From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224394; cv=none; d=zohomail.com; s=zohoarc; b=k4V5xMOdt9+Yr6+tpN2JbDwSO5ldx6Q6um0mpglfA+/m27VGwW9uKHrFNbMW6fJARKCxMyoS9g6iTTEb2wOoOa6GcMy/r/tCQbjZUl4Wf4be7xsSc7oFUyQmu11SoyW6HdhjPBKW3+x1irtd8uhw+6NTIS2t01rtENr0qHBos3E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224394; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=g+khot+OVhL5+e3tOQKUptJ6m/mk7Ksd4tDhst7pTHg=; b=SxZIAsswQQLrTqsWgu0sV7msvYo4Y1eRj5VLv3MuQCaIHfrACOVobMrRm+5dSEl14JYRlwizJeUWMwNL7Iaye6mUA3RrVzhB+hZiS9iSkwLnQQWVdODtQttYePFJXoIDkKZzTwmbrPV8/y6QGvYX7zaEde/tqxAWtuV2nWTlh5o= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224394548329.20914211799266; Mon, 12 Jan 2026 05:26:34 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHtR-0002Xn-1U; Mon, 12 Jan 2026 08:23:37 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtM-0002RS-G4 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:32 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtK-0003fq-7s for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:31 -0500 Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-57-RUw7Sqn9OCSW8XGe4b2KyA-1; Mon, 12 Jan 2026 08:23:26 -0500 Received: by mail-pg1-f199.google.com with SMTP id 41be03b00d2f7-c52d37d346fso2155393a12.0 for ; Mon, 12 Jan 2026 05:23:26 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224209; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=g+khot+OVhL5+e3tOQKUptJ6m/mk7Ksd4tDhst7pTHg=; b=YpUnZz4UBx4O4CP6bPAuQuSQx5b8EFSHizJdTRBQ0dThT/LV2QbQ/j5kWBNJ63kRWIhZ3B we17tNNR7EbGPuAtUEhcjbcbM4pGugNku4q/HXsQxMHy6lF7n7uT5YBcOfpWwSR3951V9M VVbkPrzbtTpWryLOKmWUyhh06KmEJIY= X-MC-Unique: RUw7Sqn9OCSW8XGe4b2KyA-1 X-Mimecast-MFC-AGG-ID: RUw7Sqn9OCSW8XGe4b2KyA_1768224206 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224205; x=1768829005; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=g+khot+OVhL5+e3tOQKUptJ6m/mk7Ksd4tDhst7pTHg=; b=N5fKHg02vYbangFZsEmTc0fLClHi+j3f0pu7KevvmP3jGofl3/Tnka6FFtlLaS8Icb 31yewKKK8pPTTMLf0Jp69hadMnIdFFf/8LTxP5Ba4sFCpM78QRXjgBwRQZf9XUVXeNY9 ZdmAruZVkhXNgJnwhbpdQL+BVqqc0q7gDLoNzJJgWTln6NhDgoGtZkaJUH8fk47Q3Jcz IzLaBeZzpPB0wCIso98w4UVxwxIms4EPSk8QWGyhKYXruylw6CjMrGeKyzPkrrM1Qd/V 2tZtSTh4aSZPh9gXs7CJxoCubjobk3p49hKKnixG6HmYp1nrad7Po+krbG8VQ/Gidhbj abNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224205; x=1768829005; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=g+khot+OVhL5+e3tOQKUptJ6m/mk7Ksd4tDhst7pTHg=; b=ZCVkgLI/hiBddBsgWsdzH0ZpECLMQy+YQwWM7cxfnHgqT08qoEfrdMLs3HeU7y51Z5 Kdrj9JHPGi0h0VS7wVh9y/bia4bJ5rDitwRIn0fqT6KHheDlvq8BgXuezH4TBSnb+eRa 2auYdKA9oG+zyXTPuUqp2oh7+GLlPm5kaB1636FBpsYVkRdtwCtBaXyv+NFRWCYu8+gI xS6PmX3s435qvWr2quAv76fteJcALRMvtekdegDzdj1rhAzigXfBimqJTn7ydKzEgYff zQN8VErnJsf/L8Qmdd/l4BluwSw7eV4sFuli2vssQVXE6q32s2oNOhkOfUzBQsoLnbEr bTWw== X-Forwarded-Encrypted: i=1; AJvYcCV1bpSXs5lVExl3d8jrEQvZq+1ucPwlqH+f5ChOo1pt3HUYbv8ja5tUjAHZibcvv0UCoXgvl3cn1b6D@nongnu.org X-Gm-Message-State: AOJu0YxiHbbOC6oQZ460wp+Y3ua0i5gQpuXAmktpe2VF0oOuYrJnmCLX yEaPySpLtaAzVASNF1uK8yj7NrWmgx7yv+NofcCGqCx2doizTYujiFFl67qRkIomodDQZDH9H69 +ueJBEpwaRCbS3V7fZv+ASh8Rd9Rs6+y2uZxm8Q/+j4hIRY0hw7JWJkNvuviz32SP X-Gm-Gg: AY/fxX4hnckQdM3dN0d9LP+9RSNxhAPvwDNfNdHi9OwUTKaF+QScu3PB8Bm60SGwMmL NHdRG5dX4xuRza14wK6xSzkCvFKDHcV9fBFGEPRTSPB2UVPUgwAikyV6Fy473i4RIBmlu1BSGfY tAVlvFQXpqhd3PJqWf+v6sQ6POvGVu+uojUS+zA7yFO+24qIOt16kpRBoTRYoIJh6JO9DQjL6Qd ULZH9ZpfPoHhyLDXV7lMVm47NB/jglj8pdCTYRDDuj28qFL0LSshVY6o2xbD1VmZdmShfWcTpdY GilIMmMJIH7ygnBbB+oaIqRI62MK5qPlPtd310T9vglmHZ8HNvJgtshD9asDtchF9kSKLDAbSzz nrvINcbgoyhVoh22BeW0vUvOtj8LThIxn7/g2qcr+Dsc= X-Received: by 2002:a05:6a20:6a04:b0:389:8e40:a150 with SMTP id adf61e73a8af0-3898e9c82f9mr17456672637.6.1768224205502; Mon, 12 Jan 2026 05:23:25 -0800 (PST) X-Google-Smtp-Source: AGHT+IFi4Zg7KdOtP8qLyP1McM4GBBuhCcQb94iIzKBNrcIfxcUavjuesbrpptymmYu05SfJOoquaQ== X-Received: by 2002:a05:6a20:6a04:b0:389:8e40:a150 with SMTP id adf61e73a8af0-3898e9c82f9mr17456651637.6.1768224205076; Mon, 12 Jan 2026 05:23:25 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 01/32] i386/kvm: avoid installing duplicate msr entries in msr_handlers Date: Mon, 12 Jan 2026 18:52:14 +0530 Message-ID: <20260112132259.76855-2-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224395814158500 Content-Type: text/plain; charset="utf-8" kvm_filter_msr() does not check if an msr entry is already present in the msr_handlers table and installs a new handler unconditionally. If the funct= ion is called again with the same MSR, it will result in duplicate entries in t= he table and multiple such calls will fill up the table needlessly. Fix that. Signed-off-by: Ani Sinha --- target/i386/kvm/kvm.c | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 7b9b740a8e..3fdb2a3f62 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -6043,27 +6043,33 @@ static int kvm_install_msr_filters(KVMState *s) static int kvm_filter_msr(KVMState *s, uint32_t msr, QEMURDMSRHandler *rdm= sr, QEMUWRMSRHandler *wrmsr) { - int i, ret; + int i, ret =3D 0; =20 for (i =3D 0; i < ARRAY_SIZE(msr_handlers); i++) { - if (!msr_handlers[i].msr) { + if (msr_handlers[i].msr =3D=3D msr) { + break; + } else if (!msr_handlers[i].msr) { msr_handlers[i] =3D (KVMMSRHandlers) { .msr =3D msr, .rdmsr =3D rdmsr, .wrmsr =3D wrmsr, }; + break; + } + } =20 - ret =3D kvm_install_msr_filters(s); - if (ret) { - msr_handlers[i] =3D (KVMMSRHandlers) { }; - return ret; - } + if (i =3D=3D ARRAY_SIZE(msr_handlers)) { + ret =3D -EINVAL; + goto end; + } =20 - return 0; - } + ret =3D kvm_install_msr_filters(s); + if (ret) { + msr_handlers[i] =3D (KVMMSRHandlers) { }; } =20 - return -EINVAL; + end: + return ret; } =20 static int kvm_handle_rdmsr(X86CPU *cpu, struct kvm_run *run) --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224237; cv=none; d=zohomail.com; s=zohoarc; b=eWeV0Bz6QYMarZ42DfiBdB55nb7Bb3e1E0mB7uXmYeMJT/bkbftG41hjyuL5E3Adhg7HWorB5XjZrEGLuWZGzN2QoliOaEQ0eCyXZwwPqVl/MzNveI6/lZs8S/1U9x8/FBuYobyj1aauw3M6ys9yeBSA5k52Q0ofS0xzJNcwO7M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224237; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=J4r17Ft86Qgzjssjh54bFN1Ri7K+Nkr0hfz37LjhFXo=; b=O4pb7C67tHutru+flDpXFcjnTdteQYArFZrbZkGXUMUx4ADTfBmrJHKEoDP7b2WXjdCBJVtQV5GMmdATAWnbQSdTwdZEv+v0MmPXJrJY4qXabN4FQBP/PqsEitkNrhb8ev3oYlZ7/BOhG5BKPNXWldIKfl90dMGyDogFSNLoc6g= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224237305678.8192000654418; Mon, 12 Jan 2026 05:23:57 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHtT-0002ZE-G2; Mon, 12 Jan 2026 08:23:39 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtN-0002SS-0U for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:33 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtL-0003g6-3N for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:32 -0500 Received: from mail-pg1-f198.google.com (mail-pg1-f198.google.com [209.85.215.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-644-C2a0Y7hSPz-48kEay518ww-1; Mon, 12 Jan 2026 08:23:29 -0500 Received: by mail-pg1-f198.google.com with SMTP id 41be03b00d2f7-b630b4d8d52so4537808a12.3 for ; Mon, 12 Jan 2026 05:23:28 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224210; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=J4r17Ft86Qgzjssjh54bFN1Ri7K+Nkr0hfz37LjhFXo=; b=C93kK8ge7k1yoKe1hBaW1dQKee6qmEGta/jqwW5xMoi01YR2jolavvCURUV5iYZPUar0Bw QtJdgRLcAR73mOPIy/f/93+ukaly8IgUd2FQdbgPq5gdcpMP8JE+qsako3b/+/WV/m9CB8 g1b/du2g6xpOph95s5nyBoW2v4+Ng+g= X-MC-Unique: C2a0Y7hSPz-48kEay518ww-1 X-Mimecast-MFC-AGG-ID: C2a0Y7hSPz-48kEay518ww_1768224208 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224208; x=1768829008; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=J4r17Ft86Qgzjssjh54bFN1Ri7K+Nkr0hfz37LjhFXo=; b=HkUOu4FqlN47rTZXj4nq+PdENYjUshUDZoV0dS55+M69QL9bkOkc0hci5h3t5uR0EF Ap6JR4qKjAPppofsSEeYPc43q9zyIouMaWA+RsvEmMxblb1IC8yGc3S82mb0CJxGN8EL ar2diO1fb1zBDrvtYVU470dirkVOUKrzqBeY7kMB7oQEOtXMeuUhYUebCbGx8sWI+2pS PcycctD4nSgI0fHvqF4eE/T7CTuCcfAtrCK0qDbl4hhCCI6bABz1fgIthexzYhVeYP/n xkDVdw48ZZwI7AnsRSo6ebP1T1kWck1vQtAVAZnJBwDTRwDNTYpN1w1CkvjOztGXZzAl iY8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224208; x=1768829008; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=J4r17Ft86Qgzjssjh54bFN1Ri7K+Nkr0hfz37LjhFXo=; b=lOcXm8ScW4qJzMPHWdZC9+DRpEcEJJfYA72RDGkj/4j8CSolPUL1XiAtLnkWdK6RyA /i8mqAfcsgcsriZT26XFDoIzeWdQBRK58WoRAc7yYuKrHg3eSnwV73HRSX4/Yynt1UwL F9RSClCtV7c5j210JtasaEybZIcdOKr/oKBNp0aiCI/lGpiF7tKDhJ2MW+igy0MRtAaj 37+reHOgKpguRR987xsx2CU4rnm3wum8NfhO7YietFaDW5jryTULciSvLHYTe1oloqYz WoLL9eTAWGtw4ZBC1yuovUGoVihi8v4jGshG19Ow7YTEwVlO9GTdl+1fc7koEC4sBohJ tlLA== X-Forwarded-Encrypted: i=1; AJvYcCWvwvEFcaY0M+trHjQdD5R9u+icglGICXQ8pOUgKvbzcMIW1Vv3+0+XN8kwZwHabyxAoEjxyeWkb7S/@nongnu.org X-Gm-Message-State: AOJu0Yx0cWRbIxdB3FQFOhPDaKgpqBQwQWmwIBrbk2NsnrOJvrIRg+Lm 6z6dAkmbbMSrlxzfsvbYz4SHF9LawiiStgOf/uIYZSFU5Ir3qTa8opOk3Ij1c07xnMxRUOlDxmw FlQ9XJzYJ03Qfk4Z0plSnasmp/XUv7zoVG9Jxe4Sp+3TcPND6GKoNdiHs X-Gm-Gg: AY/fxX6juyVd242UBkUQvQL9YFAeyZ5e1BeRn/Bqx+JrOpBoOimHih8Vxm9jyqBMSjg cskWth6gpO50GzC8Nnh8akzEQoKEaTqfHDt45aS/MF8oghNiEtexVC7yyQvCeX1+i3e6unMWJrj dsOJdo+X3f5+6w0kOmjsdWgjlmoFnXDBiFcW1VhtWcIjY7M2VfT8JVJWHGijFKJPrwUx/OZzXQ+ 0H9uUUFFrQS/lJFvU2SYUvr5gsivJ6X9OCmmNYMsBhMMnHya0J3LZFocIg2SRYFdUdSmvKWeyC4 8a2KvzFOF08dJgUx0zpWWX3v71vihUh+dX9KGVQKtrunP9Tj40mOsyTEHZeeerZ96j+fmnOUKjz WxiUjZmO7BDEqZeeQRQOfevjajOjfGrzY0iuObE2ws00= X-Received: by 2002:a05:6a20:12ce:b0:366:14b0:4b07 with SMTP id adf61e73a8af0-3898f993beamr17620612637.67.1768224207916; Mon, 12 Jan 2026 05:23:27 -0800 (PST) X-Google-Smtp-Source: AGHT+IHm/f2phZmmT/EfkoFxcp9vC5gPdRBBU4oQhViaJUnHLPkiNObkA7wZKgkY891aWfpND+Vmrg== X-Received: by 2002:a05:6a20:12ce:b0:366:14b0:4b07 with SMTP id adf61e73a8af0-3898f993beamr17620594637.67.1768224207502; Mon, 12 Jan 2026 05:23:27 -0800 (PST) From: Ani Sinha To: Richard Henderson , Paolo Bonzini , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 02/32] hw/accel: add a per-accelerator callback to change VM accelerator handle Date: Mon, 12 Jan 2026 18:52:15 +0530 Message-ID: <20260112132259.76855-3-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224239207158500 Content-Type: text/plain; charset="utf-8" When a confidential virtual machine is reset, a new guest context in the accelerator must be generated post reset. Therefore, the old accelerator gu= est file handle must closed and a new one created. To this end, a per-accelerat= or callback, "reset_vmfd" is introduced that would get called when a confident= ial guest is reset. Subsequent patches will introduce specific implementation of this callback for KVM accelerator. Signed-off-by: Ani Sinha --- include/accel/accel-ops.h | 1 + system/runstate.c | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/include/accel/accel-ops.h b/include/accel/accel-ops.h index 23a8c246e1..998a95ca69 100644 --- a/include/accel/accel-ops.h +++ b/include/accel/accel-ops.h @@ -23,6 +23,7 @@ struct AccelClass { AccelOpsClass *ops; =20 int (*init_machine)(AccelState *as, MachineState *ms); + int (*reset_vmfd)(MachineState *ms); bool (*cpu_common_realize)(CPUState *cpu, Error **errp); void (*cpu_common_unrealize)(CPUState *cpu); /* get_stats: Append statistics to @buf */ diff --git a/system/runstate.c b/system/runstate.c index ed2db56480..b0ce0410fa 100644 --- a/system/runstate.c +++ b/system/runstate.c @@ -42,6 +42,7 @@ #include "qapi/qapi-commands-run-state.h" #include "qapi/qapi-events-run-state.h" #include "qemu/accel.h" +#include "accel/accel-ops.h" #include "qemu/error-report.h" #include "qemu/job.h" #include "qemu/log.h" @@ -508,6 +509,8 @@ void qemu_system_reset(ShutdownCause reason) { MachineClass *mc; ResetType type; + AccelClass *ac =3D ACCEL_GET_CLASS(current_accel()); + int ret; =20 mc =3D current_machine ? MACHINE_GET_CLASS(current_machine) : NULL; =20 @@ -520,6 +523,23 @@ void qemu_system_reset(ShutdownCause reason) default: type =3D RESET_TYPE_COLD; } + + /* + * different accelerators implement how to close the old file handle of + * the accelerator descriptor and create a new one here. Resetting + * file handle is necessary to create a new confidential VM context po= st + * VM reset. + */ + if (current_machine->cgs && reason =3D=3D SHUTDOWN_CAUSE_GUEST_RESET) { + if (ac->reset_vmfd) { + ret =3D ac->reset_vmfd(current_machine); + if (ret < 0) { + error_report("unable to reset vmfd: %d", ret); + abort(); + } + } + } + if (mc && mc->reset) { mc->reset(current_machine, type); } else { --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224237; cv=none; d=zohomail.com; s=zohoarc; b=SBipa0zVkmG1z91EqNcU1GNMKo/bOL87/M0h1nNA4aphk4OanLC/uhLUaZA/o2XuNwtV5T2vZifQP2N1cdEUtQ+HfZdQoay/W833QMClNwj75Ka7vpY9k9CMCz3/jwwtJ2xcsGHjBD2allrO01az0XInKX9N3v+EJKr/B4VFn0Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224237; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=fe/dGeMhV+z9VZQ3DIrLaWoG9yC5tlBJFvMhJmKEvDU=; b=EzljGxjvuUHd4OX5fOONHk0tRxpVPeUvn933fRTAh+GYEmP+5dCpfPZwL3HYlt5/QKH1UOK7yS02ADGevlXF+mivaVoAs4Q4fofv6fOZId6/rshg3b4pmoHj4eR6JKtPHq7VHQdmm6MIUf/LVF4bVFpB410wGYtcaVu89XdATQY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224237302641.5650762270307; Mon, 12 Jan 2026 05:23:57 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHtU-0002aA-MF; Mon, 12 Jan 2026 08:23:40 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtQ-0002UM-0u for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:36 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtN-0003go-UZ for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:35 -0500 Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com [209.85.214.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-53-uy3sWtF1OAG4h8SgpkgqSQ-1; Mon, 12 Jan 2026 08:23:31 -0500 Received: by mail-pl1-f197.google.com with SMTP id d9443c01a7336-2a089575ab3so69012475ad.0 for ; Mon, 12 Jan 2026 05:23:31 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224213; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=fe/dGeMhV+z9VZQ3DIrLaWoG9yC5tlBJFvMhJmKEvDU=; b=SFeMNFyu9MbQDo6p8zdrn4BgyExQENlJInSu4Z22gHkEHJjYYjvBUfLKXVG2asq+eqEtdj ExpNF+aT25x2dRTryzTd7RHxrBWyAjazzEyx8lBx9/tinbhljb259BL1grd4iUvEMnE9+9 yC7StETvTwJi+nJ9fvwLenFPcxBrpx8= X-MC-Unique: uy3sWtF1OAG4h8SgpkgqSQ-1 X-Mimecast-MFC-AGG-ID: uy3sWtF1OAG4h8SgpkgqSQ_1768224211 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224210; x=1768829010; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=fe/dGeMhV+z9VZQ3DIrLaWoG9yC5tlBJFvMhJmKEvDU=; b=Mstf7sAmqTv6fR+F0gfc5wCOYfEwB0Ht357T90k84k5DkK7xDGxUV5AuTPA4a0SjU4 6d2MtL4OPQXNGH8pQPzOjthPFaYVnOEbQtUlfhpRM6EByU4dYlnmaZhtvW2LtiV6mPis /jB7f4MGu0ezjsq2Nyy/0F1s0xRYM8OCxzHWgPwvAsTvNdd6oq2on7dMAh2ScAGMhe0+ CrMfs3Y3q936/Pu6Z6fR2ZXFjhReJY2PnDvQ3/Xkg7gwOdE93z8+eNtEqlbw8aSv5Xes KD0sJvfErS0YLdw2Or2PBlChCb7nnH/Ldf6BMuCOdY/+fHqy8ndJFJlTABKrxUD6affR T1YQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224210; x=1768829010; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=fe/dGeMhV+z9VZQ3DIrLaWoG9yC5tlBJFvMhJmKEvDU=; b=rntSU/UHDFnem0WWGJA0thgxdPZIJWiY468PtOTkiX8tYUa9toy91RXcw9HRgIIupr bmjR7HXpl0/9KEycowvW/TADwrJV3qTdQc+gQMZNmJt9t2Aui0n7EYnPbYLVxGoeaAkC V8/1LQPgap+phuOHZpKeRyGIbk8G/A1PTGHkiNu/l1dyK3gAi/VrDgdGlai/5W9TFicg XVAb9WRpnhrMAQmDga+mRRnZeEEMd61+pnnhEkhKjVa9oGepk4cHK2Pn0/Phak1lyQgt VxqsElA3djvEFEXJhMdgUP+cD395/+93XjZuA+NjoFSbvagIs/CEViFJJU+yMH9fslxV 2VHg== X-Forwarded-Encrypted: i=1; AJvYcCWbxFDmkLoNOHyP4BZyEoZbblRKpnwyDLBg+0Gb7CVZ5fLAhn/KhoQgv0FuK2eH4NTHfTWfL8KSKqi3@nongnu.org X-Gm-Message-State: AOJu0Ywmp+akVyOxk2xKOp3TeC0CFtuGgvN7nOzmL+zfzswrShWsc81y HrROKn7HixGV3LeHjUBIY0GF5f03Q0nhkQmGpGKJ2EQ8kYqUoVwHaFQKcLiszTOVxMoNnq12mFf HeynXLYNW2MlhCZgSf03Xp1UP6vFhqc7BZzvKodsxeeDbatbbooDu61dd X-Gm-Gg: AY/fxX67D8/vU3ED/M3BxZDae8CEg534ul8YmSEae1OtE9oMUruvoH9MU9/G/48gqgO yImi5p3IELN6j++36neDjKN8Zq+kuZGt06SUKGPhbWgGWQA2E4F8WnXV+svcyGBpN4TifKSvXhD fLlu6e+NUSwKbvht9tNh8ETE521+aLIqyNrFJirXV3SQxM+Wywn2SfRz4Pb5TjJNbv1YM25xXp1 ZbaW4uS55Wmc70q5J/V9eir9IwoNUyZttkg8mmRClGuyYBj9gwNhB22YzAbRfMbJUcyaaa2Urdw 4iacxuNa7MgwVWRzeo8U8QxXnKvbovkMYSpz7bVga0naa/lmZO1whnGU7jv5q2V5FYP1+O7TcEx xY9ezPdx9vwLZjPaP+JUNX/D7I1DlqTA01jsAlaYcaPg= X-Received: by 2002:a17:902:c942:b0:2a0:9fc8:a98b with SMTP id d9443c01a7336-2a3ee4bfbcbmr174766185ad.40.1768224210550; Mon, 12 Jan 2026 05:23:30 -0800 (PST) X-Google-Smtp-Source: AGHT+IHPGYbyVi9tDvyyrOxBOltQV/g9GuHqjDTo1e0zBtMmMF7qITdYQbkP+X6Oj0bo7f9ddP1Pew== X-Received: by 2002:a17:902:c942:b0:2a0:9fc8:a98b with SMTP id d9443c01a7336-2a3ee4bfbcbmr174765985ad.40.1768224210121; Mon, 12 Jan 2026 05:23:30 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Peter Xu , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 03/32] system/physmem: add helper to reattach existing memory after KVM VM fd change Date: Mon, 12 Jan 2026 18:52:16 +0530 Message-ID: <20260112132259.76855-4-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224239194158500 Content-Type: text/plain; charset="utf-8" After the guest KVM file descriptor has changed as a part of the process of confidential guest reset mechanism, existing memory needs to be reattached = to the new file descriptor. This change adds a helper function ram_block_rebin= d() for this purpose. The next patch will make use of this function. Signed-off-by: Ani Sinha --- include/system/physmem.h | 1 + system/physmem.c | 28 ++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/include/system/physmem.h b/include/system/physmem.h index 7bb7d3e154..da91b77bd9 100644 --- a/include/system/physmem.h +++ b/include/system/physmem.h @@ -51,5 +51,6 @@ physical_memory_snapshot_and_clear_dirty(MemoryRegion *mr= , hwaddr offset, bool physical_memory_snapshot_get_dirty(DirtyBitmapSnapshot *snap, ram_addr_t start, ram_addr_t length); +int ram_block_rebind(Error **errp); =20 #endif diff --git a/system/physmem.c b/system/physmem.c index 0105e88058..58c89500e9 100644 --- a/system/physmem.c +++ b/system/physmem.c @@ -2857,6 +2857,34 @@ found: return block; } =20 +/* + * Creates new guest memfd for the ramblocks and closes the + * existing memfd. + */ +int ram_block_rebind(Error **errp) +{ + RAMBlock *block; + + qemu_mutex_lock_ramlist(); + + RAMBLOCK_FOREACH(block) { + if (block->flags & RAM_GUEST_MEMFD) { + if (block->guest_memfd >=3D 0) { + close(block->guest_memfd); + } + block->guest_memfd =3D kvm_create_guest_memfd(block->max_lengt= h, + 0, errp); + if (block->guest_memfd < 0) { + qemu_mutex_unlock_ramlist(); + return -1; + } + + } + } + qemu_mutex_unlock_ramlist(); + return 0; +} + /* * Finds the named RAMBlock * --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224302; cv=none; d=zohomail.com; s=zohoarc; b=f8p7rDYLbClHJQD3prlX3cfpqnxzfusmQwZ8ZIatsU2s8CnqgXV8XKC1iZaRnty450aof/fSKwroyy5QIuHva1ZboFqC7SUMkTe+Hhx7OEOLC13P+pE5xfMCQOx0BePspBg4GZ1QmWF+BwzjgPxNynzeU/yXxTuJvAR7ue7Ue40= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224302; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=NdnbksSUGyPUrHjkY0R7TYIIf5kvOcbV2JSCja1oOlA=; b=Prx5RbbzrfOGSjcDpUessXVOrkN8NcV87Rd7HHm+jlobifccpNCX6AodErbxOanO+MBrSY2ZRr59/6NSJONU2fHPRPkJyQ6B9YPcRxjdKAu9BeCeroyGfOjMxxNvwe7XhkHmzmN2B7IdKZV4JuZoHTW3/Qhgk41WT+Waue2MPLE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224302762465.825234979378; Mon, 12 Jan 2026 05:25:02 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHtq-0002zx-Fb; Mon, 12 Jan 2026 08:24:04 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtY-0002fO-5Y for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:48 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtW-0003hU-88 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:43 -0500 Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-587-m_B5IyrGMr6rc7yOH3AkYA-1; Mon, 12 Jan 2026 08:23:40 -0500 Received: by mail-pg1-f199.google.com with SMTP id 41be03b00d2f7-c52779e9e65so1797984a12.0 for ; Mon, 12 Jan 2026 05:23:40 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224221; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=NdnbksSUGyPUrHjkY0R7TYIIf5kvOcbV2JSCja1oOlA=; b=QaJnWvIm42Q7zOzaBotThTGc4f20BIU2B74O0DCWIGFP1Ra/4fFbjZanWwhWG+GZY2XJWg Xd9xWRknIuPMzwP9I5I+1HTu+5Kcpyo8MdDHofg+3tfvofRscyOWcvVkmNPxs4Rmop3IBL e3InPyEHbm57O0Lemj7Cl8IDhFuaPzw= X-MC-Unique: m_B5IyrGMr6rc7yOH3AkYA-1 X-Mimecast-MFC-AGG-ID: m_B5IyrGMr6rc7yOH3AkYA_1768224219 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224219; x=1768829019; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=NdnbksSUGyPUrHjkY0R7TYIIf5kvOcbV2JSCja1oOlA=; b=gl1/NvOGVKf2ZNdqeyoqNY0w8mqEBpghM74kzBgchIRpklS5/qIY0HYKEmYnBJ1yTQ OAkP2QzO+znPyLbt1eSbp12vxTNgubCjhpzRzYq0dqtWl+vI9FYtnTeU8QnAOtSOCi32 AmLEa2rPRHlgjjEIoZI93ySV/fRxB8Bo9a63ZiLo05C2FHR4vhvkT09ndUblRccm45bs 25o7Psu6JqwmhdigqvkKlifCkuNB/T4fYfjlroIpoEAN6N2nsd/EuLa6fHzHKbHD5eTT RYOPpyQQtm9cjISxeZxEjSeK49U56mzAf9bEipZfw/W/FubY4sTZ3zWMjJq+kCtUA+KF WuRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224219; x=1768829019; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=NdnbksSUGyPUrHjkY0R7TYIIf5kvOcbV2JSCja1oOlA=; b=M8yRU+SAuT4NSg9xMqmPTaspDO6nakzc7bOqarr39Iacbwmu1pHoiGl+9UuIIsDSbw wMNGuF2hDk6OdvWzgixjHNswxaFwFPxPamRVRtndmQt1435sBz5nTbdHzaThezSVQBJT yPlTAvDokOHtZN4RrcQiiGvyP39dIWgaRNT3exUowGH36SpjN1CbB9gCyiu4+Ubh2+Yn aXsgGnYL3o3TO1q2HvILZkaBFw9kzCV70hVHyWaJHrDznra80ZYxKNgde9mwOAWs0JHs XJl4xwfhk321rhRGXjvT2lJ6wbkXnOd+WlRHhfPl74fy3XhRn90/cVjF/KwKYH/S8AZM fsIw== X-Forwarded-Encrypted: i=1; AJvYcCUBcESZ8JgJVTeLyrIgFmJ1DEXy1fbeaWwuqqomadp06aFbn7w0GMlvO1hs3rPD+86VC+wg62ueCPRg@nongnu.org X-Gm-Message-State: AOJu0YxYqHkE71UGhQHgSqfYRCEU7Xqagw4E7Td2N218lg7PmxM5BHzT chw9rrNiw6ZlRQ6xqQzx4IAG40hDwEg3PRM15q02LKSNSN3iA1WGgoLF/ZZim7L0E1Cj2P67U/o rdOwwirVByPS3+uSRzU/v5EDp6NafgGUxbvT3hfhtPOWEnwJx57zJJ0Ji X-Gm-Gg: AY/fxX78Ozu82soSRF7oWE1Z8eyw/P/dVzzqqmD6PChNov14N1CJ3VyPxa3J9VaY1OU iCGhOjeXDXoRLpjn8vii/LdhKE3g+AQZuNz3g7Evy1XPD79enBvvn/zXl1RDiS0J0ZEeAsWRDEZ 3kWQJnqi9GbNmzOphEG2TBcrtuztla2vR3yhI66sect/fStv1EVuofRK+pdE5SjIR204WT4sNOy bMU5gwaROXcum3wHcg7LBchZlPbz2XUuuT4+T3ebtdYjCOuRRNQ0ZtMim0YWFJe4hrOpN/n19w+ lDDYc+/5dPbX1fdlt+b0M92LetIUhrIRMMawqyAS/lLNQ1ZgdYCQWoLI1XczlgTgvzBXa9U1VTM i6u7Ip9kzvq1uFdfB1C2oLFJY8+LQhHiLmeSuPqM56ks= X-Received: by 2002:a05:6a20:4320:b0:371:5a31:e486 with SMTP id adf61e73a8af0-3898f8f5575mr16343788637.6.1768224219110; Mon, 12 Jan 2026 05:23:39 -0800 (PST) X-Google-Smtp-Source: AGHT+IEcv47eltF1dqyqoHkRdnfdwpRjEXwbJhJgpR2WonnKMpNVeugyliTsyRBpgsUG9mJ4idnyIg== X-Received: by 2002:a05:6a20:4320:b0:371:5a31:e486 with SMTP id adf61e73a8af0-3898f8f5575mr16343740637.6.1768224218597; Mon, 12 Jan 2026 05:23:38 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Peter Maydell , Marcelo Tosatti , Song Gao , Huacai Chen , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno , Jiaxun Yang , Aleksandar Rikalo , Nicholas Piggin , Harsh Prateek Bora , Chinmay Rath , Palmer Dabbelt , Alistair Francis , Weiwei Li , Daniel Henrique Barboza , Liu Zhiwei , Halil Pasic , Christian Borntraeger , Eric Farman , Matthew Rosato , Thomas Huth , Richard Henderson , Ilya Leoshkevich , David Hildenbrand Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, qemu-s390x@nongnu.org Subject: [PATCH v2 04/32] accel/kvm: add changes required to support KVM VM file descriptor change Date: Mon, 12 Jan 2026 18:52:17 +0530 Message-ID: <20260112132259.76855-5-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224303784158500 Content-Type: text/plain; charset="utf-8" This change adds common kvm specific support to handle KVM VM file descript= or change. KVM VM file descriptor can change as a part of confidential guest r= eset mechanism. A new function api kvm_arch_vmfd_change_ops() per architecture platform is added in order to implement architecture specific changes required to support it. A subsequent patch will add x86 specific implementation for kvm_arch_vmfd_change_ops as currently only x86 supports confidential guest reset. Signed-off-by: Ani Sinha --- accel/kvm/kvm-all.c | 80 ++++++++++++++++++++++++++++++++++++-- accel/kvm/trace-events | 1 + include/system/kvm.h | 2 + target/arm/kvm.c | 10 +++++ target/i386/kvm/kvm.c | 10 +++++ target/loongarch/kvm/kvm.c | 10 +++++ target/mips/kvm.c | 10 +++++ target/ppc/kvm.c | 10 +++++ target/riscv/kvm/kvm-cpu.c | 10 +++++ target/s390x/kvm/kvm.c | 10 +++++ 10 files changed, 150 insertions(+), 3 deletions(-) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index f85eb42d78..762f302551 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -2415,11 +2415,9 @@ void kvm_irqchip_set_qemuirq_gsi(KVMState *s, qemu_i= rq irq, int gsi) g_hash_table_insert(s->gsimap, irq, GINT_TO_POINTER(gsi)); } =20 -static void kvm_irqchip_create(KVMState *s) +static void do_kvm_irqchip_create(KVMState *s) { int ret; - - assert(s->kernel_irqchip_split !=3D ON_OFF_AUTO_AUTO); if (kvm_check_extension(s, KVM_CAP_IRQCHIP)) { ; } else if (kvm_check_extension(s, KVM_CAP_S390_IRQCHIP)) { @@ -2452,7 +2450,13 @@ static void kvm_irqchip_create(KVMState *s) fprintf(stderr, "Create kernel irqchip failed: %s\n", strerror(-re= t)); exit(1); } +} =20 +static void kvm_irqchip_create(KVMState *s) +{ + assert(s->kernel_irqchip_split !=3D ON_OFF_AUTO_AUTO); + + do_kvm_irqchip_create(s); kvm_kernel_irqchip =3D true; /* If we have an in-kernel IRQ chip then we must have asynchronous * interrupt delivery (though the reverse is not necessarily true) @@ -2607,6 +2611,75 @@ static int kvm_setup_dirty_ring(KVMState *s) return 0; } =20 +static int kvm_reset_vmfd(MachineState *ms) +{ + KVMState *s; + KVMMemoryListener *kml; + int ret =3D 0, type; + Error *err =3D NULL; + + /* + * bail if the current architecture does not support VM file + * descriptor change. + */ + if (!kvm_arch_supports_vmfd_change()) { + error_report("This target architecture does not support KVM VM " + "file descriptor change."); + return -EOPNOTSUPP; + } + + s =3D KVM_STATE(ms->accelerator); + kml =3D &s->memory_listener; + + memory_listener_unregister(&kml->listener); + memory_listener_unregister(&kvm_io_listener); + + if (s->vmfd >=3D 0) { + close(s->vmfd); + } + + type =3D find_kvm_machine_type(ms); + if (type < 0) { + return -EINVAL; + } + + ret =3D do_kvm_create_vm(s, type); + if (ret < 0) { + return ret; + } + + s->vmfd =3D ret; + + kvm_setup_dirty_ring(s); + + /* rebind memory to new vm fd */ + ret =3D ram_block_rebind(&err); + if (ret < 0) { + return ret; + } + assert(!err); + + ret =3D kvm_arch_vmfd_change_ops(ms, s); + if (ret < 0) { + return ret; + } + + if (s->kernel_irqchip_allowed) { + do_kvm_irqchip_create(s); + } + + /* these can be only called after ram_block_rebind() */ + memory_listener_register(&kml->listener, &address_space_memory); + memory_listener_register(&kvm_io_listener, &address_space_io); + + /* + * kvm fd has changed. Commit the irq routes to KVM once more. + */ + kvm_irqchip_commit_routes(s); + trace_kvm_reset_vmfd(); + return ret; +} + static int kvm_init(AccelState *as, MachineState *ms) { MachineClass *mc =3D MACHINE_GET_CLASS(ms); @@ -4014,6 +4087,7 @@ static void kvm_accel_class_init(ObjectClass *oc, con= st void *data) AccelClass *ac =3D ACCEL_CLASS(oc); ac->name =3D "KVM"; ac->init_machine =3D kvm_init; + ac->reset_vmfd =3D kvm_reset_vmfd; ac->has_memory =3D kvm_accel_has_memory; ac->allowed =3D &kvm_allowed; ac->gdbstub_supported_sstep_flags =3D kvm_gdbstub_sstep_flags; diff --git a/accel/kvm/trace-events b/accel/kvm/trace-events index e43d18a869..e4beda0148 100644 --- a/accel/kvm/trace-events +++ b/accel/kvm/trace-events @@ -14,6 +14,7 @@ kvm_destroy_vcpu(int cpu_index, unsigned long arch_cpu_id= ) "index: %d id: %lu" kvm_park_vcpu(int cpu_index, unsigned long arch_cpu_id) "index: %d id: %lu" kvm_unpark_vcpu(unsigned long arch_cpu_id, const char *msg) "id: %lu %s" kvm_irqchip_commit_routes(void) "" +kvm_reset_vmfd(void) "" kvm_irqchip_add_msi_route(char *name, int vector, int virq) "dev %s vector= %d virq %d" kvm_irqchip_update_msi_route(int virq) "Updating MSI route virq=3D%d" kvm_irqchip_release_virq(int virq) "virq %d" diff --git a/include/system/kvm.h b/include/system/kvm.h index 8f9eecf044..a5ab22421d 100644 --- a/include/system/kvm.h +++ b/include/system/kvm.h @@ -358,6 +358,8 @@ int kvm_arch_init(MachineState *ms, KVMState *s); int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp); int kvm_arch_init_vcpu(CPUState *cpu); int kvm_arch_destroy_vcpu(CPUState *cpu); +bool kvm_arch_supports_vmfd_change(void); +int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s); =20 #ifdef TARGET_KVM_HAVE_RESET_PARKED_VCPU void kvm_arch_reset_parked_vcpu(unsigned long vcpu_id, int kvm_fd); diff --git a/target/arm/kvm.c b/target/arm/kvm.c index 48f853fff8..10cd94a57d 100644 --- a/target/arm/kvm.c +++ b/target/arm/kvm.c @@ -1569,6 +1569,16 @@ void kvm_arch_init_irq_routing(KVMState *s) { } =20 +int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s) +{ + abort(); +} + +bool kvm_arch_supports_vmfd_change(void) +{ + return false; +} + int kvm_arch_irqchip_create(KVMState *s) { if (kvm_kernel_irqchip_split()) { diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 3fdb2a3f62..6aa17cecba 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -3253,6 +3253,16 @@ static int kvm_vm_enable_energy_msrs(KVMState *s) return 0; } =20 +int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s) +{ + abort(); +} + +bool kvm_arch_supports_vmfd_change(void) +{ + return false; +} + int kvm_arch_init(MachineState *ms, KVMState *s) { int ret; diff --git a/target/loongarch/kvm/kvm.c b/target/loongarch/kvm/kvm.c index ef3359ced9..9d5c73f3a3 100644 --- a/target/loongarch/kvm/kvm.c +++ b/target/loongarch/kvm/kvm.c @@ -1312,6 +1312,16 @@ int kvm_arch_irqchip_create(KVMState *s) return kvm_check_extension(s, KVM_CAP_DEVICE_CTRL); } =20 +int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s) +{ + abort(); +} + +bool kvm_arch_supports_vmfd_change(void) +{ + return false; +} + void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run) { } diff --git a/target/mips/kvm.c b/target/mips/kvm.c index a85e162409..fbef498bd7 100644 --- a/target/mips/kvm.c +++ b/target/mips/kvm.c @@ -44,6 +44,16 @@ unsigned long kvm_arch_vcpu_id(CPUState *cs) return cs->cpu_index; } =20 +int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s) +{ + abort(); +} + +bool kvm_arch_supports_vmfd_change(void) +{ + return false; +} + int kvm_arch_init(MachineState *ms, KVMState *s) { /* MIPS has 128 signals */ diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c index 3b2f1077da..7cdc0d09f4 100644 --- a/target/ppc/kvm.c +++ b/target/ppc/kvm.c @@ -180,6 +180,16 @@ int kvm_arch_irqchip_create(KVMState *s) return 0; } =20 +int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s) +{ + abort(); +} + +bool kvm_arch_supports_vmfd_change(void) +{ + return false; +} + static int kvm_arch_sync_sregs(PowerPCCPU *cpu) { CPUPPCState *cenv =3D &cpu->env; diff --git a/target/riscv/kvm/kvm-cpu.c b/target/riscv/kvm/kvm-cpu.c index 5d792563b9..548ea3aeab 100644 --- a/target/riscv/kvm/kvm-cpu.c +++ b/target/riscv/kvm/kvm-cpu.c @@ -1545,6 +1545,16 @@ int kvm_arch_irqchip_create(KVMState *s) return kvm_check_extension(s, KVM_CAP_DEVICE_CTRL); } =20 +int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s) +{ + abort(); +} + +bool kvm_arch_supports_vmfd_change(void) +{ + return false; +} + int kvm_arch_process_async_events(CPUState *cs) { return 0; diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c index bd6c440aef..6374246416 100644 --- a/target/s390x/kvm/kvm.c +++ b/target/s390x/kvm/kvm.c @@ -393,6 +393,16 @@ int kvm_arch_irqchip_create(KVMState *s) return 0; } =20 +int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s) +{ + abort(); +} + +bool kvm_arch_supports_vmfd_change(void) +{ + return false; +} + unsigned long kvm_arch_vcpu_id(CPUState *cpu) { return cpu->cpu_index; --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224420; cv=none; d=zohomail.com; s=zohoarc; b=AKakyVp35iNN38UmVVao2sV28Q8K2ur1CxhfFAw+dK1cCjrvSL0Gu/B66ciyneCyCeLYTBgupTqf0tZfQOEgTVjzlSq6QCESsAcXsYaun+OT/pmgWSEEK11elwcxaZde29X8bbkQrt+q1kSIaTjCtr2bzBXcovFHlQo9tVBYpR8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224420; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=9FW+RNoWUNg/DJr0t6Axhc3qYqFhjtvAQISw7/ozuW0=; b=g5+UGsdGxgnf9Zo8LGS7hta7hRHJgt+pERQLjVMUuRH/hWELbHb3pFxsx5BkW1Yj4vIwF5puZMdyUmO6vF3qv42Js0Ic6mWBIzZnGFVqURf9akQCYz8iyetY7FUOxG2NSnIYoXk+nlViepsLa3ZNqsdZUSlTQpYo0bPixtelxIc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224420117984.3463358566773; Mon, 12 Jan 2026 05:27:00 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHtg-0002pD-Fs; Mon, 12 Jan 2026 08:23:52 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtb-0002ia-8Y for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:48 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtY-0003ht-47 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:45 -0500 Received: from mail-pf1-f198.google.com (mail-pf1-f198.google.com [209.85.210.