MachineState *ms =3D MACHINE(qdev_get_machine());
     X86MachineState *x86ms =3D X86_MACHINE(ms);
+    SevCommonState *sev_common =3D SEV_COMMON(cgs);
+    SevSnpGuestState *sev_snp_guest =3D SEV_SNP_GUEST(sev_common);
=20
     if (x86ms->smm =3D=3D ON_OFF_AUTO_AUTO) {
         x86ms->smm =3D ON_OFF_AUTO_OFF;
@@ -1997,6 +2005,10 @@ static int sev_snp_kvm_init(ConfidentialGuestSupport=
 *cgs, Error **errp)
         return -1;
     }
=20
+    /* free existing kernel hashes data if any */
+    g_free(sev_snp_guest->kernel_hashes_data);
+    sev_snp_guest->kernel_hashes_data =3D NULL;
+
     return 0;
 }
=20
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765551967; cv=none;
	d=zohomail.com; s=zohoarc;
	b=QF1BKZJU1brIymzT+rJYo/SyTjfFuu4T2RaVm4Aihjb7hGq1pp67sgcOU0oa5QxJWkKuPJLrYLbzsLxx5vNXs69Nn8FnAWXihAUMZn4xPQDlTa6NyJhEKuiiB7K4lwmMuQHCS4wcG6mO2vsizTpYgODP/cKPF4GaUQ2fIXmgfyA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765551967;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=N2VTrzg+qE8VL3OOG3OpyC5OygKIGSBEXRIlgut+Wko=;
	b=g7972EwJW4uakKglcob+BpZ3KN4wkFtLZoncW6hUJsR9M9CPSJdPZXxXKVuK3VAygpx8i5WNY/ZLiY1XvscgG1JG8bNRw2T7ba/TfOlHAsI3XDb9ml5ujbI5WLFwxDhy0sDtDOGk/Aun82CrpAh8F/jl2hL3LqTNBbQuWO5lxXM=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765551967805599.7465878154073;
 Fri, 12 Dec 2025 07:06:07 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4i9-00031X-IS; Fri, 12 Dec 2025 10:05:37 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4i2-0002Sv-JF
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:30 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4hz-00065O-TL
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:30 -0500
Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com
 [209.85.214.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-568-eTn1eFbNPGexi-e_nStv8A-1; Fri, 12 Dec 2025 10:05:24 -0500
Received: by mail-pl1-f198.google.com with SMTP id
 d9443c01a7336-2a089575ab3so737385ad.0
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:24 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.19
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551925;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=N2VTrzg+qE8VL3OOG3OpyC5OygKIGSBEXRIlgut+Wko=;
 b=X6WEIAjR1wv9pJfhpq2NCzzmiSMV724G+aRFKxdnM0vhHNZwnjkvPuR/nTWNVuhlPQoSid
 wfXUBi90Y+fTDRZUARDCaSxLPlm3v8agwwcop9fM2JLIBa60f4OJhdOmu1p1SPNglodX8K
 LN7X9N13y0lbFOLYQ5A7oiq4PrerPkE=
X-MC-Unique: eTn1eFbNPGexi-e_nStv8A-1
X-Mimecast-MFC-AGG-ID: eTn1eFbNPGexi-e_nStv8A_1765551923
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551923; x=1766156723; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=N2VTrzg+qE8VL3OOG3OpyC5OygKIGSBEXRIlgut+Wko=;
 b=AApYq6scVuAgaH9EiQa97f5T4c7FDRq7qDBZKbyF28sxnSTtpfaAm/6EcngqqZ/0Jj
 olp7S6I40QJm4qAWSf6EMSxaPwkY5WwQIiGU5TXSF2Md0/umpFKWmZ0zc2MZ92yw/8x/
 ZlrKIIRejLuJFlRO8uqsayn8RPXF6Jk4YDO5+0XO0nN07TnKFMP+Hg2nOrMrXCASeBT9
 aV87jgdeJM30yMjbPbjLzet8MVDlFWiZlt21rhiAEmDWb90OiqBVs8zq4wzvSBxZbGXu
 0HpBCOWIrxkHpURxDsnZl3gF94N9Z9eElmD13s4LL5eIYukVJ59wm6MvVXGspNjlks+5
 O//Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551923; x=1766156723;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=N2VTrzg+qE8VL3OOG3OpyC5OygKIGSBEXRIlgut+Wko=;
 b=JPqgcJPV454WhU04p0JY0alHbOxZ9NPfnUM8BJKaRgTz/w4HAX28YPW3AHnMWpurlF
 GtV+iECKoTivCijtsrvKYTIHa6TvCWTp2XmdD+R0cRzc92iGehmAEolZRqXjhIo+wOQd
 g8RJHRYh5rYCko5C9XNl9ysfXDf/SRPHaxiSu/Of4/4eGYEqbPpKid2nTTo28Q0xfq4i
 oRpvBViTf8AJi1ITNT1yRZYuQ7pBRSR2Va6sQxCFooYo5C69dCNZERQLSGJQqikz/Pis
 ZiVFlH5Lm2xG9gQv20d5OAZzScJ7/YvEbjAxlujfFd5fhsjMgt5Cs7+OvwIWbn2A3Ohb
 gXkQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCV/wBITUUuTYGMrF4zq66dezI2Og9lTIKcaoIj9+Gvt6hki2uCRbCnusITzF+HvjzTe5fXd79+E/tiY@nongnu.org
X-Gm-Message-State: AOJu0Yz93r/SpHpFfA+agJyEc0s0OxNc3X0TZYAIwSWOgh27t+ImXtEP
 rR81WElzpEX/nmlRyJ0NoOIid1B37JmQVnoZM4aGobBdliG5akUbnyaXDdkcbgFGZeH8hcWnaXL
 rJfsieQ7iD/1svJTilwVIk+Kk31YgQ9UEFKwzNryiL5C0F4lT0bcg33Ot
X-Gm-Gg: AY/fxX6slLAegrNXLtUYn1UItnx7sXSEXHRASkwd90sP7nvKCLV5FsQ1Ud0narpL3MT
 eUPGGwkc9ZP80j5akhmSWqv1yfi6ShOVx5AdQQKHRSHtm5Y0GpNaYuKTBPLy81xQXkdJUp3UmFf
 3U4Qgs22zjJGbwgoIrFOgISdHL+wnbt7HZNpnhsrSTPl0LeAgKCvC4I9/lju89ARGc5XpoX1DaA
 d6ZKLv2yKDByII5dz2QtXww6ki9ZkvKlI8zJFXulkG1G67CaEz+3Hcji56+92yVzuKU1BXfDAnE
 Rcsps5e5AsegEQY5lVmaEwdtVQwXc/dEEoZayAr+aE4Xj0FrD0g4up994vwkk7g+Hqc/ANFlk/K
 g89EUiFmi8AV+hV+x6DVxe7xS5yNVvuDYIo64bXF9zqI=
X-Received: by 2002:a17:903:120e:b0:295:24ab:fb06 with SMTP id
 d9443c01a7336-29f23b7620amr27812205ad.22.1765551922749;
 Fri, 12 Dec 2025 07:05:22 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IE/6tfMT8Kl8RrzWhiMsAQY3ed5KCyrUemoiU+97igw8z0Kogz5KW2sb29zObkJjgdkQ5BxpA==
X-Received: by 2002:a17:903:120e:b0:295:24ab:fb06 with SMTP id
 d9443c01a7336-29f23b7620amr27811645ad.22.1765551922141;
 Fri, 12 Dec 2025 07:05:22 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Marcelo Tosatti <mtosatti@redhat.com>,
 Zhao Liu <zhao1.liu@intel.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 18/28] i386/sev: add support for confidential guest reset
Date: Fri, 12 Dec 2025 20:33:46 +0530
Message-ID: <20251212150359.548787-19-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765551969580158500
Content-Type: text/plain; charset="utf-8"

When the KVM VM file descriptor changes as a part of the confidential guest
reset mechanism, it necessary to create a new confidential guest context and
re-encrypt the VM memeory. This happens for SEV-ES and SEV-SNP virtual mach=
ines
as a part of SEV_LAUNCH_FINISH, SEV_SNP_LAUNCH_FINISH operations.

A new resettable interface for SEV module has been added. A new reset callb=
ack
for the reset 'exit' state has been implemented to perform the above operat=
ions
when the VM file descriptor has changed during VM reset.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/sev.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)

diff --git a/target/i386/sev.c b/target/i386/sev.c
index 83b9bfb2ae..246a58c752 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -30,8 +30,10 @@
 #include "system/kvm.h"
 #include "kvm/kvm_i386.h"
 #include "sev.h"
+#include "system/cpus.h"
 #include "system/system.h"
 #include "system/runstate.h"
+#include "system/reset.h"
 #include "trace.h"
 #include "migration/blocker.h"
 #include "qom/object.h"
@@ -84,6 +86,10 @@ typedef struct QEMU_PACKED PaddedSevHashTable {
     uint8_t padding[ROUND_UP(sizeof(SevHashTable), 16) - sizeof(SevHashTab=
le)];
 } PaddedSevHashTable;
=20
+static void sev_handle_reset(Object *obj, ResetType type);
+
+SevKernelLoaderContext sev_load_ctx =3D {};
+
 QEMU_BUILD_BUG_ON(sizeof(PaddedSevHashTable) % 16 !=3D 0);
=20
 #define SEV_INFO_BLOCK_GUID     "00f771de-1a7e-4fcb-890e-68c77e2fb44e"
@@ -127,6 +133,7 @@ struct SevCommonState {
     uint8_t build_id;
     int sev_fd;
     SevState state;
+    ResettableState reset_state;
=20
     QTAILQ_HEAD(, SevLaunchVmsa) launch_vmsa;
 };
@@ -2012,6 +2019,37 @@ static int sev_snp_kvm_init(ConfidentialGuestSupport=
 *cgs, Error **errp)
     return 0;
 }
=20
+/*
+ * handle sev vm reset
+ */
+static void sev_handle_reset(Object *obj, ResetType type)
+{
+    SevCommonState *sev_common =3D SEV_COMMON(MACHINE(qdev_get_machine())-=
>cgs);
+    SevCommonStateClass *klass =3D SEV_COMMON_GET_CLASS(sev_common);
+
+    if (!sev_common) {
+        return;
+    }
+
+    if (!runstate_is_running()) {
+        return;
+    }
+
+    sev_add_kernel_loader_hashes(&sev_load_ctx, &error_fatal);
+    if (!sev_check_state(sev_common, SEV_STATE_RUNNING)) {
+        /* this calls sev_snp_launch_finish() etc */
+        klass->launch_finish(sev_common);
+    }
+
+    return;
+}
+
+static ResettableState *sev_reset_state(Object *obj)
+{
+    SevCommonState *sev_common =3D SEV_COMMON(obj);
+    return &sev_common->reset_state;
+}
+
 int
 sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp)
 {
@@ -2490,6 +2528,8 @@ bool sev_add_kernel_loader_hashes(SevKernelLoaderCont=
ext *ctx, Error **errp)
         return false;
     }
=20
+    /* save the context here so that it can be re-used when vm is reset */
+    memcpy(&sev_load_ctx, ctx, sizeof(*ctx));
     return klass->build_kernel_loader_hashes(sev_common, area, ctx, errp);
 }
=20
@@ -2750,8 +2790,16 @@ static void
 sev_common_class_init(ObjectClass *oc, const void *data)
 {
     ConfidentialGuestSupportClass *klass =3D CONFIDENTIAL_GUEST_SUPPORT_CL=
ASS(oc);
+    ResettableClass *rc =3D RESETTABLE_CLASS(oc);
=20
     klass->kvm_init =3D sev_common_kvm_init;
+    /*
+     * the exit phase makes sure sev handles reset after all legacy resets
+     * have taken place (in the hold phase) and IGVM has also properly
+     * set up the boot state.
+     */
+    rc->phases.exit =3D sev_handle_reset;
+    rc->get_state =3D sev_reset_state;
=20
     object_class_property_add_str(oc, "sev-device",
                                   sev_common_get_sev_device,
@@ -2786,6 +2834,8 @@ sev_common_instance_init(Object *obj)
     cgs->get_mem_map_entry =3D cgs_get_mem_map_entry;
     cgs->set_guest_policy =3D cgs_set_guest_policy;
=20
+    qemu_register_resettable(OBJECT(sev_common));
+
     QTAILQ_INIT(&sev_common->launch_vmsa);
 }
=20
@@ -2800,6 +2850,7 @@ static const TypeInfo sev_common_info =3D {
     .abstract =3D true,
     .interfaces =3D (const InterfaceInfo[]) {
         { TYPE_USER_CREATABLE },
+        { TYPE_RESETTABLE_INTERFACE },
         { }
     }
 };
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552025; cv=none;
	d=zohomail.com; s=zohoarc;
	b=iPer85/M7SepO1hYywMVlyiEamLIaE6YNX0yO9m+Jro/Yt7sNqdjD+U0hurQsHpUjapEGpG9TRm39sm1fZuN6771aCtToU52q/XqXYR2BMRSlUGoE778jg3OtiScDEnEnZlnrKF0jXMEJieosxdJlvDKc4poLNx+6XxfJuu6C04=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552025;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=An7ksy++b8pjEaWmUyibgQbRoj3a44CDnsQt2f4omE0=;
	b=L204qmBuu8t/P3NhbchSoAU+91nS8z+l+jaOc0S9flIztAcf782LyJY1m1IAHLufJujOf//fqpUzgETv8Nqecjz52c7mCz/6X61aP1NtmzFZ8zIPxm++Bh0T6KtzzBKX062We3Shl5FPI0Fnipl+nwclLFizfo1n63tnO+UyZZQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552022384231.31880331209493;
 Fri, 12 Dec 2025 07:07:02 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4i6-0002ii-SZ; Fri, 12 Dec 2025 10:05:34 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4i4-0002Wf-6J
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:32 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4i1-00065w-5f
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:31 -0500
Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com
 [209.85.215.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-193-hTCN029VPEGH7dqKmMJ2SQ-1; Fri, 12 Dec 2025 10:05:27 -0500
Received: by mail-pg1-f200.google.com with SMTP id
 41be03b00d2f7-c0c65e5f688so519182a12.1
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:26 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.22
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551928;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=An7ksy++b8pjEaWmUyibgQbRoj3a44CDnsQt2f4omE0=;
 b=XvIHtSAK2m5X91VogQ0MLSFTUxivRExG2Vz+dTJoC4k3ilOit5Yuum0+24u22yJDrFVBZT
 r9hmaQDS0c1kGrDyGmwajHHYKZRASjZhkgJ3xpzjvcwcs5BFModrnKO9b+eS2VCJcio4ud
 gmt+vpolSNm1oBDU/Jsw2SmAK6eafNg=
X-MC-Unique: hTCN029VPEGH7dqKmMJ2SQ-1
X-Mimecast-MFC-AGG-ID: hTCN029VPEGH7dqKmMJ2SQ_1765551926
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551926; x=1766156726; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=An7ksy++b8pjEaWmUyibgQbRoj3a44CDnsQt2f4omE0=;
 b=qTKhQwveBFek5NfYsMjjJA8CVjM38BvPFzeUgugVylqCSAA3xf0btspFgitMqzvBWm
 j7YMyPbkpibglnnJC2mFGCzPavS74tYkoEI8cNcW4bJu3SW4GZsoU1ISdg1Ejf35Dbv/
 6A20aE5eOuoFUgHmJER0tDC5B8OFS/WRmLzTivMFYJ39oiu+OAKyElzGomlITqJzlvtf
 4v36ELkzwO26M8dpPzkVYwXSRiUgwJYAD+iFZLGoo6ffIOvyy+Kgtwovjl5J2zqESEpY
 VKicT9n22nHTl4n1SaAaHte4Ul4O6GUxubhkoSWXbMk7qahP4RA7ZaTKGUasvSvhuU+A
 amNg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551926; x=1766156726;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=An7ksy++b8pjEaWmUyibgQbRoj3a44CDnsQt2f4omE0=;
 b=u4j1BAhw7xtgCeT5euDcliz2qpM2XEtaSrm6YP1recWcCKuO7uqKdDNbByaNlLgaQP
 vS1Qr44DDVDM08asfUaJ0Gr2jX32LSy0OZVCrUyEPMGURQF8NeFr0s25Jv3RUJ1G2/g+
 yBmxwwYHtZt35EQ6AXX1qFKJkg+Qi+xLbExX+mAM8+YbSw+kMYlYJFgrKp4uSBt6qQSF
 UiAYS8u5P19XSFX49/cq3nICgtM1+boOrif49H6rFaROdWi9qHF5wVxQlGEQisEDC3Xc
 /duD1sVQCwRNKfLEavTaJFl0iiNQVmp/y7QXtBl+wMgbii+0YvAxyOAqKk0qt7buanj8
 W7uA==
X-Forwarded-Encrypted: i=1;
 AJvYcCVJd2Vtojr+Rf9wPwrGNzLugPAk1lheRq32y3XY+FQLaHWtKDEVqmUgHW9WvuX65mAtTYEb8lAdZRT3@nongnu.org
X-Gm-Message-State: AOJu0YxHFZjhUw94sPg2k9bHlSmCOn79FPElGmW0D4TqUfd0npz38Tk3
 LsqFLTOF2b/2RXa8chwimQN0eaH74ZXDTvPrrgQtaAUgLhvZ8/XGTaGilwEhsRXEv8tFXq6hqFG
 qzEzHF7uo2Y+7hEXJmuK02Gu4xIZXLrr9HStBoMOZGH3prS/wGsL5TAeg
X-Gm-Gg: AY/fxX4yGK+fd7M0ESw23sc8NiKQRTw77uDD5jyHOS9hi2wt6A+7ustokYVJ09GxgzR
 PhaijdLcSsn0avdp+/6bI/4H9wOYoutqEnMyoCFCDcs0BijHb5ETBppyWTy3u1LZuNbafRB7Nbd
 5FDN76EJzFKiqNnvz44LlVc7jWsHCgutAT05WsA24lTppdtRAqZ2Ralaq/SnR/oeE2dKf2WxNoq
 B5p1wh/r7e1pALUecsJd4ExS1d0GFG8NvI0qf8YBUdnf+ChsyB/NdUDpHyn6Nn1BjfYtxZ8dfYB
 IR9GlfBce35HUq/cJ7hgSH3yXZhK7nQdxxkTNRGiP+Wfqxjv3Ayc5BFfrb+WlVSiqdtQk4K2ZIg
 E4Mr5pcHLdO4DlgrATLXY0zwOHSAx4uTQMv5tveGKSS4=
X-Received: by 2002:a17:903:3c6d:b0:298:360:1662 with SMTP id
 d9443c01a7336-29eee9f1ad5mr54292355ad.1.1765551925751;
 Fri, 12 Dec 2025 07:05:25 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IHoKR/S5A//jCh7WGyYiKpZMMZpKIKyrpZfPWPfiXIIh/IS0nvD0Lt12QdEA3Iftgc084U4/Q==
X-Received: by 2002:a17:903:3c6d:b0:298:360:1662 with SMTP id
 d9443c01a7336-29eee9f1ad5mr54291715ad.1.1765551925072;
 Fri, 12 Dec 2025 07:05:25 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Alex Williamson <alex@shazbot.org>,
 =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= <clg@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, pbonzini@redhat.com,
 qemu-devel@nongnu.org, Ani Sinha <anisinha@redhat.com>
Subject: [PATCH v1 19/28] hw/vfio: generate new file fd for pseudo device and
 rebind existing descriptors
Date: Fri, 12 Dec 2025 20:33:47 +0530
Message-ID: <20251212150359.548787-20-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552028099158500
Content-Type: text/plain; charset="utf-8"

