From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491031; cv=none;
	d=zohomail.com; s=zohoarc;
	b=SX7v9p/r2+VDSewP28bL+p1ZTuIAoGqzDzUoNVuR1la1AFRuop5HlVa5pZRzp/V8LDZ3Y9aJ14vxjbhGLsQToCcFdG08qjXHGxnaPJi+O3wpD/zAJtPvX+swhBV9o9kqJ0eE3xyScUfNBhTYGhn8P/J7qzpZ6HJ9YEEeRtR2QAw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491031;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=g+khot+OVhL5+e3tOQKUptJ6m/mk7Ksd4tDhst7pTHg=;
	b=cRilYO5yc+1tpBow954AIr7xcDnB6nJeIikevJOtB6aXixePYAdOMMKm53XkD3wuHEqukcyC4S4+Bjlj0Kuzm9QPn2Ksy8OXGpgXW6pgxsXPFQ11xJYts5vBF6twHbpaL+l1bvkyCBVJc5ZA9kot5svVX/1ig2heMM1rTECS/Vk=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491031112770.2103758024771;
 Mon, 26 Jan 2026 21:17:11 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbRS-0006fQ-Dc; Tue, 27 Jan 2026 00:16:42 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRR-0006fH-LD
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:16:41 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRP-0008Hs-LG
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:16:41 -0500
Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com
 [209.85.216.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-266-Qu4H9H4fN3WKoISIDzyWCA-1; Tue, 27 Jan 2026 00:16:36 -0500
Received: by mail-pj1-f72.google.com with SMTP id
 98e67ed59e1d1-353049e6047so3890211a91.3
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:16:36 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.16.32
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:16:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769490998;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=g+khot+OVhL5+e3tOQKUptJ6m/mk7Ksd4tDhst7pTHg=;
 b=bbRniVQZuq0ZR4EpvIbwWm3hB2rzbAlFwEkFetzfpdEnAgA4cBABgAugZJFN5L1odjSqCM
 0CAaChgoHtIn9U7KvZzJgnmdFKyvURwhUL/clyvo0LMJ5x0xMZAlSYpptKEDNhE+24ythy
 EMGaw6xEPlc+aAhPeD0fpw96o6+fy6g=
X-MC-Unique: Qu4H9H4fN3WKoISIDzyWCA-1
X-Mimecast-MFC-AGG-ID: Qu4H9H4fN3WKoISIDzyWCA_1769490995
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769490995; x=1770095795; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=g+khot+OVhL5+e3tOQKUptJ6m/mk7Ksd4tDhst7pTHg=;
 b=mdr0j4gmeUydHIpMIIPNGrqXJAmIN6yH/PFYZnFnr+alx6VsRUDNTFOCkH1IIg6/D3
 qN+KCbvjuS8J3a0r7LskuqGtinS5KlJ2FXt0dwgQR+wzr/M56b/7xbxxZr5ochnPmBan
 jWDGRvIb5rPfl8i6qIc986QEbakklQj/QZ6W1O1lkSgohtgaps/LgSmYHH1vizgN5vsK
 0YtbXJ3rBcbYz0jYo6CvJ2DVpYAz+OqDd/Ftrv6vXkPmRa4hbwRptDbl7vWOPzwnxENX
 YhcPrdglBQWutcI8bNN6ACgvXeZJ/l6/4DYDnCYAxgFfiM9TnPC09oP8jXhiUqWmIata
 XdVw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769490995; x=1770095795;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=g+khot+OVhL5+e3tOQKUptJ6m/mk7Ksd4tDhst7pTHg=;
 b=KJMJwrEeCRc7Va/RgVHYejW0NKZl+xsmfyh9Mkg3tIGifFZpodM2H4RllAueu/fiIe
 DuRIUL23uKn9cacQsqG9mNAS5rulp74vNvDHmf/Z22yUykHpJ8SMf7NLcD6+5SvVL/TG
 5x9KFGffOqguSh27vqsM+KG4DgtGEOib7Is4Ce7U0kvDipKvSNhQ6g+5ftqTjJG6qN2o
 HCVhIB7PzaEsHZPWsoeCR1WLhcxJRZzYOXr42AS0ROJkLhg67aLnbb5sE0X7kGZW0lGe
 1Ukjo31EPoiDXIGijXWRVZGQORwE0liYkUW9dqIZS/ANfBcZuPU/WzNwReJIBQNPwoj5
 VbZg==
X-Forwarded-Encrypted: i=1;
 AJvYcCUx70ciyKIqd54LzB7HN9Dl4AosdKjmhM6xFlWu/fyBlwLyZ0HXIs9DNVLyttoRNrjYa1Riron4SiLW@nongnu.org
X-Gm-Message-State: AOJu0Yxkyx5c0ZFll2fnMufgLjfx90cRtNEbgVMkMHf7lIKv2K3lwMyI
 NzFojC1w/86oBaXkESAuRxESfYGl6yA/7ZaOjnmhM2RS90ktRCMkktgnmReJaLPQgwMyWPFwG9Y
 85RawDLpR7jO1EtHTPekAX5ZmWCZv5rPNz6bCg2Q58POWd59mXivi87fV
X-Gm-Gg: AZuq6aJYNo7lQtAIyJo1rBaEz6BergOXBvBsspNN3XdKWjvFipmXuKqnZk3ygLNae2A
 lXY4YsOwi348QYd4RQlKUbMR2fB8PRg+ZLj8N3abtS+l0Ls9dX3ZyYiVYmfnW3KAzX416k5Enm6
 nG4zrJXUtYGrMT3sC4WZjdz+Qt4AR0JYNBuH5lCyYBMjaADoSZdzV0gtlNTeU7Xu5PSuxjnRZDR
 KBsGBG6tWZlA+TRTuANwMtyd7cCdxzjzSE4Pl5BIGXhHmaSemi2rdMhL0w7ru4n2xfdBc2BkIKX
 2cmJHE6V9lc/q+njRDtWBdrfvRqOTin6eHS7vKVE+GoV5u9KQDhEnvbsnpkcJvASmSAf0av7Hqf
 PkqkGCZXV5oYo5ijiiJEln1+O4QCNlr86wipMTW5pwQ==
X-Received: by 2002:a17:90b:5208:b0:341:c964:126c with SMTP id
 98e67ed59e1d1-353fedae2a1mr663345a91.34.1769490995485;
 Mon, 26 Jan 2026 21:16:35 -0800 (PST)
X-Received: by 2002:a17:90b:5208:b0:341:c964:126c with SMTP id
 98e67ed59e1d1-353fedae2a1mr663332a91.34.1769490995166;
 Mon, 26 Jan 2026 21:16:35 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 01/33] i386/kvm: avoid installing duplicate msr entries in
 msr_handlers
Date: Tue, 27 Jan 2026 10:45:29 +0530
Message-ID: <20260127051612.219475-2-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491034302158500
Content-Type: text/plain; charset="utf-8"

kvm_filter_msr() does not check if an msr entry is already present in the
msr_handlers table and installs a new handler unconditionally. If the funct=
ion
is called again with the same MSR, it will result in duplicate entries in t=
he
table and multiple such calls will fill up the table needlessly. Fix that.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/kvm.c | 26 ++++++++++++++++----------
 1 file changed, 16 insertions(+), 10 deletions(-)

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 7b9b740a8e..3fdb2a3f62 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -6043,27 +6043,33 @@ static int kvm_install_msr_filters(KVMState *s)
 static int kvm_filter_msr(KVMState *s, uint32_t msr, QEMURDMSRHandler *rdm=
sr,
                           QEMUWRMSRHandler *wrmsr)
 {
-    int i, ret;
+    int i, ret =3D 0;
=20
     for (i =3D 0; i < ARRAY_SIZE(msr_handlers); i++) {
-        if (!msr_handlers[i].msr) {
+        if (msr_handlers[i].msr =3D=3D msr) {
+            break;
+        } else if (!msr_handlers[i].msr) {
             msr_handlers[i] =3D (KVMMSRHandlers) {
                 .msr =3D msr,
                 .rdmsr =3D rdmsr,
                 .wrmsr =3D wrmsr,
             };
+            break;
+        }
+    }
=20
-            ret =3D kvm_install_msr_filters(s);
-            if (ret) {
-                msr_handlers[i] =3D (KVMMSRHandlers) { };
-                return ret;
-            }
+    if (i =3D=3D ARRAY_SIZE(msr_handlers)) {
+        ret =3D -EINVAL;
+        goto end;
+    }
=20
-            return 0;
-        }
+    ret =3D kvm_install_msr_filters(s);
+    if (ret) {
+        msr_handlers[i] =3D (KVMMSRHandlers) { };
     }
=20
-    return -EINVAL;
+ end:
+    return ret;
 }
=20
 static int kvm_handle_rdmsr(X86CPU *cpu, struct kvm_run *run)
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491256; cv=none;
	d=zohomail.com; s=zohoarc;
	b=DYWCvhg1GmyAOBzPsrbXWYX/x/SOzgLS9IEDz1zpoaJHxf31YGkj12MF8QvTqYnUMQ3hzz8ZocX/pIVjsCrw00bUAFl5LL7BKJ/WlkPa++HIVBLPOr4GBc7yl+dh2LTHxEatr3XS/X4Ur1rQa8Hi6jghG14uWHgM1dTIK9Y6YmY=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491256;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=0tIs2fKBt+d90Z4wFAen2VAZ4+rhynD1uhYc/rJjp5c=;
	b=fPeClHGw059SvTu7gz3WMBrJ0s2px6jGA0jgRnxTg03g2Ft8X6qCx7ya5PhVhoacF3XMg0mI57pBr0M4Dsi48zH5QhdWnnj5FLbHOXStNxx3xlcx4wq1uQuJ9y0/+8EbbV2DbBOxweQrWbT+mXLahyhWCP7UzLGpTNkRw6NHIzs=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491255996356.7121432234911;
 Mon, 26 Jan 2026 21:20:55 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbRV-0006gI-Py; Tue, 27 Jan 2026 00:16:45 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRU-0006fz-8O
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:16:44 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRS-0008IQ-HG
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:16:43 -0500
Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com
 [209.85.216.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-438-wBoGqB6KMp6QR6WjWP1Jug-1; Tue, 27 Jan 2026 00:16:39 -0500
Received: by mail-pj1-f70.google.com with SMTP id
 98e67ed59e1d1-34c93f0849dso4944055a91.1
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:16:39 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.16.35
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:16:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491001;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=0tIs2fKBt+d90Z4wFAen2VAZ4+rhynD1uhYc/rJjp5c=;
 b=K6mlr33h61Ec6SNLk4uDqKpXXGo3IJl04nkOkWCm0u+WA+Am6nQUbqkUHY29ZINfn7i1wN
 0OrlvSJvrJTpK6MV//WScZgbKxwJoBPyX9vwWbQe2DQTTvVmFvZk1BoRsv+euKgvj0n/jZ
 3oG7f4hEcAeqMU5NH8fEQbQYn9fSdGs=
X-MC-Unique: wBoGqB6KMp6QR6WjWP1Jug-1
X-Mimecast-MFC-AGG-ID: wBoGqB6KMp6QR6WjWP1Jug_1769490999
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769490998; x=1770095798; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=0tIs2fKBt+d90Z4wFAen2VAZ4+rhynD1uhYc/rJjp5c=;
 b=jTsYabOemOaObdEokNNx+OTkar2LrB+T0gUJS3OTQiHAVm4ezPuEoXpPDWGsdFvA0H
 0vcXis0F8314up2NOAgRiG5khC9CU3DTtoxUontA8FMTyWvtPDmCGaBsvmvGtpNtk+eV
 sBtB92juuGz/o+UQcJ1iPvpztagb3oNr9gEGHFUH0DbWOaBaEZ6abc+8izRhZsuBnBLq
 oaU4dSZfKVj+mSa5oZzrFufvJGAwItu2WuTlkRtXY5oHFmmlOg4X0w80tWdlQ6jSFe4r
 dz3h3Q6rl8JjGxWMXJjf7kgnlYSMX6BAgdaIezAk+6Bz6EioVvfxHY8vkrlNQkFCGIqJ
 AkCA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769490998; x=1770095798;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=0tIs2fKBt+d90Z4wFAen2VAZ4+rhynD1uhYc/rJjp5c=;
 b=d1WZkQw8aqVzb3QRIPxGhYhSbBuH9g9S5uFYoy2DCmC+N6vArx9JDJZIOq9srjkqgI
 qcQFI8ck1pxbh6rIWZwzlGrWspt1JUjXdSkkWRs9LHmsuvjmWM8UoTXKxDJDEnLO1lAG
 YFr0fuLYSHw1MymmfdrsMsPHGbRY2wGIGlQ2DlVWd/9Y9D8dyP4bZf8FiZZjx126wi5E
 GB7Kao7jgb4WoUTMB1L/xArbnszElACMhleg2CgWDxlBEoEM6XuVLw6K05rVFNQWhAt9
 CJuqTkahrA+6l21dJUb5I/FfcA2r0mpGXIotk1x33wyNS2fIRBC7vEpw/TH3NPAbHJCv
 VB5w==
X-Forwarded-Encrypted: i=1;
 AJvYcCXhw9Wm7Acqwq4bQ+0RqNARc8xX9JBNP0qJYPD5UDENI4Hh2Fx9suACeNkoi67A6v+8itypLLCuKZ3T@nongnu.org
X-Gm-Message-State: AOJu0Yx7wVNt0CbGef8RJyTho9S8EPn6gaAxK8FRObkSzzOqwkMgMsmt
 sWd/tP5QWubSKsENkQqGuOlJ1becGGuN39G5b4lXmky/TyZOx5X/dtdIONYtd6m3IqAYFQzsE9G
 XyzVhOpiu25LlsA1SSuXUMk809bHiKhXEoBLdaxmmf34C5pV81uw58S8CY7Gb3lAJ
X-Gm-Gg: AZuq6aIP6Sp6nGjqcaKpnpnQ6pbQrGa6WBLyU63ncBk6o0zqbbHNXWlvYZbO30GwRng
 7jtyE4Sl2BMdc7AlGJCttCBgTAA9u4SAtlm5VkDFXynCyWixEhYA/W4NZ/Wit9QyooAqOMa1K1X
 JmPVE3McZrulWEreNs3mBBVPAHGYgNHbqPC6NU/y+PgPOJpSinCZEN76a9xYBANhGULrn1OU2QR
 bR2wn0aPwZx3buImyVnduKaO6K7+Nsm7OB+OyFhDRRzd3HRhD5MoUyS6qcvk7eol1ecKz/wMQga
 cpzCgyTHsJwNoK9AF9+1RnpLf3yGHY+4E1ZjZqXQPirsiBMQgYdusxrl+/eItoNljsv842KPfYW
 4wLJf4mQwW8M5s2FM40+X7y4MzTW9WC43jrBSQf5isg==
X-Received: by 2002:a17:90a:d648:b0:34c:2e8a:ea42 with SMTP id
 98e67ed59e1d1-353ffa55bb1mr523360a91.7.1769490998605;
 Mon, 26 Jan 2026 21:16:38 -0800 (PST)
X-Received: by 2002:a17:90a:d648:b0:34c:2e8a:ea42 with SMTP id
 98e67ed59e1d1-353ffa55bb1mr523343a91.7.1769490998206;
 Mon, 26 Jan 2026 21:16:38 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Marcelo Tosatti <mtosatti@redhat.com>,
 Zhao Liu <zhao1.liu@intel.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org,
 kvm@vger.kernel.org
Subject: [PATCH v3 02/33] accel/kvm: add confidential class member to indicate
 guest rebuild capability
Date: Tue, 27 Jan 2026 10:45:30 +0530
Message-ID: <20260127051612.219475-3-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491257905154100
Content-Type: text/plain; charset="utf-8"

As a part of the confidential guest reset process, the existing encrypted g=
uest
state must be made mutable since it would be discarded after reset. A new
encrypted and locked guest state must be established after the reset. To th=
is
end, a new boolean member per confidential guest support class
(eg, tdx or sev-snp) is added that will indicate whether its possible to
rebuild guest state:

bool can_rebuild_guest_state;

This is true if rebuilding guest state is possible, false otherwise.
A KVM based confidential guest reset is only possible when
the existing state is locked but its possible to rebuild guest state.
Otherwise, the guest is not resettable.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 include/system/confidential-guest-support.h | 20 ++++++++++++++++++++
 system/runstate.c                           |  6 +++---
 target/i386/kvm/tdx.c                       |  1 +
 target/i386/sev.c                           |  1 +
 4 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/include/system/confidential-guest-support.h b/include/system/c=
onfidential-guest-support.h
index 0cc8b26e64..5dca717308 100644
--- a/include/system/confidential-guest-support.h
+++ b/include/system/confidential-guest-support.h
@@ -152,6 +152,11 @@ typedef struct ConfidentialGuestSupportClass {
      */
     int (*get_mem_map_entry)(int index, ConfidentialGuestMemoryMapEntry *e=
ntry,
                              Error **errp);
+
+    /*
+     * is it possible to rebuild the guest state?
+     */
+    bool can_rebuild_guest_state;
 } ConfidentialGuestSupportClass;
=20
 static inline int confidential_guest_kvm_init(ConfidentialGuestSupport *cg=
s,
@@ -167,6 +172,21 @@ static inline int confidential_guest_kvm_init(Confiden=
tialGuestSupport *cgs,
     return 0;
 }
=20
+static inline bool
+confidential_guest_can_rebuild_state(ConfidentialGuestSupport *cgs)
+{
+    ConfidentialGuestSupportClass *klass;
+
+    if (!cgs) {
+        /* non-confidential guests */
+        return true;
+    }
+
+    klass =3D CONFIDENTIAL_GUEST_SUPPORT_GET_CLASS(cgs);
+    return klass->can_rebuild_guest_state;
+
+}
+
 static inline int confidential_guest_kvm_reset(ConfidentialGuestSupport *c=
gs,
                                                Error **errp)
 {
diff --git a/system/runstate.c b/system/runstate.c
index ed2db56480..5d58260ed5 100644
--- a/system/runstate.c
+++ b/system/runstate.c
@@ -57,6 +57,7 @@
 #include "system/reset.h"
 #include "system/runstate.h"
 #include "system/runstate-action.h"
+#include "system/confidential-guest-support.h"
 #include "system/system.h"
 #include "system/tpm.h"
 #include "trace.h"
@@ -543,8 +544,6 @@ void qemu_system_reset(ShutdownCause reason)
      */
     if (cpus_are_resettable()) {
         cpu_synchronize_all_post_reset();
-    } else {
-        assert(runstate_check(RUN_STATE_PRELAUNCH));
     }
=20
     vm_set_suspended(false);
@@ -693,7 +692,8 @@ void qemu_system_reset_request(ShutdownCause reason)
     if (reboot_action =3D=3D REBOOT_ACTION_SHUTDOWN &&
         reason !=3D SHUTDOWN_CAUSE_SUBSYSTEM_RESET) {
         shutdown_requested =3D reason;
-    } else if (!cpus_are_resettable()) {
+    } else if (!cpus_are_resettable() &&
+               !confidential_guest_can_rebuild_state(current_machine->cgs)=
) {
         error_report("cpus are not resettable, terminating");
         shutdown_requested =3D reason;
     } else {
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 0161985768..a3e81e1c0c 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -1543,6 +1543,7 @@ static void tdx_guest_class_init(ObjectClass *oc, con=
st void *data)
     X86ConfidentialGuestClass *x86_klass =3D X86_CONFIDENTIAL_GUEST_CLASS(=
oc);
=20
     klass->kvm_init =3D tdx_kvm_init;
+    klass->can_rebuild_guest_state =3D true;
     x86_klass->kvm_type =3D tdx_kvm_type;
     x86_klass->cpu_instance_init =3D tdx_cpu_instance_init;
     x86_klass->adjust_cpuid_features =3D tdx_adjust_cpuid_features;
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 1d70f96ec1..176329bd07 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -2760,6 +2760,7 @@ sev_common_instance_init(Object *obj)
     cgs->set_guest_state =3D cgs_set_guest_state;
     cgs->get_mem_map_entry =3D cgs_get_mem_map_entry;
     cgs->set_guest_policy =3D cgs_set_guest_policy;
+    cgs->can_rebuild_guest_state =3D true;
=20
     QTAILQ_INIT(&sev_common->launch_vmsa);
 }
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491099; cv=none;
	d=zohomail.com; s=zohoarc;
	b=KdeHVSr+m+zYfGNpg8Y/6XlsAHTybZOHlxSLEngFSLB9hEZD6+7ITqY0V3vJ2MHlzMO2LYXRLwN8qUxxjfmRul8dm3IuZiSA3+vtzeF5JK7TxovnCwnFXBOfIGdfFIm58kaQiE1MU93QB+zvNLsaXMhd5gLXW0APau8g8DqSWes=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491099;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=4neZNfvTortxzJ8i3PhQK7rIiHo+6riare2hmpih5To=;
	b=F8bzRWca//x0HtPGJdpQv1kddXkTVUM/V9jBH2oMdzcNcsDArMWVZXqlihknhN1l0hlDg4PLLz0G/94rpAsrVZhBvTzjED4eHbMMvRyfuGdqx2BO/zHj3b2mwM26+PxdUR/svoHhAGNHQEbjdGnD61xPYb0A8icAxeyq+qq7ZHc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491099744285.95737551942875;
 Mon, 26 Jan 2026 21:18:19 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbRY-0006gn-7s; Tue, 27 Jan 2026 00:16:48 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRW-0006gX-Nt
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:16:46 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRV-0008J0-8V
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:16:46 -0500
Received: from mail-pj1-f71.google.com (mail-pj1-f71.google.com
 [209.85.216.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-39-jxRVX861ODS6yEZAj6Q6Lw-1; Tue, 27 Jan 2026 00:16:42 -0500
Received: by mail-pj1-f71.google.com with SMTP id
 98e67ed59e1d1-34c43f8ef9bso5641711a91.1
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:16:42 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.16.38
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:16:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491004;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=4neZNfvTortxzJ8i3PhQK7rIiHo+6riare2hmpih5To=;
 b=XyQnAsSo5XMTWVxWdmcW0U5gByJJ5XxRlvioPSuymkNOvaiDGAu+9XIoHsN+1gie18/kAA
 23BqmQrw2Qqxk2vIhuyujhG9KF+GMln+3C5OrQ2+hP3u48FcvjMTT2NZVpPtyD0yWIk7si
 zpTH9ufK+RhN39MkdJmzamM+7eXmqOU=
X-MC-Unique: jxRVX861ODS6yEZAj6Q6Lw-1
X-Mimecast-MFC-AGG-ID: jxRVX861ODS6yEZAj6Q6Lw_1769491001
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491001; x=1770095801; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=4neZNfvTortxzJ8i3PhQK7rIiHo+6riare2hmpih5To=;
 b=lz3LBxSjwQiMzxY7qwz1DFUy9MUbWg4vvT98P9jUBI5KgT/1JASoyYG/VM1CcG2cFA
 +79pi1N3Vu9et78fl3DJsEwrFA+qXWi22L7B8rslpW2VprdOsLJAas+nnvrrlZA5w0Kx
 xFQYTkXsZZ9PfC8YF3ZQusE2dy3BFsv0zcgg8gJ8/FNFLY3pR6ZxLTxOZLTTHO4u5R2z
 8guZN7w17wP2ieqBE3U33YI+i7PNNRqNiPOhqRRN3vfCemjBpaqgXFDL2njM3KpyOHJl
 jrKg7rL85Kz20AaLojZsFeLWE4BhJAXdpQLJ/H+wQiUaLy1olxWN5jNbkxYE3Z7xNfXO
 KB2w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491001; x=1770095801;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=4neZNfvTortxzJ8i3PhQK7rIiHo+6riare2hmpih5To=;
 b=VRrYJFlbvMKh9Xo4vaFkhcAoV0maj4Zn4Vy7pBTKjad444GNp/+f/qOOtbTfZbcDBo
 klbNLopiQOfnIhjramMU2pwr1+MAhGlxJ+b2bLnYWHYrSwVQVpoZj9otlHQUGgit5HVl
 poSOWNaLjnjKmgZYjPzw0n+F1zHYtlWis9uWnZ27Gw3IDL65e721P7lfJAzyAW6K1Ufd
 1XUDGDO/Y27C96iBY1ZmCI/75n5EGzP1dBBh7ESe4CX1hs7UAt2X2AnnUNGvnTugR+/f
 ntzPco6luWP6T1ntPOKVlVYc4qTtPtVGRAH8L3VQwrZwd5/5UNGQE6TYl/J7NT+OgM/v
 28jA==
X-Forwarded-Encrypted: i=1;
 AJvYcCXlUiInbtOWlnzrvIcvNCWEqNx/e+NpC7JwzDp8Ubf6V7BMxRjqAKAnNXavAjTNihnz2IqOD8XasAZf@nongnu.org
X-Gm-Message-State: AOJu0YygOxWKaUzDSM7+UdLdYwJ5kfq8YrtcWy/A6GhlnUZ6cE9yQN7k
 KKSWJRuojNEFL8cpVXMDn7jCXQw3N7j4yXGaaeq/2xi/EzwepkLFu6kFGcrrmHpSX078MI+sMx4
 nCJV3hRGKhf3W1RQizFqSAaqAu75e7re2qFCYjmLKQClju9hIRKy5Fm7u
X-Gm-Gg: AZuq6aIBvUuqrPMiVJcQ8gFxmdywUve6uwjdxLelZ/LyOgZltX7tRktdXFmC7vPA9S9
 /SxxyWv4slf3mIIB37158vVwmlbWT8UpF1zye1l09tj8+Jrvs1TgMJMx+jaw8VRLpr8KhRzo1i7
 COSHDuaZNR5XH+T1mO6CcGNdprMXsfzd1pKObOnopKhya3sNFUwaDpiefzx577m0+37NToHsfHu
 o1WeOqlQlleIW+IXllwvT4pS6ZuFtsq33QacPzOab4ZHqy1SXNbjDhCamqYQMjwsYhoCbb9FC/5
 5k4cgsZMndQ3Xk+0tZa9PCYGi/yWJ/KYp6wqFaTp81b1fudjgrqIcyxYbTHXgOKaUAeqEvGZ9FH
 ERRJdDXeZdDXuVnf0bfH3fLzufz3oGnGIpOZXYXaG5Q==
X-Received: by 2002:a05:6a20:938e:b0:38e:95f9:8cc1 with SMTP id
 adf61e73a8af0-38ec5d4fdd9mr576400637.12.1769491001384;
 Mon, 26 Jan 2026 21:16:41 -0800 (PST)
X-Received: by 2002:a05:6a20:938e:b0:38e:95f9:8cc1 with SMTP id
 adf61e73a8af0-38ec5d4fdd9mr576380637.12.1769491000976;
 Mon, 26 Jan 2026 21:16:40 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Richard Henderson <richard.henderson@linaro.org>,
 Paolo Bonzini <pbonzini@redhat.com>,
 =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 03/33] hw/accel: add a per-accelerator callback to change
 VM accelerator handle
Date: Tue, 27 Jan 2026 10:45:31 +0530
Message-ID: <20260127051612.219475-4-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491103771154100
Content-Type: text/plain; charset="utf-8"

When a confidential virtual machine is reset, a new guest context in the
accelerator must be generated post reset. Therefore, the old accelerator gu=
est
file handle must closed and a new one created. To this end, a per-accelerat=
or
callback, "reset_vmfd" is introduced that would get called when a confident=
ial
guest is reset. Subsequent patches will introduce specific implementation of
this callback for KVM accelerator.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 include/accel/accel-ops.h |  1 +
 system/runstate.c         | 23 +++++++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/include/accel/accel-ops.h b/include/accel/accel-ops.h
index 23a8c246e1..998a95ca69 100644
--- a/include/accel/accel-ops.h
+++ b/include/accel/accel-ops.h
@@ -23,6 +23,7 @@ struct AccelClass {
     AccelOpsClass *ops;
=20
     int (*init_machine)(AccelState *as, MachineState *ms);
+    int (*reset_vmfd)(MachineState *ms);
     bool (*cpu_common_realize)(CPUState *cpu, Error **errp);
     void (*cpu_common_unrealize)(CPUState *cpu);
     /* get_stats: Append statistics to @buf */
diff --git a/system/runstate.c b/system/runstate.c
index 5d58260ed5..d2ece27729 100644
--- a/system/runstate.c
+++ b/system/runstate.c
@@ -42,6 +42,7 @@
 #include "qapi/qapi-commands-run-state.h"
 #include "qapi/qapi-events-run-state.h"
 #include "qemu/accel.h"
+#include "accel/accel-ops.h"
 #include "qemu/error-report.h"
 #include "qemu/job.h"
 #include "qemu/log.h"
@@ -509,6 +510,8 @@ void qemu_system_reset(ShutdownCause reason)
 {
     MachineClass *mc;
     ResetType type;
+    AccelClass *ac =3D ACCEL_GET_CLASS(current_accel());
+    int ret;
=20
     mc =3D current_machine ? MACHINE_GET_CLASS(current_machine) : NULL;
=20
@@ -521,6 +524,26 @@ void qemu_system_reset(ShutdownCause reason)
     default:
         type =3D RESET_TYPE_COLD;
     }
+
+    /*
+     * different accelerators implement how to close the old file handle of
+     * the accelerator descriptor and create a new one here. Resetting
+     * file handle is necessary to create a new confidential VM context po=
st
+     * VM reset.
+     */
+    if (!cpus_are_resettable() && reason =3D=3D SHUTDOWN_CAUSE_GUEST_RESET=
) {
+        if (ac->reset_vmfd) {
+            ret =3D ac->reset_vmfd(current_machine);
+            if (ret < 0) {
+                error_report("unable to reset vmfd: %s(%d)",
+                             strerror(-ret), ret);
+                vm_stop(RUN_STATE_INTERNAL_ERROR);
+            }
+        } else {
+            error_report("accelerator does not support reset");
+        }
+    }
+
     if (mc && mc->reset) {
         mc->reset(current_machine, type);
     } else {
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491030; cv=none;
	d=zohomail.com; s=zohoarc;
	b=fo+1+uB72zCEnpez4y5PGUXVSgqvS6L4R6oJL90F4nCFVS6+by0kLuh1AYcBqivU70afAOXruBY9VoGDxH/ojfbhJR7nYNIn/+HNiSgwb3f+VJhdNWqMThAm/NSMsNXVO4IsP50vVH/v0tGpsmwvpI4bCw5GaGsn2Ljw/wI2i3Y=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491030;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=/m58jsrTIZK0luSPJaSrEgjDGlXyqLhzlqk7ugFZnAI=;
	b=fys7kdX6ICfqvCEck3fGY+wyKQnQ6pnE+SNdFejPkp1xH1SCZsEUvqI/81oMNYoPME7iNeMDD4YaieK0hZJE9Eo9QNUhhCl/RykdAapBLicGOOjYRpdcqeh2pzWea1TvVunNHEEG8yR2d+opng5xrBh8kPRG+T1JRaqiElaJztk=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491030513362.80904340680104;
 Mon, 26 Jan 2026 21:17:10 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbRb-0006ht-RO; Tue, 27 Jan 2026 00:16:51 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRa-0006h3-7H
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:16:50 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRY-0008JN-RH
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:16:50 -0500
Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com
 [209.85.215.197]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-70-4C_0RT6bMU-8ABJbnDqsBg-1; Tue, 27 Jan 2026 00:16:45 -0500
Received: by mail-pg1-f197.google.com with SMTP id
 41be03b00d2f7-b6ce1b57b9cso2554370a12.1
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:16:45 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.16.41
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:16:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491008;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=/m58jsrTIZK0luSPJaSrEgjDGlXyqLhzlqk7ugFZnAI=;
 b=ILMkzuDLNJUJ9e+RPDEqCuvmaVltaV3OZWkFYdN369BRdKzSqkidDtOCTS6SO2lKPIOyZG
 nxF3CZYaSybi5qOHTJvpenSUkmmkL0TbvouKOJf91873MgL0sSPcLRUdBZg6aWm9S/RWSO
 NaZuRGDL38Bw19WzP6TDvixoMzFwyGU=
X-MC-Unique: 4C_0RT6bMU-8ABJbnDqsBg-1
X-Mimecast-MFC-AGG-ID: 4C_0RT6bMU-8ABJbnDqsBg_1769491004
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491004; x=1770095804; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=/m58jsrTIZK0luSPJaSrEgjDGlXyqLhzlqk7ugFZnAI=;
 b=rGg7dSx01shZj0N6ntVqQQcVhMlsbVR+pMRkjwS5xc4TbCdyxcjZbQzg5LxxyhtdHj
 xOPtUuBjUl/D3V4VPopOwmYOraCVGeyoGuVXx38dG3R5gljgH5qsuLv/snaYh9YXFLCU
 0brH21ckTa6lFc7bctidcM0V6KUp85yOHV1YGOOeh9BMfTZa6UMLJ+ek/hGO7Thsb/B9
 lDuoDd9xL8LXHG6ZEpDeZ+H7V4/ebXNazBIK60r2NB400z7orJfizYXuvMXCpfyfgqNh
 y0NUJ5+NMFYbrUEl+TOmjXWqJYluelIWYuBSmv5sl81jVuBpTYgVTVWWEMTbbFDehzWo
 xFPQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491004; x=1770095804;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=/m58jsrTIZK0luSPJaSrEgjDGlXyqLhzlqk7ugFZnAI=;
 b=FVgrCQAAHBUAIMq1k2KpegxcmdQU47NxuGrWlnlLBONV1lxD4TjsH81UToqXDlJ3HS
 ns2hvkDancrVglwtBf726JWkmB+VswOO7Q63xuClDBLJx1Af0HKJbYUg0xaEJOWJ0F7L
 +QwmYW2eUU/OGUui7PziFa5D/FkRnwNChiPDLK87f3d1ScHQbY27pnKOlxWbMNCdpVOz
 WXNikHDZwDQBSr729Ae94KuAvWogAp+6lWvqG51/gTCbCDlUk8egL4d4r9zeloEw+7l4
 pe04WUL7ZR56j8CZJvxSHm4BZnqvKSFdEXKKL7Ki3hknyz6lVdOiB8r0pR7jiIjepPfj
 W5SA==
X-Forwarded-Encrypted: i=1;
 AJvYcCXHxJsvA+x5NRVKx2Te58TPag8SqoAw5JLfz8bA08nYRCU0XxjZAzpvxAcJ5yQS4iCUmRTMtD69UVJC@nongnu.org
X-Gm-Message-State: AOJu0YzSKm19Qz0tsCQu6paPd/QZM1vgySJ2zQEnsikpbBMPvkDBqYCa
 OUb2d2Qx97blBzq9gt12lv5lXgHiZeyqs6/iLEFXCqXaw/CYZUARyCkNGvQGjtfQYuUhc0+HOkQ
 E8HqfvLQeoxcMU1e2ny6A3b6+0ZBjaVK4Lq6Y6xi2OuDDzJBB8CM9M+Fa
X-Gm-Gg: AZuq6aIaeeSJDEQ7j5cXN3P6JKOwVpHQp4J/FSIYlgUgLhG+t7mbyae0rJ+uop0lLwB
 OKklCQVY1k/21H/Y4yKiu3jYczdT7e/nmIqRDe98Aj1o7jamZSa3xScZ3k/BCwrH/NUXr9Cb2kx
 kz4eWaIWEgOYqkub4x97fsz51YSd6MNJXzJLlhx41aHj50L/vCL8DUqEq+6XvsWuUgBy3B1fZRs
 plG9g1uXc0E9uCcXvRZQEM0u0QHybwGWEVrnzDor2BcDfBUh+foZygCle/Mim+Rsz4+Vn1PwHNY
 iVxMfXL9TWB97XhlTUlE9Qf6j7yWxUM9ZMYeycfKhHM8a0MYDAEaEhyxYN+2b/G+STzS6xE//A4
 uYhWzdCcZV/xUgeQmp7p1dEl+Vgv00vWNqDGT2eFsPg==
X-Received: by 2002:a05:6a21:62c3:b0:38e:9c27:72e8 with SMTP id
 adf61e73a8af0-38ec6279239mr485150637.4.1769491004094;
 Mon, 26 Jan 2026 21:16:44 -0800 (PST)
X-Received: by 2002:a05:6a21:62c3:b0:38e:9c27:72e8 with SMTP id
 adf61e73a8af0-38ec6279239mr485136637.4.1769491003723;
 Mon, 26 Jan 2026 21:16:43 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Peter Xu <peterx@redhat.com>,
 =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 04/33] system/physmem: add helper to reattach existing
 memory after KVM VM fd change
Date: Tue, 27 Jan 2026 10:45:32 +0530
Message-ID: <20260127051612.219475-5-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491034328158500
Content-Type: text/plain; charset="utf-8"