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-156-hpoW3tYiNZKbX97n1PsRmg-1; Mon, 12 Jan 2026 08:23:42 -0500 Received: by mail-pf1-f198.google.com with SMTP id d2e1a72fcca58-81e6ec1da28so1867588b3a.0 for ; Mon, 12 Jan 2026 05:23:42 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224223; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9FW+RNoWUNg/DJr0t6Axhc3qYqFhjtvAQISw7/ozuW0=; b=N3VvS9EnBkriVjTMrXf7JCK2MdIoBBGv8RGJPKHieaoGdkXh0Dv6sWTpAkD1Iefq+WMasa ymGZ7QkDfCb7z4q1mnrN9Vcmkxwic9hTWNghe/wEKkiOD5hzpHyPQgEo9NRhDHaV7Jrj4d AGui59h2hbAPUSbYii+lAgPCEuKQp7Q= X-MC-Unique: hpoW3tYiNZKbX97n1PsRmg-1 X-Mimecast-MFC-AGG-ID: hpoW3tYiNZKbX97n1PsRmg_1768224221 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224221; x=1768829021; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=9FW+RNoWUNg/DJr0t6Axhc3qYqFhjtvAQISw7/ozuW0=; b=qzxbBtivVmuzKZsltMnCOtjD4mFAB2MhXkSNx7Uoqv03M0rUjsu9IlbK0vHh6sKN4s tAoPYKvns0cDab18pNGvu05X26DT2BJb8JPMqPKl6E51ophulm2sEUCKST+NwasIrw23 LSXYZdjIdIgKYiM5PVDk5Rf4toeu/2TBXGRsuZOibgWoOGuT+/ArQ3kykl+N105mQiPC 6AnPq2emavahLNtUwdVv6ArKG6AchCreLzSCNOo6rAN47bFBONli/CsqsASuniQRYlTc mXI5BV+j+TZN+J7r6sAHHt7rg+UgV6qyBwszDSCsrF4End+TQN4kM5daKTz3xT9rg3Hf sUHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224221; x=1768829021; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=9FW+RNoWUNg/DJr0t6Axhc3qYqFhjtvAQISw7/ozuW0=; b=c6E1/MKHdfrDSw7xDSvraa6m2E8YmG1DhoKJ0/m0LCIM0QS8ntYKLZawh+RdlUiXiG N4DzwqyKIHxKHBBjl9AcAHoUCIJQSFBC6/EfdjQsBKTXd3LTPY5PjXZd87M3BrpJVQJ1 smqA/ixN15XAEF4rxTCgev57djXQrXu3FccZUE8hivD02cve9+8xTn2BMXDIOuyDEb2v YEo/AmT0H5RiVs15kwW+QLVCxA/4xxs14xR/UPT16NlBPnoBdWB0UlnUhXWQ9Z3Kwhet Mm0bIRB3gUyTqzwUDVFXdNPk9alhz7yOnr1pAvjU1g67djBSXV35xjeDMLpgaRhrCPoC fBIQ== X-Forwarded-Encrypted: i=1; AJvYcCVxYW+sF0JZYAisjsHfCHITIbiDGflq4t4/kWONEoJzTBmrNt/vG48/OC4xaSn10u2OE5MmOzwwzYum@nongnu.org X-Gm-Message-State: AOJu0YzgWr4s24U8f4uliGo8D/vRTyEAzSF+OrY5JdJFxYEMRwiX/06Q 9wxS6klBsKlbxGJ+mkmFeOt7tKCaKIJnW4OExDegcWy0/K9qqN1Hif7pM6A3+Vqh+9t37ML+fyF PkaBKDCtvgX+ZmBr5xZQ9J3EqrAtO3caI4WijoDqWbFw1jTuI9dp+aLTM X-Gm-Gg: AY/fxX6Y20w66ay4m2yEckOOp7p65hLcuevbASldPbZsnqKaZArWtv/tH4IU2+l7keM eR4Cv0hPKmyi/U2Ovcr8qJGbA9rzwBSiwn3CCvBTskWTUpA7dEKjNgNJeuCp+RFhG+U50smRtNJ XiZ2vE+aNiOaPxxQAZ2iB9K4FVMO/somB3Z4/aYbZ2gfzc4Dymih1FYhhcKPUVzDQAs9QvhQDmA WNOftloIvpzTfloOPwdKxUPFNeGKR9tkvT91JEwh2f17Hu+gw0PwX3xWO8xGUtmBhOVz0+yf3Bw 3xKueXYocQ/6ogJI7WShowzMuYSdGba8OtSDysNAb67LalYYQPdkvCmymTE6+Z1tzWhIT4oielF 2aabNA8xraX0ALHjAONdRGrfZxoCkPfPdqD5Emn/lPjo= X-Received: by 2002:a05:6a21:3381:b0:366:14b0:4b04 with SMTP id adf61e73a8af0-3898f97be3emr17859378637.64.1768224221157; Mon, 12 Jan 2026 05:23:41 -0800 (PST) X-Google-Smtp-Source: AGHT+IEHzg6r/nlFCBwy29+gmS/Y3kVmX1P+W2vycZ7SAs4A65GkTF6SdC04/yGxH3/dD/Nwap7Ysw== X-Received: by 2002:a05:6a21:3381:b0:366:14b0:4b04 with SMTP id adf61e73a8af0-3898f97be3emr17859363637.64.1768224220806; Mon, 12 Jan 2026 05:23:40 -0800 (PST) From: Ani Sinha To: Paolo Bonzini Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 05/32] accel/kvm: mark guest state as unprotected after vm file descriptor change Date: Mon, 12 Jan 2026 18:52:18 +0530 Message-ID: <20260112132259.76855-6-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224421952158500 Content-Type: text/plain; charset="utf-8" When the KVM VM file descriptor has changed and a new one created, the guest state is no longer in protected state. Mark it as such. The guest state becomes protected again when TDX and SEV-ES and SEV-SNP mark it as such. Signed-off-by: Ani Sinha --- accel/kvm/kvm-all.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index 762f302551..df49a24466 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -2650,6 +2650,9 @@ static int kvm_reset_vmfd(MachineState *ms) =20 s->vmfd =3D ret; =20 + /* guest state is now unprotected again */ + kvm_state->guest_state_protected =3D false; + kvm_setup_dirty_ring(s); =20 /* rebind memory to new vm fd */ --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224457; cv=none; d=zohomail.com; s=zohoarc; b=GrY85pd1QBoohXB15XT6rdsTN75xa0bEH95X0QqqFRa1uII12/+yzcom8PB7jFk/95O4y4EvlRZNOMHxaDYw4+0gxkjNRSqKcRrgwujLuEAYt9339cMEaDpAm0Bs+erSkisZF1zmuv+EQEscPUvb9kK3qJ3UREh6PjvEg7CAc0E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224457; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=lPuM56addYmauPE+CYUQ8UQqZP2E6PELtzBhAc/1xHg=; b=UB79guut7UZMP7Hm/9FTdCnmPwb2CIOs7SUoufH+8iJHfstGy2CJW6zAidSVZ+dRgOOEn4uykoyEasTvh+xkl2rvZvuILDFTRFogFjXcdUKvOXKns6gOCBXjszLA2aN+25sSTcg//laCcoRWCn0bbnbK5spyEh9th4X7CmEHL34= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224457417857.7358702353225; Mon, 12 Jan 2026 05:27:37 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuE-0003Ij-C1; Mon, 12 Jan 2026 08:24:26 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtc-0002jo-Um for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:48 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHta-0003iL-VR for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:48 -0500 Received: from mail-pg1-f198.google.com (mail-pg1-f198.google.com [209.85.215.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-647-2_w4WIYbPkG-ayPXtNloww-1; Mon, 12 Jan 2026 08:23:44 -0500 Received: by mail-pg1-f198.google.com with SMTP id 41be03b00d2f7-c52d37d346dso2255730a12.3 for ; Mon, 12 Jan 2026 05:23:44 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224225; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lPuM56addYmauPE+CYUQ8UQqZP2E6PELtzBhAc/1xHg=; b=XUHa1LyZM/QCDf6UqTGUTAKbsMgaKNFLPAiVFm+riFEwvCO2eKcNTGRK/dYChPHyoCrtL1 KXlXF0I6f/b3bkcss4IuRQ1DoW3Fa7PK/LgvauzAgVi4ubH5BZKFoci3l4/jBw8HS1kc1G gmWwafZLNvYp0Ew65VZPVFLJUVkdZRs= X-MC-Unique: 2_w4WIYbPkG-ayPXtNloww-1 X-Mimecast-MFC-AGG-ID: 2_w4WIYbPkG-ayPXtNloww_1768224223 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224223; x=1768829023; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lPuM56addYmauPE+CYUQ8UQqZP2E6PELtzBhAc/1xHg=; b=YYjWs41BbOZfAAnp4NCF+s0dnzil09zlZM1RiuYRZC/unBTkDOy9lLM8cu0edb7vmI 2A6B85s7bbs/s4sKHtwgdrG3dM0zucN+ZtRXi+/eWh1LR8CNVC7lUWxUaJ450+1kE+Ld 32vfS0m+zJ2vi+BIM6YTkHJR35SA15+TKag32nYwaZ/QxxGVf3taFtLdQTx7zgnbhtdN hxDM0m61mB3VXOjqQCK+jVi1YyeM/hanhNW11TCofclzENC/K4HHHbfDiYi0eI2u67+P ynuR0c/rvGLORb/qRh/PVpkrupYTUHy8fFL+4scUYE6cFZoPwmIR78jSx+LgbuCJRl7n z28w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224223; x=1768829023; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=lPuM56addYmauPE+CYUQ8UQqZP2E6PELtzBhAc/1xHg=; b=raMw75MdAkqznUzZ82p3ltA4DtY+C88H6VqxYp1cMj3tmEbMDgUJQJ0/8fiyo12UeL WkEBIkeMq2dQXZDkeUZAdsP6/TFHdx7kC/ooVq2Pafl/u7pYkkiqOhOD5G4qKG1tOqAs TABRv7H5Mk/ZLP40+M5cmgXqKUPaFVvtxsoy9s51TWmCbBWW5gPbpnZGaAZWlErzN2kx W2pfcN6RgOCnQ+ufNZpZuMR0lParyETWTCNop1ynvWhTwL8sjqjZzix+5hm+DMQTsSr6 9KI3RMSdv1ycX/DAqzBZ8IIv4vgWAMpNPlF9bbtv6dP2s2vgIUfgaaL9l02nE6fqQzAj mexA== X-Forwarded-Encrypted: i=1; AJvYcCUsiJx5xGPn9E8zt4pURVnQb+BmPtw8Y5KlFJbqFoiaj+j0tuH8ACC68nqo52ZBcMo3Lw+Ni5iLTkOy@nongnu.org X-Gm-Message-State: AOJu0YxZfD5credZIW80zCwhDYmbiDjgYE0pIqIC3qo1ppVQ60T+dRlC jnOALtK61Cja2Ec2vqyV2yOusx76EfsmgLd4zTa7mnZa3twd6mFsfR5iuYDPiHdVWPTEVOWVIFC qcztkPLdgJ/JEr66o2vsujPjf6giOVUH84R7k+gZ9rxCloW1m+pg7Rdu4 X-Gm-Gg: AY/fxX6TLZzczkK6XNsyPHWV0gEgvH3YZjpIfSHwKpOG1mZD9m/ydE2zMjbg5tFSqvO p49h6vDZeZKty8bygpqV81439hfkvQf61fx+cA+10OEX0kQuZb3zUaBOHqYKYItg/sOCO32AnZD y2ZptGwx0WNKhJ1jglxi5R8tmnrIxQmr5R3do0dJ8XyuNvWwKF6m8TJFzakwmxzO0zXAhzvws44 XuV/XPwfx/ydOd52Y1AtKxL9PGpWQEsWYcVVltxm6g7iCVMen+qf64T/Xa/0xpzrx1caNwzjbVi IYFUq0qfsdJOAkj7J9rPNAFfu6tFfy9eqNKaGPrg49CjKfKVTyFiRFqmyduIE67Pk0j9Jskwo3r HAaEb0x+X3BInA2BqHT8+sSMNMUECeZkZOvxj9Yp9JCY= X-Received: by 2002:a05:6a20:3d90:b0:35d:8c8:8acb with SMTP id adf61e73a8af0-3898f91d382mr16602109637.26.1768224223411; Mon, 12 Jan 2026 05:23:43 -0800 (PST) X-Google-Smtp-Source: AGHT+IGK1u9WC9nhoiyAr5vmMG3ufIQ8YPfuY4suBxhryhWv2uGiiK25n3oA/yPi5HyI2ZGlkvNYng== X-Received: by 2002:a05:6a20:3d90:b0:35d:8c8:8acb with SMTP id adf61e73a8af0-3898f91d382mr16602097637.26.1768224223029; Mon, 12 Jan 2026 05:23:43 -0800 (PST) From: Ani Sinha To: Paolo Bonzini Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 06/32] accel/kvm: add a notifier to indicate KVM VM file descriptor has changed Date: Mon, 12 Jan 2026 18:52:19 +0530 Message-ID: <20260112132259.76855-7-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224458473158500 Content-Type: text/plain; charset="utf-8" A notifier callback can be used by various subsystems to perform actions wh= en KVM file descriptor for a virtual machine changes as a part of confidential guest reset process. This change adds this notifier mechanism. Subsequent patches will add specific implementations for various notifier callbacks corresponding to various subsystems that need to take action when KVM VM fi= le descriptor changed. Signed-off-by: Ani Sinha --- accel/kvm/kvm-all.c | 30 ++++++++++++++++++++++++++++++ accel/stubs/kvm-stub.c | 8 ++++++++ include/system/kvm.h | 21 +++++++++++++++++++++ 3 files changed, 59 insertions(+) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index df49a24466..ef8e855af5 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -90,6 +90,7 @@ struct KVMParkedVcpu { }; =20 KVMState *kvm_state; +VmfdChangeNotifier vmfd_notifier; bool kvm_kernel_irqchip; bool kvm_split_irqchip; bool kvm_async_interrupts_allowed; @@ -123,6 +124,9 @@ static const KVMCapabilityInfo kvm_required_capabilites= [] =3D { static NotifierList kvm_irqchip_change_notifiers =3D NOTIFIER_LIST_INITIALIZER(kvm_irqchip_change_notifiers); =20 +static NotifierWithReturnList register_vmfd_changed_notifiers =3D + NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_changed_notifiers); + struct KVMResampleFd { int gsi; EventNotifier *resample_event; @@ -2173,6 +2177,22 @@ void kvm_irqchip_change_notify(void) notifier_list_notify(&kvm_irqchip_change_notifiers, NULL); } =20 +void kvm_vmfd_add_change_notifier(NotifierWithReturn *n) +{ + notifier_with_return_list_add(®ister_vmfd_changed_notifiers, n); +} + +void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n) +{ + notifier_with_return_remove(n); +} + +static int kvm_vmfd_change_notify(Error **errp) +{ + return notifier_with_return_list_notify(®ister_vmfd_changed_notifie= rs, + &vmfd_notifier, errp); +} + int kvm_irqchip_get_virq(KVMState *s) { int next_virq; @@ -2671,6 +2691,16 @@ static int kvm_reset_vmfd(MachineState *ms) do_kvm_irqchip_create(s); } =20 + /* + * notify everyone that vmfd has changed. + */ + vmfd_notifier.vmfd =3D s->vmfd; + ret =3D kvm_vmfd_change_notify(&err); + if (ret < 0) { + return ret; + } + assert(!err); + /* these can be only called after ram_block_rebind() */ memory_listener_register(&kml->listener, &address_space_memory); memory_listener_register(&kvm_io_listener, &address_space_io); diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c index 68cd33ba97..a6e8a6e16c 100644 --- a/accel/stubs/kvm-stub.c +++ b/accel/stubs/kvm-stub.c @@ -79,6 +79,14 @@ void kvm_irqchip_change_notify(void) { } =20 +void kvm_vmfd_add_change_notifier(NotifierWithReturn *n) +{ +} + +void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n) +{ +} + int kvm_irqchip_add_irqfd_notifier_gsi(KVMState *s, EventNotifier *n, EventNotifier *rn, int virq) { diff --git a/include/system/kvm.h b/include/system/kvm.h index a5ab22421d..7df162b1f7 100644 --- a/include/system/kvm.h +++ b/include/system/kvm.h @@ -181,6 +181,7 @@ DECLARE_INSTANCE_CHECKER(KVMState, KVM_STATE, =20 extern KVMState *kvm_state; typedef struct Notifier Notifier; +typedef struct NotifierWithReturn NotifierWithReturn; =20 typedef struct KVMRouteChange { KVMState *s; @@ -566,4 +567,24 @@ int kvm_set_memory_attributes_shared(hwaddr start, uin= t64_t size); =20 int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private); =20 +/* argument to vmfd change notifier */ +typedef struct VmfdChangeNotifier { + int vmfd; +} VmfdChangeNotifier; + +/** + * kvm_vmfd_add_change_notifier - register a notifier to get notified when + * a KVM vm file descriptor changes as a part of the confidential guest "r= eset" + * process. Various subsystems should use this mechanism to take actions s= uch + * as creating new fds against this new vm file descriptor. + * @n: notifier with return value. + */ +void kvm_vmfd_add_change_notifier(NotifierWithReturn *n); +/** + * kvm_vmfd_remove_change_notifier - de-register a notifer previously + * registered with kvm_vmfd_add_change_notifier call. + * @n: notifier that was previously registered. + */ +void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n); + #endif --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224303; cv=none; d=zohomail.com; s=zohoarc; b=GJfB1b3D0EgUZy3fyyyLHsaFQLWm2TJU0oAkgReIFLjbdUrrs324BVx/Vaw+Tc2L6hmp6eAChqOHtLwPmraLky4llgXeJXb+iHz+VFyEp4zilXojlW6LQ03An4WusJkfm/3gVpErOEqt1N5N0kjFwy/NSiKp0+/WZ4tZQ7VHyAw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224303; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=mXnd/EV42IZ35HCUh2hymkokKll/IVZCRGZsgYgJG/k=; b=PfNNdxa/2yyQ7/Oc0ietbSxG4L7n5Syyyd9ca/vQsrhiJNxB5icV58RmdwBuMWjyiKnln0XTQI7dvFlUsceyStrbaaDGiWIfpnZcECVXkSbRz+veLzVw/iPdhz+zNHL4UePKbUv396mJYHv2h3aTlJQXNfDTgQtIyABhHdsxov4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224303772972.3435442073753; Mon, 12 Jan 2026 05:25:03 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuH-0003Qw-6k; Mon, 12 Jan 2026 08:24:29 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHte-0002pd-RY for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:52 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtd-0003jD-7w for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:50 -0500 Received: from mail-pg1-f198.google.com (mail-pg1-f198.google.com [209.85.215.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-333-rLDrxq4FMXOCPCx5aiOFIQ-1; Mon, 12 Jan 2026 08:23:46 -0500 Received: by mail-pg1-f198.google.com with SMTP id 41be03b00d2f7-c52ab75d57cso2604123a12.1 for ; Mon, 12 Jan 2026 05:23:46 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224228; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mXnd/EV42IZ35HCUh2hymkokKll/IVZCRGZsgYgJG/k=; b=Py/LkrKP/0oeEkxmMbOFADi+aW0Z+MX/kSIWkDC1jgPcU2xzlL5S2uUgu6WN6Lbj2EpFWJ /jCS87Yh9LunjSLbM7JtOVo36vbgBMUKC5zjpjFWFhvTLdVSIjH6Yj0iEN7usnhvuVcbBO aQEU/hRvmiMB6vXKAvTGRYXYmn8El8Y= X-MC-Unique: rLDrxq4FMXOCPCx5aiOFIQ-1 X-Mimecast-MFC-AGG-ID: rLDrxq4FMXOCPCx5aiOFIQ_1768224226 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224226; x=1768829026; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mXnd/EV42IZ35HCUh2hymkokKll/IVZCRGZsgYgJG/k=; b=IsG+243W2p0GeKRg7JMJm3sTgt3wCbA9Xo8dnLKVBFuDmG5XftXPWyMRkr3iWQN4vG DIirurCKCHj1Ft9O8QccOAVrnhdbQUJF35fEebPZcSsmEppv115i/XfgGiKv2go8RXc5 fKocNh9pxZIXUUNFjDw2ZpKHd/yYy8kejugXF02srlgSMesbbiFi9poiJgZ0rfisxw+N m85/ti3lMyFkOTfu7L/taozOlz8eeEhuYA7S7dGzDZWUFIZu7n4ga3ch4lMde3fnHFCM +gfgky2ZoKQTi7itfNRXs0Q4jYUnAJFgiN8ySG0Sr3sLKysEoyxvm1HCsPmn7XB2JRF9 xOBQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224226; x=1768829026; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=mXnd/EV42IZ35HCUh2hymkokKll/IVZCRGZsgYgJG/k=; b=qEwkxFajHd/7v+jAsmFWIP9UaEqBup78GTKKVAF+zZ5d5r5AYPYDq48Zpc3Grpr3N+ BdNXRfqhSip3KKBG5ZnZPdRfrqxv+YrzzQONz3SfQV0/t+LmTkd2hKmCaMj0D457CWys ZBG5m8fB74eDDpqIoT50CC20QtzAsnEG3Zhg1FQRWgtLy1ZbL72DItyZVbAGEC/BxWCQ YZacyqPO5IUYYiTJjpoKCfOVwTajgiAHpU94c3BuNOYFeNQHL24fttr6QdzUXZHj2IEF Lgoyi5VVjlg2zmb7S1oMc0HgOBYG686L1FfHZTHJLv1zcC/QKEGWoF4rVBw6oC14988Z rlZA== X-Forwarded-Encrypted: i=1; AJvYcCXBJdoteo2AOq7yysnd2yXDwTCJ9RXUpmaZh/8GdUGVzy04O3UBeygIQtMcOZOhLcOj7Pgfyo0MagAt@nongnu.org X-Gm-Message-State: AOJu0YxO/eYxkv8rdtdoEEeVLNWnZ3Pszikby/rmtku1IEpr6sqOTdXP uQXGIsNVnWbzLwokf7J+izseeeyOpleEXf4+5J8HYMz2H1jL0iCOsXDXIkAxCoisgHQ4UPdDitW jWZPhr4uCGQeVYPvAa88S2x0GAa5Y8qZ1AO7YMXQnmWh3dlwxzqXYdjaL X-Gm-Gg: AY/fxX4nPpPvJfA0cXyvJi38RZmrqVDloTeGQB/7jOP3VWbNB+bWo7rZ76I35CPzWab UGzQgyb3BulGKRoRiKY1Qv/hS25mY9TEjkq0pZH842aU8gg8e0xcj3X8DS65yeySyrV5C3+Tq4S 6mrzM0CHWGKkL/hYLgMLqBpJTpIX2JpoKrsXPfrIcRCNSDU3Y3HEjHsQesqaEiEcaN8NUPYGmh0 TreGaCCmhgrX7bEc/pYjyqOSQLGAjubGDHxSGzsLYVXo/QMS3FyB3mTA/5nQNDWCEjixb0scW/p sh2LEkejz0X1mlktZdksbpEwI62CVSPTQOHFNydEDq3X3RHVw/dHd2CyhPI63Yr72PzU2QMet/N 762thjkbxEgI2zu7o+6RtZ2Ji58LbLmD8oQKCrffM2tg= X-Received: by 2002:a05:6a20:a103:b0:342:d58b:561c with SMTP id adf61e73a8af0-3898f907cefmr14777671637.27.1768224225713; Mon, 12 Jan 2026 05:23:45 -0800 (PST) X-Google-Smtp-Source: AGHT+IFs6vdKuXiT9xGiDjo8b+a6b0Gvb8YUqfg9iXUDT1nezLkJVAiTWy1CvXHvEfiiPoDEtsOJ8w== X-Received: by 2002:a05:6a20:a103:b0:342:d58b:561c with SMTP id adf61e73a8af0-3898f907cefmr14777651637.27.1768224225286; Mon, 12 Jan 2026 05:23:45 -0800 (PST) From: Ani Sinha To: Paolo Bonzini Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 07/32] accel/kvm: add notifier to inform that the KVM VM file fd is about to be changed Date: Mon, 12 Jan 2026 18:52:20 +0530 Message-ID: <20260112132259.76855-8-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224305535158500 Content-Type: text/plain; charset="utf-8" Various subsystems might need to take some steps before the KVM file descri= ptor for a virtual machine is changed. So a new notifier is added to inform them= that kvm VM file descriptor is about to change. Subsequent patches will add callback implementations for specific components that need this notification. Signed-off-by: Ani Sinha --- accel/kvm/kvm-all.c | 25 +++++++++++++++++++++++++ accel/stubs/kvm-stub.c | 8 ++++++++ include/system/kvm.h | 15 +++++++++++++++ 3 files changed, 48 insertions(+) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index ef8e855af5..367968427b 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -127,6 +127,9 @@ static NotifierList kvm_irqchip_change_notifiers =3D static NotifierWithReturnList register_vmfd_changed_notifiers =3D NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_changed_notifiers); =20 +static NotifierWithReturnList register_vmfd_pre_change_notifiers =3D + NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_pre_change_notifie= rs); + struct KVMResampleFd { int gsi; EventNotifier *resample_event; @@ -2193,6 +2196,22 @@ static int kvm_vmfd_change_notify(Error **errp) &vmfd_notifier, errp); } =20 +void kvm_vmfd_add_pre_change_notifier(NotifierWithReturn *n) +{ + notifier_with_return_list_add(®ister_vmfd_pre_change_notifiers, n); +} + +void kvm_vmfd_remove_pre_change_notifier(NotifierWithReturn *n) +{ + notifier_with_return_remove(n); +} + +static int kvm_vmfd_pre_change_notify(Error **errp) +{ + return notifier_with_return_list_notify(®ister_vmfd_pre_change_noti= fiers, + NULL, errp); +} + int kvm_irqchip_get_virq(KVMState *s) { int next_virq; @@ -2654,6 +2673,12 @@ static int kvm_reset_vmfd(MachineState *ms) memory_listener_unregister(&kml->listener); memory_listener_unregister(&kvm_io_listener); =20 + ret =3D kvm_vmfd_pre_change_notify(&err); + if (ret < 0) { + return ret; + } + assert(!err); + if (s->vmfd >=3D 0) { close(s->vmfd); } diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c index a6e8a6e16c..7f4e3c4050 100644 --- a/accel/stubs/kvm-stub.c +++ b/accel/stubs/kvm-stub.c @@ -79,6 +79,14 @@ void kvm_irqchip_change_notify(void) { } =20 +void kvm_vmfd_add_pre_change_notifier(NotifierWithReturn *n) +{ +} + +void kvm_vmfd_remove_pre_change_notifier(NotifierWithReturn *n) +{ +} + void kvm_vmfd_add_change_notifier(NotifierWithReturn *n) { } diff --git a/include/system/kvm.h b/include/system/kvm.h index 7df162b1f7..edc3fa5004 100644 --- a/include/system/kvm.h +++ b/include/system/kvm.h @@ -587,4 +587,19 @@ void kvm_vmfd_add_change_notifier(NotifierWithReturn *= n); */ void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n); =20 +/** + * kvm_vmfd_add_pre_change_notifier - register a notifier to get notified = when + * kvm vm file descriptor is about to be changed as a part of the confiden= tial + * guest "reset" process. + * @n: notifier with return value. + */ +void kvm_vmfd_add_pre_change_notifier(NotifierWithReturn *n); + +/** + * kvm_vmfd_remove_pre_change_notifier - de-register a notifier previously + * registered with kvm_vmfd_add_pre_change_notifier. + * @n: the notifier that was previously registered. + */ +void kvm_vmfd_remove_pre_change_notifier(NotifierWithReturn *n); + #endif --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224286; cv=none; d=zohomail.com; s=zohoarc; b=h8KPaZ/horZNiIqV0NFCZDSEmAOrEEgwkJaLIdk7i/c0Ge29vC0is+RHAHPsUybSxVMwvbzXnfFGnaR/y+8KXnGxozfmwJFBeVLOOp38TfQBFEwy8gcbFrblUPM7jSgiia25wqgmqu3vZg0QNdah1GCONW53BpKB+SUqohviqmA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224286; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=IcSPzaL3tdDhSxoArxuWvrysyc9k+MnXqGfZnJng8Z4=; b=bj1wKS2VE06jlUKZ8u2zsuIWI+2Nfo/Nl/N7vRfp0Wll8wz7YhL2VF1PmTHf7N1MTbB8zCDn6L/78/lF6dRPiCNLj7IUuHmDieqUxk5OKdPw7SkuWVxt6vzeyW74x2vTXBMK5c/oylpSJoNHmQPuLTHJu9HdJMgl5wYbosGVABw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224286422557.7640835420623; Mon, 12 Jan 2026 05:24:46 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuH-0003Uk-RT; Mon, 12 Jan 2026 08:24:29 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHti-0002rQ-Md for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:56 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtg-0003jo-GW for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:53 -0500 Received: from mail-pg1-f198.google.com (mail-pg1-f198.google.com [209.85.215.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-511-B-fsx9AFOA6AZTF9GU-7sQ-1; Mon, 12 Jan 2026 08:23:49 -0500 Received: by mail-pg1-f198.google.com with SMTP id 41be03b00d2f7-c1290abb178so4687422a12.2 for ; Mon, 12 Jan 2026 05:23:49 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224230; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=IcSPzaL3tdDhSxoArxuWvrysyc9k+MnXqGfZnJng8Z4=; b=YQ1DPGKhwFFV8kl9uPVKu8sl8HDseFggh7ypLoFXEpFjIX8gIR5AGSdQ2rgCMgPzMLDKWJ fYkNVF8+lLcPnW938VabAXXVYuW2EZORzYYPhdqeVGRFsWV2fCR26q0q4jfBZVbpgalEYN WW9WYMTMllvP9F7qS91iJmmlgww19yM= X-MC-Unique: B-fsx9AFOA6AZTF9GU-7sQ-1 X-Mimecast-MFC-AGG-ID: B-fsx9AFOA6AZTF9GU-7sQ_1768224228 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224228; x=1768829028; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=IcSPzaL3tdDhSxoArxuWvrysyc9k+MnXqGfZnJng8Z4=; b=NIJIBzya6wm7HCBtgoPDriDfaPvjUZiqfEiIEkQKWzS+fw9ALLp3H5dxsxgfpJ/RSr GWDjKa/ykTCf7TJ5uA9KCTLcdCIETCnIu3ciHqc7ZZ+HR9ZyqYY8MQRf7pYFMoUVxFfh MPXSmHHVFhIOVMi/3RKXDRLN5dwg6Z0Qi+fw682eGsODOvixlS58w34gEUtMIc2KVLKh cr4iC5k9NuOLKkkeGtHsCAaRSvrFGUFPqVLU9iP55XH5GSREVIguzI5hNaw9Vn4svcWB kSDrkyVrdph00FAAgpNsUbVqr6JflOYNl4hOtXz9/vx5FTXI337nm6znXbBeYp4JFsD0 NwNg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224228; x=1768829028; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=IcSPzaL3tdDhSxoArxuWvrysyc9k+MnXqGfZnJng8Z4=; b=Qlv1Q4zI0rb4rbVIBqY+jdVQ/jgLTZ4KhgkQryl7AOIGBMT0Wk9PqcjOV/EdolKmZu I0ufmtnLN/H+yJ90kQvEaEVHqdmnvyjzeQlNRrfLKVEcO1sRbxX1EPGiS9y7J4oG4Rh4 r5Ucjwj0YgNbRuFCfzL+oBnnTS5sCZMapKSjzxA3/MMq81k/W0pf33iU8p1Y+PlzgpX0 FJHr2ENW0gTKhevCF+fCWC49zHOlRkM6W/Ccb2FnKiDwyBYbw2FDtSG0lbE2Y/x9eLrM hzf4+hlwypEgcx/IUvj1R8gtn/oT15TohhnG9gqv/HrbE9BzcLbfQH5enu6I/flq1Df7 8SlA== X-Forwarded-Encrypted: i=1; AJvYcCXbntYquIeR4fepRWPQwVrLd3iiXh6twGBPdkCRm57rSZ9qJbCLTkmJak08BoxjmRqpmjLuNqgukFzb@nongnu.org X-Gm-Message-State: AOJu0YzwgKAmY17uhMH2zFkzi16i60xY2B3/lGuUC6a7mgvxC9Svf14O K5VEeE7crAmlZIML9k4z1JXESeSncRkBFHaYh3I1blyJoz1z/SxbBPehCkhpZaWUCEzXJxvZtlw PnTzrv5uSZsN9zIAogk/wo8ntwFFVCylvbKBcKpgrYaxcwf+sORoQPOPo X-Gm-Gg: AY/fxX7uOX/3huz1vNut2Jwo7+tGckTacLHuMUGws1EKDCwm+ApJ6UXgJy/JL+4BaNz akUZvYG3rGLXpXOtAloHoxElXDgxMA2H7418vC9QZQSid5hVW5gjMKEaBtBEsRRLjOWtt0V8XQo tvGxGrKrSr6tugCGXTFLNu84J+V1+ttI6Ly5yOCFzc5SCnWdUAbJhj/o0uDIksZwphBGH+whp4n Od01iFa51/kzq/zvCKg9j/Lq4A4ERcmsGu+WMIbWugDoCeUz8nyJ8HlRGMuo2JmBoHMWyNcns1h aqvdOqHt2erVvwaQuHY3kzj/m6So2MgCu5hAScckKDy+/jBM5WNPvbq7RwrSls8iXx8a7cz6FYO iP+qJ415a0fMVDai8Ak9XLvfQkUv/XL6bG56wGuB0PXU= X-Received: by 2002:a05:6a20:7f9a:b0:35d:b5a1:a61d with SMTP id adf61e73a8af0-3898f91b4c0mr17844578637.26.1768224228101; Mon, 12 Jan 2026 05:23:48 -0800 (PST) X-Google-Smtp-Source: AGHT+IGLoLDLLXWJii1UGy/1Y4n9jx/3GMA07Q3THZ5tL3NC3wN6HPLqvOEWGOm5zr8R6DDH6syVkg== X-Received: by 2002:a05:6a20:7f9a:b0:35d:b5a1:a61d with SMTP id adf61e73a8af0-3898f91b4c0mr17844560637.26.1768224227677; Mon, 12 Jan 2026 05:23:47 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 08/32] i386/kvm: unregister smram listeners prior to vm file descriptor change Date: Mon, 12 Jan 2026 18:52:21 +0530 Message-ID: <20260112132259.76855-9-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224287389158500 Content-Type: text/plain; charset="utf-8" We will re-register smram listeners after the VM file descriptors has chang= ed. We need to unregister them first to make sure addresses and reference count= ers work properly. Signed-off-by: Ani Sinha --- target/i386/kvm/kvm.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 6aa17cecba..89f9e11d3a 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -113,6 +113,11 @@ typedef struct { static void kvm_init_msrs(X86CPU *cpu); static int kvm_filter_msr(KVMState *s, uint32_t msr, QEMURDMSRHandler *rdm= sr, QEMUWRMSRHandler *wrmsr); +static int unregister_smram_listener(NotifierWithReturn *notifier, + void *data, Error** errp); +NotifierWithReturn kvm_vmfd_pre_change_notifier =3D { + .notify =3D unregister_smram_listener, +}; =20 const KVMCapabilityInfo kvm_arch_required_capabilities[] =3D { KVM_CAP_INFO(SET_TSS_ADDR), @@ -2749,6 +2754,13 @@ static void register_smram_listener(Notifier *n, voi= d *unused) } } =20 +static int unregister_smram_listener(NotifierWithReturn *notifier, + void *data, Error** errp) +{ + memory_listener_unregister(&smram_listener.listener); + return 0; +} + /* It should only be called in cpu's hotplug callback */ void kvm_smm_cpu_address_space_init(X86CPU *cpu) { @@ -3401,6 +3413,8 @@ int kvm_arch_init(MachineState *ms, KVMState *s) } } =20 + kvm_vmfd_add_pre_change_notifier(&kvm_vmfd_pre_change_notifier); + return 0; } =20 --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224401; cv=none; d=zohomail.com; s=zohoarc; b=khkN2XqSQGFBdJVxPITWY2ZdBaUE9wsOkIOQmc87+RmwhKY1QbTyEpaAogbKYjFeqHyvZ6gYU0GrjDFNXVtdEPCkofwRqbqFa1Sa4Z+gUegPb1BGCYa9Yei71amm1wocLvFcaIIY0fk1fUtkvkmEHnZsa3EDoG0v42vo3TAtgXo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224401; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=Zl/mQjtvR/EBMVt9nhPm03gwedh0vVVOzpLgcWm0+Gg=; b=aJs1BvWCcjbI/mkLKBkKd/zVkx0nNm5Usit6aMv9JJKkixMD+u9OnY6W/HE68v+Orsx9qGW1FDhjN9/5BKeoB9DqqHZEEb7FJ7NUbXjRGulVbKmPoHG1ypfiDcboCO5xwXmxlwS2KGaUv2BB97hDOQja83BDL5zGMpdfsxnsmtA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224401399241.50442339725123; Mon, 12 Jan 2026 05:26:41 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuH-0003Th-KB; Mon, 12 Jan 2026 08:24:29 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtk-0002ua-9R for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:56 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHti-0003k8-G1 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:56 -0500 Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com [209.85.215.