Normally the vfio pseudo device file descriptor lives for the life of the V=
M.
However, when the kvm VM file descriptor changes, a new file descriptor
for the pseudo device needs to be generated against the new kvm VM descript=
or.
Other existing vfio descriptors needs to be reattached to the new pseudo de=
vice
descriptor. This change performs the above steps.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/vfio/helpers.c | 81 +++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 78 insertions(+), 3 deletions(-)

diff --git a/hw/vfio/helpers.c b/hw/vfio/helpers.c
index 23d13e5db5..ad9e9c9ead 100644
--- a/hw/vfio/helpers.c
+++ b/hw/vfio/helpers.c
@@ -109,12 +109,66 @@ bool vfio_get_info_dma_avail(struct vfio_iommu_type1_=
info *info,
 #ifdef CONFIG_KVM
 /*
  * We have a single VFIO pseudo device per KVM VM.  Once created it lives
- * for the life of the VM.  Closing the file descriptor only drops our
- * reference to it and the device's reference to kvm.  Therefore once
- * initialized, this file descriptor is only released on QEMU exit and
+ * for the life of the VM except when the vm file descriptor changes for
+ * confidential virtual machines. In that case, the old file descriptor is
+ * closed and a new file descriptor is recreated.  Closing the file descri=
ptor
+ * only drops our reference to it and the device's reference to kvm.
+ * Therefore once initialized, this file descriptor is normally only relea=
sed
+ * on QEMU exit (except for confidential VMs as stated above) and
  * we'll re-use it should another vfio device be attached before then.
  */
 int vfio_kvm_device_fd =3D -1;
+
+typedef struct KVMVfioFileFd {
+    int fd;
+    QLIST_ENTRY(KVMVfioFileFd) node;
+} KVMVfioFileFd;
+
+static QLIST_HEAD(, KVMVfioFileFd) kvm_vfio_file_fds =3D
+    QLIST_HEAD_INITIALIZER(kvm_vfio_file_fds);
+
+static int kvm_vfio_filefd_rebind(NotifierWithReturn *notifier, void *data,
+                                  Error **errp);
+static struct NotifierWithReturn kvm_vfio_vmfd_change_notifier =3D {
+    .notify =3D kvm_vfio_filefd_rebind,
+};
+
+static int kvm_vfio_filefd_rebind(NotifierWithReturn *notifier, void *data,
+                                  Error **errp)
+{
+    KVMVfioFileFd *file_fd;
+    int ret =3D 0;
+    struct kvm_device_attr attr =3D {
+        .group =3D KVM_DEV_VFIO_FILE,
+        .attr =3D KVM_DEV_VFIO_FILE_ADD,
+    };
+    struct kvm_create_device cd =3D {
+        .type =3D KVM_DEV_TYPE_VFIO,
+    };
+
+    if (kvm_vm_ioctl(kvm_state, KVM_CREATE_DEVICE, &cd)) {
+        error_setg_errno(errp, errno, "Failed to create KVM VFIO device");
+        return -errno;
+    }
+
+    if (vfio_kvm_device_fd) {
+        close(vfio_kvm_device_fd);
+    }
+
+    vfio_kvm_device_fd =3D cd.fd;
+
+    QLIST_FOREACH(file_fd, &kvm_vfio_file_fds, node) {
+        attr.addr =3D (uint64_t)(unsigned long)&file_fd->fd;
+        if (ioctl(vfio_kvm_device_fd, KVM_SET_DEVICE_ATTR, &attr)) {
+            error_setg_errno(errp, errno,
+                             "Failed to add fd %d to KVM VFIO device",
+                             file_fd->fd);
+            ret =3D -errno;
+        }
+    }
+    return ret;
+}
+
 #endif
=20
 void vfio_kvm_device_close(void)
@@ -136,6 +190,7 @@ int vfio_kvm_device_add_fd(int fd, Error **errp)
         .attr =3D KVM_DEV_VFIO_FILE_ADD,
         .addr =3D (uint64_t)(unsigned long)&fd,
     };
+    KVMVfioFileFd *file_fd;
=20
     if (!kvm_enabled()) {
         return 0;
@@ -152,6 +207,11 @@ int vfio_kvm_device_add_fd(int fd, Error **errp)
         }
=20
         vfio_kvm_device_fd =3D cd.fd;
+        /*
+         * If the vm file descriptor changes, add a notifier so that we can
+         * re-create the vfio_kvm_device_fd.
+         */
+        kvm_vmfd_add_change_notifier(&kvm_vfio_vmfd_change_notifier);
     }
=20
     if (ioctl(vfio_kvm_device_fd, KVM_SET_DEVICE_ATTR, &attr)) {
@@ -159,6 +219,11 @@ int vfio_kvm_device_add_fd(int fd, Error **errp)
                          fd);
         return -errno;
     }
+
+    file_fd =3D g_malloc0(sizeof(*file_fd));
+    file_fd->fd =3D fd;
+    QLIST_INSERT_HEAD(&kvm_vfio_file_fds, file_fd, node);
+
 #endif
     return 0;
 }
@@ -171,6 +236,7 @@ int vfio_kvm_device_del_fd(int fd, Error **errp)
         .attr =3D KVM_DEV_VFIO_FILE_DEL,
         .addr =3D (uint64_t)(unsigned long)&fd,
     };
+    KVMVfioFileFd *file_fd;
=20
     if (vfio_kvm_device_fd < 0) {
         error_setg(errp, "KVM VFIO device isn't created yet");
@@ -182,6 +248,15 @@ int vfio_kvm_device_del_fd(int fd, Error **errp)
                          "Failed to remove fd %d from KVM VFIO device", fd=
);
         return -errno;
     }
+
+    QLIST_FOREACH(file_fd, &kvm_vfio_file_fds, node) {
+        if (file_fd->fd =3D=3D fd) {
+            QLIST_REMOVE(file_fd, node);
+            g_free(file_fd);
+            break;
+        }
+    }
+
 #endif
     return 0;
 }
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552003; cv=none;
	d=zohomail.com; s=zohoarc;
	b=UMQb8rxFN9U4xEnKaS8Q/0u8JoTDq1+dz+ABjgBZrclwQlIeN2oQ3XfIuAJx0+93e/sDWY3KY9BQctduAhmRfja41ld1XtjLE6OKRGqllgVeAMA9vexQjFMDEvt0y8JQnS5yDCHhW3UWkri2kpAmUqlMPHxHX0AeGEVCxhr4Eiw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552003;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=mS/vx07yZORkzPU1XCvWFJrvu5SKrWNQ/OXc6sVUDww=;
	b=gFjDRATSYDt9DOV98lIDYyNgZw1BiE81+vR2U9vSAD1o72pr/Hr2D+G60Us1WsF7UuRkgMSuK0K2EHWXwxJZ9Csr0VZzapKUNnvkzlyG1Y0Fqb9a25FYkamvyukoSQPt3Vw9RqbzPKHt2fh8XjC5ARR1CP1acHx0JKqBAnAWyGg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552003659215.33802334287873;
 Fri, 12 Dec 2025 07:06:43 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4iB-00031z-7C; Fri, 12 Dec 2025 10:05:39 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4i6-0002el-9x
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:34 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4i4-00066z-JI
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:34 -0500
Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com
 [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-99-RjGO_f2PPp64uyWNfe3NdQ-1; Fri, 12 Dec 2025 10:05:30 -0500
Received: by mail-pl1-f199.google.com with SMTP id
 d9443c01a7336-2982b47ce35so15039865ad.2
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:30 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.25
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551931;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=mS/vx07yZORkzPU1XCvWFJrvu5SKrWNQ/OXc6sVUDww=;
 b=ETLWRRJ+GtRD0zzo2XwKmB9NTtMFOkPUr7RI3RtwninZenHCVYqciQapPjnXsGNP/sSEZu
 Kpx2qJXL8JKBZ10mi5kDjgbP9k6qufItADF/3gzurjDwSg4EjVbr8hV0LOiIxJq3dDkdtM
 N74Bdm7l//ls2zHV89Vhuq9Ow1vwj1U=
X-MC-Unique: RjGO_f2PPp64uyWNfe3NdQ-1
X-Mimecast-MFC-AGG-ID: RjGO_f2PPp64uyWNfe3NdQ_1765551929
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551929; x=1766156729; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=mS/vx07yZORkzPU1XCvWFJrvu5SKrWNQ/OXc6sVUDww=;
 b=fVsxd5NJqmTWzuEDSkMifB8Ly+cDidkWpKyH8uGQCgmppvGL9RoDO7mm4eRhNQzzo1
 ZqkmVAf+cNKklRxcZzRH57HJ3BqoDbOVsSqPJGDykGcDzmNyH49sVrmqSBU30lczVaaX
 Y9B4Xi0OLN4b3gx3xXDe3g2qV3Ufx2Q671zcRiMJcIMXQJkyHVZHxsbn2G5168AjtH71
 ZcvRLDNu/tmtsEnqS7v8VOYsrtVFUEu1LcBLdxGFDucdUo9izaGk9ZuqU65UtUXwWn3p
 Zosh3SnTESQcnyZkiiRUl59pGBnsk+wspULMD4+cGbzVf4JIJ/uZONfRV1dZP+vcWtEm
 FimA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551929; x=1766156729;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=mS/vx07yZORkzPU1XCvWFJrvu5SKrWNQ/OXc6sVUDww=;
 b=ndO2Kj77+CmGc9g7P5RK1v9pGFt3PWImfvChdwQ36uIGkmL+FVN6I5PZ3+5OnFfBbV
 jYYHbSRjvxwwtMZgUhyQoP0TA9brRoPKfMP8onW7Ui7A1sif9e4/etBeIV9+FV8YWA9Q
 nqHRcAY78UYNGNeESCpfYJTBYCaCManEl1JnUkd7exsf8DyrWymnbk+e+NpLi35e5KgL
 NIkfHoShqwZvXOl8TzLwBQ72am8MFWRrWGnIlpdJGttD99XgN8pV6UOn4/xHKh6D47FD
 1BrQhgKb/yRYsTbHFspANQPNZnkKW3tUsU1KbgmpzBwxzLh5yWkk8jDBSR6gxhYHHU3N
 yihw==
X-Forwarded-Encrypted: i=1;
 AJvYcCUuXly+bSLaaPPYuvAGa+Xk4DKgnz3OGEUbPn89MvUu58E/B1mGiIHwihQ6PO+zpuEmhd5QiFWdsp3Z@nongnu.org
X-Gm-Message-State: AOJu0YwM7MgUTzKmJtmgmC/BRJYOhT/Qn0Owjcptapqj6iRoEP1ipcVx
 w74pM7Z/6mO3UxJhuA7Wu2nxDucqhNJ1d2HPL08kSprHylR6hjfLASVdlAwm7zpd/n0dq8i+LgK
 WpJR9BObmjaTdG+H6E5QuQZxicwnx4F5AweKbnXgrhe+49BPmj31JUorq
X-Gm-Gg: AY/fxX5yINSDj3D7R076mYs9D0sl5sxqtLlCeNHjGXhDTVNHahFh0PhamzK7jWGCYOd
 PGuOmmG/i8IIH170o3MHSZNxjcHybS6ywdvKWbO0V0RLhP3fEqxoSXWMQkIBiYjsSQDEf/Izwr9
 6ANZvhoLsdKUlavfalyxYljDD+qr0VvoM3keoC3CTTjCpXLT6k7lcnduOu/gSyLPMr1TuC9K3h0
 wIRnMu3XUnIv9ePSJgIES2driiV/Sb12qtLiOVIGePXinjSjAJoOSs7rpxE7ejIm8XqE4k6BMGn
 zSFKYUN5sctpix6/K666vKKIJOIDmbnICul+bK2jba5uPeVCnlpZtk19PIq84Cu0nyxUys3n5/v
 3pc1n7UwmEsLYaXmHDtr2tELApIkJdnZzXMRcRusaKio=
X-Received: by 2002:a17:903:1251:b0:294:f6e2:cea1 with SMTP id
 d9443c01a7336-29f2403ae65mr20202425ad.38.1765551928950;
 Fri, 12 Dec 2025 07:05:28 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IEX6h0uUVyeG0IaMQdhmEhCDa0PAkpPXxzaWui+Wd3A9zo5hJ1HkYVIoILmoQBHwBBfoOY0Xw==
X-Received: by 2002:a17:903:1251:b0:294:f6e2:cea1 with SMTP id
 d9443c01a7336-29f2403ae65mr20202145ad.38.1765551928451;
 Fri, 12 Dec 2025 07:05:28 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>
Subject: [PATCH v1 20/28] kvm/i8254: add support for confidential guest reset
Date: Fri, 12 Dec 2025 20:33:48 +0530
Message-ID: <20251212150359.548787-21-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552009806158500
Content-Type: text/plain; charset="utf-8"

A confidential guest reset involves closing the old virtual machine KVM file
descriptor and opening a new one. Since its a new KVM fd, PIT needs to be
reinitialized again. This is done with the help of a notifier which is invo=
ked
upon KVM vm file desciptor change during confidential guest reset process.