After the guest KVM file descriptor has changed as a part of the process of
confidential guest reset mechanism, existing memory needs to be reattached =
to
the new file descriptor. This change adds a helper function ram_block_rebin=
d()
for this purpose. The next patch will make use of this function.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 include/system/physmem.h |  1 +
 system/physmem.c         | 28 ++++++++++++++++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/include/system/physmem.h b/include/system/physmem.h
index 7bb7d3e154..da91b77bd9 100644
--- a/include/system/physmem.h
+++ b/include/system/physmem.h
@@ -51,5 +51,6 @@ physical_memory_snapshot_and_clear_dirty(MemoryRegion *mr=
, hwaddr offset,
 bool physical_memory_snapshot_get_dirty(DirtyBitmapSnapshot *snap,
                                         ram_addr_t start,
                                         ram_addr_t length);
+int ram_block_rebind(Error **errp);
=20
 #endif
diff --git a/system/physmem.c b/system/physmem.c
index 9a7aba9521..6755d85319 100644
--- a/system/physmem.c
+++ b/system/physmem.c
@@ -2857,6 +2857,34 @@ found:
     return block;
 }
=20
+/*
+ * Creates new guest memfd for the ramblocks and closes the
+ * existing memfd.
+ */
+int ram_block_rebind(Error **errp)
+{
+    RAMBlock *block;
+
+    qemu_mutex_lock_ramlist();
+
+    RAMBLOCK_FOREACH(block) {
+        if (block->flags & RAM_GUEST_MEMFD) {
+            if (block->guest_memfd >=3D 0) {
+                close(block->guest_memfd);
+            }
+            block->guest_memfd =3D kvm_create_guest_memfd(block->max_lengt=
h,
+                                                        0, errp);
+            if (block->guest_memfd < 0) {
+                qemu_mutex_unlock_ramlist();
+                return -1;
+            }
+
+        }
+    }
+    qemu_mutex_unlock_ramlist();
+    return 0;
+}
+
 /*
  * Finds the named RAMBlock
  *
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491106; cv=none;
	d=zohomail.com; s=zohoarc;
	b=YG91m3/Ov7wovtz1MWBYOIUSr1vnkRUUcAEb6QV/xyfI7Hspbri7kLhyFaMUeJ0JLP1eOhLhHML/4tSvp7XhMMrYdte0/Bet2dHA9OYiNp5jjDNuIw2iwPFBtL8u1xHRCWN78TeZ3a1LKmaw+5AVcNbT1O7D96eqaL8QWqgEnGQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491106;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=CdaABaxt514z7cKlS+uuQzBXtNPXSHeITNnbmc7YpWg=;
	b=H7nwIsoozx9H+sWzikXBdQX3koN3QXr1XMnmXHxVrdi9i+X7QU2KRToamLDMXYULcHVs9FV1NBtBJNiNACaWrDP+Epjzxk96Ocu+x4IhhaYPsFs37o0ERp4DRhxsbL6eOndgsGeFMZOEZWRI40gC5tJvdG55PhApmYE0vZ55+tY=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491106972929.979169872421;
 Mon, 26 Jan 2026 21:18:26 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbRl-0006jV-Nh; Tue, 27 Jan 2026 00:17:01 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRk-0006jD-VA
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:00 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRj-0008Ks-5p
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:00 -0500
Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com
 [209.85.216.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-354-VH9k9KrRM1WeXMOHgxSOGw-1; Tue, 27 Jan 2026 00:16:54 -0500
Received: by mail-pj1-f72.google.com with SMTP id
 98e67ed59e1d1-34e70e2e363so4657151a91.1
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:16:54 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.16.44
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:16:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491018;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=CdaABaxt514z7cKlS+uuQzBXtNPXSHeITNnbmc7YpWg=;
 b=Hu/nGL4H5ZIy7EijknEdkF4rvznOXmAgcEScgHTFIUHvmcB+dG+PFGucQ8rRQI9XVk4YVr
 acInqP4hIKMBbZGWaiIOGkVBMk1s8fE25AN/6uK5R+22W63ijl4NrbLf5LxbFFQLTveYPc
 VrG1pILrJB0sZHoLMi9zIQPvf02SQPE=
X-MC-Unique: VH9k9KrRM1WeXMOHgxSOGw-1
X-Mimecast-MFC-AGG-ID: VH9k9KrRM1WeXMOHgxSOGw_1769491014
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491014; x=1770095814; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=CdaABaxt514z7cKlS+uuQzBXtNPXSHeITNnbmc7YpWg=;
 b=bDsHemo/2+NfLDyChT9s+6TT2Cz+9Drs9JlFE+ry69xnc2KgU1Mh2GpoGl/KUsNjpj
 V7djdRbJwMqoMI+GCL9p9h/O46hT9lhHdZQFxCzu48oTDLi3WgK9qRppXnj5Ze+0R2AU
 11+hZMSBZj5CvNQ5OZU7OtlCLtiYGR2vz2JzFE5MwhoywsWsKJ8q4Wt9eEf7WixEM977
 jVr7Sxy/fmBSKVHyazX8a/1ybDqujeo9Bt47ktXVFKjreFvD3rvC3Px4jBmIqLE3Obhm
 JjFvXidoiv4hi45ljAOQULDnBEbghI2K6XTVq0SzKdJUDwJyXqWK+9hCjnJhn+wkEkT1
 crag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491014; x=1770095814;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=CdaABaxt514z7cKlS+uuQzBXtNPXSHeITNnbmc7YpWg=;
 b=hNi3j2z4uY1tJe7Aiqj8+UfpLmLQGwcBA4DbzUGD13wg9LAcy1OECKg9UmJewwzO1Z
 kaB4mtc2wkgUxatuopXQrJ+B8SwGwwMJteDeR5qdXpWagIu2WqTLsGxtwrscJtRq5VYB
 zUzTJELO5y5hxqn9NGsqb8zOC/HK+eJYGDDueFsft4eGizXW/889UoDB5kMx5paG3j8l
 ElzZPJoHchWNUoLdOiu/2lSmgWsyIGtgB1/3aTbTBj1XFDxdIE4sb7pupY92U4RB8zc3
 b3pWQNSCgIHKQ/Uz8uJM+15CX6ZUlX0xQiFglNn0PZgN2vonXzl6Easo9C0coFg1z7AE
 RMAg==
X-Forwarded-Encrypted: i=1;
 AJvYcCVqWIwrlLPde21pwMqvB9MNusqHlAtHsCtYwsNMHc3xi+J5E+e3kkeUk5tm7Kg4kmmp7QwyQGfAldWy@nongnu.org
X-Gm-Message-State: AOJu0Yxvb+ESAQyawgsDhxhrbxIPUm/bwV09Ws6fJ1JX7rihrQPjCttL
 pF4jgJi7su/x2DdvvWicdmhLgNqWn2pXi6VOCE3EogMa8b2ehfsLuTR71YpxUkuO4hDg5XOEVmR
 dSwwk+UvCbDpvkAKtyIy73rZ58e3lCvTTnYPB2ycbAfF5nJ7GzryoVPBA
X-Gm-Gg: AZuq6aJUj8SMsOS+wRdMb9cCfhjU332m36Z2KTRaJFl4FjdBCrAAKMv2VJVIBIuZzjx
 px9rf+7S8tBiZ9gZkOq6+3d7o599NPw7Hy69CHPoH8eXQcQCAXxHQj49nncm5g+ejp3DcorS/5S
 iAp3SClmtMA6wkQWOGMa3jWvMWt352/j2CkX2v2z/xMF4tO6Fy2lHhD4imFzX7yjLkyt5TrAFeS
 Qs21LwYbXRprfk1tA42nuNOUXvb2GNDnZfSKxltvs+nNptjeXncAd0zBmWOK49tyr7/pwr5clv6
 IfnxxDmJa6yZILCR09ssydif+feHaZd1bnxvDL5JKfpyjfXkY9nwIYr5p69Uo1nlR2bEV6KEcNl
 sYe0xNBMLp7cgdlQ+iNIIIpAbrTzwZZTI7rR3IQZnww==
X-Received: by 2002:a17:90b:562c:b0:353:100:2f20 with SMTP id
 98e67ed59e1d1-353fece4c43mr607605a91.10.1769491013460;
 Mon, 26 Jan 2026 21:16:53 -0800 (PST)
X-Received: by 2002:a17:90b:562c:b0:353:100:2f20 with SMTP id
 98e67ed59e1d1-353fece4c43mr607573a91.10.1769491013023;
 Mon, 26 Jan 2026 21:16:53 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Peter Maydell <peter.maydell@linaro.org>,
 Marcelo Tosatti <mtosatti@redhat.com>, Song Gao <gaosong@loongson.cn>,
 Huacai Chen <chenhuacai@kernel.org>,
 =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>,
 Aurelien Jarno <aurelien@aurel32.net>,
 Jiaxun Yang <jiaxun.yang@flygoat.com>,
 Aleksandar Rikalo <arikalo@gmail.com>, Nicholas Piggin <npiggin@gmail.com>,
 Harsh Prateek Bora <harshpb@linux.ibm.com>,
 Chinmay Rath <rathc@linux.ibm.com>, Palmer Dabbelt <palmer@dabbelt.com>,
 Alistair Francis <alistair.francis@wdc.com>,
 Weiwei Li <liwei1518@gmail.com>,
 Daniel Henrique Barboza <dbarboza@ventanamicro.com>,
 Liu Zhiwei <zhiwei_liu@linux.alibaba.com>,
 Halil Pasic <pasic@linux.ibm.com>,
 Christian Borntraeger <borntraeger@linux.ibm.com>,
 Eric Farman <farman@linux.ibm.com>,
 Matthew Rosato <mjrosato@linux.ibm.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Ilya Leoshkevich <iii@linux.ibm.com>, David Hildenbrand <david@kernel.org>,
 Thomas Huth <thuth@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org, qemu-arm@nongnu.org, qemu-ppc@nongnu.org,
 qemu-riscv@nongnu.org, qemu-s390x@nongnu.org
Subject: [PATCH v3 05/33] accel/kvm: add changes required to support KVM VM
 file descriptor change
Date: Tue, 27 Jan 2026 10:45:33 +0530
Message-ID: <20260127051612.219475-6-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491108770158500
Content-Type: text/plain; charset="utf-8"

This change adds common kvm specific support to handle KVM VM file descript=
or
change. KVM VM file descriptor can change as a part of confidential guest r=
eset
mechanism. A new function api kvm_arch_on_vmfd_change() per
architecture platform is added in order to implement architecture specific
changes required to support it. A subsequent patch will add x86 specific
implementation for kvm_arch_on_vmfd_change() as currently only x86 supports
confidential guest reset.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c        | 80 ++++++++++++++++++++++++++++++++++++--
 accel/kvm/trace-events     |  1 +
 include/system/kvm.h       |  2 +
 target/arm/kvm.c           | 10 +++++
 target/i386/kvm/kvm.c      | 10 +++++
 target/loongarch/kvm/kvm.c | 10 +++++
 target/mips/kvm.c          | 10 +++++
 target/ppc/kvm.c           | 10 +++++
 target/riscv/kvm/kvm-cpu.c | 10 +++++
 target/s390x/kvm/kvm.c     | 10 +++++
 10 files changed, 150 insertions(+), 3 deletions(-)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 8301a512e7..46243cfcf2 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2415,11 +2415,9 @@ void kvm_irqchip_set_qemuirq_gsi(KVMState *s, qemu_i=
rq irq, int gsi)
     g_hash_table_insert(s->gsimap, irq, GINT_TO_POINTER(gsi));
 }
=20
-static void kvm_irqchip_create(KVMState *s)
+static void do_kvm_irqchip_create(KVMState *s)
 {
     int ret;
-
-    assert(s->kernel_irqchip_split !=3D ON_OFF_AUTO_AUTO);
     if (kvm_check_extension(s, KVM_CAP_IRQCHIP)) {
         ;
     } else if (kvm_check_extension(s, KVM_CAP_S390_IRQCHIP)) {
@@ -2452,7 +2450,13 @@ static void kvm_irqchip_create(KVMState *s)
         fprintf(stderr, "Create kernel irqchip failed: %s\n", strerror(-re=
t));
         exit(1);
     }
+}
=20
+static void kvm_irqchip_create(KVMState *s)
+{
+    assert(s->kernel_irqchip_split !=3D ON_OFF_AUTO_AUTO);
+
+    do_kvm_irqchip_create(s);
     kvm_kernel_irqchip =3D true;
     /* If we have an in-kernel IRQ chip then we must have asynchronous
      * interrupt delivery (though the reverse is not necessarily true)
@@ -2607,6 +2611,75 @@ static int kvm_setup_dirty_ring(KVMState *s)
     return 0;
 }
=20
+static int kvm_reset_vmfd(MachineState *ms)
+{
+    KVMState *s;
+    KVMMemoryListener *kml;
+    int ret =3D 0, type;
+    Error *err =3D NULL;
+
+    /*
+     * bail if the current architecture does not support VM file
+     * descriptor change.
+     */
+    if (!kvm_arch_supports_vmfd_change()) {
+        error_report("This target architecture does not support KVM VM "
+                     "file descriptor change.");
+        return -EOPNOTSUPP;
+    }
+
+    s =3D KVM_STATE(ms->accelerator);
+    kml =3D &s->memory_listener;
+
+    memory_listener_unregister(&kml->listener);
+    memory_listener_unregister(&kvm_io_listener);
+
+    if (s->vmfd >=3D 0) {
+        close(s->vmfd);
+    }
+
+    type =3D find_kvm_machine_type(ms);
+    if (type < 0) {
+        return -EINVAL;
+    }
+
+    ret =3D do_kvm_create_vm(s, type);
+    if (ret < 0) {
+        return ret;
+    }
+
+    s->vmfd =3D ret;
+
+    kvm_setup_dirty_ring(s);
+
+    /* rebind memory to new vm fd */
+    ret =3D ram_block_rebind(&err);
+    if (ret < 0) {
+        return ret;
+    }
+    assert(!err);
+
+    ret =3D kvm_arch_on_vmfd_change(ms, s);
+    if (ret < 0) {
+        return ret;
+    }
+
+    if (s->kernel_irqchip_allowed) {
+        do_kvm_irqchip_create(s);
+    }
+
+    /* these can be only called after ram_block_rebind() */
+    memory_listener_register(&kml->listener, &address_space_memory);
+    memory_listener_register(&kvm_io_listener, &address_space_io);
+
+    /*
+     * kvm fd has changed. Commit the irq routes to KVM once more.
+     */
+    kvm_irqchip_commit_routes(s);
+    trace_kvm_reset_vmfd();
+    return ret;
+}
+
 static int kvm_init(AccelState *as, MachineState *ms)
 {
     MachineClass *mc =3D MACHINE_GET_CLASS(ms);
@@ -4014,6 +4087,7 @@ static void kvm_accel_class_init(ObjectClass *oc, con=
st void *data)
     AccelClass *ac =3D ACCEL_CLASS(oc);
     ac->name =3D "KVM";
     ac->init_machine =3D kvm_init;
+    ac->reset_vmfd =3D kvm_reset_vmfd;
     ac->has_memory =3D kvm_accel_has_memory;
     ac->allowed =3D &kvm_allowed;
     ac->gdbstub_supported_sstep_flags =3D kvm_gdbstub_sstep_flags;
diff --git a/accel/kvm/trace-events b/accel/kvm/trace-events
index e43d18a869..e4beda0148 100644
--- a/accel/kvm/trace-events
+++ b/accel/kvm/trace-events
@@ -14,6 +14,7 @@ kvm_destroy_vcpu(int cpu_index, unsigned long arch_cpu_id=
) "index: %d id: %lu"
 kvm_park_vcpu(int cpu_index, unsigned long arch_cpu_id) "index: %d id: %lu"
 kvm_unpark_vcpu(unsigned long arch_cpu_id, const char *msg) "id: %lu %s"
 kvm_irqchip_commit_routes(void) ""
+kvm_reset_vmfd(void) ""
 kvm_irqchip_add_msi_route(char *name, int vector, int virq) "dev %s vector=
 %d virq %d"
 kvm_irqchip_update_msi_route(int virq) "Updating MSI route virq=3D%d"
 kvm_irqchip_release_virq(int virq) "virq %d"
diff --git a/include/system/kvm.h b/include/system/kvm.h
index 8f9eecf044..d40cc9750c 100644
--- a/include/system/kvm.h
+++ b/include/system/kvm.h
@@ -358,6 +358,8 @@ int kvm_arch_init(MachineState *ms, KVMState *s);
 int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp);
 int kvm_arch_init_vcpu(CPUState *cpu);
 int kvm_arch_destroy_vcpu(CPUState *cpu);
+bool kvm_arch_supports_vmfd_change(void);
+int kvm_arch_on_vmfd_change(MachineState *ms, KVMState *s);
=20
 #ifdef TARGET_KVM_HAVE_RESET_PARKED_VCPU
 void kvm_arch_reset_parked_vcpu(unsigned long vcpu_id, int kvm_fd);
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 48f853fff8..a707406763 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -1569,6 +1569,16 @@ void kvm_arch_init_irq_routing(KVMState *s)
 {
 }
=20
+int kvm_arch_on_vmfd_change(MachineState *ms, KVMState *s)
+{
+    abort();
+}
+
+bool kvm_arch_supports_vmfd_change(void)
+{
+    return false;
+}
+
 int kvm_arch_irqchip_create(KVMState *s)
 {
     if (kvm_kernel_irqchip_split()) {
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 3fdb2a3f62..346e1ef6f7 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -3253,6 +3253,16 @@ static int kvm_vm_enable_energy_msrs(KVMState *s)
     return 0;
 }
=20
+int kvm_arch_on_vmfd_change(MachineState *ms, KVMState *s)
+{
+    abort();
+}
+
+bool kvm_arch_supports_vmfd_change(void)
+{
+    return false;
+}
+
 int kvm_arch_init(MachineState *ms, KVMState *s)
 {
     int ret;
diff --git a/target/loongarch/kvm/kvm.c b/target/loongarch/kvm/kvm.c
index 9d844c4905..1be471fd54 100644
--- a/target/loongarch/kvm/kvm.c
+++ b/target/loongarch/kvm/kvm.c
@@ -1364,6 +1364,16 @@ int kvm_arch_irqchip_create(KVMState *s)
     return kvm_check_extension(s, KVM_CAP_DEVICE_CTRL);
 }
=20
+int kvm_arch_on_vmfd_change(MachineState *ms, KVMState *s)
+{
+    abort();
+}
+
+bool kvm_arch_supports_vmfd_change(void)
+{
+    return false;
+}
+
 void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run)
 {
 }
diff --git a/target/mips/kvm.c b/target/mips/kvm.c
index a85e162409..d12c8b8a27 100644
--- a/target/mips/kvm.c
+++ b/target/mips/kvm.c
@@ -44,6 +44,16 @@ unsigned long kvm_arch_vcpu_id(CPUState *cs)
     return cs->cpu_index;
 }
=20
+int kvm_arch_on_vmfd_change(MachineState *ms, KVMState *s)
+{
+    abort();
+}
+
+bool kvm_arch_supports_vmfd_change(void)
+{
+    return false;
+}
+
 int kvm_arch_init(MachineState *ms, KVMState *s)
 {
     /* MIPS has 128 signals */
diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c
index 41bd03ec2a..fba2b93290 100644
--- a/target/ppc/kvm.c
+++ b/target/ppc/kvm.c
@@ -180,6 +180,16 @@ int kvm_arch_irqchip_create(KVMState *s)
     return 0;
 }
=20
+int kvm_arch_on_vmfd_change(MachineState *ms, KVMState *s)
+{
+    abort();
+}
+
+bool kvm_arch_supports_vmfd_change(void)
+{
+    return false;
+}
+
 static int kvm_arch_sync_sregs(PowerPCCPU *cpu)
 {
     CPUPPCState *cenv =3D &cpu->env;
diff --git a/target/riscv/kvm/kvm-cpu.c b/target/riscv/kvm/kvm-cpu.c
index b047ffa9c0..89207dddf9 100644
--- a/target/riscv/kvm/kvm-cpu.c
+++ b/target/riscv/kvm/kvm-cpu.c
@@ -1545,6 +1545,16 @@ int kvm_arch_irqchip_create(KVMState *s)
     return kvm_check_extension(s, KVM_CAP_DEVICE_CTRL);
 }
=20
+int kvm_arch_on_vmfd_change(MachineState *ms, KVMState *s)
+{
+    abort();
+}
+
+bool kvm_arch_supports_vmfd_change(void)
+{
+    return false;
+}
+
 int kvm_arch_process_async_events(CPUState *cs)
 {
     return 0;
diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c
index 54d28e37d4..556c45e7fd 100644
--- a/target/s390x/kvm/kvm.c
+++ b/target/s390x/kvm/kvm.c
@@ -393,6 +393,16 @@ int kvm_arch_irqchip_create(KVMState *s)
     return 0;
 }
=20
+int kvm_arch_on_vmfd_change(MachineState *ms, KVMState *s)
+{
+    abort();
+}
+
+bool kvm_arch_supports_vmfd_change(void)
+{
+    return false;
+}
+
 unsigned long kvm_arch_vcpu_id(CPUState *cpu)
 {
     return cpu->cpu_index;
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491210; cv=none;
	d=zohomail.com; s=zohoarc;
	b=eGG6XeyMTP5C3uWQZo3RkVwB06toJoCfNt701WyICRsuB8Rs3CF5nePssC7Yo9GSwHI9Qku502/YKwbnHv3kvDMEmEmaFSUAtCXo/m2w+BtStIA9S9JhFI7wYJ71W+0hDaF37S1kSyKFDyyjAZCXjmTYNvOyWaqUVgK5iv7ZkNw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491210;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=X/lBWdDVebfZe5D0jHJAAfOOk/PomlXvxepzVj2YvU4=;
	b=Oym86jv/xkZIgxAtklPn86YLb1IwbRzp+MtNsNSI3o7821weydo08HEiQvBYxzcN6z3Fc48g61/Jbgs/EIxKYCtnzdmK2YwogCX9kCYwDUoQ+PXvUD1An4qWzC/Jn2qhJls4YMeHr9zGoWr6czzHQVIOS5+0HMentH8+1yjIovI=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 176949121081963.37428937895447;
 Mon, 26 Jan 2026 21:20:10 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbRm-0006jj-83; Tue, 27 Jan 2026 00:17:02 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRk-0006jE-Vt
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:01 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRj-0008LB-Jz
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:00 -0500
Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com
 [209.85.216.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-139-mQjmpdKqNoCgCQjv62cUsA-1; Tue, 27 Jan 2026 00:16:56 -0500
Received: by mail-pj1-f72.google.com with SMTP id
 98e67ed59e1d1-34c38781efcso4920705a91.2
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:16:56 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.16.53
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:16:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491019;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=X/lBWdDVebfZe5D0jHJAAfOOk/PomlXvxepzVj2YvU4=;
 b=J+YplIdTEVxHd75kkjbiBDaczLQRAeESdItZtB8irFqEN6ETGXEsSUo7oZomP8siaNSg50
 jliv0F+4OTi0zluNikeER7u8ZGvvBPxhZLGP8n6iDxMx4eq+k2XVPJ9qFuiPK9x0rCqNxR
 jwX4oODlXhF52GSg4c9ttNnBNGI/99s=
X-MC-Unique: mQjmpdKqNoCgCQjv62cUsA-1
X-Mimecast-MFC-AGG-ID: mQjmpdKqNoCgCQjv62cUsA_1769491016
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491016; x=1770095816; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=X/lBWdDVebfZe5D0jHJAAfOOk/PomlXvxepzVj2YvU4=;
 b=qe4dY5G+CHFBYPPlHooyxeO9kv7pxtNgDZ9Hk+mhWCQ8P3jAxdZc4bgfhE2a1AhFQ+
 GmGiLJkC17Ba3dgYdvG0fwERar8qx8hE41hAdTCUxOsOL3qi1h4ZPLnlbLI++JhBEjSK
 lAXQjOzfFP9nPZgdzhRA21jBF6NDv88xWEkAHqDfVNK+6pF3yj4iWEOZSUQKvPCqqt8n
 n0+x2Sc+JdmxNPwSGM7CsEnKYhATv7479aCAqT/2O9jnbeHiW/KRnkb/hvhFO55zU5Kn
 F36c6sY9Mgl6j85Qd4o1iVHW1x99Tx2UajMYClawsuVtcvWSItJ/wObP2Ne1qUP37Kzr
 5p0w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491016; x=1770095816;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=X/lBWdDVebfZe5D0jHJAAfOOk/PomlXvxepzVj2YvU4=;
 b=CeOpuRJ1PgabeNhtr9G2zP8iqV+6L//Y3L4xAkOSwLREl9TeaDEEu4zZH+TibOJ/XQ
 /9aF7un4o45rbPvCebbIv5g/QOMId1YI77Qouw9NIAKebp9Q7LtJkYOT0Huxbrxn4UOP
 nD2cjlPYvv00RwK4SDDR2I6ZkMHCwd0MkOJlezukWiBb4oMN/e803e6SpdDt19AjmAW7
 RMJP6OxgmR8bVhGIJfngXSzeGSGCVLAk7Q50W8VTgEqzMpaIpUvuIc5Uj/amemC74Wo/
 CNki43aqjfJybOBdtTVnk1qSMk11/PKwim66lR3S/PX6sjmnBBHe2m6mnPN7Lgdn/TpB
 BYuQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCVphh4Tvzh54egTWmqFMP6fvUra2uU0037OhfAqJ1bnUibsqSWXAvWM+7tZDUu5Gl3brsUZCX58BfcJ@nongnu.org
X-Gm-Message-State: AOJu0YyC1j/azJ9560Qa1wxQf0b1/VOCSzobNhagid/iZAvJ/pecj0PA
 jxcddgT8cSd4dT+0CSlwSkuX8keicw2dEUd09/B0DL38ITg4V6Bk/hzCy/ULci/xIgR3z5YuU3M
 J88WprEVnYRDVVgqhFAK0oOK41yX9skkJeAdHqfrzlXt/VNHFfa5KI4Jl
X-Gm-Gg: AZuq6aLVAFUEP1PqKv8bW+6Lo26qzEfEY8Bz+PdRnDidYFX6xtiwOUnZgcjpZffzRDk
 tg8cXRZfEJvzQDSb0XjDTnJL2vV+eHVbJNprM7iKIhF26OB/OtoUyd4rVNuqGTfQ+ok707xtF0y
 rcDCYg3QnIcw5IjT6w+0NXG8qhs0cMpeFP3MLHn3NUENmdO04GKGKxrft+ouUoxS4v83atWnzJl
 bnTIc23D0bvkyBlvpsVPwpx1lhRoQX5jrblTMPnM/eSFmqLeDUXWZ2zhih09JTfJvQm2A5z9Iz7
 wXElA30T6QvqqnsV2Re6PE+z5JSxZWOdxFStIzZowvQtqpCmEvBUdrvHVq4f61eUfMNvIbtI/Bq
 O4+FkNMLL/mw1hadNCpOc0nWhHVVnXBwRVsgTxG8u/A==
X-Received: by 2002:a17:90b:3901:b0:32d:f352:f764 with SMTP id
 98e67ed59e1d1-353fecd08edmr647579a91.2.1769491015901;
 Mon, 26 Jan 2026 21:16:55 -0800 (PST)
X-Received: by 2002:a17:90b:3901:b0:32d:f352:f764 with SMTP id
 98e67ed59e1d1-353fecd08edmr647562a91.2.1769491015535;
 Mon, 26 Jan 2026 21:16:55 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 06/33] accel/kvm: mark guest state as unprotected after vm
 file descriptor change
Date: Tue, 27 Jan 2026 10:45:34 +0530
Message-ID: <20260127051612.219475-7-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491213270154100
Content-Type: text/plain; charset="utf-8"

When the KVM VM file descriptor has changed and a new one created, the guest
state is no longer in protected state. Mark it as such.
The guest state becomes protected again when TDX and SEV-ES and SEV-SNP mark
it as such.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 46243cfcf2..834df61c31 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2650,6 +2650,9 @@ static int kvm_reset_vmfd(MachineState *ms)
=20
     s->vmfd =3D ret;
=20
+    /* guest state is now unprotected again */
+    kvm_state->guest_state_protected =3D false;
+
     kvm_setup_dirty_ring(s);
=20
     /* rebind memory to new vm fd */
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491097; cv=none;
	d=zohomail.com; s=zohoarc;
	b=RIsx617JZFbw+jTLBE+1YEZ38DCh6rfTfeTWi5gn8eOzFrLPRaR+dQzEA5U5G7rto7HNasyVCNhcz1PQVqWYaeTf5fminwbGcet/NgXOLXV6VIuQhm2VB2pKJ02KIRpIbI3PW7So+iNvF8O7fxEBLYA9h3SvOOfmoRsEoC0KhUM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491097;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=ekxz0EEyBOQMVYi/GjNSmeh3FZ184pWI8lFYWcurNPM=;
	b=Tw0bChHMCkbY78gNE8DxcNRkIYxxcffIP/AXx7xPJ7TPUK0dI57xSIH7NF28ZrRmUL4AHMv5vCMSOwhnD8KQDfj3y6Vol2KGbbsZfItxkToD9e8gn4r1LA1Uichr4QnNkyyxeV5E9Z9jQuqGI0JrLrxkijevpTS/HTDvuR6bOPQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491097357700.2970449050063;
 Mon, 26 Jan 2026 21:18:17 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbRq-0006m0-PK; Tue, 27 Jan 2026 00:17:06 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRo-0006lW-C9
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:04 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRm-0008Ls-Eb
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:04 -0500
Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com
 [209.85.216.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-508-O91VLUO1OZC6DolP3Wm8tA-1; Tue, 27 Jan 2026 00:16:59 -0500
Received: by mail-pj1-f72.google.com with SMTP id
 98e67ed59e1d1-352c7f19acaso4033822a91.0
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:16:59 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.16.56
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:16:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491021;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=ekxz0EEyBOQMVYi/GjNSmeh3FZ184pWI8lFYWcurNPM=;
 b=B6lfimfG/KNe2wVf0Wex226bQPdFk7rzX+pN7PsdOZ2fMqPbCqVv2DlaqeE+MknAGZcNqv
 n7GIGFieUxfguwM9f4yDUDwNv4jqg3WlmP0mU85j8TqBWyvRJs+DahzLwa56lh99f698HF
 hhx4tCDj2UaruC2kUJgK9ss9oVD0xU8=
X-MC-Unique: O91VLUO1OZC6DolP3Wm8tA-1
X-Mimecast-MFC-AGG-ID: O91VLUO1OZC6DolP3Wm8tA_1769491019
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491018; x=1770095818; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=ekxz0EEyBOQMVYi/GjNSmeh3FZ184pWI8lFYWcurNPM=;
 b=rHLszYiivqT2L8mb2Ghcyij8SaAHEiWneI6XYlGHQaSXG1P5fgHzUNm8a212rXTQCw
 ST4WTv7dqbYNpQ6pkVLRL3UmCF96Su4RgYfTIstLOiBqN0s4udX6JLnV1YC2bfYOyQ1E
 8HVH0Yuw9nqaUNxpoCWXjmqZrRAAP7ROPuGcHcx/x19q6HNjxVISSGrvfi9ONRaUTw0l
 NNcAeywbIVoRSnuKX6QwV4S/HvDciR6sWmMwsDTcddzV4hiCyPwWEaNUEsJQBEE3McXR
 6T6pLLcrWa3C4bygp1ZK+XnP0g7AwhcYCAQD2mE6zD8gLEjEFZ99e1DS6RnkbaZwvLLL
 VYAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491018; x=1770095818;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=ekxz0EEyBOQMVYi/GjNSmeh3FZ184pWI8lFYWcurNPM=;
 b=Hf5xw04ECtgHztE0gAMHlZeBRMSrha3/oLt342Tiw8MQnJ9rPxRmMba6+6wCveF26I
 ysefnxvnQHSlxamCA1U7N82uyv4NPnxAd7h5MYIzKOc6BLYFo8sipPnDVt1p3enSL6J4
 IY/jtqMeHfObaZwJuuDzIMnCZ+JZv4rdeFQYggCf8sbgJg4S4SjPpItmk1HenLIGkoBc
 8Ax2Ze6zwPtSzgDQJEtwadP452ENfcsNKX3PEW1sI4wXsPZTV2NbNQK9rRzMNrw+FzJu
 TjISQTiPOXayVl3vu5XgAkJWEIzKABGkI/X7DhFrlx3btdGD3R7gHHPpQZhXMFBmIYih
 R3/Q==
X-Forwarded-Encrypted: i=1;
 AJvYcCVQaL59CECLMv8fP7cOTvo4BtzxujQX22yAV0mJ1Xw6HK9qR5v+hTOTqafKjisOWp1OVKlRr18crRsn@nongnu.org
X-Gm-Message-State: AOJu0Yza/u90CvPx3V6E54tYreyPwJCeY09TLcpw0zRJB7ClaD7MPJCY
 i6cDBSxeS93kG9PLfua4878AksH1C6Tp4h10A1gsoCYbkxLKmjgCSCH4BDLz0iUI6yES4JF8uBx
 z2mLFZlf++gAYx9ZGZX2k//irjthZS5EgStgt2JuwBq7Yu4ZU7p4saXlm
X-Gm-Gg: AZuq6aJxT8fnwIfwTQJmoBYiNgMbVh3ilT50GG35ucCo40KPln8pI0NBJ+nyjgOo+k4
 W3TLKOw/yRBw4MXzBd5DBtsxfRq9fRYttnB2+SNzPeGoLnIXpCg38sG093A6viII7Mw1ofAkmrx
 wUPbBDjcHwi2BKCBgiDUi2g6vKd8EOwHx9tVeT66QXWRcEMrWnxXMmjihpYyCTerDxMH/PFJ/EN
 /nBQ1UpCxZnUzTK1TYtIX5PufwqbcpnXqUYJDsit9PYSNkvDxEe3myz24TP0ZJHbIoFd0rudhAs
 bjpc+LZ3PyqRYRs1RynG0G4dS6gXGbfm2K7/fDTvD6+wAy7Meey/9IvcKcCO1Fpv3h6wE9dgObJ
 qpeDrByFgda9T4ShO5kTwLCdzFOrK7m1lVzxEcTa+gA==
X-Received: by 2002:a17:90b:3c88:b0:341:88c9:aefb with SMTP id
 98e67ed59e1d1-353fecc6679mr585036a91.5.1769491018479;
 Mon, 26 Jan 2026 21:16:58 -0800 (PST)
X-Received: by 2002:a17:90b:3c88:b0:341:88c9:aefb with SMTP id
 98e67ed59e1d1-353fecc6679mr585022a91.5.1769491018057;
 Mon, 26 Jan 2026 21:16:58 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 07/33] accel/kvm: add a notifier to indicate KVM VM file
 descriptor has changed
Date: Tue, 27 Jan 2026 10:45:35 +0530
Message-ID: <20260127051612.219475-8-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491099687158500
Content-Type: text/plain; charset="utf-8"