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-586-DInrUm2QPBOHu1jivmbWmQ-1; Mon, 12 Jan 2026 08:23:51 -0500 Received: by mail-pg1-f197.google.com with SMTP id 41be03b00d2f7-c5291b89733so2622030a12.0 for ; Mon, 12 Jan 2026 05:23:51 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224232; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Zl/mQjtvR/EBMVt9nhPm03gwedh0vVVOzpLgcWm0+Gg=; b=Lh87aMuDpr4hIju7M+W+3l7hEn0X2DUpn6kTshrXSrI8FU5r5BNeHrclPcHSJQVUv3mY/g bi5y09H6/YLcS8Rt/SEF93fLWPxPLXxHezg9z4y30QZDBd4JhUDewUl/GbUWLTSS2MA7Uh i+F05GqS36IV/Rfa45NphU3zwcJprlU= X-MC-Unique: DInrUm2QPBOHu1jivmbWmQ-1 X-Mimecast-MFC-AGG-ID: DInrUm2QPBOHu1jivmbWmQ_1768224231 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224231; x=1768829031; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Zl/mQjtvR/EBMVt9nhPm03gwedh0vVVOzpLgcWm0+Gg=; b=uJgi1QlnFSn2ZXMbA83ZAjbtdSztyTWKxD9qUx2QPxFsmyl49wKupCJWKFoyy8/rpx IiWnzTho/6x/q2wkB2sWIa1wVuh2qXOh8i5j/y7Ee/Le+rR5ZVnh3Y6lvObKhKon+kd+ okvAu5mFNKGo7ge5Ddp98tb5ZoF1XcjGeTxcdg/wuvKjpFLuq1OVTIBZ5bsF/XdVSv1w 4PmxEMvSYCWNk+SeA4r4Ew0hruPv+ZlFWO84URSTNIVgIDKrXJvtsuWIR/eg40Y/3VYf 3gk+968eYqHvp1V3BIcUK0Q9Yy1L0Af1FlIroAeln+iU4OqUzbbXYQmIqEPoZe+GLIf3 VZEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224231; x=1768829031; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Zl/mQjtvR/EBMVt9nhPm03gwedh0vVVOzpLgcWm0+Gg=; b=XQ7CP3aJk1+1uCrzmSMMFq9a63ZuOPgNEp3jkhAveshtxV5Lsn9Cm3GTnlT7YoF4PF QhDfv9bgGJsVqUW0DltZWDreqGPouLiCVsIDe/9aOh6ekKAoeixeqRk1oH1ULiZ+BByC vK0llJQ/kABTME7RKSkmj/Cg+g8/NcBJlfEesScjeo8vc6F4c1zm2KeUGytg9IrxEkci B66XlLPj0pzscrYPexiP0Dnm61W/5kedROop/d7zDuKAnhH2/mndlPLWrlJJr05jbZL4 I0gj6ZL24NR3rSA22TKcuEM1jrpZJlE0RAs432bX7MZRZ34DzzL0efazR3pB5zyUawFE 5Qfg== X-Forwarded-Encrypted: i=1; AJvYcCUcr2/r53NXVgg5DaikDAAt11eOlFy7sY04U7aVU6s4C1hwf0Ht2Is3IOjEmT9Oxdfp4m8XMLEk5NXP@nongnu.org X-Gm-Message-State: AOJu0Ywp4Rt/9os6x0yZ2K+clvlPbDECeUKpVN4SJFLEr0wqsKWtEEM9 r4Z+OhS/EUim59zyHL8mZpYGJFql4RhGokkF2Gc1ycRovoRG4i9yZoySD8w3Q95ztMTmoCiI+AY +csNtSKp9CvbQtVbHu7gjIK80iBCL+KI9rbaS5zLf4D7v98nr8PH2a95p X-Gm-Gg: AY/fxX47J0xnnnqRjpFYDaK4HFZByqqSKn9BwDZKiYz/PdVImSoTL6SR8FwZgMxXsLc eMp3yoebfjFUSCz5wHGZY3WtPBKF9aBxOArFDXJisGGJ7Kjk2Vw2mE3NbvtK2ZfgMsLKH8p/3uu 6/dgF1lUTF+DekUoPnW5GqGniPYf/uehbG5N5haAV/jAZ1nWEuyKPDqGRIWAldOuyUfChEdXhJ/ MI1wWwKFDH1N5c8n31wft5UWTRIgCf2GWsqtiWIIMlIJvM0RxvnG8Yqz9FucyYDwXc0B6xihfut IuklOSbIN5UvVySi4l+c2UhiB1FdfP//YGfy0R4GI9ljFK1/TCKMSjTdx2upbwxwxnAyf1Aot8c NCwafVduUExVnTiyOEv322xBRQwfddyvTq5ts2zuUhLw= X-Received: by 2002:a05:6a20:7291:b0:342:873d:7e62 with SMTP id adf61e73a8af0-3898f907d2dmr16152485637.29.1768224230539; Mon, 12 Jan 2026 05:23:50 -0800 (PST) X-Google-Smtp-Source: AGHT+IHNkZpUCKhcs1ijrkrd4+d1SBMbbxDyfcLyQALQcYQ7NIvDrlosKRvZfpN7YcfBYYgnGd4PjA== X-Received: by 2002:a05:6a20:7291:b0:342:873d:7e62 with SMTP id adf61e73a8af0-3898f907d2dmr16152464637.29.1768224230110; Mon, 12 Jan 2026 05:23:50 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 09/32] kvm/i386: implement architecture support for kvm file descriptor change Date: Mon, 12 Jan 2026 18:52:22 +0530 Message-ID: <20260112132259.76855-10-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224430701158500 Content-Type: text/plain; charset="utf-8" When the kvm file descriptor changes as a part of confidential guest reset, some architecture specific setups including SEV/SEV-SNP/TDX specific setups needs to be redone. These changes are implemented as a part of the kvm_arch_vmfd_change_ops() call which was introduced previously. Signed-off-by: Ani Sinha --- target/i386/kvm/kvm.c | 135 +++++++++++++++++++++++++++++++---- target/i386/kvm/trace-events | 1 + 2 files changed, 122 insertions(+), 14 deletions(-) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 89f9e11d3a..4fedc621b8 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -3265,14 +3265,132 @@ static int kvm_vm_enable_energy_msrs(KVMState *s) return 0; } =20 +static int xen_init_wrapper(MachineState *ms, KVMState *s); + int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s) { - abort(); + Error *local_err =3D NULL; + int ret; + + /* + * Initialize confidential context, if required + * + * If no memory encryption is requested (ms->cgs =3D=3D NULL) this is + * a no-op. + * + */ + if (ms->cgs) { + ret =3D confidential_guest_kvm_init(ms->cgs, &local_err); + if (ret < 0) { + error_report_err(local_err); + return ret; + } + } + + ret =3D kvm_vm_enable_exception_payload(s); + if (ret < 0) { + return ret; + } + + ret =3D kvm_vm_enable_triple_fault_event(s); + if (ret < 0) { + return ret; + } + + if (s->xen_version) { + ret =3D xen_init_wrapper(ms, s); + if (ret < 0) { + return ret; + } + } + + ret =3D kvm_vm_set_identity_map_addr(s, KVM_IDENTITY_BASE); + if (ret < 0) { + return ret; + } + + ret =3D kvm_vm_set_tss_addr(s, KVM_IDENTITY_BASE + 0x1000); + if (ret < 0) { + return ret; + } + ret =3D kvm_vm_set_nr_mmu_pages(s); + if (ret < 0) { + return ret; + } + + if (object_dynamic_cast(OBJECT(ms), TYPE_X86_MACHINE) && + x86_machine_is_smm_enabled(X86_MACHINE(ms))) { + memory_listener_register(&smram_listener.listener, + &smram_address_space); + } + + if (enable_cpu_pm) { + ret =3D kvm_vm_enable_disable_exits(s); + if (ret < 0) { + error_report("kvm: guest stopping CPU not supported: %s", + strerror(-ret)); + return ret; + } + } + + if (object_dynamic_cast(OBJECT(ms), TYPE_X86_MACHINE)) { + X86MachineState *x86ms =3D X86_MACHINE(ms); + + if (x86ms->bus_lock_ratelimit > 0) { + ret =3D kvm_vm_enable_bus_lock_exit(s); + if (ret < 0) { + return ret; + } + } + kvm_set_max_apic_id(x86ms->apic_id_limit); + } + + if (kvm_check_extension(s, KVM_CAP_X86_NOTIFY_VMEXIT)) { + ret =3D kvm_vm_enable_notify_vmexit(s); + if (ret < 0) { + return ret; + } + } + + if (kvm_vm_check_extension(s, KVM_CAP_X86_USER_SPACE_MSR)) { + ret =3D kvm_vm_enable_userspace_msr(s); + if (ret < 0) { + return ret; + } + + if (s->msr_energy.enable =3D=3D true) { + ret =3D kvm_vm_enable_energy_msrs(s); + if (ret < 0) { + return ret; + } + } + } + + trace_kvm_arch_vmfd_change_ops(); + return 0; +} + +static int xen_init_wrapper(MachineState *ms, KVMState *s) +{ + int ret =3D 0; +#ifdef CONFIG_XEN_EMU + if (!object_dynamic_cast(OBJECT(ms), TYPE_PC_MACHINE)) { + error_report("kvm: Xen support only available in PC machine"); + return -ENOTSUP; + } + /* hyperv_enabled() doesn't work yet. */ + uint32_t msr =3D XEN_HYPERCALL_MSR; + ret =3D kvm_xen_init(s, msr); +#else + error_report("kvm: Xen support not enabled in qemu"); + return -ENOTSUP; +#endif + return ret; } =20 bool kvm_arch_supports_vmfd_change(void) { - return false; + return true; } =20 int kvm_arch_init(MachineState *ms, KVMState *s) @@ -3308,21 +3426,10 @@ int kvm_arch_init(MachineState *ms, KVMState *s) } =20 if (s->xen_version) { -#ifdef CONFIG_XEN_EMU - if (!object_dynamic_cast(OBJECT(ms), TYPE_PC_MACHINE)) { - error_report("kvm: Xen support only available in PC machine"); - return -ENOTSUP; - } - /* hyperv_enabled() doesn't work yet. */ - uint32_t msr =3D XEN_HYPERCALL_MSR; - ret =3D kvm_xen_init(s, msr); + ret =3D xen_init_wrapper(ms, s); if (ret < 0) { return ret; } -#else - error_report("kvm: Xen support not enabled in qemu"); - return -ENOTSUP; -#endif } =20 ret =3D kvm_get_supported_msrs(s); diff --git a/target/i386/kvm/trace-events b/target/i386/kvm/trace-events index 74a6234ff7..1f4786f687 100644 --- a/target/i386/kvm/trace-events +++ b/target/i386/kvm/trace-events @@ -6,6 +6,7 @@ kvm_x86_add_msi_route(int virq) "Adding route entry for vir= q %d" kvm_x86_remove_msi_route(int virq) "Removing route entry for virq %d" kvm_x86_update_msi_routes(int num) "Updated %d MSI routes" kvm_hc_map_gpa_range(uint64_t gpa, uint64_t size, uint64_t attributes, uin= t64_t flags) "gpa 0x%" PRIx64 " size 0x%" PRIx64 " attributes 0x%" PRIx64 "= flags 0x%" PRIx64 +kvm_arch_vmfd_change_ops(void) "" =20 # xen-emu.c kvm_xen_hypercall(int cpu, uint8_t cpl, uint64_t input, uint64_t a0, uint6= 4_t a1, uint64_t a2, uint64_t ret) "xen_hypercall: cpu %d cpl %d input %" P= RIu64 " a0 0x%" PRIx64 " a1 0x%" PRIx64 " a2 0x%" PRIx64" ret 0x%" PRIx64 --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224701; cv=none; d=zohomail.com; s=zohoarc; b=STCuyMOfLKxFGzsSXWMw0JCjvcDyyDtnZDdSp5EfT5dPLohloeDost3Q1iaxlvPcmZzhsiTVAva+UXmYGflH5OS1D2QBJ15Aq5sjNBQboHko/sVId0LM68eOzx2Y9ttM3YW0flBs08EyhYTZeS+D5VU3PjzQew1Xxjwawr+EZBQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224701; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=Ee0IX6hHvccl+8/XECntlTv5CCz3pvXb+gKT8FpLR4Y=; b=hjnwPyv/t2piEQGzX7pwK9yXI06miizMHuYpKLEleTzGugdwnursmoJwA1HmVCy+136lbmXwrRL/z32h6vzO37towKo44tt6CGrDBnsAob39FCAGV+LvGMRs6HcK/FhEk/P+fwp6ZDFUpl9Hz7VWQql7OKNhhaiF7oucUs+Vn5A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224701291432.93145431895005; Mon, 12 Jan 2026 05:31:41 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuI-0003XA-Dr; Mon, 12 Jan 2026 08:24:30 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtm-0002yY-CP for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:00 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtk-0003kb-Jn for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:23:58 -0500 Received: from mail-pf1-f198.google.com (mail-pf1-f198.google.com [209.85.210.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-187-wO_3CC98OcOHm8MD0GoYwA-1; Mon, 12 Jan 2026 08:23:54 -0500 Received: by mail-pf1-f198.google.com with SMTP id d2e1a72fcca58-81f53036ac9so743074b3a.3 for ; Mon, 12 Jan 2026 05:23:54 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224235; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Ee0IX6hHvccl+8/XECntlTv5CCz3pvXb+gKT8FpLR4Y=; b=h2xYiHp4XyfVAVBvRt6/nyYwrsyM9xZUaOElmByZSl629nUpvMYPBWIo8rai2rW0cqmDWQ 5wskM5WqNxRRzdbQRGvFUQtwMWpsdoKgY9KUM6v3rE5EdKXYIm2OJ8kid0PZU9cdOCStTc N0TkO1kQVKkyNvE4j37j3/wlgOxuDeI= X-MC-Unique: wO_3CC98OcOHm8MD0GoYwA-1 X-Mimecast-MFC-AGG-ID: wO_3CC98OcOHm8MD0GoYwA_1768224233 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224233; x=1768829033; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Ee0IX6hHvccl+8/XECntlTv5CCz3pvXb+gKT8FpLR4Y=; b=O173YkY4qy/61e7Y1CQbGejMWKXa/WSmOdafLN5iqd4aOxR4RT1UVLO4PXCJqxiyax ktFiPD7l7b/FPAigVa+cybEU+M9qvjbAcKdBJujq5ERwzjMIAqYLF8dzxcU4VLsjHQJN 3uSTwgBAILebqDQn2DUY31f6Cobx2LTiGaiwcwF9bYxTjc6W5PalNp6nzqsSKQ6NmoPs 8bfDyc/URB0FPptQcnXx1ldEE1L5sAlNRAMGtL/Ny4Snuczeo3uzP/C4G3WyuXp7f4FJ p+cKWbteGsVSybDCv4WY2suyku/qVanuF950ukf3+nnH0rLkndwyKaqyajgg1gGvwomt Us4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224233; x=1768829033; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Ee0IX6hHvccl+8/XECntlTv5CCz3pvXb+gKT8FpLR4Y=; b=tcdfyA97v8oqkui3MeMfB587KLRwgtzhFVhoo+hB4TQ+qSKaVhtqg3xS0GUr9tn1Ex rXT0EB+XzeTo+ekuyP/wvYf9hpf0dmYrNndC2siCkZGS9eka4+5vwT1KHYapGfz/8rcp Q4m0cVWpw6AJ9W6fRRNKq7wPXmUsz4+WDsJ8modQ7HP/KV7kMI0LeX/mI/ZlexDH9I7/ yar1WmgdnSK7dcs0EdevBM6du9Uny+LYXj/rfrZSieFS5GPziKeRdRDW3G4edA6ucitk 4jAYz/l6juvRDzLGh7384e2x5tfIX+5k44h+ASE+bXs1eKpLMYcJSd58EnowNclzpbT1 Yckw== X-Forwarded-Encrypted: i=1; AJvYcCX+Nz4J7xpDET7liUaH9iAS9Tl/ol+wTHeexORYRsyhcE8wo3nHiiHLOgKq8CAqXmkgYpU61lNirTpb@nongnu.org X-Gm-Message-State: AOJu0YwQox87hmsjlRBda2TfrEdniBlMuvRxFh2fL4lXYNMHS+1D/8xE kfWK1yMpzNgpS4sYd1HLD/HdBcXgT4vvJ7Kh+amJTpV/u21BF9FB93liE+e+bDk2Km5wtn7OG4I qOEgEFaoO0FbAE+gTT5Kgo1JVW07uv+laiPhR3lwQHLPPb92OCFmadS7c X-Gm-Gg: AY/fxX6HqjqLl45N4ZnMKtFEc1b00TdPLcOjU8zQ8evmKgYu657gMt3MjhGhO8HL5D/ yfz3jPKMF1AtrL6+BU1mqBrwIbTZW4TKoQ739ANrQlKnDhxkpJsclFGXewllj6dSU0d0cwVa8f3 SljXWepmTXeNTxPhQ2zb8INawnsp8+yPxR0zvgL+o27qpHOGLgVC+M7aj27f/hnokfmD4DwH9ib NU6+Ur6FUamQ6AVdJAVuwBXWqOPT+KL5A9M16z4SUyVDFKYPML1OFzbt3oeI95+8VQnYqJYgL64 o4zVhOSGKwGa3HddnnMPbws1E09CTF2yh9oPMFrtYe3iemZACYYgn8yEotl9e/n2gzbnaCPj5nn HbAJARHpLwsEX9kRHq+thD6RxosvL/KoOhyzwWtZD83o= X-Received: by 2002:a05:6a20:94c7:b0:33b:f418:c3e8 with SMTP id adf61e73a8af0-3898fa3a727mr15355686637.60.1768224233342; Mon, 12 Jan 2026 05:23:53 -0800 (PST) X-Google-Smtp-Source: AGHT+IFW5IqFVqSN65pDtE4PGMuY4aLgQBtBKkuKUPKSprVXmrxY+oO9PSVPyRmtfS9T8y5SFQHikQ== X-Received: by 2002:a05:6a20:94c7:b0:33b:f418:c3e8 with SMTP id adf61e73a8af0-3898fa3a727mr15355671637.60.1768224233014; Mon, 12 Jan 2026 05:23:53 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Richard Henderson , Eduardo Habkost , "Michael S. Tsirkin" , Marcel Apfelbaum Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 10/32] hw/i386: refactor x86_bios_rom_init for reuse in confidential guest reset Date: Mon, 12 Jan 2026 18:52:23 +0530 Message-ID: <20260112132259.76855-11-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224703537158500 Content-Type: text/plain; charset="utf-8" For confidential guests, bios image must be reinitialized upon reset. This is because bios memory is encrypted and hence once the old confidential kvm context is destroyed, it cannot be decrypted. It needs to be reinitiliz= ed. In order to do that, this change refactors x86_bios_rom_init() code so that parts of it can be called during confidential guest reset. Signed-off-by: Ani Sinha --- hw/i386/x86-common.c | 50 ++++++++++++++++++++++++++++++++----------- include/hw/i386/x86.h | 5 ++++- 2 files changed, 41 insertions(+), 14 deletions(-) diff --git a/hw/i386/x86-common.c b/hw/i386/x86-common.c index c1c9224039..e58ab846d2 100644 --- a/hw/i386/x86-common.c +++ b/hw/i386/x86-common.c @@ -1024,17 +1024,11 @@ void x86_isa_bios_init(MemoryRegion *isa_bios, Memo= ryRegion *isa_memory, memory_region_set_readonly(isa_bios, read_only); } =20 -void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar= e, - MemoryRegion *rom_memory, bool isapc_ram_fw) +int get_bios_size(X86MachineState *x86ms, + const char *bios_name, char *filename) { - const char *bios_name; - char *filename; int bios_size; - ssize_t ret; =20 - /* BIOS load */ - bios_name =3D MACHINE(x86ms)->firmware ?: default_firmware; - filename =3D qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); if (filename) { bios_size =3D get_image_size(filename, NULL); } else { @@ -1044,6 +1038,20 @@ void x86_bios_rom_init(X86MachineState *x86ms, const= char *default_firmware, (bios_size % 65536) !=3D 0) { goto bios_error; } + + return bios_size; + + bios_error: + fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name); + exit(1); +} + +void load_bios_from_file(X86MachineState *x86ms, const char *bios_name, + char *filename, int bios_size, bool isapc_ram_fw) +{ + ssize_t ret; + + /* BIOS load */ if (machine_require_guest_memfd(MACHINE(x86ms))) { memory_region_init_ram_guest_memfd(&x86ms->bios, NULL, "pc.bios", bios_size, &error_fatal); @@ -1072,7 +1080,26 @@ void x86_bios_rom_init(X86MachineState *x86ms, const= char *default_firmware, goto bios_error; } } - g_free(filename); + + return; + + bios_error: + fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name); + exit(1); +} + +void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar= e, + MemoryRegion *rom_memory, bool isapc_ram_fw) +{ + int bios_size; + const char *bios_name; + char *filename; + + bios_name =3D MACHINE(x86ms)->firmware ?: default_firmware; + filename =3D qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); + + bios_size =3D get_bios_size(x86ms, bios_name, filename); + load_bios_from_file(x86ms, bios_name, filename, bios_size, isapc_ram_f= w); =20 if (!machine_require_guest_memfd(MACHINE(x86ms))) { /* map the last 128KB of the BIOS in ISA space */ @@ -1084,9 +1111,6 @@ void x86_bios_rom_init(X86MachineState *x86ms, const = char *default_firmware, memory_region_add_subregion(rom_memory, (uint32_t)(-bios_size), &x86ms->bios); + g_free(filename); return; - -bios_error: - fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name); - exit(1); } diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h index 0dffba95f9..86f14a7d87 100644 --- a/include/hw/i386/x86.h +++ b/include/hw/i386/x86.h @@ -122,7 +122,10 @@ void x86_cpu_unplug_request_cb(HotplugHandler *hotplug= _dev, DeviceState *dev, Error **errp); void x86_cpu_unplug_cb(HotplugHandler *hotplug_dev, DeviceState *dev, Error **errp); - +int get_bios_size(X86MachineState *x86ms, + const char *bios_name, char *filename); +void load_bios_from_file(X86MachineState *x86ms, const char *bios_name, + char *filename, int bios_size, bool isapc_ram_fw); void x86_isa_bios_init(MemoryRegion *isa_bios, MemoryRegion *isa_memory, MemoryRegion *bios, bool read_only); void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar= e, --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224402; cv=none; d=zohomail.com; s=zohoarc; b=HoOOdvZsOl3CzwO7ut5N3e+3tCJziV/9nFnv1tDrE91cyP4DrQUxXlqvRsMG5GVFAQWFOPYTjtUmK5jznsQEl/nG+T+q/wkAwbq2h/auc1cs/hAWY6ww1A99vq6XhYdXPU806bKUKgPZ+xsXzI2vrhFvcgk1hjpi474KUiVqsaM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224402; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=APFw32lDHGb6vJ+fHAcwZMep7Yabt12YehNL48qlxeE=; b=jr+Ly9ZxcNWXFyQwUM4n4+v8YAHFdm6KZ0+WYym2bndbjxCQZV4NhulCJnt1dQbUBjI4pRJeyo4pBiWhcKO60JvzQ1LkbRPezooR12zMcvleukDM9yFKhjH0OBevLgQ8yCgltM2i3oSlOpZXFPawLKZTwM42XBrDQTVnJPq71YM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224402045239.17652890564693; Mon, 12 Jan 2026 05:26:42 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuK-0003fR-LH; Mon, 12 Jan 2026 08:24:32 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHto-0002zt-Nk for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:02 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtn-0003l5-A9 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:00 -0500 Received: from mail-pf1-f198.google.com (mail-pf1-f198.google.com [209.85.210.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-220-2dyuJqSbNeKKfix8242qeA-1; Mon, 12 Jan 2026 08:23:57 -0500 Received: by mail-pf1-f198.google.com with SMTP id d2e1a72fcca58-81f404f4165so1139377b3a.3 for ; Mon, 12 Jan 2026 05:23:56 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224238; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=APFw32lDHGb6vJ+fHAcwZMep7Yabt12YehNL48qlxeE=; b=chvy+x43U+fISDM/pQS0kH07dwd4Ik+bupte/yyQHVdhNs76vCP+FIGA0oxQhiH71ZmRDP dKyLRZTbm2tnE3DlwWK6OUVvU3oGAf4Vo2rcbgua04gpXRkMBK9nHhMF9ioDispo9Hb2RV 0Nbt2JT/yGvPze3/q9poZL4uKM9rKN8= X-MC-Unique: 2dyuJqSbNeKKfix8242qeA-1 X-Mimecast-MFC-AGG-ID: 2dyuJqSbNeKKfix8242qeA_1768224236 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224236; x=1768829036; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=APFw32lDHGb6vJ+fHAcwZMep7Yabt12YehNL48qlxeE=; b=rUPyzJWxAHxviaCBY7VemyDpv1FYogvVQUAwWRQdRQpTMZgeuBEt9LtAS1A9g/kccR I1lrt/PpYL5fcDcZ7aO/Waz6QuPCAt52bEgHSk6iBWjpKb4EWJcI8jW2IdnVsESRDD4a twVnFO4LEphW8KbQ0jjAliLhiNlo9MRmzrs1DNdf1sIpZDeBtr4A/nOHntx0WhCrR1uD E+LYn1bK+gp1a7HBAN1z1CDR6eAvAesKMtyZXMqoqwBfMZc46R1VCN0mjqVebX1tH4c+ FwizijJ3wvclYd1HPa6Nkc2LRhB/i0tLWwESGROap/b3R0RpjN39aNYjc0cG+2NZ16Ib luIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224236; x=1768829036; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=APFw32lDHGb6vJ+fHAcwZMep7Yabt12YehNL48qlxeE=; b=herZUKsx0LiGexaWoDCjPsZTx2B++GXnYGgJSMGyuE9QjhHh+fJeTnvVvSs//CSe8n l86X0Wv4iEI2K/z2sDnNeYzasDo94IYoUlhWnyVFVeI+lrA8c6olZd+8ZMHz1zgheuTt SQegiGt5sc72wvkJUVoRgBdCISQVC/BwS+V2DRCAYeYad4rMPJD2DcxT7IaIFky6Ku3u 6iQkaw6EYFDvMDlgkFGa2iWSr/FugNm+6vpFVpOULDZM5TuvtQW05zjbn6Uoj/DrFT2t tU7Q7OpfijhrCtupf9/QYDwtmmnVoC99QBmtHF9xDAVlVFOAqKeQKxbzYoe8yVsGxcJ7 fqwQ== X-Forwarded-Encrypted: i=1; AJvYcCWHR5DzyfmxMWVHIbPm9DyBvlC9tU/GeUDWjpg5j6C5lKmIUrsbvzGAh9bJA8SXDvdMeQJ4dYBe1rZZ@nongnu.org X-Gm-Message-State: AOJu0Yxya0r7xc76lbK2zCEieT38j0mZffxnsFRXUbCJFUl22BlVNvyG FmL5mgsvBk7STrq0j+aT6ko4FjS2BAKNGktWCUGJN29p9Px4kh4TDnoc4gWqhRTV7XQTXx3mByp idMXfOYdBpIr7xE8oHGlKrLge8C+0Zf6Lyw+t/CrgwJ/rftcfHPXKcoYt X-Gm-Gg: AY/fxX5LDK6afaFtc8Ny0H8xIs6s1UHfu1imsYIx+5UkBd3AJF9ADKlHok29CNjMH62 NQCqTT4Qwo3Q00BH2kd0Xwx/vRZzVkf5yQhJq7TcAkZEDWogSaJw+93MJt9ftrYZhQ3EtAwIcb9 HeKcFluknliooLljXuA8emE6I1j7XI8mHCe2E41XE3ionlFx6dz6/fgizYpwbD1Gl7sDDYQb77S FfLQMRCPtAl7XxSHygEQZj0Nxk3cI/5mCJKrS2VwNysKBC5HlIkOaVr3WPTvF9m5peVrWK2xDs9 A1AGoKuNKNaDuEz3sXAF/tvFfiTI1pvYt+3IsriZFeiqTZGW5StHnkyabEs6Sp+4BQbJh2dBlY2 VWWMY4a+1SLza345QIYc9YTqBaZ4aDYoU6AY6Kwz8x0Y= X-Received: by 2002:a05:6a20:7d86:b0:334:9b5d:3876 with SMTP id adf61e73a8af0-3898f8f5751mr15608236637.4.1768224235803; Mon, 12 Jan 2026 05:23:55 -0800 (PST) X-Google-Smtp-Source: AGHT+IHdnnEq/+4QREmK7Kwrw2WpnnCo0brli7EYMdGC71kOXLi8N0UspIFsrwXTnchK1WCgIs9ahA== X-Received: by 2002:a05:6a20:7d86:b0:334:9b5d:3876 with SMTP id adf61e73a8af0-3898f8f5751mr15608223637.4.1768224235424; Mon, 12 Jan 2026 05:23:55 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 11/32] kvm/i386: reload firmware for confidential guest reset Date: Mon, 12 Jan 2026 18:52:24 +0530 Message-ID: <20260112132259.76855-12-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224404103158501 Content-Type: text/plain; charset="utf-8" When IGVM is not being used by the confidential guest, the guest firmware h= as to be reloaded explictly again into memory. This is because, the memory into which the firmware was loaded before reset was encrypted and is thus lost upon reset. When IGVM is used, it is expected that the IGVM will contain the guest firmware and the execution of the IGVM directives will set up the gue= st firmware memory. Signed-off-by: Ani Sinha --- target/i386/kvm/kvm.c | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 4fedc621b8..46c4f9487b 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -51,6 +51,8 @@ #include "qemu/config-file.h" #include "qemu/error-report.h" #include "qemu/memalign.h" +#include "qemu/datadir.h" +#include "hw/core/loader.h" #include "hw/i386/x86.h" #include "hw/i386/kvm/xen_evtchn.h" #include "hw/i386/pc.h" @@ -3267,6 +3269,22 @@ static int kvm_vm_enable_energy_msrs(KVMState *s) =20 static int xen_init_wrapper(MachineState *ms, KVMState *s); =20 +static void reload_bios_rom(X86MachineState *x86ms) +{ + int bios_size; + const char *bios_name; + char *filename; + + bios_name =3D MACHINE(x86ms)->firmware ?: "bios.bin"; + filename =3D qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); + + bios_size =3D get_bios_size(x86ms, bios_name, filename); + + void *ptr =3D memory_region_get_ram_ptr(&x86ms->bios); + load_image_size(filename, ptr, bios_size); + x86_firmware_configure(0x100000000ULL - bios_size, ptr, bios_size); +} + int kvm_arch_vmfd_change_ops(MachineState *ms, KVMState *s) { Error *local_err =3D NULL; @@ -3285,6 +3303,16 @@ int kvm_arch_vmfd_change_ops(MachineState *ms, KVMSt= ate *s) error_report_err(local_err); return ret; } + if (object_dynamic_cast(OBJECT(ms), TYPE_X86_MACHINE)) { + X86MachineState *x86ms =3D X86_MACHINE(ms); + /* + * If an IGVM file is specified then the firmware must be prov= ided + * in the IGVM file. + */ + if (!x86ms->igvm) { + reload_bios_rom(x86ms); + } + } } =20 ret =3D kvm_vm_enable_exception_payload(s); --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224381; cv=none; d=zohomail.com; s=zohoarc; b=TBafUNQ/xmkMFzdZP/lw51SaJeeF6ZKMVAoRXDDuetCBNDsLDHpGDXS1V5AKIjCj9SQlxe7xa9rRV0CAZZBVw48WjiVD/34jEsnfyPtYz9Z3fFxj2kehrhcEZkhBOVUml/VaARcyRzmNGlwyRlC9sbQ5qXOARNBrmNmzVgqSZco= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224381; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=huNj8LV84XiXUyf00M+KYfsVR7Qt8nLIumf0RvZ1e/M=; b=Nsl1koLHTAIpnYDBSQ4zz3FQ6KYcwYcxS0TnVDgEDBRiUwxSuRrFt97/ojGtOngWDMacrq98sJnYVEZdjvVj86pwqMqYg9BhgXZKkvUqpf0s2iHItrQsh/gWqMXkkET/PphVq1a5SDIyuiykIAimIK+hqMbOicaY0H9bcBZqzfE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224381969135.6704859376581; Mon, 12 Jan 2026 05:26:21 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuX-0004PV-38; Mon, 12 Jan 2026 08:24:46 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtq-00032O-UH for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:06 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtp-0003lS-2b for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:02 -0500 Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com [209.85.215.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-398-SW1Rh0kPMIKK17T8Zm5npQ-1; Mon, 12 Jan 2026 08:23:59 -0500 Received: by mail-pg1-f197.google.com with SMTP id 41be03b00d2f7-b5edecdf94eso1467212a12.2 for ; Mon, 12 Jan 2026 05:23:59 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224240; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=huNj8LV84XiXUyf00M+KYfsVR7Qt8nLIumf0RvZ1e/M=; b=NW3Onxhn7PJJiiW/uJYpIKfIn8Nl34rTbq2Iyvqjcqeebo1daPRpUmvLHWSPRNI6SSOKmm +DfD9fZCPwRogIdRb3RsNFf9nQ+WeJ4gUsIOvYi+fOZOhKAspLhMj2z6lYoODTOdvgzGUP zNQF0R4er2r+F7y1H/3oK7rWkPZULHM= X-MC-Unique: SW1Rh0kPMIKK17T8Zm5npQ-1 X-Mimecast-MFC-AGG-ID: SW1Rh0kPMIKK17T8Zm5npQ_1768224238 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224238; x=1768829038; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=huNj8LV84XiXUyf00M+KYfsVR7Qt8nLIumf0RvZ1e/M=; b=e/DHslr2MNi4icU6Et7jHguf9IlBB3OpObKcwAK3vE5A4P2Z2QbW8JvbrrBK0wakWC 3XHLLbf4z6/ApYvCp4+iqjXNAUMPEJibZEqJZpnZWB0Rv+s6qD3jf1uVtIIEF2TqRnQi mftksxViGjekdFhVQP6M+hUWFLLMdYBzkdzvjEaOCzA9ubTR4WXwKJmBY95YU+xYa2ax pH7rsP27IEWUPBXyiIExON3/D92Zlt+Lv1wQD00wAxuWAOmLlZuxXadhMfpiJGiHz+dF fh45YCWGKkm6s4IZG3l5v00ZEDztvOucOk4fror/xc42hPIaGf4y7wphojTB8QRqwRo9 9WcA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224238; x=1768829038; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=huNj8LV84XiXUyf00M+KYfsVR7Qt8nLIumf0RvZ1e/M=; b=jYETe26HY8NJE9ex2gzz0xoHYzhwePM15dpLohqkVdWuIqpa+k/leTXhdO9nDHXeBt khWwIyQYHxSQA0DBozVu1wcJLoD+2eHvxGo1vDZpb5N9XDqx6bygWQW/gX7LSXjV7KBH ykD6zEwhU5FuuMq6LXh+Hb/RVdhPEIfJKOk6SroUDxde7QWdEWWfs32N24kw/E5o676V vDKbUxE8Yax+/CqkWzAMycZzwT5ttA+FVd4qdDEGcQkhiUf/qLvatnXo1VQjVXQ+iZnr 6NHCSNKlkY8D9oDWjhRDrCfCbyCuzXTIBWfKpK7y2EMGXjd5LdsZc34lU2HKRyWTyC0e PTJQ== X-Forwarded-Encrypted: i=1; AJvYcCUn5+5jTfSQ0VLqNk41Qv8oi0AdyZ/tS2VmWJI/0dBAUend9oJcocKRAfqXxmc7rB3y6SnOSsYMFRb0@nongnu.org X-Gm-Message-State: AOJu0Yx/ZUm3PpLsbDxENGR/T0zynJnTSfFKefBIeNhe+iWmQnehFLpU /64JqSvJOhZp1FrBuUEDmOsgSETwZU2P1o0whGpern1kCQyYT0GOgWFnrxaWzKveTCI0z5C6oai fZe79fEgwfhptu2tlYC8gpiLnygOIaOnQYoglEj/JZLu8HKHIu1PVKYsV X-Gm-Gg: AY/fxX6rccCUC/2vL6jfRKgFUnmsmUL3KBqNOaD2u/Gzyu4H+wQ5orblNxEoLd8t1hR 9xwXZxDydgErFYqVbdjpEfWN63FHDjiAkF+M5MhURrOY7lvCQTgBzH4jLqHlvJUBMXcxqN5Si+2 h4LHpMoPb9inV8Hz84Y/CW5dniKmnzvP+p8JcpziKASMJwXmvWiL2ox4pxb8xyzauqlah+nSAil pjuhAr79srK4gshUICGa7PCtTTwnS8lQ4JtWMXhfkQvsDtieIwJ92QyL3wnSL1FsGle+JyPQKJp +YzJSQyu5jWELSRFBtyQju/GMFycHpcDaAfMkoE2TRGZe0L5iUfa1iu+PvHi+di0eko1zCgLhUv HUwymvnyj/HQSTGzYihsH/dTm6iTk26gEOeO4RmzclOg= X-Received: by 2002:a05:6a21:6da0:b0:364:1339:97c2 with SMTP id adf61e73a8af0-3898f8ccd38mr17616491637.14.1768224238062; Mon, 12 Jan 2026 05:23:58 -0800 (PST) X-Google-Smtp-Source: AGHT+IGKybBdHQbkuvgP5WuAflGvMiKUzNXddTr/0WDGSHVn7QeibNA2vw07SBmyCrL1qhYe3JMUog== X-Received: by 2002:a05:6a21:6da0:b0:364:1339:97c2 with SMTP id adf61e73a8af0-3898f8ccd38mr17616470637.14.1768224237608; Mon, 12 Jan 2026 05:23:57 -0800 (PST) From: Ani Sinha To: Paolo Bonzini Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 12/32] accel/kvm: rebind current VCPUs to the new KVM VM file descriptor upon reset Date: Mon, 12 Jan 2026 18:52:25 +0530 Message-ID: <20260112132259.76855-13-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224383910158500 Content-Type: text/plain; charset="utf-8" Confidential guests needs to generate a new KVM file descriptor upon virtual machine reset. Existing VCPUs needs to be reattached to this new KVM VM file descriptor. As a part of this, new VCPU file descriptors against this new KVM VM file descriptor needs to be created and re-initialized. Resources allocated against the old VCPU fds needs to be released. This cha= nge makes this happen. Signed-off-by: Ani Sinha --- accel/kvm/kvm-all.c | 202 ++++++++++++++++++++++++++++++++++------- accel/kvm/trace-events | 1 + 2 files changed, 168 insertions(+), 35 deletions(-) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index 367968427b..2bd4dcd43b 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -130,6 +130,12 @@ static NotifierWithReturnList register_vmfd_changed_no= tifiers =3D static NotifierWithReturnList register_vmfd_pre_change_notifiers =3D NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_pre_change_notifie= rs); =20 +static int kvm_rebind_vcpus(Error **errp); + +static int map_kvm_run(KVMState *s, CPUState *cpu, Error **errp); +static int map_kvm_dirty_gfns(KVMState *s, CPUState *cpu, Error **errp); +static int vcpu_unmap_regions(KVMState *s, CPUState *cpu); + struct KVMResampleFd { int gsi; EventNotifier *resample_event; @@ -423,6 +429,83 @@ err: return ret; } =20 +static int kvm_rebind_vcpus(Error **errp) +{ + CPUState *cpu; + unsigned long vcpu_id; + KVMState *s =3D kvm_state; + int kvm_fd, ret =3D 0; + + CPU_FOREACH(cpu) { + vcpu_id =3D kvm_arch_vcpu_id(cpu); + + if (cpu->kvm_fd) { + close(cpu->kvm_fd); + } + + ret =3D kvm_arch_destroy_vcpu(cpu); + if (ret < 0) { + goto err; + } + + if (s->coalesced_mmio_ring =3D=3D (void *)cpu->kvm_run + PAGE_SIZE= ) { + s->coalesced_mmio_ring =3D NULL; + } + + ret =3D vcpu_unmap_regions(s, cpu); + if (ret < 0) { + goto err; + } + + ret =3D kvm_arch_pre_create_vcpu(cpu, errp); + if (ret < 0) { + goto err; + } + + kvm_fd =3D kvm_vm_ioctl(s, KVM_CREATE_VCPU, vcpu_id); + if (kvm_fd < 0) { + error_report("KVM_CREATE_VCPU IOCTL failed for vCPU %lu (%s)", + vcpu_id, strerror(kvm_fd)); + return kvm_fd; + } + + cpu->kvm_fd =3D kvm_fd; + + cpu->vcpu_dirty =3D false; + cpu->dirty_pages =3D 0; + cpu->throttle_us_per_full =3D 0; + + ret =3D map_kvm_run(s, cpu, errp); + if (ret < 0) { + goto err; + } + + if (s->kvm_dirty_ring_size) { + ret =3D map_kvm_dirty_gfns(s, cpu, errp); + if (ret < 0) { + goto err; + } + } + + ret =3D kvm_arch_init_vcpu(cpu); + if (ret < 0) { + error_setg_errno(errp, -ret, + "kvm_init_vcpu: kvm_arch_init_vcpu failed (%l= u)", + vcpu_id); + } + + close(cpu->kvm_vcpu_stats_fd); + cpu->kvm_vcpu_stats_fd =3D kvm_vcpu_ioctl(cpu, KVM_GET_STATS_FD, N= ULL); + kvm_init_cpu_signals(cpu); + + kvm_cpu_synchronize_post_init(cpu); + } + trace_kvm_rebind_vcpus(); + + err: + return ret; +} + static void kvm_park_vcpu(CPUState *cpu) { struct KVMParkedVcpu *vcpu; @@ -511,19 +594,11 @@ int kvm_create_and_park_vcpu(CPUState *cpu) return ret; } =20 -static int do_kvm_destroy_vcpu(CPUState *cpu) +static int vcpu_unmap_regions(KVMState *s, CPUState *cpu) { - KVMState *s =3D kvm_state; int mmap_size; int ret =3D 0; =20 - trace_kvm_destroy_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu)); - - ret =3D kvm_arch_destroy_vcpu(cpu); - if (ret < 0) { - goto err; - } - mmap_size =3D kvm_ioctl(s, KVM_GET_VCPU_MMAP_SIZE, 0); if (mmap_size < 0) { ret =3D mmap_size; @@ -551,39 +626,47 @@ static int do_kvm_destroy_vcpu(CPUState *cpu) cpu->kvm_dirty_gfns =3D NULL; } =20 - kvm_park_vcpu(cpu); -err: + err: return ret; } =20 -void kvm_destroy_vcpu(CPUState *cpu) -{ - if (do_kvm_destroy_vcpu(cpu) < 0) { - error_report("kvm_destroy_vcpu failed"); - exit(EXIT_FAILURE); - } -} - -int kvm_init_vcpu(CPUState *cpu, Error **errp) +static int do_kvm_destroy_vcpu(CPUState *cpu) { KVMState *s =3D kvm_state; - int mmap_size; - int ret; + int ret =3D 0; =20 - trace_kvm_init_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu)); + trace_kvm_destroy_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu)); =20 - ret =3D kvm_arch_pre_create_vcpu(cpu, errp); + ret =3D kvm_arch_destroy_vcpu(cpu); if (ret < 0) { goto err; } =20 - ret =3D kvm_create_vcpu(cpu); + /* If I am the CPU that created coalesced_mmio_ring, then discard it */ + if (s->coalesced_mmio_ring =3D=3D (void *)cpu->kvm_run + PAGE_SIZE) { + s->coalesced_mmio_ring =3D NULL; + } + + ret =3D vcpu_unmap_regions(s, cpu); if (ret < 0) { - error_setg_errno(errp, -ret, - "kvm_init_vcpu: kvm_create_vcpu failed (%lu)", - kvm_arch_vcpu_id(cpu)); goto err; } + kvm_park_vcpu(cpu); +err: + return ret; +} + +void kvm_destroy_vcpu(CPUState *cpu) +{ + if (do_kvm_destroy_vcpu(cpu) < 0) { + error_report("kvm_destroy_vcpu failed"); + exit(EXIT_FAILURE); + } +} + +static int map_kvm_run(KVMState *s, CPUState *cpu, Error **errp) +{ + int mmap_size, ret =3D 0; =20 mmap_size =3D kvm_ioctl(s, KVM_GET_VCPU_MMAP_SIZE, 0); if (mmap_size < 0) { @@ -608,14 +691,53 @@ int kvm_init_vcpu(CPUState *cpu, Error **errp) (void *)cpu->kvm_run + s->coalesced_mmio * PAGE_SIZE; } =20 + err: + return ret; +} + +static int map_kvm_dirty_gfns(KVMState *s, CPUState *cpu, Error **errp) +{ + int ret =3D 0; + /* Use MAP_SHARED to share pages with the kernel */ + cpu->kvm_dirty_gfns =3D mmap(NULL, s->kvm_dirty_ring_bytes, + PROT_READ | PROT_WRITE, MAP_SHARED, + cpu->kvm_fd, + PAGE_SIZE * KVM_DIRTY_LOG_PAGE_OFFSET); + if (cpu->kvm_dirty_gfns =3D=3D MAP_FAILED) { + ret =3D -errno; + } + + return ret; +} + +int kvm_init_vcpu(CPUState *cpu, Error **errp) +{ + KVMState *s =3D kvm_state; + int ret; + + trace_kvm_init_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu)); + + ret =3D kvm_arch_pre_create_vcpu(cpu, errp); + if (ret < 0) { + goto err; + } + + ret =3D kvm_create_vcpu(cpu); + if (ret < 0) { + error_setg_errno(errp, -ret, + "kvm_init_vcpu: kvm_create_vcpu failed (%lu)", + kvm_arch_vcpu_id(cpu)); + goto err; + } + + ret =3D map_kvm_run(s, cpu, errp); + if (ret < 0) { + goto err; + } + if (s->kvm_dirty_ring_size) { - /* Use MAP_SHARED to share pages with the kernel */ - cpu->kvm_dirty_gfns =3D mmap(NULL, s->kvm_dirty_ring_bytes, - PROT_READ | PROT_WRITE, MAP_SHARED, - cpu->kvm_fd, - PAGE_SIZE * KVM_DIRTY_LOG_PAGE_OFFSET); - if (cpu->kvm_dirty_gfns =3D=3D MAP_FAILED) { - ret =3D -errno; + ret =3D map_kvm_dirty_gfns(s, cpu, errp); + if (ret < 0) { goto err; } } @@ -2726,6 +2848,16 @@ static int kvm_reset_vmfd(MachineState *ms) } assert(!err); =20 + /* + * rebind new vcpu fds with the new kvm fds + * These can only be called after kvm_arch_vmfd_change_ops() + */ + ret =3D kvm_rebind_vcpus(&err); + if (ret < 0) { + return ret; + } + assert(!err); + /* these can be only called after ram_block_rebind() */ memory_listener_register(&kml->listener, &address_space_memory); memory_listener_register(&kvm_io_listener, &address_space_io); diff --git a/accel/kvm/trace-events b/accel/kvm/trace-events index e4beda0148..4a8921c632 100644 --- a/accel/kvm/trace-events +++ b/accel/kvm/trace-events @@ -15,6 +15,7 @@ kvm_park_vcpu(int cpu_index, unsigned long arch_cpu_id) "= index: %d id: %lu" kvm_unpark_vcpu(unsigned long arch_cpu_id, const char *msg) "id: %lu %s" kvm_irqchip_commit_routes(void) "" kvm_reset_vmfd(void) "" +kvm_rebind_vcpus(void) "" kvm_irqchip_add_msi_route(char *name, int vector, int virq) "dev %s vector= %d virq %d" kvm_irqchip_update_msi_route(int virq) "Updating MSI route virq=3D%d" kvm_irqchip_release_virq(int virq) "virq %d" --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224406; cv=none; d=zohomail.com; s=zohoarc; b=kV/L3Qf0GFyxlFz71vOizACstwccPg5JoC4IJQAB2kqn674BkwFAODh6AOYozBBSiFBZB1YVumbmVnLIVd0hBOdfbJpqNvKMNTySBDC5ERdVEJAGwwUqXfzCkA5mNMKW69/7wuIVhxhMPkdn/ZvuU3x7dT66v263FqaBMH4H1Ws= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224406; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=enQS01mePhcqrNpRvIEAIkNk+KPz6jEdRutgiDslPTQ=; b=EXHDpNwyq73eU8tR0N7AsIHr8Ae6BGdaVqyg08S9btlZcgmWXNE0IJaFCv5nw3wTzKTRMImDlvANT4fQEX1xkaA3lSJ9gak0W3eMs9MInXThJYKcB2LR0YoTZBbA3qH5aRJ6UNZlxKg9DksE8Vtlemb2C83v/nxwflxJVYgyh/M= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224406820203.74939312789752; Mon, 12 Jan 2026 05:26:46 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuN-0003vM-C8; Mon, 12 Jan 2026 08:24:37 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtt-00032w-0R for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:09 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtr-0003mU-FF for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:04 -0500 Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com [209.85.215.