Some code refactoring is performed so that common operations for init and r=
eset
are moved into a helper function.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/kvm/i8254.c | 84 ++++++++++++++++++++++++++++-----------------
 1 file changed, 53 insertions(+), 31 deletions(-)

diff --git a/hw/i386/kvm/i8254.c b/hw/i386/kvm/i8254.c
index 14b78f30a8..0b741464d9 100644
--- a/hw/i386/kvm/i8254.c
+++ b/hw/i386/kvm/i8254.c
@@ -52,6 +52,8 @@ struct KVMPITState {
     LostTickPolicy lost_tick_policy;
     bool vm_stopped;
     int64_t kernel_clock_offset;
+
+    NotifierWithReturn kvmpit_vmfd_change_notifier;
 };
=20
 struct KVMPITClass {
@@ -60,6 +62,43 @@ struct KVMPITClass {
     DeviceRealize parent_realize;
 };
=20
+static void do_pit_initialize(KVMPITState *s, Error **errp)
+{
+    struct kvm_pit_config config =3D {
+        .flags =3D 0,
+    };
+    int ret;
+
+    ret =3D kvm_vm_ioctl(kvm_state, KVM_CREATE_PIT2, &config);
+    if (ret < 0) {
+        error_setg(errp, "Create kernel PIC irqchip failed: %s",
+                   strerror(-ret));
+        return;
+    }
+    switch (s->lost_tick_policy) {
+    case LOST_TICK_POLICY_DELAY:
+        break; /* enabled by default */
+    case LOST_TICK_POLICY_DISCARD:
+        if (kvm_check_extension(kvm_state, KVM_CAP_REINJECT_CONTROL)) {
+            struct kvm_reinject_control control =3D { .pit_reinject =3D 0 =
};
+
+            ret =3D kvm_vm_ioctl(kvm_state, KVM_REINJECT_CONTROL, &control=
);
+            if (ret < 0) {
+                error_setg(errp,
+                           "Can't disable in-kernel PIT reinjection: %s",
+                           strerror(-ret));
+                return;
+            }
+        }
+        break;
+    default:
+        error_setg(errp, "Lost tick policy not supported.");
+        return;
+    }
+
+    return;
+}
+
 static void kvm_pit_update_clock_offset(KVMPITState *s)
 {
     int64_t offset, clock_offset;
@@ -166,6 +205,16 @@ static void kvm_pit_put(PITCommonState *pit)
     }
 }
=20
+static int kvmpit_post_vmfd_change(NotifierWithReturn *notifier,
+                                   void *data, Error** errp)
+{
+    KVMPITState *s =3D container_of(notifier, KVMPITState,
+                                  kvmpit_vmfd_change_notifier);
+
+    do_pit_initialize(s, errp);
+    return 0;
+}
+
 static void kvm_pit_set_gate(PITCommonState *s, PITChannelState *sc, int v=
al)
 {
     kvm_pit_get(s);
@@ -241,49 +290,22 @@ static void kvm_pit_realizefn(DeviceState *dev, Error=
 **errp)
     PITCommonState *pit =3D PIT_COMMON(dev);
     KVMPITClass *kpc =3D KVM_PIT_GET_CLASS(dev);
     KVMPITState *s =3D KVM_PIT(pit);
-    struct kvm_pit_config config =3D {
-        .flags =3D 0,
-    };
-    int ret;
=20
     if (!kvm_check_extension(kvm_state, KVM_CAP_PIT_STATE2) ||
         !kvm_check_extension(kvm_state, KVM_CAP_PIT2)) {
         error_setg(errp, "In-kernel PIT not available");
     }
=20
-    ret =3D kvm_vm_ioctl(kvm_state, KVM_CREATE_PIT2, &config);
-    if (ret < 0) {
-        error_setg(errp, "Create kernel PIC irqchip failed: %s",
-                   strerror(-ret));
-        return;
-    }
-    switch (s->lost_tick_policy) {
-    case LOST_TICK_POLICY_DELAY:
-        break; /* enabled by default */
-    case LOST_TICK_POLICY_DISCARD:
-        if (kvm_check_extension(kvm_state, KVM_CAP_REINJECT_CONTROL)) {
-            struct kvm_reinject_control control =3D { .pit_reinject =3D 0 =
};
-
-            ret =3D kvm_vm_ioctl(kvm_state, KVM_REINJECT_CONTROL, &control=
);
-            if (ret < 0) {
-                error_setg(errp,
-                           "Can't disable in-kernel PIT reinjection: %s",
-                           strerror(-ret));
-                return;
-            }
-        }
-        break;
-    default:
-        error_setg(errp, "Lost tick policy not supported.");
-        return;
-    }
-
+    do_pit_initialize(s, errp);
     memory_region_init_io(&pit->ioports, OBJECT(dev), NULL, NULL, "kvm-pit=
", 4);
=20
     qdev_init_gpio_in(dev, kvm_pit_irq_control, 1);
=20
     qemu_add_vm_change_state_handler(kvm_pit_vm_state_change, s);
=20
+    s->kvmpit_vmfd_change_notifier.notify =3D kvmpit_post_vmfd_change;
+    kvm_vmfd_add_change_notifier(&s->kvmpit_vmfd_change_notifier);
+
     kpc->parent_realize(dev, errp);
 }
=20
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552023; cv=none;
	d=zohomail.com; s=zohoarc;
	b=jPfK0ma5auTRfYX66VKyczAxjLCHkI+772HUQhbDgUOdDgQXYZq4dvdVyehfyOWtlo3dy6pdqSyBxP+Hi5Cmqx4aZ4zwUKW/PlFcCh3ACjMmnqIv/8Oxiqz75Ze0v8ojtE3mXOtYuVD3bHXGEippg2qLqBOMqq43y/2HzmLstpc=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552023;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=7+hUMfB7dPYW0Ylu11mGAE8OiIe7zJXRU6t355j1QZ0=;
	b=e5Oi+vW6YxkU1KL+Z+AMlDQiM4FDF+3aEnhLRcjcZtLQd1JGqC8SI5BoGb4aeaqeYEOLLth9U1XcIJlGmoqotat1zLn94F8bKnTe9Q7Fs0B39QpzueYNs9D0BM/JtU2i9++uKJimlcibuh8u6MhMYIXNRs7L9Kll468uJVa/1Uc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552023606378.1413284401034;
 Fri, 12 Dec 2025 07:07:03 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4iE-0003Vb-CZ; Fri, 12 Dec 2025 10:05:42 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iA-00038z-76
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:39 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4i8-00067v-HM
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:37 -0500
Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com
 [209.85.214.197]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-184-OTm1adgbMVe7b8lDCQxuew-1; Fri, 12 Dec 2025 10:05:33 -0500
Received: by mail-pl1-f197.google.com with SMTP id
 d9443c01a7336-29557f43d56so16174625ad.3
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:33 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.28
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551935;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=7+hUMfB7dPYW0Ylu11mGAE8OiIe7zJXRU6t355j1QZ0=;
 b=h2FNlKsvfYYiW3/fdhs2Lkky6Eeozu5SmQk4Sq5HJVCTrIMsrldNOmN7vifvGcxv/v7UPV
 Z5a6r8KDWUsv2ErusWaDvN/UOG6+7eX1v0k+3Vr28iFcC2rgD2ynQ+WVNUlvDPsTWL1IVg
 jU9SfMgSM//olyIwb2mKgKxwEBHH308=
X-MC-Unique: OTm1adgbMVe7b8lDCQxuew-1
X-Mimecast-MFC-AGG-ID: OTm1adgbMVe7b8lDCQxuew_1765551932
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551932; x=1766156732; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=7+hUMfB7dPYW0Ylu11mGAE8OiIe7zJXRU6t355j1QZ0=;
 b=FvDJonmhJc/VRlDt9ItYnntX+XbdCTsJznlvQg+gP9to+zNc+mfFukxNheZcf+gd/x
 UC/VatCoIPrUsKIY/Y7abHXCymleJyYjNyIF/ETjZicBzMJFUWW5cmaOGgqCbmGFzROw
 rloEvQ4V2erSnlaa1bv9QkFZfS9om8laujgywJ075S7FQLV6nmVxEVtFOFXVhINUN8Qz
 hHlUXgFnfRoh26TdwyU721y4vHg64LYa6A9so3Edst/SITMLBqZwoJw75/ms91Cq/Ywx
 /k7TJYxPQB51eSUazumUOr5KzldiaD6oTu/K6ishw4jKIOaClK7anvJPfD29RU9eRiij
 uQsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551932; x=1766156732;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=7+hUMfB7dPYW0Ylu11mGAE8OiIe7zJXRU6t355j1QZ0=;
 b=TtTB2dlIqSM0HjRwUX0+kyNsnSY1kz9w1FAr4xSIE4yLmRM+MrdzGRs7FW0S2plGPo
 OK37v8OV1yg2bQFb/fibCZlsZY5FGIwSbwaxQvkRxWQFW/BL9jD83QnK4eFGtsO2rQh7
 zM4j8x8DYw0WqpKLxGtisIrnYp5NmWDQnXYbXvOOTMzoUY5i7Ax3FzYGuul1K31EqSLW
 pUBS5YfyANIoxXWV2ZgC+UJb50mSyYEqi2iEm/M1zjSj5CP/q/xW3jVcDeChOTYPIgJ2
 Ht1MAaggyw2YYRMLbuX47wjDQs41GsipPhtr2P+4xSuC/DTjyaS5fn9ruiBqEJPmrvVo
 0Ksw==
X-Forwarded-Encrypted: i=1;
 AJvYcCVyUR1C+/WNzy4mx4cVPYkvTA0+2rELyPK/hyxAhAiCfVZGgobMBEoj2B4YkeJRg5Ji0+6EhFEw9Ilc@nongnu.org
X-Gm-Message-State: AOJu0Yz0CM/1P/DeeEs4EoyoHLkq/Z9UXTlPBsmaC28n7wLgCgQfACwc
 rpF/Bkyakk8S+GX3LWdEp4S1eBMS1xEVZ6ETzIKrA5H5TJJZjLrhxPJ+0Ew9q7+JiI66IuYTroJ
 DAHdVYGG7yqvQLZ2CSmCVVfORoXUAeJubANNFIeILFi4gHRVV+765pozJ
X-Gm-Gg: AY/fxX5kjxcOi/daszOoxGYvyYdgFFN+4kCvjPGFtzXVScOJktQkTcO09hAYSgQO2xX
 BoRGBEf4lbeFpd/uCx25r2k0NQu2dG6DAA0KuaAkXA0t3ZvAkwo/DCNNmbjCsZcqNuTyT7FbcSa
 6TCpdLZnaISTT6FKhN714geUVMm0rHtzzofoG8qY0vW8z6NyQzceEJBgLJvt+zbfVhpCXsFqEgR
 zihYgegFtrmpl13POO7EDJr+1irdLCBpLUweYYXH4JPeBE7mGr1t3k1y+skC0TD3jx86/Hg2EFO
 ggF2iGt0RVPMnliOtbsElm6PrmxCo3ODg8tb7KATgi4k7+yFFMTfFiInCsNbkF5FoZKybQRWbfG
 H0uwmfDImQ5jgB3Gdw+qZesiWrsN96XAKTVVoUzInK58=
X-Received: by 2002:a17:902:f693:b0:295:70cc:8ec4 with SMTP id
 d9443c01a7336-29f2436e844mr18941125ad.51.1765551931824;
 Fri, 12 Dec 2025 07:05:31 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IHCOZzaeFRAwLOwniS/Zo6lEvdDrVSQx380FdsbgtviZVCAir36kb35UhyHGyUIx8t4pDAc8Q==
X-Received: by 2002:a17:902:f693:b0:295:70cc:8ec4 with SMTP id
 d9443c01a7336-29f2436e844mr18940645ad.51.1765551931084;
 Fri, 12 Dec 2025 07:05:31 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: "Maciej S. Szmigiero" <maciej.szmigiero@oracle.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, pbonzini@redhat.com,
 qemu-devel@nongnu.org, Ani Sinha <anisinha@redhat.com>
Subject: [PATCH v1 21/28] hw/hyperv/vmbus: add support for confidential guest
 reset
Date: Fri, 12 Dec 2025 20:33:49 +0530
Message-ID: <20251212150359.548787-22-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552053786158500
Content-Type: text/plain; charset="utf-8"