A notifier callback can be used by various subsystems to perform actions wh=
en
KVM file descriptor for a virtual machine changes as a part of confidential
guest reset process. This change adds this notifier mechanism. Subsequent
patches will add specific implementations for various notifier callbacks
corresponding to various subsystems that need to take action when KVM VM fi=
le
descriptor changed.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c    | 30 ++++++++++++++++++++++++++++++
 accel/stubs/kvm-stub.c |  8 ++++++++
 include/system/kvm.h   | 21 +++++++++++++++++++++
 3 files changed, 59 insertions(+)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 834df61c31..06d72111e2 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -90,6 +90,7 @@ struct KVMParkedVcpu {
 };
=20
 KVMState *kvm_state;
+VmfdChangeNotifier vmfd_notifier;
 bool kvm_kernel_irqchip;
 bool kvm_split_irqchip;
 bool kvm_async_interrupts_allowed;
@@ -123,6 +124,9 @@ static const KVMCapabilityInfo kvm_required_capabilites=
[] =3D {
 static NotifierList kvm_irqchip_change_notifiers =3D
     NOTIFIER_LIST_INITIALIZER(kvm_irqchip_change_notifiers);
=20
+static NotifierWithReturnList register_vmfd_changed_notifiers =3D
+    NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_changed_notifiers);
+
 struct KVMResampleFd {
     int gsi;
     EventNotifier *resample_event;
@@ -2173,6 +2177,22 @@ void kvm_irqchip_change_notify(void)
     notifier_list_notify(&kvm_irqchip_change_notifiers, NULL);
 }
=20
+void kvm_vmfd_add_change_notifier(NotifierWithReturn *n)
+{
+    notifier_with_return_list_add(&register_vmfd_changed_notifiers, n);
+}
+
+void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n)
+{
+    notifier_with_return_remove(n);
+}
+
+static int kvm_vmfd_change_notify(Error **errp)
+{
+    return notifier_with_return_list_notify(&register_vmfd_changed_notifie=
rs,
+                                            &vmfd_notifier, errp);
+}
+
 int kvm_irqchip_get_virq(KVMState *s)
 {
     int next_virq;
@@ -2671,6 +2691,16 @@ static int kvm_reset_vmfd(MachineState *ms)
         do_kvm_irqchip_create(s);
     }
=20
+    /*
+     * notify everyone that vmfd has changed.
+     */
+    vmfd_notifier.vmfd =3D s->vmfd;
+    ret =3D kvm_vmfd_change_notify(&err);
+    if (ret < 0) {
+        return ret;
+    }
+    assert(!err);
+
     /* these can be only called after ram_block_rebind() */
     memory_listener_register(&kml->listener, &address_space_memory);
     memory_listener_register(&kvm_io_listener, &address_space_io);
diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c
index 68cd33ba97..a6e8a6e16c 100644
--- a/accel/stubs/kvm-stub.c
+++ b/accel/stubs/kvm-stub.c
@@ -79,6 +79,14 @@ void kvm_irqchip_change_notify(void)
 {
 }
=20
+void kvm_vmfd_add_change_notifier(NotifierWithReturn *n)
+{
+}
+
+void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n)
+{
+}
+
 int kvm_irqchip_add_irqfd_notifier_gsi(KVMState *s, EventNotifier *n,
                                        EventNotifier *rn, int virq)
 {
diff --git a/include/system/kvm.h b/include/system/kvm.h
index d40cc9750c..6ab37fd440 100644
--- a/include/system/kvm.h
+++ b/include/system/kvm.h
@@ -181,6 +181,7 @@ DECLARE_INSTANCE_CHECKER(KVMState, KVM_STATE,
=20
 extern KVMState *kvm_state;
 typedef struct Notifier Notifier;
+typedef struct NotifierWithReturn NotifierWithReturn;
=20
 typedef struct KVMRouteChange {
      KVMState *s;
@@ -566,4 +567,24 @@ int kvm_set_memory_attributes_shared(hwaddr start, uin=
t64_t size);
=20
 int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private);
=20
+/* argument to vmfd change notifier */
+typedef struct VmfdChangeNotifier {
+    int vmfd;
+} VmfdChangeNotifier;
+
+/**
+ * kvm_vmfd_add_change_notifier - register a notifier to get notified when
+ * a KVM vm file descriptor changes as a part of the confidential guest "r=
eset"
+ * process. Various subsystems should use this mechanism to take actions s=
uch
+ * as creating new fds against this new vm file descriptor.
+ * @n: notifier with return value.
+ */
+void kvm_vmfd_add_change_notifier(NotifierWithReturn *n);
+/**
+ * kvm_vmfd_remove_change_notifier - de-register a notifer previously
+ * registered with kvm_vmfd_add_change_notifier call.
+ * @n: notifier that was previously registered.
+ */
+void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n);
+
 #endif
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491141; cv=none;
	d=zohomail.com; s=zohoarc;
	b=jm9dxKc2yRkX6pFOojtJyisZJOun5M0We/9t7jbOMQwPqMMqsz5tA7ps7XDnMKYcOBE4s2dmSY4Gh9BjAwU6fd7pSwkujB6V1OU6c4om6t0Wtgy2F+kvoXyObX1WT0r8eX3nrXqtnzg+BMXzUaPOTqOsE4E71kaySewZyW/S3H0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491141;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=gdNlCVdePrLQZM93WRK6oLwv5KTpdxmb5b92LGcPxUQ=;
	b=iPer2/zSDqmTzT3/QSL4Q10aVz1y8S8HOuxCn6qYOq066KBvGin65L6mOibS4RrWUUkKgUPk1jCkHD7CQx5hB93ShV2K17BP6KKYvus7Q+dCQuTrW0goKfdrXjpHaiLftQurjrNb4SEktNQQn+Tyzwr9QfZO+ONV9NBdYfH8kw8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491141033216.80865839418084;
 Mon, 26 Jan 2026 21:19:01 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbRs-0006mU-QW; Tue, 27 Jan 2026 00:17:08 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRq-0006ly-KD
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:06 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRp-0008MJ-69
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:06 -0500
Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com
 [209.85.215.197]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-18-NQkdlF_YOn-AEa653Y7BlQ-1; Tue, 27 Jan 2026 00:17:02 -0500
Received: by mail-pg1-f197.google.com with SMTP id
 41be03b00d2f7-c503d6be76fso8484432a12.0
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:02 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.16.58
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491024;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=gdNlCVdePrLQZM93WRK6oLwv5KTpdxmb5b92LGcPxUQ=;
 b=TfVDmuFXdpOnjgCrlKEsw3fv7Cm5jBylQ1bKaJqcI5qNrbhZOSuzB1k5kds11bJdDjUJPR
 zJt5bXJHftOiaW+aakMLunEXmaenEZfJBS3+WVAGCvknBvqYl7JhyI5IbPATv6PM4diCOG
 4ZoiSeYX3KYzMfIKgAfQKhSkRMHI8OU=
X-MC-Unique: NQkdlF_YOn-AEa653Y7BlQ-1
X-Mimecast-MFC-AGG-ID: NQkdlF_YOn-AEa653Y7BlQ_1769491021
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491021; x=1770095821; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=gdNlCVdePrLQZM93WRK6oLwv5KTpdxmb5b92LGcPxUQ=;
 b=XsKQqycgm/Kp0NlvnExcWi0mcy+vSsratAIwkLBtXYjU78+woVioL29sb9Jb2Eq4Zz
 ey7MVY6tqSvQQej0hPiEYeJcfNEuudMmOzmbj/iAC62ax6xeSrhqR6oWhe4NmaS5786T
 AkZwIH7n92bdS2HhdMZDjN9Awm0e4ijNTTS82c9HmNsoMe3e/lVGt0svpES266LXk9Jg
 fTh4K1mutO00DKmpafpnyafuQ3I+Y4cvegXCs9DM45f7E8MgRGw7AaX0vY1sVOJpwisc
 YOLpIzAA7zmBdRU0SgzTmvlfh4Myw4W0is/wb6ihBc1Uq/xqkYoTnALLCK1i9cforHD0
 5bRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491021; x=1770095821;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=gdNlCVdePrLQZM93WRK6oLwv5KTpdxmb5b92LGcPxUQ=;
 b=Ss8to84QkCmsNtkOKs8xKdZceUBBVt6XF9nbtKgl0zM9VeTw9Fdo5UoZPEDrH+/Ba6
 YVxK05V5xO2Lz3ubsMX7LgANEsath0RhOgfy6mjFxhT0OQtYtSjcAcsAgVy+atspFfk+
 zgfxjljaJrOXcXRCnTla735rfKFbV4fk68H3lIcGw4uUzLtlmhG3EPakZezIWqBIn1fi
 Dh4cEkjdZuizp87h5WvTpjWK2lN7vC40pBq+LrOt4qbeNFu2XMNjQfj96E9arEIxN6/D
 E8QN661q5ELnnuPwadEROxOgzqK0VzoguuM7CuIsaVCkh/tAnfDVzEK4d+owSCmrmqYB
 yxVw==
X-Forwarded-Encrypted: i=1;
 AJvYcCWbEJRsHlehjwgXsEXbLvIoBhapQk3jKZulmGHjeiDfPgMGpl+F0oFnIGwmch5nx+LelICcr16G1SlQ@nongnu.org
X-Gm-Message-State: AOJu0YzaeYgbUHwxCHbtYC7xPMOifgo78PAwfQqhk47p5yTYityWBFs5
 gZnxUwDe8MGTXUVljFmd3t/Co4m+Ale+1Ff1M7SUbyNwrlJx3UyeyH1GSXDvfWZhUNwCc0cskwc
 6aXOgzD7OK+JoY6+dqOfxNNseIlOZV1+ijnN9sLfjkCbl27MrO2308nZQ
X-Gm-Gg: AZuq6aImnXfZu4g4ThyQZ+lQKDU+gzTqavQY1clvMtnNi58qBmJrP2+gsMDGj+HOF/Z
 ftXBoK0l7VBfSVEWG20nEWmPmUekr1YsCHYa4Mn2RyIcAQV/GJ6DKtFVr9WxnihuPV97lZOEFCj
 kdaTImmhIpc9RGQtCII5WRIPls9FKmmX4el7KWgMFmwSqUDLnjc34Y/6bDTJMhDzRCsaTXeTpgd
 FiWSxVEwrCOUbkRPeawH23vTTOGUArHNzBUVVatmc8vGsS9aeNZnPe+ZwOypQNlf4V54M9aLsJ1
 hzqZ3TEfh8tNReMyv22n61c+aNLFnmSqOuf8oNXSj2+KIAiqRJGDDm3SZndlq80H86x4Dq66fC0
 Lxwrdyp9b+SQtDOXU+xyXliI025fCmSVGQl7STz2tnw==
X-Received: by 2002:a05:6a21:118:b0:38b:ebaa:c167 with SMTP id
 adf61e73a8af0-38ec629e677mr543685637.20.1769491021025;
 Mon, 26 Jan 2026 21:17:01 -0800 (PST)
X-Received: by 2002:a05:6a21:118:b0:38b:ebaa:c167 with SMTP id
 adf61e73a8af0-38ec629e677mr543656637.20.1769491020586;
 Mon, 26 Jan 2026 21:17:00 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 08/33] accel/kvm: notify when KVM VM file fd is about to be
 changed
Date: Tue, 27 Jan 2026 10:45:36 +0530
Message-ID: <20260127051612.219475-9-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491144477154100
Content-Type: text/plain; charset="utf-8"

Various subsystems might need to take some steps before the KVM file descri=
ptor
for a virtual machine is changed. So a new boolean attribute is added to the
vmfd_notifier structure which is passed to the notifier callbacks.
vmfd_notifer.pre is true for pre-notification of vmfd change and false for
post notification. Notifier callback implementations can simply check
the boolean value for (vmfd_notifer*)->pre and can take actions for pre or
post vmfd change based on the value.

Subsequent patches will add callback implementations for specific components
that need this pre-notification.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c  | 9 +++++++++
 include/system/kvm.h | 6 ++++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 06d72111e2..538a4cc731 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2654,6 +2654,13 @@ static int kvm_reset_vmfd(MachineState *ms)
     memory_listener_unregister(&kml->listener);
     memory_listener_unregister(&kvm_io_listener);
=20
+    vmfd_notifier.pre =3D true;
+    ret =3D kvm_vmfd_change_notify(&err);
+    if (ret < 0) {
+        return ret;
+    }
+    assert(!err);
+
     if (s->vmfd >=3D 0) {
         close(s->vmfd);
     }
@@ -2695,6 +2702,8 @@ static int kvm_reset_vmfd(MachineState *ms)
      * notify everyone that vmfd has changed.
      */
     vmfd_notifier.vmfd =3D s->vmfd;
+    vmfd_notifier.pre =3D false;
+
     ret =3D kvm_vmfd_change_notify(&err);
     if (ret < 0) {
         return ret;
diff --git a/include/system/kvm.h b/include/system/kvm.h
index 6ab37fd440..a17cd368ca 100644
--- a/include/system/kvm.h
+++ b/include/system/kvm.h
@@ -570,12 +570,14 @@ int kvm_convert_memory(hwaddr start, hwaddr size, boo=
l to_private);
 /* argument to vmfd change notifier */
 typedef struct VmfdChangeNotifier {
     int vmfd;
+    bool pre;
 } VmfdChangeNotifier;
=20
 /**
  * kvm_vmfd_add_change_notifier - register a notifier to get notified when
- * a KVM vm file descriptor changes as a part of the confidential guest "r=
eset"
- * process. Various subsystems should use this mechanism to take actions s=
uch
+ * a KVM vm file descriptor changes or about to be changed as a part of the
+ * confidential guest "reset" process.
+ * Various subsystems should use this mechanism to take actions such
  * as creating new fds against this new vm file descriptor.
  * @n: notifier with return value.
  */
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491214; cv=none;
	d=zohomail.com; s=zohoarc;
	b=PUOEmsfXia1LjGgNjXMpIePa0sTTAEI98ELzTXDE7V+Z4IacinlISR6i6tQvxDbnK/57ZKfkZm9WVIYKIxN2zTuXqi0wmM+PdHKBGwtuCipI8ev2+gxXd8tQgkhPc74VuhxsY0ReLKyTNhcdOK0jXnLFY+Ovq87KuXqJGI+yttw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491214;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=oG/eU7ht67ZLCzu+4byuSdKHIRYwTxnvqkeHA3qrxYc=;
	b=Bz3xFMvpFyjG42KHP8pHPrqdcc1sXYPqwwmq92v8W0puW6WKrJtHZIQKrQFcSjaYLNY1j10UIyXAZ0NM/2m2euJan/5RS+6mHuuG8eU0dPJEwP/9+gDZ9H4Nd6BpvSPLhJjAxa5SwN8a78Tk5uQK0bAq0Ab/XFd8GUXMS5nBzIE=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491214241964.230477979761;
 Mon, 26 Jan 2026 21:20:14 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbRz-0006tB-Lv; Tue, 27 Jan 2026 00:17:15 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRu-0006oX-00
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:13 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRs-0008Mj-K3
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:09 -0500
Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com
 [209.85.214.197]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-169-uh4tCgzfN22JbrvQvOApLw-1; Tue, 27 Jan 2026 00:17:05 -0500
Received: by mail-pl1-f197.google.com with SMTP id
 d9443c01a7336-2a871c32cdbso1413575ad.2
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:04 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.01
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491027;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=oG/eU7ht67ZLCzu+4byuSdKHIRYwTxnvqkeHA3qrxYc=;
 b=Uq1L5yTGfppU/WaGUh4fEQ6E+KlYe25MR529GU/bimcJlSMybbohbYsCDt0q5dYWmuxwEd
 BhiwQ2us7CEIT2uYw82sAIHRlGKmCuKBr+/qLjuxR/ysdj1mbNvrdspy6qZIKScCV8HXta
 FlsB6TanJE7e8AtmfFXN0KEK+9IByqI=
X-MC-Unique: uh4tCgzfN22JbrvQvOApLw-1
X-Mimecast-MFC-AGG-ID: uh4tCgzfN22JbrvQvOApLw_1769491024
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491024; x=1770095824; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=oG/eU7ht67ZLCzu+4byuSdKHIRYwTxnvqkeHA3qrxYc=;
 b=SrhJqTsNVpWRNQ99oWcMP1hwVSG4TAH10I0c+hyO0OrMhVW6A7dcs8X11HQ8QSbfLt
 6zCNDP+Z4jcgCxuUySTRJ26AiOuX28t/QdMjHZoyAKMg0yEojnBjfm9kjMMAwGV5BDU5
 na/ZpEqt9CvCybIINJqGhsh4/7uyzoUIBDsqIk/SmoFOste4+IZak5SnwgOS2Lpq2VhB
 KH06wSzgKwNzEpY1uF7BOrlGPBeyFOhqNCla0dGPqFHmdjcZJ63DJOf4aZr8QNJKueU/
 I42GVpDLQ41A6V4cwlAEqSdCWxxn8vGw7jHPiE3ZR8IxnU2hb0KVFh7oeNR1NICFOikr
 1E7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491024; x=1770095824;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=oG/eU7ht67ZLCzu+4byuSdKHIRYwTxnvqkeHA3qrxYc=;
 b=gchiSLr8NbuvYEeH1zCKHzu+oAembQItPRT0wFV818U0dogRSI+9rjGuR/h6cXYJ1L
 iHBKht7gYtaf9WkJkbLUguScZwKecohoTIgA5SIHyMcOpiXTUN1Ngj7RIenb7URU5xNz
 JnR02T8N3lgvFF/D9sSYHz/2GsZEXtQxU6TDg3PMC9bLkNvMYOGoE9AWW0aJ56xfaTw9
 6RMdPzl/kcQRvvbJTxzcVMVerA+mY3NV/q0AcKA0psx9fTopTd62h+MQRslKF+0UfUM/
 wtS6i0AaUenIJujnZVP5YWr2ZOI8PFumnxZPxczOR5Qpj61i0FJWAWGF6rK/CmDc85v5
 fNCA==
X-Forwarded-Encrypted: i=1;
 AJvYcCVeSkmitkHua2xrp0VUmiXwWwQRxjDprWCzJLiePAjf95CFuI4YoWgw9TlogZ/6LNEG/nUHGTvPwK4V@nongnu.org
X-Gm-Message-State: AOJu0YxZY80doPaW5dBA3Ew+ftQ1aFshC/I85wOb6rV/rBXPl3xY4Xl+
 r4snUpL5Z2/bxbzR+hTFLQt2swQbeLtFJSZZqJVCQ2jllJmY+z5RkR/uCTs7wvT8pCGYUR6SleO
 zZrGndWAgWjer7xS9AxiLN/S/48vOz6Bjn/akad7LWcSG6ZMGwWKCaByNAVlsbli6
X-Gm-Gg: AZuq6aKenGj3H9EN7z8RF6W16ckuuUeV5FDPbhEe+8x2mph0krCksdz442ovKGBGNdN
 3fE67ZAYkPyvTPaXAG5JiWkQPoHWaNuEi2mIMQ88YuB4it0NuXRdln36kkf+hQtsFffBwBL1iMV
 QdbHnm55bNbjP/67HGrsdfB1nSFec3Kod/mXL6VuQqiwhl51FKly02Ae/7aeocOqyBYx4wgqreS
 jt8iU2s1a0WwS8kY2uIxmo5YO6pY11fNIQkXrHSgfJAUmA6mPADtqFdALGhMylkBIu/5mg6tmPu
 xI6bxMilmmZ174Fui06iJHOSWCBrjMB7073RDEZLI+cKAYOKy5+xjIjFBSSprVVdK2IaAzIpenp
 ioxGvWgOvYd/4qfnyFqTnNdGwesJiptlu6t0zvRT0UA==
X-Received: by 2002:a17:903:1249:b0:295:5da6:6011 with SMTP id
 d9443c01a7336-2a870d458cdmr5977545ad.11.1769491023744;
 Mon, 26 Jan 2026 21:17:03 -0800 (PST)
X-Received: by 2002:a17:903:1249:b0:295:5da6:6011 with SMTP id
 d9443c01a7336-2a870d458cdmr5977435ad.11.1769491023393;
 Mon, 26 Jan 2026 21:17:03 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 09/33] i386/kvm: unregister smram listeners prior to vm
 file descriptor change
Date: Tue, 27 Jan 2026 10:45:37 +0530
Message-ID: <20260127051612.219475-10-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491215444154100
Content-Type: text/plain; charset="utf-8"

We will re-register smram listeners after the VM file descriptors has chang=
ed.
We need to unregister them first to make sure addresses and reference count=
ers
work properly.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/kvm.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 346e1ef6f7..e28ab18a14 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -113,6 +113,11 @@ typedef struct {
 static void kvm_init_msrs(X86CPU *cpu);
 static int kvm_filter_msr(KVMState *s, uint32_t msr, QEMURDMSRHandler *rdm=
sr,
                           QEMUWRMSRHandler *wrmsr);
+static int unregister_smram_listener(NotifierWithReturn *notifier,
+                                     void *data, Error** errp);
+NotifierWithReturn kvm_vmfd_change_notifier =3D {
+    .notify =3D unregister_smram_listener,
+};
=20
 const KVMCapabilityInfo kvm_arch_required_capabilities[] =3D {
     KVM_CAP_INFO(SET_TSS_ADDR),
@@ -2749,6 +2754,17 @@ static void register_smram_listener(Notifier *n, voi=
d *unused)
     }
 }
=20
+static int unregister_smram_listener(NotifierWithReturn *notifier,
+                                     void *data, Error** errp)
+{
+    if (!((VmfdChangeNotifier *)data)->pre) {
+        return 0;
+    }
+
+    memory_listener_unregister(&smram_listener.listener);
+    return 0;
+}
+
 /* It should only be called in cpu's hotplug callback */
 void kvm_smm_cpu_address_space_init(X86CPU *cpu)
 {
@@ -3401,6 +3417,8 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
         }
     }
=20
+    kvm_vmfd_add_change_notifier(&kvm_vmfd_change_notifier);
+
     return 0;
 }
=20
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491321; cv=none;
	d=zohomail.com; s=zohoarc;
	b=e2hd39OsZf08+9c07X7/24MOw7U5gEvkBCqD2IDBwI4D9e80Crdgc9d9PffRH1EYuzHIwNfbs7gDWEdbxBVjOV1KODM1nK0+c2gteGrIEF91NggGUvPNtB8aacS8zcjWyCzasz5sDOq7ukymlkK6Ey/axfq5OwxkgZ5rvY2wHTo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491321;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=YuzXnGtIe5+ocaB4DlBWBC8HhEPJq9yVKADc+BsREeM=;
	b=Fk5kd6hoMlb4I5slKIa4wKmAtLHpqrCbTynCebhdd4EenaBi200rJdoOy71dIM8UEqTVG5XLv5lMtk8NEqY7I3nJtJIkU03azhx+fdiecQrhtsA7nMi3Mub21Ik5UeWUKselEjHpNzohcaVFX9k7B321dgBjT8GxpnfFY+JqyNc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491321258712.5693735836018;
 Mon, 26 Jan 2026 21:22:01 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbRy-0006sj-Ie; Tue, 27 Jan 2026 00:17:14 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRv-0006pX-TT
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:13 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRu-0008Mo-AZ
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:11 -0500
Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com
 [209.85.216.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-564-B1_prFv6MFCiN5Cfup8-sw-1; Tue, 27 Jan 2026 00:17:07 -0500
Received: by mail-pj1-f70.google.com with SMTP id
 98e67ed59e1d1-34ab8693a2cso708565a91.0
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:07 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.03
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491029;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=YuzXnGtIe5+ocaB4DlBWBC8HhEPJq9yVKADc+BsREeM=;
 b=XEhG8HDPUAkIrsYm1ILC/nwTVQ/RsM+4CPP6OinWYz1ZIyi+bD2jmIjWR3dGjRixwZWUG7
 OzgVYO/WrxFgxk/NQoeEI06CghrakVIRd/91EQxS5pG81UqK74x+j+s9HSE6rSCT5Hdn9H
 sSUY/l3jRS7uBwWC5YaEUOVk8a2SOv0=
X-MC-Unique: B1_prFv6MFCiN5Cfup8-sw-1
X-Mimecast-MFC-AGG-ID: B1_prFv6MFCiN5Cfup8-sw_1769491027
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491026; x=1770095826; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=YuzXnGtIe5+ocaB4DlBWBC8HhEPJq9yVKADc+BsREeM=;
 b=aouQumPuNJUsBRX01bSQHznDYfmb6LX7qMIUhGzg2s8M4bfhs6hPNT6KVX50O3KJAP
 dmdF0qV0Htd2i7hVKpeI6DNDL/rGKM1spIJeDWK5KrzrEdih2kDTZKNFTaZZQeQfw0Nr
 gpjvf8KHhq7OkN1hNuZn916fWp5WqBpLnByytqmz+Ie4zQHKvhgcu6y/R/LpbIMNR7P1
 aDpJhmfR20BM7nIgoGEndLtRSv029dMIqKL6Yitet8hCcTkLdhDbaR/xVQO/Y4RsKimg
 ApfDhnAjVCLtB/UI7wJNMJ0pU2Yf45LSmiyZBqJ+96Eb2fZVkfCVh72nEK8V2hhKYiqV
 yIdQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491027; x=1770095827;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=YuzXnGtIe5+ocaB4DlBWBC8HhEPJq9yVKADc+BsREeM=;
 b=ApQAR9biO9t30xnEWwaEtjaoUl5vVOtAwz245PrhuY6lKimKQAt6FfhB8z9vJhqv1f
 kKtr66DkHd4Cz0SFnz+GRadfO3UTumtaR4mhE3zUYnDqOsd/C1EMvdre4GuGsws8V+m2
 Yz0SX8WVqXn5wt/k+oS2yPbfZCoTWvlhtd1SeLuUS2zC6sMBdiW7HjPl00LKKMwOnSr/
 nqM3MhmVy4uRUa8mvDsuPj0EYuYldN/1Y0/mpMkVDOUbYfEHEkPErQyWKa8vzWJCMVz6
 xAeWmXTTi0QRIRL37fH4c4zK+Jg0zo8mdIqF/BwWYrlk9MeoBFvGw//31Gesc5w7JIFa
 DeYg==
X-Forwarded-Encrypted: i=1;
 AJvYcCU7/dNtbmBQkcp5srBlE/x9SGZiE4siPKTf+2SrBml5x13vL8X4jq9M17w41R072FUZQozKdGNtcogQ@nongnu.org
X-Gm-Message-State: AOJu0YyR5V++8ZnOuNTp+6M1dZzZgijiduF477goiX8AQm8i8Mh58M/9
 CjknqXIBmIXoMJJ9kgMvTsUKV4/Vu/x3kz9DhE4EANRc0XUMy8CAGxvDmcaZjXNpValSSYkZMsZ
 AQSmfN/R3ENT023meAI6PI/DKwPX1mWTyU7kgslgPrfmq99rHjMiocwvX
X-Gm-Gg: AZuq6aIcpRYj/yR9hxci5tEFlemjgjA8zwSPentIxAp7KcTOrCVAbmqzCs0PjOaIAF8
 bcQ4RYV/Phlmkjr1LU4brqBAWYYSaKNvnjMKCv6KItKhNVSaZgzet5GDr+qjGsEwanXzxTuB5L4
 8yKAl/TpXnNaXRphHRRZu64mLe08YAf8yigRAm12ccvGHTy8zWJ71OqvoCwQctyApdF0c93CTtC
 R6EC8ZAqIUnqJI6iJUJ4rmaWYv5YP6lw9wQVFjxJeElQ/pK9IFKvqUFdm7fjbWGtuR1KgkIzIll
 Wk1AavX6LXwwVw3fyCXjY7FG5i6QA0bOeGr03tdNfljSamTiQHx2+oz4yZmWbnNd3EZQP5G5W2t
 YLNOdJT2unscrcSJ4xqI3j0jKtLSZX5PRUhmAqhnJnQ==
X-Received: by 2002:a17:90a:d603:b0:34a:b4a2:f0c8 with SMTP id
 98e67ed59e1d1-353feda7c73mr651591a91.30.1769491026566;
 Mon, 26 Jan 2026 21:17:06 -0800 (PST)
X-Received: by 2002:a17:90a:d603:b0:34a:b4a2:f0c8 with SMTP id
 98e67ed59e1d1-353feda7c73mr651570a91.30.1769491026174;
 Mon, 26 Jan 2026 21:17:06 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 10/33] kvm/i386: implement architecture support for kvm
 file descriptor change
Date: Tue, 27 Jan 2026 10:45:38 +0530
Message-ID: <20260127051612.219475-11-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491322733158500
Content-Type: text/plain; charset="utf-8"

When the kvm file descriptor changes as a part of confidential guest reset,
some architecture specific setups including SEV/SEV-SNP/TDX specific setups
needs to be redone. These changes are implemented as a part of the
kvm_arch_on_vmfd_change() callback which was introduced previously.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/kvm.c        | 82 ++++++++++++++++++++++++++----------
 target/i386/kvm/trace-events |  1 +
 2 files changed, 60 insertions(+), 23 deletions(-)