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-577-KOf7UkToNL-Jglkcp-bEIA-1; Mon, 12 Jan 2026 08:24:01 -0500 Received: by mail-pg1-f197.google.com with SMTP id 41be03b00d2f7-b630b4d8d52so4538111a12.3 for ; Mon, 12 Jan 2026 05:24:01 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.23.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:23:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224242; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=enQS01mePhcqrNpRvIEAIkNk+KPz6jEdRutgiDslPTQ=; b=WBCuq6XvU2UYJwDrgK5g2zM1sB3g/E+OOQvtEArpiikx+071rKbfksCHivD6gwu8NExeCC ku9sJF8UFvEbTkS0MBJwMv2Uif1/09nMUvvPvLf3BqNdRBpS2BtbgE2RHFKEQz3Jk63cnL V2ny4vh621c3LISRJJ2KJxLTUjq5xuo= X-MC-Unique: KOf7UkToNL-Jglkcp-bEIA-1 X-Mimecast-MFC-AGG-ID: KOf7UkToNL-Jglkcp-bEIA_1768224240 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224240; x=1768829040; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=enQS01mePhcqrNpRvIEAIkNk+KPz6jEdRutgiDslPTQ=; b=tVMcZFt9H19SYTaBnbmlSkmu0qNk9daCiRuHlanXMzC838fzjxrfeXAOcSvplnPFJ4 psONCTGqmror4hc4ZrBXo9daPKiB/YoJOO8AtFEhpWVZiiWEb01x5bvb8lB/JZv6Ortj 6kXBB4Zar4dA8ZqI0RVAESVDT+/ekr1nkS3DoPsLKCQoIYXxWhSdaHBURdZL4qEmTa97 UuqR5JnddnqvwlZtBZ0eavLFMruQZeEXZvjrpgonCAb65bVIa6E2yyEiAV7fTAgREz3x T6F+GxIHFkhCenwSxYGldYvVu3oQ9TvMZjXaLZAxuISJtkzox7sgJyhHitO7yjdf5xM0 EpVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224240; x=1768829040; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=enQS01mePhcqrNpRvIEAIkNk+KPz6jEdRutgiDslPTQ=; b=eowaZeo+/srdPPM5XkCryOuE1pPKd+1k881rTuG+c+kIKSgGovoEFkQ4UsiN6Erd8s 9L3LhKq8D9wygX2nsJhKL7SRiVJWtP7PRMnuMNi24jR/qTSnPFnjxxt9fQrP+KqDaPjH yHU6+2BEA+RwFHt3PA7McA0jYCDzS7hpz8NhSCzgOrk2wQL/32g2OWy/PxCjp6mtgpR/ g0vHKi/9IyPJ4yr/BmJR7o1VpTW2SMLWrB9K+kO+nYd2erg9SbHcOhyu+t+rv3zg5Vd7 GVIPxY5/WHWmz7/Ndb6xs3ef98d2Ing10xadGIJfPyxV8VDAOVpLbWAM8rYEWrB32fd1 FFWA== X-Forwarded-Encrypted: i=1; AJvYcCXOCGDGQGMCAXAZPKgVR1KHwsZyuauW2pmjH5UlQ2azkFsTBUU+yUKh0ZbYVXjNBBhSvPIvpatOK2Om@nongnu.org X-Gm-Message-State: AOJu0YwVmAhJ34QIAolZm+buf62OeSYIkkVk9opZLbjaS5Tq5T2lRjWC I2/zDF793pwJBcqwqxlsb00L5iEJx1xMn9gNyUYjdk3WIFGJ6mxf9f4gHQVAYwG6n1o391sEd43 IYF6MzfQK2JTxfVay32+bD9skn2mTWmK19YiOSaKJduZ+HOh5YgjYpMD+ X-Gm-Gg: AY/fxX64uPhipGtJ+Em9zQhDs1JM9WaWBViYuDqBdXfmtpCDX2xaEUClL3g/yReV+ao uANbcB/DuOPogk6hE9J7QTL2XHSl0e1lGU9lKoFJh9CyOVvyxEbReTVTmIyx9MwfAtdZDrhgaRS Tkbuj4drBgVjFufm6Qu5b0ELUxeHfBYd91JHwbPVcZAWaVwcy0EVDLgAPcRaBo5+f+cQDj+fsoE jpS6ZXRFWCXMhnc8fpY+N6yQT9p70B/lgnWGJT5gIp6OblVSLAtWtHZl53G28O3EB/nNOCk5PEL /fZI3ir6dk32tXTBQzpXFGhFNYh1fPJvs1rIc6hYeQTLuoQ7LQ4GXM1Bbffvuiop9z1Kj/UGh+L 2SDQV9pqIQopuQ9xNAQrnqy9b/1nXDBbw+PYPHHiU/2Q= X-Received: by 2002:a05:6a20:938e:b0:2ea:41f1:d54a with SMTP id adf61e73a8af0-3898f97ad8cmr14440076637.55.1768224240379; Mon, 12 Jan 2026 05:24:00 -0800 (PST) X-Google-Smtp-Source: AGHT+IF9AdsORso1hajXEudPS+SoWB6CKZvQc/iJn1g5/STVkIOIrztq9DXKIx4zeqdAO8x58tFeew== X-Received: by 2002:a05:6a20:938e:b0:2ea:41f1:d54a with SMTP id adf61e73a8af0-3898f97ad8cmr14440059637.55.1768224239987; Mon, 12 Jan 2026 05:23:59 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 13/32] i386/tdx: refactor TDX firmware memory initialization code into a new function Date: Mon, 12 Jan 2026 18:52:26 +0530 Message-ID: <20260112132259.76855-14-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224407915158500 Content-Type: text/plain; charset="utf-8" A new helper function is introduced that refactors all firmware memory initialization code into a separate function. No functional change. Signed-off-by: Ani Sinha --- target/i386/kvm/tdx.c | 73 ++++++++++++++++++++++++------------------- 1 file changed, 40 insertions(+), 33 deletions(-) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 0161985768..b595eabb6a 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -295,14 +295,51 @@ static void tdx_post_init_vcpus(void) } } =20 -static void tdx_finalize_vm(Notifier *notifier, void *unused) +static void tdx_init_fw_mem_region(void) { TdxFirmware *tdvf =3D &tdx_guest->tdvf; TdxFirmwareEntry *entry; - RAMBlock *ram_block; Error *local_err =3D NULL; int r; =20 + for_each_tdx_fw_entry(tdvf, entry) { + struct kvm_tdx_init_mem_region region; + uint32_t flags; + + region =3D (struct kvm_tdx_init_mem_region) { + .source_addr =3D (uintptr_t)entry->mem_ptr, + .gpa =3D entry->address, + .nr_pages =3D entry->size >> 12, + }; + + flags =3D entry->attributes & TDVF_SECTION_ATTRIBUTES_MR_EXTEND ? + KVM_TDX_MEASURE_MEMORY_REGION : 0; + + do { + error_free(local_err); + local_err =3D NULL; + r =3D tdx_vcpu_ioctl(first_cpu, KVM_TDX_INIT_MEM_REGION, flags, + ®ion, &local_err); + } while (r =3D=3D -EAGAIN || r =3D=3D -EINTR); + if (r < 0) { + error_report_err(local_err); + exit(1); + } + + if (entry->type =3D=3D TDVF_SECTION_TYPE_TD_HOB || + entry->type =3D=3D TDVF_SECTION_TYPE_TEMP_MEM) { + qemu_ram_munmap(-1, entry->mem_ptr, entry->size); + entry->mem_ptr =3D NULL; + } + } +} + +static void tdx_finalize_vm(Notifier *notifier, void *unused) +{ + TdxFirmware *tdvf =3D &tdx_guest->tdvf; + TdxFirmwareEntry *entry; + RAMBlock *ram_block; + tdx_init_ram_entries(); =20 for_each_tdx_fw_entry(tdvf, entry) { @@ -339,37 +376,7 @@ static void tdx_finalize_vm(Notifier *notifier, void *= unused) tdvf_hob_create(tdx_guest, tdx_get_hob_entry(tdx_guest)); =20 tdx_post_init_vcpus(); - - for_each_tdx_fw_entry(tdvf, entry) { - struct kvm_tdx_init_mem_region region; - uint32_t flags; - - region =3D (struct kvm_tdx_init_mem_region) { - .source_addr =3D (uintptr_t)entry->mem_ptr, - .gpa =3D entry->address, - .nr_pages =3D entry->size >> 12, - }; - - flags =3D entry->attributes & TDVF_SECTION_ATTRIBUTES_MR_EXTEND ? - KVM_TDX_MEASURE_MEMORY_REGION : 0; - - do { - error_free(local_err); - local_err =3D NULL; - r =3D tdx_vcpu_ioctl(first_cpu, KVM_TDX_INIT_MEM_REGION, flags, - ®ion, &local_err); - } while (r =3D=3D -EAGAIN || r =3D=3D -EINTR); - if (r < 0) { - error_report_err(local_err); - exit(1); - } - - if (entry->type =3D=3D TDVF_SECTION_TYPE_TD_HOB || - entry->type =3D=3D TDVF_SECTION_TYPE_TEMP_MEM) { - qemu_ram_munmap(-1, entry->mem_ptr, entry->size); - entry->mem_ptr =3D NULL; - } - } + tdx_init_fw_mem_region(); =20 /* * TDVF image has been copied into private region above via --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224317; cv=none; d=zohomail.com; s=zohoarc; b=fma1G/IX947WzdmROyjV7/63kSzoM6A7vJG0CrJuWM9fjTpvczdBwvagx+wTjdeE3MUMtb5N+szUgU6zz4aN5dXwd3pv6fo97TyQjRPXJh4eoxcutf+bslvCm+BVsrqNfYThZY3Osxtgz0NAsq9jyEkRJQ3jBl0wJ9a9/W9mbjc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224317; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=re0muZmMrtqo8EWO5a5L2LHVK2cH9w5XVHhtUQzVCdc=; b=UtQJ1tGHqrUGtk/niBB11PLyL/ZbmqBQNl/khAUpXHszCnHmvvAiQLvjXGztmE57aXwH4+YUG/Cu9ZRXaLEWyDcedYOPA3VwY1XVunv2xwNbBImmP+4EozjBMhphX3N2VT3Cc2Arm0WkCD7xtv7xwnuZLTQpDyu13j02OtJIhK4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224317740724.9661834290672; Mon, 12 Jan 2026 05:25:17 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHui-0004aZ-TO; Mon, 12 Jan 2026 08:24:57 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtz-00039p-6k for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:16 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHtt-0003mo-NI for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:07 -0500 Received: from mail-pg1-f198.google.com (mail-pg1-f198.google.com [209.85.215.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-330-01dExezYNliTDv5FfB0VdQ-1; Mon, 12 Jan 2026 08:24:04 -0500 Received: by mail-pg1-f198.google.com with SMTP id 41be03b00d2f7-c5539b9adc3so1865634a12.1 for ; Mon, 12 Jan 2026 05:24:03 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224245; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=re0muZmMrtqo8EWO5a5L2LHVK2cH9w5XVHhtUQzVCdc=; b=VvYyC24BdqmIrXz7Drcs7jT5i4u2nk0zQFCMvAx0ycanW0lzfaOfiI6j8dQ/agxNHjlRzo 5nF+nlsmKL3UNQBwLFWVMq4ZQ/LrjwlDwxG36CYVYbDZawqCR7ES9ft+xjD8TbsxBOzxlV SZRfRgLMSqj6ErtGeHka1NiM33am/S4= X-MC-Unique: 01dExezYNliTDv5FfB0VdQ-1 X-Mimecast-MFC-AGG-ID: 01dExezYNliTDv5FfB0VdQ_1768224243 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224243; x=1768829043; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=re0muZmMrtqo8EWO5a5L2LHVK2cH9w5XVHhtUQzVCdc=; b=j/oDPFOX+wBnykqgnCNgZ8jbQzwxFeLIGXussIT7sxT3SyYH02ZdP5Rpf562ge3dZl 3ArIPh/ISAYN7CXaCMsUph7f5OFtlSLWIatbhE+x9r62jy8FwqwCeQEAK99WHKFQtb96 ymP8CeN4BDlalqbcYn2WYOjctz0QndLpwYRSy8i9nlfZuFdn7iffKOqzf7VP3zh3vvi2 aEZVDYoLegEOp/gvjctLzwSDQ7jhg4w5ME+YRBKvtH86ziDlYr3fWJrcK1tY9CLbOSvu 3JdmXma2PIobWqKNH2mQLAiOTeHCwGX3qgzXbVbAH+71HlR1Cc2n1Ke3fdXK02tAAyAL nZ/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224243; x=1768829043; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=re0muZmMrtqo8EWO5a5L2LHVK2cH9w5XVHhtUQzVCdc=; b=WS1FbCcnDi+74uKHZhLFzq6+FPJe0AyWQv2QCbY8khZTP/FzOOn1itJplyuT1pkZS4 pCZ94BtJ+VT8QcPFqSf7sO/baHAjfF89v4Np/b/F/vbRiQN/1GaRgQA6Se6MqCQxWaF7 QIhKkVqqQ0+FzpFZlajlr3mXrtClBCisqG6mu6tpKJ4vsdvJMgnVZgdVivEcsA9eoMHf tXIUGS6f3D5hBVCfx0+90iti/8++041pZz9SPyBbHaY2Ol+0o5nBDCPfNinnzztV8lZq pBrJXX9fUh7VLi8aeZ3UV0E4Rj8UT+qjGbgOU2IL+xFmTw3y2LZ3AOrzbjyQIwLd55p9 WZaQ== X-Forwarded-Encrypted: i=1; AJvYcCX0YgQq6Rhd80KNBufkow0B0xptiWB1No0cmMacZGzAf7PhJCfIsuC3DpQ6JeQAzeNC9yeBaIIZmtPG@nongnu.org X-Gm-Message-State: AOJu0Yz1jmLoH9xTXtFrZ+Wx5C1YB5eIP/kq93cWm91ZQhUhcoiW4fWR XggYMUYNb1f/g94NY6VgSjHUnEUHIdq3RpsmFBPjwh16s0G6Bd1SOkzE/QtzKlfSdGZbKL5IdnE SRlWs1lbtPHTULgx3Zeyq8Njufk7FZ2gnTGe6AOGOhTowaISvNzBy9QLZ X-Gm-Gg: AY/fxX7ANjntdNv6Ur+GztSgGIQtjBCKRH4flb87nBMwbKUnbA4kcAHa1reE2yY8slD 7qsi1IFcDHPwlR1TTDD/w9q4QT6ZqOMJQj0aZ8soOdwDqBnHtEHgS/1M4ySI+oxE0NDSeiYIbxB NNRY6fMdIiwqiGaG0R+1q8MfD+ALt+O87cTiLcLYxgDDtGodAgiPDnavlm+9Xw0njdZroVY+OmG 4sHgzPQEEJosziiBy6lFEv9b6/OgAMpaDcI4m7eWyFivqTIJySRAfiMRZEzJNNoDf43WcbVSwW/ cgbjRJ9dvccKSzhi7uuw/o/iLr+lyZgQ7wdNEncZ9+dR4Xvu2B7Xz6a9jbHLXY9vQffapvUuyK8 bczLu/WXfgWpJnIKjCp2vLfYk1qo0NXlJmyVjlZIusKE= X-Received: by 2002:a05:6a20:5493:b0:366:14ac:8c6d with SMTP id adf61e73a8af0-3898f9cf622mr16237020637.67.1768224242888; Mon, 12 Jan 2026 05:24:02 -0800 (PST) X-Google-Smtp-Source: AGHT+IGjz1PJMGZym0PSu5C9k8ojaJS95nPXlOCAztYTfHj1g2CJ3fKTkb5Z0vZjd85rOHWGK+xRjg== X-Received: by 2002:a05:6a20:5493:b0:366:14ac:8c6d with SMTP id adf61e73a8af0-3898f9cf622mr16237004637.67.1768224242460; Mon, 12 Jan 2026 05:24:02 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 14/32] i386/tdx: finalize TDX guest state upon reset Date: Mon, 12 Jan 2026 18:52:27 +0530 Message-ID: <20260112132259.76855-15-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224319558158501 Content-Type: text/plain; charset="utf-8" When the confidential virtual machine KVM file descriptor changes due to the guest reset, some TDX specific setup steps needs to be done again. This includes finalizing the inital guest launch state again. This change re-executes some parts of the TDX setup during the device reset phaze using= a resettable interface. This finalizes the guest launch state again and locks it in. Machine done notifier which was previously used is no longer needed = as the same code is now executed as a part of VM reset. Signed-off-by: Ani Sinha --- target/i386/kvm/tdx.c | 38 +++++++++++++++++++++++++++++++----- target/i386/kvm/tdx.h | 1 + target/i386/kvm/trace-events | 3 +++ 3 files changed, 37 insertions(+), 5 deletions(-) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index b595eabb6a..cba07785f7 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -19,6 +19,7 @@ #include "crypto/hash.h" #include "system/kvm_int.h" #include "system/runstate.h" +#include "system/reset.h" #include "system/system.h" #include "system/ramblock.h" #include "system/address-spaces.h" @@ -38,6 +39,7 @@ #include "kvm_i386.h" #include "tdx.h" #include "tdx-quote-generator.h" +#include "trace.h" =20 #include "standard-headers/asm-x86/kvm_para.h" =20 @@ -389,9 +391,19 @@ static void tdx_finalize_vm(Notifier *notifier, void *= unused) CONFIDENTIAL_GUEST_SUPPORT(tdx_guest)->ready =3D true; } =20 -static Notifier tdx_machine_done_notify =3D { - .notify =3D tdx_finalize_vm, -}; +static void tdx_handle_reset(Object *obj, ResetType type) +{ + if (!runstate_is_running() && !phase_check(PHASE_MACHINE_READY)) { + return; + } + + if (!kvm_enable_hypercall(BIT_ULL(KVM_HC_MAP_GPA_RANGE))) { + error_setg(&error_fatal, "KVM_HC_MAP_GPA_RANGE not enabled for gue= st"); + } + + tdx_finalize_vm(NULL, NULL); + trace_tdx_handle_reset(); +} =20 /* * Some CPUID bits change from fixed1 to configurable bits when TDX module @@ -738,8 +750,6 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs, = Error **errp) */ kvm_readonly_mem_allowed =3D false; =20 - qemu_add_machine_init_done_notifier(&tdx_machine_done_notify); - tdx_guest =3D tdx; return 0; } @@ -1505,6 +1515,7 @@ OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest, TDX_GUEST, X86_CONFIDENTIAL_GUEST, { TYPE_USER_CREATABLE }, + { TYPE_RESETTABLE_INTERFACE }, { NULL }) =20 static void tdx_guest_init(Object *obj) @@ -1538,20 +1549,37 @@ static void tdx_guest_init(Object *obj) =20 tdx->event_notify_vector =3D -1; tdx->event_notify_apicid =3D -1; + qemu_register_resettable(obj); } =20 static void tdx_guest_finalize(Object *obj) { } =20 +static ResettableState *tdx_reset_state(Object *obj) +{ + TdxGuest *tdx =3D TDX_GUEST(obj); + return &tdx->reset_state; +} + static void tdx_guest_class_init(ObjectClass *oc, const void *data) { ConfidentialGuestSupportClass *klass =3D CONFIDENTIAL_GUEST_SUPPORT_CL= ASS(oc); X86ConfidentialGuestClass *x86_klass =3D X86_CONFIDENTIAL_GUEST_CLASS(= oc); + ResettableClass *rc =3D RESETTABLE_CLASS(oc); =20 klass->kvm_init =3D tdx_kvm_init; x86_klass->kvm_type =3D tdx_kvm_type; x86_klass->cpu_instance_init =3D tdx_cpu_instance_init; x86_klass->adjust_cpuid_features =3D tdx_adjust_cpuid_features; x86_klass->check_features =3D tdx_check_features; + + /* + * the exit phase makes sure sev handles reset after all legacy resets + * have taken place (in the hold phase) and IGVM has also properly + * set up the boot state. + */ + rc->phases.exit =3D tdx_handle_reset; + rc->get_state =3D tdx_reset_state; + } diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index 1c38faf983..264fbe530c 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -70,6 +70,7 @@ typedef struct TdxGuest { =20 uint32_t event_notify_vector; uint32_t event_notify_apicid; + ResettableState reset_state; } TdxGuest; =20 #ifdef CONFIG_TDX diff --git a/target/i386/kvm/trace-events b/target/i386/kvm/trace-events index 1f4786f687..47473001d8 100644 --- a/target/i386/kvm/trace-events +++ b/target/i386/kvm/trace-events @@ -14,3 +14,6 @@ kvm_xen_soft_reset(void) "" kvm_xen_set_shared_info(uint64_t gfn) "shared info at gfn 0x%" PRIx64 kvm_xen_set_vcpu_attr(int cpu, int type, uint64_t gpa) "vcpu attr cpu %d t= ype %d gpa 0x%" PRIx64 kvm_xen_set_vcpu_callback(int cpu, int vector) "callback vcpu %d vector %d" + +# tdx.c +tdx_handle_reset(void) "" --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224389; cv=none; d=zohomail.com; s=zohoarc; b=Z5ns19HxaDbnc7vXClwMj6m9jFDMURf1J6633y9pqLtJJbg5djUR91fuhMcLyB2sJZgkVaY6xMGooH74AQPdyP7v7y3Cs5rh/b0KyLC0x82Xg5U6TOXL2M+3z4Modo6A20MFV5VAuC0iuSBHnLkAanxRdMbyyrWMiEw5Ki0GE3Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224389; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=wfYJ54PW7pNrLwK/eJ6cKC4iLcc2du5UIuKp3Xkn/CI=; b=h5rGiMkQHFGyybyMsZ6sviSy8AgGJsdnBkPzNBgMS5VTFYomUVJiUq+lmuMwTt4sGCtA4C4LAOI4UUQBlnHuss5Ki0Yhduuyb4pjHTE8JdkW6QxGK33J28N69Vtb3h+8KJ8LU0nOr2gJhzU0ykSFRJ8mTFGHhKmn5RHHH7F55jc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224389630781.7725111010639; Mon, 12 Jan 2026 05:26:29 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuJ-0003Zq-0B; Mon, 12 Jan 2026 08:24:31 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHu2-0003Au-UR for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:22 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHty-0003n6-0A for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:13 -0500 Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com [209.85.215.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-556-BcCo06h6NpKcz6AJyhJvYA-1; Mon, 12 Jan 2026 08:24:06 -0500 Received: by mail-pg1-f200.google.com with SMTP id 41be03b00d2f7-c549aaa796dso4687993a12.1 for ; Mon, 12 Jan 2026 05:24:06 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224247; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=wfYJ54PW7pNrLwK/eJ6cKC4iLcc2du5UIuKp3Xkn/CI=; b=c2j8GsUQmM28DWUTCrkNcic942aNDPJ+zVGkthAD8H4skeYemeyLBGT35+PTpBOrR/7vEn potquRJQTw9I7+J9542XvC3jfDHGcjdz20nKHDaAC4j1X7zisCPF9JWr4vNxfJq2aDXed8 i7JHUaKnt1jifcGSBe4zihY5EBOSGxo= X-MC-Unique: BcCo06h6NpKcz6AJyhJvYA-1 X-Mimecast-MFC-AGG-ID: BcCo06h6NpKcz6AJyhJvYA_1768224245 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224245; x=1768829045; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wfYJ54PW7pNrLwK/eJ6cKC4iLcc2du5UIuKp3Xkn/CI=; b=NBtBYCLvtdIc1/ObQARFckgKfNJ/IfMS2cU1s3asmky4HeVSEb5MNb6obEHXMDAhlz veew7OM6ElQ1hal4amYAVisUQMynfvLH0eyAsgOoZhs7Xnb3k5O7gAOXePfSBpyVJcP3 o6LZ6yTi3Wm9EaogMnkvQYY59n78IOYi5COTwC4kso8ygfmFWjiNUYgWSxBGKRjDxeXv +/6bQ8OlxN0uf+vw8OpmkZR/p6EWhvvRG7DOnHH0TD1NZpY4Nm0V4jib5ljGIbf2hUge NQfK8gOAqTkoTZiAnV2wd1OeaPWxS5kM/Z9fhTuK7r/5kC4OtRK9VK3nZzjctJtE+okk toSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224245; x=1768829045; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=wfYJ54PW7pNrLwK/eJ6cKC4iLcc2du5UIuKp3Xkn/CI=; b=oewxyiOTGt3gfjkGTlX/fZ9cO9SeUPmqTCjorj4/HIKPiY51QhCRdNwv9PVV9gfXVn 7YedZpGCOPmoSpiCPbmJTylnRA1eWECJADg37ppOfOZm7qyjtRkO4cOROB0g6yE/s+xj NImCxrUBqC3QLXH52+MXTYspWxdIVksCdAeETI33ofW5YCb7y7zCIJk7+n5lktmPDLQ2 rX6hsYjsOkSuM65D/frQvkMalNe+sKz43xf4xkObzKUq2U93WLpeIJN4NgfO2gxBMlNP hTRgp7ORmTa6ObgmuKN0HbVCm8W/3VGf5Hzyd01HZnfrzt4UlTR1TUJhvAaC6pRmNUfj B/4g== X-Forwarded-Encrypted: i=1; AJvYcCVLnNc44VXMIRO48o15vhcbR3XsmP3MBxrzImEFaIh2HmEdupaJeeou3TygF1J65dLauLqomOhTnt3T@nongnu.org X-Gm-Message-State: AOJu0YyEwB2HYOKBPeB2GhZiC9DSl/nqiR/g4rw3hHL2tnDaL62L3YMa DcA3jR9taak9wyaJlYFouopH+oFUqCwch68tXJR7uLE8lhp0ztz19z+pNxYHDQ6jGJ0PM6rkQ2k i9oE9fX6EynDK3Y8WnlcN0JPbm8rog4n5//w5nvShpnlLI1x4s/A/y+cH X-Gm-Gg: AY/fxX5DbaSgbqm2Q+Jx4GZpEI4siuv3/AYLdQe9VEtVjmmQEf0C59HOH2FPcTtQVT2 LlqPFFAfZylSxSOKkcMnrgsb1Gzbk2x3G+nyFrBM8BSIPB2F4Wd9g2wYv+blH/F074ffqKxwp/A RDytanjfo9ErZ3e3E6o4sxpL5KA47kSYaKYZEu43Y6Ba9C5mMvbIF3vMkVwuQWYdZDo4VgF+KpR XOVloLrOf3/u0cyBAssrQcpbafuqlDN7vnMjsVo2xKzMAeEYZwZj3y3wXXocgiDo8ZntVug9yqx HgciEoP38aRoIM+3B8DaKOMeWAwDJ0VHVF5JfwEGBjPauLaI0QO1uj8iBIh66q+BYH/3lrpCWZP XblgVvsLmCoKRQZSPXBsSpdFSsb+UR0hJmwtfwX7eOBw= X-Received: by 2002:a05:6a21:999c:b0:389:8e40:a13a with SMTP id adf61e73a8af0-3898f997771mr17078806637.52.1768224245216; Mon, 12 Jan 2026 05:24:05 -0800 (PST) X-Google-Smtp-Source: AGHT+IH0M9fBY78q5fVf662RSaHGPAIXPHYNm4v5HjXRd4PiEkcc2Xs4274yy5o7YPnuQ5jB86LeyQ== X-Received: by 2002:a05:6a21:999c:b0:389:8e40:a13a with SMTP id adf61e73a8af0-3898f997771mr17078790637.52.1768224244802; Mon, 12 Jan 2026 05:24:04 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 15/32] i386/tdx: add a pre-vmfd change notifier to reset tdx state Date: Mon, 12 Jan 2026 18:52:28 +0530 Message-ID: <20260112132259.76855-16-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224389816158500 Content-Type: text/plain; charset="utf-8" During reset, when the VM file descriptor is changed, the TDX state needs t= o be re-initialized. A pre-VMFD notifier callback is implemented to reset the old state and free memory before the new state is initialized post VM-fd change. Signed-off-by: Ani Sinha --- target/i386/kvm/tdx.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index cba07785f7..314d316b7c 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -405,6 +405,32 @@ static void tdx_handle_reset(Object *obj, ResetType ty= pe) trace_tdx_handle_reset(); } =20 +/* TDX guest reset will require us to reinitialize some of tdx guest state= . */ +static int set_tdx_vm_uninitialized(NotifierWithReturn *notifier, + void *data, Error** errp) +{ + TdxFirmware *fw =3D &tdx_guest->tdvf; + + if (tdx_guest->initialized) { + tdx_guest->initialized =3D false; + } + + g_free(tdx_guest->ram_entries); + + /* + * the firmware entries will be parsed again, see + * x86_firmware_configure() -> tdx_parse_tdvf() + */ + fw->entries =3D 0; + g_free(fw->entries); + + return 0; +} + +static NotifierWithReturn tdx_vmfd_pre_change_notifier =3D { + .notify =3D set_tdx_vm_uninitialized, +}; + /* * Some CPUID bits change from fixed1 to configurable bits when TDX module * supports TDX_FEATURES0.VE_REDUCTION. e.g., MCA/MCE/MTRR/CORE_CAPABILITY. @@ -1549,6 +1575,7 @@ static void tdx_guest_init(Object *obj) =20 tdx->event_notify_vector =3D -1; tdx->event_notify_apicid =3D -1; + kvm_vmfd_add_pre_change_notifier(&tdx_vmfd_pre_change_notifier); qemu_register_resettable(obj); } =20 --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224327; cv=none; d=zohomail.com; s=zohoarc; b=PF7eIvYF1tNLtKsZ9yz8v8XWk8E9/aQdJg9UgTUCc2KTlBe6KciX44gx7NJ6SFWtqJTrg2FJtUc8RNVvk4BMm1DLuEPhJfQpksJfGwTk0HO+QjpKf0wHhLwi+3rN9MqN3zBZwd73qaezFkh/KpuLL1gmZ28flcSnycV90HOGUnI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224327; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=qYAaN0FILWaSu0nPli0Usb4itaQvJcTN3FzK6m+/4vg=; b=eE8MyVXX69TiCE/3T2MgL9MZ0/R3nsW7BPMjBELe8dN2sevcbCHsfYOZsF3o1Kt3t1zdjF5ORI4DQcp0mRfbzk5MzjkXvjBgoXs2cdQ+dnHLQZQWfkspxzs1vkD68vaHxvIorUBYhlHnDxHI4X2QElQq+hvsoZXcNGzpo4XDtuc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224327536683.797169428112; Mon, 12 Jan 2026 05:25:27 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuK-0003e1-6Y; Mon, 12 Jan 2026 08:24:32 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHu2-0003As-UW for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:22 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHu0-0003nQ-R4 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:14 -0500 Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-570-SQXCPEVJMy-QeSErzojfKQ-1; Mon, 12 Jan 2026 08:24:08 -0500 Received: by mail-pg1-f199.google.com with SMTP id 41be03b00d2f7-b5edecdf94eso1467487a12.2 for ; Mon, 12 Jan 2026 05:24:08 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224250; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qYAaN0FILWaSu0nPli0Usb4itaQvJcTN3FzK6m+/4vg=; b=hzjUI3uG2OHVhMNqaApDlNOZ2bwgzxPXH7ijxlWIQMXdv6UKZG/eOq3Tr60TV0eHBnhEBY aYiBKza2kO8egaqAO5YTG2Myq4m9h8fgdcqr7+n1lencNBEI/wQWtIeSGqr0YQE26k8Jv7 1ds82ety1oAboGz3nBUI2LUTCnYh730= X-MC-Unique: SQXCPEVJMy-QeSErzojfKQ-1 X-Mimecast-MFC-AGG-ID: SQXCPEVJMy-QeSErzojfKQ_1768224248 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224248; x=1768829048; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=qYAaN0FILWaSu0nPli0Usb4itaQvJcTN3FzK6m+/4vg=; b=hNpz5cqQ7OHVFWMvl3/dZDAtr2TUnaxAI7GYmIE9IadJ7F+6pRjhuQQ2UQYhv8yyjC rwDy9uyQEt5KmHiB3JlV8S8sXsJd9wtDqVb9VqwszwBPIQs5sIoo0S+uUQ+sFNDUP8QA 2PAyp+cIkLvrGHE5JwEbTakk+iTJtUgIbSjaGTtSI5oEcyXvZ5+U7MgmNQYCmr8MeSvK itkpZR1kTLQrns0irRF0+wa44Ruy2COd55eAHNk4Yw1rtMeAtH844JDYGDMQM3ZNbvVs wBW2sKHqJPPjCZL8xv9mIbMFNT7k9wswZ+ASaUliKN7syokaBchIwCQB4UwahxDwG2MI VRRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224248; x=1768829048; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=qYAaN0FILWaSu0nPli0Usb4itaQvJcTN3FzK6m+/4vg=; b=Xgw3+BotCbnxk/WkWaLLeCkMe/XGBR3Q0QjP20OO2yv06cIqulWS4HZVU3AImpe8Uu PLUkd2I/9V9i02EkBLYPm7KoVwLj0H5pBJoE51B52nSwDjAzYvXtGBCfcn377IJcNcyR x/A5M3hGR99rE37Jyzm2UOVISBcYqkMnAconrVErlrCEpFzO2RsqAAX4X0pcT9ixFFXj N9M1CdrPDPGNtbiw5JKcp5TeIEl9Mvy+gWdXuSmVFeUYJBzvY2/UZekB+xILvavm6DxW V4QRLHYy0VTE4ht3niJsVCEV8KZAFREN1sEAWYo9lcpbwvAoopeZugfmIzLNvviSwuyd OpKg== X-Forwarded-Encrypted: i=1; AJvYcCUe/3NbzXUdnaqa4yNW42Yxgv/rnGEC3O0tdummrgi6mLTgrvyMgTa7sp7SC57iCTZ5V7mNQtiYOr5P@nongnu.org X-Gm-Message-State: AOJu0Yy/COnuWuR9APPD2d5JA2Y69WbZEtyjnGglfTfMNYBKua5tWLat 2syQ3re2dfajP7ZEiNtYYVhLPRSUHLuCW48ZG6LEaNPze7KKUijmd16Et7BntsEOI2CHy0XbBeV +pX1Z7yMvaWwC0sk08ULjKXMryMvTlWRrsa7Ayu84eDriLtBzuCqsAsAL X-Gm-Gg: AY/fxX4zDqpTtDridVelrgqiLnTdBLBarcVt777TPn/m4pf+AfLHD5zduOZP+F+HsIT hS1EPVoEWn74XwJE9TU2JR9aBrWBLj2NkDMXZoHmFabzU5vNHTpynJgTeMgqONH1xmlYcqNFwem JhGpYRJ24R6Y6Q9BPUX9sx3A/lcgsW6kgHiY04xWOD3xDTpFCztRWRhKTcwI7CwKVG4eXjP+lcK i0+KQ8AZcIAgSZduUr0Wk2JH32MONWDeGvg74q6ZPUp/9GL2gxiM3yhqO8AvxX5FD7oZd/ubJ0k h45IAC2WQ+rukUMy0UwBtYdogG3jtsdwK80w7ZSNi/cbtvyvlsZiOdHqgB3k9mMZ7IEk8KPhH5Y I1h0GXvWAv7lMkyJWVIuH521nGJH4XvAbTUVMGeWiLxo= X-Received: by 2002:a05:6a21:6da1:b0:350:3436:68de with SMTP id adf61e73a8af0-3898f9ba491mr15321620637.53.1768224247831; Mon, 12 Jan 2026 05:24:07 -0800 (PST) X-Google-Smtp-Source: AGHT+IGOtkQ45tyb3QTZGZrDgFq0z0H3Qt+mAbmV6EBRPgB7nC3YcwaVegyFHgedWmQohGcEWT7WNg== X-Received: by 2002:a05:6a21:6da1:b0:350:3436:68de with SMTP id adf61e73a8af0-3898f9ba491mr15321596637.53.1768224247424; Mon, 12 Jan 2026 05:24:07 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Zhao Liu , Marcelo Tosatti Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 16/32] i386/sev: add migration blockers only once Date: Mon, 12 Jan 2026 18:52:29 +0530 Message-ID: <20260112132259.76855-17-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224329544158500 Content-Type: text/plain; charset="utf-8" sev_launch_finish() and sev_snp_launch_finish() could be called multiple ti= mes if the confidential guest is capable of being reset/rebooted. The migration blockers should not be added multiple times, once per invocation. This chan= ge makes sure that the migration blockers are added only one time by adding the migration blockers from sev instance init code which is called only once. Signed-off-by: Ani Sinha --- target/i386/sev.c | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/target/i386/sev.c b/target/i386/sev.c index fb5a3b5d77..c260c162b1 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -1421,11 +1421,6 @@ sev_launch_finish(SevCommonState *sev_common) } =20 sev_set_guest_state(sev_common, SEV_STATE_RUNNING); - - /* add migration blocker */ - error_setg(&sev_mig_blocker, - "SEV: Migration is not implemented"); - migrate_add_blocker(&sev_mig_blocker, &error_fatal); } =20 static int snp_launch_update_data(uint64_t gpa, void *hva, size_t len, @@ -1608,7 +1603,6 @@ static void sev_snp_launch_finish(SevCommonState *sev_common) { int ret, error; - Error *local_err =3D NULL; OvmfSevMetadata *metadata; SevLaunchUpdateData *data; SevSnpGuestState *sev_snp =3D SEV_SNP_GUEST(sev_common); @@ -1655,15 +1649,6 @@ sev_snp_launch_finish(SevCommonState *sev_common) =20 kvm_mark_guest_state_protected(); sev_set_guest_state(sev_common, SEV_STATE_RUNNING); - - /* add migration blocker */ - error_setg(&sev_mig_blocker, - "SEV-SNP: Migration is not implemented"); - ret =3D migrate_add_blocker(&sev_mig_blocker, &local_err); - if (local_err) { - error_report_err(local_err); - exit(1); - } } =20 =20 @@ -2764,6 +2749,11 @@ sev_common_instance_init(Object *obj) cgs->set_guest_policy =3D cgs_set_guest_policy; =20 QTAILQ_INIT(&sev_common->launch_vmsa); + + /* add migration blocker */ + error_setg(&sev_mig_blocker, + "SEV: Migration is not implemented"); + migrate_add_blocker(&sev_mig_blocker, &error_fatal); } =20 /* sev guest info common to sev/sev-es/sev-snp */ --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224530; cv=none; d=zohomail.com; s=zohoarc; b=E/yEjwIoIeDAxOyPGyafl/m1np54qGOQg+jDlhRp2leekP+WzbpdV0Qv9rQUr086bbLgr3M+OZyBkcx5OQ2qZbfurWuIliL3LdSIQyWr8D8Y7WLwV03NPem5RIznkqWjq5YH6iqCSJrcpSXIBiBsvE3SD4ARTl6lhyrvBWPCq3E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224530; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=PPSeElKfzh/NRDXE944Lw0xULTqcWEbvHtXeuMQwV5g=; b=enLn6bcjLnry/Aiuai9uLFJhYgz5jR2+4Fl3EXpi/eCWbMBM7JAj3nWSJq+vBMXqA6Y8QPBv8kVtGpJTJCFXTV1uoXITFT7yHhF10J+qVuSiM5sILuK1kos/vEt6wKkLzAwGwxABdN78rzCIPLcoYezkON/VWYzPKZoXpqZp2c8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224530688513.4086058634526; Mon, 12 Jan 2026 05:28:50 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuh-0004Z2-2o; Mon, 12 Jan 2026 08:24:56 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHu4-0003BA-Tk for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:24 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHu1-0003o7-DD for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:15 -0500 Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-210-mM1FbyCTMA-LeAPyL26WdA-1; Mon, 12 Jan 