On confidential guests when the KVM virtual machine file descriptor changes=
 as
a part of the reset process, event file descriptors needs to be reassociated
with the new KVM VM file descriptor. This is achieved with the help of a
callback handler that gets called when KVM VM file descriptor changes during
the confidential guest reset process.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/hyperv/vmbus.c | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/hw/hyperv/vmbus.c b/hw/hyperv/vmbus.c
index 961406cdd6..4763c0aebc 100644
--- a/hw/hyperv/vmbus.c
+++ b/hw/hyperv/vmbus.c
@@ -19,6 +19,7 @@
 #include "hw/hyperv/vmbus.h"
 #include "hw/hyperv/vmbus-bridge.h"
 #include "hw/sysbus.h"
+#include "system/kvm.h"
 #include "exec/target_page.h"
 #include "trace.h"
=20
@@ -247,6 +248,12 @@ struct VMBus {
      * interrupt page
      */
     EventNotifier notifier;
+
+    /*
+     * Notifier to inform when vmfd is changed as a part of confidential g=
uest
+     * reset mechanism.
+     */
+    NotifierWithReturn vmbus_vmfd_change_notifier;
 };
=20
 static bool gpadl_full(VMBusGpadl *gpadl)
@@ -2346,6 +2353,26 @@ static void vmbus_dev_unrealize(DeviceState *dev)
     free_channels(vdev);
 }
=20
+/*
+ * If the KVM fd changes because of VM reset in confidential guests,
+ * reassociate event fd with the new KVM fd.
+ */
+static int vmbus_handle_vmfd_change(NotifierWithReturn *notifier,
+                                    void *data, Error** errp)
+{
+    VMBus *vmbus =3D container_of(notifier, VMBus,
+                                vmbus_vmfd_change_notifier);
+    int ret =3D 0;
+    ret =3D hyperv_set_event_flag_handler(VMBUS_EVENT_CONNECTION_ID,
+                                            &vmbus->notifier);
+    /* if we are only using userland event handler, it may already exist */
+    if (ret !=3D 0 && ret !=3D -EEXIST) {
+        error_setg(errp, "hyperv set event handler failed with %d", ret);
+    }
+
+    return ret;
+}
+
 static const Property vmbus_dev_props[] =3D {
     DEFINE_PROP_UUID("instanceid", VMBusDevice, instanceid),
 };
@@ -2428,6 +2455,9 @@ static void vmbus_realize(BusState *bus, Error **errp)
         goto clear_event_notifier;
     }
=20
+    vmbus->vmbus_vmfd_change_notifier.notify =3D vmbus_handle_vmfd_change;
+    kvm_vmfd_add_change_notifier(&vmbus->vmbus_vmfd_change_notifier);
+
     return;
=20
 clear_event_notifier:
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552007; cv=none;
	d=zohomail.com; s=zohoarc;
	b=YgGd1zMwO+s3VnZyhAvaFvVEUMjnbgZ3BEhEKSshByKk+GT0haCjPFgZ7A7AZY0Ft2RYePtYGzeu6Cmv7w6kc3jSgY8hxLQtkNAvChFkPimpoWChrU52d8pgbMB/ah44Q64VPg2ceA1agA4DlwHVOLvdYdJOElLEDRNwM9LkG60=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552007;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=tMdRfFGcpxCcqNkq2TVSVJsE/ZLQul0p4ArTaq9CGns=;
	b=X4jUUZV5WnH7YgbKmmqAsN+fwx9Q+rFfLeOSQlmNfzyMA+WjQpAH3cH5Ha0gCAFMle8JNJZ+6BWsSUZSQjdhP5ZltThbYidF+vH41rH667KFCBDngyvDERRBy1K7v57LB8YmC3nT9dpX4IHe+XYVxuxhnnHhOO0+ieIUwmZY+dE=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552006409209.10270863181654;
 Fri, 12 Dec 2025 07:06:46 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4iE-0003XX-L0; Fri, 12 Dec 2025 10:05:42 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iD-0003Ma-AS
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:41 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iB-00068H-62
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:40 -0500
Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com
 [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-444-ezsbKj2tO0mg7Yx03RSqow-1; Fri, 12 Dec 2025 10:05:37 -0500
Received: by mail-pl1-f199.google.com with SMTP id
 d9443c01a7336-29557f43d56so16175215ad.3
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:35 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.31
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551938;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=tMdRfFGcpxCcqNkq2TVSVJsE/ZLQul0p4ArTaq9CGns=;
 b=TJ3XxgZD0jYoZXiIdmVa7PGNVMgsRVJbbEe05fg2oXU6X9asW6M2fcTfy4XXYXFpuPhZ5w
 kd6rUuB7JOn9pjPJT8+Dv3HW7rTeqQxJzlUyyAD2d+N/2DR5rgbPTYaZvbIcWzeUNX34mT
 DRh3t3XFnPFXSlX1oaTWqP3ED2NcFKY=
X-MC-Unique: ezsbKj2tO0mg7Yx03RSqow-1
X-Mimecast-MFC-AGG-ID: ezsbKj2tO0mg7Yx03RSqow_1765551935
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551935; x=1766156735; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=tMdRfFGcpxCcqNkq2TVSVJsE/ZLQul0p4ArTaq9CGns=;
 b=fe2RkfSRymVPJOCkvyz/X0VPf+Ym9Kg2def7ZZ3QlDWkvnxExoV9daLQ/uPbHOLiSZ
 rp6r6rsoVH5+aQKARJLkMNzLpigwQeomWjI/WdkNM4DwG+PYOorX8o1i9a2/OkDx4Hyr
 6YE0Hqw8EvidgbegxTfzUy24sC/VyoYKn3IapDRiFDtIQNlqM2c215sYOORrX2QM+Jx1
 iwar/9usN/QsWW5gCKMeglrgvJWxumOJr7VsrS/KdRy0cJ95yLP01gzopuqEa+MDT3AG
 77drXkZU4shuanuNyEFD58eTYmR3F52ygFCL5Z3JeFMX53wtlVnA4PGmGJ/4askpAzqy
 5zFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551935; x=1766156735;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=tMdRfFGcpxCcqNkq2TVSVJsE/ZLQul0p4ArTaq9CGns=;
 b=cGmb2TOq8szBniLYMwkkM2XQvtyjLG0TAztq3wgsVxBNFvAFSQmgkKUG2HhYqmu+BT
 cSjVqF5wc3LpAKPQK8Zfw0mrD8nf7PvNFyE3JdHDiBKLMnHu/uS9W4HEJTRaBPUQckzI
 qkJtbb6zXPf6L+1PiNVCgdjYcUAtm2KDon9ucnwSkohKBcV9d/9ow7a2x4dmk3K7ohcG
 krJE9ssY/PGqbnLKOLRT71O/R2c7U7EPWtbLIYfAEVIU+i5+g+LqNRi/RCUmpZfjg3EB
 MIVZejgpAuRzSmZ5d5AMOppKikuTpG3ANZf8KNQXzeHcmRpRxUtfABLsML5wRKLEfk5A
 NsIQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCXYKsJcs2sBplirwEmfdNIBv0T7osear5B6UrBOPo0YGbPEgRanX1/32hBTJivNCyXZSVEAmPmXk7TE@nongnu.org
X-Gm-Message-State: AOJu0YzaN+DC5X9Zp4iv+thJaFU5zK5rYvakuNzhKDkndSAwzaJunVWC
 S+NgRTh6op2gJ+HXsvf3LKijUvc6SQTwwYmVWxyysDN5x7RxOG5LQmb+OtJNSdj6lTYQ5uxa0jh
 9IGJhkN9jiLPT4lFY2SzVL4ElxjJ39DhvYFTcuNI1wy6NSJQ7gFVHeirm
X-Gm-Gg: AY/fxX7LvtZP9hPq1QE4BAdLHuA2Bnw0q/CyjDLS2svMeu16zlenQa3UzEvY8Mc61bY
 /fWF542qJGVF3KK/SmkeDTthouclZqSxB+TRwSt/19s+gX8TpvEn8idJhfcFwKS36zpyLjG5pip
 Olv5F4Sq1zaYYjTMmZW2sHIjrzM0jfq1P1goyqI5rzNUqFS3hdE/FS0kGNPdJBLtISnCK0diX8m
 Mrukexqs3hrvwADCy87rUacj6chMJUobF/eou4Nb+pkS4yGpCIaVlyI3zjnCYkqwFI+mIj1chLm
 rVR+D6bPd8fHNbMFbCyJRfp4hr1+MNfaiTl1ALD4cyWyqbSyKWLPofycOZLmexYPpHh2dcbUxAd
 kNttv/4hy9Emj562Gy54wMRZYYULso12ZzT1nbp0w7os=
X-Received: by 2002:a17:903:acf:b0:294:fcae:826 with SMTP id
 d9443c01a7336-29f244d24c1mr23437805ad.59.1765551934974;
 Fri, 12 Dec 2025 07:05:34 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IGedReOhIbFJBin/uwXKIliBnvQTpJto3XxixePrYDFlN9AlFUFlcGPxEcKxB7IBSK0yyzltA==
X-Received: by 2002:a17:903:acf:b0:294:fcae:826 with SMTP id
 d9443c01a7336-29f244d24c1mr23437305ad.59.1765551934309;
 Fri, 12 Dec 2025 07:05:34 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Marcelo Tosatti <mtosatti@redhat.com>,
 Zhao Liu <zhao1.liu@intel.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 22/28] accel/kvm: add a per-confidential class callback to
 unlock guest state
Date: Fri, 12 Dec 2025 20:33:50 +0530
Message-ID: <20251212150359.548787-23-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552009827158500
Content-Type: text/plain; charset="utf-8"

As a part of the confidential guest reset process, the existing encrypted g=
uest
state must be made mutable since it would be discarded after reset. A new
encrypted and locked guest state must be established after the reset. To th=
is
end, a new callback per confidential guest support class (eg, tdx or sev-sn=
p)
is added that will indicate whether its possible to rebuild guest state:

bool (*can_rebuild_guest_state)(ConfidentialGuestSupport *cgs)

This api returns true if rebuilding guest state is possible,
false otherwise. A KVM based confidential guest reset is only possible when
the existing state is locked but its possible to rebuild guest state.
Otherwise, the guest is not resettable.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 include/system/confidential-guest-support.h | 27 +++++++++++++++++++++
 system/runstate.c                           | 11 +++++++--
 target/i386/kvm/tdx.c                       |  6 +++++
 target/i386/sev.c                           |  9 +++++++
 4 files changed, 51 insertions(+), 2 deletions(-)

diff --git a/include/system/confidential-guest-support.h b/include/system/c=
onfidential-guest-support.h
index 0cc8b26e64..3c37227263 100644
--- a/include/system/confidential-guest-support.h
+++ b/include/system/confidential-guest-support.h
@@ -152,6 +152,11 @@ typedef struct ConfidentialGuestSupportClass {
      */
     int (*get_mem_map_entry)(int index, ConfidentialGuestMemoryMapEntry *e=
ntry,
                              Error **errp);
+
+    /*
+     * is it possible to rebuild the guest state?
+     */
+    bool (*can_rebuild_guest_state)(ConfidentialGuestSupport *cgs);
 } ConfidentialGuestSupportClass;
=20
 static inline int confidential_guest_kvm_init(ConfidentialGuestSupport *cg=
s,
@@ -167,6 +172,28 @@ static inline int confidential_guest_kvm_init(Confiden=
tialGuestSupport *cgs,
     return 0;
 }
=20
+static inline bool
+confidential_guest_can_rebuild_state(ConfidentialGuestSupport *cgs)
+{
+    ConfidentialGuestSupportClass *klass;
+
+    if (!cgs) {
+        /* non-confidential guests */
+        return true;
+    }
+
+    klass =3D CONFIDENTIAL_GUEST_SUPPORT_GET_CLASS(cgs);
+    if (klass->can_rebuild_guest_state) {
+        return klass->can_rebuild_guest_state(cgs);
+    }
+
+    /*
+     * by default, we should not be able to unprotect the
+     * confidential guest state
+     */
+    return false;
+}
+
 static inline int confidential_guest_kvm_reset(ConfidentialGuestSupport *c=
gs,
                                                Error **errp)
 {
diff --git a/system/runstate.c b/system/runstate.c
index f5e57fd1f7..fb878c2992 100644
--- a/system/runstate.c
+++ b/system/runstate.c
@@ -58,6 +58,7 @@
 #include "system/reset.h"
 #include "system/runstate.h"
 #include "system/runstate-action.h"
+#include "system/confidential-guest-support.h"
 #include "system/system.h"
 #include "system/tpm.h"
 #include "trace.h"
@@ -564,7 +565,12 @@ void qemu_system_reset(ShutdownCause reason)
     if (cpus_are_resettable()) {
         cpu_synchronize_all_post_reset();
     } else {
-        assert(runstate_check(RUN_STATE_PRELAUNCH));
+        /*
+         * for confidential guests, cpus are not resettable but their
+         * state can be rebuilt under some conditions.
+         */
+        assert(runstate_check(RUN_STATE_PRELAUNCH) ||
+               (current_machine->cgs && runstate_is_running()));
     }
=20
     vm_set_suspended(false);
@@ -713,7 +719,8 @@ void qemu_system_reset_request(ShutdownCause reason)
     if (reboot_action =3D=3D REBOOT_ACTION_SHUTDOWN &&
         reason !=3D SHUTDOWN_CAUSE_SUBSYSTEM_RESET) {
         shutdown_requested =3D reason;
-    } else if (!cpus_are_resettable()) {
+    } else if (!cpus_are_resettable() &&
+               !confidential_guest_can_rebuild_state(current_machine->cgs)=
) {
         error_report("cpus are not resettable, terminating");
         shutdown_requested =3D reason;
     } else {
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index b6fac162bd..20f9d63eff 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -1594,6 +1594,11 @@ static ResettableState *tdx_reset_state(Object *obj)
     return &tdx->reset_state;
 }
=20
+static bool tdx_can_rebuild_guest_state(ConfidentialGuestSupport *cgs)
+{
+    return true;
+}
+
 static void tdx_guest_class_init(ObjectClass *oc, const void *data)
 {
     ConfidentialGuestSupportClass *klass =3D CONFIDENTIAL_GUEST_SUPPORT_CL=
ASS(oc);
@@ -1601,6 +1606,7 @@ static void tdx_guest_class_init(ObjectClass *oc, con=
st void *data)
     ResettableClass *rc =3D RESETTABLE_CLASS(oc);
=20
     klass->kvm_init =3D tdx_kvm_init;
+    klass->can_rebuild_guest_state =3D tdx_can_rebuild_guest_state;
     x86_klass->kvm_type =3D tdx_kvm_type;
     x86_klass->cpu_instance_init =3D tdx_cpu_instance_init;
     x86_klass->adjust_cpuid_features =3D tdx_adjust_cpuid_features;
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 246a58c752..4eea58d160 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -2659,6 +2659,14 @@ static int cgs_set_guest_state(hwaddr gpa, uint8_t *=
ptr, uint64_t len,
     return -1;
 }
=20
+static bool sev_can_rebuild_guest_state(ConfidentialGuestSupport *cgs)
+{
+    if (!sev_snp_enabled() && !sev_es_enabled()) {
+        return false;
+    }
+    return true;
+}
+
 static int cgs_get_mem_map_entry(int index,
                                  ConfidentialGuestMemoryMapEntry *entry,
                                  Error **errp)
@@ -2833,6 +2841,7 @@ sev_common_instance_init(Object *obj)
     cgs->set_guest_state =3D cgs_set_guest_state;
     cgs->get_mem_map_entry =3D cgs_get_mem_map_entry;
     cgs->set_guest_policy =3D cgs_set_guest_policy;
+    cgs->can_rebuild_guest_state =3D sev_can_rebuild_guest_state;
=20
     qemu_register_resettable(OBJECT(sev_common));
=20
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552112; cv=none;
	d=zohomail.com; s=zohoarc;
	b=BeBXZylthdDvU3cZTnqnM4rxBh5ODfLCgaCyniNNtIt3hLrqhjz38RlRWyptACiIcXZ2voB0J5BXYA9mAaklaURbBCJkD0FfnBwMxeQBZrbiVOfR2zczdZVTrRSijsd8pz/4BwIFrhpqtIfELGnH5SpAFZfsW5N+5r3+geMz38Q=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552112;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=JNcrE+4f8j63y44F5BmyHdkxQ8nR4MpXkUljLFk9KRg=;
	b=Tic2zkGofZa3oMykwNWpf1wb2HNYmR9Kh6XovIryuuf0dILPkbD9usqIftXKC33Vh4DAE0tOqCsa1Q4R5B5CKekcd9C9uPkFEQhHuWJ+SoVVbQWuo7mX0uhPxZFVcfnGE7bR5tBVZiF1aLiiWKm/sLPGzPXopctR4jz7nDVl4i0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552112960426.70746415718827;
 Fri, 12 Dec 2025 07:08:32 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4iH-0003n7-QD; Fri, 12 Dec 2025 10:05:45 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iG-0003ez-7c
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:44 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iE-00068z-Mp
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:43 -0500
Received: from mail-pj1-f69.google.com (mail-pj1-f69.google.com
 [209.85.216.69]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-551-kxWmUttcMzOOViwDgeUrGw-1; Fri, 12 Dec 2025 10:05:39 -0500
Received: by mail-pj1-f69.google.com with SMTP id
 98e67ed59e1d1-34aa6655510so1714185a91.1
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:39 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.34
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551941;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=JNcrE+4f8j63y44F5BmyHdkxQ8nR4MpXkUljLFk9KRg=;
 b=ajLE07+hUSArgnS93hzslKJy+Et9w8Lpe4f3vZHl0HrLIeS8VCawYIm4T0GMf1pOWpdn8s
 tm1IafEKoyxYPXuK3WfrNdIZXelpYeZmDtn9AmoE3+JMbTuQWMrDwJP34iq3D7hky8rBqo
 5tcQ5CBbznvHih1pQEKGWoovgpnCA28=
X-MC-Unique: kxWmUttcMzOOViwDgeUrGw-1
X-Mimecast-MFC-AGG-ID: kxWmUttcMzOOViwDgeUrGw_1765551938
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551938; x=1766156738; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=JNcrE+4f8j63y44F5BmyHdkxQ8nR4MpXkUljLFk9KRg=;
 b=gcV6K5b8vTpZgDcMvXoOEaeBre19sfCaD42ahTBMivwV0aT13gx9UOHSWRxaCuskk2
 1ygAOBgp0NNwQXUNuYqZEc6SJyfneoOSIAHvrIW1vkXzIlPP6620H9E0/7a6miJgSw57
 ko/muw06DHM1sQH9uIBa5A1uifvM3v8DO2d8ZDWecuWms/0m4SqUptFt/vx5aBtgNFrt
 jQeiVSBLLDcVVmhP9vVIhRJlsFt6DElp6T/bEzS4vLkkAwVjEG22l2H2T0oXHtdSmUTL
 6+WD1/2luBfn6AKhGNC6hBEo8b5i+el8vh1x/E7QHtMPGoRfjD2qJcYT2c279l8ywXaP
 UE1Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551938; x=1766156738;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=JNcrE+4f8j63y44F5BmyHdkxQ8nR4MpXkUljLFk9KRg=;
 b=WX6ASXSE6XoG9fEo6Rw1YdMueF1uCqmuwNDSm3+jDfTYGexleB2MkeEiD5+wk4fkXL
 jTwTBEj27ZAzSn8603vF4pr0ETPhaJb/tztb5F8sX93EOmwAerFL5Umq+zGumL1ZVBNc
 CrL4qBkcvbRgX/WZGi2hAqHUY0iLEf/gt9M0CazAzJIYK782tC+oCXqlKOvC2RUAwhnx
 I+t4KVxkWy24ARvJjp9PaBrrd95MGvXlB63FWY20XWzHvL+S4j1QNzoNSHc/N2Qh6186
 3Hcm8p/NANVdYxC9zvCDrh2a2I62cqOHTOnc3JLtMKgsHP2L1wDVkGrKr1iK6RRRxBgH
 YWMg==
X-Forwarded-Encrypted: i=1;
 AJvYcCUllZAotnYp8FnKk24nQ07CIWlw+yVLxdcg0U5QJxLcEyjnw02GhV2PuuB/nmib/U7hg6y0NjwQAmCs@nongnu.org
X-Gm-Message-State: AOJu0YwdyUIQdaB8fKMpjTvJ67eBieEIFoqNA1csTTcvP5taLbSMhcwh
 fZIt4emj9gPoAw2gcYFEQ7bvjIsd4kHotdm5GaNmNSYIjpN6CzepM2fVYwNL0G6JJN5RCarE5CD
 lC0ZciwyqOJoAwcR62POp6wnanQ0UgoohplimAPqmKppJrl/8BIWuZE9k
X-Gm-Gg: AY/fxX7a2qPmXhqz1xXoaaq0c+r9/Ki/ZkuYAnMK3Bv8YGIQxHT82bPPYSMTup2sS3D
 ZJ76tfoExTQtLcgQTXHxMSCYu5F1JPHBe8aB0zEsW4mhne2YnO/oT6o6BSeCx1MHyH4POV9x+z9
 iiLOj+6TNDaYHXbmbjyWeDeHoVVpdEuLIF2oZ7H2TIHW0xzt6zpYSsIFb3s0jz5QgI4N1FzoStO
 v/4u0Zjh7ugKNPfDBu4LiO7yU9Q6VU35V9f7CRQ9sm/pMUJZ7L15IDJGRPdRzdiVXrh063MdF0a
 HO2xcrXu2RMrlp/KbEtD501jl1lvEQeh/1mG3cOQt4QUtmMsgF2GcmM+lPmbY6h6wy+7czPrprr
 etEwvFm1oXhMoz/q9kWPQRiZ1lCpsQUzx8KfQYxlWsm4=
X-Received: by 2002:a17:903:2cd:b0:269:82a5:f9e9 with SMTP id
 d9443c01a7336-29f2404b62emr22001815ad.29.1765551938076;
 Fri, 12 Dec 2025 07:05:38 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IHnq9WRvTLwHHfQ5V/fKnINCsQGztH87yOnmYhTJLhbvtEkf/NeEcL0ENt723AVANrzo/wAIQ==
X-Received: by 2002:a17:903:2cd:b0:269:82a5:f9e9 with SMTP id
 d9443c01a7336-29f2404b62emr22001405ad.29.1765551937580;
 Fri, 12 Dec 2025 07:05:37 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>,
 Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 23/28] kvm/xen-emu: re-initialize capabilities during
 confidential guest reset
Date: Fri, 12 Dec 2025 20:33:51 +0530
Message-ID: <20251212150359.548787-24-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552114482158500
Content-Type: text/plain; charset="utf-8"