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index e28ab18a14..e27ccff7a6 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -3269,14 +3269,52 @@ static int kvm_vm_enable_energy_msrs(KVMState *s)
     return 0;
 }
=20
+static int xen_init_wrapper(MachineState *ms, KVMState *s);
+
 int kvm_arch_on_vmfd_change(MachineState *ms, KVMState *s)
 {
-    abort();
+    int ret;
+
+    ret =3D kvm_arch_init(ms, s);
+    if (ret < 0) {
+        return ret;
+    }
+
+    if (object_dynamic_cast(OBJECT(ms), TYPE_X86_MACHINE)) {
+        X86MachineState *x86ms =3D X86_MACHINE(ms);
+
+        if (x86_machine_is_smm_enabled(x86ms)) {
+            memory_listener_register(&smram_listener.listener,
+                                     &smram_address_space);
+        }
+        kvm_set_max_apic_id(x86ms->apic_id_limit);
+    }
+
+    trace_kvm_arch_on_vmfd_change();
+    return 0;
+}
+
+static int xen_init_wrapper(MachineState *ms, KVMState *s)
+{
+    int ret =3D 0;
+#ifdef CONFIG_XEN_EMU
+    if (!object_dynamic_cast(OBJECT(ms), TYPE_PC_MACHINE)) {
+        error_report("kvm: Xen support only available in PC machine");
+        return -ENOTSUP;
+    }
+    /* hyperv_enabled() doesn't work yet. */
+    uint32_t msr =3D XEN_HYPERCALL_MSR;
+    ret =3D kvm_xen_init(s, msr);
+#else
+    error_report("kvm: Xen support not enabled in qemu");
+    return -ENOTSUP;
+#endif
+    return ret;
 }
=20
 bool kvm_arch_supports_vmfd_change(void)
 {
-    return false;
+    return true;
 }
=20
 int kvm_arch_init(MachineState *ms, KVMState *s)
@@ -3284,6 +3322,7 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
     int ret;
     struct utsname utsname;
     Error *local_err =3D NULL;
+    static bool first =3D true;
=20
     /*
      * Initialize confidential guest (SEV/TDX) context, if required
@@ -3312,21 +3351,10 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
     }
=20
     if (s->xen_version) {
-#ifdef CONFIG_XEN_EMU
-        if (!object_dynamic_cast(OBJECT(ms), TYPE_PC_MACHINE)) {
-            error_report("kvm: Xen support only available in PC machine");
-            return -ENOTSUP;
-        }
-        /* hyperv_enabled() doesn't work yet. */
-        uint32_t msr =3D XEN_HYPERCALL_MSR;
-        ret =3D kvm_xen_init(s, msr);
+        ret =3D xen_init_wrapper(ms, s);
         if (ret < 0) {
             return ret;
         }
-#else
-        error_report("kvm: Xen support not enabled in qemu");
-        return -ENOTSUP;
-#endif
     }
=20
     ret =3D kvm_get_supported_msrs(s);
@@ -3353,16 +3381,17 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
         return ret;
     }
=20
-    /* Tell fw_cfg to notify the BIOS to reserve the range. */
-    e820_add_entry(KVM_IDENTITY_BASE, 0x4000, E820_RESERVED);
-
+    if (first) {
+        /* Tell fw_cfg to notify the BIOS to reserve the range. */
+        e820_add_entry(KVM_IDENTITY_BASE, 0x4000, E820_RESERVED);
+    }
     ret =3D kvm_vm_set_nr_mmu_pages(s);
     if (ret < 0) {
         return ret;
     }
=20
     if (object_dynamic_cast(OBJECT(ms), TYPE_X86_MACHINE) &&
-        x86_machine_is_smm_enabled(X86_MACHINE(ms))) {
+        x86_machine_is_smm_enabled(X86_MACHINE(ms)) && first) {
         smram_machine_done.notify =3D register_smram_listener;
         qemu_add_machine_init_done_notifier(&smram_machine_done);
     }
@@ -3409,15 +3438,22 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
                 return ret;
             }
=20
-            ret =3D kvm_msr_energy_thread_init(s, ms);
-            if (ret < 0) {
-                error_report("kvm : error RAPL feature requirement not met=
");
-                return ret;
+            if (first) {
+                ret =3D kvm_msr_energy_thread_init(s, ms);
+                if (ret < 0) {
+                    error_report("kvm : "
+                                 "error RAPL feature requirement not met");
+                    return ret;
+                }
             }
         }
     }
=20
-    kvm_vmfd_add_change_notifier(&kvm_vmfd_change_notifier);
+    if (first) {
+        kvm_vmfd_add_change_notifier(&kvm_vmfd_change_notifier);
+    }
+
+    first =3D false;
=20
     return 0;
 }
diff --git a/target/i386/kvm/trace-events b/target/i386/kvm/trace-events
index 74a6234ff7..2d213c9f9b 100644
--- a/target/i386/kvm/trace-events
+++ b/target/i386/kvm/trace-events
@@ -6,6 +6,7 @@ kvm_x86_add_msi_route(int virq) "Adding route entry for vir=
q %d"
 kvm_x86_remove_msi_route(int virq) "Removing route entry for virq %d"
 kvm_x86_update_msi_routes(int num) "Updated %d MSI routes"
 kvm_hc_map_gpa_range(uint64_t gpa, uint64_t size, uint64_t attributes, uin=
t64_t flags) "gpa 0x%" PRIx64 " size 0x%" PRIx64 " attributes 0x%" PRIx64 "=
 flags 0x%" PRIx64
+kvm_arch_on_vmfd_change(void) ""
=20
 # xen-emu.c
 kvm_xen_hypercall(int cpu, uint8_t cpl, uint64_t input, uint64_t a0, uint6=
4_t a1, uint64_t a2, uint64_t ret) "xen_hypercall: cpu %d cpl %d input %" P=
RIu64 " a0 0x%" PRIx64 " a1 0x%" PRIx64 " a2 0x%" PRIx64" ret 0x%" PRIx64
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491142; cv=none;
	d=zohomail.com; s=zohoarc;
	b=bXVm14b9l87qTnGHqhQSdfPDatpcvwIHRFjx6jkwrq3E0VT5RoFA8JxrLMFshRkEbioBsAS6tgJ2YasAeAPJeZz7A8SXhU8A6Nxedb6ahUD+Xg1Fu/cWSOa3IPWxRbc93/r+/nWUjLE1BBo1OXMpkimXpo9LcsIlDfRyg0iUk50=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491142;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=vXSC3s03lHg3/fATZH9v66NS7KDKTjgOb+WvXAKQUM4=;
	b=BQnM+AixqFsj/M+ybOWcPtGO5j3Tt96lxGkFE6nrlJYZVCzVP8AcI2LaeY8HwhEmVBmlRyenmqlrRwA7qUU62tdPZufXqIWnUGxF4rOl5Xi/MdA5EsR5EvoCqWEMwTQzSSO8B4OJQsZj1Lg3g4IZKO6nDLcSMxYAxqBs/0CFaLQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491142841351.5095966800809;
 Mon, 26 Jan 2026 21:19:02 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbS1-0006vc-AW; Tue, 27 Jan 2026 00:17:17 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRz-0006t5-Gg
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:15 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbRx-0008NJ-Nh
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:14 -0500
Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com
 [209.85.216.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-371-gzRjlQKpMUWAvIkhHKHpiw-1; Tue, 27 Jan 2026 00:17:11 -0500
Received: by mail-pj1-f70.google.com with SMTP id
 98e67ed59e1d1-34e5a9f0d6aso4699344a91.0
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:10 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.06
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491033;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=vXSC3s03lHg3/fATZH9v66NS7KDKTjgOb+WvXAKQUM4=;
 b=ijgv0re5KFKTLUg2VErmfZOVXQWLBgrhOrCglGGyw7ZY8X6bFDHTgmj2urtw5tz9J4hhiT
 KjmvFEQMaHyXQ4gjkqRqmodSdJMn0T3anKlAI6hCTqzEn+leMLap5QsJSemo01FVTvgEVe
 k5so6l8BS5jCdh8nwE/Bx+JFVyvr2R4=
X-MC-Unique: gzRjlQKpMUWAvIkhHKHpiw-1
X-Mimecast-MFC-AGG-ID: gzRjlQKpMUWAvIkhHKHpiw_1769491030
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491030; x=1770095830; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=vXSC3s03lHg3/fATZH9v66NS7KDKTjgOb+WvXAKQUM4=;
 b=kXSXW1UNm6WFuiXvfof74xOjkhnI64PuyfqasabVc2ggPU8dxL2k0xrQXO3MASeBR/
 2Ac1djvYA8pWHkW2HPKSw0pD9m91LJsv1NQgs02/KwpkdnMTtdKeEiPTZ1bXK0bdyLG4
 0Ro40uSmx5ry/SWAWsCwC6H8fLEj2efP3WlnIID7jwtnBP8Tg4QWvFfYCRudjPB/bDwz
 pGSDM3QV5GBn1rUyUJ2wGbJ/dPsq1+OUAV9deKZhYxOfOBgFit2/ppsGDM/ShUH8dicu
 Mzku++rm6uWU267cDMhFO12wbdFzb8LpCZJ/liW1QyP4cDEcEEnb5z047e/BpNTUR+FP
 rBKQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491030; x=1770095830;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=vXSC3s03lHg3/fATZH9v66NS7KDKTjgOb+WvXAKQUM4=;
 b=SxufRi3DO75JR7hlizcR1N1BeijiiNNBsEUVZqUt7PiOz8mB5c3C6zrPoHiQWGyQ0P
 Nl2A99yWTppQMFOQUgchh8qtBO2lCA2uBSA2LT5xtyvA45GBAkX0NTL8zkiYLsmte/sE
 0TqIoFMpHcyJFWmuqr+I0bkDUChzgkpp5zl+PAiZeuhXGGmTvBBiNkHQvvu+mvwLTush
 XLsVXLGDeY/Pzl/UsHm7clZ544rPgZJSOjaK+lt7sudhKDlmzUK05HWZ3MFXg+m+NkTf
 2fh6uY/NRNcBgRK7Cae2Uq76Oc3525tN9yx0bH0xjqfksuTMZxi74O2eHpeXHf/Sm2ix
 1cDA==
X-Forwarded-Encrypted: i=1;
 AJvYcCWKcTrO8EDGusvxZlza8TNKN1bGFUhj1u+6zYjquWjOUagMzRTnEM+Ij1QjqyDzHPkVengHum6Uni2c@nongnu.org
X-Gm-Message-State: AOJu0Ywf5yX5/4jIKz3BYNfbDhIeOcKlLQUz+OkPf/e9mfaY+lrQ7SpI
 mP6rnYhF7NmbH3eneT0RLPtkLJTOagQqI/vwJfkIDOpaU9JbbcClgtOZJ7kCQB94W5oI1q/xxxf
 9beQYkzB7kLtPtS8EGme2qzTqGrPbYAHxequ/PnoPt4An3zw3+4VBtxr1M+31A0/0
X-Gm-Gg: AZuq6aJNppZTpPpI3y7ULwVq7oC01eQRVwEkyqo08dtfQ4AYfGhIG3STyfiy/ZRh5Sp
 6i/hpOerq/RHigDV5w48x9kIs97bJ2tJR9Iwi5hGeMkaUm/XJcrLK0qxrIDeAwCUq1I3/ro65EV
 kiUE9/2G+kxf5tsxaiOQTYpQyCMEbl8xT7yjJ3rOlQYg1nR7T75eRhcfpIppw+37teS0Ryielsr
 cFV+FcAq9/2MzLsUm9Z8lgN5R99So7HCwg5l4kCSRZhPjKM6FwSKtmtgQCahA34tD4TxUYc80tt
 sKIzz/FvKFflr5LzV7PP3cFWD1Od79WUpk4QXKJ2B/uixp1/1AnPUXerMjZfIkWUz2fLLVAg7f+
 j6J9QEFnBcZTSC8w4vDe0c3T+g2/bJ8PI4CEw5PZylA==
X-Received: by 2002:a17:90b:28d0:b0:343:43bf:bcd7 with SMTP id
 98e67ed59e1d1-353ffb41134mr476683a91.13.1769491029742;
 Mon, 26 Jan 2026 21:17:09 -0800 (PST)
X-Received: by 2002:a17:90b:28d0:b0:343:43bf:bcd7 with SMTP id
 98e67ed59e1d1-353ffb41134mr476669a91.13.1769491029367;
 Mon, 26 Jan 2026 21:17:09 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>,
 "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 11/33] hw/i386: refactor x86_bios_rom_init for reuse in
 confidential guest reset
Date: Tue, 27 Jan 2026 10:45:39 +0530
Message-ID: <20260127051612.219475-12-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491144492154100
Content-Type: text/plain; charset="utf-8"

For confidential guests, bios image must be reinitialized upon reset. This
is because bios memory is encrypted and hence once the old confidential
kvm context is destroyed, it cannot be decrypted. It needs to be reinitiliz=
ed.
In order to do that, this change refactors x86_bios_rom_init() code so that
parts of it can be called during confidential guest reset.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/x86-common.c  | 51 ++++++++++++++++++++++++++++++++-----------
 include/hw/i386/x86.h |  1 -
 2 files changed, 38 insertions(+), 14 deletions(-)

diff --git a/hw/i386/x86-common.c b/hw/i386/x86-common.c
index c1c9224039..4469b4e152 100644
--- a/hw/i386/x86-common.c
+++ b/hw/i386/x86-common.c
@@ -1024,17 +1024,11 @@ void x86_isa_bios_init(MemoryRegion *isa_bios, Memo=
ryRegion *isa_memory,
     memory_region_set_readonly(isa_bios, read_only);
 }
=20
-void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar=
e,
-                       MemoryRegion *rom_memory, bool isapc_ram_fw)
+static int get_bios_size(X86MachineState *x86ms,
+                         const char *bios_name, char *filename)
 {
-    const char *bios_name;
-    char *filename;
     int bios_size;
-    ssize_t ret;
=20
-    /* BIOS load */
-    bios_name =3D MACHINE(x86ms)->firmware ?: default_firmware;
-    filename =3D qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
     if (filename) {
         bios_size =3D get_image_size(filename, NULL);
     } else {
@@ -1044,6 +1038,21 @@ void x86_bios_rom_init(X86MachineState *x86ms, const=
 char *default_firmware,
         (bios_size % 65536) !=3D 0) {
         goto bios_error;
     }
+
+    return bios_size;
+
+ bios_error:
+    fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name);
+    exit(1);
+}
+
+static void load_bios_from_file(X86MachineState *x86ms, const char *bios_n=
ame,
+                                char *filename, int bios_size,
+                                bool isapc_ram_fw)
+{
+    ssize_t ret;
+
+    /* BIOS load */
     if (machine_require_guest_memfd(MACHINE(x86ms))) {
         memory_region_init_ram_guest_memfd(&x86ms->bios, NULL, "pc.bios",
                                            bios_size, &error_fatal);
@@ -1072,7 +1081,26 @@ void x86_bios_rom_init(X86MachineState *x86ms, const=
 char *default_firmware,
             goto bios_error;
         }
     }
-    g_free(filename);
+
+    return;
+
+ bios_error:
+    fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name);
+    exit(1);
+}
+
+void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar=
e,
+                       MemoryRegion *rom_memory, bool isapc_ram_fw)
+{
+    int bios_size;
+    const char *bios_name;
+    char *filename;
+
+    bios_name =3D MACHINE(x86ms)->firmware ?: default_firmware;
+    filename =3D qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
+
+    bios_size =3D get_bios_size(x86ms, bios_name, filename);
+    load_bios_from_file(x86ms, bios_name, filename, bios_size, isapc_ram_f=
w);
=20
     if (!machine_require_guest_memfd(MACHINE(x86ms))) {
         /* map the last 128KB of the BIOS in ISA space */
@@ -1084,9 +1112,6 @@ void x86_bios_rom_init(X86MachineState *x86ms, const =
char *default_firmware,
     memory_region_add_subregion(rom_memory,
                                 (uint32_t)(-bios_size),
                                 &x86ms->bios);
+    g_free(filename);
     return;
-
-bios_error:
-    fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name);
-    exit(1);
 }
diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h
index 0dffba95f9..bfdf97640d 100644
--- a/include/hw/i386/x86.h
+++ b/include/hw/i386/x86.h
@@ -122,7 +122,6 @@ void x86_cpu_unplug_request_cb(HotplugHandler *hotplug_=
dev,
                                DeviceState *dev, Error **errp);
 void x86_cpu_unplug_cb(HotplugHandler *hotplug_dev,
                        DeviceState *dev, Error **errp);
-
 void x86_isa_bios_init(MemoryRegion *isa_bios, MemoryRegion *isa_memory,
                        MemoryRegion *bios, bool read_only);
 void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar=
e,
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491254; cv=none;
	d=zohomail.com; s=zohoarc;
	b=TUqCOyLQY523MpMAb3+W0QYxC6OJZh3nofyj7+XQyovCmDSYpDWO16HF32ilQDEcnqCjWacZAyAlc4b7GA+RItKfH6iIR64LvKTHoCgSo1/gDnqPcjvBzpJCyoisFS8WA9FcwRLz4xzVFQ4PZpa6yqNHSHyYK6c6XV3U6uRfd1c=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491254;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=kRVBCkNbidTWYvuOZxhT+yCMsNW1MOiuVCAJ1n0MWJQ=;
	b=LXq7RVghWeZdyPL8HoD2YXEE98CVbKI5we+ME9IQVCl251hsF3VV0DXHtbCIWX5oMFIdFgRup4Nv+4x5YV2MB/pQlhgSUF767kklKfHfpnmNmBGJ9VqH1tT6R3h+pbBZjIG12Gn988riJOisxSLRVJHJd2wJheTxD2I/Iq9AUO4=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491254227383.581394196582;
 Mon, 26 Jan 2026 21:20:54 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbS4-0006xg-JA; Tue, 27 Jan 2026 00:17:20 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbS2-0006w7-5E
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:18 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbS0-0008Nt-PH
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:17 -0500
Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com
 [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-644-r7Z7XJZ3NCSZ1jDgeJmUew-1; Tue, 27 Jan 2026 00:17:14 -0500
Received: by mail-pl1-f200.google.com with SMTP id
 d9443c01a7336-2a755a780caso38505125ad.0
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:13 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.09
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491036;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=kRVBCkNbidTWYvuOZxhT+yCMsNW1MOiuVCAJ1n0MWJQ=;
 b=ZpGhq4/mXZqjwELPHaXriSf/gacI4mvabO5mRPHnP9YVne6v+lcZH0uGPtyw+/HYIhwpzq
 3VeqoxHEtnHJauL9n6CTHb9uAnQT0ceEmToQtl7VMwgGIY81BpWi5tcAZ5MkT22Cyymnyt
 m8rq2kjh8wLqft3NQNyO9sqHFIaIQg0=
X-MC-Unique: r7Z7XJZ3NCSZ1jDgeJmUew-1
X-Mimecast-MFC-AGG-ID: r7Z7XJZ3NCSZ1jDgeJmUew_1769491033
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491033; x=1770095833; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=kRVBCkNbidTWYvuOZxhT+yCMsNW1MOiuVCAJ1n0MWJQ=;
 b=g7TGZynkV6H96WyZMODJndbAvAQAh98PhKEnz8qLEdcyNbSMyp4xGjQ3WY96nva4xs
 do4Vv7jYdQ5hj/LPqKYLEbTnGjYncUoU+DTX/BOGItE3/9nAfZMV18LlqmZhG32lQQ2z
 1Csvpho3majs8IzSMHUwzEsl7hENwMo0E+VNUrdGBy03YLmbCCDCL2z4d4m55MSxNYAZ
 ghF2hk9xmCoz5LXXTwz9VX8ONZ3Y1ji71EkgcsGH7NGCoRtMwGso6ugYaj1t/1io0T/x
 oUqj5E6+KmqYVMQy5nfZ4vS4KC7BwC2KUdbypisHTwWOSVBihBpnUnAum58R50XccMeP
 7GWw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491033; x=1770095833;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=kRVBCkNbidTWYvuOZxhT+yCMsNW1MOiuVCAJ1n0MWJQ=;
 b=W6ijCbupnyUeBhQ+ovuWBxjVVbyAIReON7P6zj3pcCNvQefBv1lzpk524KVkGk4Lc4
 xLyAgSRFLJKaz8TXsctQ5q8u7GF+z5fJHFhDVnl4S9+qzYVuroYoyrIBFEMXwrAzfik3
 zfrCZGvBGOgTiGb0Zz+CT6MQ0/1GxeKNc14H2jAUGKdKi9F8dOtwa9oGLBpQAqoVM75l
 rJS9zGabgNAHdm8+egn7CRTfPwDukefO6GM1BBTnWXazyw1yNf7jr61wSnD9pBnZgu0E
 z2OT3F3kYVYz/LDHpMiR3N4pRo+fHAubuGPWeGe9G6EPSZL8g5If+ykfqKau8lalzQyV
 pdmg==
X-Forwarded-Encrypted: i=1;
 AJvYcCUBTmqc4av8PnJwvrWFfuXLkMbxfCy71XoNjchUT1KWRjc8g8s/+tcgfmhRnNS5c+kgDAWmkwMCmHKq@nongnu.org
X-Gm-Message-State: AOJu0YzJMwMCE23gVWW7efXyTwmX5J1PZt1kU9cTD4PuksRHGrM+9qSE
 E135qYlNCi974M+tIKvLhB3QMksSel/GDWiFMAuA4PdVBWh9GqdOTBaHroWF2/3Qpk62xkiytKl
 0/RPH6EX0D6HaOnUnFqTCVDcM2LvDA9qFxQ4NHERX5Opvr4XvNVX4C5rZ
X-Gm-Gg: AZuq6aJtUbmJxwP/O/qGtjRd7RABteQGnJwmOxbgFLEFCsqgNNvTwoDIMrsfWwF4TtR
 cfpOYpxQ5IKvhJEQOeYz5k+R2EFFMSD6TMaZuzwWC1zs85F+mn9D72oBdQspYpzVBKoGbWX3uXp
 pMhSJBemzTB9qe9AzLxCwF3kpLXWEx9l5FlVlJGj+4kco6bD4cDqcCPdbhuYIgM4VKabwGcVM4T
 xth3bTouMzT2Hm19lXO8Pm00gJNrgyaK+pyfdP/p7mLfA5bnHoI0JCv4peY9PB/2ipOSQrmo4up
 cslorCLk4PcnLJZuVX/J+faxXzHUHb8T7s6gLAddX/yk4TlPXmi/cqQ/720lcAF52CyPxytxzQ9
 W0LY0hJ2KUzMxBLwBb48/1bKW9oWjwP6awOj0jlvwRw==
X-Received: by 2002:a17:90a:e705:b0:34c:2f01:2262 with SMTP id
 98e67ed59e1d1-353ff8b3d60mr463025a91.3.1769491032989;
 Mon, 26 Jan 2026 21:17:12 -0800 (PST)
X-Received: by 2002:a17:90a:e705:b0:34c:2f01:2262 with SMTP id
 98e67ed59e1d1-353ff8b3d60mr463018a91.3.1769491032606;
 Mon, 26 Jan 2026 21:17:12 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 12/33] hw/i386: export a new function x86_bios_rom_reload
Date: Tue, 27 Jan 2026 10:45:40 +0530
Message-ID: <20260127051612.219475-13-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491255848154100
Content-Type: text/plain; charset="utf-8"

Confidential guest smust reload their bios rom upon reset. This is because
bios memory is encrypted and upon reset, the contents of the old bios memory
is lost and cannot be re-used. To this end, export a new x86 function
x86_bios_rom_reload() to reload the bios again. This function will be used =
in
the subsequent patches.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
Reviewed-by: Bernhard Beschow <shentey@gmail.com>
---
 hw/i386/x86-common.c  | 21 +++++++++++++++++++++
 include/hw/i386/x86.h |  1 +
 2 files changed, 22 insertions(+)

diff --git a/hw/i386/x86-common.c b/hw/i386/x86-common.c
index 4469b4e152..c0a540495e 100644
--- a/hw/i386/x86-common.c
+++ b/hw/i386/x86-common.c
@@ -1089,6 +1089,27 @@ static void load_bios_from_file(X86MachineState *x86=
ms, const char *bios_name,
     exit(1);
 }
=20
+void x86_bios_rom_reload(X86MachineState *x86ms)
+{
+    int bios_size;
+    const char *bios_name;
+    char *filename;
+
+    if (!x86ms->bios.addr) {
+        /* if -bios is not used */
+        return;
+    }
+
+    bios_name =3D MACHINE(x86ms)->firmware ?: "bios.bin";
+    filename =3D qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
+
+    bios_size =3D get_bios_size(x86ms, bios_name, filename);
+
+    void *ptr =3D memory_region_get_ram_ptr(&x86ms->bios);
+    load_image_size(filename, ptr, bios_size);
+    x86_firmware_configure(0x100000000ULL - bios_size, ptr, bios_size);
+}
+
 void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar=
e,
                        MemoryRegion *rom_memory, bool isapc_ram_fw)
 {
diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h
index bfdf97640d..5bb052cd67 100644
--- a/include/hw/i386/x86.h
+++ b/include/hw/i386/x86.h
@@ -122,6 +122,7 @@ void x86_cpu_unplug_request_cb(HotplugHandler *hotplug_=
dev,
                                DeviceState *dev, Error **errp);
 void x86_cpu_unplug_cb(HotplugHandler *hotplug_dev,
                        DeviceState *dev, Error **errp);
+void x86_bios_rom_reload(X86MachineState *x86ms);
 void x86_isa_bios_init(MemoryRegion *isa_bios, MemoryRegion *isa_memory,
                        MemoryRegion *bios, bool read_only);
 void x86_bios_rom_init(X86MachineState *x86ms, const char *default_firmwar=
e,
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491141; cv=none;
	d=zohomail.com; s=zohoarc;
	b=VjGhIYD0BKQc4jEJvZ1qnpfU3LcCo8KMkgmGX8t9CvJZwPnt5+X83/U37Fv+I1XIqgNhOBbaJEBoJBrHa6m20e1SsrAatIgcI1ObkiDI9QE1hVjD5Uy0gDeO95DrNfV1w+AG86R7kqFZ0kpnfbDcOh0f2O4HFatzBKNZ/k5WQiA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491141;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=dYjm+cwYmX//ogmaWGW851MLQ4JMvXhT/HU+YBIFrsE=;
	b=UXnM7an6NJ2i1v8baXe8wW0uphH68CtVdBcQKrQEH4x7CM6/qWsBLq16qvr0QCtj+q21QmSdkqSmR6r8Atw2Xd8HUpMuRDeHX3jbpSJcn/YbuWJmKTKCwOv0Zdfia9sfn2lH268d9QCTlkc7xVu07J0sUIe3a1uj0sgiV3FOQP8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491141912101.18217465356463;
 Mon, 26 Jan 2026 21:19:01 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbS8-0006zD-G2; Tue, 27 Jan 2026 00:17:24 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbS5-0006yK-Nr
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:21 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbS4-0008PA-3c
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:21 -0500
Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com
 [209.85.216.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-107-vtyEWKVyN6yIB95ErzlUvQ-1; Tue, 27 Jan 2026 00:17:16 -0500
Received: by mail-pj1-f72.google.com with SMTP id
 98e67ed59e1d1-352ec74a925so514395a91.2
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:16 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.13
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491039;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=dYjm+cwYmX//ogmaWGW851MLQ4JMvXhT/HU+YBIFrsE=;
 b=fpK1AqFpSLQ00g5gPihwql3fqLaMbqqUm4mW0cUfCctunNaHx1FTc2vlJbI1usDw/NOxlv
 DzGRitGBMauFRcFuoqBkyxhnVJLjATMixjO7zQrfqCY/t3xRl1p/A/zw7xZuzEOaAFWIll
 IBIm3LTZrSOeglnI8QPPB+XBrsqQINU=
X-MC-Unique: vtyEWKVyN6yIB95ErzlUvQ-1
X-Mimecast-MFC-AGG-ID: vtyEWKVyN6yIB95ErzlUvQ_1769491036
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491036; x=1770095836; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=dYjm+cwYmX//ogmaWGW851MLQ4JMvXhT/HU+YBIFrsE=;
 b=YUKZw4Hml5Gm82ZngDiR2YQo/hkYDxydMG0gbPfqL5mSCJaFartv2BexhgN2+6NseE
 NflgPbN4NDz1oYQZqr83lyL1gYumAK4p+/T7y42IdpFW+uSY57Y6VlLQYx4M9MbQ1jWm
 8+tJmhj9UNX7jyUbBE/YzFZsn+M6Da6y4rdraarx4G1YmpRjJ1uPDZqikIhpLqnPY8SU
 p3XH50RNTUuOXU8qc1SN6t0NojSR50iGIpdAyhFVoq+UKxjjzXQWO1aFIyuTC7DcnCdZ
 lA9ggXThSdF/6EQOHrC7jxownJDRY+Rpw1hZ6gbYmevzw5vx39OnBsrW98Ym3AZ+NdVa
 aywg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491036; x=1770095836;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=dYjm+cwYmX//ogmaWGW851MLQ4JMvXhT/HU+YBIFrsE=;
 b=jigTFaKQY0ElZAjauf4lpRDnyh1n9QSbm4hVrvxrH+O7F4tsMEEXSYbJxqtXftUx4D
 K36LRpU9iyuNZ8XCWYSKHlHewckRAO3NpQ8AxErxqNDevZUC2j7H2msl6ox+hhqDw6Wb
 Xpoa3f/fuaQKtPckoCvnI9vJhlW6xsX57WpCO/FfzyAKQ5tJTOIFqiFIr4DlJCHP2GxI
 +hOAuL1QiLs6ApkpIOziD/bYLHL/BfVqQQ3kz9ncUnW0H85DrcRO4YSOzMhtP7KMZNNo
 zRd/mNnn5v71TAU2DldgiWeWAhTQp7pF++C3jmTYdF/JPXq7Dv/KQBhRSoBFG0WJc1VV
 fBxQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCVIPyvi9KNmU66IDuDh7PMcENpa04/ptHJcx1r11GBWpkHd8FoK33LTSTS+1ii27+HH6Gvl8y6rrVjK@nongnu.org
X-Gm-Message-State: AOJu0YxKSpfVxa+1SpNuDEN6Xby1ezIcd3E/1oRHgkLSQPrUvmGDY/uI
 IY404vZtsKTB4utGOl/SuteAUW00EbmxDVJq8tkLtwniF57fO6MN+9xDQ7h8k4y3i3cXs/kWllH
 62Q1ZzSmCVovKe03r4Cj+twf4hD5hQMFiq/WumkYkRwellAt8aEuDZwON9gQIC6+a
X-Gm-Gg: AZuq6aL1dIIMGKz8k/XQ4m+woYFWvSsEY2V39fNy5VYOOBonChRcsBJyltV6yvVWgoV
 L3s+DVK3ym8fzrQrshOdxm28SWoVn06ChjO6bdifg7YBRHU69im7v6m9UubrnklXMKZ5ueTcXZa
 T1VBKEt4iXYQtCEFQcfqYZ4UsAUnSm4kni3UQL/kZr4eq3tpRjs8RCui7GTJdTp7zIG8rDc6KwP
 CQb1URwQtJMudn+JrXxuzCutRbi19gHmzLCL8NaIbHv8AkpkZ2ROy1siqiMUFRLtHPX5Ss1Q4ws
 U2BRKrSPyyLgVPithcxSxmFfaLDfqmKctalGQc4HCQLgY7sNVR4auwDNdykIhnZTzTmEChzWgJq
 b71tJiwJcpUBhxz5/8SB0kT1qwPMrydxevdLjMuzsKQ==
X-Received: by 2002:a17:90a:d603:b0:34a:b4a2:f0c8 with SMTP id
 98e67ed59e1d1-353feda7c73mr651963a91.30.1769491035652;
 Mon, 26 Jan 2026 21:17:15 -0800 (PST)
X-Received: by 2002:a17:90a:d603:b0:34a:b4a2:f0c8 with SMTP id
 98e67ed59e1d1-353feda7c73mr651949a91.30.1769491035342;
 Mon, 26 Jan 2026 21:17:15 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 13/33] kvm/i386: reload firmware for confidential guest
 reset
Date: Tue, 27 Jan 2026 10:45:41 +0530
Message-ID: <20260127051612.219475-14-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491143828158500
Content-Type: text/plain; charset="utf-8"

When IGVM is not being used by the confidential guest, the guest firmware h=
as
to be reloaded explictly again into memory. This is because, the memory into
which the firmware was loaded before reset was encrypted and is thus lost
upon reset. When IGVM is used, it is expected that the IGVM will contain the
guest firmware and the execution of the IGVM directives will set up the gue=
st
firmware memory.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/kvm.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index e27ccff7a6..38193ea845 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -3282,7 +3282,14 @@ int kvm_arch_on_vmfd_change(MachineState *ms, KVMSta=
te *s)
=20
     if (object_dynamic_cast(OBJECT(ms), TYPE_X86_MACHINE)) {
         X86MachineState *x86ms =3D X86_MACHINE(ms);
-
+        /*
+         * For confidential guests, reload bios ROM if IGVM is not specifi=
ed.
+         * If an IGVM file is specified then the firmware must be provided
+         * in the IGVM file.
+         */
+        if (ms->cgs && !x86ms->igvm) {
+                x86_bios_rom_reload(x86ms);
+        }
         if (x86_machine_is_smm_enabled(x86ms)) {
             memory_listener_register(&smram_listener.listener,
                                      &smram_address_space);
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491054; cv=none;
	d=zohomail.com; s=zohoarc;
	b=acEqyTxAouSSl+zdZuPBPdFU1q8xLJQ8R2sJuZ3biVOlAlHyHP8krHmeTnV+OXT5pBoGpJOe0OJtKsf6CWD/NHfPmz/JhsdhQNW1ZIF4Z4NUfDpkG+z/HVoIVhzSb8celdif1ml2mdDNlzWJ9AheWHg4PYAqbFXiI+US4l1HoLw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491054;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=ZdZcekSc5vy8wLxJHCJ2z+EqJ/GXzJFP2NRW8mt0sAY=;
	b=fmwBeJVXrHnbB66jQ3JSBVXJF0gQhcO24ke2ixICExWgaSqL75Cttx3pdSBk91jSt0eywm4TNwg2hfolrHitie8/wzP/FP8AGcQQu2zzAWrKTpQjawakJ0LvfIp9FNxXz9d6O9ojvAirJ+3nFbJVwWZY2YHPlg113cmce9iL04g=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491054689517.875704331335;
 Mon, 26 Jan 2026 21:17:34 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbS9-0006zK-Qc; Tue, 27 Jan 2026 00:17:25 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbS7-0006yt-Tl
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:23 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbS6-0008Pu-3p
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:23 -0500
Received: from mail-pj1-f71.google.com (mail-pj1-f71.google.com
 [209.85.216.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-464-DZoj1i5rNyq2NsyATB58pw-1; Tue, 27 Jan 2026 00:17:19 -0500
Received: by mail-pj1-f71.google.com with SMTP id
 98e67ed59e1d1-34ea5074935so4455280a91.0
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:19 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.15
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491041;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=ZdZcekSc5vy8wLxJHCJ2z+EqJ/GXzJFP2NRW8mt0sAY=;
 b=fFD/tUkqbMsxSNXbtMlS14iCNJHdH5wwy/rGXpdNGInlzdGdXKuoYr26CCgS74/x8kzzES
 VzFHQCH4IyItDe1og6S3D2atSxFrsXFbDtMKlNhdFZMLtw7yr0XUS0AFYZN2QxIf4rW5iG
 7d7NCDrKoE27WFnxuRvg/ahjTRxOJ2A=
X-MC-Unique: DZoj1i5rNyq2NsyATB58pw-1
X-Mimecast-MFC-AGG-ID: DZoj1i5rNyq2NsyATB58pw_1769491039
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491038; x=1770095838; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=ZdZcekSc5vy8wLxJHCJ2z+EqJ/GXzJFP2NRW8mt0sAY=;
 b=GF+Yr/pD/4ie/PoUZzrSTOUZ1ZQpIqpJ+fkxWPB5ZxtR0lxuDZJbA664G3iS2YnolH
 5BVnWujLQf1PfoQRL58Xjs0QjK1bLa+vavgnNxf12JTIIRDx6CsXQJBStTjoTfz6/qp3
 6wUSbp6sa0TSo73dNO1r3F29y4HHLlzECS3cvnGtJuyVDEgDFjlLaCr3wBLd5Kr0TZ3t
 atHxU47xUwz1TDXvGo+HD1yfGr28MPYs6hTDveV9Qgdjkzi+usJ9gNJObyYvfp25Be9c
 5Wy5bEOcqVq74BElrLWAnRCgx8JF668fVIJ3PSeT9JvYMfhJOYEpyJpcXPgpud8yMFdO
 8ehQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491038; x=1770095838;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=ZdZcekSc5vy8wLxJHCJ2z+EqJ/GXzJFP2NRW8mt0sAY=;
 b=dqX+rQUQ9lKs7AzNiwNtbIsMOSIbd6zV1Yj3d/QBN+Gc3rVW4X+7Qk7+hk+03h7Gtm
 kXNXZlR7MCLaZZrWRXgLkVdvZmQpDsmbbnlPPtdYdAKA/FrtvPEbQOfx8awaaib78tTj
 YZTmcKQRW1rIWzEcvbyf4yeRMhMIrRKBFNwdQTVZ9xfs3/iLscMVyAZRSowYd6mfICfs
 0rbH4Ii3gHyhqGBGV74NNr2fyBUnkqUFG6jvU4gSjBU6kPNoYuPuoc8VnUzyprWCgkbC
 i2CPRarIqEJ91GQxJ8FjuFxB+xRxkV5zSxS8NyDZyg5uPXY30tbCJyXnuQXg/ga651yZ
 1Upw==
X-Forwarded-Encrypted: i=1;
 AJvYcCUA3j+jjOuPozX13OHt/iea8gDbIgqkOt1aXUy0bK1U8VBlvzpCO+fPNPUqjeQKT30UCDEZWa8M2caM@nongnu.org
X-Gm-Message-State: AOJu0Yxr+mdxQ+cTD15DYmajE6sa84pHxA3KT2beIo6VHzhVCUVqZnF/
 5drIEAdanyWZc3ijVYacT547rB3Jt3j6+XvLah0eDb+/JhqLpcQTT+1VSS4He5XS7If+sGhkNBL
 LvsDe3Etzkayr23jyIBm6sG1M0RiBFTr1o45IAfk1Qv/Jo5fDPTr/vu1KPrT835tJ
X-Gm-Gg: AZuq6aJCkKp1RGfNwZ2ImDUXgVdYHsqcWUtYGesHg8X7u+teklBCun7BwFRtlF8V5v0
 VjTwZ98gWpR43666olQj9u8RfHYhr3Zin6FWHgpwXSwodmYuUtI2zizJU7kp71rO5dzbdRGjW4F
 SaTM733t9yUdmsBfW/mGc9/A1cuzSyHgICoHLFKA2IBbvxM6H9hSLkH1sg1slCiEnEcs0+IjB3q
 4zffPyDk9vYU+7fmO+urdAiuU7Rq+MQzRhXzJjN8QsHE9KM1uJUXDpNBxFelFpXXKmoZnQVzc1s
 W2lcUukJbZxAktTMextISXg+Tj2ng+5gsiadYsXc4s50/FoC1kMWwIue/DaK8eDApsYCmRtNTK3
 XIQXOzIOFn80BwLrscONKJOhXypllb5mFGjQHcRPWbw==
X-Received: by 2002:a17:90b:2d83:b0:34c:6124:3616 with SMTP id
 98e67ed59e1d1-353fed87b05mr624013a91.27.1769491038309;
 Mon, 26 Jan 2026 21:17:18 -0800 (PST)
X-Received: by 2002:a17:90b:2d83:b0:34c:6124:3616 with SMTP id
 98e67ed59e1d1-353fed87b05mr623995a91.27.1769491037866;
 Mon, 26 Jan 2026 21:17:17 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 14/33] accel/kvm: rebind current VCPUs to the new KVM VM
 file descriptor upon reset
Date: Tue, 27 Jan 2026 10:45:42 +0530
Message-ID: <20260127051612.219475-15-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491055745158500
Content-Type: text/plain; charset="utf-8"