2026 08:24:11 -0500 Received: by mail-pg1-f199.google.com with SMTP id 41be03b00d2f7-c503d6be76fso7436143a12.0 for ; Mon, 12 Jan 2026 05:24:11 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224252; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PPSeElKfzh/NRDXE944Lw0xULTqcWEbvHtXeuMQwV5g=; b=EkQgP69PHYlwxxM98uTv4Yh6v1a1h+XR14Ndil3E8if4z12FSxFS6Oi/lhpxEUEV+JHhVk RCVeInIXDW2+ykRoN90CwH7fWttxA0c8URymAhNw3PzxmJXjoMz2PqOYClNK5DVit5jYuh PYQZgxFJ+YhJWUfZxh0fvyk9BPcyMSg= X-MC-Unique: mM1FbyCTMA-LeAPyL26WdA-1 X-Mimecast-MFC-AGG-ID: mM1FbyCTMA-LeAPyL26WdA_1768224250 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224250; x=1768829050; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=PPSeElKfzh/NRDXE944Lw0xULTqcWEbvHtXeuMQwV5g=; b=DuEy/P3e1FCHErr96CUJYODcf1A/V/VG9NEUJesOfxPoHr/HSSpr8kyRgIurpLE4HR hnYdFngewWE3IxiDUKCIDY/eDHUxN0qQSxmLl7HqWWoPpFWhlBJ+pSFSiZa4nQbh3eEN siE8Qa7XoIh+rQdQxABDbHlT74qW57TG1inx8Tw8hfcFm/+fExovh+MZWd3Pxk3RvKi5 YuP15P6QAv9x2O7u+iadvRAOtDvF/JWhMSM7Oe/0U105Owl/LqPk+yOF+FAKhiBDKoID CIFAiFtbaCEYb470MHHiL+AcU84J+f//BJ9EVl4dR34qoZe5KrL1Ui+2qtPP8TUqWF5S T+9g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224250; x=1768829050; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=PPSeElKfzh/NRDXE944Lw0xULTqcWEbvHtXeuMQwV5g=; b=eAbuEcbOyNRUhbVDK+U4mO5APC2rdCySs6ochLZ/6VYu4gUtaqvG+Dq42wUy11rjqv DznsPJj2wLy77xIx6pu5hO6MT+OLGGhXttzrxfJ3gzGw7C2r5bY/R2rJ7ejoq7MfFPtN /3dRK1Ue82xBVEuApRXNRBTiLvLO8D4pjfjk579vv7PYvUpZDB4Jh359VAnlMPybkeX/ BzhyznVjJZWHfpYWi46eXMuZ6SPMXZVPyrr/SPZA0s0rDLFtqY4FYNdDMHHG4a95T3fp +yjuH9VrMdWLSIts7X37zMvFPuiXNBtZ9NECgl81agdujPXUboJQt11zR8LcrizIQpfO o9vA== X-Forwarded-Encrypted: i=1; AJvYcCVbUfhe6k2FfBXbWp6BhjVndLmXhvbYMpANa1Kzt/WTGC0R4vXNGI0VVTTQvfZqxNoPt9FOwQkqIWYc@nongnu.org X-Gm-Message-State: AOJu0Yx9R9Pz+GQ/0VZgXFWPAEuU9mRU5Cb4yJLGSyHQDNkJnnrwAgMp LQjRBqxjWJYae8c1ubgrthK5Sq3vbrU8g9zLp8L/w0MHnZL9OnR/IC7OSr4KXzqnSHw5AuHcZGa sVhxCA9xfQ4+Neh/vJqXyjMFxgp6BJ7mDrWzPCVBZgDndMK0H3bgMEDAl X-Gm-Gg: AY/fxX4frJi/3PL+VjsMLUKjqTt0fS6uLqCGdL6sHdIpukXgIBG0p3jCvPkTHgQSOxH Az10SqtEGqCeIGiHTTZm/8m2nEY+Gf12Vj5pTyFKYjM7Od8j9Yj3b7rMG36QoKpdBT1/XzqMjYF Rum5G4/PCOXPrsLRRB/rlpCGRyqYifvlMJDccyN3DlSr/oNzT2Md9rYJVqlebOIrBCbBU3w18XV Q+fWQ39k7wXkilSYANs3YMxMd89Th3qyeBV102YmJxlx12BNQfM4x0nkB0ysWJ9zISIr5/XABwK O6y1aQDakSKSdGvRvxYwbzU+Wtiu8jeDTp2xM0IhCy8PEwVFI8C8cJXOkslqlICySMh0Fp10z0A a1B7dLJm/V+L6BS4tDMSmr1XQtHWxiSHhEQcTW1fT6JM= X-Received: by 2002:a05:6a20:2594:b0:364:37d:cc63 with SMTP id adf61e73a8af0-3898f9bc4dbmr15772909637.56.1768224250417; Mon, 12 Jan 2026 05:24:10 -0800 (PST) X-Google-Smtp-Source: AGHT+IEHSc15yFGfVcbI1IGjoSw9rY0EaQDSSheDs5+T0rgDFRDspsmetxS02pKHWpV8ityc5hwTUg== X-Received: by 2002:a05:6a20:2594:b0:364:37d:cc63 with SMTP id adf61e73a8af0-3898f9bc4dbmr15772894637.56.1768224250042; Mon, 12 Jan 2026 05:24:10 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Zhao Liu , Marcelo Tosatti Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 17/32] i386/sev: add notifiers only once Date: Mon, 12 Jan 2026 18:52:30 +0530 Message-ID: <20260112132259.76855-18-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224532495158500 Content-Type: text/plain; charset="utf-8" The vm state change notifier needs to be added only once and not every time upon sev state initialization. This is important when the SEV guest can be reset and the initialization needs to happen once per every reset. Therefor= e, move addition of vm state change notifier to sev_common_instance_init() as = its called only once. Signed-off-by: Ani Sinha --- target/i386/sev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/target/i386/sev.c b/target/i386/sev.c index c260c162b1..cb2213a32a 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -1917,8 +1917,6 @@ static int sev_common_kvm_init(ConfidentialGuestSuppo= rt *cgs, Error **errp) return -1; } =20 - qemu_add_vm_change_state_handler(sev_vm_state_change, sev_common); - cgs->ready =3D true; =20 return 0; @@ -2754,6 +2752,8 @@ sev_common_instance_init(Object *obj) error_setg(&sev_mig_blocker, "SEV: Migration is not implemented"); migrate_add_blocker(&sev_mig_blocker, &error_fatal); + + qemu_add_vm_change_state_handler(sev_vm_state_change, sev_common); } =20 /* sev guest info common to sev/sev-es/sev-snp */ --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224411; cv=none; d=zohomail.com; s=zohoarc; b=PTA2E18S9+4gxjN5xI35mRuu+0LJuLWaCr9CYNbM0ELnYl5gFw47ncsaLoYiVEKPuQqhIER0hLIBjD+eubdf4TH3KaYW3rhESraoTSs54gJxyauzIi5fEiJnAcZiaCIWWrYrMUTybKpx+jZzy+zio4EKWqpjwtJ3nhDN7ivNgAc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224411; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=WbSNbKmTexfLzSNcOAGGTpME53mT2JoY4BGZ0NYwZQc=; b=Lm25MS+es3AD4A3cMuK+XdgsSeLRZYYMHQ3+SM5sTgD3frYFahqRkWWQektjyoJuffzXYzSvQdQlUi9BXe6oPmgGtUCKjRFTuFi1rLQSaxi2Bo7O4/LMhp06fIm9VTb10OVRPkjDGojs3kTdBa7gPMLH0ni/yzVmSSlbZ0/r3OA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224411336291.85452192765524; Mon, 12 Jan 2026 05:26:51 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuu-0004qV-Vv; Mon, 12 Jan 2026 08:25:10 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHu6-0003BH-PA for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:24 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHu4-0003ox-Lu for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:17 -0500 Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com [209.85.215.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-642-Wd_8y5h1OCKo3BuVz-tC3A-1; Mon, 12 Jan 2026 08:24:14 -0500 Received: by mail-pg1-f197.google.com with SMTP id 41be03b00d2f7-c552d1f9eafso4718921a12.0 for ; Mon, 12 Jan 2026 05:24:14 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224255; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WbSNbKmTexfLzSNcOAGGTpME53mT2JoY4BGZ0NYwZQc=; b=bwChIUKkrWQyCCfRt3j16+QwZOY4VEvboD5JUNNpeIZ0No8EDpz6in5Z8sGVhqUw1cJcbS krDBOxuMRdImbjJcL/Qu/nKT+Q8SLYjvolNPScuqDniEPY9tiIys800WuWbodTjhj1r7GY 95u+uby2QLjft3Feca65qHJmXTyJ6Nw= X-MC-Unique: Wd_8y5h1OCKo3BuVz-tC3A-1 X-Mimecast-MFC-AGG-ID: Wd_8y5h1OCKo3BuVz-tC3A_1768224253 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224253; x=1768829053; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=WbSNbKmTexfLzSNcOAGGTpME53mT2JoY4BGZ0NYwZQc=; b=n+QMuH7QGWI4PufVCdVl6Gkb3v6ENx9th2gGQUvWxOfl3SN+Wfs49JjMB1VzfEQjeB VNn6rz5Tcm0msQpVEEokeU7WEXhYfabaVpEqbDAC3AcWhF6w10/Itud1CHPUiCl/YdhT /xSFf+rtyCgHTtigb0F664E+0zsXhldKAJiJL/iTMqjr2p/JvZ7n4pBTB2PYFmdW5pof 3viSk6s9kM7HArrWHWDGOJbUuGP2u5GVMHTVtCPsQjDC3HKXOIMsq0jPnTmpG9Mcm+X2 3ow753tCLruV+bEAWf+CfUM+Ory0iighFbNmMg7UxZjLfKVkpy6OWcQORv2AedX2n+xW TOig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224253; x=1768829053; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=WbSNbKmTexfLzSNcOAGGTpME53mT2JoY4BGZ0NYwZQc=; b=aW6sO4bH9An64y/KTXvP4YW070igKambizKZ1TZ8JJnqhyt4Wmjkxo8eL3rvyoU+X+ gI1dJVuvSQpCh3A9ss0JgPMQ2UEhHBDu+gCmTbXyoM1gsWfHT6/B9EhCK/AE8/vWdvRX n5yzXyUMptxDU2Mgh/41ANVjl/l3OdzgUXuweR62eEmjhVBChOb4K4eyqlo11gUd6vJz XDuVGnQ3qPHHJJSu8OUa9LNHKQh87METqgEX5Cw+To9u70ct0srIcJY1fGJs8kqQinmk RXcdcBU0ABVORsRekSfwFA2jN2SBwRzG2Q1EW4hXL/UkVC0zYsWxzPEzEnWrSUHqo26E ltcA== X-Forwarded-Encrypted: i=1; AJvYcCWj+S1lA1VCK+EqUIOzT2QYGt+7sqdR2toUbB8RIrxlPcr0BlO7UMmk3oYVuDXfe787Z/ZSjUV9ZNGe@nongnu.org X-Gm-Message-State: AOJu0Yw+xhxl1CE3rZwCByXSHAZVhlYmPbpB9hl2pmQwui2K07hpmf2i eNHX/5TIB/LdGjJpsxPdThXBZVo/m76ScN1sPDPl2hbbERAIINku7Rh3wKNzATNvIZhcrb0QB3A VqtEVtcEejqlrJjEvD7vCoi0FzvlY8LEWqis5PinHEHmkShhDkm59lvKq X-Gm-Gg: AY/fxX7RWPZDpq//UW11nibv/V4hrKwTdnmSuFTOcOHrErLLiQeJs10QVskD90tWy2R Nxo9KRduBHy/YiMAxiEUe32ByyHmvV3ICHS5OKEHhM+wN10oNc5EzQsbvgd84x5B9RlocmjhxLJ b/mBllMNdzuOxQvqcBoDBI6sSTiOBaYE9tyhfBI0eWn1kKGyEK7ntnE0dq27D6ITaZ+hh/rn89w KMbvvbKHZYGDBAi/dCHN7lBLGWpHvUypZrMzAZrHwQm9R3KxVfQ5YClZR2O83HulBch45eQzb8r DisZOzcA/FohY7LBZnQHbuTDxYvYuCroPRY2RGWedmhWxdkL7xacHvk/0xxN8h5WhlpOp/7Wk9i 5uldsHvAyAjtl8TGdtN7RAneZCT895eFiHtQH5kMHmXI= X-Received: by 2002:a05:6a21:3381:b0:35e:b995:7098 with SMTP id adf61e73a8af0-3898f8d0267mr15548747637.9.1768224253121; Mon, 12 Jan 2026 05:24:13 -0800 (PST) X-Google-Smtp-Source: AGHT+IH2OK+gMC6fAaYfSLI0gqpQ6KfWfNIPVV4x1e2pkcK2ja8trgOCdiiDYappareAuAFJ5KU3LQ== X-Received: by 2002:a05:6a21:3381:b0:35e:b995:7098 with SMTP id adf61e73a8af0-3898f8d0267mr15548727637.9.1768224252679; Mon, 12 Jan 2026 05:24:12 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti , Zhao Liu Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 18/32] i386/sev: free existing launch update data and kernel hashes data on init Date: Mon, 12 Jan 2026 18:52:31 +0530 Message-ID: <20260112132259.76855-19-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224411947158500 Content-Type: text/plain; charset="utf-8" If there is existing launch update data and kernel hashes data, they need t= o be freed when initialization code is executed. This is important for resettable confidential guests where the initialization happens once every reset. Signed-off-by: Ani Sinha --- target/i386/sev.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/target/i386/sev.c b/target/i386/sev.c index cb2213a32a..d7425dde96 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -1768,6 +1768,7 @@ static int sev_common_kvm_init(ConfidentialGuestSuppo= rt *cgs, Error **errp) uint32_t ebx; uint32_t host_cbitpos; struct sev_user_data_status status =3D {}; + SevLaunchUpdateData *data, *next_elm; SevCommonState *sev_common =3D SEV_COMMON(cgs); SevCommonStateClass *klass =3D SEV_COMMON_GET_CLASS(cgs); X86ConfidentialGuestClass *x86_klass =3D @@ -1775,6 +1776,11 @@ static int sev_common_kvm_init(ConfidentialGuestSupp= ort *cgs, Error **errp) =20 sev_common->state =3D SEV_STATE_UNINIT; =20 + /* free existing launch update data if any */ + QTAILQ_FOREACH_SAFE(data, &launch_update, next, next_elm) { + g_free(data); + } + host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL); host_cbitpos =3D ebx & 0x3f; =20 @@ -1961,6 +1967,8 @@ static int sev_snp_kvm_init(ConfidentialGuestSupport = *cgs, Error **errp) { MachineState *ms =3D MACHINE(qdev_get_machine()); X86MachineState *x86ms =3D X86_MACHINE(ms); + SevCommonState *sev_common =3D SEV_COMMON(cgs); + SevSnpGuestState *sev_snp_guest =3D SEV_SNP_GUEST(sev_common); =20 if (x86ms->smm =3D=3D ON_OFF_AUTO_AUTO) { x86ms->smm =3D ON_OFF_AUTO_OFF; @@ -1969,6 +1977,10 @@ static int sev_snp_kvm_init(ConfidentialGuestSupport= *cgs, Error **errp) return -1; } =20 + /* free existing kernel hashes data if any */ + g_free(sev_snp_guest->kernel_hashes_data); + sev_snp_guest->kernel_hashes_data =3D NULL; + return 0; } =20 --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224676; cv=none; d=zohomail.com; s=zohoarc; b=nqUSndEVnjED0lWb5TzP+t7Qlp/aHmgqjoEcCOfwIzFMQ8YtYAcYwEndn0pIJQ7oSPvLax0D4VTFC8Ma1n6lxUMyD6eS+zHXosTvTn/Is4AwInQVPcLK/+XDdR9HvVGf0T3d8BCs/L8Pv3iL1wE2fc+BzZ47dFWo76+FcnHFRa4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224676; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=/Xl2NZDHarHkXqS5yrKrfSXN4c45GQhJC2FoUsQnchs=; b=ed/ydS0WAZaIHY5Ayf8yOVACXYSgXTpRI+qpnKeHyvOnNPKSISKJPY45kN4sDL18q6AyXlotpBj/iOyPaLq/9HiTkuaZIzWcnPo0T0MRfrHz4Dy7IEG2bQFrrsF2pdRyD1eAHaFL4+dpw1rHomgo9aFceyv7wfpVeqQZ3JbD2p4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 17682246763081023.1534586893578; Mon, 12 Jan 2026 05:31:16 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuL-0003m5-6Y; Mon, 12 Jan 2026 08:24:33 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuC-0003Hm-DQ for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:26 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuA-0003pZ-9n for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:23 -0500 Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com [209.85.216.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-325-UcPZHL8rMjqjQ32rrMXqGQ-1; Mon, 12 Jan 2026 08:24:17 -0500 Received: by mail-pj1-f70.google.com with SMTP id 98e67ed59e1d1-34c37b8dc4fso12168641a91.2 for ; Mon, 12 Jan 2026 05:24:16 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224260; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/Xl2NZDHarHkXqS5yrKrfSXN4c45GQhJC2FoUsQnchs=; b=al0S5g+BAd6PtHUYUtUhnuEtq6hgRHZ4b0/p/tf58NzWxhGvVxuwTqzz9637iQ0bFjXlzi PyfzqwEbvgi4qehrl6z/JOC3N6JoDKlNp5Y0qghSlO2H44z3o+l20FpXZX2KyZs3sdXHih DGsATlgucwUtX+MrC9Xz7jOaFUQDwJk= X-MC-Unique: UcPZHL8rMjqjQ32rrMXqGQ-1 X-Mimecast-MFC-AGG-ID: UcPZHL8rMjqjQ32rrMXqGQ_1768224256 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224256; x=1768829056; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/Xl2NZDHarHkXqS5yrKrfSXN4c45GQhJC2FoUsQnchs=; b=YS+h+uFUq6RWQSjFqCmH8ixDr1BVLg2779ncLrppIfG2miHOtWo+l1UoJQzmIUmhNt qWTmriJS+dKeGDeX52TruKU0pNhz2w/v9NVPZiaxTZyxgpYEEMF1NCK21e+zpiDHX7cX xBiL7kMn/rMFGy3vKZZJH4MBZHtyBaDzGigSdHKUg09OAZQiXVh4t9zamtBmMAb4/VgL 3HmyKWgCFv4yZNN5Z+gxbNo8OGLAvOfYY9DjhmUUVNQQq/NHVPBiSE3zLiWOTwN3F4MS BtICRGlTgtde3xDfbCE/9mSR83ZWquUBjDjifWvwmK5SeGE0rDmGjHtZDLJ9AYK73wLa DRPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224256; x=1768829056; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=/Xl2NZDHarHkXqS5yrKrfSXN4c45GQhJC2FoUsQnchs=; b=YVnE8CrfR3rGYNcYn63AFaurY5yC6YHBTsB1F12M2ThKswsnzIA44q+HBtY2M+7S0U YG4cXeP7zI07lzS9hy2kPGiKFLB7FlAsNcVYfQy3+sP6tvoPD66BaEzmjMoFo6OXdqd+ I89NDlR7/IhvwzRCAf/sPk7/NWXwIR5Wxz0xbXMAhEmHlktq7Nx4EXDz+M/RfQFi5bzx mP7T56mQHAm80/hCZkLFjjGuKu/SjF+UqKA6iyji2m/Y9vP5LDZW1ASGL1+q7jmyJ6Dz rfdOd+A3kNvvHMGexRIVRDn3j0qr33dfB9Anup7i2qINRrB4mvjBoCiTsIzKx71vWyb5 pLDQ== X-Forwarded-Encrypted: i=1; AJvYcCXTP4dyJm4h1tKBVWbxQ+XuqRXiq3mAy+3fvq8Ceb47/dMpra+3Hq/GaJnPpUtiqB5ySSB0MKQmQ/VH@nongnu.org X-Gm-Message-State: AOJu0YzUjRMRER81/ktpER9k9Vn29qtgcBqr3zsCZby0f+RTaSe5y4X/ P/u97S0C86Wh9k13F5QzVsQcZYFL/GU161Wq0Cji+fIk6irfkMjGQ0bJ8zKE7HowL5gabBb2xBt HxmVM4V11CI9JpSKPyh8PqvkenfppDII47tSckiSSGR5tSrqqYMADh+13 X-Gm-Gg: AY/fxX6M3uj5A4DNh8Wm4Q7Pepnxdx/Ab13XAVqPVUqpK3Hb+eTL5ABm73kO/sjf2ak +j7cXRlnDdEX9powNa3ZILsyF+zM+0WDpSN8Xd2ruMF1qTJzGBIyW+/uVjNHFDMS+ozh/7j2gqr dKLfCZxXajfM2fjdt+S3/uRJitkVdb4ZTNEjvWRAHIIpmpbq6P0n+HnD9Lb3zK+fvsxyqVTjY6v iwQWt7D2je170SUOUlbhMNEUIgZy0P/PuJRwEJUqFW9cbkdDLqv9AMjo8yoJAPjAcHz/b6kHnZV ffh5P2L0klAZMagmRMNdLQe+3tFgUcQhVaj5Mij6iUM25eIMD8FTvTOjhS17/ZNLfVA2IOfZJK4 i6fgXjoC6WRn8Zhn5qT2uvtcoD1CxZRrGrTrJLi9SVN8= X-Received: by 2002:a05:6a21:3389:b0:364:13e1:10f0 with SMTP id adf61e73a8af0-3898f990467mr15895550637.48.1768224255806; Mon, 12 Jan 2026 05:24:15 -0800 (PST) X-Google-Smtp-Source: AGHT+IHkV+5Pj+vPwdorDJk/3GEPIk0RVkmzj9pSTKP97TxM+k+HNRr4FYBWDj0fQukT5a54s7G7qw== X-Received: by 2002:a05:6a21:3389:b0:364:13e1:10f0 with SMTP id adf61e73a8af0-3898f990467mr15895534637.48.1768224255391; Mon, 12 Jan 2026 05:24:15 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti , Zhao Liu Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 19/32] i386/sev: add support for confidential guest reset Date: Mon, 12 Jan 2026 18:52:32 +0530 Message-ID: <20260112132259.76855-20-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224677383158500 Content-Type: text/plain; charset="utf-8" When the KVM VM file descriptor changes as a part of the confidential guest reset mechanism, it necessary to create a new confidential guest context and re-encrypt the VM memeory. This happens for SEV-ES and SEV-SNP virtual mach= ines as a part of SEV_LAUNCH_FINISH, SEV_SNP_LAUNCH_FINISH operations. A new resettable interface for SEV module has been added. A new reset callb= ack for the reset 'exit' state has been implemented to perform the above operat= ions when the VM file descriptor has changed during VM reset. Tracepoints has been added also for tracing purpose. Signed-off-by: Ani Sinha --- target/i386/sev.c | 52 ++++++++++++++++++++++++++++++++++++++++ target/i386/trace-events | 1 + 2 files changed, 53 insertions(+) diff --git a/target/i386/sev.c b/target/i386/sev.c index d7425dde96..d45356843c 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -30,8 +30,10 @@ #include "system/kvm.h" #include "kvm/kvm_i386.h" #include "sev.h" +#include "system/cpus.h" #include "system/system.h" #include "system/runstate.h" +#include "system/reset.h" #include "trace.h" #include "migration/blocker.h" #include "qom/object.h" @@ -85,6 +87,10 @@ typedef struct QEMU_PACKED PaddedSevHashTable { uint8_t padding[ROUND_UP(sizeof(SevHashTable), 16) - sizeof(SevHashTab= le)]; } PaddedSevHashTable; =20 +static void sev_handle_reset(Object *obj, ResetType type); + +SevKernelLoaderContext sev_load_ctx =3D {}; + QEMU_BUILD_BUG_ON(sizeof(PaddedSevHashTable) % 16 !=3D 0); =20 #define SEV_INFO_BLOCK_GUID "00f771de-1a7e-4fcb-890e-68c77e2fb44e" @@ -128,6 +134,7 @@ struct SevCommonState { uint8_t build_id; int sev_fd; SevState state; + ResettableState reset_state; =20 QTAILQ_HEAD(, SevLaunchVmsa) launch_vmsa; }; @@ -1984,6 +1991,38 @@ static int sev_snp_kvm_init(ConfidentialGuestSupport= *cgs, Error **errp) return 0; } =20 +/* + * handle sev vm reset + */ +static void sev_handle_reset(Object *obj, ResetType type) +{ + SevCommonState *sev_common =3D SEV_COMMON(MACHINE(qdev_get_machine())-= >cgs); + SevCommonStateClass *klass =3D SEV_COMMON_GET_CLASS(sev_common); + + if (!sev_common) { + return; + } + + if (!runstate_is_running()) { + return; + } + + sev_add_kernel_loader_hashes(&sev_load_ctx, &error_fatal); + if (!sev_check_state(sev_common, SEV_STATE_RUNNING)) { + /* this calls sev_snp_launch_finish() etc */ + klass->launch_finish(sev_common); + } + + trace_sev_handle_reset(); + return; +} + +static ResettableState *sev_reset_state(Object *obj) +{ + SevCommonState *sev_common =3D SEV_COMMON(obj); + return &sev_common->reset_state; +} + int sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp) { @@ -2462,6 +2501,8 @@ bool sev_add_kernel_loader_hashes(SevKernelLoaderCont= ext *ctx, Error **errp) return false; } =20 + /* save the context here so that it can be re-used when vm is reset */ + memcpy(&sev_load_ctx, ctx, sizeof(*ctx)); return klass->build_kernel_loader_hashes(sev_common, area, ctx, errp); } =20 @@ -2722,8 +2763,16 @@ static void sev_common_class_init(ObjectClass *oc, const void *data) { ConfidentialGuestSupportClass *klass =3D CONFIDENTIAL_GUEST_SUPPORT_CL= ASS(oc); + ResettableClass *rc =3D RESETTABLE_CLASS(oc); =20 klass->kvm_init =3D sev_common_kvm_init; + /* + * the exit phase makes sure sev handles reset after all legacy resets + * have taken place (in the hold phase) and IGVM has also properly + * set up the boot state. + */ + rc->phases.exit =3D sev_handle_reset; + rc->get_state =3D sev_reset_state; =20 object_class_property_add_str(oc, "sev-device", sev_common_get_sev_device, @@ -2758,6 +2807,8 @@ sev_common_instance_init(Object *obj) cgs->get_mem_map_entry =3D cgs_get_mem_map_entry; cgs->set_guest_policy =3D cgs_set_guest_policy; =20 + qemu_register_resettable(OBJECT(sev_common)); + QTAILQ_INIT(&sev_common->launch_vmsa); =20 /* add migration blocker */ @@ -2779,6 +2830,7 @@ static const TypeInfo sev_common_info =3D { .abstract =3D true, .interfaces =3D (const InterfaceInfo[]) { { TYPE_USER_CREATABLE }, + { TYPE_RESETTABLE_INTERFACE }, { } } }; diff --git a/target/i386/trace-events b/target/i386/trace-events index 51301673f0..b320f655ee 100644 --- a/target/i386/trace-events +++ b/target/i386/trace-events @@ -14,3 +14,4 @@ kvm_sev_attestation_report(const char *mnonce, const char= *data) "mnonce %s data kvm_sev_snp_launch_start(uint64_t policy, char *gosvw) "policy 0x%" PRIx64= " gosvw %s" kvm_sev_snp_launch_update(uint64_t src, uint64_t gpa, uint64_t len, const = char *type) "src 0x%" PRIx64 " gpa 0x%" PRIx64 " len 0x%" PRIx64 " (%s page= )" kvm_sev_snp_launch_finish(char *id_block, char *id_auth, char *host_data) = "id_block %s id_auth %s host_data %s" +sev_handle_reset(void) "" --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224698; cv=none; d=zohomail.com; s=zohoarc; b=gqUOpG2fi+PRzcTp1kW1lUrDb17BB6c6b3EEfvddiHNrx1SBWUzQmtn1EFEFoRdADzP5r+3j35U1LJnXBtQ0ErJH+KY+4xI3TkcmUpC3V8/BCO9TizOLaMAMJTXGCdEofBGiezvaNyub5NiI41PEAVa6GS/aSzgOtRlfJdrnhQ0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224698; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=6OtKMk9EaJvQRZjpWzq5Qg2vzLO4X9cnNIqDadzvcaI=; b=IhU/krKe2cSu4ZkwrnhYCyU7pyd4wUHpcI7mpj75RSEmzK7VIyew66q3nOJCaCn0LZnPLgumVVBVFzdFbYd8BaciXgw8SmL/5BopMTyCHIgLd57go59tP1A70Xzpon1l/6SG9frH4Bfjm9gzPbU7/BZlraqrPN+2daKmzTY+RS0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224698355759.8050868277055; Mon, 12 Jan 2026 05:31:38 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuI-0003YN-L1; Mon, 12 Jan 2026 08:24:30 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuC-0003Hl-DA for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:26 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuA-0003pg-A7 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:23 -0500 Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-690-lH8XLLOUP3KRX0rTN-Y89A-1; Mon, 12 Jan 2026 08:24:19 -0500 Received: by mail-pf1-f197.google.com with SMTP id d2e1a72fcca58-81d9b88caf2so2205078b3a.1 for ; Mon, 12 Jan 2026 05:24:19 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224260; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6OtKMk9EaJvQRZjpWzq5Qg2vzLO4X9cnNIqDadzvcaI=; b=VzmiL5sVpTTA6m0Ritr8ldGCibXyTM//BgGxvNL/u2BayF5oJ3VyAF5NyeZJNZ4Dwng230 /3g98Bvf0i5ABeISQwyZ7WMDKbcf6H+oBnVy4XcnylS/62BbBl8UtGO8Y7VXgo80z1hcDB 4WhNqYFBfA28MxSnI1pmACQ+Ycp2SGU= X-MC-Unique: lH8XLLOUP3KRX0rTN-Y89A-1 X-Mimecast-MFC-AGG-ID: lH8XLLOUP3KRX0rTN-Y89A_1768224258 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224258; x=1768829058; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=6OtKMk9EaJvQRZjpWzq5Qg2vzLO4X9cnNIqDadzvcaI=; b=K7Yg46V+TwWMr3dHXeJPiu1uNOqtdyn0tViqfeDOuWTMyAjgApPC2w3nILyQygRB7P y3M/vCarOw+eg9kmjoT973WTalhxCK3XjDWuPovSOtia10bDOcjkM+EOd11KDp9k2YMO JBwzB5s+p5HzGvM1Af4G2wLBOIHavJBZgU80IReSAWkYzirhboAbUhh7soT/ZoiT9fHs ++QCuAR4RBTLusE87Q3JfGVmASsTd4EmIKgfxqmQnMx6SDWOmJZo5vq7yNjynf00lwnv dsTSHXqLqrWSQzW2uTXAeeb0hr2Iv2U7eRws4dWRrxgHPN9AQiursIvtpluKX+WiYX7m vv/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224258; x=1768829058; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=6OtKMk9EaJvQRZjpWzq5Qg2vzLO4X9cnNIqDadzvcaI=; b=u1HeITBsFxDnWs0jW/yXU7n8Z9pGQBYtWsXceK7mqC+uMuWhO8hRQRj0XLELBPAhO4 rLLqM81xtqtfwZowBV5sp8qvOAN0tfYrN4V24+ZlSY4TZ0t7d7Q1CcWAxEbLQW01ZpnK ILzpYV4Gll+P2j0uEV02qz2VkRdHSC8/SDmrNgxQY0AYDwynD7HDbJlaf/cB5CtMcm32 Nglzf+ME+ikBkkoFTY8580Db7ZM5SgbQEdwSjaRqRSEELgVB5q/V7B6uQtPIFzgr/PUs NWSNfh5JvqQR9ajVpV0Fdx9ao8r+KP9srm8Biac5mcn54GVXJ/u7vVnhitVEEqZhtYeL JSvA== X-Forwarded-Encrypted: i=1; AJvYcCWdpxp6H+59Gr1bEcbctH9Mn/T/5225IHDYn3sP8tUUp/ESj1VqViafBtNTiT+l8zkiETI9vw6AdUC0@nongnu.org X-Gm-Message-State: AOJu0Yw7ZPCpPQEdY9Oo5fJjrBSfuf2RJCo/R8xViHo3BjtIraI/dwX9 Za5hI7RIyDii6Yl0Tz5WV64W/APjPtk9FIigmLnXaRgVQ1ff/ny6ZmaI7ec/dUF9mClEWAPlP7W yx0kAFj+adWlMqPJOQc/NfMoY6UaS4yoHPBwGnx/DmUcs2OYkofW4W6wp X-Gm-Gg: AY/fxX7A9BP0t5BP0D5C+7/gl9P+Gi183p48MP5WjVgRu6gHTtdbgaL7bNkggcoSaIy CrFenUlno5giDSitEEBPBck+bM0xLL+iM0Rsio07ayLBCogEa07V2gRp+2a3XBkkPFKThonYH0a CDj0teRre06MfmKx8DNBttH0t5XrZBJ+zpC9vdfJlR9kHzmqJ0nL0NJbbQ2nrhz7V5rJ5U8b14M 3fA2iVPXhnKTrECPemj2N79htTYkQaLIPHe/yshbbZjaoKyL3wDAoGkj4E3lzvJso8b5LgNYLN6 8BWqPws9T8OWxgOgjDs+vz9O7HhJ1E6EzHjsTsJ7LrxshgA+CPC+BlPO5JbHDsL1ZLWeBiBn9VY 3xQSPs4vYCNso+YanjEC2WlN27BH/a23rnrQ+f3aL/YQ= X-Received: by 2002:a05:6a20:3d90:b0:35d:8c8:8acb with SMTP id adf61e73a8af0-3898f91d382mr16603515637.26.1768224258090; Mon, 12 Jan 2026 05:24:18 -0800 (PST) X-Google-Smtp-Source: AGHT+IGhzrY1phT29OQoOheEzpgNYe4FyCFGf8cnMiStfGsug2rXDA6rI70z4oy24F7ghntE0gjGnw== X-Received: by 2002:a05:6a20:3d90:b0:35d:8c8:8acb with SMTP id adf61e73a8af0-3898f91d382mr16603495637.26.1768224257587; Mon, 12 Jan 2026 05:24:17 -0800 (PST) From: Ani Sinha To: Alex Williamson , =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 20/32] hw/vfio: generate new file fd for pseudo device and rebind existing descriptors Date: Mon, 12 Jan 2026 18:52:33 +0530 Message-ID: <20260112132259.76855-21-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224699651158500 Content-Type: text/plain; charset="utf-8" Normally the vfio pseudo device file descriptor lives for the life of the V= M. However, when the kvm VM file descriptor changes, a new file descriptor for the pseudo device needs to be generated against the new kvm VM descript= or. Other existing vfio descriptors needs to be reattached to the new pseudo de= vice descriptor. This change performs the above steps. Signed-off-by: Ani Sinha --- hw/vfio/helpers.c | 81 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 78 insertions(+), 3 deletions(-) diff --git a/hw/vfio/helpers.c b/hw/vfio/helpers.c index c595f860ce..ab13cddfc2 100644 --- a/hw/vfio/helpers.c +++ b/hw/vfio/helpers.c @@ -110,12 +110,66 @@ bool vfio_get_info_dma_avail(struct vfio_iommu_type1_= info *info, #ifdef CONFIG_KVM /* * We have a single VFIO pseudo device per KVM VM. Once created it lives - * for the life of the VM. Closing the file descriptor only drops our - * reference to it and the device's reference to kvm. Therefore once - * initialized, this file descriptor is only released on QEMU exit and + * for the life of the VM except when the vm file descriptor changes for + * confidential virtual machines. In that case, the old file descriptor is + * closed and a new file descriptor is recreated. Closing the file descri= ptor + * only drops our reference to it and the device's reference to kvm. + * Therefore once initialized, this file descriptor is normally only relea= sed + * on QEMU exit (except for confidential VMs as stated above) and * we'll re-use it should another vfio device be attached before then. */ int vfio_kvm_device_fd =3D -1; + +typedef struct KVMVfioFileFd { + int fd; + QLIST_ENTRY(KVMVfioFileFd) node; +} KVMVfioFileFd; + +static QLIST_HEAD(, KVMVfioFileFd) kvm_vfio_file_fds =3D + QLIST_HEAD_INITIALIZER(kvm_vfio_file_fds); + +static int kvm_vfio_filefd_rebind(NotifierWithReturn *notifier, void *data, + Error **errp); +static struct NotifierWithReturn kvm_vfio_vmfd_change_notifier =3D { + .notify =3D kvm_vfio_filefd_rebind, +}; + +static int kvm_vfio_filefd_rebind(NotifierWithReturn *notifier, void *data, + Error **errp) +{ + KVMVfioFileFd *file_fd; + int ret =3D 0; + struct kvm_device_attr attr =3D { + .group =3D KVM_DEV_VFIO_FILE, + .attr =3D KVM_DEV_VFIO_FILE_ADD, + }; + struct kvm_create_device cd =3D { + .type =3D KVM_DEV_TYPE_VFIO, + }; + + if (kvm_vm_ioctl(kvm_state, KVM_CREATE_DEVICE, &cd)) { + error_setg_errno(errp, errno, "Failed to create KVM VFIO device"); + return -errno; + } + + if (vfio_kvm_device_fd) { + close(vfio_kvm_device_fd); + } + + vfio_kvm_device_fd =3D cd.fd; + + QLIST_FOREACH(file_fd, &kvm_vfio_file_fds, node) { + attr.addr =3D (uint64_t)(unsigned long)&file_fd->fd; + if (ioctl(vfio_kvm_device_fd, KVM_SET_DEVICE_ATTR, &attr)) { + error_setg_errno(errp, errno, + "Failed to add fd %d to KVM VFIO device", + file_fd->fd); + ret =3D -errno; + } + } + return ret; +} + #endif =20 void vfio_kvm_device_close(void) @@ -137,6 +191,7 @@ int vfio_kvm_device_add_fd(int fd, Error **errp) .attr =3D KVM_DEV_VFIO_FILE_ADD, .addr =3D (uint64_t)(unsigned long)&fd, }; + KVMVfioFileFd *file_fd; =20 if (!kvm_enabled()) { return 0; @@ -153,6 +208,11 @@ int vfio_kvm_device_add_fd(int fd, Error **errp) } =20 vfio_kvm_device_fd =3D cd.fd; + /* + * If the vm file descriptor changes, add a notifier so that we can + * re-create the vfio_kvm_device_fd. + */ + kvm_vmfd_add_change_notifier(&kvm_vfio_vmfd_change_notifier); } =20 if (ioctl(vfio_kvm_device_fd, KVM_SET_DEVICE_ATTR, &attr)) { @@ -160,6 +220,11 @@ int vfio_kvm_device_add_fd(int fd, Error **errp) fd); return -errno; } + + file_fd =3D g_malloc0(sizeof(*file_fd)); + file_fd->fd =3D fd; + QLIST_INSERT_HEAD(&kvm_vfio_file_fds, file_fd, node); + #endif return 0; } @@ -172,6 +237,7 @@ int vfio_kvm_device_del_fd(int fd, Error **errp) .attr =3D KVM_DEV_VFIO_FILE_DEL, .addr =3D (uint64_t)(unsigned long)&fd, }; + KVMVfioFileFd *file_fd; =20 if (vfio_kvm_device_fd < 0) { error_setg(errp, "KVM VFIO device isn't created yet"); @@ -183,6 +249,15 @@ int vfio_kvm_device_del_fd(int fd, Error **errp) "Failed to remove fd %d from KVM VFIO device", fd= ); return -errno; } + + QLIST_FOREACH(file_fd, &kvm_vfio_file_fds, node) { + if (file_fd->fd =3D=3D fd) { + QLIST_REMOVE(file_fd, node); + g_free(file_fd); + break; + } + } + #endif return 0; } --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224672; cv=none; d=zohomail.com; s=zohoarc; b=AxtlisAPgqpb/oaAXbEkWBAHVF+mv+YsEuyXe8Lr3HcfDT2tCxidx6r1RRe+jX97m2hafP19b7aQqA8wotxYgmDU2ggpDSQEtlXuiDR9n0aBgMIP4CpUUIL1DTmoEh5cZ2oKHhBGh4u4UC6j/yDCN4HA2be6GDbHuyEVZrsZ7Lw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224672; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=UZjupKNTcRQ4mvrXCw54dQwnzt6+1apWExSeFIvKWxA=; b=AH7AHayLLU0gQY+ZKUZxWmCFpvCjiDFTNxrD0zJSSrp0RbhV3ypB+EP8mCAtMx3xygQWmilq6AcZU0e+ge2Yd2mTEfRVuNkYTmC+5cGqPcTZObo+gV86a3z3PWXhvbrwauZ38oKtFgzbavGQFn2fzO6dIwKaMA4pkjaVPjGeqP4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 176822467246050.0987023386208; Mon, 12 Jan 2026 05:31:12 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuT-0004BC-5r; Mon, 12 Jan 2026 08:24:42 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuG-0003PQ-MX for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:28 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuC-0003pw-64 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:27 -0500 Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com [209.85.215.