On confidential guests KVM virtual machine file descriptor changes as a
part of the guest reset process. Xen capabilities needs to be re-initialize=
d in
KVM against the new file descriptor.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/xen-emu.c | 45 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 43 insertions(+), 2 deletions(-)

diff --git a/target/i386/kvm/xen-emu.c b/target/i386/kvm/xen-emu.c
index 52de019834..4f4cde7c58 100644
--- a/target/i386/kvm/xen-emu.c
+++ b/target/i386/kvm/xen-emu.c
@@ -44,9 +44,12 @@
=20
 #include "xen-compat.h"
=20
+NotifierWithReturn xen_vmfd_change_notifier;
+static bool hyperv_enabled;
 static void xen_vcpu_singleshot_timer_event(void *opaque);
 static void xen_vcpu_periodic_timer_event(void *opaque);
 static int vcpuop_stop_singleshot_timer(CPUState *cs);
+static int do_initialize_xen_caps(KVMState *s, uint32_t hypercall_msr);
=20
 #ifdef TARGET_X86_64
 #define hypercall_compat32(longmode) (!(longmode))
@@ -54,6 +57,25 @@ static int vcpuop_stop_singleshot_timer(CPUState *cs);
 #define hypercall_compat32(longmode) (false)
 #endif
=20
+static int xen_handle_vmfd_change(NotifierWithReturn *n,
+                                  void *data, Error** errp)
+{
+    int ret;
+
+    ret =3D do_initialize_xen_caps(kvm_state, XEN_HYPERCALL_MSR);
+    if (ret < 0) {
+        return ret;
+    }
+
+    if (hyperv_enabled) {
+        ret =3D do_initialize_xen_caps(kvm_state, XEN_HYPERCALL_MSR_HYPERV=
);
+        if (ret < 0) {
+            return ret;
+        }
+    }
+    return 0;
+}
+
 static bool kvm_gva_to_gpa(CPUState *cs, uint64_t gva, uint64_t *gpa,
                            size_t *len, bool is_write)
 {
@@ -111,15 +133,16 @@ static inline int kvm_copy_to_gva(CPUState *cs, uint6=
4_t gva, void *buf,
     return kvm_gva_rw(cs, gva, buf, sz, true);
 }
=20
-int kvm_xen_init(KVMState *s, uint32_t hypercall_msr)
+static int do_initialize_xen_caps(KVMState *s, uint32_t hypercall_msr)
 {
+    int xen_caps, ret;
     const int required_caps =3D KVM_XEN_HVM_CONFIG_HYPERCALL_MSR |
         KVM_XEN_HVM_CONFIG_INTERCEPT_HCALL | KVM_XEN_HVM_CONFIG_SHARED_INF=
O;
+
     struct kvm_xen_hvm_config cfg =3D {
         .msr =3D hypercall_msr,
         .flags =3D KVM_XEN_HVM_CONFIG_INTERCEPT_HCALL,
     };
-    int xen_caps, ret;
=20
     xen_caps =3D kvm_check_extension(s, KVM_CAP_XEN_HVM);
     if (required_caps & ~xen_caps) {
@@ -143,6 +166,21 @@ int kvm_xen_init(KVMState *s, uint32_t hypercall_msr)
                      strerror(-ret));
         return ret;
     }
+    return xen_caps;
+}
+
+int kvm_xen_init(KVMState *s, uint32_t hypercall_msr)
+{
+    int xen_caps;
+
+    xen_caps =3D do_initialize_xen_caps(s, hypercall_msr);
+    if (xen_caps < 0) {
+        return xen_caps;
+    }
+
+    if (!hyperv_enabled && (hypercall_msr =3D=3D XEN_HYPERCALL_MSR_HYPERV)=
) {
+        hyperv_enabled =3D true;
+    }
=20
     /* If called a second time, don't repeat the rest of the setup. */
     if (s->xen_caps) {
@@ -185,6 +223,9 @@ int kvm_xen_init(KVMState *s, uint32_t hypercall_msr)
     xen_primary_console_reset();
     xen_xenstore_reset();
=20
+    xen_vmfd_change_notifier.notify =3D xen_handle_vmfd_change;
+    kvm_vmfd_add_change_notifier(&xen_vmfd_change_notifier);
+
     return 0;
 }
=20
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552176; cv=none;
	d=zohomail.com; s=zohoarc;
	b=KIRoeDC7sMbzp/5758QZYLSoLyRHVYOMfpfNQa7Z7OUamJ+bXQk8d4JmL0c9hmdZYnlrz8La7YWTsVCxQxR0Isa4mlAZTC9t27TNS5doh5PJk6+0LdghQJK5ieLjK+n3KdIsbuIECp4+rtxk8KiG2RrxHm+QRWO1+pUUHeQp6IA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552176;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=wH2S5VuWnDK8CB8klAkG6rsUPibcz9poRIKukfvIXkw=;
	b=JN0awNQS6knNoFamaSB5uFOhpdsjb0u7BLZJySYZILIfJLQuYZ30X0Ff7nidsuHqJQJOx0B+DtIQv+aHyK+tQ2YcfqmUbofgAjWuMCf+cdRMKVPIPi2DhRDk4NbK2yn6cAFoBhOjuEn5k9AjcojtI/MwMnvwPC6opGC4k5CmMMc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552176315283.07885803446413;
 Fri, 12 Dec 2025 07:09:36 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4iO-00042e-Ae; Fri, 12 Dec 2025 10:05:52 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iM-00041A-F8
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:50 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iK-0006Dc-Of
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:50 -0500
Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com
 [209.85.214.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-490-ls_VKe9qNVyjAYQsXQuIag-1; Fri, 12 Dec 2025 10:05:47 -0500
Received: by mail-pl1-f198.google.com with SMTP id
 d9443c01a7336-29be4d2ef78so24297685ad.2
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:46 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.38
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551948;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=wH2S5VuWnDK8CB8klAkG6rsUPibcz9poRIKukfvIXkw=;
 b=XTQzfuIZ2fUx6mESRSy0ALSxERX+5mQjX9bdi30hQYh5UFY0NW4rFfJ487cPjXBGef5gYo
 CbRzvzcBZglJgKrp5aI2F5nXeoDqB1CK6vE0xq+X/SXayZiVv4J3q5F4R/XWKpxZTmzvkS
 MsmFG9DWwSouEK5ve6BSIkobZKSRWBg=
X-MC-Unique: ls_VKe9qNVyjAYQsXQuIag-1
X-Mimecast-MFC-AGG-ID: ls_VKe9qNVyjAYQsXQuIag_1765551946
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551946; x=1766156746; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=wH2S5VuWnDK8CB8klAkG6rsUPibcz9poRIKukfvIXkw=;
 b=lLlMr0Pb5aMCnfRQjP8QPQpIPezO7pQ2Pw+KS1Sb56ncDc8omEYpei61Rg1Iz7ecv+
 Q4l6NMhqgVCLf/7r3bk7KRSS4n6HB+C7d/RZFlz4TjZb1ZaMg1F3kewzPrFhXCPYccNp
 r19/YPJQm4a9xAIv+jQpVtiohUp9nHJlqv/VE6bsyz6evbP8Fw9j4Mff0AKBiSEVHg2F
 16YB0jRvvchQsK7XEDdEcb9vomksr6f+S4BPi1FKQoNvtVr1gMF+DR4wY1WRVvdmz2R+
 l4N5VlTdz9kXY6O4SeuqAnMFaHdtMr10tjZlM6gUwoh823q+vT8JRrOh3ucvujyJpKxv
 aYWw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551946; x=1766156746;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=wH2S5VuWnDK8CB8klAkG6rsUPibcz9poRIKukfvIXkw=;
 b=j7wEdfbdE+ExNIM1U2mVqkhlX9hh8CR551axomN3FMx1w06vuMb47ns38ffYy8C4jL
 dAb526cwbPpD8kflVASw7RiRp3/dhlwj2UeBCgPRDRQbxSRk1bvVTXkQ80Gc8cBG0FfK
 AODLIxrvSau4eingSBB1Ohstj7guxFG3kL2RhT9LQLGPkqNiAewIqmTiML0m/FeQmmMz
 PToXbFypLrlM+AtdCp6xMoC+Xe2htIete4JIwiq3x6Rd2vBrFElga7G5K1QxUHlY7szr
 Ba1p2bGc+naM/bBzshTndfgLBi7+pdEBpBWLgZushxx0ctp/3DpWB8O1IWY42UXHkR1k
 1s/Q==
X-Forwarded-Encrypted: i=1;
 AJvYcCXOaMMgueQQC2LgYQYHta83QO3NHPFGNlpQ5Fdx5YW5KuhYOFJv52lde+xQ3aqNcXNqGNNLc+mCWM5h@nongnu.org
X-Gm-Message-State: AOJu0YwDWm0auFOXcnotep8FVZwrghouwo1yMFlKVgmYj87T2ihaw9Re
 btKQr6B6muISO6LpBRL47OlHMSxpAYUjfxCpHiZRtPgfm21KkO/uDD1XD9suaIvc1c2CTwO0a4L
 MiE5iu47uW3m1fDVQqae9uwkpT5YgDsWqygH0P/z2DHN/uDaHJ40U+jVk
X-Gm-Gg: AY/fxX5ColXDeo2GxTyPn8IwZ5Hca5bKfSTiEFc8AG6a0BtwAtsteObjwoLpLxK6VgT
 Os5fu0v8oxYcYyZ2HMNaM9Im+PvfhYDFRkjxaJ+3y7hnf0kRMaP+eZ+ZWOL/6Hwu8oUscJSgokn
 yw3uU2mtuAZyQN11LD32hmAkpb9zxEtEwnwJB8YMthAv0gPPYxRD+cD7dA7SCv/Xxbq8acjCiIw
 CDsky9IMgODvX5wPdYz0MKiIizhHbZ+voCterf4RTOmk0sDTPcZdfbWlPSIUEzuXZX1VdahICk0
 8VDOh9VAX0aMEQIa1wbXyiZZZUJU4Uf1Y7B5d9xhQCmKIULLTKk0966xQ8TqxfUWfPeH2O6sYUR
 uuikvVN879yVP38L3gYxArQxtbv6g52FxkltUulnlXBM=
X-Received: by 2002:a17:903:2f82:b0:24e:3cf2:2453 with SMTP id
 d9443c01a7336-29f244d3b40mr22416065ad.61.1765551945603;
 Fri, 12 Dec 2025 07:05:45 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IEwQTlmTKf6GwCiZWdOxB8VVvz+2nCUW9OqKI7syxsRTHJrEXd1eetjt2ZbHS/ZpCh3A+Y8eA==
X-Received: by 2002:a17:903:2f82:b0:24e:3cf2:2453 with SMTP id
 d9443c01a7336-29f244d3b40mr22413215ad.61.1765551941344;
 Fri, 12 Dec 2025 07:05:41 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>,
 Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>,
 "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>
Subject: [PATCH v1 24/28] kvm/xen_evtchn: add support for confidential guest
 reset
Date: Fri, 12 Dec 2025 20:33:52 +0530
Message-ID: <20251212150359.548787-25-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552176740158500
Content-Type: text/plain; charset="utf-8"

As a part of the confidential guest reset, when the KVM VM file handle is
changed, Xen event ports and kernel ports that were associated with the
previous KVM file handle needs to be reassociated with the new handle. This=
 is
performed with the help of a callback handler that gets invoked during the
confidential guest reset process when the KVM VM file fd changes.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/kvm/xen_evtchn.c | 100 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 97 insertions(+), 3 deletions(-)