Confidential guests needs to generate a new KVM file descriptor upon virtual
machine reset. Existing VCPUs needs to be reattached to this new
KVM VM file descriptor. As a part of this, new VCPU file descriptors against
this new KVM VM file descriptor needs to be created and re-initialized.
Resources allocated against the old VCPU fds needs to be released. This cha=
nge
makes this happen.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c    | 200 +++++++++++++++++++++++++++++++++--------
 accel/kvm/trace-events |   1 +
 2 files changed, 166 insertions(+), 35 deletions(-)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 538a4cc731..d43a363488 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -127,6 +127,10 @@ static NotifierList kvm_irqchip_change_notifiers =3D
 static NotifierWithReturnList register_vmfd_changed_notifiers =3D
     NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_changed_notifiers);
=20
+static int map_kvm_run(KVMState *s, CPUState *cpu, Error **errp);
+static int map_kvm_dirty_gfns(KVMState *s, CPUState *cpu, Error **errp);
+static int vcpu_unmap_regions(KVMState *s, CPUState *cpu);
+
 struct KVMResampleFd {
     int gsi;
     EventNotifier *resample_event;
@@ -420,6 +424,83 @@ err:
     return ret;
 }
=20
+static int kvm_rebind_vcpus(Error **errp)
+{
+    CPUState *cpu;
+    unsigned long vcpu_id;
+    KVMState *s =3D kvm_state;
+    int kvm_fd, ret =3D 0;
+
+    CPU_FOREACH(cpu) {
+        vcpu_id =3D kvm_arch_vcpu_id(cpu);
+
+        if (cpu->kvm_fd) {
+            close(cpu->kvm_fd);
+        }
+
+        ret =3D kvm_arch_destroy_vcpu(cpu);
+        if (ret < 0) {
+            goto err;
+        }
+
+        if (s->coalesced_mmio_ring =3D=3D (void *)cpu->kvm_run + PAGE_SIZE=
) {
+            s->coalesced_mmio_ring =3D NULL;
+        }
+
+        ret =3D vcpu_unmap_regions(s, cpu);
+        if (ret < 0) {
+            goto err;
+        }
+
+        ret =3D kvm_arch_pre_create_vcpu(cpu, errp);
+        if (ret < 0) {
+            goto err;
+        }
+
+        kvm_fd =3D kvm_vm_ioctl(s, KVM_CREATE_VCPU, vcpu_id);
+        if (kvm_fd < 0) {
+            error_report("KVM_CREATE_VCPU IOCTL failed for vCPU %lu (%s)",
+                         vcpu_id, strerror(kvm_fd));
+            return kvm_fd;
+        }
+
+        cpu->kvm_fd =3D kvm_fd;
+
+        cpu->vcpu_dirty =3D false;
+        cpu->dirty_pages =3D 0;
+        cpu->throttle_us_per_full =3D 0;
+
+        ret =3D map_kvm_run(s, cpu, errp);
+        if (ret < 0) {
+            goto err;
+        }
+
+        if (s->kvm_dirty_ring_size) {
+            ret =3D map_kvm_dirty_gfns(s, cpu, errp);
+            if (ret < 0) {
+                goto err;
+            }
+        }
+
+        ret =3D kvm_arch_init_vcpu(cpu);
+        if (ret < 0) {
+            error_setg_errno(errp, -ret,
+                             "kvm_init_vcpu: kvm_arch_init_vcpu failed (%l=
u)",
+                             vcpu_id);
+        }
+
+        close(cpu->kvm_vcpu_stats_fd);
+        cpu->kvm_vcpu_stats_fd =3D kvm_vcpu_ioctl(cpu, KVM_GET_STATS_FD, N=
ULL);
+        kvm_init_cpu_signals(cpu);
+
+        kvm_cpu_synchronize_post_init(cpu);
+    }
+    trace_kvm_rebind_vcpus();
+
+ err:
+    return ret;
+}
+
 static void kvm_park_vcpu(CPUState *cpu)
 {
     struct KVMParkedVcpu *vcpu;
@@ -508,19 +589,11 @@ int kvm_create_and_park_vcpu(CPUState *cpu)
     return ret;
 }
=20
-static int do_kvm_destroy_vcpu(CPUState *cpu)
+static int vcpu_unmap_regions(KVMState *s, CPUState *cpu)
 {
-    KVMState *s =3D kvm_state;
     int mmap_size;
     int ret =3D 0;
=20
-    trace_kvm_destroy_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu));
-
-    ret =3D kvm_arch_destroy_vcpu(cpu);
-    if (ret < 0) {
-        goto err;
-    }
-
     mmap_size =3D kvm_ioctl(s, KVM_GET_VCPU_MMAP_SIZE, 0);
     if (mmap_size < 0) {
         ret =3D mmap_size;
@@ -548,39 +621,47 @@ static int do_kvm_destroy_vcpu(CPUState *cpu)
         cpu->kvm_dirty_gfns =3D NULL;
     }
=20
-    kvm_park_vcpu(cpu);
-err:
+ err:
     return ret;
 }
=20
-void kvm_destroy_vcpu(CPUState *cpu)
-{
-    if (do_kvm_destroy_vcpu(cpu) < 0) {
-        error_report("kvm_destroy_vcpu failed");
-        exit(EXIT_FAILURE);
-    }
-}
-
-int kvm_init_vcpu(CPUState *cpu, Error **errp)
+static int do_kvm_destroy_vcpu(CPUState *cpu)
 {
     KVMState *s =3D kvm_state;
-    int mmap_size;
-    int ret;
+    int ret =3D 0;
=20
-    trace_kvm_init_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu));
+    trace_kvm_destroy_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu));
=20
-    ret =3D kvm_arch_pre_create_vcpu(cpu, errp);
+    ret =3D kvm_arch_destroy_vcpu(cpu);
     if (ret < 0) {
         goto err;
     }
=20
-    ret =3D kvm_create_vcpu(cpu);
+    /* If I am the CPU that created coalesced_mmio_ring, then discard it */
+    if (s->coalesced_mmio_ring =3D=3D (void *)cpu->kvm_run + PAGE_SIZE) {
+        s->coalesced_mmio_ring =3D NULL;
+    }
+
+    ret =3D vcpu_unmap_regions(s, cpu);
     if (ret < 0) {
-        error_setg_errno(errp, -ret,
-                         "kvm_init_vcpu: kvm_create_vcpu failed (%lu)",
-                         kvm_arch_vcpu_id(cpu));
         goto err;
     }
+    kvm_park_vcpu(cpu);
+err:
+    return ret;
+}
+
+void kvm_destroy_vcpu(CPUState *cpu)
+{
+    if (do_kvm_destroy_vcpu(cpu) < 0) {
+        error_report("kvm_destroy_vcpu failed");
+        exit(EXIT_FAILURE);
+    }
+}
+
+static int map_kvm_run(KVMState *s, CPUState *cpu, Error **errp)
+{
+    int mmap_size, ret =3D 0;
=20
     mmap_size =3D kvm_ioctl(s, KVM_GET_VCPU_MMAP_SIZE, 0);
     if (mmap_size < 0) {
@@ -605,14 +686,53 @@ int kvm_init_vcpu(CPUState *cpu, Error **errp)
             (void *)cpu->kvm_run + s->coalesced_mmio * PAGE_SIZE;
     }
=20
+ err:
+    return ret;
+}
+
+static int map_kvm_dirty_gfns(KVMState *s, CPUState *cpu, Error **errp)
+{
+    int ret =3D 0;
+    /* Use MAP_SHARED to share pages with the kernel */
+    cpu->kvm_dirty_gfns =3D mmap(NULL, s->kvm_dirty_ring_bytes,
+                               PROT_READ | PROT_WRITE, MAP_SHARED,
+                               cpu->kvm_fd,
+                               PAGE_SIZE * KVM_DIRTY_LOG_PAGE_OFFSET);
+    if (cpu->kvm_dirty_gfns =3D=3D MAP_FAILED) {
+        ret =3D -errno;
+    }
+
+    return ret;
+}
+
+int kvm_init_vcpu(CPUState *cpu, Error **errp)
+{
+    KVMState *s =3D kvm_state;
+    int ret;
+
+    trace_kvm_init_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu));
+
+    ret =3D kvm_arch_pre_create_vcpu(cpu, errp);
+    if (ret < 0) {
+        goto err;
+    }
+
+    ret =3D kvm_create_vcpu(cpu);
+    if (ret < 0) {
+        error_setg_errno(errp, -ret,
+                         "kvm_init_vcpu: kvm_create_vcpu failed (%lu)",
+                         kvm_arch_vcpu_id(cpu));
+        goto err;
+    }
+
+    ret =3D map_kvm_run(s, cpu, errp);
+    if (ret < 0) {
+        goto err;
+    }
+
     if (s->kvm_dirty_ring_size) {
-        /* Use MAP_SHARED to share pages with the kernel */
-        cpu->kvm_dirty_gfns =3D mmap(NULL, s->kvm_dirty_ring_bytes,
-                                   PROT_READ | PROT_WRITE, MAP_SHARED,
-                                   cpu->kvm_fd,
-                                   PAGE_SIZE * KVM_DIRTY_LOG_PAGE_OFFSET);
-        if (cpu->kvm_dirty_gfns =3D=3D MAP_FAILED) {
-            ret =3D -errno;
+        ret =3D map_kvm_dirty_gfns(s, cpu, errp);
+        if (ret < 0) {
             goto err;
         }
     }
@@ -2710,6 +2830,16 @@ static int kvm_reset_vmfd(MachineState *ms)
     }
     assert(!err);
=20
+    /*
+     * rebind new vcpu fds with the new kvm fds
+     * These can only be called after kvm_arch_vmfd_change_ops()
+     */
+    ret =3D kvm_rebind_vcpus(&err);
+    if (ret < 0) {
+        return ret;
+    }
+    assert(!err);
+
     /* these can be only called after ram_block_rebind() */
     memory_listener_register(&kml->listener, &address_space_memory);
     memory_listener_register(&kvm_io_listener, &address_space_io);
diff --git a/accel/kvm/trace-events b/accel/kvm/trace-events
index e4beda0148..4a8921c632 100644
--- a/accel/kvm/trace-events
+++ b/accel/kvm/trace-events
@@ -15,6 +15,7 @@ kvm_park_vcpu(int cpu_index, unsigned long arch_cpu_id) "=
index: %d id: %lu"
 kvm_unpark_vcpu(unsigned long arch_cpu_id, const char *msg) "id: %lu %s"
 kvm_irqchip_commit_routes(void) ""
 kvm_reset_vmfd(void) ""
+kvm_rebind_vcpus(void) ""
 kvm_irqchip_add_msi_route(char *name, int vector, int virq) "dev %s vector=
 %d virq %d"
 kvm_irqchip_update_msi_route(int virq) "Updating MSI route virq=3D%d"
 kvm_irqchip_release_virq(int virq) "virq %d"
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491066; cv=none;
	d=zohomail.com; s=zohoarc;
	b=ke/0oF02X0uJLSxZxQcRIq2BCd4HOuFAa4kP+f38EDivXx6e0cGEyr06lFYmgYaADw3HEAiKfjEicJqo9spbVfeBjmUs80V/MQw/e1EwH9rM5cJdMeXKb6TSOBc965u+rDc1nSyQ3vHVAo4o7XjHaUzYssC8z00065oHdFBIUqs=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491066;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=r0oM0RRyjLelkT0G5RoaNy8SGcq/Mnkz7KKwnwr3WCA=;
	b=S6o2BySp1yuLts9DB7tulptiTl3t+H5Tj/K7XbKGwQu1Sj4Imy3HS9PZ9fALWXrd70pczXoASLeomf+z0UB/Q6BrOTafjl6O6rMZrNcoz5OfJZogZfa+f4V6dMOAKatZIj9kJurrBzxFiOlASO8XjLov9r+mZp+cdujL2SpI2PA=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491066115699.9527128936113;
 Mon, 26 Jan 2026 21:17:46 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSD-00072o-0L; Tue, 27 Jan 2026 00:17:29 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSA-0006zd-T3
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:26 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbS9-0008QN-AM
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:26 -0500
Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com
 [209.85.216.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-616-Y5yn7r8JPMeE4330VwL3dw-1; Tue, 27 Jan 2026 00:17:22 -0500
Received: by mail-pj1-f72.google.com with SMTP id
 98e67ed59e1d1-34e70e2e363so4657493a91.1
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:22 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.18
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491044;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=r0oM0RRyjLelkT0G5RoaNy8SGcq/Mnkz7KKwnwr3WCA=;
 b=et/y6KJu/aHqVWV0I+qVjbDkGCIuxh/ISKglEVriQ0l7prY+aCkJes6VF+ILdKSDgpVrLt
 jB11evUnPv34bYvDMceVBN7mLFJPllvkyYdEMFzvRCg1OZrgxp+pyAX3JmRqe3WQNfv1vM
 ykem0G/C3AsC2CZRFV21VlBCtQPhZBQ=
X-MC-Unique: Y5yn7r8JPMeE4330VwL3dw-1
X-Mimecast-MFC-AGG-ID: Y5yn7r8JPMeE4330VwL3dw_1769491041
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491041; x=1770095841; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=r0oM0RRyjLelkT0G5RoaNy8SGcq/Mnkz7KKwnwr3WCA=;
 b=IoXLwvHSZkKEUwvG4A7z9iJcWDdYgLdNyOd4tUpSjpj8TpbO7CD6HdPr0vnIiueOLo
 nznmaq+SJSS7JDuNqErXdOyWJ/+j5ft7HNu7GUTNJ/6kfE+Cby6Zg5baaLipkYGur6Nh
 V8xB3YNwbcUgd5ZGDo0bnyRcNt7r5KLMpCBAb+yVMBlfqCM4DQoJNPwS9d+lFQUhP2zq
 B6iI6/OGXRTOcIlYotP8G2q0/vdyaM8rlBc8TN4ByO8m7yUfO9aaG8E9XA0sJ5lNnTWM
 VctAppF5JtZkiAp57GaGsPwErK9PL+CqEiGobjtd6I8dDF4r8S4k7Z9iAe7NUKJId1bF
 K8Tw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491041; x=1770095841;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=r0oM0RRyjLelkT0G5RoaNy8SGcq/Mnkz7KKwnwr3WCA=;
 b=fyZ9LHNTxVG6l2KH7/RigKv+uQtnR2LW3/LRRYXsdLBn3nJkqY3Yw9tKHgtu7kU/Rt
 uzVJu9nLN5n8H+/pJ4aCkSY0FjXzscS/0WZaO/rVHyZ5V7Ip/4YotMjyssPM84q4MI15
 hFxKFX0vekE822g/sHenTelXq2EYMPOzIalanXc1QxyJZae7KyWcH6PnqaHu5l5wamWS
 +ByPEIbgSRTkTQicZTNvxyw/PIaQMhOGZc078q/pGfEsyL+R+BlslxYAWZ5zEbJ+SfP7
 dQygql232Hwb2jArW71O+m2a2Dnx38OY4lOzlHJVOzXqZ2pvUkoLj/8dkcuRglhgD++7
 s7qQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCUiq2N75Y9eU/7TNOWEv5DDNuOQsZSLvdS7c3zphYQbf4mozMTAgrGM7k7af3xK1Dz02opiY9soKjlk@nongnu.org
X-Gm-Message-State: AOJu0Yy+ApNhwDzdXlYtTqhckaTWOT2gWGklhXoAKbXX7YNMTQ3EyFPj
 TGeGzNtU3WhDr6bsziBsw45iWA8t6ooWM2Bf3GsYSH3ZcDhyLWJQIKoEWiILBqYfslDS3xEveh0
 uqNH4cL9WsMGT7mACm4TnEfAwpYzQHCjPvzJ9h+Btp/tt7fFGc7I67/uc
X-Gm-Gg: AZuq6aKlA8pqLJKSosS/lM2TIcNeubDMupm2lxwXrnOw3t8a+8RAEuytRvecUoByeUh
 FHUVR8uipgf5xN8nuffl25JM9ZI/xXlYnGc+OKOvM6TSd2pwqupMO4zkzR/TN+9Qm0Sx7vH+MIK
 XSp+iBQGdJ6xC2X8z+I4mcJ/Q1CIEaWz5cOBpyAlMm9+vYO1Wsf2XizX/On0Px9gIS/GryaGAoD
 QNlox9foDJG1M/OfVVRNdiocNQ/TxCAXhYCthjqYrrzQiZmvS9MCNmprTYvnuf1PipeCKxkiJ0q
 uhjWarMlrMuBxJfOYryE8trB1PzNOQ6OwKXP96bu8PfA/ya08dEuUsrw7ZPQ8bSNRSmpHK6EXEi
 2ZM65K6BS+/gtG6Q1iOvXu7EVYI5A79PufOB/tRoJ5A==
X-Received: by 2002:a17:90b:3ccf:b0:353:356c:6821 with SMTP id
 98e67ed59e1d1-353fecd0906mr710448a91.8.1769491040983;
 Mon, 26 Jan 2026 21:17:20 -0800 (PST)
X-Received: by 2002:a17:90b:3ccf:b0:353:356c:6821 with SMTP id
 98e67ed59e1d1-353fecd0906mr710436a91.8.1769491040627;
 Mon, 26 Jan 2026 21:17:20 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 15/33] i386/tdx: refactor TDX firmware memory
 initialization code into a new function
Date: Tue, 27 Jan 2026 10:45:43 +0530
Message-ID: <20260127051612.219475-16-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491067555158500
Content-Type: text/plain; charset="utf-8"

A new helper function is introduced that refactors all firmware memory
initialization code into a separate function. No functional change.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/tdx.c | 73 ++++++++++++++++++++++++-------------------
 1 file changed, 40 insertions(+), 33 deletions(-)

diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index a3e81e1c0c..fd8e3de969 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -295,14 +295,51 @@ static void tdx_post_init_vcpus(void)
     }
 }
=20
-static void tdx_finalize_vm(Notifier *notifier, void *unused)
+static void tdx_init_fw_mem_region(void)
 {
     TdxFirmware *tdvf =3D &tdx_guest->tdvf;
     TdxFirmwareEntry *entry;
-    RAMBlock *ram_block;
     Error *local_err =3D NULL;
     int r;
=20
+    for_each_tdx_fw_entry(tdvf, entry) {
+        struct kvm_tdx_init_mem_region region;
+        uint32_t flags;
+
+        region =3D (struct kvm_tdx_init_mem_region) {
+            .source_addr =3D (uintptr_t)entry->mem_ptr,
+            .gpa =3D entry->address,
+            .nr_pages =3D entry->size >> 12,
+        };
+
+        flags =3D entry->attributes & TDVF_SECTION_ATTRIBUTES_MR_EXTEND ?
+                KVM_TDX_MEASURE_MEMORY_REGION : 0;
+
+        do {
+            error_free(local_err);
+            local_err =3D NULL;
+            r =3D tdx_vcpu_ioctl(first_cpu, KVM_TDX_INIT_MEM_REGION, flags,
+                               &region, &local_err);
+        } while (r =3D=3D -EAGAIN || r =3D=3D -EINTR);
+        if (r < 0) {
+            error_report_err(local_err);
+            exit(1);
+        }
+
+        if (entry->type =3D=3D TDVF_SECTION_TYPE_TD_HOB ||
+            entry->type =3D=3D TDVF_SECTION_TYPE_TEMP_MEM) {
+            qemu_ram_munmap(-1, entry->mem_ptr, entry->size);
+            entry->mem_ptr =3D NULL;
+        }
+    }
+}
+
+static void tdx_finalize_vm(Notifier *notifier, void *unused)
+{
+    TdxFirmware *tdvf =3D &tdx_guest->tdvf;
+    TdxFirmwareEntry *entry;
+    RAMBlock *ram_block;
+
     tdx_init_ram_entries();
=20
     for_each_tdx_fw_entry(tdvf, entry) {
@@ -339,37 +376,7 @@ static void tdx_finalize_vm(Notifier *notifier, void *=
unused)
     tdvf_hob_create(tdx_guest, tdx_get_hob_entry(tdx_guest));
=20
     tdx_post_init_vcpus();
-
-    for_each_tdx_fw_entry(tdvf, entry) {
-        struct kvm_tdx_init_mem_region region;
-        uint32_t flags;
-
-        region =3D (struct kvm_tdx_init_mem_region) {
-            .source_addr =3D (uintptr_t)entry->mem_ptr,
-            .gpa =3D entry->address,
-            .nr_pages =3D entry->size >> 12,
-        };
-
-        flags =3D entry->attributes & TDVF_SECTION_ATTRIBUTES_MR_EXTEND ?
-                KVM_TDX_MEASURE_MEMORY_REGION : 0;
-
-        do {
-            error_free(local_err);
-            local_err =3D NULL;
-            r =3D tdx_vcpu_ioctl(first_cpu, KVM_TDX_INIT_MEM_REGION, flags,
-                               &region, &local_err);
-        } while (r =3D=3D -EAGAIN || r =3D=3D -EINTR);
-        if (r < 0) {
-            error_report_err(local_err);
-            exit(1);
-        }
-
-        if (entry->type =3D=3D TDVF_SECTION_TYPE_TD_HOB ||
-            entry->type =3D=3D TDVF_SECTION_TYPE_TEMP_MEM) {
-            qemu_ram_munmap(-1, entry->mem_ptr, entry->size);
-            entry->mem_ptr =3D NULL;
-        }
-    }
+    tdx_init_fw_mem_region();
=20
     /*
      * TDVF image has been copied into private region above via
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491063; cv=none;
	d=zohomail.com; s=zohoarc;
	b=bB8V0sLTLH6gxa+k2w7tU1ofIlf443bEmGV5ZE+7YWI0Zk6ATnUgzlVVsA6aTscQvPNczQk8sZy/qm3nvFUMtY7Z0YAFl/GPfY7gT/yVUFqGSx90e9n42OrIlhBUj/6Y1xRFWLkK50EYWAamXvsmIEoqT6HA/dqURR1aHNloYJI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491063;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=OnOtqZFQnQ7z67Y/wwL5FaGuBGKBCde67NUJiikFzaU=;
	b=nMUrCueR/VRSjOtcstdza7qczV0Os8ikoIK3VbHFh7SofifXtiKo2ORmXvdqAP+ZTnXJ+5eaq0u2Z/gYXcvIw+tjfg8vKYzI/aKVQZeHePLeZ0Ruh5jZmjyVqx5kqog6Ubl82XrOpcd95rnxO+rnQfrEWUK1PbksnQrer1c4kO0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 176949106347253.32272592653055;
 Mon, 26 Jan 2026 21:17:43 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSK-00078S-4v; Tue, 27 Jan 2026 00:17:36 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSD-00072r-6Q
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:29 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSB-0008Qm-Mj
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:28 -0500
Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com
 [209.85.216.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-126-0CbqIU1KMo6NvkHHkxJ5Wg-1; Tue, 27 Jan 2026 00:17:25 -0500
Received: by mail-pj1-f72.google.com with SMTP id
 98e67ed59e1d1-353049e6047so3890683a91.3
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:24 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.21
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491047;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=OnOtqZFQnQ7z67Y/wwL5FaGuBGKBCde67NUJiikFzaU=;
 b=chTyUbKBQFBYjapSH5z9KfQOu8vDe+T5y2MMUG4eLgncvYr+pU3wqSl3mHkzDNDDhDPzPj
 ggrLhHWbuVkH1KisVaroSl04zdKFqx8IJ8vqlMmt5VZOCt/ikw6P1VuhGQKPn2ilIwXry3
 MDt8sUYOnr8hfq1ow8rqvLUeT/hmyb4=
X-MC-Unique: 0CbqIU1KMo6NvkHHkxJ5Wg-1
X-Mimecast-MFC-AGG-ID: 0CbqIU1KMo6NvkHHkxJ5Wg_1769491044
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491044; x=1770095844; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=OnOtqZFQnQ7z67Y/wwL5FaGuBGKBCde67NUJiikFzaU=;
 b=Ecj2RZCIm5zJHv6wvPeHD/IiKFzh1S1XKZ1krXIIXCYr4QrlWpTxHw2Ey3kke3ykF1
 r8bExHA8w54VCjPwcwWhsq84wA02qsGDkWd/AUKnBmNBkYc94iljTSamaoAfQqJX3Zwc
 CSfRxxjxUHpZtebQMuvCFU+9SQwDboQ8tLwg2ExY0gOSruArjpHiA6cH5HdrFaaNBZWm
 Lm3ZaY1D4DwqpHctYRLBMamLE/xM2OcxFE2fJvs21jPK8A/PueQ11shI3y+r9zQdOWaQ
 hkL6Dp+kLAs26aOiPVwa5KI/xvqBShUI7gfzKwlN9X4u6vkAKMWQR9uG1MPKjG+WH7PX
 CYBQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491044; x=1770095844;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=OnOtqZFQnQ7z67Y/wwL5FaGuBGKBCde67NUJiikFzaU=;
 b=ryy/hSwhDMhTjGB5+WGtMZogWHjbspthnkTJIO0TrYpjF5LugenyYwv976M3w9gtV1
 2PKHLIzbY0Ei6qjuZK9swgz10F+R+n8PPh9QoQSUPLUhiw7j1yglSyfTdHEM7wNZbiYQ
 uXmpG+hULAaiEGiMYzDPbL7oYVMeDfGqolz8Y2ZlVhKnlbgvXvWnGtGlyg8qDhjEB6s8
 7IvcATjYgH18FLWQmmYOrbhMG8Fgglf84IGZ3avpfs0qHzQCDl27BEm9GRvf88PeVA3a
 hH2Btpty6u1VMwUZNqLSWIPOlclU5/zvtDT2LiWuyWKc5OjhQvI/O7KVqD0xxdsJZGAD
 7VXQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCWyVtwnkP01eEKPiSBARnzNbsQjUWZrjhi2gEdVADKX6z6954nOQqMJDlZawpadyrrfEfqbci5zrjqH@nongnu.org
X-Gm-Message-State: AOJu0YwMoyZNN+I9+dilqwDxXCoZH5D9k17W0mSoPY/ekBtgR6wkSfQl
 qxkW0m0CO4W9XN0kWQUbYSmUTCbdXN43tIoJfTQy68EPPag3BHitLpW6GZsVWhLC93XT8mXpg8X
 quKbjTGrkmLnGuZoG720wHqI6hl16y9L4EFfAvQqNplUtLwZc343+7LzS
X-Gm-Gg: AZuq6aLqC+46cfN9Ni7PSf1QswfaEFgQ2brqeUA3aE9j+wb4tkzJeHLsDJsX9O66+zz
 KIeDFq/oZrac5/Jhq3QHHIGp205Uf/Xpeato5Yb36oPoOjvGElIQEeRRbEn2EoSOoahII31hnIQ
 nhYZd0X3Q7rp+GscrhskVvr3sIAcjoy4PvX0UhhMtC1NxUK2TzfZNLpCPUVpVIGkBlNfSX7T6aw
 yEPSLiH4zRYEQjPry46H/s2OCICZipECzAmenvAlYi/8HwKwGESSVRiiMK/C4jDiJ6SquhCgi81
 sVFTy43Y++/B9JHMPMomSGoEVjwnF/+Xge/FMfGNAhuwo/qRMCZQU9/CL8S/1VtG5xSkRu5ySiE
 eLd1RjqQSjteA/68r3+VOYJZuF/9fdVIbG1zQJ1zrZw==
X-Received: by 2002:a17:90a:ee88:b0:353:3f04:1b78 with SMTP id
 98e67ed59e1d1-353fecd096emr470467a91.4.1769491043806;
 Mon, 26 Jan 2026 21:17:23 -0800 (PST)
X-Received: by 2002:a17:90a:ee88:b0:353:3f04:1b78 with SMTP id
 98e67ed59e1d1-353fecd096emr470454a91.4.1769491043445;
 Mon, 26 Jan 2026 21:17:23 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 16/33] i386/tdx: finalize TDX guest state upon reset
Date: Tue, 27 Jan 2026 10:45:44 +0530
Message-ID: <20260127051612.219475-17-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491065367154100
Content-Type: text/plain; charset="utf-8"

When the confidential virtual machine KVM file descriptor changes due to the
guest reset, some TDX specific setup steps needs to be done again. This
includes finalizing the inital guest launch state again. This change
re-executes some parts of the TDX setup during the device reset phaze using=
 a
resettable interface. This finalizes the guest launch state again and locks
it in. Machine done notifier which was previously used is no longer needed =
as
the same code is now executed as a part of VM reset.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/tdx.c        | 38 +++++++++++++++++++++++++++++++-----
 target/i386/kvm/tdx.h        |  1 +
 target/i386/kvm/trace-events |  3 +++
 3 files changed, 37 insertions(+), 5 deletions(-)

diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index fd8e3de969..37e91d95e1 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -19,6 +19,7 @@
 #include "crypto/hash.h"
 #include "system/kvm_int.h"
 #include "system/runstate.h"
+#include "system/reset.h"
 #include "system/system.h"
 #include "system/ramblock.h"
 #include "system/address-spaces.h"
@@ -38,6 +39,7 @@
 #include "kvm_i386.h"
 #include "tdx.h"
 #include "tdx-quote-generator.h"
+#include "trace.h"
=20
 #include "standard-headers/asm-x86/kvm_para.h"
=20
@@ -389,9 +391,19 @@ static void tdx_finalize_vm(Notifier *notifier, void *=
unused)
     CONFIDENTIAL_GUEST_SUPPORT(tdx_guest)->ready =3D true;
 }
=20
-static Notifier tdx_machine_done_notify =3D {
-    .notify =3D tdx_finalize_vm,
-};
+static void tdx_handle_reset(Object *obj, ResetType type)
+{
+    if (!runstate_is_running() && !phase_check(PHASE_MACHINE_READY)) {
+        return;
+    }
+
+    if (!kvm_enable_hypercall(BIT_ULL(KVM_HC_MAP_GPA_RANGE))) {
+        error_setg(&error_fatal, "KVM_HC_MAP_GPA_RANGE not enabled for gue=
st");
+    }
+
+    tdx_finalize_vm(NULL, NULL);
+    trace_tdx_handle_reset();
+}
=20
 /*
  * Some CPUID bits change from fixed1 to configurable bits when TDX module
@@ -738,8 +750,6 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs, =
Error **errp)
      */
     kvm_readonly_mem_allowed =3D false;
=20
-    qemu_add_machine_init_done_notifier(&tdx_machine_done_notify);
-
     tdx_guest =3D tdx;
     return 0;
 }
@@ -1505,6 +1515,7 @@ OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest,
                                    TDX_GUEST,
                                    X86_CONFIDENTIAL_GUEST,
                                    { TYPE_USER_CREATABLE },
+                                   { TYPE_RESETTABLE_INTERFACE },
                                    { NULL })
=20
 static void tdx_guest_init(Object *obj)
@@ -1538,16 +1549,24 @@ static void tdx_guest_init(Object *obj)
=20
     tdx->event_notify_vector =3D -1;
     tdx->event_notify_apicid =3D -1;
+    qemu_register_resettable(obj);
 }
=20
 static void tdx_guest_finalize(Object *obj)
 {
 }
=20
+static ResettableState *tdx_reset_state(Object *obj)
+{
+    TdxGuest *tdx =3D TDX_GUEST(obj);
+    return &tdx->reset_state;
+}
+
 static void tdx_guest_class_init(ObjectClass *oc, const void *data)
 {
     ConfidentialGuestSupportClass *klass =3D CONFIDENTIAL_GUEST_SUPPORT_CL=
ASS(oc);
     X86ConfidentialGuestClass *x86_klass =3D X86_CONFIDENTIAL_GUEST_CLASS(=
oc);
+    ResettableClass *rc =3D RESETTABLE_CLASS(oc);
=20
     klass->kvm_init =3D tdx_kvm_init;
     klass->can_rebuild_guest_state =3D true;
@@ -1555,4 +1574,13 @@ static void tdx_guest_class_init(ObjectClass *oc, co=
nst void *data)
     x86_klass->cpu_instance_init =3D tdx_cpu_instance_init;
     x86_klass->adjust_cpuid_features =3D tdx_adjust_cpuid_features;
     x86_klass->check_features =3D tdx_check_features;
+
+    /*
+     * the exit phase makes sure sev handles reset after all legacy resets
+     * have taken place (in the hold phase) and IGVM has also properly
+     * set up the boot state.
+     */
+    rc->phases.exit =3D tdx_handle_reset;
+    rc->get_state =3D tdx_reset_state;
+
 }
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
index 1c38faf983..264fbe530c 100644
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@@ -70,6 +70,7 @@ typedef struct TdxGuest {
=20
     uint32_t event_notify_vector;
     uint32_t event_notify_apicid;
+    ResettableState reset_state;
 } TdxGuest;
=20
 #ifdef CONFIG_TDX
diff --git a/target/i386/kvm/trace-events b/target/i386/kvm/trace-events
index 2d213c9f9b..a386234571 100644
--- a/target/i386/kvm/trace-events
+++ b/target/i386/kvm/trace-events
@@ -14,3 +14,6 @@ kvm_xen_soft_reset(void) ""
 kvm_xen_set_shared_info(uint64_t gfn) "shared info at gfn 0x%" PRIx64
 kvm_xen_set_vcpu_attr(int cpu, int type, uint64_t gpa) "vcpu attr cpu %d t=
ype %d gpa 0x%" PRIx64
 kvm_xen_set_vcpu_callback(int cpu, int vector) "callback vcpu %d vector %d"
+
+# tdx.c
+tdx_handle_reset(void) ""
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491126; cv=none;
	d=zohomail.com; s=zohoarc;
	b=PXtsRjdCNQYBEDSm+yd+xJ7oM0qtVjgt/fkEgQ3NZ+4p/+Xfmk+d1a4SMfkRUNzfAutELz6XFn0MgXrnew+lnU+LW53vXBNEn5Vm3w72sgmWDL+SkaCDyeBFRTJl4klJVxD50QwKMoGxs/W+KA7OtILgLVOUH7zuLdBx2slYmaM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491126;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=bPhZf11AJ6OznTneTjtivFAiVtwbcW8pDml41uWPO3Y=;
	b=A4LPcV8R8Y+ptp96v9pqVFPgsL4X9Efhooe1vKi9PvZGTatlZ51JED7A8iHMOkaEy3rg4XQLHDhuyuVKcvvKp6CTTH1Fw7eyZVoXPdyhufC6fiyIULmpP5tQOzcTEhAuxKiyns7xsAO6qakp2Z2Taryh8CkMYQKzl0jXsM4WQGg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491125807167.10806948586992;
 Mon, 26 Jan 2026 21:18:45 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSM-00079q-4O; Tue, 27 Jan 2026 00:17:39 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSF-00075D-Rs
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:32 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSE-0008RX-A3
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:31 -0500
Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com
 [209.85.216.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-659-HksFdxf4OCSMxIPzWSFr7A-1; Tue, 27 Jan 2026 00:17:27 -0500
Received: by mail-pj1-f70.google.com with SMTP id
 98e67ed59e1d1-34c38781efcso4921072a91.2
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:27 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.23
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491049;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=bPhZf11AJ6OznTneTjtivFAiVtwbcW8pDml41uWPO3Y=;
 b=aJ2U/G6/p60LYZtRtvHdLseZQgXFPNy4bckKriFL9+2/qujnaxBhDSWvzacY2wkytn4rUC
 MoXtZVh+ewg0idEq1rSbjjOIn0LYVMW98l4UZNe91moh2IwFBGJ41Oa6AT+AJxs9KA7tsL
 13kJmAkJG4JaeWqQyE4lrlTpQt7YWTI=
X-MC-Unique: HksFdxf4OCSMxIPzWSFr7A-1
X-Mimecast-MFC-AGG-ID: HksFdxf4OCSMxIPzWSFr7A_1769491046
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491046; x=1770095846; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=bPhZf11AJ6OznTneTjtivFAiVtwbcW8pDml41uWPO3Y=;
 b=dX6fdI2gMgj4yvQ+wpXmcH8nFNHq/FjUrKb6r0cDUyxkrgjtRob95Dz3RLZtdyKzb/
 bWbDHfASJBysKAdVWbVg9V3q21zg8xBQ43wUgJ6MMXXFAKtlMKs+bRKpifp35SNyH7KL
 2utYth1R830V//P+kahaWYtnl76V/P/ORr/+IdHqc70FfJvEfIh/6PFJfbR3ZRXXtyCA
 qqyiol+JuU/pCa728lMWW2Y6vI5aIEj6lMZHCNkYTZ1CYlr0/P1wbO6iJZ/hP/3xOYrs
 8NRaDyVgPDGYJkZMtAAUnbmtOH9LRZO4ugSCNUuLjBcXqfQMhrIuJtq32nsY/2HpSX5Z
 vm8Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491046; x=1770095846;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=bPhZf11AJ6OznTneTjtivFAiVtwbcW8pDml41uWPO3Y=;
 b=NgY8Bx4QQnhjc8j6vydTlohj7F6/4KF3KgVymIGqEds97SgziY5YGG+Ied/YOiTzMl
 nc4pwW7Gm9vWyWaIOAAZiV0FPj51geusETFckRhmBo/naZ7m7bbiFnD5Eey3CFVTTCVh
 aJbcjpejdyjcByQSXNJx58uxnhXmIOMUfqV8ZQ7D25H/+Il+1cYU9CyxYdvbMZEOOkmX
 bDAA8WxHK2Gzd7/MDOBdqJkU6I4MZWnqk8zY6xUjGb/69lLvDhZ8cx1g24z+oHt9mwYe
 Zw3AeO8+YLGozQkavs5YsHR8L88MKIXe/qqErwoJruS+E92ho+3vEgfaRmen/H3FVuRX
 f/qg==
X-Forwarded-Encrypted: i=1;
 AJvYcCUJhlCPZaLxSxdnOzKolwLgrITzDqzsCGUd428ZXsPi/xTA8if0pGeQ0PFydeJKQZU/KEt9fvZZ45VN@nongnu.org
X-Gm-Message-State: AOJu0Yzsx+yLTSmH/iFG2VhGtU6HT9Vm470sP9d7IxrjIP/cgP5YYn/t
 dNk5x+WNDP/u+3NZY2ObgHKux1INrhUu2XE9Evoch1wq2EIw3aYRSRPhxIjqZ7tQxbxADkWmaFG
 SdDa1wmhx6tXYfMYEORQlUXyUHc0RrLVCLZXKkMXrtbH9wEKIZhKpiFVJ
X-Gm-Gg: AZuq6aIl/5U3Z1JiY+CEU/Ob719rGkDVpxdVdonstfhAQ2Yb0B8yAwahVlLfLdzzokK
 8Dv6dprgQ2G3GzPoDnvAepanAyvSJgWYiI3jaHygdgjbL3fMYvwUd3dZzXZEUHlLFwOaTtN5ZO0
 x9o/meo6gQwv6QtyXv9jcAX9B/OhGC1MR60F4ypypL0rrDP1eSfYAflLNnTxlDbqfWtJGui48dt
 xAQmwi4CSBdS/DewXm4pSgF6S3dcL9SXGxoigP1I1mtm13j07wpQolRC5yAhjK8wRoJu70UyDjb
 R6EsmK65MWDdiANLtobw3yp4CPAWYHllz5f2+hi4l1exL7//RbHLwqbIo/e4R/k1jDLT4nBobo/
 Yl2qO6J8DUCYW6DM6EP3xv0Z4uexl4UQCkQ2l8uotfQ==
X-Received: by 2002:a17:90b:3a4f:b0:352:e27e:79c5 with SMTP id
 98e67ed59e1d1-353feda98damr596439a91.31.1769491046547;
 Mon, 26 Jan 2026 21:17:26 -0800 (PST)
X-Received: by 2002:a17:90b:3a4f:b0:352:e27e:79c5 with SMTP id
 98e67ed59e1d1-353feda98damr596430a91.31.1769491046173;
 Mon, 26 Jan 2026 21:17:26 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 17/33] i386/tdx: add a pre-vmfd change notifier to reset
 tdx state
Date: Tue, 27 Jan 2026 10:45:45 +0530
Message-ID: <20260127051612.219475-18-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491127932158500
Content-Type: text/plain; charset="utf-8"