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-318-wrKA5dj7MSe0ZRyBy19qrg-1; Mon, 12 Jan 2026 08:24:21 -0500 Received: by mail-pg1-f200.google.com with SMTP id 41be03b00d2f7-c5539b9adbcso4785863a12.3 for ; Mon, 12 Jan 2026 05:24:21 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224263; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=UZjupKNTcRQ4mvrXCw54dQwnzt6+1apWExSeFIvKWxA=; b=cUwgn/K3tQZc5po2fSIJco/Ztk2QsB2Ua/zy7OM4NqMDG56OomJ1mSYmeuN/3JGDp6Lj7P cNQQrzCFmWvH8cbB4sW8MNlcaXLEgJrT7STXCKTHWNlEamViCPFhoCZTL8TzOTIJBJbRgw nU3g5UrP2n9jOIFozOkKosmeU5msML4= X-MC-Unique: wrKA5dj7MSe0ZRyBy19qrg-1 X-Mimecast-MFC-AGG-ID: wrKA5dj7MSe0ZRyBy19qrg_1768224261 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224261; x=1768829061; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=UZjupKNTcRQ4mvrXCw54dQwnzt6+1apWExSeFIvKWxA=; b=Le0fOqRZV/S5OriZ8+aZNZW6p2ItEiVCBjJ3kbzcR9DLhZUsi/lTsLHNCcfCPHSdON ClAkOZ2I0rYRWVlB38E6LMzv85kJQI/oDICwfWDke13YHXH4DxnZG1iIfmh6NHVGM9TN lqckvKfo0HwWe+XSsrghyhGYj26OYhDNkUIi4o+dhXRlq4r55vf/MZcm0/e7idu6iLgR qSJNrLbMpeMLk2vBf7OlH6SrQzXUwg3n7SuVCqyyHIy4LfJ+bwWAG5nQPuB7M/C+GRlp vLSxPG42CjIgxRUw5e3R5RnGSnkttNdkpUtUdGqcfgv64jwnzbF3mumzDixBTMwCYLBv htoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224261; x=1768829061; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=UZjupKNTcRQ4mvrXCw54dQwnzt6+1apWExSeFIvKWxA=; b=Dsj5Uv+bb6RounEwohCBW1FOYWypP/y4i3RHS90lSVk8u8marKw6zE8Z7aqvbRqI/q Ya3Wm0y614uHfqMmTXc+XrFUKXPCSsRpRVS6Aubi/w7BUyTpW7mZVl6+ayHflAUXPeVy H6vPt3/8xueqdsexRUrmy/gZy2SnvZ3Zuk4vHtX/bDyxZEtiloZfnAqTva9+6+H3boWR pFSMmSiXvtHCfZ4YWTb+yJwAMJU0klDpiEEkhv3MjFXlCsrnqzcnlkDV9KyqcCBdFrLl jVIXPvMppY+6jMZSkTCxAt/Wi4FxTd3O5A+inOiHHIDE3bJPv3wnOZDnVsMdCzNbjmwu cuZw== X-Forwarded-Encrypted: i=1; AJvYcCWVunJv9PZWXLqSkiFpOUBRppWctMFd1gdVDobKCTLcnmciZ6UR22Ndxtp7sbvsnLksHv2PGXcHYUg8@nongnu.org X-Gm-Message-State: AOJu0Yw+A6KFx1Dnlq1CAChe4iaQpU/8rTbzsT9qdg1iWVczW56kHdm2 tPwfD8mdfyO2c+qkM1yDDU6HxiWHhCswB7ZdhO5S18k0GfZDcIt9PThD66/8j3ugQDpV664NLw3 /22v0WQf0rO0EYVy/C+2PlwccNMCmXNHMagwBtUzsUmctfYBGIyxanEe4 X-Gm-Gg: AY/fxX7wobp7ZJ0+IwHZJGYjpmEGpkugmTMdJKq29Fi4mE/+SZHk2TVqKxSJTdwuiN6 retRgPZGIzA7sF1zj9YaZtEwFo7Q1vqiWAwhqCkWduph0g6kb9nlxmtoSzHnBx8uecvevIjD1pK JeQnU+wIeep03yUD/r7JIZZEPPqlMxLII7KYNHVBF+d1FCuT6rbXr5rnIWuYMjuD2FyYTJJUQhr RTHolRA4S0hj8IF9PqRn8aTLrvV6hdv4Vq748wC/JCpoICeMn4HWEtl9Sf83gGg4z1eV1+dYhte eshmkJ2Gi4KbTHF8a277I2aAvZjqXW58bC8uEQPPurJjzG8fLJzjrFBq15tgEpmeXsnqZwpidlT KchL7W/wbHbj3ksFlo2C2q5naklCMN0OqGWrAyES4rp0= X-Received: by 2002:a05:6a20:3ca3:b0:366:23a6:c962 with SMTP id adf61e73a8af0-3898f91d1efmr17834723637.29.1768224260816; Mon, 12 Jan 2026 05:24:20 -0800 (PST) X-Google-Smtp-Source: AGHT+IGz1IkZ96oXJFBb8G5LoyDpm7qWMw8Wh30UfPa7yjwgIeLGzgyc1L8pL8jObYETbVCv8P8FMg== X-Received: by 2002:a05:6a20:3ca3:b0:366:23a6:c962 with SMTP id adf61e73a8af0-3898f91d1efmr17834709637.29.1768224260414; Mon, 12 Jan 2026 05:24:20 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Richard Henderson , Eduardo Habkost , "Michael S. Tsirkin" , Marcel Apfelbaum Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 21/32] kvm/i8254: refactor pit initialization into a helper Date: Mon, 12 Jan 2026 18:52:34 +0530 Message-ID: <20260112132259.76855-22-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224673450158500 Content-Type: text/plain; charset="utf-8" The initialization code will be used again by VM file descriptor change notifier callback in a subsequent change. So refactor common code into a new helper function. Signed-off-by: Ani Sinha --- hw/i386/kvm/i8254.c | 68 +++++++++++++++++++++++++-------------------- 1 file changed, 38 insertions(+), 30 deletions(-) diff --git a/hw/i386/kvm/i8254.c b/hw/i386/kvm/i8254.c index 81e742f866..255047458a 100644 --- a/hw/i386/kvm/i8254.c +++ b/hw/i386/kvm/i8254.c @@ -60,6 +60,43 @@ struct KVMPITClass { DeviceRealize parent_realize; }; =20 +static void do_pit_initialize(KVMPITState *s, Error **errp) +{ + struct kvm_pit_config config =3D { + .flags =3D 0, + }; + int ret; + + ret =3D kvm_vm_ioctl(kvm_state, KVM_CREATE_PIT2, &config); + if (ret < 0) { + error_setg(errp, "Create kernel PIC irqchip failed: %s", + strerror(-ret)); + return; + } + switch (s->lost_tick_policy) { + case LOST_TICK_POLICY_DELAY: + break; /* enabled by default */ + case LOST_TICK_POLICY_DISCARD: + if (kvm_check_extension(kvm_state, KVM_CAP_REINJECT_CONTROL)) { + struct kvm_reinject_control control =3D { .pit_reinject =3D 0 = }; + + ret =3D kvm_vm_ioctl(kvm_state, KVM_REINJECT_CONTROL, &control= ); + if (ret < 0) { + error_setg(errp, + "Can't disable in-kernel PIT reinjection: %s", + strerror(-ret)); + return; + } + } + break; + default: + error_setg(errp, "Lost tick policy not supported."); + return; + } + + return; +} + static void kvm_pit_update_clock_offset(KVMPITState *s) { int64_t offset, clock_offset; @@ -241,42 +278,13 @@ static void kvm_pit_realizefn(DeviceState *dev, Error= **errp) PITCommonState *pit =3D PIT_COMMON(dev); KVMPITClass *kpc =3D KVM_PIT_GET_CLASS(dev); KVMPITState *s =3D KVM_PIT(pit); - struct kvm_pit_config config =3D { - .flags =3D 0, - }; - int ret; =20 if (!kvm_check_extension(kvm_state, KVM_CAP_PIT_STATE2) || !kvm_check_extension(kvm_state, KVM_CAP_PIT2)) { error_setg(errp, "In-kernel PIT not available"); } =20 - ret =3D kvm_vm_ioctl(kvm_state, KVM_CREATE_PIT2, &config); - if (ret < 0) { - error_setg(errp, "Create kernel PIC irqchip failed: %s", - strerror(-ret)); - return; - } - switch (s->lost_tick_policy) { - case LOST_TICK_POLICY_DELAY: - break; /* enabled by default */ - case LOST_TICK_POLICY_DISCARD: - if (kvm_check_extension(kvm_state, KVM_CAP_REINJECT_CONTROL)) { - struct kvm_reinject_control control =3D { .pit_reinject =3D 0 = }; - - ret =3D kvm_vm_ioctl(kvm_state, KVM_REINJECT_CONTROL, &control= ); - if (ret < 0) { - error_setg(errp, - "Can't disable in-kernel PIT reinjection: %s", - strerror(-ret)); - return; - } - } - break; - default: - error_setg(errp, "Lost tick policy not supported."); - return; - } + do_pit_initialize(s, errp); =20 memory_region_init_io(&pit->ioports, OBJECT(dev), NULL, NULL, "kvm-pit= ", 4); =20 --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224628; cv=none; d=zohomail.com; s=zohoarc; b=NWL/0IMgPCkBR1wy6OoVaRCgMimj0VYQBM1qz0KEi3T3HC2INp8ehgycccvdQTiuioSAKZnYCvyv4/eCTZsqdSYCl+LI0XmjKCdPBEbs/fR8l8BckOqpHv2tXqhZyliagf3cTVPJTc2Ts+r+vk/T078/KKt5wgw3MDLjsTUWG/A= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224628; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=77thvasEz7mbFfddpidtc2aDEfBsUM8wmBICVXOiwbI=; b=WGaTuMO4yIBfazyQGeRWcsDFAkolANDTyFkMesWTmNMoJvtUQ6L/RrTJJmtRxRjoiB3OTNoXqYpb3e9EOboFhdnPhds3zHcnWwENY5K/16RSJBtvIfvJ83VrTiWC4HO2cKRkCNvJp8UcIpsgJynMtCiZ+K34jSSGYTWMQXDvo7A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 176822462818019.407604761297875; Mon, 12 Jan 2026 05:30:28 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHv2-0004yT-3S; Mon, 12 Jan 2026 08:25:17 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuI-0003X3-70 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:30 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuE-0003qS-Ir for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:29 -0500 Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com [209.85.216.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-531-Ihg7aT4WOW6CeqZ7DhnyQA-1; Mon, 12 Jan 2026 08:24:24 -0500 Received: by mail-pj1-f70.google.com with SMTP id 98e67ed59e1d1-34a9bb41009so8970901a91.3 for ; Mon, 12 Jan 2026 05:24:24 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224265; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=77thvasEz7mbFfddpidtc2aDEfBsUM8wmBICVXOiwbI=; b=e+ZtvixyvLisuZKFx4rKWPPm2ybZEHRg+YTIq1RDvrsrVp7VjHKFqER78o93GB3VhYBZLF 6ztcush8F4xTd9lJn7zNZqQAUwt70nKkx1sYI8stkGtzCnEBhAuifS1+40sOGV+PyTqBoy e15ompXDv9rSHeNl3TbEnTdZ6IhNsPk= X-MC-Unique: Ihg7aT4WOW6CeqZ7DhnyQA-1 X-Mimecast-MFC-AGG-ID: Ihg7aT4WOW6CeqZ7DhnyQA_1768224264 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224263; x=1768829063; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=77thvasEz7mbFfddpidtc2aDEfBsUM8wmBICVXOiwbI=; b=nj2nvd3lzQCSPyk9bcinzAEY14U8gR5Rw+vrywR+eX9oT9haEGa2X7Vh2JTJtWV/pK CIsU5XrCalkHB3Nb/s6boqCt8v6N+Xgyz+1jctkEeAvPdbOnQTauFyo4hkz70I4uZxLN xlQLoemgDe1v/9zneTMQBqn3pxZZekowlZytiXsi/qNSei0uGp7rAMYxcddljZyH7zFa AxUlEMECoBZjVQlFZXf9gmpGYoPHS5CcLv7Q2dHxkuiCM/xffKYDNZWmAhHCnC8JwxP0 wRftwiYxWZ8nhYHl4wvkn0pycrfBmMOw7yaNWXu5VvMZxq4cY8+JmZtXkthAYoX2xQ/2 XjJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224263; x=1768829063; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=77thvasEz7mbFfddpidtc2aDEfBsUM8wmBICVXOiwbI=; b=PgBajKH44xCuVQIpp13d/JyugF/DHC5xZkPvPN2CYgGwSaFGRP09nSDyevk/Le3Vw8 hOMYs6xSf16E7t2Swo7HISJB2EXXtsH5ceoiH8SNGbQLwRaryAkFZWkvZYUfGiVhHqEG HAMm4QknaHHgJaCGiqol1vbkp5LMoSeAxfUpfsv1sg7xg1LXjgRC72ZrEoKC0cKUshko RQIYw3gVqhXsC+2nnWh1Za7WkOwy5O94wBP6FLLXI3Jc4G7WyHGrLLGQYluxVMrShsge kzK34+wer9WWjENnfSnbUf0bQBBjNHoUU5pRZ/ZQ1fh8wV7eSR6QVKjAbFEdsws2/Z6U nB+A== X-Forwarded-Encrypted: i=1; AJvYcCXrI2HInuYR2c0kITvZgEl0mex3dv79uQYE2crC9cN62ZfKtGo1cSP6I+7HSirGerzv1Hi/6G0ZUGjg@nongnu.org X-Gm-Message-State: AOJu0Yxkq3h07WW6ciIu894A4xYfkXGanKiTY+aqrV3016tLX/XN6Y4s zONy+FxOeVmcVWTdymAED2rbi+4oC1vFpFFlObRWr0DpmIStCasNfNQYpUV5zo6BKZLSuyc+R0m xFP1ExjBeUNJYIFH5p+cs7DWSkjvljIehgP5hWlK8HacwickfC8iF/e0O X-Gm-Gg: AY/fxX5OIA3tlgAL8nzu9LlbBtv/q/jcPbMRPcrKx7ym2wdt4KfdJ3oxuc5S6wJbwOl nPtM+1ZpjkySHX/WzdV1+r4gWB3HUWMmd3v9XEstXDDhIFY+xyktIg26C9qvcRmpPZr4FT3QWmu 3lMaBZYwYIpOP2yT9aOh5AkHrFHN+NHP8xQu/nmoNlUiux/9e/7/3jJtQBQw5v2V38j8ini0GDX 2FgAYcGA4uXzJgu6guz43DgS95jFXUEhlORjLQqlzyHzyR75XPcg4oLy20ASNRahw+3+GFGus47 jj+XPx7ev/TDiNeOZn73FU6xipPPGhXC5fm/Vk0NyiJ5IpRGi18r3flsuPzA0teKjXD5mFUownR r0s/Y1py5q4NUD2Oi1NnpRC3FxYo+ZFmzFoLIpO1yrg8= X-Received: by 2002:a17:90a:e7cd:b0:340:d569:d295 with SMTP id 98e67ed59e1d1-34f68d0bbf9mr18826399a91.24.1768224263609; Mon, 12 Jan 2026 05:24:23 -0800 (PST) X-Google-Smtp-Source: AGHT+IGqNzs5T4Y/nuvXOBzpoX20Jpvk0mau7pb5OixY7RQGKlDk6YD1j8R2CuGb7j6qKGZqxXYANw== X-Received: by 2002:a17:90a:e7cd:b0:340:d569:d295 with SMTP id 98e67ed59e1d1-34f68d0bbf9mr18826369a91.24.1768224263249; Mon, 12 Jan 2026 05:24:23 -0800 (PST) From: Ani Sinha To: "Michael S. Tsirkin" , Marcel Apfelbaum , Paolo Bonzini , Richard Henderson , Eduardo Habkost Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 22/32] kvm/i8254: add support for confidential guest reset Date: Mon, 12 Jan 2026 18:52:35 +0530 Message-ID: <20260112132259.76855-23-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224629062158500 Content-Type: text/plain; charset="utf-8" A confidential guest reset involves closing the old virtual machine KVM file descriptor and opening a new one. Since its a new KVM fd, PIT needs to be reinitialized again. This is done with the help of a notifier which is invo= ked upon KVM vm file desciptor change during confidential guest reset process. Signed-off-by: Ani Sinha --- hw/i386/kvm/i8254.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/hw/i386/kvm/i8254.c b/hw/i386/kvm/i8254.c index 255047458a..4d212fad1b 100644 --- a/hw/i386/kvm/i8254.c +++ b/hw/i386/kvm/i8254.c @@ -52,6 +52,8 @@ struct KVMPITState { LostTickPolicy lost_tick_policy; bool vm_stopped; int64_t kernel_clock_offset; + + NotifierWithReturn kvmpit_vmfd_change_notifier; }; =20 struct KVMPITClass { @@ -203,6 +205,16 @@ static void kvm_pit_put(PITCommonState *pit) } } =20 +static int kvmpit_post_vmfd_change(NotifierWithReturn *notifier, + void *data, Error** errp) +{ + KVMPITState *s =3D container_of(notifier, KVMPITState, + kvmpit_vmfd_change_notifier); + + do_pit_initialize(s, errp); + return 0; +} + static void kvm_pit_set_gate(PITCommonState *s, PITChannelState *sc, int v= al) { kvm_pit_get(s); @@ -292,6 +304,9 @@ static void kvm_pit_realizefn(DeviceState *dev, Error *= *errp) =20 qemu_add_vm_change_state_handler(kvm_pit_vm_state_change, s); =20 + s->kvmpit_vmfd_change_notifier.notify =3D kvmpit_post_vmfd_change; + kvm_vmfd_add_change_notifier(&s->kvmpit_vmfd_change_notifier); + kpc->parent_realize(dev, errp); } =20 --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224457; cv=none; d=zohomail.com; s=zohoarc; b=X0fcfn+VfD6ym7EsynktT2LQbBFThj7ve+6HcBibT2gfNgXiaUr/mHtHdXIi5LRUCSf+2SP/j9M99wMWvfpeAoPuzERwe2G8ddWnPr0EznAuSLh9u3dzuJKXv2DTs9nfl9KXblDlNTMYVkLjg1Ud3ndncwcuqgZ9gW7Ndhv0DaU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224457; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=z5Id00LIh2+9ZBejtUIqIXdXBw2c/GTI+LyXgpHZ0vY=; b=fvpe7PB3FLHsqhsAmx1Oiv9247DhqYsXBYK/RZhg3kquDf5a1sufNRjWk2CNuibAJyRBwoT62zyMIv9//jbmlRO0vDqi72UdBg8/hWi4iN1fKv35YXej0+Ffp4dA9jm6Cu8zlnZNoCM3cMFs46INN27pmmVkFwuwu0d62eA3JgY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224457551951.261272727591; Mon, 12 Jan 2026 05:27:37 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuK-0003fW-Lk; Mon, 12 Jan 2026 08:24:32 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuI-0003YM-H3 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:30 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuH-0003qw-1B for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:30 -0500 Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com [209.85.216.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-600-2HfI4gXnOySqsmzRmA6SYQ-1; Mon, 12 Jan 2026 08:24:26 -0500 Received: by mail-pj1-f70.google.com with SMTP id 98e67ed59e1d1-34e5a9de94bso12526346a91.0 for ; Mon, 12 Jan 2026 05:24:26 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224268; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=z5Id00LIh2+9ZBejtUIqIXdXBw2c/GTI+LyXgpHZ0vY=; b=Iqu5u+567bR28PVDqjaXInXIQ/dnT4lOyYzRNEWLAV7uf8w3/mKDV7KPFloNzd7nCHmGOx Ykzs0i6oHsqp+OqyxlPWKj+bpmDpue5rvHQUSeSGoLoVoyHSR3Tke6fAm5pDeywdNSEF19 8iuD9aZ6/kvRI/HxCOWUJyHINCH90y8= X-MC-Unique: 2HfI4gXnOySqsmzRmA6SYQ-1 X-Mimecast-MFC-AGG-ID: 2HfI4gXnOySqsmzRmA6SYQ_1768224266 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224265; x=1768829065; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=z5Id00LIh2+9ZBejtUIqIXdXBw2c/GTI+LyXgpHZ0vY=; b=X5yErihaRqxEc03p3P0m7z1wJ6zmdA0//pW1xhgvOSNNeQaSO5VM+HhfKUtupjzVYX pn8A6tmw6OyHEGT1Rairr9A+6wdZhaIhln/LnzOMuIuo0j3UbjggNPisZSofd5MdSd0f KrKELSjFA6Be6hHIUlbzJk8RX6Y5hU9KGRPPUWNZajdJHQVoqFAobwOy9kH4ME1+iKNa gmaYBjn74Nm8Qk7UjU7NNJwf4GOPyg0ygiff96bXpLxmMGRbVPq62r82gc4wC1iMdb0M /uDtxqJKjcpXB8rZ2g3Sx4K/8GTNN0XhYNjg3c5BuVwcm2d6AWfzwCVIw2IEiqi4Z0EY JOmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224265; x=1768829065; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=z5Id00LIh2+9ZBejtUIqIXdXBw2c/GTI+LyXgpHZ0vY=; b=ezG9RE3nuFPUhY7SQsu/YH8JUHmDB+euVopWB2phDcbCFeS5ZXwzB4JQDIM1jtSnl0 vtyBbvROTCX7d98WTwuTBzu1uzKRS9rjxJbfkKElC7MStI+HgDRwheg/abtQsnfQ+i1B X+83rWzTKQBR8CH6UQucHBXOrMj/54kkXn/MBLs3uBwda9v2BRuzdKvnAGi5kMBfZxxe oMMZbC1+aJYjrFCFOCMaDO1QSHBFRavl53a9wZPh/4/oAhCnL0gaeUAna/Y1dK3PoH9N ThHmXMJ36CsvvqywuwvUN1nVjQjn+aIZkMoa5GhkIih/HfqteskE14dJCtNw0VIX7Vpb UjJg== X-Forwarded-Encrypted: i=1; AJvYcCUqRsTOoxCBD0GvbPO1W3oPgAMxvU8VbuCJsTs2ztDiQXJEEAfhkBaYGwGrvmuxPX2ip23wsvINtt+D@nongnu.org X-Gm-Message-State: AOJu0YyRTBz7xKUpWzsksufS50zG7xQ4KgltgCtbpx8Oe6KoqgD9Jp6M VnZGU+s8PqPPDY03YT7gXEtxrr0P/mjy21bPJDPZzq+MFniy68yVrjGnOtjlrw/QYmepr+8h0jr J5DVu4Q3fGKX+5O4w08QkKCN59sAy7MUVUzQFn5UtHXZA2oeYDSTvcpq+kQ9p2/sc X-Gm-Gg: AY/fxX5T6VsdoJCyYVcfLEGH1iE+TWnzAtmFnVruj4lnqxucCzvmaCVcLAomMTfzgyy ZkQbZGKkgmgPUUj5d9ruVKt4vu2MdIQ/UbWiAhL0ly2E4taMs5WnZ2fZhnM93ik47vyqWIAwtcz CBuSFmvuT2RDnZdYNHKaEC8JVZxe/km8HevcVNKMj50xndBEhJlenLzPrfp5ej+4A1ydECr28/+ JRbB5t1l7y71UgrlIXCHdvl3sCent8pPHDj/qjHBBFNZCEzcicbC1Cd+Gn6uxLaZNXIaaGDPtyb QnvMOTrdQh1+6UhQ7OiavFqtkkcNWTvZvFzkSwCrF77e/oZ3LxquOFG3oIKBjF/tLG5IGvoudwT 1XsJlNJEv//+dTb7TU8wYigctEW7+v9Rybfkz/X5X4NA= X-Received: by 2002:a17:90b:4c11:b0:338:3d07:5174 with SMTP id 98e67ed59e1d1-34f68c7a647mr14962414a91.5.1768224265583; Mon, 12 Jan 2026 05:24:25 -0800 (PST) X-Google-Smtp-Source: AGHT+IFRQkvYubhnMVgKak+JgKwZBj63oDmTdKTQFrGpe5hmh7o3S0YUxy9JRuoHnvx3oExxFNRlrA== X-Received: by 2002:a17:90b:4c11:b0:338:3d07:5174 with SMTP id 98e67ed59e1d1-34f68c7a647mr14962394a91.5.1768224265213; Mon, 12 Jan 2026 05:24:25 -0800 (PST) From: Ani Sinha To: "Maciej S. Szmigiero" Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 23/32] hw/hyperv/vmbus: add support for confidential guest reset Date: Mon, 12 Jan 2026 18:52:36 +0530 Message-ID: <20260112132259.76855-24-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224458442158500 Content-Type: text/plain; charset="utf-8" On confidential guests when the KVM virtual machine file descriptor changes= as a part of the reset process, event file descriptors needs to be reassociated with the new KVM VM file descriptor. This is achieved with the help of a callback handler that gets called when KVM VM file descriptor changes during the confidential guest reset process. This patch is untested on confidential guests and only exists for completen= ess. Signed-off-by: Ani Sinha --- hw/hyperv/vmbus.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/hw/hyperv/vmbus.c b/hw/hyperv/vmbus.c index c5bab5d245..947fb7f4f8 100644 --- a/hw/hyperv/vmbus.c +++ b/hw/hyperv/vmbus.c @@ -20,6 +20,7 @@ #include "hw/hyperv/vmbus-bridge.h" #include "hw/core/sysbus.h" #include "exec/cpu-common.h" +#include "system/kvm.h" #include "exec/target_page.h" #include "trace.h" =20 @@ -248,6 +249,12 @@ struct VMBus { * interrupt page */ EventNotifier notifier; + + /* + * Notifier to inform when vmfd is changed as a part of confidential g= uest + * reset mechanism. + */ + NotifierWithReturn vmbus_vmfd_change_notifier; }; =20 static bool gpadl_full(VMBusGpadl *gpadl) @@ -2347,6 +2354,26 @@ static void vmbus_dev_unrealize(DeviceState *dev) free_channels(vdev); } =20 +/* + * If the KVM fd changes because of VM reset in confidential guests, + * reassociate event fd with the new KVM fd. + */ +static int vmbus_handle_vmfd_change(NotifierWithReturn *notifier, + void *data, Error** errp) +{ + VMBus *vmbus =3D container_of(notifier, VMBus, + vmbus_vmfd_change_notifier); + int ret =3D 0; + ret =3D hyperv_set_event_flag_handler(VMBUS_EVENT_CONNECTION_ID, + &vmbus->notifier); + /* if we are only using userland event handler, it may already exist */ + if (ret !=3D 0 && ret !=3D -EEXIST) { + error_setg(errp, "hyperv set event handler failed with %d", ret); + } + + return ret; +} + static const Property vmbus_dev_props[] =3D { DEFINE_PROP_UUID("instanceid", VMBusDevice, instanceid), }; @@ -2429,6 +2456,9 @@ static void vmbus_realize(BusState *bus, Error **errp) goto clear_event_notifier; } =20 + vmbus->vmbus_vmfd_change_notifier.notify =3D vmbus_handle_vmfd_change; + kvm_vmfd_add_change_notifier(&vmbus->vmbus_vmfd_change_notifier); + return; =20 clear_event_notifier: --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224383; cv=none; d=zohomail.com; s=zohoarc; b=ZnsMot5pORrL4q3DuY0NoOjQmz1UgZhDklBTs9vAa4q0PetHudfsLV5lArgb9aADpTGjCnDoUHSROQHTaZXOxij/kRl9I31182hJW+lYakNB41sXHpBELaqwn4FbHrOk9gf819HXi4FdvcavMUO77mB7iNKFdYzdbqznUChSh/8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224383; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=5mNZOVGpLRkq1Bf/PS8HZ5/0yQ0n0eM+fBjQiQ5vegE=; b=O11Hw/2byc7MVkY5irvCt2Apc9AlwlozNRVpCKwp6tYScqArF2PA/W4JXoLqNAkaZhndQsNGF78peK3hmu3A8ILMSRGJ+/pzgIDoD8YvssKfdx6o1zVxjSFjgaggmEnfU2CbR1YhcKV+N1XU6dXbvuTac9bXVWW70L4uP1xJw6w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224383932126.5579385483934; Mon, 12 Jan 2026 05:26:23 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuk-0004hx-Rq; Mon, 12 Jan 2026 08:25:00 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuN-000477-Gz for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:37 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuL-0003s1-72 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:34 -0500 Received: from mail-pf1-f200.google.com (mail-pf1-f200.google.com [209.85.210.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-563-FAq77rNNNs-cuer31wN--A-1; Mon, 12 Jan 2026 08:24:29 -0500 Received: by mail-pf1-f200.google.com with SMTP id d2e1a72fcca58-81e6ec1da28so1868054b3a.0 for ; Mon, 12 Jan 2026 05:24:29 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224272; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5mNZOVGpLRkq1Bf/PS8HZ5/0yQ0n0eM+fBjQiQ5vegE=; b=ZtkLkmiUK/B5qtN+N2KQywZkTTm+/yOKRylOORWzxSPedIXFBV/G+GPMLv4h/mOcsHIwkW ZnMhOvviflSvTljNf52F5b5oLt7taXySdtyc8kojeLxeQc2ObkrHbbdf6fW7Ua8jP0yvQe wtAgOX8O4KciukMqbgC+KZhshTidf2Y= X-MC-Unique: FAq77rNNNs-cuer31wN--A-1 X-Mimecast-MFC-AGG-ID: FAq77rNNNs-cuer31wN--A_1768224268 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224268; x=1768829068; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5mNZOVGpLRkq1Bf/PS8HZ5/0yQ0n0eM+fBjQiQ5vegE=; b=hm+V3aife0tGOQlO5s2W24po7HFF6i4/NzHNJN7HqeSFjsRWDmC4Hn5OWPojDRqI8D KRhv5iJ3zbXNxjsp/XwSLaePnalQjrdACJqqx/JmeDTwyDqW0axZvoAkHafKO+1XzivQ +N6BVcn9GUIqFn/ggNIYqr2tRFNCMT3ScPiBqHOVMyEHkoclMEoYG1AQ/mB2emYhAn1J Cp1fXSp+6FBunsA0okw8a66fjJggfJXJD9sp6SxZNIFAr24oHtsZk73ILw+RByn5BaSS 1AsItljMpVqRCfmaWWD32Yn6VX9lkfwP6/yLWh6QrwCcrKzPrF2dJGMj3Rb/LieHoZZ7 uMtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224268; x=1768829068; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=5mNZOVGpLRkq1Bf/PS8HZ5/0yQ0n0eM+fBjQiQ5vegE=; b=KHQWjxdOtNC+zmWDxl1hktmZJo0m7+vY4QURhNqSvYTna18Ze5BRT43brZn6yhoNnK SWFdyJaXRCjE/6EjxGixiVLh6/gyQSD/bxbxDNRHKbSdVXttY7Ie2okCg506B1t98i8Y pq1v7FW1eBRNMtsm84CfuyAfoNv4d1bprn8bxWfYGZXMEQomE7PZOKOKxVc67uZFP/Uu XDrCmC4qTBNUgwF/EaJif4vB0q1EPU5/9TyzJ6wtvyQJnYKBqEdJ5xq9uoWB+o+MnmaW IL9FAffQrlhX4vb8MKQC/avMSff+s87X4Z/3AivsAZo27BQgv9kJCp80DwgnVKlBCoHn VHPw== X-Forwarded-Encrypted: i=1; AJvYcCU7Fmpgwz25wZBf8CvMUXHqBqnYVppehHhcAjHdmpi2HpYP31LHEKPQ0mWSSWHyNewzX3gW5uUpEbNN@nongnu.org X-Gm-Message-State: AOJu0YzZtiyKFaghSDd8PnHQdE77g9bXIQEBZREm6i45Zchax799cN2k zdUzpxUIVM2hGR5I3c+kEvalnF/PqPqFCKM1/D3tcIblq16KoZmg3cnXW6lainRh5AV7wnx3P0E T4ARB9OqQPaj1aMW0/N/sLNx2KP6DPOOTykjmehPKt8VUp99MMuJ8ufYK X-Gm-Gg: AY/fxX4ZHMVP0CwFdJaSMSSVsMqlvt0NK6aalmwV7TUvzyGIFpa9jHJpE/IQxvrNMLt eIKFrhZUuYL0iBGpkNbZYxWOmZSqY0C6gByiLwk6f3UKXPl3R+9Ct+lD/IxWYyENV+XzOlXV7M0 z6Zg+zVFilF3KHNEqIpZK+oXum8SxkjoNx7AgrPkfritbxzVR2IkqV5eVYGXz4Mh6zVsBJyx6sJ 6m7bUsT5hgEHqMjKkWn6bzP5SptCCI86J4kDT0IzBz8IX6MSZbr3LnndZE2oxfHc63Lvd+c6+in DnY+wGd/LouN0jJ2vP9zweeXCtq7ktfnecD4i4K/sFPkdPid9K7EViEsOEFOYwl9+6vQFdaeeTX boXXOnsZJ8B962vjI/WCYiV6IuWM+rEpK4tjXjIy5d6w= X-Received: by 2002:a05:6a20:6a08:b0:37e:8eea:3e3f with SMTP id adf61e73a8af0-3898f9c28a9mr16110805637.80.1768224268306; Mon, 12 Jan 2026 05:24:28 -0800 (PST) X-Google-Smtp-Source: AGHT+IGD9RUhQ3GTJxL2ONxoegYo4Rf5YfwQeYOo30AP0UNkHIJItgroqtE20TpG/pfeVSe07ySt6g== X-Received: by 2002:a05:6a20:6a08:b0:37e:8eea:3e3f with SMTP id adf61e73a8af0-3898f9c28a9mr16110784637.80.1768224267933; Mon, 12 Jan 2026 05:24:27 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Marcelo Tosatti , Zhao Liu Cc: Ani Sinha , qemu-devel@nongnu.org, kvm@vger.kernel.org Subject: [PATCH v2 24/32] accel/kvm: add a per-confidential class callback to unlock guest state Date: Mon, 12 Jan 2026 18:52:37 +0530 Message-ID: <20260112132259.76855-25-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224385883158500 Content-Type: text/plain; charset="utf-8" As a part of the confidential guest reset process, the existing encrypted g= uest state must be made mutable since it would be discarded after reset. A new encrypted and locked guest state must be established after the reset. To th= is end, a new callback per confidential guest support class (eg, tdx or sev-sn= p) is added that will indicate whether its possible to rebuild guest state: bool (*can_rebuild_guest_state)(ConfidentialGuestSupport *cgs) This api returns true if rebuilding guest state is possible, false otherwise. A KVM based confidential guest reset is only possible when the existing state is locked but its possible to rebuild guest state. Otherwise, the guest is not resettable. Signed-off-by: Ani Sinha --- include/system/confidential-guest-support.h | 27 +++++++++++++++++++++ system/runstate.c | 11 +++++++-- target/i386/kvm/tdx.c | 6 +++++ target/i386/sev.c | 9 +++++++ 4 files changed, 51 insertions(+), 2 deletions(-) diff --git a/include/system/confidential-guest-support.h b/include/system/c= onfidential-guest-support.h index 0cc8b26e64..3c37227263 100644 --- a/include/system/confidential-guest-support.h +++ b/include/system/confidential-guest-support.h @@ -152,6 +152,11 @@ typedef struct ConfidentialGuestSupportClass { */ int (*get_mem_map_entry)(int index, ConfidentialGuestMemoryMapEntry *e= ntry, Error **errp); + + /* + * is it possible to rebuild the guest state? + */ + bool (*can_rebuild_guest_state)(ConfidentialGuestSupport *cgs); } ConfidentialGuestSupportClass; =20 static inline int confidential_guest_kvm_init(ConfidentialGuestSupport *cg= s, @@ -167,6 +172,28 @@ static inline int confidential_guest_kvm_init(Confiden= tialGuestSupport *cgs, return 0; } =20 +static inline bool +confidential_guest_can_rebuild_state(ConfidentialGuestSupport *cgs) +{ + ConfidentialGuestSupportClass *klass; + + if (!cgs) { + /* non-confidential guests */ + return true; + } + + klass =3D CONFIDENTIAL_GUEST_SUPPORT_GET_CLASS(cgs); + if (klass->can_rebuild_guest_state) { + return klass->can_rebuild_guest_state(cgs); + } + + /* + * by default, we should not be able to unprotect the + * confidential guest state + */ + return false; +} + static inline int confidential_guest_kvm_reset(ConfidentialGuestSupport *c= gs, Error **errp) { diff --git a/system/runstate.c b/system/runstate.c index b0ce0410fa..710f5882d9 100644 --- a/system/runstate.c +++ b/system/runstate.c @@ -58,6 +58,7 @@ #include "system/reset.h" #include "system/runstate.h" #include "system/runstate-action.h" +#include "system/confidential-guest-support.h" #include "system/system.h" #include "system/tpm.h" #include "trace.h" @@ -564,7 +565,12 @@ void qemu_system_reset(ShutdownCause reason) if (cpus_are_resettable()) { cpu_synchronize_all_post_reset(); } else { - assert(runstate_check(RUN_STATE_PRELAUNCH)); + /* + * for confidential guests, cpus are not resettable but their + * state can be rebuilt under some conditions. + */ + assert(runstate_check(RUN_STATE_PRELAUNCH) || + (current_machine->cgs && runstate_is_running())); } =20 vm_set_suspended(false); @@ -713,7 +719,8 @@ void qemu_system_reset_request(ShutdownCause reason) if (reboot_action =3D=3D REBOOT_ACTION_SHUTDOWN && reason !=3D SHUTDOWN_CAUSE_SUBSYSTEM_RESET) { shutdown_requested =3D reason; - } else if (!cpus_are_resettable()) { + } else if (!cpus_are_resettable() && + !confidential_guest_can_rebuild_state(current_machine->cgs)= ) { error_report("cpus are not resettable, terminating"); shutdown_requested =3D reason; } else { diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 314d316b7c..a89b14d401 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -1589,6 +1589,11 @@ static ResettableState *tdx_reset_state(Object *obj) return &tdx->reset_state; } =20 +static bool tdx_can_rebuild_guest_state(ConfidentialGuestSupport *cgs) +{ + return true; +} + static void tdx_guest_class_init(ObjectClass *oc, const void *data) { ConfidentialGuestSupportClass *klass =3D CONFIDENTIAL_GUEST_SUPPORT_CL= ASS(oc); @@ -1596,6 +1601,7 @@ static void tdx_guest_class_init(ObjectClass *oc, con= st void *data) ResettableClass *rc =3D RESETTABLE_CLASS(oc); =20 klass->kvm_init =3D tdx_kvm_init; + klass->can_rebuild_guest_state =3D tdx_can_rebuild_guest_state; x86_klass->kvm_type =3D tdx_kvm_type; x86_klass->cpu_instance_init =3D tdx_cpu_instance_init; x86_klass->adjust_cpuid_features =3D tdx_adjust_cpuid_features; diff --git a/target/i386/sev.c b/target/i386/sev.c index d45356843c..c52027c935 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -2632,6 +2632,14 @@ static int cgs_set_guest_state(hwaddr gpa, uint8_t *= ptr, uint64_t len, return -1; } =20 +static bool sev_can_rebuild_guest_state(ConfidentialGuestSupport *cgs) +{ + if (!sev_snp_enabled() && !sev_es_enabled()) { + return false; + } + return true; +} + static int cgs_get_mem_map_entry(int index, ConfidentialGuestMemoryMapEntry *entry, Error **errp) @@ -2806,6 +2814,7 @@ sev_common_instance_init(Object *obj) cgs->set_guest_state =3D cgs_set_guest_state; cgs->get_mem_map_entry =3D cgs_get_mem_map_entry; cgs->set_guest_policy =3D cgs_set_guest_policy; + cgs->can_rebuild_guest_state =3D sev_can_rebuild_guest_state; =20 qemu_register_resettable(OBJECT(sev_common)); =20 --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224373; cv=none; d=zohomail.com; s=zohoarc; b=nKYEtsOoAa6XBnksO6mvqqVecbT60MVmdW14Nk0rOCkRTYy3Fyd8QN6EZuJVyvKVNXHWQCFc8f+7/NG46JdCvQoCAifLvS6sCwwirk3oEhmTJwR3n7S0CuRmaVmF2uG6o9hMWCO3Uu9fSB3luzWeujn7MYkTxeZHbHhy1xXnwio= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224373; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=RpRJ5BfFh6w1tZPB1hD41jTrZGWAAbYwgmsxDiyQj2w=; b=gtyYwRKLWg88ZdqS1zIRbr10vfJ6b8gIHi645Xrgv3lN3sO6RtakJPTZ6oaH4e+utXG4TFWfTNryhqV2fGS4HuvlsjViOridD1Zp9iM4CMNT3M1qGNnuTH4mOjRYd0apWve+fTJrg8PufFz6+5dtWMJF+W8IDrxURlkamoyIvkE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224373976895.0837822466821; Mon, 12 Jan 2026 05:26:13 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHuw-0004vS-FR; Mon, 12 Jan 2026 08:25:11 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuP-0004BM-D9 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:39 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuM-0003s9-JE for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:36 -0500 Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com [209.85.216.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-645-PotVeBxQN2K-GOr-QqtDJw-1; Mon, 12 Jan 2026 08:24:32 -0500 Received: by mail-pj1-f72.google.com with SMTP id 98e67ed59e1d1-34c64cd48a8so7309918a91.0 for ; Mon, 12 Jan 2026 05:24:32 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224273; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=RpRJ5BfFh6w1tZPB1hD41jTrZGWAAbYwgmsxDiyQj2w=; b=FVaEK20SJ5yC+lKjpRmDum1PFAwSvD0/obYLtc6OmPF/63XhGYO2jna5AwcdLHbKtB0Cnh N7iX7FaSzBcNhCp9QMWtUEpORKHmjOz20Ip8Y4n7mDxjYj/O1FNV83fwiYpPhjfiNjvD1Y ulH9N++ZTMxNeZqbO6TCfIL/WFoLPXo= X-MC-Unique: PotVeBxQN2K-GOr-QqtDJw-1 X-Mimecast-MFC-AGG-ID: PotVeBxQN2K-GOr-QqtDJw_1768224271 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224271; x=1768829071; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=RpRJ5BfFh6w1tZPB1hD41jTrZGWAAbYwgmsxDiyQj2w=; b=W+Obo0jv693YLSV7mWygKHk8n6ZFYG3pbKpwJ0i+vE8gdd+nRTLdE3sxyIBNtr0SuW /u5Tnp5und9TT4JV25NQ41lj/PHJvINa2qQUtLuu0iz26WPU9Ann6/mwVDfgLS7ElY46 F+Y3DE5M1nkYfmPpWS1rbKIho/egJ12EAEPUDArYmV72N+U0D9GkD9QoRFdyMbaIrPEm +ew2T8TKlvJjVfFwaPX+iA5oE02C9YuB5j4kY4S9HF/CGdQZQ6VBqTSh4UJaFoKZje6R awXFtMfPnzNedqbULsY6HjcVaPoPgQG6BYjLYS/yCYxWIMmeX58sS3iYzgnKcu3yjAls ZQ3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224271; x=1768829071; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=RpRJ5BfFh6w1tZPB1hD41jTrZGWAAbYwgmsxDiyQj2w=; b=M8hm3i9xV5SMMpdBu0igIKnb5KnLdNa6TMYEheTrfWpddDzvONapRccnSkAx8yuoDS 6TqpKBvWsrKE/y/CV+mkK/h+iJFH410ehTdlYNGPcn0wgWevDB4Z/U7wyWMNsn1opP7I zHV7iIZ0Lm96Ir7c5f7vCUW69iMdbpQZ+WTLyf/Yv7q/79YKakFcEARSO6caARUMx9PN BEujGcrbae3psnQdf4H/t+nT83JJegQMAyRuCNx8KtLj43PcTCB7WiH8nBJCGH0RtoQI 8uv4hlpDouZVgGDhLUu9NYuQAnWP4UU6RN4jYBt3lhAVku3flxJMbxtxw2ag1ZSuWDYK ZmGA== X-Forwarded-Encrypted: i=1; AJvYcCVSEpH462U/ixfCg7JcMoiqQqTbAEEnZn+IJspom2ller53X2qRMBxzCxtKRnT3ARh73MlqIGx/AC0t@nongnu.org X-Gm-Message-State: AOJu0YyLEK+KEp26Cvjgxh0EeSR0KusCt5BDpdQ6IVcdeuAlXD6hHr58 ODGZQbQP/1myVSs/bRhnDeHg6UqE0PBHQWueIFY+QHlqLXEEdqhjuWEdcn4d6HL81lkZx5DL7z9 StX2U6FwbM5KD4duizR4tfT2HUBIf0BDU850H39KYwBRIJWFukhEamJfh X-Gm-Gg: AY/fxX4PNO0uRNQqPWqGKAv/OOjGmaTAGtkk6N0ckA+ERzqOTZBosj6VavdC5/Jyjt/ EMjoC1t1y1KfnPKCEjHeb0umZd4niQzROzMKJTGmce5i7wUtq2FX2aOG849XANM1eJmC9HbG+E9 TY6ekjbYrNsJjJ5gOEIhkKD2X1ORYNbhDBDqqCo7ku37kwH9pJ0+ZVte31BtTc2A32vMywVe3G3 A9hoI/KKSzLMGdFPmLQf1PmAjXPWv6/ZxmPLQykNHfUIztqt1Y67vKQg9X+8TIf60mdZdVwgzVG O1HY/lm3u21OqERIQTEFcIy3425I84FRIZTXNE3MnZKjHcHNkgJeUhZCMVSw5ciEcF5cqVNLeZu tVAlUlrzl51p1nG64Pv7ScZ9uFr+Kiq7Q6z+/QOegFXc= X-Received: by 2002:a17:90a:ec8b:b0:34a:4a8d:2e2e with SMTP id 98e67ed59e1d1-34f68c912a3mr18358607a91.17.1768224271322; Mon, 12 Jan 2026 05:24:31 -0800 (PST) X-Google-Smtp-Source: AGHT+IEKfMO1nNe9YkfbS9kvxYn3RL7QyyACZ9YBAdaWIhk2qR1dryaLY76HSePS1Am5ohAQYe5qyw== X-Received: by 2002:a17:90a:ec8b:b0:34a:4a8d:2e2e with SMTP id 98e67ed59e1d1-34f68c912a3mr18358589a91.17.1768224270927; Mon, 12 Jan 2026 05:24:30 -0800 (PST) From: Ani Sinha To: David Woodhouse , Paul Durrant , Paolo Bonzini , Marcelo Tosatti Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 25/32] kvm/xen-emu: re-initialize capabilities during confidential guest reset Date: Mon, 12 Jan 2026 18:52:38 +0530 Message-ID: <20260112132259.76855-26-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224376445158500 Content-Type: text/plain; charset="utf-8" On confidential guests KVM virtual machine file descriptor changes as a part of the guest reset process. Xen capabilities needs to be re-initialize= d in KVM against the new file descriptor. This patch is untested on confidential guests and exists only for completen= ess. Signed-off-by: Ani Sinha --- target/i386/kvm/xen-emu.c | 45 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 43 insertions(+), 2 deletions(-) diff --git a/target/i386/kvm/xen-emu.c b/target/i386/kvm/xen-emu.c index 52de019834..4f4cde7c58 100644 --- a/target/i386/kvm/xen-emu.c +++ b/target/i386/kvm/xen-emu.c @@ -44,9 +44,12 @@ =20 #include "xen-compat.h" =20 +NotifierWithReturn xen_vmfd_change_notifier; +static bool hyperv_enabled; static void xen_vcpu_singleshot_timer_event(void *opaque); static void xen_vcpu_periodic_timer_event(void *opaque); static int vcpuop_stop_singleshot_timer(CPUState *cs); +static int do_initialize_xen_caps(KVMState *s, uint32_t hypercall_msr); =20 #ifdef TARGET_X86_64 #define hypercall_compat32(longmode) (!