From nobody Sun Dec 14 12:37:15 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1765552040; cv=none; d=zohomail.com; s=zohoarc; b=H/syKQVzkB6hbM7+vm2zdlbpJ3XpRKjJo8Bb9J2Ca8jMFIrEB4+pyor6siebgr92OXnZX49u6luYhm4ykEGVL9uXI0ZN6sBgVPd4B7z00of6EiRab8QjG45bMeEntDQCXw+LSj/ycA+Lr5UkX1qIYQsNjOqIXNgUv7un1dffeU4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1765552040; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=oEIEJzPUM8lszorjY76ZFvjs6ACj0dKr14L1nFW+0jg=; b=A0xtT/rYmE7VsdmmssCBluw98fmwuJ7oB742Pmdb4b2s+E52UPvF6O8RthS8CzM2smunmzVP8Y37pYDtzVN/Ij1Nd3gjSBgPMVPpsP2Pg2pU4in7BhmFl7/l0vZE6HfOY+OAn5Wmwzbnt1oVoPlzloOzCQVvukDyOi5MDIoLO2Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1765552038203681.5523434323283; Fri, 12 Dec 2025 07:07:18 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vU4i5-0002YT-Cw; Fri, 12 Dec 2025 10:05:33 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vU4hn-0002Fe-A5 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:20 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vU4hl-00062w-N3 for qemu-devel@nongnu.org; Fri, 12 Dec 2025 10:05:15 -0500 Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-487-nGBj8aMFP-i1ih8c6RjdFA-1; Fri, 12 Dec 2025 10:05:10 -0500 Received: by mail-pl1-f199.google.com with SMTP id d9443c01a7336-29f29ae883bso7076255ad.3 for ; Fri, 12 Dec 2025 07:05:10 -0800 (PST) Received: from rhel9-box.lan ([122.172.173.62]) by smtp.googlemail.com with ESMTPSA id d9443c01a7336-29ee9d38ad1sm57046655ad.29.2025.12.12.07.05.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 Dec 2025 07:05:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1765551913; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=oEIEJzPUM8lszorjY76ZFvjs6ACj0dKr14L1nFW+0jg=; b=TRzNiVyp9W4xfv5pbbZuzFFaG1YBfuqQ61OJUTVYrsJHzztDU/G1irnxF+BxyxjTvX537E pTNUFNPr9PM9oDo2vjBjdQT8vWzkCGRJOq3zKB2wvHmILtgEOKQU0uLdFYCJaU8Lz0NbcB 4rSM0t76KwpHHnCCh0Rcc0WkE//XDkQ= X-MC-Unique: nGBj8aMFP-i1ih8c6RjdFA-1 X-Mimecast-MFC-AGG-ID: nGBj8aMFP-i1ih8c6RjdFA_1765551910 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1765551910; x=1766156710; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=oEIEJzPUM8lszorjY76ZFvjs6ACj0dKr14L1nFW+0jg=; b=GR5VLnSN2eR98d+/18fQvtW6vnJnwvc92PaCCBVraE9RhYU2UVdtUkkt4cnIoHDVVF 7MpYFhiMBLKRNiP+zxovslQDhiy5cNn5s0BVBaPqHl2/XOFvBhqZnxuaWYdji5XQMjaP UOpUnoWbPNcA6K5hR/PRh2nGW0Ky01u8Od6V2jcwY7LoEEOCw1E2vH4Me/AWxuQ79EU1 Tbm9r+2+RnOxupd5sWVqAfSUVzr35+7WD1N/GJu/x1vgU8b+xe9VrPiSlzRwm1n3dqTh TgFTU+ayyuiWEn9CR9ch6hd0k8zU1gdYHDzuZxpirqhfZJdBYleaVvBnobPzO5HHraDq 9fyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1765551910; x=1766156710; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=oEIEJzPUM8lszorjY76ZFvjs6ACj0dKr14L1nFW+0jg=; b=Lqq/pMENZ2OvNJeXFwcU2w1IiHPHfOgAtldpOsO1FNwp0AAPAWp8+kLK1vfPMRWbhn QxLt2IMyeMCBmMJXaQ5GBMh/eNo9A8mcn2YiwUo4ea/LTTs/DTw0T5Zkt7RtfImBsiQN