During reset, when the VM file descriptor is changed, the TDX state needs t=
o be
re-initialized. A notifier callback is implemented to reset the old
state and free memory before the new state is initialized post VM file
descriptor change.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/tdx.c | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 37e91d95e1..4cae99c281 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -405,6 +405,36 @@ static void tdx_handle_reset(Object *obj, ResetType ty=
pe)
     trace_tdx_handle_reset();
 }
=20
+/* TDX guest reset will require us to reinitialize some of tdx guest state=
. */
+static int set_tdx_vm_uninitialized(NotifierWithReturn *notifier,
+                                    void *data, Error** errp)
+{
+    TdxFirmware *fw =3D &tdx_guest->tdvf;
+
+    if (!((VmfdChangeNotifier *)data)->pre) {
+        return 0;
+    }
+
+    if (tdx_guest->initialized) {
+        tdx_guest->initialized =3D false;
+    }
+
+    g_free(tdx_guest->ram_entries);
+
+    /*
+     * the firmware entries will be parsed again, see
+     * x86_firmware_configure() -> tdx_parse_tdvf()
+     */
+    fw->entries =3D 0;
+    g_free(fw->entries);
+
+    return 0;
+}
+
+static NotifierWithReturn tdx_vmfd_change_notifier =3D {
+    .notify =3D set_tdx_vm_uninitialized,
+};
+
 /*
  * Some CPUID bits change from fixed1 to configurable bits when TDX module
  * supports TDX_FEATURES0.VE_REDUCTION. e.g., MCA/MCE/MTRR/CORE_CAPABILITY.
@@ -1549,6 +1579,7 @@ static void tdx_guest_init(Object *obj)
=20
     tdx->event_notify_vector =3D -1;
     tdx->event_notify_apicid =3D -1;
+    kvm_vmfd_add_change_notifier(&tdx_vmfd_change_notifier);
     qemu_register_resettable(obj);
 }
=20
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491078; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Y1DPWZRDg/ZYcFnbPPShOuKHsRkkP5XjkTaH5z4YzpLv1KF61rv8ogMuLXheEN2516N3s/ff5+6UpKhjVLp1ED/nozVmys8Yr1w1u3LueQQAYFqCZf44XX4dxarJEpWQJ++6OLPBV4J40vTylROj77nXgCh+HcnIx8xXZyeDhhQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491078;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=j8+47Sjna5VFWbMymGn/cKww5NGQWO1KmnHktF7E5FI=;
	b=hd0ye8VEzFCrlPeA+g1I3I1uQA7lZTex29WcpTnvVKx7t0XKNcBqpe/JIDDM+o0HkGtE2B2QlLGtydkrTtXGbX8vf0RI6nvDj6zwdMmwHjCHjGznCVt5I3rt0lDyH4jGSYF3Pd2jbASS2jxhhpOxS1XctwtapI6G7tFicAziRrw=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 176949107848919.156301904873885;
 Mon, 26 Jan 2026 21:17:58 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSQ-0007Cx-Ct; Tue, 27 Jan 2026 00:17:43 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSJ-00079c-P9
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:36 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSI-0008U0-4w
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:35 -0500
Received: from mail-pj1-f69.google.com (mail-pj1-f69.google.com
 [209.85.216.69]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-671-Y9Mo4NxRPR6OUnwzQQ1xDA-1; Tue, 27 Jan 2026 00:17:30 -0500
Received: by mail-pj1-f69.google.com with SMTP id
 98e67ed59e1d1-34ab8693a2cso709021a91.0
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:30 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.26
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491053;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=j8+47Sjna5VFWbMymGn/cKww5NGQWO1KmnHktF7E5FI=;
 b=fMOtX9H4T6rhKLM2wsPAJVqbhdDdWoaS0Z4egC3RPCutb3eaAaeyP6ZsyawHvVpt4aQLuY
 JV9wAVLI6tnCWmFHl7Px29rIRtR9Y7h8iYguaI4BG5PXN9H1QnFf2fMGFiXQHZaEGjj9yk
 hKxSVX+66zTWJuE31d0O9LXjduFkt0I=
X-MC-Unique: Y9Mo4NxRPR6OUnwzQQ1xDA-1
X-Mimecast-MFC-AGG-ID: Y9Mo4NxRPR6OUnwzQQ1xDA_1769491050
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491049; x=1770095849; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=j8+47Sjna5VFWbMymGn/cKww5NGQWO1KmnHktF7E5FI=;
 b=cgU0Lbm5ujaMe7MvfUZ5Knv6sLMrCMAxk3ZfHNVD6YMwzXORK8aNlU3J+3mWDrMq66
 +v/xcBa6lWgYkvuzDi44s46oMIdI1Cst7t773rDu84oRaGTn39f9ocmb4/f1CGL956EA
 aG1ygxtfsnHbeqBDAnbhBHdgVS80L36om73NyEt6nMHAChgNtHnr9L7/U1ffWw6q0h28
 qw2nILur7dvV/zlRQ6pKRR8iLDQ1VyYPlnH4S6ZpR6CVRk3Tm4nMudBcwrm79j08wE9S
 /PIL+GZwv7Y3Xfiw0DQyzXWMwNUU3rWacmBhugv4gYpx/8eOMVGHn5Gskw7+PFFvex/V
 vwWQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491049; x=1770095849;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=j8+47Sjna5VFWbMymGn/cKww5NGQWO1KmnHktF7E5FI=;
 b=Ks4ny/Ua1g7PuBAsTml84y0UH9aicLh5cbRZR4adW+4YVBaW8zV7A0fA2BRfcRKfIv
 hoFbiFRemrgYcr0CD3onLzWAqJRqvKcse4WvVrKvrkLWGBXFoMrNjWVKI0+sbesJlfiy
 mLIA13g0Zi/2ZEFFPQVqwICB+k96zaltJwD0gjzCw8Bt9fAM7VF5OO5DdM4Lo0/24dHz
 cr+7TnBjqBbFA+bqtuAloVJSZxTmsYdUsBufvu6D0f86AJUgLXROVNoOA40XxmcHFz8E
 drcTGmMDQkWhGEh1HA/mBFTgHqGB2n+vk5brb0Xov2yoUTFzo+w5QVY9IZEGIG/JxlYr
 7Ljg==
X-Forwarded-Encrypted: i=1;
 AJvYcCXXoaM4e4+hlJ+SG8nknQj6YZekQ97mH2eNNwrtx+rZL9ng8hW8eBAaRbY1KmMyZ86rXC+3rUdyHyBh@nongnu.org
X-Gm-Message-State: AOJu0YzydyVSyS5yRcU4Cz9BMZZ0Pt8Pufd8dsCQXVIro+HVQnkLkvbu
 F+Tbm2u5UVA2J0nwKaJlYFq7zBYkIyRNbfr3z/HJHKtcAg9XWrA3bJibMaqMn1ZRyzqtS4cEpib
 pYmn4V/HwfPcx0agIdBKdPcrPfXmcgfaQ+1uvcl/7caCDGhu+3EOXLtqSsBek5Cqq
X-Gm-Gg: AZuq6aLPZDLh8OP+sLC7fQ5LOJ7jlRtLmznrP6lT89tnE8sTCFrqw4U8ym+NhafO2KS
 eHwBDx2S8UgnHk8IrxkuzaiOu+fHyFWs9LfUzzZHuPqFGg4ic9LSJy7sA3IsdcbF0d7qbYgBMai
 AfO3sBkk7SqmBT/jAK5F8bmBZlI2u1aV7R7NzhgKbHTbzMUIa5pvmTg4NfsgNIL/WMPru83lJlT
 cB0yQ5F6mF6awu3Tk5EE/JUJypmP+oGlBP2iROc8Fm8GE9Jyn6FcRH+0lBXCLVs/r27QWC0JEgP
 m5LG1yUAODH7ll0hGDEnmjMKf3Bwu1RM2FD06dFhDzPKmOLuuRHRWSo8mMMemmncKuCbs5aij7J
 D3XocFZKwa+5EH6Pmsafc0XwS4GVss0vm2PYMOz6CbA==
X-Received: by 2002:a17:90b:3a87:b0:353:356c:6840 with SMTP id
 98e67ed59e1d1-353fecf4310mr763133a91.14.1769491049489;
 Mon, 26 Jan 2026 21:17:29 -0800 (PST)
X-Received: by 2002:a17:90b:3a87:b0:353:356c:6840 with SMTP id
 98e67ed59e1d1-353fecf4310mr763118a91.14.1769491049154;
 Mon, 26 Jan 2026 21:17:29 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Marcelo Tosatti <mtosatti@redhat.com>,
 Zhao Liu <zhao1.liu@intel.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 18/33] i386/sev: add migration blockers only once
Date: Tue, 27 Jan 2026 10:45:46 +0530
Message-ID: <20260127051612.219475-19-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491079659158500
Content-Type: text/plain; charset="utf-8"

sev_launch_finish() and sev_snp_launch_finish() could be called multiple ti=
mes
when the confidential guest is being reset/rebooted. The migration
blockers should not be added multiple times, once per invocation. This chan=
ge
makes sure that the migration blockers are added only one time by adding the
migration blockers to the vm state change handler when the vm transitions to
the running state. Subsequent reboots do not change the state of the vm.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/sev.c | 20 +++++---------------
 1 file changed, 5 insertions(+), 15 deletions(-)

diff --git a/target/i386/sev.c b/target/i386/sev.c
index 176329bd07..5524e7142d 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -1420,11 +1420,6 @@ sev_launch_finish(SevCommonState *sev_common)
     }
=20
     sev_set_guest_state(sev_common, SEV_STATE_RUNNING);
-
-    /* add migration blocker */
-    error_setg(&sev_mig_blocker,
-               "SEV: Migration is not implemented");
-    migrate_add_blocker(&sev_mig_blocker, &error_fatal);
 }
=20
 static int snp_launch_update_data(uint64_t gpa, void *hva, size_t len,
@@ -1607,7 +1602,6 @@ static void
 sev_snp_launch_finish(SevCommonState *sev_common)
 {
     int ret, error;
-    Error *local_err =3D NULL;
     OvmfSevMetadata *metadata;
     SevLaunchUpdateData *data;
     SevSnpGuestState *sev_snp =3D SEV_SNP_GUEST(sev_common);
@@ -1654,15 +1648,6 @@ sev_snp_launch_finish(SevCommonState *sev_common)
=20
     kvm_mark_guest_state_protected();
     sev_set_guest_state(sev_common, SEV_STATE_RUNNING);
-
-    /* add migration blocker */
-    error_setg(&sev_mig_blocker,
-               "SEV-SNP: Migration is not implemented");
-    ret =3D migrate_add_blocker(&sev_mig_blocker, &local_err);
-    if (local_err) {
-        error_report_err(local_err);
-        exit(1);
-    }
 }
=20
=20
@@ -1675,6 +1660,11 @@ sev_vm_state_change(void *opaque, bool running, RunS=
tate state)
     if (running) {
         if (!sev_check_state(sev_common, SEV_STATE_RUNNING)) {
             klass->launch_finish(sev_common);
+
+            /* add migration blocker */
+            error_setg(&sev_mig_blocker,
+                       "SEV: Migration is not implemented");
+            migrate_add_blocker(&sev_mig_blocker, &error_fatal);
         }
     }
 }
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491108; cv=none;
	d=zohomail.com; s=zohoarc;
	b=abIPnXtqq9LyAO2mtOwptJhLI1YLrgJzTZQduf3EXsC88Z/RG9AQMVSOuhiYeMLJBepa/6acOvbvggxsNGQNQp0hLxywmiJpini8y3j57YQjryffGGNrt/yBArr9bLOpcpB0V3047RaHSjjWy5f1qBu3qhAhIXNjuNiifykJkLg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491108;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=IsqW2ttd3J7072Zyk2vnpxdf7DB+tWB3Z4Y7tUzOjnk=;
	b=VItYXvyKS1v4hBoMSSnUj9d1sCpLhKAWMGHMZQ9CDmb59trni9h8fu19FKpEQM/O8p0vtQARL1CA1JwIV5zFxhE3/+nxJf7aqSEND8bQ+lcAVJ1I6gkpL1T9jdNDyzOEop9QwLb5Xb07DCKfkl6YjMs5/1HyctqO4xS49AheB5Q=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491108666890.6444235768773;
 Mon, 26 Jan 2026 21:18:28 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSU-0007JG-Ib; Tue, 27 Jan 2026 00:17:47 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSM-0007CG-W3
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:39 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSK-0008VF-KE
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:38 -0500
Received: from mail-pj1-f69.google.com (mail-pj1-f69.google.com
 [209.85.216.69]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-645-BA3W4YsLM8m0fGuLTLzscw-1; Tue, 27 Jan 2026 00:17:33 -0500
Received: by mail-pj1-f69.google.com with SMTP id
 98e67ed59e1d1-34c213419f5so3549608a91.2
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:33 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.29
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491056;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=IsqW2ttd3J7072Zyk2vnpxdf7DB+tWB3Z4Y7tUzOjnk=;
 b=dp/nYSdTZYlgV+GZ+dTmeQ+tlHf3iknMzfCq4zonaVbcOJpN6C/gBO+d7FNxZOkh+4CMb9
 t6QvfWjQaSfSOmHAs5O1ntFE96XCcUSoepgxdov/iATGDvPUR9GbiJUgiD3+CvqNZchmpi
 2CeQHSrbFKUAe34v9FXV65S6U6kNhWE=
X-MC-Unique: BA3W4YsLM8m0fGuLTLzscw-1
X-Mimecast-MFC-AGG-ID: BA3W4YsLM8m0fGuLTLzscw_1769491052
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491052; x=1770095852; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=IsqW2ttd3J7072Zyk2vnpxdf7DB+tWB3Z4Y7tUzOjnk=;
 b=iLKKviREmjNL9u+wB9YyWmaJyooTNPHYOMGzp228AGQvYehUMqLP1SlAQkauzf+WH+
 W4gYZo/zRa2uK2s55Am4My74saufJxEvzd86+V103bu6+o5XeE4yaFIycfYKK12yE6mn
 /aVLMJyUNxvYwJGC7jpo28a9Trwfcl7UDVCKw7yuPQDjYlh87/x4eNE+YmPkg9jAXNbn
 U3hlzVtXXX1LGS3VTl2psLVXI96TL1YXfUnLSWkTRak7fxQ4ZkKtY/ikVelaExByFcph
 rFlo6Xgke9XqqWtdOxawPhQ6BioMxCIpdgDWk+joOXY60fTFqk2viSkJqZhs9VITYi9u
 Wk6A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491052; x=1770095852;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=IsqW2ttd3J7072Zyk2vnpxdf7DB+tWB3Z4Y7tUzOjnk=;
 b=eU4L/JsTH2ZESlE83sjGL+Qg7ubWq3EXuzflAf36UvLmKYTuuRioJgDKwoHDqdfJ7i
 mmcdN+haP+UMTnY57ih0dXg1KUskmlOsOXCceMEyh1dMRr6iRlYQ3cWJEQ28J5QuLJuX
 gVxBUjwMW4O5UznkNC/+9tMujI2G6y3gvbSdWkupu3Hv+5LVkEJF2i+g34vJ8WIRrctr
 zUcsxyoCLTB7lA8gV4B+NEfyyEuUtpNhw/w51CDRwrBIqYpnn8J7eN22l1bcFhiEo2XI
 yTBBKX00KvbbMWrvKoJQ8MU0c/vHc/kUzckGXiV7srpo3/WBk0e/099c93i73jYlox0n
 +GEg==
X-Forwarded-Encrypted: i=1;
 AJvYcCUnV9PcTb1FNDsUGEsneFJ3i14kHp/gOzW+MmZ3hxAZCfyo9jM586Gk3w9EALwG2OdINbfwGtxWp5ak@nongnu.org
X-Gm-Message-State: AOJu0YxnlAszAoRnrg0wHX7m78wmG5iYMI+rtKelgnSvZnW5ClV8O9lo
 QSXs7G3xBEzFuW3cYZnOpSh/IRGq9MWdX6bY2RDFib7+bd3HS+4gudDZQcWMI8ogwySiO8BTegT
 wrgcfpVdrt95oHpW4k4WC7R/LIbUZqJfiIDHDBSZAMPw/4rOx9bYdkSY6
X-Gm-Gg: AZuq6aKEI7TWp59lll341kz3EI4v88weQy7dCfulblffrUGbakPWxTW7dwlUPkBUEb6
 5O5YUwL6iYm3YvGrMAyi9LTeP3rDN1poRMkRVF8/eIizYYay9HhEcjAo8Ol1RvworNTC3Og/QAO
 XHTC+HR/yyA+3DzdILkdOA8d8t9qBiPzERXQKGfaIw7IaC69zFf24WEFuvcmUAvj+kqlNuPhvQy
 CFhzWOAaSgMwZAQVCdK/2GNiMXdgjBMikY/CEsq/J+7A3ztFqersDTqD838KgPjkCOu3cP8v0n6
 QqqgXpOfDsQDlsCeNVhEziP/I48nlRKjm6sFmurZeY7pqQK/WmG034UiDYm4x4K7FBxYfkwPknL
 F4rY38Ty3UoiUm7I5TfAQOGm7n4qnUa0wxyvSxOG4SA==
X-Received: by 2002:a17:90b:57d0:b0:321:9366:5865 with SMTP id
 98e67ed59e1d1-353feda367cmr685549a91.33.1769491052474;
 Mon, 26 Jan 2026 21:17:32 -0800 (PST)
X-Received: by 2002:a17:90b:57d0:b0:321:9366:5865 with SMTP id
 98e67ed59e1d1-353feda367cmr685537a91.33.1769491052087;
 Mon, 26 Jan 2026 21:17:32 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Marcelo Tosatti <mtosatti@redhat.com>,
 Zhao Liu <zhao1.liu@intel.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 19/33] i386/sev: add notifiers only once
Date: Tue, 27 Jan 2026 10:45:47 +0530
Message-ID: <20260127051612.219475-20-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491109747158500
Content-Type: text/plain; charset="utf-8"

The various notifiers that are used needs to be installed only once not on
every initialization. This includes the vm state change notifier and others.
This change uses 'cgs->ready' flag to install the notifiers only one time,
the first time.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/sev.c | 36 +++++++++++++++++++-----------------
 1 file changed, 19 insertions(+), 17 deletions(-)

diff --git a/target/i386/sev.c b/target/i386/sev.c
index 5524e7142d..a65a924fb3 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -1920,8 +1920,9 @@ static int sev_common_kvm_init(ConfidentialGuestSuppo=
rt *cgs, Error **errp)
         return -1;
     }
=20
-    qemu_add_vm_change_state_handler(sev_vm_state_change, sev_common);
-
+    if (!cgs->ready) {
+        qemu_add_vm_change_state_handler(sev_vm_state_change, sev_common);
+    }
     cgs->ready =3D true;
=20
     return 0;
@@ -1943,22 +1944,23 @@ static int sev_kvm_init(ConfidentialGuestSupport *c=
gs, Error **errp)
         return -1;
     }
=20
-    /*
-     * SEV uses these notifiers to register/pin pages prior to guest use,
-     * but SNP relies on guest_memfd for private pages, which has its
-     * own internal mechanisms for registering/pinning private memory.
-     */
-    ram_block_notifier_add(&sev_ram_notifier);
-
-    /*
-     * The machine done notify event is used for SEV guests to get the
-     * measurement of the encrypted images. When SEV-SNP is enabled, the
-     * measurement is part of the guest attestation process where it can
-     * be collected without any reliance on the VMM. So skip registering
-     * the notifier for SNP in favor of using guest attestation instead.
-     */
-    qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
+    if (!cgs->ready) {
+        /*
+         * SEV uses these notifiers to register/pin pages prior to guest u=
se,
+         * but SNP relies on guest_memfd for private pages, which has its
+         * own internal mechanisms for registering/pinning private memory.
+         */
+        ram_block_notifier_add(&sev_ram_notifier);
=20
+        /*
+         * The machine done notify event is used for SEV guests to get the
+         * measurement of the encrypted images. When SEV-SNP is enabled, t=
he
+         * measurement is part of the guest attestation process where it c=
an
+         * be collected without any reliance on the VMM. So skip registeri=
ng
+         * the notifier for SNP in favor of using guest attestation instea=
d.
+         */
+        qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
+    }
     return 0;
 }
=20
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491099; cv=none;
	d=zohomail.com; s=zohoarc;
	b=NcFNWcv4gRkAb2Q+1BXKuB5sCqgLQKUwpl8D6oZ0MuRafoi4z0POAQp1LXk/iTRz6mwo4HV5wDDa45P2+EdsQrTanSQMbdfyB7aDBlzDU/DBA2i3WAeDhI0iYYqrdPaAx/m0CqEKhXy8rtu5wntrrk/v9FDQZz4Kzo2kG0lWFoQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491099;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=0WZvtS1qnQEpVvyt8WDpPuTWCq46G5+n4cXSJcdfvKs=;
	b=Y4uSbuX8+A5/knNQsL/YD6Am1phZkeETH8jX6oNYAJ9DkPwvHjZpFliASWA9YlNoajRVRBCKecnfUpKeCIVt6bQHMNym1V+dRnFRhSgMoY6BwK75iFAjq+BwfH/HCjhKmTCz7ZH5vGrqJeednythxW/QfhRezcx70BSrQVepg5I=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491099737628.0314088251133;
 Mon, 26 Jan 2026 21:18:19 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSb-0007TA-IM; Tue, 27 Jan 2026 00:17:54 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSP-0007Dd-MN
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:42 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSO-0008Vz-6G
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:41 -0500
Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com
 [209.85.214.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-111-JQjQrN8JP9aRqU1IJk2wPg-1; Tue, 27 Jan 2026 00:17:36 -0500
Received: by mail-pl1-f198.google.com with SMTP id
 d9443c01a7336-2a377e15716so138320395ad.3
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:36 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.32
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491059;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=0WZvtS1qnQEpVvyt8WDpPuTWCq46G5+n4cXSJcdfvKs=;
 b=QOVPUB11cOgJXa3MzZOb7BRb+2LqDEkpRhFHsRI2ZGZRytHGnwyQML9hGvol3Nl/xzYtVu
 MLkZpQbPwPgBdOCKr2b6RXtPLhdSwyZCZf5z9J67GasYmuqJ+UUvWXRuH0AxtZPVfMTW6U
 nEA2zie89w/KOvEgCiNOTIsRFKj4Gu8=
X-MC-Unique: JQjQrN8JP9aRqU1IJk2wPg-1
X-Mimecast-MFC-AGG-ID: JQjQrN8JP9aRqU1IJk2wPg_1769491056
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491055; x=1770095855; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=0WZvtS1qnQEpVvyt8WDpPuTWCq46G5+n4cXSJcdfvKs=;
 b=POu2JMdwNCRDmaZYFf8AZZx0DJzyVTUDDga50t5S4hbcKoSRInqOxlvN4glXOd4X68
 RLgoIBzj1zXDT/vssM63Opf3k0lcPgpyFuTt/DsA43WEC/fIxD+hRWGjBsa9IK8TGWVK
 NosUYjOwyY5rnx/gltPyFyxX88L1LJio5BBF/HfzygxC4XoX0zAe1FdO79Yb15EIdkJH
 1dbZz3gSeymRnl27HsqnM2xIDCVsJnRfG7n5LLEJJYNylbeNpXDjRyvZ/Dv2kKfto8N7
 EiWn1Gmke5nklA0FafKk/L6SesrmAqIorglfy8PupK8//hhmQvMSI4YPlikhwStyq7aX
 Uh8w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491055; x=1770095855;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=0WZvtS1qnQEpVvyt8WDpPuTWCq46G5+n4cXSJcdfvKs=;
 b=LhiEcVTgh0UFLNWTp8ZY/YlRB5wA93/0tAHDq05BVhJUsQDg9W9xcwpAzkcfdN7Trn
 iuhLyHXmTkwmxNQsfDrA7+gBRVmM7Aaw4Jll9V9HllQY3zD0o1LM3r5FX6OIwBw+ytUr
 Cd+Ut1am1IUEXAQKjpeKYL4yAlFolxq68HtonXB8UOuReuxXJnjF5tzx1uegZniP2hVR
 FRSK8aeJvMNYjkVSamPrzwYmZvkyyA+M48kjFpYktt3DmA98a17lePmLkKMC0b2RvsdC
 Sqg3npTy3AMeKVTdaIWM8KdmfFaCnPY4SYCfvBeq/radEpd81GqsPS+AJU33LlrzyzMe
 ASSw==
X-Forwarded-Encrypted: i=1;
 AJvYcCWFbg1xd3JElCWnW4EWjuy7HqWMrRdoXBdMxc7C0NtFLDsl6TqXz90Fe/H4BsF/d7hbb3JeY76iI8Aq@nongnu.org
X-Gm-Message-State: AOJu0YyESmrsvizycZIEbODimUmDGemXAL3xFj6lWyQggJeS2csJLrx7
 lN70zpW6VTgr0cE2VG1/hURUo0F4GNvaYOFTK3U24I8Lm5HiLBqGOu7JDDftc/RQPBJcI9JLgoO
 lpIqPUE+B/iqjrajClwbC4+gwPLxJptYKo1DKMJvlA6urDCi7KRO89QvG
X-Gm-Gg: AZuq6aKgpWu3ILjrnn8Tl3Y1kCQeR+y+oYdZTjb+NbCD2DwxbimiZDbvYpBEiBZK5oY
 1F0uGD4nlkV94bR5Wxm0sYHUaGYSoUBXTCbce/y1La43vnceu9TxzWz2dDpjktyUse8nUMcAOBS
 GotcHoMl7WjiQnkegfLo8VeKjI4Lrn+wPulBbSFK/S6Gh9lypuQ9E6AcjOzFUeqOs9ssS5xKggq
 lLyqlHpQNloTnqDq4/4T7UZdVmwPHYJr514O+QzMYbOFcMwBlfq+xDTjQ9meARBLD8tML59udqv
 vLkQRKuIABGGfrcgSNKAt9pW1h3424I+bU/SMsZGjN17WSdJmXA7jlY3IREwkIlq+bxUVOnCir+
 BdeEPkoZDUVfFV6+z/2+WyqPOhRhz+DwdXUf2B2YtEg==
X-Received: by 2002:a05:6a21:7a90:b0:384:f573:42bf with SMTP id
 adf61e73a8af0-38ec63fb1d9mr471156637.53.1769491055553;
 Mon, 26 Jan 2026 21:17:35 -0800 (PST)
X-Received: by 2002:a05:6a21:7a90:b0:384:f573:42bf with SMTP id
 adf61e73a8af0-38ec63fb1d9mr471146637.53.1769491055207;
 Mon, 26 Jan 2026 21:17:35 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Marcelo Tosatti <mtosatti@redhat.com>,
 Zhao Liu <zhao1.liu@intel.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 20/33] i386/sev: free existing launch update data and
 kernel hashes data on init
Date: Tue, 27 Jan 2026 10:45:48 +0530
Message-ID: <20260127051612.219475-21-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491101881154100
Content-Type: text/plain; charset="utf-8"

If there is existing launch update data and kernel hashes data, they need t=
o be
freed when initialization code is executed. This is important for resettable
confidential guests where the initialization happens once every reset.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/sev.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/target/i386/sev.c b/target/i386/sev.c
index a65a924fb3..d1dc0f3c1d 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -1772,6 +1772,7 @@ static int sev_common_kvm_init(ConfidentialGuestSuppo=
rt *cgs, Error **errp)
     uint32_t ebx;
     uint32_t host_cbitpos;
     struct sev_user_data_status status =3D {};
+    SevLaunchUpdateData *data, *next_elm;
     SevCommonState *sev_common =3D SEV_COMMON(cgs);
     SevCommonStateClass *klass =3D SEV_COMMON_GET_CLASS(cgs);
     X86ConfidentialGuestClass *x86_klass =3D
@@ -1779,6 +1780,11 @@ static int sev_common_kvm_init(ConfidentialGuestSupp=
ort *cgs, Error **errp)
=20
     sev_common->state =3D SEV_STATE_UNINIT;
=20
+    /* free existing launch update data if any */
+    QTAILQ_FOREACH_SAFE(data, &launch_update, next, next_elm) {
+        g_free(data);
+    }
+
     host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL);
     host_cbitpos =3D ebx & 0x3f;
=20
@@ -1968,6 +1974,8 @@ static int sev_snp_kvm_init(ConfidentialGuestSupport =
*cgs, Error **errp)
 {
     MachineState *ms =3D MACHINE(qdev_get_machine());
     X86MachineState *x86ms =3D X86_MACHINE(ms);
+    SevCommonState *sev_common =3D SEV_COMMON(cgs);
+    SevSnpGuestState *sev_snp_guest =3D SEV_SNP_GUEST(sev_common);
=20
     if (x86ms->smm =3D=3D ON_OFF_AUTO_AUTO) {
         x86ms->smm =3D ON_OFF_AUTO_OFF;
@@ -1976,6 +1984,10 @@ static int sev_snp_kvm_init(ConfidentialGuestSupport=
 *cgs, Error **errp)
         return -1;
     }
=20
+    /* free existing kernel hashes data if any */
+    g_free(sev_snp_guest->kernel_hashes_data);
+    sev_snp_guest->kernel_hashes_data =3D NULL;
+
     return 0;
 }
=20
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491297; cv=none;
	d=zohomail.com; s=zohoarc;
	b=ACzmWSDdebIp7xrknxh2IVmjNgicnusZDPmwexHcJkPi4qL4/PDMUFW/XxIfOlmFv3mAIRVU5dA6ffUg9Qsus104oRRi1kxSgVh2K9YwB5n/+PlwOkBPcZs0BcVNlYLsX8pJlbHNaazB4G5tQ6bPFsr7r9I+o1emGU739kwBiec=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491297;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=M4BnmYW2pBzdLKLKUKm7VVppCSo8wKNLqPmySN8D7FQ=;
	b=G/5SwuvwP9AIMfNQPtv365I9gswQN6CngWcX6j6IcuYDXbaq9LB/M53pRV85ohJB5xawzYIZrzXdpsdrO844F92iuPuE7dowLFxzuayfZvFCdyE9NTi2n/F6HTXJ6vdW24tJPRs7KOBEeT4C54BH9GI841DnxMTd6tEdrCyVja8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491297928628.1710936525436;
 Mon, 26 Jan 2026 21:21:37 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSa-0007SI-QA; Tue, 27 Jan 2026 00:17:53 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSS-0007If-Lr
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:45 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSQ-000083-JP
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:44 -0500
Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com
 [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-346-KxVwpz70OSqhKMdBKPAYzQ-1; Tue, 27 Jan 2026 00:17:40 -0500
Received: by mail-pl1-f200.google.com with SMTP id
 d9443c01a7336-29f2b45ecffso83297725ad.2
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:39 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.35
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491062;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=M4BnmYW2pBzdLKLKUKm7VVppCSo8wKNLqPmySN8D7FQ=;
 b=PDtSzCA9/jxsTv4aNd41U5FFJ0EGZcdf+FGjm5vZ97q4z3eji/cbDj3k+CN+JtPclgrlUJ
 SAmKt/6wJ592Xblt+8o5SQV4aBbstSymnciQOh3nKyma8l52foE8xE0Ygmp0rrEOayWrW1
 GqdKes7WBCH5+u/nb6cJdG2bKD6Vm48=
X-MC-Unique: KxVwpz70OSqhKMdBKPAYzQ-1
X-Mimecast-MFC-AGG-ID: KxVwpz70OSqhKMdBKPAYzQ_1769491059
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491059; x=1770095859; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=M4BnmYW2pBzdLKLKUKm7VVppCSo8wKNLqPmySN8D7FQ=;
 b=SgTrEfriMy2zT+XOnya3AjUCDY1arZ6K4omIsa9ACPr9TPyh0BhpeiMXoOSMbtREpU
 G4JuULsvCgWcsYUd8htbNSi6nNCzEQJvvPC22TJGWEJyT3iA1w6MTLot8aJQznmZ0UhO
 fJMcN7DyGCCoD0Ljlg3JBmkYRxz5KusRGyDN5r73woQXAsd3sqvqlUsgzXET5IHtc5kl
 BfGSQ1AsCaDONLCHogT9TxiEhYaNl9GeE2zATPkHN/kKcgsqtQGszE1p/dFlKr8Bg8tz
 ul5n1IHfUJcpIpr79fxGKCNmzaMgl0TaM0TxiQr2IA58FLUs/NnOxZD9sNv70/I92gzE
 ij3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491059; x=1770095859;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=M4BnmYW2pBzdLKLKUKm7VVppCSo8wKNLqPmySN8D7FQ=;
 b=XO720myT7LR2xiI7tD4Kafl6om5kKMnDhaCaDPZQCT/LrBs1fwJvbMYBjVUBXYUQlC
 RL+V7bf3mwW7/mTS+yMEuF/uzVP9CpLUv0mfjaqzLz2zWDu4ArMYzSw9aEo4tjkJBZWq
 xU5M3vwrl+KNUM+ezpnKPw3y2D0nx6I8ikLqkOK/RMv2YHuKUKzNJ3ajz16xEV29I8eS
 mVV7En2UDSTO/ICvSdh/Bzkeg1D1z0v1wcLIwOoEJN2A5rb31pXKFPZib4JNA9MinrIh
 LrTHJgHo4fTgGSHtDcrONdX9pGrAa8EIqqqsMdPcrKpgU1F7dO7dkzx5y/RiLBLW2l5W
 fsQg==
X-Forwarded-Encrypted: i=1;
 AJvYcCUq22qsCsguH+MzSD1I7Ijbw9ZVX1Uhu0PXmgVUh+6ftsGVvkbkft+mDkumsZBFCA387Htqe+Owqe4u@nongnu.org
X-Gm-Message-State: AOJu0YwaH8+NaSl6pm57x9XqVdOQfoOe5rYZZ58vdtcuioB3hZnCStDV
 yVv6QvjS5+Cl0c52W5bBbd/Zt41Mz8AYfkl4MfdQ0FzAXGqh3hdDZgxyumzr+mMBC6nQM59BXsH
 DiGF2qMkVGWYiJ7rDekGXaIe7cO3BHxzp+mKsDODk5fOQYCydTS1T8j2/hdg4OnmR
X-Gm-Gg: AZuq6aIoL91+FbIwRh23dka0YLi1J7AqDpk///LLkRpvhaHh/HB6HEntNIo+h47wNMM
 ZRY3WpWYtl2TiX35P1mDgL5kDxTwGBgXZgk5a5M5cmchOXzmZI9Yjde4a2HE9jTUPXFqXdTPPkO
 97KZN7sBziv0e0RpiO6PzM7ODQy4tEJbYc1nvVW3S4qr2bKGcgUZFixguTHNKz+Jy16ZT0Jl/6m
 CYTQDYAZagnGHVjzshlRVDpEH5kTs1MVrfzzQAPj4pfYRMLdCxbOMrAwtSRkXvYkW2UGidy3k+K
 MTFnAs9Bwwqj1ezJZ+vz2CHUwGkvMmXY3XQSQimsVykctHzI9300R79lIBPQ9fIooPdGZBmOylv
 st5wHPzELHIv4N4qYAlCeltQnab0STMygNaxKqen3hA==
X-Received: by 2002:a17:902:ea0d:b0:2a7:63dd:3496 with SMTP id
 d9443c01a7336-2a870dd5288mr8218945ad.46.1769491058625;
 Mon, 26 Jan 2026 21:17:38 -0800 (PST)
X-Received: by 2002:a17:902:ea0d:b0:2a7:63dd:3496 with SMTP id
 d9443c01a7336-2a870dd5288mr8218645ad.46.1769491058214;
 Mon, 26 Jan 2026 21:17:38 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Marcelo Tosatti <mtosatti@redhat.com>,
 Zhao Liu <zhao1.liu@intel.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 21/33] i386/sev: add support for confidential guest reset
Date: Tue, 27 Jan 2026 10:45:49 +0530
Message-ID: <20260127051612.219475-22-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491300574158500
Content-Type: text/plain; charset="utf-8"

When the KVM VM file descriptor changes as a part of the confidential guest
reset mechanism, it necessary to create a new confidential guest context and
re-encrypt the VM memeory. This happens for SEV-ES and SEV-SNP virtual mach=
ines
as a part of SEV_LAUNCH_FINISH, SEV_SNP_LAUNCH_FINISH operations.