(longmode)) @@ -54,6 +57,25 @@ static int vcpuop_stop_singleshot_timer(CPUState *cs); #define hypercall_compat32(longmode) (false) #endif =20 +static int xen_handle_vmfd_change(NotifierWithReturn *n, + void *data, Error** errp) +{ + int ret; + + ret =3D do_initialize_xen_caps(kvm_state, XEN_HYPERCALL_MSR); + if (ret < 0) { + return ret; + } + + if (hyperv_enabled) { + ret =3D do_initialize_xen_caps(kvm_state, XEN_HYPERCALL_MSR_HYPERV= ); + if (ret < 0) { + return ret; + } + } + return 0; +} + static bool kvm_gva_to_gpa(CPUState *cs, uint64_t gva, uint64_t *gpa, size_t *len, bool is_write) { @@ -111,15 +133,16 @@ static inline int kvm_copy_to_gva(CPUState *cs, uint6= 4_t gva, void *buf, return kvm_gva_rw(cs, gva, buf, sz, true); } =20 -int kvm_xen_init(KVMState *s, uint32_t hypercall_msr) +static int do_initialize_xen_caps(KVMState *s, uint32_t hypercall_msr) { + int xen_caps, ret; const int required_caps =3D KVM_XEN_HVM_CONFIG_HYPERCALL_MSR | KVM_XEN_HVM_CONFIG_INTERCEPT_HCALL | KVM_XEN_HVM_CONFIG_SHARED_INF= O; + struct kvm_xen_hvm_config cfg =3D { .msr =3D hypercall_msr, .flags =3D KVM_XEN_HVM_CONFIG_INTERCEPT_HCALL, }; - int xen_caps, ret; =20 xen_caps =3D kvm_check_extension(s, KVM_CAP_XEN_HVM); if (required_caps & ~xen_caps) { @@ -143,6 +166,21 @@ int kvm_xen_init(KVMState *s, uint32_t hypercall_msr) strerror(-ret)); return ret; } + return xen_caps; +} + +int kvm_xen_init(KVMState *s, uint32_t hypercall_msr) +{ + int xen_caps; + + xen_caps =3D do_initialize_xen_caps(s, hypercall_msr); + if (xen_caps < 0) { + return xen_caps; + } + + if (!hyperv_enabled && (hypercall_msr =3D=3D XEN_HYPERCALL_MSR_HYPERV)= ) { + hyperv_enabled =3D true; + } =20 /* If called a second time, don't repeat the rest of the setup. */ if (s->xen_caps) { @@ -185,6 +223,9 @@ int kvm_xen_init(KVMState *s, uint32_t hypercall_msr) xen_primary_console_reset(); xen_xenstore_reset(); =20 + xen_vmfd_change_notifier.notify =3D xen_handle_vmfd_change; + kvm_vmfd_add_change_notifier(&xen_vmfd_change_notifier); + return 0; } =20 --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224530; cv=none; d=zohomail.com; s=zohoarc; b=XvaocnB57JUfLXLvHk3J7pG8Pwl952GHv/Ubu7wkFUZVWvx5VqO+9n0Dkhes00IGmsFOLX+YR3b3G0BkaKy/9QQpOw1QuNB7TViqLE691I5mSWmSlQxeF4OBw561QiCMIdai6QWL0wxVl3eCelHvFYigFwPI+XVPXzft1XG8VSY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224530; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=1LOhl43/dq76eZe6Pp1YIu3+XE/iaRx98MaQ8/pCiC0=; b=IqkwnHYbjUsABWoWYMFj22Mc9YDihiYLNYgAItef1J0Fb/F4pehUmX793KQtQuuG96U1PMdtTQupoodVkDpHPBu3mFzxxa+rA905cAEPqKaqu+VTYPy46c/LRSImSr8N47nyMHDXbj0B23r42qAe5nY4aPbffw8bqs1pmP+mRKo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224530690144.82096930109992; Mon, 12 Jan 2026 05:28:50 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHv3-0004yc-CQ; Mon, 12 Jan 2026 08:25:17 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuT-0004Ho-9C for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:42 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuP-0003sM-EE for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:40 -0500 Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com [209.85.215.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-184-2hTw6IgnMGmR5y5LOONTfA-1; Mon, 12 Jan 2026 08:24:35 -0500 Received: by mail-pg1-f200.google.com with SMTP id 41be03b00d2f7-c337375d953so4584297a12.3 for ; Mon, 12 Jan 2026 05:24:35 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224276; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1LOhl43/dq76eZe6Pp1YIu3+XE/iaRx98MaQ8/pCiC0=; b=g6Ov7k84z7et7F+LRmIMHs+l64EGWLV+F8yj4swEfPRU00Sjt/yOH2CIZQ/ZZ1HEw911NL 17vRfeAJXHrhNZmlMP9hPJqaSWIk8q5qCXDagxhWAqORWt4X3Lk4z9oa7Jtcn0ubSu/k6I PWouby0XA6L5wy+AsqCPA6qi0jxnkeE= X-MC-Unique: 2hTw6IgnMGmR5y5LOONTfA-1 X-Mimecast-MFC-AGG-ID: 2hTw6IgnMGmR5y5LOONTfA_1768224275 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224275; x=1768829075; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1LOhl43/dq76eZe6Pp1YIu3+XE/iaRx98MaQ8/pCiC0=; b=OLoP1frEelAEUJ4qZBN8ESMY95UHcCTIWeXVcrKBFR2dzNyMkInm4C+VPtH9go6bG/ yXY+Xo9MzM1p0OuwqJXNzMoipa/c8kD1xH46o8+htIfT+CHSNb40jAVRSFuh4ufzxsiN vpZxY3yFffynz4mlAysC+sU+8hiyxmLXn/DqKBKCBggmoNSDOEtoNoMxm6lbGkafqHbG K2Dj+DjNEnZqLlbkvL8HKDWNMhUqmFfqDesOZap3s2ha0w9ON2TFlo2G1EW8lMcdCOy/ d1ruBjTpu6PmcdaXxfyRX7rZIu/r/6mJaZFuXT7PKujwHV/hEqQxkX2wx35LGFdIgGCB vSfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224275; x=1768829075; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=1LOhl43/dq76eZe6Pp1YIu3+XE/iaRx98MaQ8/pCiC0=; b=Zpfvp9tF4u93h8q8fLEcrROxQoxZwq9fMAoTX4KwgFNLn+Td7htbuK7q2FaMWz1MW1 pD/qx8EwHxYo4Ppw1WfeqbKSKaT5KzA4cZR6yh+xmi1Gb3OmVg2uyKgHzAT29P8KFICp mM+EZU5Qv45h9uH1VahX0fnBvvdkhJaZX6k5WGNzQSb8ASJF24FS+yUcibH6tBSpjhpB uvdParrGiY5oyDJdd0tuQjqnc3CCbAWUSME17V5hFsypfHw1oKDp6nqU/YDPjwry6YB3 9cJdBPuV98ZoLNFVjF9LEN7fS4XMOoNPO2/SmwLtlqWNiwb44AFkkZTOFpzDKBO4v7rl n5aQ== X-Forwarded-Encrypted: i=1; AJvYcCWbnyMQIopq6aWTD99F+IQRvQDUYjBjNaJsWThANPY9YkWk1Urjw8rwNbfK0x7liEZY0E3mxoXoLZDb@nongnu.org X-Gm-Message-State: AOJu0Yw0J13qLWLSANZ3AFOrNvmqjQW+wpPt3jVmRUINLyuxlsZFans3 lf84tvRvSxkvIUCYdsjBCe1ovBxyUjLw/3k20oyIVplVhA+JVfaJJTY+OCXkqW59u3YKVPMNsis DAQlBJ1Gvhyes1XH4KeYsfeqL+e5x7xVJ4cfU/JTjrganf7lKYxIXXe+o X-Gm-Gg: AY/fxX5ffFyAxqWf4XT7msOdAcG6haw1TRmA18YGq1BLp/Y5CYmwu3fGFMIt7TXTowJ EWi1tOnmqcLHp1C+yJl3j0DH2x9Vh9f/RPEGyh+z/Xtt8aVJNToJzBsxOGEjZunNaGIJPg/8LGF ePqRaKbPyK7nPJYRz5C3l379ytLng9N+Of3pwSIjCjjFuSUhd6xmfPk8IPbuKhxNyPGAqsmVqf9 ZvXAPUBGlar7NpaRFF4B6emd73n7cdWYADowpZbdbDicVcAwHT9k3IwaNaFfwr+biV6LDbhNiaZ mzjTrm9khGwuMgRH5bY1oOoyOSH2Zczc6MqTW7NEz9+t7TJkUQqpNkcr0cheHsz0DuaJzXxCm09 SxiV1qmmHqnjutB4qBAddsklqLX8qyMlNHyffyLl78EY= X-Received: by 2002:a05:6a20:7f95:b0:366:14ac:8c6f with SMTP id adf61e73a8af0-3898f9db830mr15706095637.69.1768224274681; Mon, 12 Jan 2026 05:24:34 -0800 (PST) X-Google-Smtp-Source: AGHT+IH5XPCBEKldwM8vUeL1siQ5N0gP8WJgL6Eev8zYF2ErEUu1bwf3lwa9SMhcx7QdNvA9I/Niow== X-Received: by 2002:a05:6a20:7f95:b0:366:14ac:8c6f with SMTP id adf61e73a8af0-3898f9db830mr15706066637.69.1768224274254; Mon, 12 Jan 2026 05:24:34 -0800 (PST) From: Ani Sinha To: David Woodhouse , Paul Durrant , "Michael S. Tsirkin" , Marcel Apfelbaum , Paolo Bonzini , Richard Henderson , Eduardo Habkost Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 26/32] kvm/xen_evtchn: add support for confidential guest reset Date: Mon, 12 Jan 2026 18:52:39 +0530 Message-ID: <20260112132259.76855-27-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224532584158500 Content-Type: text/plain; charset="utf-8" As a part of the confidential guest reset, when the KVM VM file handle is changed, Xen event ports and kernel ports that were associated with the previous KVM file handle needs to be reassociated with the new handle. This= is performed with the help of a callback handler that gets invoked during the confidential guest reset process when the KVM VM file fd changes. This patch is untested on confidential guests and exists only for completen= ess. Signed-off-by: Ani Sinha --- hw/i386/kvm/xen_evtchn.c | 100 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 97 insertions(+), 3 deletions(-) diff --git a/hw/i386/kvm/xen_evtchn.c b/hw/i386/kvm/xen_evtchn.c index b65871f354..18d6aa9cd5 100644 --- a/hw/i386/kvm/xen_evtchn.c +++ b/hw/i386/kvm/xen_evtchn.c @@ -133,6 +133,26 @@ struct pirq_info { bool is_translated; }; =20 +struct eventfds { + uint16_t type; + evtchn_port_t port; + int fd; + QLIST_ENTRY(eventfds) node; +}; + +struct kernel_ports { + uint16_t type; + evtchn_port_t port; + uint32_t vcpu_id; + QLIST_ENTRY(kernel_ports) node; +}; + +static QLIST_HEAD(, eventfds) eventfd_list =3D + QLIST_HEAD_INITIALIZER(eventfd_list); + +static QLIST_HEAD(, kernel_ports) kernel_port_list =3D + QLIST_HEAD_INITIALIZER(kernel_port_list); + struct XenEvtchnState { /*< private >*/ SysBusDevice busdev; @@ -178,6 +198,7 @@ struct XenEvtchnState { #define pirq_inuse(s, pirq) (pirq_inuse_word(s, pirq) & pirq_inuse_bit(pir= q)) =20 struct XenEvtchnState *xen_evtchn_singleton; +static NotifierWithReturn xen_eventchn_notifier; =20 /* Top bits of callback_param are the type (HVM_PARAM_CALLBACK_TYPE_xxx) */ #define CALLBACK_VIA_TYPE_SHIFT 56 @@ -304,6 +325,52 @@ static void gsi_assert_bh(void *opaque) } } =20 +static int xen_eventchn_handle_vmfd_change(NotifierWithReturn *notifier, + void *data, Error **errp) +{ + struct eventfds *ef; + struct kernel_ports *kp; + struct kvm_xen_hvm_attr ha; + CPUState *cpu; + int ret; + + QLIST_FOREACH(ef, &eventfd_list, node) { + ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN; + ha.u.evtchn.send_port =3D ef->port; + ha.u.evtchn.type =3D ef->type; + ha.u.evtchn.flags =3D 0; + ha.u.evtchn.deliver.eventfd.port =3D 0; + ha.u.evtchn.deliver.eventfd.fd =3D ef->fd; + + ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha); + if (ret < 0) { + error_setg(errp, "KVM_XEN_HVM_SET_ATTR failed with %d", ret); + return ret; + } + } + + memset(&ha, 0, sizeof(ha)); + + QLIST_FOREACH(kp, &kernel_port_list, node) { + cpu =3D qemu_get_cpu(kp->vcpu_id); + ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN; + ha.u.evtchn.send_port =3D kp->port; + ha.u.evtchn.type =3D kp->type; + ha.u.evtchn.flags =3D 0; + ha.u.evtchn.deliver.port.port =3D kp->port; + ha.u.evtchn.deliver.port.vcpu =3D kvm_arch_vcpu_id(cpu); + ha.u.evtchn.deliver.port.priority =3D + KVM_IRQ_ROUTING_XEN_EVTCHN_PRIO_2LEVEL; + + ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha); + if (ret < 0) { + error_setg(errp, "KVM_XEN_HVM_SET_ATTR failed with %d", ret); + return ret; + } + } + return 0; +} + void xen_evtchn_create(unsigned int nr_gsis, qemu_irq *system_gsis) { XenEvtchnState *s =3D XEN_EVTCHN(sysbus_create_simple(TYPE_XEN_EVTCHN, @@ -350,6 +417,9 @@ void xen_evtchn_create(unsigned int nr_gsis, qemu_irq *= system_gsis) =20 /* Set event channel functions for backend drivers to use */ xen_evtchn_ops =3D &emu_evtchn_backend_ops; + + xen_eventchn_notifier.notify =3D xen_eventchn_handle_vmfd_change; + kvm_vmfd_add_change_notifier(&xen_eventchn_notifier); } =20 static void xen_evtchn_register_types(void) @@ -547,6 +617,7 @@ static void inject_callback(XenEvtchnState *s, uint32_t= vcpu) static void deassign_kernel_port(evtchn_port_t port) { struct kvm_xen_hvm_attr ha; + struct kernel_ports *kp; int ret; =20 ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN; @@ -557,6 +628,12 @@ static void deassign_kernel_port(evtchn_port_t port) if (ret) { qemu_log_mask(LOG_GUEST_ERROR, "Failed to unbind kernel port %d: %= s\n", port, strerror(ret)); + } else { + QLIST_FOREACH(kp, &kernel_port_list, node) { + if (kp->port =3D=3D port) { + QLIST_REMOVE(kp, node); + } + } } } =20 @@ -565,6 +642,8 @@ static int assign_kernel_port(uint16_t type, evtchn_por= t_t port, { CPUState *cpu =3D qemu_get_cpu(vcpu_id); struct kvm_xen_hvm_attr ha; + g_autofree struct kernel_ports *kp =3D g_malloc0(sizeof(*kp)); + int ret; =20 if (!cpu) { return -ENOENT; @@ -578,12 +657,21 @@ static int assign_kernel_port(uint16_t type, evtchn_p= ort_t port, ha.u.evtchn.deliver.port.vcpu =3D kvm_arch_vcpu_id(cpu); ha.u.evtchn.deliver.port.priority =3D KVM_IRQ_ROUTING_XEN_EVTCHN_PRIO_= 2LEVEL; =20 - return kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha); + ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha); + if (ret =3D=3D 0) { + kp->type =3D type; + kp->port =3D port; + kp->vcpu_id =3D vcpu_id; + QLIST_INSERT_HEAD(&kernel_port_list, kp, node); + } + return ret; } =20 static int assign_kernel_eventfd(uint16_t type, evtchn_port_t port, int fd) { struct kvm_xen_hvm_attr ha; + g_autofree struct eventfds *ef =3D g_malloc0(sizeof(*ef)); + int ret; =20 ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN; ha.u.evtchn.send_port =3D port; @@ -592,7 +680,14 @@ static int assign_kernel_eventfd(uint16_t type, evtchn= _port_t port, int fd) ha.u.evtchn.deliver.eventfd.port =3D 0; ha.u.evtchn.deliver.eventfd.fd =3D fd; =20 - return kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha); + ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha); + if (ret =3D=3D 0) { + ef->type =3D type; + ef->port =3D port; + ef->fd =3D fd; + QLIST_INSERT_HEAD(&eventfd_list, ef, node); + } + return ret; } =20 static bool valid_port(evtchn_port_t port) @@ -2391,4 +2486,3 @@ void hmp_xen_event_inject(Monitor *mon, const QDict *= qdict) monitor_printf(mon, "Delivered port %d\n", port); } } - --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224686; cv=none; d=zohomail.com; s=zohoarc; b=Al4YLIWRAsgYJnD1NB3O8SmM6FdexM9PBAMBaQ5QW4PQHWU/M7eGmXBMWXef7NJ7n9kb2Pbev4oF44luP9IGLAbtEK55um3jEctqqXjHf7qQcjUNxovq0eJ0T7Jv2nmSfA6utCnp4xSmCgpStl4JyMdcsJw5O42C1/C59Nc15O0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224686; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=rjXeXMZ86tZhJ3ZpZduWO5G2uNfiO8bwCXFTIf0upHQ=; b=TLfkSiFKNKoE5i5mjUbm11E8ErdwQnydb0YvOHJOxUp5g4cLiCbXbgvyb0emS2VYqreGMqLypWkCCGioefieKwe2K/61UcdRh8UoZ4BIyAoCms6GChVKYdMvLNfY8NJ80yCM0r4TaJauz+UYdA1w3DWDlwnnKJULX3KdD56OKDU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224686564597.1097981869897; Mon, 12 Jan 2026 05:31:26 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHvL-0005u9-Oz; Mon, 12 Jan 2026 08:25:41 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuV-0004Pl-Bj for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:44 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuR-0003sZ-UB for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:42 -0500 Received: from mail-pj1-f71.google.com (mail-pj1-f71.google.com [209.85.216.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-354-BctkYDoGOO2zoB7Tivujag-1; Mon, 12 Jan 2026 08:24:38 -0500 Received: by mail-pj1-f71.google.com with SMTP id 98e67ed59e1d1-34ab8aafd24so3273116a91.0 for ; Mon, 12 Jan 2026 05:24:37 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224279; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rjXeXMZ86tZhJ3ZpZduWO5G2uNfiO8bwCXFTIf0upHQ=; b=AUcKBIyEAx6SQ4UKQR1UlFMrjdlkFCl2I5jDOkdLP1TfeyDosUz99n0O7V54wZPgD3MMBq uWoohJWxR/jc/LGroJa1OZZ7TcbE9KRiTkCjv7b0xG5rmYV54VlltS/h3uL3jvSry9bUNY r/2rXTctRyLTh5g9NLF4Z7WNbj4WmdY= X-MC-Unique: BctkYDoGOO2zoB7Tivujag-1 X-Mimecast-MFC-AGG-ID: BctkYDoGOO2zoB7Tivujag_1768224277 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224277; x=1768829077; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rjXeXMZ86tZhJ3ZpZduWO5G2uNfiO8bwCXFTIf0upHQ=; b=cSLZSO/X4hetq0xurt8Q32qO7XBo3b21dB+QvgPvD0OuLGHl3Zl2dmfeNtNbsdTlrA EgpXD19tTrAoqScwjIi3WDd45+nstghs3eKqMv8S04sjLvEj/23AzRjPP8K5NVgpkrji vFoIFYheojeXERtmQ43To2rdO+tAs9qWS9jgZRR6NNdKiMspW1hma5cd5RFaC24P61u2 eIa11BzZLdMm82yMmNkzhFR6iaH08rWoIndleX98o0kLohpR9SrMCXXVzhMT/3MPwz2s 0KVRfaGTBFV0ZXtrgJIjfIFzlY1bxp6OSiGEkw7JG+pO9N0d5Eue0gYGV3bj3lfcx7X/ lH1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224277; x=1768829077; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=rjXeXMZ86tZhJ3ZpZduWO5G2uNfiO8bwCXFTIf0upHQ=; b=wKWvqLurSzS6I6onHk5GiQwRsEGqUwvt9CPtRlo8fwiJLb/DUqY8Z1kse98YDAsUnY yiVW+8n8qzRsz0uJ1cCEO0GdFsqcZU5wfNen7djeona5uixE4uXRvZzY/SaLe482cGVJ fxeTjmq1433FMLH2TNc6dv7fEELhyyTwWjBpFHQXNKYAmAWqemkqN4/89Y2AsR91HX7q zZDeATpQpO/84VI4ZTpE6O7DkhYYANZTMAhgzkEVcnBfHQDVYohvhPhLnco6wPMGO45s +0QTA1gGvLDn9IaPXt1TUXaV/iXeGw1rpou3nOcS2b9YY+87czRoYqWAdH1hBSzi4YdZ JWwA== X-Forwarded-Encrypted: i=1; AJvYcCWfGdv/SmHPkB5y8u+b0c3mMOKjTwXkq6y7b5zHf2zXdDweSxdkBIi4sRuybh8DdyNpNN8lYcu8RLPQ@nongnu.org X-Gm-Message-State: AOJu0YwVbXy7F4Paz1+gAvYfmpp+j+8FaRapEEx09PK2jxJAJfbln/GE zoLdZSx3mxClqc1sLYNHvg6rxl/g+mt2yXRMcf/yOBBmE2zf4v9UsueDVVRC8QVrWqzWlNSXT3X hfF9n071TjzoA33MHom8/yFwCnAO0HaQoQgtOXINP3BFBvRBwuKs1jv16 X-Gm-Gg: AY/fxX5Aylpl+bQITg/WaNYeVqYDmGdD/ywkoduckINsXCq/GCi91K4dDJzCs98adoh bxJXrZGdfsiVnbXh7v47iQxLLJFVBqZ/jdOYwoPEfDSVNrbnRfm5LYuberU1Zt0Ke8TcCz767jp oFF3c7QvkjW5cSjBoGKL5dkEn0rWfZS6UYQIE9u+uyivEabTODIj2p3aJkS6U/q7rR34uT9PqwH nSYFh+Qp8lzykU/Xz/pLm1PVWd8l+ND3TnU1P9BQXjXWLMljgy2o2wurHgzyIsiaMthu/OOs/uZ GZ+X+xcBYOyASUB0gzWl/sTQ3TxC/7FvR8SbAE7yA16/gqN39xwOosnKME4O4j8mFaQdcCkUbjq YCfsz1bhfw9iEIEZk8T1LtQ3EywCph3TGwqesYFsJIqQ= X-Received: by 2002:a17:90b:17d0:b0:34c:2aac:21a7 with SMTP id 98e67ed59e1d1-34f5f84a915mr21324728a91.7.1768224276857; Mon, 12 Jan 2026 05:24:36 -0800 (PST) X-Google-Smtp-Source: AGHT+IElmC/CBbXoaNLz/l4K3fsk8Y1ZuefU0GwEfLzGMVbNUZWHvSDM+jXF+iAXoZ1qlDsUp4jVVA== X-Received: by 2002:a17:90b:17d0:b0:34c:2aac:21a7 with SMTP id 98e67ed59e1d1-34f5f84a915mr21324707a91.7.1768224276457; Mon, 12 Jan 2026 05:24:36 -0800 (PST) From: Ani Sinha To: Bernhard Beschow Cc: Ani Sinha , qemu-ppc@nongnu.org, qemu-devel@nongnu.org Subject: [PATCH v2 27/32] ppc/openpic: create a new openpic device and reattach mem region on coco reset Date: Mon, 12 Jan 2026 18:52:40 +0530 Message-ID: <20260112132259.76855-28-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224687471158500 Content-Type: text/plain; charset="utf-8" For confidential guests during the reset process, the old KVM VM file descriptor is closed and a new one is created. When a new file descriptor is created, a new openpic device needs to be created against this new KVM VM f= ile descriptor as well. Additionally, existing memory region needs to be reatta= ched to this new openpic device and proper CPU attributes set associating new fi= le descriptor. This change makes this happen with the help of a callback handl= er that gets called when the KVM VM file descriptor changes as a part of the confidential guest reset process. Signed-off-by: Ani Sinha --- hw/intc/openpic_kvm.c | 108 ++++++++++++++++++++++++++++++++---------- 1 file changed, 83 insertions(+), 25 deletions(-) diff --git a/hw/intc/openpic_kvm.c b/hw/intc/openpic_kvm.c index 9aafef5d9e..4fd70d4b32 100644 --- a/hw/intc/openpic_kvm.c +++ b/hw/intc/openpic_kvm.c @@ -49,6 +49,7 @@ struct KVMOpenPICState { uint32_t fd; uint32_t model; hwaddr mapped; + NotifierWithReturn open_pic_vmfd_change_notifier; }; =20 static void kvm_openpic_set_irq(void *opaque, int n_IRQ, int level) @@ -114,6 +115,83 @@ static const MemoryRegionOps kvm_openpic_mem_ops =3D { }, }; =20 +static int create_open_pic_device(KVMOpenPICState *opp, Error **errp) +{ + int kvm_openpic_model; + struct kvm_create_device cd =3D {0}; + KVMState *s =3D kvm_state; + int ret; + + switch (opp->model) { + case OPENPIC_MODEL_FSL_MPIC_20: + kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_20; + break; + + case OPENPIC_MODEL_FSL_MPIC_42: + kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_42; + break; + + default: + error_setg(errp, "Unsupported OpenPIC model %" PRIu32, opp->model); + return -1; + } + + cd.type =3D kvm_openpic_model; + ret =3D kvm_vm_ioctl(s, KVM_CREATE_DEVICE, &cd); + if (ret < 0) { + error_setg(errp, "Can't create device %d: %s", + cd.type, strerror(errno)); + return -1; + } + opp->fd =3D cd.fd; + + return 0; +} + +static int open_pic_vmfd_handle_vmfd_change(NotifierWithReturn *notifier, + void *data, Error **errp) +{ + KVMOpenPICState *opp =3D container_of(notifier, KVMOpenPICState, + open_pic_vmfd_change_notifier); + uint64_t reg_base; + struct kvm_device_attr attr; + CPUState *cs; + int ret; + + /* close the old descriptor */ + close(opp->fd); + + if (create_open_pic_device(opp, errp) < 0) { + return -1; + } + + if (!opp->mapped) { + return 0; + } + + reg_base =3D opp->mapped; + attr.group =3D KVM_DEV_MPIC_GRP_MISC; + attr.attr =3D KVM_DEV_MPIC_BASE_ADDR; + attr.addr =3D (uint64_t)(unsigned long)®_base; + + ret =3D ioctl(opp->fd, KVM_SET_DEVICE_ATTR, &attr); + if (ret < 0) { + fprintf(stderr, "%s: %s %" PRIx64 "\n", __func__, + strerror(errno), reg_base); + return -1; + } + + CPU_FOREACH(cs) { + ret =3D kvm_vcpu_enable_cap(cs, KVM_CAP_IRQ_MPIC, 0, opp->fd, + kvm_arch_vcpu_id(cs)); + if (ret < 0) { + return ret; + } + } + + return 0; +} + static void kvm_openpic_region_add(MemoryListener *listener, MemoryRegionSection *section) { @@ -197,37 +275,14 @@ static void kvm_openpic_realize(DeviceState *dev, Err= or **errp) SysBusDevice *d =3D SYS_BUS_DEVICE(dev); KVMOpenPICState *opp =3D KVM_OPENPIC(dev); KVMState *s =3D kvm_state; - int kvm_openpic_model; - struct kvm_create_device cd =3D {0}; - int ret, i; + int i; =20 if (!kvm_check_extension(s, KVM_CAP_DEVICE_CTRL)) { error_setg(errp, "Kernel is lacking Device Control API"); return; } =20 - switch (opp->model) { - case OPENPIC_MODEL_FSL_MPIC_20: - kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_20; - break; - - case OPENPIC_MODEL_FSL_MPIC_42: - kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_42; - break; - - default: - error_setg(errp, "Unsupported OpenPIC model %" PRIu32, opp->model); - return; - } - - cd.type =3D kvm_openpic_model; - ret =3D kvm_vm_ioctl(s, KVM_CREATE_DEVICE, &cd); - if (ret < 0) { - error_setg(errp, "Can't create device %d: %s", - cd.type, strerror(errno)); - return; - } - opp->fd =3D cd.fd; + create_open_pic_device(opp, errp); =20 sysbus_init_mmio(d, &opp->mem); qdev_init_gpio_in(dev, kvm_openpic_set_irq, OPENPIC_MAX_IRQ); @@ -236,6 +291,9 @@ static void kvm_openpic_realize(DeviceState *dev, Error= **errp) opp->mem_listener.region_del =3D kvm_openpic_region_del; opp->mem_listener.name =3D "openpic-kvm"; memory_listener_register(&opp->mem_listener, &address_space_memory); + opp->open_pic_vmfd_change_notifier.notify =3D + open_pic_vmfd_handle_vmfd_change; + kvm_vmfd_add_change_notifier(&opp->open_pic_vmfd_change_notifier); =20 /* indicate pic capabilities */ msi_nonbroken =3D true; --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224387; cv=none; d=zohomail.com; s=zohoarc; b=W4F9Ozhjeb9muQaoHkJ9a+TLr1wEXXCdWBtxTxbd5gbYG9PmA6ueUCyzGfYVI+Rc/jCddPP8NqBqcuJzk39v/SfuZG0sotOZebCS+r4WNZCjcImdp721zh+itz7LNlcGQKpIyNEllrjc2oljmwL17DEyzhuE0CzdQLLbn11uWGI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224387; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=34fJR3EaRP0lXjDv/gJjVEbigtGQPR0fffJidhYwq0M=; b=WZWI8fg+OQ5+mCfFqZiaEk7hpGg3XoJ+Ck5yVXWRoeWQbFHBdZ73fO+5V+RAUxMJ67kd2ws5lrKPcpXqRRod6XpT3Zwi21VsT5idheNCQM0C+sa9g2mGf1SOm0MFN8u65GejGi5XL0+o1OxY6cPR8EABVGOEc3PeMdKMjaNzKbM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224387220944.3080912860518; Mon, 12 Jan 2026 05:26:27 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHw0-0006JO-Qf; Mon, 12 Jan 2026 08:26:18 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuZ-0004V8-6M for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:47 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuW-0003tE-WF for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:46 -0500 Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-127-GWcljjK-OoO0Uf-79-ptnA-1; Mon, 12 Jan 2026 08:24:40 -0500 Received: by mail-pg1-f199.google.com with SMTP id 41be03b00d2f7-b471737e673so8554209a12.1 for ; Mon, 12 Jan 2026 05:24:40 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224284; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=34fJR3EaRP0lXjDv/gJjVEbigtGQPR0fffJidhYwq0M=; b=WekqduqARwYEpbVshm6B6lTmwG3+Hs7WNr06pC1joRLcwDp3phCpYejt6oA7ZZHcUMjO0y zDkKIwdYftIXnF24WiorRFZeWav/fOnpxAwrGg2h3UwepwSLScxa6VEsMzbxINGVjo+RXQ IFbY73E8etXN71fMQ23JScw7/q4PfJ4= X-MC-Unique: GWcljjK-OoO0Uf-79-ptnA-1 X-Mimecast-MFC-AGG-ID: GWcljjK-OoO0Uf-79-ptnA_1768224279 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224279; x=1768829079; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=34fJR3EaRP0lXjDv/gJjVEbigtGQPR0fffJidhYwq0M=; b=lIDL0PIbqQHENzABYtWMjyxdAdb8dvoEQQRakimoO8yL/fHFRTcdQnqgtJsfOMdgkX 25KiFrfyLjm1hermrPJvVNgIhlTdyGzE6WUdG9SUl93I+Hz19UhYnBy2e/jZ+WiEb4LE ro9szOkk1rcHe+gkwrzvHvSEWxxC9JWiPhfGSkqQE1svRbmFxqjQWueoQs+CdX2k6pae jYvakHtE2mxTKJD0Y6NOW2OeHYIe0po5u7eO2Q4rGwXfO+IbTcbqAVGBM9/A4A8NGEjv pDzVoMMWkXuEkWxoL8biutBbIs5Gc9bOr6tZoP/00pXxejUP93gbKqppE3Vex9Q5qHtb IFQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224279; x=1768829079; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=34fJR3EaRP0lXjDv/gJjVEbigtGQPR0fffJidhYwq0M=; b=u7Tx6ryW6GZ8B8fC/DGblefAqbJvwkoL+4mE/3t5jJemZ+1PtEDikbO6Y3ia5UYDgi 72FkflL0MnFZsXFhkv3H4/OjlNY0/NXJoFr0hhMqDoyq8dlugaqKPaD64/tk4LqOTH+7 ZJTgUw4WOX9Vl1waUfJqljqEtVg6wyxEwKLOyBrToP4M5Q0RFjWH7gdaA4j1znkogsWT K62+AWAR9MKv8cg94mN+E+tgIDuM15d/KDAYqM/z/Vay/5AVcNlz6VVwQJYnzAYuUU4u E5PkRyO+iS1Guv/HSwsCDAjZG8JfwKGrHoYYiXGfdBj0Lt1oqoLD8pn6Yp8LR3x3P8If fnUA== X-Forwarded-Encrypted: i=1; AJvYcCW6rChpNADc8oWNOkUzwXqu8HUQEv7bPvct52GpnQGv6zYa6oHpAXgoDjxoDC/aSpxET6JuUEnMyilx@nongnu.org X-Gm-Message-State: AOJu0Yxa4LaC5Y52vqcq9UtUHL2w/7/H24+YGPCUBLwZbSQc3hjHVA6o YA7Nhzni20vHI44HXBQX2xRlYSpy5i5bREW1mn7zvNpWLf5iLDQawLLdkO8AivdKVhGJBeUfUcd qLTi0GW18uTib9nDJbsk2116H7hctIoqXcMZ2ZKoP+zw3z+t3JlM3GLO6 X-Gm-Gg: AY/fxX7WA2LylIQ4lMR+BNEJjYJckD5nKiXDAI1gHfPgrGkH1PRZt60xGUSJU5Vdtjo 9XIqOhGIYF3HSa+GHoAgXRAh/AJG4O9bUuUtd9lRH7RwbXc/aBPNbQUI1vr+aJfKAELz2rs4Joo e2q2uouaWj9S6ok3+QhmqrncYJlypcVJvAEICUtp8AyzTpkboNGRTfyqsle6dBd9LegrYSkJ2Do URU3vGv8HLJbxim9X8e3CRb3Vh31mPhbXYjL831pHsoEU5SvgmzU2t7UTmh1CQu9dycEA3Tn5cW BBTZzJbFmYZhRix/jFGeZspBe+ZcRIOYFL4s4HBJ8yJ+mw5pDQy1QQ6SHAnh4k4Zbye14wAxsFq Hcaq3erxx/KcV2vIYTVYtQKmGJdehEyWbAz/2WNAiEBA= X-Received: by 2002:a05:6a20:7d9f:b0:350:7d78:18d9 with SMTP id adf61e73a8af0-3898f90887dmr15164015637.32.1768224279170; Mon, 12 Jan 2026 05:24:39 -0800 (PST) X-Google-Smtp-Source: AGHT+IGIt8GOnuhdYsXeV1HU+lkzI4cU54UMzoMp+l9q2VHcfA0UCoD8L3XqEJJR5fHmm3onZd1kpA== X-Received: by 2002:a05:6a20:7d9f:b0:350:7d78:18d9 with SMTP id adf61e73a8af0-3898f90887dmr15164000637.32.1768224278747; Mon, 12 Jan 2026 05:24:38 -0800 (PST) From: Ani Sinha To: Paolo Bonzini Cc: Ani Sinha , kvm@vger.kernel.org, qemu-devel@nongnu.org Subject: [PATCH v2 28/32] kvm/vcpu: add notifiers to inform vcpu file descriptor change Date: Mon, 12 Jan 2026 18:52:41 +0530 Message-ID: <20260112132259.76855-29-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224387856158500 Content-Type: text/plain; charset="utf-8" When new vcpu file descriptors are created and bound to the new kvm file descriptor as a part of the confidential guest reset mechanism, various subsystems needs to know about it. This change adds notifiers so that vario= us subsystems can take appropriate actions when vcpu fds change by registering their handlers to this notifier. Subsequent changes will register specific handlers to this notifier. Signed-off-by: Ani Sinha --- accel/kvm/kvm-all.c | 27 ++++++++++++++++++++++++++- accel/stubs/kvm-stub.c | 10 ++++++++++ include/system/kvm.h | 17 +++++++++++++++++ 3 files changed, 53 insertions(+), 1 deletion(-) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index 2bd4dcd43b..efdfdf0ccb 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -130,8 +130,10 @@ static NotifierWithReturnList register_vmfd_changed_no= tifiers =3D static NotifierWithReturnList register_vmfd_pre_change_notifiers =3D NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_pre_change_notifie= rs); =20 -static int kvm_rebind_vcpus(Error **errp); +static NotifierWithReturnList register_vcpufd_changed_notifiers =3D + NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vcpufd_changed_notifier= s); =20 +static int kvm_rebind_vcpus(Error **errp); static int map_kvm_run(KVMState *s, CPUState *cpu, Error **errp); static int map_kvm_dirty_gfns(KVMState *s, CPUState *cpu, Error **errp); static int vcpu_unmap_regions(KVMState *s, CPUState *cpu); @@ -2328,6 +2330,22 @@ void kvm_vmfd_remove_pre_change_notifier(NotifierWit= hReturn *n) notifier_with_return_remove(n); } =20 +void kvm_vcpufd_add_change_notifier(NotifierWithReturn *n) +{ + notifier_with_return_list_add(®ister_vcpufd_changed_notifiers, n); +} + +void kvm_vcpufd_remove_change_notifier(NotifierWithReturn *n) +{ + notifier_with_return_remove(n); +} + +static int kvm_vcpufd_change_notify(Error **errp) +{ + return notifier_with_return_list_notify(®ister_vcpufd_changed_notif= iers, + &vmfd_notifier, errp); +} + static int kvm_vmfd_pre_change_notify(Error **errp) { return notifier_with_return_list_notify(®ister_vmfd_pre_change_noti= fiers, @@ -2858,6 +2876,13 @@ static int kvm_reset_vmfd(MachineState *ms) } assert(!err); =20 + /* notify everyone that vcpu fd has changed. */ + ret =3D kvm_vcpufd_change_notify(&err); + if (ret < 0) { + return ret; + } + assert(!err); + /* these can be only called after ram_block_rebind() */ memory_listener_register(&kml->listener, &address_space_memory); memory_listener_register(&kvm_io_listener, &address_space_io); diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c index 7f4e3c4050..5b94f3dc3c 100644 --- a/accel/stubs/kvm-stub.c +++ b/accel/stubs/kvm-stub.c @@ -95,6 +95,16 @@ void kvm_vmfd_remove_change_notifier(NotifierWithReturn = *n) { } =20 +void kvm_vcpufd_add_change_notifier(NotifierWithReturn *n) +{ + return; +} + +void kvm_vcpufd_remove_change_notifier(NotifierWithReturn *n) +{ + return; +} + int kvm_irqchip_add_irqfd_notifier_gsi(KVMState *s, EventNotifier *n, EventNotifier *rn, int virq) { diff --git a/include/system/kvm.h b/include/system/kvm.h index edc3fa5004..120b77d039 100644 --- a/include/system/kvm.h +++ b/include/system/kvm.h @@ -587,6 +587,23 @@ void kvm_vmfd_add_change_notifier(NotifierWithReturn *= n); */ void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n); =20 +/** + * kvm_vcpufd_add_change_notifier - register a notifier to get notified wh= en + * a KVM vcpu file descriptors changes as a part of the confidential guest + * "reset" process. Various subsystems should use this mechanism to take + * actions such as re-issuing vcpu ioctls as a part of setting up vcpu + * features. + * @n: notifier with return value. + */ +void kvm_vcpufd_add_change_notifier(NotifierWithReturn *n); + +/** + * kvm_vcpufd_remove_change_notifier - de-register a notifer previously + * registered with kvm_vcpufd_add_change_notifier call. + * @n: notifier that was previously registered. + */ +void kvm_vcpufd_remove_change_notifier(NotifierWithReturn *n); + /** * kvm_vmfd_add_pre_change_notifier - register a notifier to get notified = when * kvm vm file descriptor is about to be changed as a part of the confiden= tial --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224406; cv=none; d=zohomail.com; s=zohoarc; b=SZyTEkmlfHEHnNsVEhy56sPhJ047DdAi8AAMdhzlh6JwGx8yb+kYlapRme0ZnB6P3vjlP5X75l0KGr8GTFzsOptOTT3dgzwWXFuitWcJsIcG9nR1XBe5g4pa5PoZrBddnWbEPZ/2Z4r5xmvI74rrkz3c3UbBYwhzuufplTct94I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224406; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=; b=Pw7WkhAFmj3+MWLYDr9nyy3ZfeWOu/JfSF0gaRZv+t1L/RgUcVBnwpumlZtFEtYha5cw67tetVNfZpOukRXoiC2itksJ+xJurlfF251rorohMIuGH6NxTuF7d20OD7P5OeC9tU6K+JwmvV+Fnou5fjUUEHHZTNJDLYRuVC2eiAI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 176822440676245.61684839279587; Mon, 12 Jan 2026 05:26:46 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHvC-0005TE-1j; Mon, 12 Jan 2026 08:25:26 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHud-0004Wp-1d for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:51 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuZ-0003tl-5T for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:50 -0500 Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com [209.85.215.