oCmSkFQIxTf/Ax/0yNyntPnhPOS/p7tWDOXVV41u5h4cScZWfmmixN8+AY/9V2n8Qjl0 nb+pAM2aeAYJMKrOlJcdw84otP1K4qwtS6WpGeqPz0PBdHyRtoab+UCvCcTAI8960NxD 6CdTFrSlEYqIxPZx5ROUFEgGiz0g8no5AOycIAy4dK+jm3s5rQJngCqHd4bg1254qj2p lrEQ== X-Forwarded-Encrypted: i=1; AJvYcCUscJyD7CRI4Fy2S/pYvUePGRp9+J0ptrkJV8evkaTPd5HVwH+AL9SfBgnQmeTvIcc7TlFjs8X6IPGl@nongnu.org X-Gm-Message-State: AOJu0Yx0ntPy3TcbPHWqJLSSRd+Hs6V1AmxJc6rq6zSiiXvQQAdzDDOq tD9rHDl9AoqUTyrLjJECf3qUADiV7z+Ngn6ugcol9urZxy7uwyal5rEwMpKcuMvWylteRtOdwqG uZtXBDQ2MVJUZHhL0Inh+osd4Z0RCcGtOTT8AAFy7Rf0iLIsF8jgf3kHn X-Gm-Gg: AY/fxX6MOllCJXlGZa1unzFkbD8C93F9V00Zowh2xTCMAiI7x6pgpl3MVDoYNhcIrVk JvMmuK6fiFRBy4PN+AZXO4FGnQDf3GuxLj3Px1CaWsAacWhUIJJAGDXITylncK8dVs04oF+1wFY DViiSwUZ8IO8bvy1uvSngonGNXWub7BXHu9RieBnIsVoVQxdVJkLn2FXfXo6kKIU305814he2HO WPgvIZSOIXcxv+CIgISgNrFC1eqhhYyeTGf+UvZrCFn90j6j2BuGOyh7S5cgTMB0A98kt6+KbMA WV1glabqurd+kOJlASzEhTPgjeQCjPuoWgH7TbJ3EDF4Ffvd1wfLADqOgYwQTb3kyn+Y0PazFCO Xri0N+dHxES/5LtIma3KkvMJi9xD0lZ3Hq/l9PTwXzc0= X-Received: by 2002:a17:903:244a:b0:295:fc0:5a32 with SMTP id d9443c01a7336-29f26ceb95bmr19881655ad.3.1765551909578; Fri, 12 Dec 2025 07:05:09 -0800 (PST) X-Google-Smtp-Source: AGHT+IET9ImeOBpvT3cnvF8vtwzmhT6W/Ab/9Nek/sYkQoLeG9AkBTnkGRFc8OBeHTEwi3vM/PO5yg== X-Received: by 2002:a17:903:244a:b0:295:fc0:5a32 with SMTP id d9443c01a7336-29f26ceb95bmr19877865ad.3.1765551905720; Fri, 12 Dec 2025 07:05:05 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti Cc: vkuznets@redhat.com, kraxel@redhat.com, qemu-devel@nongnu.org, Ani Sinha , kvm@vger.kernel.org Subject: [PATCH v1 13/28] i386/tdx: finalize TDX guest state upon reset Date: Fri, 12 Dec 2025 20:33:41 +0530 Message-ID: <20251212150359.548787-14-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20251212150359.548787-1-anisinha@redhat.com> References: <20251212150359.548787-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1765552043972158500 Content-Type: text/plain; charset="utf-8" When the confidential virtual machine KVM file descriptor changes due to the guest reset, some TDX specific setup steps needs to be done again. This includes finalizing the inital guest launch state again. This change re-executes some parts of the TDX setup during the device reset phaze using= a resettable interface. This finalizes the guest launch state again and locks it in. Also care has been taken so that notifiers are installed only once. Signed-off-by: Ani Sinha --- target/i386/kvm/tdx.c | 39 +++++++++++++++++++++++++++++++++++++-- target/i386/kvm/tdx.h | 1 + 2 files changed, 38 insertions(+), 2 deletions(-) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index bafaf62cdb..1903cc2132 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -19,6 +19,7 @@ #include "crypto/hash.h" #include "system/kvm_int.h" #include "system/runstate.h" +#include "system/reset.h" #include "system/system.h" #include "system/ramblock.h" #include "system/address-spaces.h" @@ -389,6 +390,19 @@ static void tdx_finalize_vm(Notifier *notifier, void *= unused) CONFIDENTIAL_GUEST_SUPPORT(tdx_guest)->ready =3D true; } =20 +static void tdx_handle_reset(Object *obj, ResetType type) +{ + if (!runstate_is_running()) { + return; + } + + if (!kvm_enable_hypercall(BIT_ULL(KVM_HC_MAP_GPA_RANGE))) { + error_setg(&error_fatal, "KVM_HC_MAP_GPA_RANGE not enabled for gue= st"); + } + + tdx_finalize_vm(NULL, NULL); +} + static Notifier tdx_machine_done_notify =3D { .notify =3D tdx_finalize_vm, }; @@ -689,6 +703,7 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs, = Error **errp) X86MachineState *x86ms =3D X86_MACHINE(ms); TdxGuest *tdx =3D TDX_GUEST(cgs); int r =3D 0; + static bool notifier_added; =20 kvm_mark_guest_state_protected(); =20 @@ -736,8 +751,10 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs,= Error **errp) */ kvm_readonly_mem_allowed =3D false; =20 - qemu_add_machine_init_done_notifier(&tdx_machine_done_notify); - + if (!notifier_added) { + qemu_add_machine_init_done_notifier(&tdx_machine_done_notify); + notifier_added =3D true; + } tdx_guest =3D tdx; return 0; } @@ -1503,6 +1520,7 @@ OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest, TDX_GUEST, X86_CONFIDENTIAL_GUEST, { TYPE_USER_CREATABLE }, + { TYPE_RESETTABLE_INTERFACE }, { NULL }) =20 static void tdx_guest_init(Object *obj) @@ -1536,20 +1554,37 @@ static void tdx_guest_init(Object *obj) =20 tdx->event_notify_vector =3D -1; tdx->event_notify_apicid =3D -1; + qemu_register_resettable(obj); } =20 static void tdx_guest_finalize(Object *obj) { } =20 +static ResettableState *tdx_reset_state(Object *obj) +{ + TdxGuest *tdx =3D TDX_GUEST(obj); + return &tdx->reset_state; +} + static void tdx_guest_class_init(ObjectClass *oc, const void *data) { ConfidentialGuestSupportClass *klass =3D CONFIDENTIAL_GUEST_SUPPORT_CL= ASS(oc); X86ConfidentialGuestClass *x86_klass =3D X86_CONFIDENTIAL_GUEST_CLASS(= oc); + ResettableClass *rc =3D RESETTABLE_CLASS(oc); =20 klass->kvm_init =3D tdx_kvm_init; x86_klass->kvm_type =3D tdx_kvm_type; x86_klass->cpu_instance_init =3D tdx_cpu_instance_init; x86_klass->adjust_cpuid_features =3D tdx_adjust_cpuid_features; x86_klass->check_features =3D tdx_check_features; + + /* + * the exit phase makes sure sev handles reset after all legacy resets + * have taken place (in the hold phase) and IGVM has also properly + * set up the boot state. + */ + rc->phases.exit =3D tdx_handle_reset; + rc->get_state =3D tdx_reset_state; + } diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index 1c38faf983..264fbe530c 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -70,6 +70,7 @@ typedef struct TdxGuest { =20 uint32_t event_notify_vector; uint32_t event_notify_apicid; + ResettableState reset_state; } TdxGuest; =20 #ifdef CONFIG_TDX --=20 2.42.0