A new resettable interface for SEV module has been added. A new reset callb=
ack
for the reset 'exit' state has been implemented to perform the above operat=
ions
when the VM file descriptor has changed during VM reset.

Tracepoints has been added also for tracing purpose.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/sev.c        | 58 ++++++++++++++++++++++++++++++++++++++++
 target/i386/trace-events |  1 +
 2 files changed, 59 insertions(+)

diff --git a/target/i386/sev.c b/target/i386/sev.c
index d1dc0f3c1d..a53b4696e2 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -30,8 +30,10 @@
 #include "system/kvm.h"
 #include "kvm/kvm_i386.h"
 #include "sev.h"
+#include "system/cpus.h"
 #include "system/system.h"
 #include "system/runstate.h"
+#include "system/reset.h"
 #include "trace.h"
 #include "migration/blocker.h"
 #include "qom/object.h"
@@ -85,6 +87,10 @@ typedef struct QEMU_PACKED PaddedSevHashTable {
     uint8_t padding[ROUND_UP(sizeof(SevHashTable), 16) - sizeof(SevHashTab=
le)];
 } PaddedSevHashTable;
=20
+static void sev_handle_reset(Object *obj, ResetType type);
+
+SevKernelLoaderContext sev_load_ctx =3D {};
+
 QEMU_BUILD_BUG_ON(sizeof(PaddedSevHashTable) % 16 !=3D 0);
=20
 #define SEV_INFO_BLOCK_GUID     "00f771de-1a7e-4fcb-890e-68c77e2fb44e"
@@ -128,6 +134,7 @@ struct SevCommonState {
     uint8_t build_id;
     int sev_fd;
     SevState state;
+    ResettableState reset_state;
=20
     QTAILQ_HEAD(, SevLaunchVmsa) launch_vmsa;
 };
@@ -1665,6 +1672,11 @@ sev_vm_state_change(void *opaque, bool running, RunS=
tate state)
             error_setg(&sev_mig_blocker,
                        "SEV: Migration is not implemented");
             migrate_add_blocker(&sev_mig_blocker, &error_fatal);
+            /*
+             * mark SEV guest as resettable so that we can reinitialize
+             * SEV upon reset.
+             */
+            qemu_register_resettable(OBJECT(sev_common));
         }
     }
 }
@@ -1991,6 +2003,41 @@ static int sev_snp_kvm_init(ConfidentialGuestSupport=
 *cgs, Error **errp)
     return 0;
 }
=20
+/*
+ * handle sev vm reset
+ */
+static void sev_handle_reset(Object *obj, ResetType type)
+{
+    SevCommonState *sev_common =3D SEV_COMMON(MACHINE(qdev_get_machine())-=
>cgs);
+    SevCommonStateClass *klass =3D SEV_COMMON_GET_CLASS(sev_common);
+
+    if (!sev_common) {
+        return;
+    }
+
+    if (!runstate_is_running()) {
+        return;
+    }
+
+    sev_add_kernel_loader_hashes(&sev_load_ctx, &error_fatal);
+    if (sev_es_enabled() && !sev_snp_enabled()) {
+        sev_launch_get_measure(NULL, NULL);
+    }
+    if (!sev_check_state(sev_common, SEV_STATE_RUNNING)) {
+        /* this calls sev_snp_launch_finish() etc */
+        klass->launch_finish(sev_common);
+    }
+
+    trace_sev_handle_reset();
+    return;
+}
+
+static ResettableState *sev_reset_state(Object *obj)
+{
+    SevCommonState *sev_common =3D SEV_COMMON(obj);
+    return &sev_common->reset_state;
+}
+
 int
 sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp)
 {
@@ -2469,6 +2516,8 @@ bool sev_add_kernel_loader_hashes(SevKernelLoaderCont=
ext *ctx, Error **errp)
         return false;
     }
=20
+    /* save the context here so that it can be re-used when vm is reset */
+    memcpy(&sev_load_ctx, ctx, sizeof(*ctx));
     return klass->build_kernel_loader_hashes(sev_common, area, ctx, errp);
 }
=20
@@ -2729,8 +2778,16 @@ static void
 sev_common_class_init(ObjectClass *oc, const void *data)
 {
     ConfidentialGuestSupportClass *klass =3D CONFIDENTIAL_GUEST_SUPPORT_CL=
ASS(oc);
+    ResettableClass *rc =3D RESETTABLE_CLASS(oc);
=20
     klass->kvm_init =3D sev_common_kvm_init;
+    /*
+     * the exit phase makes sure sev handles reset after all legacy resets
+     * have taken place (in the hold phase) and IGVM has also properly
+     * set up the boot state.
+     */
+    rc->phases.exit =3D sev_handle_reset;
+    rc->get_state =3D sev_reset_state;
=20
     object_class_property_add_str(oc, "sev-device",
                                   sev_common_get_sev_device,
@@ -2780,6 +2837,7 @@ static const TypeInfo sev_common_info =3D {
     .abstract =3D true,
     .interfaces =3D (const InterfaceInfo[]) {
         { TYPE_USER_CREATABLE },
+        { TYPE_RESETTABLE_INTERFACE },
         { }
     }
 };
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 51301673f0..b320f655ee 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -14,3 +14,4 @@ kvm_sev_attestation_report(const char *mnonce, const char=
 *data) "mnonce %s data
 kvm_sev_snp_launch_start(uint64_t policy, char *gosvw) "policy 0x%" PRIx64=
 " gosvw %s"
 kvm_sev_snp_launch_update(uint64_t src, uint64_t gpa, uint64_t len, const =
char *type) "src 0x%" PRIx64 " gpa 0x%" PRIx64 " len 0x%" PRIx64 " (%s page=
)"
 kvm_sev_snp_launch_finish(char *id_block, char *id_auth, char *host_data) =
"id_block %s id_auth %s host_data %s"
+sev_handle_reset(void) ""
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491142; cv=none;
	d=zohomail.com; s=zohoarc;
	b=MkGJLN8GghwgxbEFv/wbThS5e7xsuc18kCN7q0zBuGOhgp3y9bxc2GXBaBe0Qt0CyKwnY8ou9yXcUvgJOdX5xbf8qDHS3K/+vPXZcynGgpLH+Ju7YaGdCWHDNqutikh+4VHwGyxmM3522aMATEJ79ZcgKKQbG0RcZRX2NjyS4bc=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491142;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=sIxPRkcXYN+jvBabI3Le3pQDAeITVcKP3DhgLvFqdx4=;
	b=FnGoEP9Z4OEtzZJMVh6HEmTlBntdORnsgaOJhPzljskzONJZRYBXXa6HJ5jcMYN7Jwl5o+PdtP8l35AeR7Df4vBhvgziIH8ScMvpMlej2//kUNSOFD4V2p13AUKKMPzEwUPsmwODsfaS27QhL7vnXleFALO25p2XQ1xKcDyKeRo=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491142678552.9196868856939;
 Mon, 26 Jan 2026 21:19:02 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSi-0007uF-Re; Tue, 27 Jan 2026 00:18:00 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSV-0007Mc-74
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:48 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbST-0000Af-KB
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:46 -0500
Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com
 [209.85.216.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-665-1okVMy4CPvCno2vgGjQh1g-1; Tue, 27 Jan 2026 00:17:42 -0500
Received: by mail-pj1-f70.google.com with SMTP id
 98e67ed59e1d1-352b6ad49ddso3497115a91.0
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:42 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.38
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491064;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=sIxPRkcXYN+jvBabI3Le3pQDAeITVcKP3DhgLvFqdx4=;
 b=H393JED/KYpFrVeZDGd5ug1llcw70M7URa9xcFyEASf4L/8vn3Z0lC2jc7wUBVtQG3yzYO
 ggDExnmocYjkQBFhdIGb/TPZfp0PNTkC9C2Eax2CFQf20ZEaie3JByXUoOoYLg7hS4eUB1
 02o1qFoLt6x/jscssM+CtoeFiw4tnVE=
X-MC-Unique: 1okVMy4CPvCno2vgGjQh1g-1
X-Mimecast-MFC-AGG-ID: 1okVMy4CPvCno2vgGjQh1g_1769491061
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491061; x=1770095861; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=sIxPRkcXYN+jvBabI3Le3pQDAeITVcKP3DhgLvFqdx4=;
 b=YtkbWPcIgmROkVSDwHtfsQs6SlVtt0YhHx7VDv1ipv2KT60kdCVcUEZIVlCu8aJtzX
 AgVOYwAQ4TL49mDd7xUEJCaWwtmhSArXgLgl86+MMH/cvNHCFRl+uJAYc0vDjO3m788o
 NLwAuPap8PEj9X61RvPWeH0hETaDEEbRNKbU9po2YfkTGuRqX71IDJ25g7bvGreo9W+S
 pgakUcPUoSAJoEMOOjmfLBIaCLFv4FqmVzDjWWBxi6Wx/FkMuq269Azv79DG2SRa8FHk
 mGByN7iS+TbSQ5jSX8JnT8zaUmbwMCK/s04iT+t6OERjlhJS2qNb6dHPLpsJEkyrgU7b
 DnlQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491061; x=1770095861;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=sIxPRkcXYN+jvBabI3Le3pQDAeITVcKP3DhgLvFqdx4=;
 b=rASxBYfq/RDT0gH2tBlHIO8gWrrVT8Wj5XqC6LlJAhMNFSGxp1FCdkbnvTAMs5uM4n
 TXlSz0c9OO5GqnGbJgGS5qwQmvsi0QZnDAIZa/2OGJv5eQ7tfi4/sSHLQVwahbWBnVXC
 xeErRxWSqEzqD4qfs6qSmaZ8RKtpgHhGgNB3QwrozdqoSPl+TT+OPBLrZPWssjQENtYt
 Fl6fEGSbAaiZYLwzJOJW3Lq3akpnbArwS2RYneFyiXO7o32tDydDIoHtpl4TRJcAmzJh
 m/NV9LQxHteEP1w41f5/ucBsM7PYl9F/99yYh65XFGzqU6SeUP14qkS+j0PE9OT+Tpq7
 hRnQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCVK6w49trDVsHOGvLWsIt3N/5GbLbuTT4xsxE7oPaIFA2mmThodjddm+lzxhcKlPUz24nIC06P1hO2r@nongnu.org
X-Gm-Message-State: AOJu0YypgFnz0Ei+AtO/MOvIv6VebiR+vJUCPMh1qvj+PN/tdTD/As9r
 Zkm0nSEKWx1WsjAGQtuCWlwOk5hbv286WrvYNeoViLkqKpywyMSWZ+GKAVFl+77UTkBDEanko+s
 vJW6MQDXCbScoj11lSStTYNFSqmKuqoIjjcFInW1Le+eu8uzk5qh06SKH
X-Gm-Gg: AZuq6aL1tw+8zywkm+oQdx/qXai1ywdMER/mTCdvsfgYJrvhaSnqZUcrrPuKIs4ct1D
 E/+InMjh8IxdU7d3ek/cNC3RodcFgz+6jNVud6fUpC16TWnthZNimnzyuwugqPONCKK48GO8ceK
 NBZDoiPGcRyI/GpLmqP/EUduF0RLTJHDU7tc82on9efygnNr+pyYIOlTH2VgOMjzbZeK26iMAot
 W8DBlGMn7f+ZORd8agxiESjM3P6TukpH+fKKFmcNL+vlHLI6TzdayfPwoL4U040ateXyS2++SWl
 b8CyLV2UPX2GO1P5T7BeK42tPUe+Zn5n4YsFSy9QPQcSn24GmOxxLY2SlRiC/Y9jcVaTFFUyI1X
 NMV314fzz4jFGvRz4ORsLC3lYU8J2k2sI/luFTZsr8w==
X-Received: by 2002:a17:90a:d603:b0:341:abdc:8ea2 with SMTP id
 98e67ed59e1d1-353feda9712mr707852a91.37.1769491061121;
 Mon, 26 Jan 2026 21:17:41 -0800 (PST)
X-Received: by 2002:a17:90a:d603:b0:341:abdc:8ea2 with SMTP id
 98e67ed59e1d1-353feda9712mr707831a91.37.1769491060735;
 Mon, 26 Jan 2026 21:17:40 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Alex Williamson <alex@shazbot.org>,
 =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= <clg@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 22/33] hw/vfio: generate new file fd for pseudo device and
 rebind existing descriptors
Date: Tue, 27 Jan 2026 10:45:50 +0530
Message-ID: <20260127051612.219475-23-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491143952158500
Content-Type: text/plain; charset="utf-8"

Normally the vfio pseudo device file descriptor lives for the life of the V=
M.
However, when the kvm VM file descriptor changes, a new file descriptor
for the pseudo device needs to be generated against the new kvm VM descript=
or.
Other existing vfio descriptors needs to be reattached to the new pseudo de=
vice
descriptor. This change performs the above steps.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/vfio/helpers.c | 86 +++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 83 insertions(+), 3 deletions(-)

diff --git a/hw/vfio/helpers.c b/hw/vfio/helpers.c
index f68f8165d0..d467875b4b 100644
--- a/hw/vfio/helpers.c
+++ b/hw/vfio/helpers.c
@@ -110,12 +110,71 @@ bool vfio_get_info_dma_avail(struct vfio_iommu_type1_=
info *info,
 #ifdef CONFIG_KVM
 /*
  * We have a single VFIO pseudo device per KVM VM.  Once created it lives
- * for the life of the VM.  Closing the file descriptor only drops our
- * reference to it and the device's reference to kvm.  Therefore once
- * initialized, this file descriptor is only released on QEMU exit and
+ * for the life of the VM except when the vm file descriptor changes for
+ * confidential virtual machines. In that case, the old file descriptor is
+ * closed and a new file descriptor is recreated.  Closing the file descri=
ptor
+ * only drops our reference to it and the device's reference to kvm.
+ * Therefore once initialized, this file descriptor is normally only relea=
sed
+ * on QEMU exit (except for confidential VMs as stated above) and
  * we'll re-use it should another vfio device be attached before then.
  */
 int vfio_kvm_device_fd =3D -1;
+
+typedef struct KVMVfioFileFd {
+    int fd;
+    QLIST_ENTRY(KVMVfioFileFd) node;
+} KVMVfioFileFd;
+
+static QLIST_HEAD(, KVMVfioFileFd) kvm_vfio_file_fds =3D
+    QLIST_HEAD_INITIALIZER(kvm_vfio_file_fds);
+
+static int kvm_vfio_filefd_rebind(NotifierWithReturn *notifier, void *data,
+                                  Error **errp);
+static struct NotifierWithReturn kvm_vfio_vmfd_change_notifier =3D {
+    .notify =3D kvm_vfio_filefd_rebind,
+};
+
+static int kvm_vfio_filefd_rebind(NotifierWithReturn *notifier, void *data,
+                                  Error **errp)
+{
+    KVMVfioFileFd *file_fd;
+    int ret =3D 0;
+    struct kvm_device_attr attr =3D {
+        .group =3D KVM_DEV_VFIO_FILE,
+        .attr =3D KVM_DEV_VFIO_FILE_ADD,
+    };
+    struct kvm_create_device cd =3D {
+        .type =3D KVM_DEV_TYPE_VFIO,
+    };
+
+    /* we are not interested in pre vmfd change notification */
+    if (((VmfdChangeNotifier *)data)->pre) {
+        return 0;
+    }
+
+    if (kvm_vm_ioctl(kvm_state, KVM_CREATE_DEVICE, &cd)) {
+        error_setg_errno(errp, errno, "Failed to create KVM VFIO device");
+        return -errno;
+    }
+
+    if (vfio_kvm_device_fd) {
+        close(vfio_kvm_device_fd);
+    }
+
+    vfio_kvm_device_fd =3D cd.fd;
+
+    QLIST_FOREACH(file_fd, &kvm_vfio_file_fds, node) {
+        attr.addr =3D (uint64_t)(unsigned long)&file_fd->fd;
+        if (ioctl(vfio_kvm_device_fd, KVM_SET_DEVICE_ATTR, &attr)) {
+            error_setg_errno(errp, errno,
+                             "Failed to add fd %d to KVM VFIO device",
+                             file_fd->fd);
+            ret =3D -errno;
+        }
+    }
+    return ret;
+}
+
 #endif
=20
 void vfio_kvm_device_close(void)
@@ -137,6 +196,7 @@ int vfio_kvm_device_add_fd(int fd, Error **errp)
         .attr =3D KVM_DEV_VFIO_FILE_ADD,
         .addr =3D (uint64_t)(unsigned long)&fd,
     };
+    KVMVfioFileFd *file_fd;
=20
     if (!kvm_enabled()) {
         return 0;
@@ -153,6 +213,11 @@ int vfio_kvm_device_add_fd(int fd, Error **errp)
         }
=20
         vfio_kvm_device_fd =3D cd.fd;
+        /*
+         * If the vm file descriptor changes, add a notifier so that we can
+         * re-create the vfio_kvm_device_fd.
+         */
+        kvm_vmfd_add_change_notifier(&kvm_vfio_vmfd_change_notifier);
     }
=20
     if (ioctl(vfio_kvm_device_fd, KVM_SET_DEVICE_ATTR, &attr)) {
@@ -160,6 +225,11 @@ int vfio_kvm_device_add_fd(int fd, Error **errp)
                          fd);
         return -errno;
     }
+
+    file_fd =3D g_malloc0(sizeof(*file_fd));
+    file_fd->fd =3D fd;
+    QLIST_INSERT_HEAD(&kvm_vfio_file_fds, file_fd, node);
+
 #endif
     return 0;
 }
@@ -172,6 +242,7 @@ int vfio_kvm_device_del_fd(int fd, Error **errp)
         .attr =3D KVM_DEV_VFIO_FILE_DEL,
         .addr =3D (uint64_t)(unsigned long)&fd,
     };
+    KVMVfioFileFd *file_fd;
=20
     if (vfio_kvm_device_fd < 0) {
         error_setg(errp, "KVM VFIO device isn't created yet");
@@ -183,6 +254,15 @@ int vfio_kvm_device_del_fd(int fd, Error **errp)
                          "Failed to remove fd %d from KVM VFIO device", fd=
);
         return -errno;
     }
+
+    QLIST_FOREACH(file_fd, &kvm_vfio_file_fds, node) {
+        if (file_fd->fd =3D=3D fd) {
+            QLIST_REMOVE(file_fd, node);
+            g_free(file_fd);
+            break;
+        }
+    }
+
 #endif
     return 0;
 }
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491175; cv=none;
	d=zohomail.com; s=zohoarc;
	b=ICv0fiDnEvzMQ5Th1y0S0JnGpwbUO92LCWhWgRCLsOxYiq163wLMu/PgmvrXxCxwGCGLKRIjZyebDTUzHZh34MH4Kusskp0biR/MVb0199W6QthqjZ/KuAruv9n/oVnwBD7pI/fStcQC3jJuLGHj8yToQ07xfRb2wh99++8i514=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491175;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=UZjupKNTcRQ4mvrXCw54dQwnzt6+1apWExSeFIvKWxA=;
	b=naMubxnVVPT9wzW8b5p7j6fbWrAY/KzREg2N31Xm+fBkShOl2S7JYCeKQC27ZxTFyHZAY3x+OFQsbirD3cy8QdYRvi7Xe018JWhbkGRqPFjJvA0JrU1HGlh9NauIN7IfWJ5Rh1vvEuKKj1c4kixPvE8yDxlyF2bwU4tuRFebniA=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 176949117531879.64042089538736;
 Mon, 26 Jan 2026 21:19:35 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSg-0007iP-28; Tue, 27 Jan 2026 00:17:58 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSW-0007Ou-TI
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:49 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSV-0000BR-GB
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:48 -0500
Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com
 [209.85.216.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-448-xWb58dBfNzy4L0ziEGnrlA-1; Tue, 27 Jan 2026 00:17:45 -0500
Received: by mail-pj1-f70.google.com with SMTP id
 98e67ed59e1d1-34c93f0849dso4944887a91.1
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:45 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.41
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491067;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=UZjupKNTcRQ4mvrXCw54dQwnzt6+1apWExSeFIvKWxA=;
 b=CUl3y/v89PW6Zf6pjCvvmN9YJ0Xwv9o/N37pdZmJ1H1bHnA9wWpF7VJYDjtMve0pueGEGw
 Im/MB9UpBo4bJ+6gPZU34cR90HX1T+8Crkhr1vtxm4aNdN7yKIleHwCK/X5FG8wu2Jgv9n
 IKodtPreOv2HLgiG07vAVms4lHg4aHg=
X-MC-Unique: xWb58dBfNzy4L0ziEGnrlA-1
X-Mimecast-MFC-AGG-ID: xWb58dBfNzy4L0ziEGnrlA_1769491064
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491064; x=1770095864; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=UZjupKNTcRQ4mvrXCw54dQwnzt6+1apWExSeFIvKWxA=;
 b=HxoskLZWcLARmeKo7SzuRKBoXQhfrGqQT5PIRUWSZgelzkksbkToG6E8kMxDVM0z4k
 riZonRidvcR48wr0tQWdi7J/tl3+Tnw63vFDtWiFJD5H57xJfmRBeDK0q4SM2/7T1VXB
 Hkn1tydX46A7DFfV67hIb6eDdUwb7eY3r7tgLtFhkJNs+RP5HPVMV+bc57nZ3+vYac8Q
 j/qdRDdLTtNzoC0XYgmkGJTYEbiP7w8djLlFYtblfKn1nbr5xHH2UGqcgBjtwrlXYLGq
 F4UvmTgdsXMCXC4NZ1ayYWQWz609F5/9mekKJdhD6y/l6UR6hNJ0hUBRoOxJHVdnyjEG
 KdzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491064; x=1770095864;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=UZjupKNTcRQ4mvrXCw54dQwnzt6+1apWExSeFIvKWxA=;
 b=A8tgB/EI5AgL5kcWqUoCTNgtTj9g3E2hbT5YzmGH/kZM447sFC7DYPKDO5yDWPlyw6
 U9bAmW3yIyva2CCmwzUU3TlnglS0PvHZWimVVLhlXBd0okUJsYk1MsdH48KtmwCRSEaX
 nmyIhEYoOcajpoF8W2z9/TcEGzFs2iWFPPX8JQrezu/si0xNBjFjQ27rS9xcBB5zJFQ6
 jb3BeGyChNRGFJlOqGDydKI/4KB/MbIP4ZQEdnTKOK/cOJuzDEwVFGXi0dFdfqi1SH/p
 6w31LVJ9UkGvpzAjaBOMxIa3ZdSaFetx7nUFzYPj5Q7nQRG2bPBgVD3oCJuQ0JKZ1DTy
 VzUg==
X-Forwarded-Encrypted: i=1;
 AJvYcCVgsMc0H5IRkFvY1RvBlXLLxlvIDWpCwKvEm2grgzj+Cu9yOLd6wMnajn3tAN+Zj+tT19C9ilYTd9P6@nongnu.org
X-Gm-Message-State: AOJu0Yz5lhRMGPLKqPlusejL9MZ2q8vn7EcgRvUTXzdo9KnTUYhoszk4
 L8aE5+eDWIBvc9enTJGFbifc/2kMAr8BuGBN3rsic8EOEPAggW5kWH1GstDljC/BkysIFpVQTWk
 KZ7D3vvmz0+fKIGjx3aW/evO9WKf41aS36WGStDT0KJIzY6TW9qbjtMnS
X-Gm-Gg: AZuq6aJAW8F3V0Pj7Hu03f72CBn8rVkikXRiYRygU//bZO4zZ+6YXd+ypUis/FcU5un
 2AYdDBlyikioTxrn6eZVxLN/niGElsCEvaz6YxvttlubtAcUWWGDd5Cp+FpfjkHzWI27dmiiXpG
 JqIDxQty0VlvE+rksrerF+4ysyQ+bh27sgkps4qHALnFHprc27JppTgjwrOenc+JmoGFZ5+PF+Y
 qmlsWM8KkqTdMZfVfYisGyPNkI8AMi3KjSHzjlmKHIqKGtZiVqQtBEEDSICKQXnMS4AnWplD9Ww
 E+e0JX6OhhpC1CcnPHOkT9n7ZfsgN2krxpjR5DYYkPusZCYZ87inUwXweE0/TNAgry5utSNXw7U
 o+RiufsN7uXMzlyH58E5bmZ76059rFU6PujvyLIKLQQ==
X-Received: by 2002:a17:90a:d44e:b0:34a:be93:72ee with SMTP id
 98e67ed59e1d1-353ffa6128dmr392843a91.8.1769491064288;
 Mon, 26 Jan 2026 21:17:44 -0800 (PST)
X-Received: by 2002:a17:90a:d44e:b0:34a:be93:72ee with SMTP id
 98e67ed59e1d1-353ffa6128dmr392831a91.8.1769491063927;
 Mon, 26 Jan 2026 21:17:43 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>,
 "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 23/33] kvm/i8254: refactor pit initialization into a helper
Date: Tue, 27 Jan 2026 10:45:51 +0530
Message-ID: <20260127051612.219475-24-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491176791154100
Content-Type: text/plain; charset="utf-8"

The initialization code will be used again by VM file descriptor change
notifier callback in a subsequent change. So refactor common code into a new
helper function.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/kvm/i8254.c | 68 +++++++++++++++++++++++++--------------------
 1 file changed, 38 insertions(+), 30 deletions(-)

diff --git a/hw/i386/kvm/i8254.c b/hw/i386/kvm/i8254.c
index 81e742f866..255047458a 100644
--- a/hw/i386/kvm/i8254.c
+++ b/hw/i386/kvm/i8254.c
@@ -60,6 +60,43 @@ struct KVMPITClass {
     DeviceRealize parent_realize;
 };
=20
+static void do_pit_initialize(KVMPITState *s, Error **errp)
+{
+    struct kvm_pit_config config =3D {
+        .flags =3D 0,
+    };
+    int ret;
+
+    ret =3D kvm_vm_ioctl(kvm_state, KVM_CREATE_PIT2, &config);
+    if (ret < 0) {
+        error_setg(errp, "Create kernel PIC irqchip failed: %s",
+                   strerror(-ret));
+        return;
+    }
+    switch (s->lost_tick_policy) {
+    case LOST_TICK_POLICY_DELAY:
+        break; /* enabled by default */
+    case LOST_TICK_POLICY_DISCARD:
+        if (kvm_check_extension(kvm_state, KVM_CAP_REINJECT_CONTROL)) {
+            struct kvm_reinject_control control =3D { .pit_reinject =3D 0 =
};
+
+            ret =3D kvm_vm_ioctl(kvm_state, KVM_REINJECT_CONTROL, &control=
);
+            if (ret < 0) {
+                error_setg(errp,
+                           "Can't disable in-kernel PIT reinjection: %s",
+                           strerror(-ret));
+                return;
+            }
+        }
+        break;
+    default:
+        error_setg(errp, "Lost tick policy not supported.");
+        return;
+    }
+
+    return;
+}
+
 static void kvm_pit_update_clock_offset(KVMPITState *s)
 {
     int64_t offset, clock_offset;
@@ -241,42 +278,13 @@ static void kvm_pit_realizefn(DeviceState *dev, Error=
 **errp)
     PITCommonState *pit =3D PIT_COMMON(dev);
     KVMPITClass *kpc =3D KVM_PIT_GET_CLASS(dev);
     KVMPITState *s =3D KVM_PIT(pit);
-    struct kvm_pit_config config =3D {
-        .flags =3D 0,
-    };
-    int ret;
=20
     if (!kvm_check_extension(kvm_state, KVM_CAP_PIT_STATE2) ||
         !kvm_check_extension(kvm_state, KVM_CAP_PIT2)) {
         error_setg(errp, "In-kernel PIT not available");
     }
=20
-    ret =3D kvm_vm_ioctl(kvm_state, KVM_CREATE_PIT2, &config);
-    if (ret < 0) {
-        error_setg(errp, "Create kernel PIC irqchip failed: %s",
-                   strerror(-ret));
-        return;
-    }
-    switch (s->lost_tick_policy) {
-    case LOST_TICK_POLICY_DELAY:
-        break; /* enabled by default */
-    case LOST_TICK_POLICY_DISCARD:
-        if (kvm_check_extension(kvm_state, KVM_CAP_REINJECT_CONTROL)) {
-            struct kvm_reinject_control control =3D { .pit_reinject =3D 0 =
};
-
-            ret =3D kvm_vm_ioctl(kvm_state, KVM_REINJECT_CONTROL, &control=
);
-            if (ret < 0) {
-                error_setg(errp,
-                           "Can't disable in-kernel PIT reinjection: %s",
-                           strerror(-ret));
-                return;
-            }
-        }
-        break;
-    default:
-        error_setg(errp, "Lost tick policy not supported.");
-        return;
-    }
+    do_pit_initialize(s, errp);
=20
     memory_region_init_io(&pit->ioports, OBJECT(dev), NULL, NULL, "kvm-pit=
", 4);
=20
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491214; cv=none;
	d=zohomail.com; s=zohoarc;
	b=IDgEW0DbRjPxZjGe6yeqN1NXMydqCWo1U5fx9kzHVkZbQBonjbd7GTiPOUGti9VvIdbLwG9NlhmxAD0ZTuxoIQA6eZ3TADOqgCJ36L/gToN5ROhryqcthWxbFWgOxn3Wso1d8WpTASW60oOs0O+qDFDpBWWBKJx3rG6yRReZWpw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491214;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=1g88IOaonMf2X9NU0RqGLSr/HucXkWAA/ZJSr/I4RfE=;
	b=eKcgd5V/aDxRidtqW+y4PPSg1GGEgvnUNAIthDRixHSgH+nysLIAm+6JX1Fy/zXSofY5bVXCSdUT32EATe80rM1feI77SGM7raN2k8KByFW9GQvpKF+3N6Lm+Ru6L759G5mirRuJAwZhZ/sNPB96gtiE2uxm1mtlqt0mMmWYmkg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491214438612.7022288606764;
 Mon, 26 Jan 2026 21:20:14 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSi-0007va-Vo; Tue, 27 Jan 2026 00:18:01 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSa-0007TP-Cm
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:52 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSZ-0000DG-1i
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:52 -0500
Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com
 [209.85.214.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-468-Nsv-h03JOLC7gzDZ_NYghg-1; Tue, 27 Jan 2026 00:17:48 -0500
Received: by mail-pl1-f198.google.com with SMTP id
 d9443c01a7336-2a0bb1192cbso42909495ad.1
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:48 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.44
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491070;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=1g88IOaonMf2X9NU0RqGLSr/HucXkWAA/ZJSr/I4RfE=;
 b=FJoDTzI/ahFhm7Ib7bIcR9foDhn2hVXn2X3jS0mJ6Uq8iRB2m30Oa2U//BLEomQfOV9icw
 HlHn2/TyDKzSy5ZLLyPXFSF2oQo/qKiGi0nciRFj318J7uyfRZh0qTrF+ZtBRZn11+t7C+
 ARn55Ri3ujgYEF2sCSqpqErlVubJIz0=
X-MC-Unique: Nsv-h03JOLC7gzDZ_NYghg-1
X-Mimecast-MFC-AGG-ID: Nsv-h03JOLC7gzDZ_NYghg_1769491068
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491067; x=1770095867; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=1g88IOaonMf2X9NU0RqGLSr/HucXkWAA/ZJSr/I4RfE=;
 b=ZpWCDt8O77akmlVRHmFKv9y1xJjtNBmILN+mbRO2M2oMQQR60H8DqCGTdIEoTwafcg
 DEGjrrdsPObWYvuWGe2eP5b8VkYcUt7K9jWNMK4rNsTaUVoFxRWn7xMnwbG/NF3/UEs+
 ZObStKFKuD/DeRIq1geDRkh0OGdKc/6YfiQfA2NEBT6r9e8ut9pNBId2zKVxesKeQ0T+
 5VIJIHduX2vgTLxDVbdVouR4JjEbzcXSUWi1m253DQoLOdOeP56rWUxkgWPpIImtw0a8
 QiANVWtgEr8dovux99QnpIW6W2CRRdTXUXRDOXsTix5MDkXDdQwX9IAHHJ0fq/1YpnJG
 u2dg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491067; x=1770095867;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=1g88IOaonMf2X9NU0RqGLSr/HucXkWAA/ZJSr/I4RfE=;
 b=H0gXys+EERFO2btM6X9uK7WW47BSviA7wVdldxWQxIOfOx4D1e1o8LUmjxu3j2iFT4
 NQjmBizLldf1PLzpjg2eYbXzM2+Q0tDDSA3NxOM/zoXq7cD5BDH4HzyJdnStyZUNXIOB
 3z4d0RaZkcmmsQ5dY0GS/zJske/BAiYS8oUt3PGey7hbX22G34Q6RGO9YEDNoFy1kQia
 zTAc+//IfJcFojTa/4oRf6v+mnKL+oM9ONakUJQ49ex+0cj8YmWgi5Tj+iR/nfCziJEi
 sWUzRgUxOnKwBph4v/FY8b5v8O1OTLRI04JQb9s0/3iSuI8uBOpk/KUf6x5U9oKHxw2/
 BiZA==
X-Forwarded-Encrypted: i=1;
 AJvYcCUxAM8Vsl+lRrCpO4/kqcAgtO6m4KsaukjcmLf8rUrtpr2dxlm7xPyolGgkBjx2fEdbh7/8vjFJjxji@nongnu.org
X-Gm-Message-State: AOJu0YxivdcO1Fll1Gz7rx8IAKAdluMa+S62u/jAgjQXNAorxn9YS4Ky
 wOYO03Tr8VO+JwJGFbL+vpKd7SZEBu2Xrq/KujA1wERuM+/wG+OvIWRzjCb+TI9BB0buYaaz1VS
 XqSuOYvseUPcY+mL3ziqkRq+JpnmyThtcaDAGzk6AKYARwgSNWfOR5pE3
X-Gm-Gg: AZuq6aLhLRffXf/o3L/1fGYzDJfFcJdiGIP81tasdk+01VnW1ecDQ7JLn6DpTf8xqNG
 3yy5O9/isv6WSK3/34FIXEC+7dUHpNiMFUqi6On2Hwe0xCVJcPztDWzaIeFBcFcjq1qhSyy5R7N
 gFHb4TwW85i2AmgTlJ6BXzPpQIM9QuhtmbpxIKVDgKE2/wl2RG767mElj2uHZP1hvdGA+laQLXH
 2nSUjhdBkCOEpAiyTAB8YyHv9TGJi6ipw6HstzPPeP5tFUdlhIAkh3NVbrDRrmKgx5d5V920XBM
 hgTiQSAcVXT7Ge9os5VqAF96GAN7Q07LLfHkzJVUABCMreyPOTXdenhxVkBZ+wvi6wVP5wKN2Dz
 nUan9ZYjHTv7wyAnm1qjf6tPGQ/F2lPIUDHTF8FUWiQ==
X-Received: by 2002:a17:903:40cc:b0:2a0:f0e5:3f5c with SMTP id
 d9443c01a7336-2a870dc6deemr5356975ad.34.1769491067517;
 Mon, 26 Jan 2026 21:17:47 -0800 (PST)
X-Received: by 2002:a17:903:40cc:b0:2a0:f0e5:3f5c with SMTP id
 d9443c01a7336-2a870dc6deemr5356795ad.34.1769491067129;
 Mon, 26 Jan 2026 21:17:47 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>,
 "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 24/33] kvm/i8254: add support for confidential guest reset
Date: Tue, 27 Jan 2026 10:45:52 +0530
Message-ID: <20260127051612.219475-25-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491216133158500
Content-Type: text/plain; charset="utf-8"