diff --git a/hw/i386/kvm/xen_evtchn.c b/hw/i386/kvm/xen_evtchn.c
index dd566c4967..ddacb26c44 100644
--- a/hw/i386/kvm/xen_evtchn.c
+++ b/hw/i386/kvm/xen_evtchn.c
@@ -133,6 +133,26 @@ struct pirq_info {
     bool is_translated;
 };
=20
+struct eventfds {
+    uint16_t type;
+    evtchn_port_t port;
+    int fd;
+    QLIST_ENTRY(eventfds) node;
+};
+
+struct kernel_ports {
+    uint16_t type;
+    evtchn_port_t port;
+    uint32_t vcpu_id;
+    QLIST_ENTRY(kernel_ports) node;
+};
+
+static QLIST_HEAD(, eventfds) eventfd_list =3D
+    QLIST_HEAD_INITIALIZER(eventfd_list);
+
+static QLIST_HEAD(, kernel_ports) kernel_port_list =3D
+    QLIST_HEAD_INITIALIZER(kernel_port_list);
+
 struct XenEvtchnState {
     /*< private >*/
     SysBusDevice busdev;
@@ -178,6 +198,7 @@ struct XenEvtchnState {
 #define pirq_inuse(s, pirq) (pirq_inuse_word(s, pirq) & pirq_inuse_bit(pir=
q))
=20
 struct XenEvtchnState *xen_evtchn_singleton;
+static NotifierWithReturn xen_eventchn_notifier;
=20
 /* Top bits of callback_param are the type (HVM_PARAM_CALLBACK_TYPE_xxx) */
 #define CALLBACK_VIA_TYPE_SHIFT 56
@@ -304,6 +325,52 @@ static void gsi_assert_bh(void *opaque)
     }
 }
=20
+static int xen_eventchn_handle_vmfd_change(NotifierWithReturn *notifier,
+                                           void *data, Error **errp)
+{
+    struct eventfds *ef;
+    struct kernel_ports *kp;
+    struct kvm_xen_hvm_attr ha;
+    CPUState *cpu;
+    int ret;
+
+    QLIST_FOREACH(ef, &eventfd_list, node) {
+        ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN;
+        ha.u.evtchn.send_port =3D ef->port;
+        ha.u.evtchn.type =3D ef->type;
+        ha.u.evtchn.flags =3D 0;
+        ha.u.evtchn.deliver.eventfd.port =3D 0;
+        ha.u.evtchn.deliver.eventfd.fd =3D ef->fd;
+
+        ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+        if (ret < 0) {
+            error_setg(errp, "KVM_XEN_HVM_SET_ATTR failed with %d", ret);
+            return ret;
+        }
+    }
+
+    memset(&ha, 0, sizeof(ha));
+
+    QLIST_FOREACH(kp, &kernel_port_list, node) {
+        cpu =3D qemu_get_cpu(kp->vcpu_id);
+        ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN;
+        ha.u.evtchn.send_port =3D kp->port;
+        ha.u.evtchn.type =3D kp->type;
+        ha.u.evtchn.flags =3D 0;
+        ha.u.evtchn.deliver.port.port =3D kp->port;
+        ha.u.evtchn.deliver.port.vcpu =3D kvm_arch_vcpu_id(cpu);
+        ha.u.evtchn.deliver.port.priority =3D
+            KVM_IRQ_ROUTING_XEN_EVTCHN_PRIO_2LEVEL;
+
+        ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+        if (ret < 0) {
+            error_setg(errp, "KVM_XEN_HVM_SET_ATTR failed with %d", ret);
+            return ret;
+        }
+    }
+    return 0;
+}
+
 void xen_evtchn_create(unsigned int nr_gsis, qemu_irq *system_gsis)
 {
     XenEvtchnState *s =3D XEN_EVTCHN(sysbus_create_simple(TYPE_XEN_EVTCHN,
@@ -350,6 +417,9 @@ void xen_evtchn_create(unsigned int nr_gsis, qemu_irq *=
system_gsis)
=20
     /* Set event channel functions for backend drivers to use */
     xen_evtchn_ops =3D &emu_evtchn_backend_ops;
+
+    xen_eventchn_notifier.notify =3D xen_eventchn_handle_vmfd_change;
+    kvm_vmfd_add_change_notifier(&xen_eventchn_notifier);
 }
=20
 static void xen_evtchn_register_types(void)
@@ -547,6 +617,7 @@ static void inject_callback(XenEvtchnState *s, uint32_t=
 vcpu)
 static void deassign_kernel_port(evtchn_port_t port)
 {
     struct kvm_xen_hvm_attr ha;
+    struct kernel_ports *kp;
     int ret;
=20
     ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN;
@@ -557,6 +628,12 @@ static void deassign_kernel_port(evtchn_port_t port)
     if (ret) {
         qemu_log_mask(LOG_GUEST_ERROR, "Failed to unbind kernel port %d: %=
s\n",
                       port, strerror(ret));
+    } else {
+        QLIST_FOREACH(kp, &kernel_port_list, node) {
+            if (kp->port =3D=3D port) {
+                QLIST_REMOVE(kp, node);
+            }
+        }
     }
 }
=20
@@ -565,6 +642,8 @@ static int assign_kernel_port(uint16_t type, evtchn_por=
t_t port,
 {
     CPUState *cpu =3D qemu_get_cpu(vcpu_id);
     struct kvm_xen_hvm_attr ha;
+    g_autofree struct kernel_ports *kp =3D g_malloc0(sizeof(*kp));
+    int ret;
=20
     if (!cpu) {
         return -ENOENT;
@@ -578,12 +657,21 @@ static int assign_kernel_port(uint16_t type, evtchn_p=
ort_t port,
     ha.u.evtchn.deliver.port.vcpu =3D kvm_arch_vcpu_id(cpu);
     ha.u.evtchn.deliver.port.priority =3D KVM_IRQ_ROUTING_XEN_EVTCHN_PRIO_=
2LEVEL;
=20
-    return kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+    ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+    if (ret =3D=3D 0) {
+        kp->type =3D type;
+        kp->port =3D port;
+        kp->vcpu_id =3D vcpu_id;
+        QLIST_INSERT_HEAD(&kernel_port_list, kp, node);
+    }
+    return ret;
 }
=20
 static int assign_kernel_eventfd(uint16_t type, evtchn_port_t port, int fd)
 {
     struct kvm_xen_hvm_attr ha;
+    g_autofree struct eventfds *ef =3D g_malloc0(sizeof(*ef));
+    int ret;
=20
     ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN;
     ha.u.evtchn.send_port =3D port;
@@ -592,7 +680,14 @@ static int assign_kernel_eventfd(uint16_t type, evtchn=
_port_t port, int fd)
     ha.u.evtchn.deliver.eventfd.port =3D 0;
     ha.u.evtchn.deliver.eventfd.fd =3D fd;
=20
-    return kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+    ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+    if (ret =3D=3D 0) {
+        ef->type =3D type;
+        ef->port =3D port;
+        ef->fd =3D fd;
+        QLIST_INSERT_HEAD(&eventfd_list, ef, node);
+    }
+    return ret;
 }
=20
 static bool valid_port(evtchn_port_t port)
@@ -2391,4 +2486,3 @@ void hmp_xen_event_inject(Monitor *mon, const QDict *=
qdict)
         monitor_printf(mon, "Delivered port %d\n", port);
     }
 }
-
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552098; cv=none;
	d=zohomail.com; s=zohoarc;
	b=PmcaKOifHBzNO7rye21FMCawZ2Cp/zFgG2VCXMOptkNzodwmkpZHd9GOcJx7IWoComONa6ivTCKFCGfdqP62S0TWYp28pn2WbYT4/oAyT8X0v0l8Lr8gdrdCwv/sI7g9seOFz1Ax2vstNtNKcCrsAYoZK3dVJ/L5eMtQsMZidVw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552098;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=A4vnbj5L7X5BAm2SsE/iQx+vqw+O4ovyAazkVrIup+Q=;
	b=AFK1BastISGPvl80E0+SZH0Zqn68nMwuL08AdGcHPt4rK4W2K+4aBN4rB+Y1KSYJQkr6Wndd7Ev1XFtmW2dz901i7D1SH7VVgoDrlislYqXI1VH066qahZsvmdZpU/3/nXh3sSBknsT45TiyY6iXY1Sx/JOnozG3oCEXoCMQ75Y=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552098044968.0712777802668;
 Fri, 12 Dec 2025 07:08:18 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4j2-0005Ev-ND; Fri, 12 Dec 2025 10:06:32 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iX-0004Ue-GD
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:06:04 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iT-0006QZ-H5
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:06:00 -0500
Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com
 [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-556-cFxeZ7kNPe-UTwYfbLd1RA-1; Fri, 12 Dec 2025 10:05:50 -0500
Received: by mail-pl1-f199.google.com with SMTP id
 d9443c01a7336-295592eb5dbso25017855ad.0
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:50 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.45
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551956;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=A4vnbj5L7X5BAm2SsE/iQx+vqw+O4ovyAazkVrIup+Q=;
 b=GdWRp5ktQZnEE0KSGMs72CQtVWFODkhL0QIbRdyFNnIloxuuzgG1h1LXX6O4fTtCpd2PyO
 3vmUjEYDYYTqnlsQhKkKmP634r71FsOJGZMZj3N+LsyvT5djAsPlp7A5ZF/IXtA1/NdA8N
 NNLSxGQZQLEB9fbZfj/8aTUiDt09tcQ=
X-MC-Unique: cFxeZ7kNPe-UTwYfbLd1RA-1
X-Mimecast-MFC-AGG-ID: cFxeZ7kNPe-UTwYfbLd1RA_1765551949
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551949; x=1766156749; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=A4vnbj5L7X5BAm2SsE/iQx+vqw+O4ovyAazkVrIup+Q=;
 b=I/Y1uruQj+Pz7g8gYwogdrOTy3S5RahS+JrQ3kmcq7xET1Ejd3PyWpanDYQitgCZnR
 4zLu2G1s7ixME3UHvxjOEOtkX1dJDP0/7PYqbX/bzrf9l9wubeFkqchqq7A/PqOxZoeK
 W68i+Clx+9ONL6JZZb3VXUE4ukxHEzYv/RaFXkeOoQ5aRfLEJyMU2QUUSMNndH6EgC/R
 6jybjYW/4QK/hOHBi8LhCInq6vS69k+gpLKM2dNQrVfgYvQfeFhF8r8LbKpuhqgDQBbi
 ZL+qtaZPJU3NMJXhWbfgHTk48a9ZVm8cd0iPpHuobPt5A7GEEmKi81x88w7f0hOvdrvX
 XK7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551949; x=1766156749;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=A4vnbj5L7X5BAm2SsE/iQx+vqw+O4ovyAazkVrIup+Q=;
 b=Lw/d+AAKpPiX0PO3+94YOswN6Y/Gc8DUxL48wm5fZ2tG4p03Q7FcZcfq72WQ6l5dI8
 POm9SjUfV43D65WHKa9qYS+36+yHf2jS4cgQCGqA4flY4anWRg+chErAKrWgLmjsuUql
 bMg6CF8e8OGHnx/n1UvUdpDP1pVSHXeoUQ+aw3hcY2YKOXjKuRLgomFWI6kddeUNcCN+
 8hE8d8vnxbR9WV4JC+FewrPbfl+go87SD7TZh0w5HmQ4Smtq8JbTxzCOlfEhB/znO0rL
 RyIzzw9n6oNfZd5ceztMwzzNMUg3fOAckS098IW8KpQTZMvGViuG5Xqr0o7me63tVSBl
 5rdA==
X-Forwarded-Encrypted: i=1;
 AJvYcCUQHcmMLB1n0fZdo9okGSQfDlOaN9vjjiZJrHif89FTyEQPzbl0e4GfwqWkL+qEANZahHQv8ujElHu8@nongnu.org
X-Gm-Message-State: AOJu0YzT7ifRG1mkp+D34/Gj36cmCCh/PvuyoF3dAfaNwvflPtwpGEys
 UveqDMhpeXacGOLsfPoh2zj+8MOA5DK4V1OTsAiJCh67HV+Qrq3B53d/+gmnvvWNtz2Zxv6Dp2v
 +J4RDSFFWYjjxfySkdXkJyQZyigWbay7XGP91+WiAIGbJeidGMDp1zbLX
X-Gm-Gg: AY/fxX6FtUnovm80dZeV8d8sa0p1mMKCv6twHBsB3auMoP24ILQjrX5+vxl01VbAQSC
 T90u4oM/xY6A+XBwEdJlJj2SEo8F4NpLXyaaLVQfJt5yfaR2uj/CrLLXtoLKexynl6r2Zd7Uvs/
 of7rRxkfCy2Ht4PmXXGmRNUGVSZOF4uP/xVh8L1dLvKBa4upLGYImzef4sgcDQ//8bJVZ+worPm
 7vq+AjlaNomMgbnER6Lrz2tVKIi+0H7IpbOCmowHTizW3xNMLfjyFVCjP8oFBCiSv9jH2/b1aPy
 R2QhkkeuFwlyDjOtioeCQ3ZRnQhnPoeaAKZsMCPauVVUeGkleTnWmYJQxPhKbhjXLTVd2i+ryRt
 BD3vr5SQIn58O1b7y48nq7elTV4W/7tZbdR0dpxIlroA=
X-Received: by 2002:a17:902:ce0b:b0:297:ddb6:ef81 with SMTP id
 d9443c01a7336-29f23b456cemr27551815ad.16.1765551948333;
 Fri, 12 Dec 2025 07:05:48 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IEfAXYymCrcmJjczDyXrFRejWflzv3WP2N8ZZ8Jsj8XU3fNyM0JbSLVcod5dbiyzRghA0MAow==
X-Received: by 2002:a17:902:ce0b:b0:297:ddb6:ef81 with SMTP id
 d9443c01a7336-29f23b456cemr27551305ad.16.1765551947655;
 Fri, 12 Dec 2025 07:05:47 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Bernhard Beschow <shentey@gmail.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, pbonzini@redhat.com,
 qemu-devel@nongnu.org, Ani Sinha <anisinha@redhat.com>, qemu-ppc@nongnu.org
Subject: [PATCH v1 25/28] ppc/openpic: create a new openpic device and
 reattach mem region on coco reset
Date: Fri, 12 Dec 2025 20:33:53 +0530
Message-ID: <20251212150359.548787-26-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552098300158500
Content-Type: text/plain; charset="utf-8"

For confidential guests during the reset process, the old KVM VM file
descriptor is closed and a new one is created. When a new file descriptor is
created, a new openpic device needs to be created against this new KVM VM f=
ile
descriptor as well. Additionally, existing memory region needs to be reatta=
ched
to this new openpic device and proper CPU attributes set associating new fi=
le
descriptor. This change makes this happen with the help of a callback handl=
er
that gets called when the KVM VM file descriptor changes as a part of the
confidential guest reset process.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/intc/openpic_kvm.c | 108 ++++++++++++++++++++++++++++++++----------
 1 file changed, 83 insertions(+), 25 deletions(-)