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-148-A1ra-SokNomyYRJ-ABpeBQ-1; Mon, 12 Jan 2026 08:24:43 -0500 Received: by mail-pg1-f197.google.com with SMTP id 41be03b00d2f7-c5269fcecdeso2396518a12.0 for ; Mon, 12 Jan 2026 05:24:42 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224286; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=; b=MI1buGdCJ8VRQCS/AImg8IYPv4UcC3cjoyZ8EBS5fnVpDO7WYvhQTYBqI60pJ+z22BYoW4 OxB+WKVaOFPvkXB7I/Iwg19ybyquP7fRUfWMFSaLQ9nt+KAA4zqWNHCEJd8G2iByQdMys2 YhghLU0h3Xx2SxqXdwv/4AMiHtQ4wCk= X-MC-Unique: A1ra-SokNomyYRJ-ABpeBQ-1 X-Mimecast-MFC-AGG-ID: A1ra-SokNomyYRJ-ABpeBQ_1768224282 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224282; x=1768829082; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=; b=s3EBp5MmDhUwOvlP4rkIMMY7YjHLgQIKHtbfmWY0XDDoEyFz5i4UuDYJxz3ZBe01mq fwK3Sq+68mYJ+wZ+gQ5ExIWORxcKW6OuMKMZNPUEH4UfJByxwiAec2+iHkIHhH+nX7Ku 4HqFlzK/Src4a9zM18IPS6ksAIGajohQPeFzJVnNectYpdgW9MjbLzSd2kJGK3dg75Iu KiyJI9S/txWh1U0uYI/skdhcEpiVf3n3Cq+C/PAmS0yM/FTpo+9nTNTY97GugzDLI+iV LDwZTEL5BiIpx5HQgyWYWbw7ytTa222mwBkfmv0GAxm40DhwyWLBLut4M54L+oOIoI7K 6clA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224282; x=1768829082; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=; b=InewjIL6/X53ylNPNjx7ZXK5yRl2mA3EyI2M1RsIEzHrxi6szVuE0wA+45Np8VrLTr vrcfNT9QTEtlDoonVij7QYddnjgT2chJ1OO6cd66ixfFThX73ygNyHFJtIxCN5uCp/ll lejFVdzAVgRraNx9IxLwq8TmbQ6GkFIQ0Xl8HPfzQOnDpGudNAzUsix7lpPBmuc/2GUQ 6IZYhHDCAx3rfBoAuFLOG45rBhE+AmQ5dMwo4oy/0rabFtfmg4DSmVrEw5YtJbYnLPD+ gK1GKJkWEni9s0/eOM4yRdnloDEXqD0Pw/dn98BiVoRcgtsvgPlGp2ZS9BFPGyJy3Am5 UxOw== X-Forwarded-Encrypted: i=1; AJvYcCUGs7WzXWCHzQvfQuW73hnFjZP3K6yYFyAWN/v2o/56vydqgcpOZR/WbjqHZ0NeTohBrn5kq0T+JTIG@nongnu.org X-Gm-Message-State: AOJu0YwAyA2wMVz86GcwaHiypKA00tZsR5mJhO6MMLGVFidAxoWK3Mjn ny8QrgPIt5bls/ounDfZrp+K3JI2zyNBGb0l+MpJsiCDb1ZKzRC5/jD19aXuck7FwctX5hpQEmy BQtnWE9s5qeNUpz6HqGzDa9V2oy9UkvUITFSGFJi+Pw2dpxBtzrz4X2Hx X-Gm-Gg: AY/fxX6hEx1U4Dz86kKB90WD0nw3ne21y0YrKpKMQuZyIBA2kLdE4pIMdHjewMlXCXi /sKWrYkPRczh9i0CPEIsTStobr9r7XRv6UL00vvLxhdEKa566Rzoru0nWN5zJFDXxeCNlaaLBbF YlJcbZ+++zG3D6tY5N7r1erXTdmHaIlzVrPdD4rVYluzvdDIs2OmuXXRswIw5d3MFgjvliCvggl Mso+bzsCig9vcTEiW8K5MOdIrnSXAc+l2A1LvYFvx5w77vlSgwGGLWkyruguJg33FiBoM8F6OnB ddwTuwCL0bzu1Qo5TnsX1n2GlTrwDQuVCia5J6YWMaA/UYP3y7dbFjfBrJnvOVBejWB6SYhgCl/ rtVHgIjO4C5H/ePUs32iqjXcCfrpWsayhX6LWQg9hjJE= X-Received: by 2002:a05:6a20:9389:b0:364:13ca:3702 with SMTP id adf61e73a8af0-3898f987e4dmr15605302637.42.1768224282085; Mon, 12 Jan 2026 05:24:42 -0800 (PST) X-Google-Smtp-Source: AGHT+IHk8QW2RliSHhtFMjkKxZmzmVzNrv6vCTx1ajL7q72+fmrMw65zwoht1sL/r/v90mZHzFABIw== X-Received: by 2002:a05:6a20:9389:b0:364:13ca:3702 with SMTP id adf61e73a8af0-3898f987e4dmr15605280637.42.1768224281664; Mon, 12 Jan 2026 05:24:41 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Richard Henderson , Eduardo Habkost , "Michael S. Tsirkin" , Marcel Apfelbaum Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 29/32] kvm/i386/apic: set local apic after vcpu file descriptors changed Date: Mon, 12 Jan 2026 18:52:42 +0530 Message-ID: <20260112132259.76855-30-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224407904158500 Content-Type: text/plain; charset="utf-8" Once the vcpu file descriptors changed after confidential guest reset, the local apic needs to be reinitialized. This change adds a callback from the vcpu fd change notifiers to reinitialize local apic for kvm x86. Signed-off-by: Ani Sinha --- hw/i386/kvm/apic.c | 13 +++++++++++++ include/hw/i386/apic_internal.h | 1 + 2 files changed, 14 insertions(+) diff --git a/hw/i386/kvm/apic.c b/hw/i386/kvm/apic.c index 82355f0463..f6f8ac2764 100644 --- a/hw/i386/kvm/apic.c +++ b/hw/i386/kvm/apic.c @@ -229,6 +229,16 @@ static void kvm_apic_reset(APICCommonState *s) run_on_cpu(CPU(s->cpu), kvm_apic_put, RUN_ON_CPU_HOST_PTR(s)); } =20 +static int apic_vcpufd_change_handler(NotifierWithReturn *n, + void *data, Error** errp) { + APICCommonState *s =3D container_of(n, APICCommonState, + vcpufd_change_notifier); + + run_on_cpu(CPU(s->cpu), kvm_apic_put, RUN_ON_CPU_HOST_PTR(s)); + + return 0; +} + static void kvm_apic_realize(DeviceState *dev, Error **errp) { APICCommonState *s =3D APIC_COMMON(dev); @@ -238,6 +248,9 @@ static void kvm_apic_realize(DeviceState *dev, Error **= errp) =20 assert(kvm_has_gsi_routing()); msi_nonbroken =3D true; + + s->vcpufd_change_notifier.notify =3D apic_vcpufd_change_handler; + kvm_vcpufd_add_change_notifier(&s->vcpufd_change_notifier); } =20 static void kvm_apic_unrealize(DeviceState *dev) diff --git a/include/hw/i386/apic_internal.h b/include/hw/i386/apic_interna= l.h index 4a62fdceb4..ffe5815e7f 100644 --- a/include/hw/i386/apic_internal.h +++ b/include/hw/i386/apic_internal.h @@ -189,6 +189,7 @@ struct APICCommonState { hwaddr vapic_paddr; /* note: persistence via kvmvapic */ bool legacy_instance_id; uint32_t extended_log_dest; + NotifierWithReturn vcpufd_change_notifier; }; =20 typedef struct VAPICState { --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224540; cv=none; d=zohomail.com; s=zohoarc; b=dUnWp+xdSEPAwMl3TDkUTitpOqOMClyQ86pBunRMFUUgsIFesKqRUOIT8fu/fbfNMNftcGevOLD+ldXR6A1Tr+U1tQyPwkHe96bTAwUYf2GyF8FOVdjhcHxN/Zmv9NTq45O22lZ+ydf77uoZuJmik/g5p8OSsMxHz52QmcC67aI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224540; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=R3yLZr09LM7NcHBXvWZBPJETGaPkzhIYY875mEyeZ3w=; b=MHIUfRiQqJ+P0HqX5AREOvTytKGxd1+yiboGmtVFWzsjq0UAAdKIRGwbJnGnm/gNCoPrPvJSJNlHq8MW3ONy3tVByvWlNIidtLD3eh5/yNV5HasANkk91B2WXzDGeNOQlNwmsSzZbmDKLsgI+qyqqjsV1O27eVOyNbHXEOpAez4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 176822454080279.27859190421634; Mon, 12 Jan 2026 05:29:00 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHw3-0006V4-W3; Mon, 12 Jan 2026 08:26:20 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHud-0004Wt-2O for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:51 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHua-0003u1-6X for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:50 -0500 Received: from mail-pf1-f199.google.com (mail-pf1-f199.google.com [209.85.210.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-517-5cN7QkOsNzmnKIvLlXICow-1; Mon, 12 Jan 2026 08:24:46 -0500 Received: by mail-pf1-f199.google.com with SMTP id d2e1a72fcca58-81d9b88caf2so2205439b3a.1 for ; Mon, 12 Jan 2026 05:24:46 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224287; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=R3yLZr09LM7NcHBXvWZBPJETGaPkzhIYY875mEyeZ3w=; b=GqV6KkozqJ6LOp3Wj46kwSz5T+Qa3QEYGQi8KRVmYyv0nNmvEYMrU7fKxXJyDLPg4+GEoD n3V2YbyvGAPOSPwzyjXxODUMHdPsDiDwo/w1LxBjCfg+5Fh/55N0rgOU3Bj5mDNO6xdH1N Ewm1OdcXkPJeIN5ucjtmrwUI/I5BzSI= X-MC-Unique: 5cN7QkOsNzmnKIvLlXICow-1 X-Mimecast-MFC-AGG-ID: 5cN7QkOsNzmnKIvLlXICow_1768224285 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224285; x=1768829085; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=R3yLZr09LM7NcHBXvWZBPJETGaPkzhIYY875mEyeZ3w=; b=JIhw07sKRzcgWV+AATZ5DgGTWp90MKLapyjOSanSfNlpB2tbNWY2fDTVAb9VHZ41gq HdZ7K4op9APsw0FOWWOj1Sv1RthC/ppFPXdUwV8NXmn5ATraclH/uHdnkXlwyDd/4y+i d2aqPJHzSSqOQADETMs7Jqx2RJgZRRqoz4ZgdfrZmNpalxbVKgWCe2xpEfvwMrX2TKqB 75javuspcILCMc6TWCay9Y+r/2ncPfmqGfgllNn4p8gs1Buj6wptxinRwwoNaAd3yPnD 0ofsiYmDLA30AM8R+1Phaarph/GYv/cZwMeGC/LMAWfbWM89/xzpo7e5t/H/S0QIiGaO 2F2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224285; x=1768829085; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=R3yLZr09LM7NcHBXvWZBPJETGaPkzhIYY875mEyeZ3w=; b=BTmBO29Ve0QY209ah43k68T+n7YlslJHMGylMasxgBdndtPK0rNmVVKYEdiObSDuZo d9Ujxa+mGSMW9FfkLT6SKopktCEzRtD6DnXUlaFeRDSzU54w52SRorNlXj4WEVNiBbtZ JzYMwxT0e+OEuGC+6Di74nJofVWiDbIRwnyypYQmAAFheMqAsrWWaGp0dhL+ylUCr7xc rK/y3i1X7M+XRnJQUJkZp6XF/y7r96beGrLo4uxKmkVFBMa7CGLLbkKskF9/uH1LtMui uU3fEmRPfs+nopbH+iNqdcmDUkF0jxsmcpblHcLZCVr57S9WbttJVFBInApPScUDVnwz Z7Yw== X-Forwarded-Encrypted: i=1; AJvYcCUxi30udMyTZV8IbbIeBV78T/p5ZI/HjbBJH0cc2LIyytD697Z85lP6BAr2+a9mRi7hLEzvGtRxGrZw@nongnu.org X-Gm-Message-State: AOJu0YwKO39XOSG1AHQ43yxecrD6A1vO7eG9RD+wNNd4dpLurEAJnCYG 9BXzU+8lb2chLfKSwLZ+KcE3sb9AwIcCvA010rd84XuWm28JBP6sIT3KeZ6Wc5m45IubmaloYmm To1FFUWOIb1ompcHt+4W+vMDf9VIe8feqHlRVI0m3ECJ9dG9QGTcZyywv X-Gm-Gg: AY/fxX74Ox3jHLqezq2dRaqAeiDI8rJigD2b1Ia2bNFMPtN372F32/9wEnbnWvY29Ii Nl5K3CeBUDI3jB4R9vlagVrk2+JNGxJ2pegJ1XttVZ4kJpO9lwtohzM1GkMm2YGJ0B+8c2/xQqW UG15NHCSENooDfqDMej1+YbFvgiGqTjIKh3oma5mjJM4//ZiIkZK9iI3K3OWYKN+cRzPW/NORds wP0Zv2yjtuSJ2Pgru7FQRXhMBPt+tRstJrotokrBOt7fl2VPxspLVZZFxD3mlwOLMbkHxTzrkyD 7m36OdhqyVYvqXMiAVhyzXaweQB04xf7IBwV3O0G5L9eAE1lmPDdIdrJ7zejZGfuw3u6y62gp5q SZ+41zFmWDQcQQG5KkK6vhk4J7xIoi8R2eIk9j/ZwNok= X-Received: by 2002:a05:6a21:6d81:b0:35f:5896:85a4 with SMTP id adf61e73a8af0-3898f8f4941mr16340406637.5.1768224285046; Mon, 12 Jan 2026 05:24:45 -0800 (PST) X-Google-Smtp-Source: AGHT+IENZVaQihKztvKwVH4oiegG/ElvAOEgRUUxrkglVrWtZMNggg7a3/AjWI6vJu3QeTLgEewAGA== X-Received: by 2002:a05:6a21:6d81:b0:35f:5896:85a4 with SMTP id adf61e73a8af0-3898f8f4941mr16340385637.5.1768224284679; Mon, 12 Jan 2026 05:24:44 -0800 (PST) From: Ani Sinha To: "Michael S. Tsirkin" , Marcel Apfelbaum , Paolo Bonzini , Richard Henderson , Eduardo Habkost Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 30/32] kvm/clock: add support for confidential guest reset Date: Mon, 12 Jan 2026 18:52:43 +0530 Message-ID: <20260112132259.76855-31-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224542609158500 Content-Type: text/plain; charset="utf-8" Confidential guests change the KVM VM file descriptor upon reset and also c= reate new VCPU file descriptors against the new KVM VM file descriptor. We need to save the clock state from kvm before KVM VM file descriptor changes and res= tore it after. Also after VCPU file descriptors changed, we must call KVM_KVMCLOCK_CTRL on the VCPU file descriptor to inform KVM that the VCPU is in paused state. Signed-off-by: Ani Sinha --- hw/i386/kvm/clock.c | 56 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/hw/i386/kvm/clock.c b/hw/i386/kvm/clock.c index aba6842a22..fb0f500b7f 100644 --- a/hw/i386/kvm/clock.c +++ b/hw/i386/kvm/clock.c @@ -50,6 +50,9 @@ struct KVMClockState { /* whether the 'clock' value was obtained in a host with * reliable KVM_GET_CLOCK */ bool clock_is_reliable; + + NotifierWithReturn kvmclock_vcpufd_change_notifier; + NotifierWithReturn kvmclock_vmfd_pre_change_notifier; }; =20 struct pvclock_vcpu_time_info { @@ -63,6 +66,9 @@ struct pvclock_vcpu_time_info { uint8_t pad[2]; } __attribute__((__packed__)); /* 32 bytes */ =20 +static int kvmclock_set_clock(NotifierWithReturn *notifier, + void *data, Error** errp); + static uint64_t kvmclock_current_nsec(KVMClockState *s) { CPUState *cpu =3D first_cpu; @@ -219,6 +225,51 @@ static void kvmclock_vm_state_change(void *opaque, boo= l running, } } =20 +static int kvmclock_save_clock(NotifierWithReturn *notifier, + void *data, Error** errp) +{ + KVMClockState *s =3D container_of(notifier, KVMClockState, + kvmclock_vmfd_pre_change_notifier); + kvm_update_clock(s); + return 0; +} + +static int kvmclock_set_clock(NotifierWithReturn *notifier, + void *data, Error** errp) +{ + struct kvm_clock_data clock_data =3D {}; + CPUState *cpu; + int ret; + KVMClockState *s =3D container_of(notifier, KVMClockState, + kvmclock_vcpufd_change_notifier); + int cap_clock_ctrl =3D kvm_check_extension(kvm_state, KVM_CAP_KVMCLOCK= _CTRL); + + if (!s->clock_is_reliable) { + uint64_t pvclock_via_mem =3D kvmclock_current_nsec(s); + /* saved clock value before vmfd change is not reliable */ + if (pvclock_via_mem) { + s->clock =3D pvclock_via_mem; + } + } + + clock_data.clock =3D s->clock; + ret =3D kvm_vm_ioctl(kvm_state, KVM_SET_CLOCK, &clock_data); + if (ret < 0) { + fprintf(stderr, "KVM_SET_CLOCK failed: %s\n", strerror(-ret)); + abort(); + } + + if (!cap_clock_ctrl) { + return 0; + } + CPU_FOREACH(cpu) { + run_on_cpu(cpu, do_kvmclock_ctrl, RUN_ON_CPU_NULL); + } + + return 0; +} + + static void kvmclock_realize(DeviceState *dev, Error **errp) { KVMClockState *s =3D KVM_CLOCK(dev); @@ -230,7 +281,12 @@ static void kvmclock_realize(DeviceState *dev, Error *= *errp) =20 kvm_update_clock(s); =20 + s->kvmclock_vcpufd_change_notifier.notify =3D kvmclock_set_clock; + s->kvmclock_vmfd_pre_change_notifier.notify =3D kvmclock_save_clock; + qemu_add_vm_change_state_handler(kvmclock_vm_state_change, s); + kvm_vcpufd_add_change_notifier(&s->kvmclock_vcpufd_change_notifier); + kvm_vmfd_add_pre_change_notifier(&s->kvmclock_vmfd_pre_change_notifier= ); } =20 static bool kvmclock_clock_is_reliable_needed(void *opaque) --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224528; cv=none; d=zohomail.com; s=zohoarc; b=jFyw026j6qPVKTzJnl/NzwfhE1exYuOg9JukSRAWLKca1MEbx5d8t/l5vaWK6ZUWiqWXLZP/uKDjGfV6basSgXLglA+9yozCusFjtzuK6GcrxmWqR04O78jt9R3Au737kXm6OthUZTJBEGPv/FzrS6mJ8tNp1tEGgqdQq2EnFBo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224528; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=86mEnb9lQKh13f1QZoUI2ApG8aM8K73+JjWMM/hRrmQ=; b=b4UoCwRz2Lbyb2l0PyFGkUU7/w8f2O4IqiFgpr0GkqEWoOvWGz96s8rD+Wu2G47BCIqtoa2iHJ2teFYsg3DsICTBOaOMhSvfWDzFnCXRMdT75uL2qIzBnbFvOJ85/EzVGc1cTgywnCJ1Pjzmmrm5JB9+g+kLGwDYnPMpwTTzjlk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224528486380.0275836840834; Mon, 12 Jan 2026 05:28:48 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHvD-0005ZS-Pl; Mon, 12 Jan 2026 08:25:27 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHuh-0004ho-3p for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:56 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHud-0003uU-5e for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:52 -0500 Received: from mail-pj1-f71.google.com (mail-pj1-f71.google.com [209.85.216.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-466-JGqP_3cINcqqbsSU-T_5dg-1; Mon, 12 Jan 2026 08:24:49 -0500 Received: by mail-pj1-f71.google.com with SMTP id 98e67ed59e1d1-34c6cda4a92so7002686a91.3 for ; Mon, 12 Jan 2026 05:24:49 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224290; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=86mEnb9lQKh13f1QZoUI2ApG8aM8K73+JjWMM/hRrmQ=; b=Ji2ED3P2+oEEqjIhSD94GNdRIHRTjrBI3/QET3YguvuH3CRJkYj1TC85BsC0opZxiMARpg 6+wguOtYaZZmDRjvtT8HQl1TfuA/pay3fA5Kg/sF3db2dDbmi7r4JGG0P76P2CzoqOeb2E pg1fgj8m4El8jIC9QeSBXMqOntRinFc= X-MC-Unique: JGqP_3cINcqqbsSU-T_5dg-1 X-Mimecast-MFC-AGG-ID: JGqP_3cINcqqbsSU-T_5dg_1768224288 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224288; x=1768829088; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=86mEnb9lQKh13f1QZoUI2ApG8aM8K73+JjWMM/hRrmQ=; b=TP136fjea9CycgckiBYA4Z+xqk24AJJ7Z1tfpIe13bRC4orxwZ/ho3fPeun4PlPASw KK2bnZyDuCwGIp9nQlmdTa11ja+QtOTL8X1h15BjjqC4HgW68s4bRikodGVsEVFMs1ZR dBCiA8xKLzup3lUmeLxR4fhBrMp6I+QaX4F72lN0fCuvVPgAQTi3v4jen0pkIFKVR5yQ 1IlBH2nx2PNijnRCWeUT+LlgarmLxr1VN18v2XdvUbtZFWYbGLs3GBzQX1PyYySKWJXu Y3ohGUzgo7SIo1VGb+AGVAEUJhDeHZixF/6EGRc1RaPTw7wp4ISqGOHvExqP6YVacZHW YEbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224288; x=1768829088; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=86mEnb9lQKh13f1QZoUI2ApG8aM8K73+JjWMM/hRrmQ=; b=m7zTsaI4yX3MZSQ8O3PNmmb4EpNopHICsn87hhXDCVySAEAnjNxBLF9hL8/27jz0Dz QERcTMdWAtNk8H3zUmi9cbCaXZJppn+2PcsC/tM82RyCaozSye5tbOdANS0RjOiqT2jx 6dXiNAT9WjTSI5+SsM6PlnAH74AkUZZQeoKP2YvgHWhPGnNjHpMyEvmsOr4r+sBq+pqG ZbapJOXS4mdfWmlSHnYlONuyvCFYn/hSl8XBUIbb1iCyTJBHWftN2TO3DXbZVrrJoPbi AiyWm98NLDmZVQjyeq38wTodTc6ksZjDW+eKIBdh2wQLdbA4okg05jsctfPc2Nx4kfOb s6Cw== X-Forwarded-Encrypted: i=1; AJvYcCW7SvY7pK6Hg9RpV1ZFYbW7n9IGFVUh7ZldwBAkByePDZEd9V+8BTFqeZzOonB0uvkJ2v9bN/DqE76r@nongnu.org X-Gm-Message-State: AOJu0YwLe7gdSUpiZhPVYDjRs3P9bQZbeevU8Ijm7uawBMO6BH0UZ0IN gNcup1eG04JqV2QA+LWKEofCpoPis9BOZ4KNb3pXMeK5T8iSsGlrhOt3oLHz+SGQ5IImW/bf97m 65g0eh+UpRhQd9/DQ8ugAp5FDgN+ClPBVyPWZErThYWaUNocMYS/JkDOf X-Gm-Gg: AY/fxX6HjtRVz944jgdLeY5OOvwXPyhWr1O6GmhBQJ2YOuvgFTXWq/QXEA+R6D1UpGE 9BdPGjy19nHetF46cS/nfGxHsIYkFPt1h4GW2RDy6vyR4rmldydpDChYWLniGz0X1jLTL33uKCk /GpAWNH6UFni57C1Ywecrk3sMrJQyfivJ+6tmz9dMPl5ub9MgKsEitSAf9Xgy14QwpC3Z6n3E38 2pk+ZwOZWSBwHPFO5Q90P0k2NGkt0dnclfoMe+Jt0AtKc4D1U+uGCftIll/08AWxQmvJljj7qtF j9MGeuqf9LmxkpWEKxWkpn9gAKY3GsnSlBmXQdXjVFuj5P4S2zJ+2rCEmjpp7HvYjdLWCCfHfdk /7xkDaqtEiRnr88tAmxE8lWFZLjAmTTYvXJ6BcaFeH7Y= X-Received: by 2002:a05:6a21:99a9:b0:35d:53dc:cb64 with SMTP id adf61e73a8af0-3898fa22672mr15732609637.54.1768224288386; Mon, 12 Jan 2026 05:24:48 -0800 (PST) X-Google-Smtp-Source: AGHT+IGv4NbS7GCObyC6qOmDB5VB3QamrvwMZM2P0KglCKK5EAKJ/fSev8mbeGWKijRncBA3kfvGaQ== X-Received: by 2002:a05:6a21:99a9:b0:35d:53dc:cb64 with SMTP id adf61e73a8af0-3898fa22672mr15732586637.54.1768224287989; Mon, 12 Jan 2026 05:24:47 -0800 (PST) From: Ani Sinha To: Eduardo Habkost , Marcel Apfelbaum , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Yanan Wang , Zhao Liu , Paolo Bonzini Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 31/32] hw/machine: introduce machine specific option 'x-change-vmfd-on-reset' Date: Mon, 12 Jan 2026 18:52:44 +0530 Message-ID: <20260112132259.76855-32-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224530592158500 Content-Type: text/plain; charset="utf-8" A new machine specific option 'x-change-vmfd-on-reset' is introduced for debugging and testing only (hence the 'x-' prefix). This option when enabled will force KVM VM file descriptor to be changed upon guest reset like in the case of confidential guests. This can be used to exercize the code changes that are specific for confidential guests on non-confidential guests as well (except changes that require hardware support for confidential guests). A new functional test has been added in the next patch that uses this new parameter to test the VM file descriptor changes. Signed-off-by: Ani Sinha --- hw/core/machine.c | 22 ++++++++++++++++++++++ include/hw/core/boards.h | 6 ++++++ system/runstate.c | 7 ++++++- 3 files changed, 34 insertions(+), 1 deletion(-) diff --git a/hw/core/machine.c b/hw/core/machine.c index 6411e68856..95d7650db9 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -450,6 +450,21 @@ static void machine_set_dump_guest_core(Object *obj, b= ool value, Error **errp) ms->dump_guest_core =3D value; } =20 +static bool machine_get_new_accel_vmfd_on_reset(Object *obj, Error **errp) +{ + MachineState *ms =3D MACHINE(obj); + + return ms->new_accel_vmfd_on_reset; +} + +static void machine_set_new_accel_vmfd_on_reset(Object *obj, + bool value, Error **errp) +{ + MachineState *ms =3D MACHINE(obj); + + ms->new_accel_vmfd_on_reset =3D value; +} + static bool machine_get_mem_merge(Object *obj, Error **errp) { MachineState *ms =3D MACHINE(obj); @@ -1198,6 +1213,13 @@ static void machine_class_init(ObjectClass *oc, cons= t void *data) object_class_property_set_description(oc, "dump-guest-core", "Include guest memory in a core dump"); =20 + object_class_property_add_bool(oc, "x-change-vmfd-on-reset", + machine_get_new_accel_vmfd_on_reset, + machine_set_new_accel_vmfd_on_reset); + object_class_property_set_description(oc, "x-change-vmfd-on-reset", + "Generate new accelerator fd on reset, " + "to be used only for testing and debugging."); + object_class_property_add_bool(oc, "mem-merge", machine_get_mem_merge, machine_set_mem_merge); object_class_property_set_description(oc, "mem-merge", diff --git a/include/hw/core/boards.h b/include/hw/core/boards.h index 07f8938752..ee3cc9130e 100644 --- a/include/hw/core/boards.h +++ b/include/hw/core/boards.h @@ -447,6 +447,12 @@ struct MachineState { struct NVDIMMState *nvdimms_state; struct NumaState *numa_state; bool acpi_spcr_enabled; + /* + * whether to change virtual machine accelerator file descriptor upon + * reset or not. used only for debugging and testing purpose. + * It should be set to false for all regular use. + */ + bool new_accel_vmfd_on_reset; }; =20 /* diff --git a/system/runstate.c b/system/runstate.c index 710f5882d9..a4572af2af 100644 --- a/system/runstate.c +++ b/system/runstate.c @@ -531,13 +531,18 @@ void qemu_system_reset(ShutdownCause reason) * file handle is necessary to create a new confidential VM context po= st * VM reset. */ - if (current_machine->cgs && reason =3D=3D SHUTDOWN_CAUSE_GUEST_RESET) { + if (reason =3D=3D SHUTDOWN_CAUSE_GUEST_RESET && + (current_machine->new_accel_vmfd_on_reset || current_machine->cgs)= ) { if (ac->reset_vmfd) { ret =3D ac->reset_vmfd(current_machine); if (ret < 0) { error_report("unable to reset vmfd: %d", ret); abort(); } + if (current_machine->new_accel_vmfd_on_reset) { + qemu_log("INFO: virtual machine accel file descriptor " + "has changed.\n"); + } } } =20 --=20 2.42.0 From nobody Mon Feb 9 14:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1768224673; cv=none; d=zohomail.com; s=zohoarc; b=bwoLkSldfUdhvZ2AY5p6z+idghEB2GY4uka8508xTjsc/b57gKnBm/xTCc+tX99Lv+stqkbxOZRHfwgsrlQGT1X/Lt+FlQfNg6ZohO1oMOQNsPh3y5L4IoJZnvtUJajyKhwZB6CgXEt4yDLNNzxHMBMInMYi3TEa/WWcYBTeY4Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1768224673; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=AtfhL1a9UH5BQxL4ZZa3Nbu/LiMM+zNQx75TAiP+YNU=; b=niKC5VykfJEi1zqvepGaswPjNxclbZHwWAuXvNDYE14vzybtdS1Ru51OkwIHq/AWUqkmuRLKtPNkGgFoDpVQvwmArccpJRyyLhJPSr70XfTHaLQBka479EMV+IUexiGv8WcLusl6XuQMavY0BqcCXvGO3fjjpejCPFc9dylLPRI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1768224673780650.8321777467961; Mon, 12 Jan 2026 05:31:13 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vfHv7-0005Jl-U6; Mon, 12 Jan 2026 08:25:21 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHui-0004i3-Nd for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:56 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vfHug-0003vB-T9 for qemu-devel@nongnu.org; Mon, 12 Jan 2026 08:24:56 -0500 Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-657-AMzHkMnmMFyh4Ig-phMi6g-1; Mon, 12 Jan 2026 08:24:52 -0500 Received: by mail-pg1-f199.google.com with SMTP id 41be03b00d2f7-c196fa94049so2962147a12.0 for ; Mon, 12 Jan 2026 05:24:51 -0800 (PST) Received: from rhel9-box.lan ([110.227.88.119]) by smtp.googlemail.com with ESMTPSA id 41be03b00d2f7-c4cc05cd87asm17544771a12.15.2026.01.12.05.24.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jan 2026 05:24:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768224293; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AtfhL1a9UH5BQxL4ZZa3Nbu/LiMM+zNQx75TAiP+YNU=; b=eboW6U0io7X7yfed0wQDfeJvDBGZFTsCjoBu+eXgyLngepfgxOqi2w0fi7HHhRl21AiLjZ OB0DrW0xHUWWkrbwRQlMjBY71DNW13/AOWOlKsRmzAsVDIVU4wVk609BYS0mrEiE9FWFTC uYf4R/+1cnnTf6EvhKZjGrqDZ4pFGJc= X-MC-Unique: AMzHkMnmMFyh4Ig-phMi6g-1 X-Mimecast-MFC-AGG-ID: AMzHkMnmMFyh4Ig-phMi6g_1768224291 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1768224291; x=1768829091; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=AtfhL1a9UH5BQxL4ZZa3Nbu/LiMM+zNQx75TAiP+YNU=; b=MsO6/2hmNZ2lceFD4+qT+wEh9hG9nFhGEsTtjAfHYxvMHm0av+mUF8Bod5l/EBHqCg S8b8+gSUi5znjgCNHNwqF6T8KNKb6Etz7tCOr8VGTGuWumhx4AxwydmqIyJBVgVsIAny 017vsWEJv3kdg5hCV+/l2gU2P5wxCVF4sTc/d+q/uHfjy/RPmExm5g3uDN3vwLTfknBM s3MrJ7BSKZNxlE3BDELxxQRosIhU5/m+chlS7i4BVJUIBHbQBWmKSgvklQrut1+Ukvzp 2ZspVPP4EES9LXxpgq5eAT+U/YsFFxnFucc8oQkpoDU/WHLTA65GBan0ZhrIIVhV1JwW E2gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768224291; x=1768829091; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=AtfhL1a9UH5BQxL4ZZa3Nbu/LiMM+zNQx75TAiP+YNU=; b=vimXB/2g4rvqkqpsyNwW2YwjE/8EjeZ2BQoWkmK73HZm0B9/cyGlODpRoKUKIZWz8a fQdfi0YLIyfsYyulSP//Os7VSWBa8uI/E/o1TnD7nFWaeToU1eVLY6F5a1av0Dyt9gsQ PC5Rq54IchXLe7IsXlgyCPpeztTRAD/bhaKMNJFzcAA3DaTnqQUfuAUdQMX21ScgKMFo 7dNLIrVVWigQYkKkgc6gPP8mp3fA6F8sFOz72B/7EMFwXQDzCycv5BGXeFCHffdAaN/7 hd5aAA3aYYReMSqVsYTRBrSpbCkU9vBJh/iShFtW9KFCou2IORus6PbxNPpEqDXqxAl5 Q/dQ== X-Forwarded-Encrypted: i=1; AJvYcCVWTbvfLkiPDtzf1SkniBd9LtRB3x0xMWhq4G7hXxbA2+28USvymlGTmeekzZ88DNw/ua4p6EdGEc6d@nongnu.org X-Gm-Message-State: AOJu0Yy6GwO+Aalf8TtljAxGGwug5hFZiYxzOgh/ESySCmBoy5xwrBvA rdXUliC0qnWW/HTA5NdcgdG0iDzDcc2yP9os0DltXbtXAzUfxSLtICbASMifaxSG4ibIKd5f1/K lG5OV8FynIAhLmA5M2+B2c/9gaj/fxdpd3eG2FQM579yY9HXQ2bGT0cFm X-Gm-Gg: AY/fxX5qcLW9PQ7okCsGPhDcrDh5KYsOJLRhIHzOuE7agevH0Oaxwxe/w3xPE2iuR+E +OqhMSBWMjt2fRRxzzz3/WwdholVY29jK+tT8BmwRDx3Xwnp/7oh0R0Rw7ifpw+DArdw0u5iqzW 5CChM4OL/f+WUUVM3CtmzRjin4174gl4bUO61re7f7PtnKHoU6mquZ2bq4Y57uDwIQut76ACVZY rYCXye1kpJoMrhn/vNNmpNs0EalnylHIs3IB69RsKcrEmbCh0B7HCtjVMRMSU1L+M5mm0x4IxvO hpczaPCUHWB3IAGwOWIzPHrn+g8vEWg4Y0wpJA4HNVK/YvUueAHtkFvlDWKhSTiVtu6qjWariX+ uYVyv/Py0knovL/5uAw53o683drswTN7La53hdBfI7g4= X-Received: by 2002:a05:6a20:bea6:b0:35e:caf1:78e3 with SMTP id adf61e73a8af0-38982a6c207mr20155515637.11.1768224290909; Mon, 12 Jan 2026 05:24:50 -0800 (PST) X-Google-Smtp-Source: AGHT+IFY96bXNi4Bk++gexllrMsPS4J2NVfumHo947OsHBS3l13oBtBVibDqWvmb/E+ZxlJoiGC46g== X-Received: by 2002:a05:6a20:bea6:b0:35e:caf1:78e3 with SMTP id adf61e73a8af0-38982a6c207mr20155496637.11.1768224290504; Mon, 12 Jan 2026 05:24:50 -0800 (PST) From: Ani Sinha To: Paolo Bonzini , Zhao Liu , Ani Sinha Cc: Ani Sinha , qemu-devel@nongnu.org Subject: [PATCH v2 32/32] tests/functional/x86_64: add functional test to exercise vm fd change on reset Date: Mon, 12 Jan 2026 18:52:45 +0530 Message-ID: <20260112132259.76855-33-anisinha@redhat.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20260112132259.76855-1-anisinha@redhat.com> References: <20260112132259.76855-1-anisinha@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=anisinha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1768224675395158500 A new functional test is added that exercises the code changes related to closing of the old KVM VM file descriptor and opening a new one upon VM res= et. This normally happens when confidential guests are resetted but for non-confidential guests, we use a special machine specific debug/test param= eter 'x-change-vmfd-on-reset' to enable this behavior. Only specific code changes related to re-initialization of SEV-ES, SEV-SNP = and TDX platforms are not exercized in this test as they require hardware that supports running confidential guests. Signed-off-by: Ani Sinha --- MAINTAINERS | 6 ++ tests/functional/x86_64/meson.build | 1 + .../x86_64/test_vmfd_change_reboot.py | 75 +++++++++++++++++++ 3 files changed, 82 insertions(+) create mode 100755 tests/functional/x86_64/test_vmfd_change_reboot.py diff --git a/MAINTAINERS b/MAINTAINERS index 9a55b649e8..11871fdd35 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -150,6 +150,12 @@ F: tools/i386/ F: tests/functional/i386/ F: tests/functional/x86_64/ =20 +X86 VM file descriptor change on reset test +M: Ani Sinha +M: Paolo Bonzini +S: Maintained +F: tests/functional/x86_64/test_vmfd_change_reboot.py + Guest CPU cores (TCG) --------------------- Overall TCG CPUs diff --git a/tests/functional/x86_64/meson.build b/tests/functional/x86_64/= meson.build index f78eec5e6c..784d9791cb 100644 --- a/tests/functional/x86_64/meson.build +++ b/tests/functional/x86_64/meson.build @@ -36,4 +36,5 @@ tests_x86_64_system_thorough =3D [ 'vfio_user_client', 'virtio_balloon', 'virtio_gpu', + 'vmfd_change_reboot', ] diff --git a/tests/functional/x86_64/test_vmfd_change_reboot.py b/tests/fun= ctional/x86_64/test_vmfd_change_reboot.py new file mode 100755 index 0000000000..3b33322880 --- /dev/null +++ b/tests/functional/x86_64/test_vmfd_change_reboot.py @@ -0,0 +1,75 @@ +#!/usr/bin/env python3 +# +# KVM VM file descriptor change on reset test +# +# Copyright =C2=A9 2026 Red Hat, Inc. +# +# Author: +# Ani Sinha +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import os +from qemu.machine import machine + +from qemu_test import QemuSystemTest, Asset, exec_command_and_wait_for_pat= tern +from qemu_test import wait_for_console_pattern + +class KVMGuest(QemuSystemTest): + + ASSET_UKI =3D Asset('https://gitlab.com/anisinha/misc-artifacts/' + '-/raw/main/uki.x86-64.efi?ref_type=3Dheads', + 'e0f806bd1fa24111312e1fe849d2ee69808d4343930a5' + 'dc8c1688da17c65f576') + ASSET_OVMF =3D Asset('https://gitlab.com/anisinha/misc-artifacts/' + '-/raw/main/OVMF.stateless.fd?ref_type=3Dheads', + '58a4275aafa8774bd6b1540adceae4ea434b8db75b476' + '11839ff47be88cfcf22') + + def common_vm_setup(self): + self.require_accelerator("kvm") + + self.vm.set_console() + + self.vm.add_args("-accel", "kvm") + self.vm.add_args("-smp", "2") + self.vm.add_args("-cpu", "host") + self.vm.add_args("-m", "2G") + self.vm.add_args("-nographic", "-nodefaults") + + self.uki_path =3D self.ASSET_UKI.fetch() + self.ovmf_path =3D self.ASSET_OVMF.fetch() + + def run_and_check(self): + self.vm.add_args('-kernel', self.uki_path) + self.vm.add_args("-bios", self.ovmf_path) + # enable KVM VMFD change on reset for a non-coco VM + self.vm.add_args("-machine", "q35,x-change-vmfd-on-reset=3Don") + # enable tracing + self.vm.add_args("-d", "trace:kvm_reset_vmfd") + + try: + self.vm.launch() + except machine.VMLaunchFailure as e: + raise e + + self.log.info('VM launched') + console_pattern =3D 'bash-5.1#' + wait_for_console_pattern(self, console_pattern) + self.log.info('VM ready with a bash prompt') + + exec_command_and_wait_for_pattern(self, '/usr/sbin/reboot -f', + 'reboot: machine restart') + console_pattern =3D '# --- Hello world ---' + wait_for_console_pattern(self, console_pattern) + self.vm.shutdown() + self.assertRegex(self.vm.get_log(), + r'kvm_reset_vmfd \nINFO: virtual machine accel fi= le ' + 'descriptor has changed') + + def test_vmfd_change_on_reset(self): + self.common_vm_setup() + self.run_and_check() + +if __name__ =3D=3D '__main__': + QemuSystemTest.main() --=20 2.42.0