diff --git a/hw/intc/openpic_kvm.c b/hw/intc/openpic_kvm.c
index 673ea9ca05..1b7a1d0d00 100644
--- a/hw/intc/openpic_kvm.c
+++ b/hw/intc/openpic_kvm.c
@@ -49,6 +49,7 @@ struct KVMOpenPICState {
     uint32_t fd;
     uint32_t model;
     hwaddr mapped;
+    NotifierWithReturn open_pic_vmfd_change_notifier;
 };
=20
 static void kvm_openpic_set_irq(void *opaque, int n_IRQ, int level)
@@ -114,6 +115,83 @@ static const MemoryRegionOps kvm_openpic_mem_ops =3D {
     },
 };
=20
+static int create_open_pic_device(KVMOpenPICState *opp, Error **errp)
+{
+    int kvm_openpic_model;
+    struct kvm_create_device cd =3D {0};
+    KVMState *s =3D kvm_state;
+    int ret;
+
+    switch (opp->model) {
+    case OPENPIC_MODEL_FSL_MPIC_20:
+        kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_20;
+        break;
+
+    case OPENPIC_MODEL_FSL_MPIC_42:
+        kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_42;
+        break;
+
+    default:
+        error_setg(errp, "Unsupported OpenPIC model %" PRIu32, opp->model);
+        return -1;
+    }
+
+    cd.type =3D kvm_openpic_model;
+    ret =3D kvm_vm_ioctl(s, KVM_CREATE_DEVICE, &cd);
+    if (ret < 0) {
+        error_setg(errp, "Can't create device %d: %s",
+                   cd.type, strerror(errno));
+        return -1;
+    }
+    opp->fd =3D cd.fd;
+
+    return 0;
+}
+
+static int open_pic_vmfd_handle_vmfd_change(NotifierWithReturn *notifier,
+                                            void *data, Error **errp)
+{
+    KVMOpenPICState *opp =3D container_of(notifier, KVMOpenPICState,
+                                        open_pic_vmfd_change_notifier);
+    uint64_t reg_base;
+    struct kvm_device_attr attr;
+    CPUState *cs;
+    int ret;
+
+    /* close the old descriptor */
+    close(opp->fd);
+
+    if (create_open_pic_device(opp, errp) < 0) {
+        return -1;
+    }
+
+    if (!opp->mapped) {
+        return 0;
+    }
+
+    reg_base =3D opp->mapped;
+    attr.group =3D KVM_DEV_MPIC_GRP_MISC;
+    attr.attr =3D KVM_DEV_MPIC_BASE_ADDR;
+    attr.addr =3D (uint64_t)(unsigned long)&reg_base;
+
+    ret =3D ioctl(opp->fd, KVM_SET_DEVICE_ATTR, &attr);
+    if (ret < 0) {
+        fprintf(stderr, "%s: %s %" PRIx64 "\n", __func__,
+                strerror(errno), reg_base);
+        return -1;
+    }
+
+    CPU_FOREACH(cs) {
+        ret =3D kvm_vcpu_enable_cap(cs, KVM_CAP_IRQ_MPIC, 0, opp->fd,
+                                   kvm_arch_vcpu_id(cs));
+        if (ret < 0) {
+            return ret;
+        }
+    }
+
+    return 0;
+}
+
 static void kvm_openpic_region_add(MemoryListener *listener,
                                    MemoryRegionSection *section)
 {
@@ -197,37 +275,14 @@ static void kvm_openpic_realize(DeviceState *dev, Err=
or **errp)
     SysBusDevice *d =3D SYS_BUS_DEVICE(dev);
     KVMOpenPICState *opp =3D KVM_OPENPIC(dev);
     KVMState *s =3D kvm_state;
-    int kvm_openpic_model;
-    struct kvm_create_device cd =3D {0};
-    int ret, i;
+    int i;
=20
     if (!kvm_check_extension(s, KVM_CAP_DEVICE_CTRL)) {
         error_setg(errp, "Kernel is lacking Device Control API");
         return;
     }
=20
-    switch (opp->model) {
-    case OPENPIC_MODEL_FSL_MPIC_20:
-        kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_20;
-        break;
-
-    case OPENPIC_MODEL_FSL_MPIC_42:
-        kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_42;
-        break;
-
-    default:
-        error_setg(errp, "Unsupported OpenPIC model %" PRIu32, opp->model);
-        return;
-    }
-
-    cd.type =3D kvm_openpic_model;
-    ret =3D kvm_vm_ioctl(s, KVM_CREATE_DEVICE, &cd);
-    if (ret < 0) {
-        error_setg(errp, "Can't create device %d: %s",
-                   cd.type, strerror(errno));
-        return;
-    }
-    opp->fd =3D cd.fd;
+    create_open_pic_device(opp, errp);
=20
     sysbus_init_mmio(d, &opp->mem);
     qdev_init_gpio_in(dev, kvm_openpic_set_irq, OPENPIC_MAX_IRQ);
@@ -236,6 +291,9 @@ static void kvm_openpic_realize(DeviceState *dev, Error=
 **errp)
     opp->mem_listener.region_del =3D kvm_openpic_region_del;
     opp->mem_listener.name =3D "openpic-kvm";
     memory_listener_register(&opp->mem_listener, &address_space_memory);
+    opp->open_pic_vmfd_change_notifier.notify =3D
+        open_pic_vmfd_handle_vmfd_change;
+    kvm_vmfd_add_change_notifier(&opp->open_pic_vmfd_change_notifier);
=20
     /* indicate pic capabilities */
     msi_nonbroken =3D true;
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552073; cv=none;
	d=zohomail.com; s=zohoarc;
	b=OOMBEFkTG7dMIpnu9lT8vNcGUf39hBcnhBHVTfzlcPYQ30GtLZKYcvjIl/Jfjk0dY+Z1xqPZquiNk2XzztmHs9ouynKVNKGjPtEu3+rxSUUezoLCSkZX8GVSFC//DeO8YLZZlYd72Np/zWKbmAbkC48Qpa05wHmDJwSjzSttTx0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552073;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=MC5lbXLd3guV2ptWnUpo8dxa+q+3ySAOJ4x29/7bkmQ=;
	b=YxzzCCv0bhR8h/Hwk931PpMHBzjBYBgOliRr1vlH9W1ehPBXSAqfZFvQq1kU4U7uL++OdF1zAV4L8e1RQ8oJRv6gIs6JWx/ANYgLuwbj4QPToDchJ3UQZyZf0MKQOu/7vg14WA2mszMqXJ1gWJ50e2lzyOn+yYDn7Cik2E7QIic=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552073402206.43902053672673;
 Fri, 12 Dec 2025 07:07:53 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4if-0004We-Au; Fri, 12 Dec 2025 10:06:16 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iS-0004Oy-Gh
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:56 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iQ-0006Kq-C4
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:56 -0500
Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com
 [209.85.214.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-518-D6dve7OdOoGsGWYlBGVlug-1; Fri, 12 Dec 2025 10:05:52 -0500
Received: by mail-pl1-f198.google.com with SMTP id
 d9443c01a7336-29f29ae883bso7084305ad.3
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:52 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.48
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551953;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=MC5lbXLd3guV2ptWnUpo8dxa+q+3ySAOJ4x29/7bkmQ=;
 b=CdF/OJc+jhD4cnkMDXUICDOxkgRW23Bc1apaKrxoXYgOM0G6qfqoUJ3fOoZvZk9ZZ9S7bk
 45LguYGfeUa8hDChOl8bpShmagRcrnHknKAkk0smh0p9SqRntrUXF1fam3HgwbOq1b3Xkn
 VjhNV9Lzb1FXe4QtFepIfmVNjQvkXAY=
X-MC-Unique: D6dve7OdOoGsGWYlBGVlug-1
X-Mimecast-MFC-AGG-ID: D6dve7OdOoGsGWYlBGVlug_1765551951
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551951; x=1766156751; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=MC5lbXLd3guV2ptWnUpo8dxa+q+3ySAOJ4x29/7bkmQ=;
 b=LpEO3i1Ru6i6BiEUv2ml7OfRGc970gX/QzgZYCJBYgZWMwnwUK7OWNYJjBwMzWzyds
 aHXhcIqMs5Lr6pSTf3NuQUmIf+APArmt3dwBgWrsE2nuzAEsokcLpKgucckGR2meWAWq
 ofss1N7Ox3Lte7TnnqgSoZc8nxCqOzC62dp6kHunQ/4PSeEGegahUArOwq8mBgjH749n
 Rsc4JdDr9q+gGhkDQSkZIi02ckZkrXy2FaYKpjFRsI/xjWs6ti00DpzetwgtPTsNTRhL
 HKWceJ6o7OBk24DMLt+xvva7WhSplJ94WS/+LLhWJyIgUTUBcTJZrcjsipBMDv30tMa/
 BENQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551951; x=1766156751;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=MC5lbXLd3guV2ptWnUpo8dxa+q+3ySAOJ4x29/7bkmQ=;
 b=aRq3SfZk28BGOQ9QOwYDw4gdqT2qjqN6na3zM/2fSOPoJTZVL5Q8H5tOb2z/BoC5lR
 4pQobMaXpnt5efE++aEYFYeE92zH2zsC4GmlRZOGq7Z/m7CX4JL8+4A0EGwFswOZSIcd
 y3NPLNgNFQ7neQesqAVgPUZCCOBscEvgi05BTbjNiwEJoTFkYTnbT/GAfW1Jm23om/ty
 XP9gyn6qJcAJFNT3/BOejvEeUkWcgZm6lEQIj6VpJjcWVx+8PKcOI+BO9Dxcy7fuonuI
 T0pRb+YVr7U+jVhCKjnl9Tf8ChsGkTmI5tKkDMV9VeyTR4uUCuwL2lP8cQxMWfgRC2K5
 JgPg==
X-Forwarded-Encrypted: i=1;
 AJvYcCUkFDjoQdP8strawO99d5x0ZFTQjK/P2MgNYpkCj2gp34+dTG/R5jwSdyiosHsJpJ0Bg5xu38ELrX/z@nongnu.org
X-Gm-Message-State: AOJu0Yww8iSl5Z8cGXB6fYsHTifpn9PmoOMOf5O8nOh7jv3ZucRD/9mP
 9ceM5L/6/DzSpTG1brMmN0EGkDZtUo62iIfTSyXXTinXGx12EQL4tWLWjZWgFmK2hXVdobFmirF
 PVhkk+e55vXcuZLytD9KkoKZ7/Hm+4Vv8AXwmUNbes5GYHTFzPLIg4eq1
X-Gm-Gg: AY/fxX6zhbO96dq46kweRe9/syTY6EBpCf45HtnjuEdAQ6o/ljc+QPtDJlmVhrJgez6
 A2Cc3TdA7+5HITJFoPE3FaBHPasEt9Uu7QxrXQxkYi4i+Rl2uM7OuKiaa32m/0+8aUZo8DQTb24
 CtXhDzDjwHx93qFADtUywPY869CnBK5NHACm5H+iX79wW4hwxZQgnYWU/jhjwCoMmCWzL3Lk8h0
 KHfJVsdc9LWLXwvag7+pFwcaCRNblzpGXgqFqf+YdLc2Nn20q4crR5+RdPpgosE565E4imsjZ2C
 K0k544W49Ca5GLTrLKhlExytuMv1iqtHSb6oBjA/lSIX9SMY/Q09RKjOCo45+iLYyKyU2wWErED
 RBpmWbZ8OR8R69esGvSLfvu84bdZQkW/rjEa9WlUJNzg=
X-Received: by 2002:a17:903:2ecc:b0:295:592e:7633 with SMTP id
 d9443c01a7336-29f26eb34ddmr23525605ad.29.1765551950898;
 Fri, 12 Dec 2025 07:05:50 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IFINyFysyaG3Z7M7nKx2uV1+TcX6mLN4/JurQM2jroBzGQCP/c1s4YHv6IamP+nxOelN0SRRw==
X-Received: by 2002:a17:903:2ecc:b0:295:592e:7633 with SMTP id
 d9443c01a7336-29f26eb34ddmr23525245ad.29.1765551950285;
 Fri, 12 Dec 2025 07:05:50 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org
Subject: [PATCH v1 26/28] kvm/vcpu: add notifiers to inform vcpu file
 descriptor change
Date: Fri, 12 Dec 2025 20:33:54 +0530
Message-ID: <20251212150359.548787-27-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552074158158500
Content-Type: text/plain; charset="utf-8"

When new vcpu file descriptors are created and bound to the new kvm file
descriptor as a part of the confidential guest reset mechanism, various
subsystems needs to know about it. This change adds notifiers so that vario=
us
subsystems can take appropriate actions when vcpu fds change by registering
their handlers to this notifier.
Subsequent changes will register specific handlers to this notifier.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c    | 27 ++++++++++++++++++++++++++-
 accel/stubs/kvm-stub.c | 10 ++++++++++
 include/system/kvm.h   | 17 +++++++++++++++++
 3 files changed, 53 insertions(+), 1 deletion(-)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 638f193626..7f9c0d454a 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -130,8 +130,10 @@ static NotifierWithReturnList register_vmfd_changed_no=
tifiers =3D
 static NotifierWithReturnList register_vmfd_pre_change_notifiers =3D
     NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_pre_change_notifie=
rs);
=20
-static int kvm_rebind_vcpus(Error **errp);
+static NotifierWithReturnList register_vcpufd_changed_notifiers =3D
+    NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vcpufd_changed_notifier=
s);
=20
+static int kvm_rebind_vcpus(Error **errp);
 static int map_kvm_run(KVMState *s, CPUState *cpu, Error **errp);
 static int map_kvm_dirty_gfns(KVMState *s, CPUState *cpu, Error **errp);
 static int vcpu_unmap_regions(KVMState *s, CPUState *cpu);
@@ -2327,6 +2329,22 @@ void kvm_vmfd_remove_pre_change_notifier(NotifierWit=
hReturn *n)
     notifier_with_return_remove(n);
 }
=20
+void kvm_vcpufd_add_change_notifier(NotifierWithReturn *n)
+{
+    notifier_with_return_list_add(&register_vcpufd_changed_notifiers, n);
+}
+
+void kvm_vcpufd_remove_change_notifier(NotifierWithReturn *n)
+{
+    notifier_with_return_remove(n);
+}
+
+static int kvm_vcpufd_change_notify(Error **errp)
+{
+    return notifier_with_return_list_notify(&register_vcpufd_changed_notif=
iers,
+                                            &vmfd_notifier, errp);
+}
+
 static int kvm_vmfd_pre_change_notify(Error **errp)
 {
     return notifier_with_return_list_notify(&register_vmfd_pre_change_noti=
fiers,
@@ -2847,6 +2865,13 @@ static int kvm_reset_vmfd(MachineState *ms)
     }
     assert(!err);
=20
+    /* notify everyone that vcpu fd has changed. */
+    ret =3D kvm_vcpufd_change_notify(&err);
+    if (ret < 0) {
+        return ret;
+    }
+    assert(!err);
+
     /* these can be only called after ram_block_rebind() */
     memory_listener_register(&kml->listener, &address_space_memory);
     memory_listener_register(&kvm_io_listener, &address_space_io);
diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c
index 7f4e3c4050..5b94f3dc3c 100644
--- a/accel/stubs/kvm-stub.c
+++ b/accel/stubs/kvm-stub.c
@@ -95,6 +95,16 @@ void kvm_vmfd_remove_change_notifier(NotifierWithReturn =
*n)
 {
 }
=20
+void kvm_vcpufd_add_change_notifier(NotifierWithReturn *n)
+{
+    return;
+}
+
+void kvm_vcpufd_remove_change_notifier(NotifierWithReturn *n)
+{
+    return;
+}
+
 int kvm_irqchip_add_irqfd_notifier_gsi(KVMState *s, EventNotifier *n,
                                        EventNotifier *rn, int virq)
 {
diff --git a/include/system/kvm.h b/include/system/kvm.h
index cb5db9ff67..bfd09e70a0 100644
--- a/include/system/kvm.h
+++ b/include/system/kvm.h
@@ -586,6 +586,23 @@ void kvm_vmfd_add_change_notifier(NotifierWithReturn *=
n);
  */
 void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n);
=20
+/**
+ * kvm_vcpufd_add_change_notifier - register a notifier to get notified wh=
en
+ * a KVM vcpu file descriptors changes as a part of the confidential guest
+ * "reset" process. Various subsystems should use this mechanism to take
+ * actions such as re-issuing vcpu ioctls as a part of setting up vcpu
+ * features.
+ * @n: notifier with return value.
+ */
+void kvm_vcpufd_add_change_notifier(NotifierWithReturn *n);
+
+/**
+ * kvm_vcpufd_remove_change_notifier - de-register a notifer previously
+ * registered with kvm_vcpufd_add_change_notifier call.
+ * @n: notifier that was previously registered.
+ */
+void kvm_vcpufd_remove_change_notifier(NotifierWithReturn *n);
+
 /**
  * kvm_vmfd_add_pre_change_notifier - register a notifier to get notified =
when
  * kvm vm file descriptor is about to be changed as a part of the confiden=
tial
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552146; cv=none;
	d=zohomail.com; s=zohoarc;
	b=HvMk6gcYK9IiF3jsKeZ4+s40vVEgH9xaDMfkBFSJiXnn6/qispUPdc67nUZYIdgyrNq4S+jyfca5yBzfo0A6lrLANqeqwfd1vyxVxVUMaNzNV9NcOFHemYwAGO++tjEBCzJf2RTG4ICQ+4NyiXZaeycggYf/AbHZllHMjhaXflI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552146;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=;
	b=Es/L6xfVvGxCZFDyeKIUU4BB0F+hGgu6cC+fYoGHsZHcp3L6K5HvxfMAtonFpN7wxP6RgsjpqNdqQyS1S0G2/nhUlFSU3FoVRaN32fY/ulcdts5roBtufp7hviVS3qn2E+pJ38Tm5kedvW23GlERNw0y3AmGt6PBhYyThG5/xkI=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552146832699.1563934028082;
 Fri, 12 Dec 2025 07:09:06 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4j1-0004zO-8c; Fri, 12 Dec 2025 10:06:31 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iX-0004Ug-G7
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:06:03 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iT-0006QX-HM
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:06:00 -0500
Received: from mail-pf1-f198.google.com (mail-pf1-f198.google.com
 [209.85.210.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-652-N0_O-kKQOCWZa8uawYoXsg-1; Fri, 12 Dec 2025 10:05:55 -0500
Received: by mail-pf1-f198.google.com with SMTP id
 d2e1a72fcca58-7f66686710fso2122359b3a.3
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:05:55 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.50
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551956;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=;
 b=DqLPhok86gywP164p3IXCtFjH5rY0Dk5K6Y/Q+/8uqEnXbhdGIkX8+wrn9TU+atO6F676O
 pp1Zj/uFJr5RSsd+MBuqyhBFb06EsTK4rr2nMl9a+sxBTFXyTqNWZLIqo9rq1CcBF2inat
 6h0j52nzPynznS/plaW8a8hMYxvO5w8=
X-MC-Unique: N0_O-kKQOCWZa8uawYoXsg-1
X-Mimecast-MFC-AGG-ID: N0_O-kKQOCWZa8uawYoXsg_1765551955
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551954; x=1766156754; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=;
 b=Ldhe92w82q6jLQsz0VOMjfyzSMvtcTLCBkERkUYL1I7k/ubeGE6U0wMXpN0qnc9jnf
 hRNinM6GZX1bifn8mJ9ARNF5oDKfgfKIqG0QaCiCskwctyRRu8DbZVVLel1NBt2NU/mb
 6fSQm7jy6nHMrwzz8fBIcYyaBVvks1i605urR+uoUznskvPQ0hsUwsQ0PLDBnX7A9LjC
 qfnjvf3lW8h4k8y3Fznqezgs7HemPdVE/W0XDNudvdT4hq84d1J+oF+rtPPqabT2sFSJ
 HXHsyZVMscjWQ+acJY5FFnZb6uI139q+cPGw2Jvv3ndeRYCGfZGaGKHCKQCNcSmL/nWd
 +7MQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551954; x=1766156754;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=;
 b=p0xpQn6vINzQfyAWW5BbKip1kRX6xU6hBWpi2yniEonv4j+7rwyRv59l0wwaDS4awR
 kBuGMgZ0fubkVdtfwxrb8J85Zy+kV8eKRAlg4bNfo4GZkbsdInBfEQyMuzn3FagZzmek
 n0Ss/S/4/IGxsOEsRcy7xkm35fkxdKlYQ7kMRbMY/ns//DJtq7yUvMFLM69tcFMgt5HQ
 nX/tqy7eaTvxe4VemfbMWtVoVrfkDuQC1CpN5LLuAv4jKDi3WDVGlbgnDI2wceBZxOLU
 rtmdOPuzJl0mL7oERX4fQp9PfTl4CIq02tFLpcIszIJUhUonWOcnf0a+9ToQ54eoeV3n
 PIxw==
X-Forwarded-Encrypted: i=1;
 AJvYcCXkJJdzVzxMYXdxRDBdUHDb7yKfF4U6AffdGEC5gSFkkm8ZSJ0RuchJIZCscgzHLCXKkYi13KTo8sIF@nongnu.org
X-Gm-Message-State: AOJu0YwmzI9PqyC4vlzJ1bEETpFbDEh7x0oXYSXCvgGh6RxcBT2FX35t
 4FaE9mdg2oDxf0GWfaNd5KlOHR41reT8oYvrM6P4E3QMYGd6Fak2P+q/MliZV49pfnvOIHsAxGr
 sqgDrhDBYQMn0aFW0bfz5SO9Ijv6JhgvR9k9DEW2EKUe7vvVaVLKoZq4tZBbasJXs8BE=
X-Gm-Gg: AY/fxX47bT0wqqkankdmC/n6PJcUP/FHOPXJsvF99R6KgPYoE2vBLcDYUd5a70emohu
 3Gm7o9H03HXcI3boRJRNsm0CrYDJjVMiANmLhvbry4Idb9zuRRzGLuoZVtzpMMIwdNRJWVs6lCG
 e2C8b/cBlSYmq0/SSkn3LWXMYBGq6dBXUn02jj9vHeUEYIi+W34bAYqPhTrwMhMPKTbn484vii9
 Sfj2rqqdu4UVNOuW24CW8facpWNKclww1APoS7p4EkKx3Fw/LNRgiwuucfpavbNUrS+Ct3sBsMv
 YsmAXheioqTVUknJmu/Hcvzag5nfATzDDdeM2pduJ4NNkquakKHfio/ixM8D8EBWdy1xxzn26Zp
 NFIufmtiTSrmlBOlcZxGuIP+5KorCGPVwLjOIBiUn2ys=
X-Received: by 2002:a05:6a20:a120:b0:2b1:c9dc:6da0 with SMTP id
 adf61e73a8af0-369af8134aemr2332833637.46.1765551953962;
 Fri, 12 Dec 2025 07:05:53 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IH2PTtPcc3NYxZK0sT8luDMiL41s5In2g2ebIkjZn5jtCNym8KLEOHcSdYDAvY7Kqir+RLKRg==
X-Received: by 2002:a05:6a20:a120:b0:2b1:c9dc:6da0 with SMTP id
 adf61e73a8af0-369af8134aemr2332793637.46.1765551953479;
 Fri, 12 Dec 2025 07:05:53 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>
Subject: [PATCH v1 27/28] kvm/i386/apic: set local apic after vcpu file
 descriptors changed
Date: Fri, 12 Dec 2025 20:33:55 +0530
Message-ID: <20251212150359.548787-28-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552148570158501
Content-Type: text/plain; charset="utf-8"

Once the vcpu file descriptors changed after confidential guest reset, the
local apic needs to be reinitialized. This change adds a callback from the
vcpu fd change notifiers to reinitialize local apic for kvm x86.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/kvm/apic.c              | 13 +++++++++++++
 include/hw/i386/apic_internal.h |  1 +
 2 files changed, 14 insertions(+)

diff --git a/hw/i386/kvm/apic.c b/hw/i386/kvm/apic.c
index 82355f0463..f6f8ac2764 100644
--- a/hw/i386/kvm/apic.c
+++ b/hw/i386/kvm/apic.c
@@ -229,6 +229,16 @@ static void kvm_apic_reset(APICCommonState *s)
     run_on_cpu(CPU(s->cpu), kvm_apic_put, RUN_ON_CPU_HOST_PTR(s));
 }
=20
+static int apic_vcpufd_change_handler(NotifierWithReturn *n,
+                                      void *data, Error** errp) {
+    APICCommonState *s =3D container_of(n, APICCommonState,
+                                      vcpufd_change_notifier);
+
+    run_on_cpu(CPU(s->cpu), kvm_apic_put, RUN_ON_CPU_HOST_PTR(s));
+
+    return 0;
+}
+
 static void kvm_apic_realize(DeviceState *dev, Error **errp)
 {
     APICCommonState *s =3D APIC_COMMON(dev);
@@ -238,6 +248,9 @@ static void kvm_apic_realize(DeviceState *dev, Error **=
errp)
=20
     assert(kvm_has_gsi_routing());
     msi_nonbroken =3D true;
+
+    s->vcpufd_change_notifier.notify =3D apic_vcpufd_change_handler;
+    kvm_vcpufd_add_change_notifier(&s->vcpufd_change_notifier);
 }
=20
 static void kvm_apic_unrealize(DeviceState *dev)
diff --git a/include/hw/i386/apic_internal.h b/include/hw/i386/apic_interna=
l.h
index 4a62fdceb4..ffe5815e7f 100644
--- a/include/hw/i386/apic_internal.h
+++ b/include/hw/i386/apic_internal.h
@@ -189,6 +189,7 @@ struct APICCommonState {
     hwaddr vapic_paddr; /* note: persistence via kvmvapic */
     bool legacy_instance_id;
     uint32_t extended_log_dest;
+    NotifierWithReturn vcpufd_change_notifier;
 };
=20
 typedef struct VAPICState {
--=20
2.42.0
From nobody Sun Dec 14 06:42:54 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1765552152; cv=none;
	d=zohomail.com; s=zohoarc;
	b=B8SN+OTlAOl9UxNuUNtcdMidl+1ddFP+D9ghRuyuBbkRVZBirHp5N92Uoy2GUegLC7dUllq28s6r+iMsHr0BPOWPbkKaj35P9NVgM/ea5EfTn72InevY9OSMHJJytRfd6PyZc8toD6zi8KAzamNigbPuMCNZgg8sW5KNNjpkiCQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1765552152;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=7qbW4sSJ0f//e1skZ7ujhw6w1Gd0GquqUMfT6GcW53o=;
	b=iYb/PMy0ROvcLGCxIM1snAvLGfhfiOPKNu0iCOTjc3VqkS0uzdoABDh5BhjRr6tN39EiodF2p30LXjNqQPtYbLCxQ5LiCXH9TVDJlGd6l4COofdZe2r3WBZz1A3+3KF+/3RYr65ZIFnlnND8j1NfgkpTMdLXqb8FsSwZWzq74UM=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1765552152503932.7058965659145;
 Fri, 12 Dec 2025 07:09:12 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vU4iy-0004v4-JG; Fri, 12 Dec 2025 10:06:29 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4ia-0004Xa-Mg
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:06:07 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vU4iZ-0006ZM-6X
 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:06:04 -0500
Received: from mail-pf1-f198.google.com (mail-pf1-f198.google.com
 [209.85.210.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-373-cjx-CgGwMrGOvAFP53Uygw-1; Fri, 12 Dec 2025 10:06:01 -0500
Received: by mail-pf1-f198.google.com with SMTP id
 d2e1a72fcca58-7b6b194cf71so2146408b3a.3
 for <qemu-devel@nongnu.org>; Fri, 12 Dec 2025 07:06:01 -0800 (PST)
Received: from rhel9-box.lan ([122.172.173.62])
 by smtp.googlemail.com with ESMTPSA id
 d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.53
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Dec 2025 07:05:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1765551962;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=7qbW4sSJ0f//e1skZ7ujhw6w1Gd0GquqUMfT6GcW53o=;
 b=FGeJSlyeSI3A/RgkWCtd083/biOu5U0mQzbgCehVdqD5l9Rf63YqfUiR0lPb+GulcQh5S8
 YEE/pRjPwbNnDhJXZTAcaG9N3BWrb8ySOg26XZCjZzETNPL6TmjyYmswm+/RTOIv3LAWgm
 RyMHo7lLqHM6omstAN8kJr3yWMmURHE=
X-MC-Unique: cjx-CgGwMrGOvAFP53Uygw-1
X-Mimecast-MFC-AGG-ID: cjx-CgGwMrGOvAFP53Uygw_1765551960
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1765551960; x=1766156760; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=7qbW4sSJ0f//e1skZ7ujhw6w1Gd0GquqUMfT6GcW53o=;
 b=r+Z2yFc/1dAJBQAc83O3K8bJHpO+lsJaXT9wVKXatt6fa+5WSXqrvNTAdpyD0PHJMy
 RMQV5NwR3Zobf90i+QS+gUetQl0W/OTJBbzl6HIwgRpVjtp/n9/yUZA29k9iRBGA1NMr
 2G/D1u9eZgp3wP7/cQ1mk1dbCQid5bfzd6RpHKd338u410KwsfoAnNs1wyeOBxQYWAwJ
 LhP9N1fVjGjeTWSkHTRR5O1xjdMTtRlKCJ42cxVgbd+SKn5scBp6Y3Xqe22O+OvdZ4rS
 IWKPMB7Z0vE0OsbwWniLlqRmOvlU2uWU7TLHBmFSfHtysGqeFPBISOrrs9+UmRVeXLMc
 ePmw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1765551960; x=1766156760;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=7qbW4sSJ0f//e1skZ7ujhw6w1Gd0GquqUMfT6GcW53o=;
 b=m7zwQDIUi4oS6skWtqq8QK6liJqKMHAScMAyB7bSjMfUloyDUMqA6X7wcx7oui4JlX
 qg7/zRMNBL6uviCZMy0Eszf5Px0stOUrIYzCdtS0kosYdITvW0XymlkigMf7qSXq+BtZ
 5KaztpFtbzE81YMUZ6c5a8LJoIFqm36Ebiyp23umQANikN61/B+P61pvAhHmLCdtOMeC
 auwpovovfbH+EOb8WqeviWo0ywiEXAVb3loUqqRpoBfsztZP0i1eW/AvvR7aQ8siBicP
 zzmjtimb2t6cawqjDU+6H+TYcplVi9EdMgv2K6t/mcdiAOAPnA22DoUwoP08taH4IAPh
 Xcpw==
X-Forwarded-Encrypted: i=1;
 AJvYcCVoionv4B0/xuxVNPWkm5wtk2ZDOubg7YHlsUySuVj1XdatpuSnE0q9vXG90wRWwD4lF/OG1BU6GdFP@nongnu.org
X-Gm-Message-State: AOJu0YzldWuRDrYYwQPlyP65RvyP6gWPr8nHzpPXTTqaWRXqlLsP1w87
 yNnHo5wvm38tUkogyelHfLWnlkqJTdmapVw/6TFNtob+9w0wgcW77B1O7pGgzSRBAvr7+lc4nhL
 U/3BEsS4sED5BZKcjqIkcDPgHDZyrn+9sWKt5HrL+E4NRWCCVnEIxmD5E
X-Gm-Gg: AY/fxX45zMwVsiZENLHs3KB4hh1rHgvR6U0aQHMlA22AlcAZT0XGGyRQ32RUMWik/+h
 EA6wZyV3hXniec6GhJzmtmSG/Rd3Ix1s2eYc6eT/pj1H1ZO26wAkM0IDdKw8u8V7c/p+/Fk00q6
 rfc44DFwtzJT6eHDMnGWI0OUTPJwuubtq7dBBeSDLP8u9JnffQnLq74HaomI2udQiufMZXpVlvK
 1QQP6Lag21yJ8lCnxuvKPgEVcuD7s4zmLo1A8PVBHM3YT3w9QhRLRaVMR7oJu5HCr0OqU75mXdo
 eKjeSjbse+JAymMJZAMRBsJh6GgeaSYyXJ26XWj7wcTcZCHfMS07NCSph5HkmigFneNUcCLKZqB
 W4mYIPdGWUK09Gb6D3dab9QiOAZRnDi5Aib5BP/2QGK0=
X-Received: by 2002:a05:6a20:72a5:b0:342:378e:44af with SMTP id
 adf61e73a8af0-369afa01e6emr2328102637.41.1765551959681;
 Fri, 12 Dec 2025 07:05:59 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IGWsNzyOmhbI8ozEemOrWUsjBMSfwDTixVU/Mg4HYy0dEV3BRd5UWFrhNoGQ5KVYFJW7LkTYQ==
X-Received: by 2002:a05:6a20:72a5:b0:342:378e:44af with SMTP id
 adf61e73a8af0-369afa01e6emr2327917637.41.1765551956702;
 Fri, 12 Dec 2025 07:05:56 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>,
 "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org,
 Ani Sinha <anisinha@redhat.com>
Subject: [PATCH v1 28/28] kvm/clock: add support for confidential guest reset
Date: Fri, 12 Dec 2025 20:33:56 +0530
Message-ID: <20251212150359.548787-29-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com>
References: <20251212150359.548787-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1765552154557158500
Content-Type: text/plain; charset="utf-8"

Confidential guests change the KVM VM file descriptor upon reset and also c=
reate
new VCPU file descriptors against the new KVM VM file descriptor. We need to
save the clock state from kvm before KVM VM file descriptor changes and res=
tore
it after. Also after VCPU file descriptors changed, we must call
KVM_KVMCLOCK_CTRL on the VCPU file descriptor to inform KVM that the VCPU is
in paused state.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/kvm/clock.c | 56 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)

diff --git a/hw/i386/kvm/clock.c b/hw/i386/kvm/clock.c
index f56382717f..91a5a08f05 100644
--- a/hw/i386/kvm/clock.c
+++ b/hw/i386/kvm/clock.c
@@ -49,6 +49,9 @@ struct KVMClockState {
     /* whether the 'clock' value was obtained in a host with
      * reliable KVM_GET_CLOCK */
     bool clock_is_reliable;
+
+    NotifierWithReturn kvmclock_vcpufd_change_notifier;
+    NotifierWithReturn kvmclock_vmfd_pre_change_notifier;
 };
=20
 struct pvclock_vcpu_time_info {
@@ -62,6 +65,9 @@ struct pvclock_vcpu_time_info {
     uint8_t    pad[2];
 } __attribute__((__packed__)); /* 32 bytes */
=20
+static int kvmclock_set_clock(NotifierWithReturn *notifier,
+                              void *data, Error** errp);
+
 static uint64_t kvmclock_current_nsec(KVMClockState *s)
 {
     CPUState *cpu =3D first_cpu;
@@ -218,6 +224,51 @@ static void kvmclock_vm_state_change(void *opaque, boo=
l running,
     }
 }
=20
+static int kvmclock_save_clock(NotifierWithReturn *notifier,
+                               void *data, Error** errp)
+{
+    KVMClockState *s =3D container_of(notifier, KVMClockState,
+                                    kvmclock_vmfd_pre_change_notifier);
+    kvm_update_clock(s);
+    return 0;
+}
+
+static int kvmclock_set_clock(NotifierWithReturn *notifier,
+                              void *data, Error** errp)
+{
+    struct kvm_clock_data clock_data =3D {};
+    CPUState *cpu;
+    int ret;
+    KVMClockState *s =3D container_of(notifier, KVMClockState,
+                                    kvmclock_vcpufd_change_notifier);
+    int cap_clock_ctrl =3D kvm_check_extension(kvm_state, KVM_CAP_KVMCLOCK=
_CTRL);
+
+    if (!s->clock_is_reliable) {
+        uint64_t pvclock_via_mem =3D kvmclock_current_nsec(s);
+        /* saved clock value before vmfd change is not reliable */
+        if (pvclock_via_mem) {
+            s->clock =3D pvclock_via_mem;
+        }
+    }
+
+    clock_data.clock =3D s->clock;
+    ret =3D kvm_vm_ioctl(kvm_state, KVM_SET_CLOCK, &clock_data);
+    if (ret < 0) {
+        fprintf(stderr, "KVM_SET_CLOCK failed: %s\n", strerror(-ret));
+        abort();
+    }
+
+    if (!cap_clock_ctrl) {
+        return 0;
+    }
+    CPU_FOREACH(cpu) {
+        run_on_cpu(cpu, do_kvmclock_ctrl, RUN_ON_CPU_NULL);
+    }
+
+    return 0;
+}
+
+
 static void kvmclock_realize(DeviceState *dev, Error **errp)
 {
     KVMClockState *s =3D KVM_CLOCK(dev);
@@ -229,7 +280,12 @@ static void kvmclock_realize(DeviceState *dev, Error *=
*errp)
=20
     kvm_update_clock(s);
=20
+    s->kvmclock_vcpufd_change_notifier.notify =3D kvmclock_set_clock;
+    s->kvmclock_vmfd_pre_change_notifier.notify =3D kvmclock_save_clock;
+
     qemu_add_vm_change_state_handler(kvmclock_vm_state_change, s);
+    kvm_vcpufd_add_change_notifier(&s->kvmclock_vcpufd_change_notifier);
+    kvm_vmfd_add_pre_change_notifier(&s->kvmclock_vmfd_pre_change_notifier=
);
 }
=20
 static bool kvmclock_clock_is_reliable_needed(void *opaque)
--=20
2.42.0