A confidential guest reset involves closing the old virtual machine KVM file
descriptor and opening a new one. Since its a new KVM fd, PIT needs to be
reinitialized again. This is done with the help of a notifier which is invo=
ked
upon KVM vm file desciptor change during confidential guest reset process.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/kvm/i8254.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/hw/i386/kvm/i8254.c b/hw/i386/kvm/i8254.c
index 255047458a..a754de0c8d 100644
--- a/hw/i386/kvm/i8254.c
+++ b/hw/i386/kvm/i8254.c
@@ -52,6 +52,8 @@ struct KVMPITState {
     LostTickPolicy lost_tick_policy;
     bool vm_stopped;
     int64_t kernel_clock_offset;
+
+    NotifierWithReturn kvmpit_vmfd_change_notifier;
 };
=20
 struct KVMPITClass {
@@ -203,6 +205,21 @@ static void kvm_pit_put(PITCommonState *pit)
     }
 }
=20
+static int kvmpit_post_vmfd_change(NotifierWithReturn *notifier,
+                                   void *data, Error** errp)
+{
+    KVMPITState *s =3D container_of(notifier, KVMPITState,
+                                  kvmpit_vmfd_change_notifier);
+
+    /* we are not interested in pre vmfd change notification */
+    if (((VmfdChangeNotifier *)data)->pre) {
+        return 0;
+    }
+
+    do_pit_initialize(s, errp);
+    return 0;
+}
+
 static void kvm_pit_set_gate(PITCommonState *s, PITChannelState *sc, int v=
al)
 {
     kvm_pit_get(s);
@@ -292,6 +309,9 @@ static void kvm_pit_realizefn(DeviceState *dev, Error *=
*errp)
=20
     qemu_add_vm_change_state_handler(kvm_pit_vm_state_change, s);
=20
+    s->kvmpit_vmfd_change_notifier.notify =3D kvmpit_post_vmfd_change;
+    kvm_vmfd_add_change_notifier(&s->kvmpit_vmfd_change_notifier);
+
     kpc->parent_realize(dev, errp);
 }
=20
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491209; cv=none;
	d=zohomail.com; s=zohoarc;
	b=fyuEyHAlNxHHfydSLHcGJjRR6MNHndOzexe+d1cAAAjjQst34QngpIF8/EXCuVHHM6l9Ln18qfz7W+Xf4fclM2olivmIkqASOmhQFLjmanFxXYJJqhFyGZvcmaQ2wv8H/ukH57ITSsui3Jbf92EQ3sH2rsBz+xWUN0mlgm7BbKs=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491209;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=5C6sP8bU1zvxuy85CHu7c4a3R3EcqLaWP1a8seyGArg=;
	b=WLlajdwc8xazkHRKRKzk6/QaE0d504BeMTNUm55l921tVRs0BwE6J7yYfLnujqydgLKj20tAdCrjcVPi744LEvzMgWTBYXdtoY0d9tBvG+0R5IkR/4st+frBojBg8uqLjalGbRoKpQ+mTyaDK3sI2PL2B1Khi0INAZuzGNBzVyw=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491209764709.2850311706496;
 Mon, 26 Jan 2026 21:20:09 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSg-0007jO-Sk; Tue, 27 Jan 2026 00:17:59 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSc-0007eJ-Uf
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:55 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSb-0000EJ-GR
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:54 -0500
Received: from mail-pj1-f71.google.com (mail-pj1-f71.google.com
 [209.85.216.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-153-v5ytG9K5MiewOoq2QYRnwA-1; Tue, 27 Jan 2026 00:17:50 -0500
Received: by mail-pj1-f71.google.com with SMTP id
 98e67ed59e1d1-34cc8bf226cso5352438a91.3
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:50 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.47
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491072;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=5C6sP8bU1zvxuy85CHu7c4a3R3EcqLaWP1a8seyGArg=;
 b=NveRxP23Idl1lUvOxb/vwfpuvrN5y7SalcEGMCquZNaoFW0Sv1+7EgHRyLVrnhojrnASCW
 7gHY3cEw1Wm+cw7076E91LUmbfisneh2AlruMkL+Ss5jtSNFYvnwtFzDZ0v/DdelXpJXKc
 RWB9ZbjjRieGBpw7d5Gzy+rodoktYzs=
X-MC-Unique: v5ytG9K5MiewOoq2QYRnwA-1
X-Mimecast-MFC-AGG-ID: v5ytG9K5MiewOoq2QYRnwA_1769491070
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491070; x=1770095870; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=5C6sP8bU1zvxuy85CHu7c4a3R3EcqLaWP1a8seyGArg=;
 b=E9LOKJLJkoTu2lID+iEM8RV94Tf4dAjWgMYWMfbUr8/2zndAWPdxfl8Lo3eaAOo8NF
 4G4saEsuUtDS0qbeJWP+boyz2cUNV8zxfPmTO4iC7cmUQLrICld4kHUgkiLKRi3avBfp
 gZhHg89QQDHOrAG2ZwcFz0id89gT+hKPesvaubfX+Vngp24Zvz6L/9hFcFVBB4/mnYxj
 I8NdAcVpkKm4u/3y2u1FtZtl9FvbmCWgVs6vX7D8mpizAzQdHmHUTPuNv7Hb8xfRYlIZ
 1JygxO8HAYTieQGIcGNcKAShNdO+VVS8PqkXr0+Q+KL4QiVusemkI19DPma2RiwhBDC+
 LVwQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491070; x=1770095870;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=5C6sP8bU1zvxuy85CHu7c4a3R3EcqLaWP1a8seyGArg=;
 b=ESzYONa6eosH2jEIhmKkNMVGZfnJLe5PnA8FbftYbRbCvwLJcAM6LEpyZ9uJk/0ICk
 Y3CMjJ37V8c15RjsbvB+taaMLQkgzEgjZNJsyJ4K4r+FKAuztZ9RJ2d2PI+JBHZLZk1n
 XUvYtCUMcd2o7hkNegMoULO4jrROoM3qCfvMsB+ACUKFGk8yaLC4gPeJG8qBsQe0AXml
 GOVbi2M+i9w//suxxrndfNvLrAfyUhrLpUO75E0JrRWqwJn2+IbVXxIfmoDXX0o4STct
 UB+4p08LE1X23MreCv1JQsKDvV9fm1h4WvwxY0Ze4Lj7Yuz2l+azAaSQjLbQW8Oh1zUT
 GeFQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCUvS+FSoXAoKeyj+2qFJa0HSsuWUBvYIKTZvtN6wnWeC2OwQaNSi46Q2sQ+lhO2w4P3VbvHjGwlyqG8@nongnu.org
X-Gm-Message-State: AOJu0YztzpqBMx1//T5OSjgHsMnY+yFnwysaTR/DEHKV6Ig0YreQLKoT
 A77cOdF85ZzOSoeB8Fj8Zyh6cmbB8qEBQg8Nv8gFT8gXjkSy1j07t4MH5+/+cNUe0zqY+sjtRFs
 f/TFAIuiEkRwgOkbUzpBhyyrhfp/2k8qrK0Tb+JmvDHK310a8dBlbi3ce
X-Gm-Gg: AZuq6aJ3ApPuMYUmVjX0O7jgNELKDXi38So47vv1+slyySy3KVTPcvjsoyahKa7YL2u
 IGT/9SG4z0m8kDe0fFts1FetXS20bFqbf4EHh9QCHly4LcM6Y1yo3S5pfrHXJFYwK13V2us2hQK
 7+XeXl29POVH1YAChPU8Cky+KoaUI0qZNaY2WVVbBwUSYv68DXngbpHiMx8sRMySzFRGRRIjFiA
 0SkW0ox7uFOQvsqapAQM/OZFgh4GLqBG7BkY1IK/9WjcO84Fds0pR2YVuiZrQ9MJMgN+eQhJTYU
 JGvzxDRKEO2cGS0kXqsUqegaJ+j9wA9LnFWBwQIZMsy3dLSOPZTw/d1yNiR2MfW48sUwp+iriAL
 Wxux0lJPmfu4kBaPqUPICyPyzbq1XLVoeSkm34kdOog==
X-Received: by 2002:a17:90b:1e51:b0:32e:749d:fcb7 with SMTP id
 98e67ed59e1d1-353fecdb174mr760701a91.13.1769491069756;
 Mon, 26 Jan 2026 21:17:49 -0800 (PST)
X-Received: by 2002:a17:90b:1e51:b0:32e:749d:fcb7 with SMTP id
 98e67ed59e1d1-353fecdb174mr760679a91.13.1769491069377;
 Mon, 26 Jan 2026 21:17:49 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: "Maciej S. Szmigiero" <maciej.szmigiero@oracle.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 25/33] hw/hyperv/vmbus: add support for confidential guest
 reset
Date: Tue, 27 Jan 2026 10:45:53 +0530
Message-ID: <20260127051612.219475-26-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491212229158500
Content-Type: text/plain; charset="utf-8"

On confidential guests when the KVM virtual machine file descriptor changes=
 as
a part of the reset process, event file descriptors needs to be reassociated
with the new KVM VM file descriptor. This is achieved with the help of a
callback handler that gets called when KVM VM file descriptor changes during
the confidential guest reset process.

This patch is untested on confidential guests and only exists for completen=
ess.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/hyperv/vmbus.c | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/hw/hyperv/vmbus.c b/hw/hyperv/vmbus.c
index c5bab5d245..ff1b6f805c 100644
--- a/hw/hyperv/vmbus.c
+++ b/hw/hyperv/vmbus.c
@@ -20,6 +20,7 @@
 #include "hw/hyperv/vmbus-bridge.h"
 #include "hw/core/sysbus.h"
 #include "exec/cpu-common.h"
+#include "system/kvm.h"
 #include "exec/target_page.h"
 #include "trace.h"
=20
@@ -248,6 +249,12 @@ struct VMBus {
      * interrupt page
      */
     EventNotifier notifier;
+
+    /*
+     * Notifier to inform when vmfd is changed as a part of confidential g=
uest
+     * reset mechanism.
+     */
+    NotifierWithReturn vmbus_vmfd_change_notifier;
 };
=20
 static bool gpadl_full(VMBusGpadl *gpadl)
@@ -2347,6 +2354,32 @@ static void vmbus_dev_unrealize(DeviceState *dev)
     free_channels(vdev);
 }
=20
+/*
+ * If the KVM fd changes because of VM reset in confidential guests,
+ * reassociate event fd with the new KVM fd.
+ */
+static int vmbus_handle_vmfd_change(NotifierWithReturn *notifier,
+                                    void *data, Error** errp)
+{
+    VMBus *vmbus =3D container_of(notifier, VMBus,
+                                vmbus_vmfd_change_notifier);
+    int ret =3D 0;
+
+    /* we are not interested in pre vmfd change notification */
+    if (((VmfdChangeNotifier *)data)->pre) {
+        return 0;
+    }
+
+    ret =3D hyperv_set_event_flag_handler(VMBUS_EVENT_CONNECTION_ID,
+                                            &vmbus->notifier);
+    /* if we are only using userland event handler, it may already exist */
+    if (ret !=3D 0 && ret !=3D -EEXIST) {
+        error_setg(errp, "hyperv set event handler failed with %d", ret);
+    }
+
+    return ret;
+}
+
 static const Property vmbus_dev_props[] =3D {
     DEFINE_PROP_UUID("instanceid", VMBusDevice, instanceid),
 };
@@ -2429,6 +2462,9 @@ static void vmbus_realize(BusState *bus, Error **errp)
         goto clear_event_notifier;
     }
=20
+    vmbus->vmbus_vmfd_change_notifier.notify =3D vmbus_handle_vmfd_change;
+    kvm_vmfd_add_change_notifier(&vmbus->vmbus_vmfd_change_notifier);
+
     return;
=20
 clear_event_notifier:
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491151; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Ej64I12heRnBNduqmCKKnQaa3Au46VLHLH0xQ8LzbTzUY8rF6Qg8i9rk073rpIAvuvABZbPQGZDfPMPWgwrcBCd5fvYIKhvey0flYCN1Kinr6GvgS9ZDLSK3heyvU1LBzYXYrLnnBqTQKvxfw6XM+ra5TN7uOE49LcRKJ/w7Uik=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491151;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=Lc7U1GbS1JHxjc6G1Vv9nRCpYH775c/aB7pSkgG/wFs=;
	b=cyy89OxnBPI5eFNTYRhn3OxOchtCEbEyws34GM10fZIk0iDujEYcISXIC5YIniclT01d3RI6YYVSePkr3WQPEQzjWyoiFJ83lkA9zFipIOigE5PtlpfUIF0C57btAY28H4qpcGZ6BaSyKKzFR5rWn7S243Dy3a+oaxfy2lhvn4g=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491151026713.1307819664185;
 Mon, 26 Jan 2026 21:19:11 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSl-0008B1-FN; Tue, 27 Jan 2026 00:18:03 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSf-0007jS-RI
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:58 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSe-0000Ea-B4
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:17:57 -0500
Received: from mail-pj1-f69.google.com (mail-pj1-f69.google.com
 [209.85.216.69]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-267-x9q18ft6Md2afHkON6kzHQ-1; Tue, 27 Jan 2026 00:17:54 -0500
Received: by mail-pj1-f69.google.com with SMTP id
 98e67ed59e1d1-34c704d5d15so9695569a91.1
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:53 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.49
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491075;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=Lc7U1GbS1JHxjc6G1Vv9nRCpYH775c/aB7pSkgG/wFs=;
 b=OBdsiD2dgxJ2fSI7pct5bGF79ZKLhUmZB1RAJhbkoaOwFeTT6Avv8GUjdbgywa34WQRSqZ
 I0cbwRyB/+30/3ClEj2tc+cMXMrCoY6IvXWGd9Tg8SQi8YjsqA/0q00rYC/L3wl9ftDa8c
 STzD8BOT7BKb6T4cgB7Bfbe8k8lvAMk=
X-MC-Unique: x9q18ft6Md2afHkON6kzHQ-1
X-Mimecast-MFC-AGG-ID: x9q18ft6Md2afHkON6kzHQ_1769491073
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491073; x=1770095873; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=Lc7U1GbS1JHxjc6G1Vv9nRCpYH775c/aB7pSkgG/wFs=;
 b=nQ37MzL66njkc4JO6PEyndBuA/9tfuQoVyMTVQZDXSJ65PfnzHXOSxEhbeCjt2a3Qs
 4qAoZlhfOzVcvJoVxS4gS8RRZsudoTDoviF/5jat9SqVBx8q6qKtUGj+BspTeMTRfvfj
 aiwg/Z2FtpMp1h2V1VH8t3PVVnmXKZJ2H3x89AMpSaS7T/bbZzs8iq/y6UlR5jup+MP4
 vCiO/TlaUTlw4NzuGktr+esbiA8sfYc3imk/GCqHPJMANsdAB3nlhGrnIkXYb8sPosEu
 t3Hfo2i8wv5ZjgA0S9RGZSpFfctxyOlMV2DfHLfcf7g0hT9Vu8ek6wJyQ3bovBWNf7PC
 UxAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491073; x=1770095873;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=Lc7U1GbS1JHxjc6G1Vv9nRCpYH775c/aB7pSkgG/wFs=;
 b=YsjisGFCp3IuYdHtNG0qLWBjLsParEH39tRhvQcM2vjLiFW2YqybGADvNtziKXvA18
 649tuC9V/h6MBUD7rI5eHh0xTcvk0TFPoepB9YYhO7W5SLyMY5S4DGYhRJT7Pn2IxPfu
 d/D5DsVqGQWItFarhF8sbOWoihFQCinoesAU++2ETqQtvLVzBnqK46OideMj0Aq5d1sY
 /UippwDKCqMkWyKzkyCb91Y8M47824qGcnyr/MSnD55fWcWvIpqBRRuWxiBGKCXOd7nA
 polmCSUB8Unh4+ll0wuW+etAvpcByU4Q9cXgHigS+Qdc3UpFTL8k9LstX48Ny33GzYCn
 Kt1Q==
X-Forwarded-Encrypted: i=1;
 AJvYcCUMfa/EQw4w7Df49fq8ieTh3ZhG5g2PZaKjvZFlNfPkUq43WfeBIi33iW98b6FGnppAuQqt/3DnidWd@nongnu.org
X-Gm-Message-State: AOJu0YyMf+UQw6e1vAPox24zwOVrkGLRNKFvLTBSLb3Q61jziLsht6a9
 nl4yTej6/BIDySFLThwyBo7lO+p1uT3KMxWIulGTSFkTjRP/ktuyB0ygwR4oaVQSVanaEx45c/c
 oAhVLQj+OQxDR9kmYhB6sSlZ50xq8xVZh+6kljb1pQQJqZwpljg0gEYv8
X-Gm-Gg: AZuq6aLJocv+WsJXxoxgfRuOvCF4V+wp7CO/JsrQz+9TtwqzgSA9ConUOq95EsDLI0E
 mPI4KIncTm/Wemg1Sa2KdDVaJJuc9esawLhM4xURiP56bUhkf9xe+UV4G7vA21CJRokR/pt6L5G
 fKAOZqE5ahgOLGq6Ro5/oYxGOJ7rApWV3oAoTE+884DIp9No0KSzSlzDZEQDGexDeEOr/jcL3Cz
 /Pm7I6AePyZ1fhMr8gIn0792fqqNH0U6Q5XPapzxSQCG/AE8M7cSuyT9jzvnZfKdz+M9XnnHjq5
 3h8yJHdcQN2sm1OTYbH31dN/4aSVSu1vReUKH+vbaLymLpeUmzTVXXuHieV07MOhD+JnMTOBRm3
 o5/jFduldWVxg4pQKHyG2xYK5VpGy04CEa0WLY5hHQQ==
X-Received: by 2002:a17:90b:1a86:b0:340:776d:f4ca with SMTP id
 98e67ed59e1d1-353fed9c9f9mr708731a91.26.1769491072932;
 Mon, 26 Jan 2026 21:17:52 -0800 (PST)
X-Received: by 2002:a17:90b:1a86:b0:340:776d:f4ca with SMTP id
 98e67ed59e1d1-353fed9c9f9mr708718a91.26.1769491072587;
 Mon, 26 Jan 2026 21:17:52 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>,
 Paolo Bonzini <pbonzini@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 26/33] kvm/xen-emu: re-initialize capabilities during
 confidential guest reset
Date: Tue, 27 Jan 2026 10:45:54 +0530
Message-ID: <20260127051612.219475-27-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491152117158500
Content-Type: text/plain; charset="utf-8"

On confidential guests KVM virtual machine file descriptor changes as a
part of the guest reset process. Xen capabilities needs to be re-initialize=
d in
KVM against the new file descriptor.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 target/i386/kvm/xen-emu.c | 50 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 48 insertions(+), 2 deletions(-)

diff --git a/target/i386/kvm/xen-emu.c b/target/i386/kvm/xen-emu.c
index 52de019834..69527145eb 100644
--- a/target/i386/kvm/xen-emu.c
+++ b/target/i386/kvm/xen-emu.c
@@ -44,9 +44,12 @@
=20
 #include "xen-compat.h"
=20
+NotifierWithReturn xen_vmfd_change_notifier;
+static bool hyperv_enabled;
 static void xen_vcpu_singleshot_timer_event(void *opaque);
 static void xen_vcpu_periodic_timer_event(void *opaque);
 static int vcpuop_stop_singleshot_timer(CPUState *cs);
+static int do_initialize_xen_caps(KVMState *s, uint32_t hypercall_msr);
=20
 #ifdef TARGET_X86_64
 #define hypercall_compat32(longmode) (!(longmode))
@@ -54,6 +57,30 @@ static int vcpuop_stop_singleshot_timer(CPUState *cs);
 #define hypercall_compat32(longmode) (false)
 #endif
=20
+static int xen_handle_vmfd_change(NotifierWithReturn *n,
+                                  void *data, Error** errp)
+{
+    int ret;
+
+    /* we are not interested in pre vmfd change notification */
+    if (((VmfdChangeNotifier *)data)->pre) {
+        return 0;
+    }
+
+    ret =3D do_initialize_xen_caps(kvm_state, XEN_HYPERCALL_MSR);
+    if (ret < 0) {
+        return ret;
+    }
+
+    if (hyperv_enabled) {
+        ret =3D do_initialize_xen_caps(kvm_state, XEN_HYPERCALL_MSR_HYPERV=
);
+        if (ret < 0) {
+            return ret;
+        }
+    }
+    return 0;
+}
+
 static bool kvm_gva_to_gpa(CPUState *cs, uint64_t gva, uint64_t *gpa,
                            size_t *len, bool is_write)
 {
@@ -111,15 +138,16 @@ static inline int kvm_copy_to_gva(CPUState *cs, uint6=
4_t gva, void *buf,
     return kvm_gva_rw(cs, gva, buf, sz, true);
 }
=20
-int kvm_xen_init(KVMState *s, uint32_t hypercall_msr)
+static int do_initialize_xen_caps(KVMState *s, uint32_t hypercall_msr)
 {
+    int xen_caps, ret;
     const int required_caps =3D KVM_XEN_HVM_CONFIG_HYPERCALL_MSR |
         KVM_XEN_HVM_CONFIG_INTERCEPT_HCALL | KVM_XEN_HVM_CONFIG_SHARED_INF=
O;
+
     struct kvm_xen_hvm_config cfg =3D {
         .msr =3D hypercall_msr,
         .flags =3D KVM_XEN_HVM_CONFIG_INTERCEPT_HCALL,
     };
-    int xen_caps, ret;
=20
     xen_caps =3D kvm_check_extension(s, KVM_CAP_XEN_HVM);
     if (required_caps & ~xen_caps) {
@@ -143,6 +171,21 @@ int kvm_xen_init(KVMState *s, uint32_t hypercall_msr)
                      strerror(-ret));
         return ret;
     }
+    return xen_caps;
+}
+
+int kvm_xen_init(KVMState *s, uint32_t hypercall_msr)
+{
+    int xen_caps;
+
+    xen_caps =3D do_initialize_xen_caps(s, hypercall_msr);
+    if (xen_caps < 0) {
+        return xen_caps;
+    }
+
+    if (!hyperv_enabled && (hypercall_msr =3D=3D XEN_HYPERCALL_MSR_HYPERV)=
) {
+        hyperv_enabled =3D true;
+    }
=20
     /* If called a second time, don't repeat the rest of the setup. */
     if (s->xen_caps) {
@@ -185,6 +228,9 @@ int kvm_xen_init(KVMState *s, uint32_t hypercall_msr)
     xen_primary_console_reset();
     xen_xenstore_reset();
=20
+    xen_vmfd_change_notifier.notify =3D xen_handle_vmfd_change;
+    kvm_vmfd_add_change_notifier(&xen_vmfd_change_notifier);
+
     return 0;
 }
=20
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491319; cv=none;
	d=zohomail.com; s=zohoarc;
	b=d3Xj0LB4BBTvXUREaFvZT6w6VsTs0UWIDdy1gWX+YwZHeHbMPEImRA+KLL81Vp83XvjCRt1W/Z2R8EDfQ6zW4CMuR8JLafZvJWYkyrlUGq8x0OWu4rLgA5AffKdqMk8XjD6/Ip5eVjYLcatEhImmJ8LKEizc9V0OpCdGyupk2KA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491319;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=MJe0SvEr1kOlUoBq6W2ESJltt4iwlZL4Id0CQflQPnk=;
	b=HO11eZxojX0acBQqkca6Mk6AcfRBriJw7bwv5zmXajAc4klbeRXRgU7KwEvuwG8cWDTM4rj+smuP1/rtTmEHJIIRmqpck8OoutXUjF1Pfdy77wdLT/rqV7g3tUPMUAC921gJxqUvHqLHjIVQlQ+2WIgimfg8nMPS2wLGwXm4MhA=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491319427866.4593284438469;
 Mon, 26 Jan 2026 21:21:59 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSm-0008Fq-AQ; Tue, 27 Jan 2026 00:18:04 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSk-000864-EC
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:02 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSi-0000F9-Jl
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:02 -0500
Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com
 [209.85.214.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-58-95cAAjKLM1atxaBKI_vfjQ-1; Tue, 27 Jan 2026 00:17:57 -0500
Received: by mail-pl1-f199.google.com with SMTP id
 d9443c01a7336-2a7b7f04a11so8601065ad.3
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:17:57 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.53
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491080;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=MJe0SvEr1kOlUoBq6W2ESJltt4iwlZL4Id0CQflQPnk=;
 b=GV7HaWAV4ciflEgfaUsYY9LWfsiTzFni3ms+TnE36Yb/emFdC+4rV6YoetugEMhLGevrpT
 1X7OWkXN8GcjPl3MLbdU456dWzJnNBRmTytxUTxTQWzbjTr29VrAqq/5pIaSUNyRVn5Qnr
 o/PTEJeNHoEyOfKbVVejZxlAD2f5cR4=
X-MC-Unique: 95cAAjKLM1atxaBKI_vfjQ-1
X-Mimecast-MFC-AGG-ID: 95cAAjKLM1atxaBKI_vfjQ_1769491077
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491077; x=1770095877; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=MJe0SvEr1kOlUoBq6W2ESJltt4iwlZL4Id0CQflQPnk=;
 b=kcvyMLOgRF9ar8ZPHoqkvkA0jiQoxG2hxWFoeL3hmOOK1uB2Ezbb6QmZRFYpjuTJkN
 HfmGwT2y+1K6bbM5AMDDdmGG5azD+v1y7ZlwHQWKyAahdykGeyJyqOLfgvxQip8clmmm
 yHEDKnH44dOcARCjRPV51vCGj/xhlfTK6KFHfzstm5heC4RNGbhy7qhMxY/wRi05Acau
 R1kAQE0DP03R2svdMNcEv6qwesZmVWjKNZF/GeANE5nr+QTkBn4vHOtLioHX47WYrpSH
 sjLUC3KuMMNhyvMISxefKAcYCMDPR//Za7VGSsudMlQLtjkOR6VCzSkYNnX3hy31ysNh
 HwrQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491077; x=1770095877;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=MJe0SvEr1kOlUoBq6W2ESJltt4iwlZL4Id0CQflQPnk=;
 b=DK4U3dNZzZlSeapymNUxVkCzvdhrJNJSSpKlLZaAAQrYalj/gmrAjuykSha2OkY/Pa
 LM/C5+bjp+UVplgRMSa5UI5b56hh4fXh/+9I/kSBf0l1HTSxjvvu7tCF+veyAPOmjEs7
 f5vc8+44+PrYEhWI0N+7fwOPZnOc8EOnSmGkH8WN6tLvgqBsL2An0q/OILGDhEfyFubp
 rIMV59lfASffFterDZcprIPv1WCkAgkg+Fb351guDHPEOYvcP+KfJGPMlGHQep4ewFxT
 gnkTAQV8J4RkunWaOb66x1QaFDK4eEiXEldhm+90+ArFOVXQ9Q3FgbRigZgSkHRhK62h
 /i2w==
X-Forwarded-Encrypted: i=1;
 AJvYcCUTNOzF59vIfxFX0Dbelp3NOGzik78R1Y3ViR5c+dsC6L+KatRwzyQ9D3MIQmCpfgcbm5u7ch12QFo+@nongnu.org
X-Gm-Message-State: AOJu0YxBjHBBewxnM0ovPtn3RPH3o/tatuTNEtXr/HrLaFj2fvl2oWxM
 /l7lwhw1yHTBt0WddKmTBqnTmRj5R64NK0D6RPs0V9mHWM8dP2thBuDpMMKKebNaEqxqH6XzHWL
 m52V0QoB2nPTHkIA+i0z66TigMvcpiOiqoC0xob0BZd6JKvzIerqSV9xA
X-Gm-Gg: AZuq6aLfOAHdSAMzvOFncy/524kBKo26bbIm6TR12wF9JHfEgxLjTBEYv30hZksSR39
 jyScfTmSx238pnM4mNxH6RKMa3+rWiENBXPZ8wgCaX4GZKrPVgYctVQrz+bxhx9nc+9LdnlyJKC
 MCQzbKX9/s5WMxu1khdpKRijN5/CjybjLyy+dd/yHDd6Y6RZChRuXL9jhmQ59D3xTh802C7n2U+
 +Fe+fULP03bvFXZWKI+S6d3vN5CLXUdKFeqPZNFWd90Zu+fYMOtdElHOAPmKgErHL2DoK8FcnUU
 vMHKTwuAvatGDmml4g/8ZMQdlC7xui+NLan5JC3nPkjPN9ToceIykTsl4hc2uOmiQMpaKTnVX75
 foc9BAJM+r94G01qVAm4GebiaUZWhV5U7bvOZjKYBtQ==
X-Received: by 2002:a17:902:f60e:b0:2a0:bb3b:4191 with SMTP id
 d9443c01a7336-2a870d7a91dmr6033425ad.12.1769491076694;
 Mon, 26 Jan 2026 21:17:56 -0800 (PST)
X-Received: by 2002:a17:902:f60e:b0:2a0:bb3b:4191 with SMTP id
 d9443c01a7336-2a870d7a91dmr6033305ad.12.1769491076256;
 Mon, 26 Jan 2026 21:17:56 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>,
 "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 27/33] kvm/xen_evtchn: add support for confidential guest
 reset
Date: Tue, 27 Jan 2026 10:45:55 +0530
Message-ID: <20260127051612.219475-28-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491320834154100
Content-Type: text/plain; charset="utf-8"

As a part of the confidential guest reset, when the KVM VM file handle is
changed, Xen event ports and kernel ports that were associated with the
previous KVM file handle needs to be reassociated with the new handle. This=
 is
performed with the help of a callback handler that gets invoked during the
confidential guest reset process when the KVM VM file fd changes.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/kvm/xen_evtchn.c | 113 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 110 insertions(+), 3 deletions(-)

diff --git a/hw/i386/kvm/xen_evtchn.c b/hw/i386/kvm/xen_evtchn.c
index 8b243984e4..7802fa68ae 100644
--- a/hw/i386/kvm/xen_evtchn.c
+++ b/hw/i386/kvm/xen_evtchn.c
@@ -133,6 +133,26 @@ struct pirq_info {
     bool is_translated;
 };
=20
+struct eventfds {
+    uint16_t type;
+    evtchn_port_t port;
+    int fd;
+    QLIST_ENTRY(eventfds) node;
+};
+
+struct kernel_ports {
+    uint16_t type;
+    evtchn_port_t port;
+    uint32_t vcpu_id;
+    QLIST_ENTRY(kernel_ports) node;
+};
+
+static QLIST_HEAD(, eventfds) eventfd_list =3D
+    QLIST_HEAD_INITIALIZER(eventfd_list);
+
+static QLIST_HEAD(, kernel_ports) kernel_port_list =3D
+    QLIST_HEAD_INITIALIZER(kernel_port_list);
+
 struct XenEvtchnState {
     /*< private >*/
     SysBusDevice busdev;
@@ -178,6 +198,7 @@ struct XenEvtchnState {
 #define pirq_inuse(s, pirq) (pirq_inuse_word(s, pirq) & pirq_inuse_bit(pir=
q))
=20
 struct XenEvtchnState *xen_evtchn_singleton;
+static NotifierWithReturn xen_eventchn_notifier;
=20
 /* Top bits of callback_param are the type (HVM_PARAM_CALLBACK_TYPE_xxx) */
 #define CALLBACK_VIA_TYPE_SHIFT 56
@@ -304,6 +325,57 @@ static void gsi_assert_bh(void *opaque)
     }
 }
=20
+static int xen_eventchn_handle_vmfd_change(NotifierWithReturn *notifier,
+                                           void *data, Error **errp)
+{
+    struct eventfds *ef;
+    struct kernel_ports *kp;
+    struct kvm_xen_hvm_attr ha;
+    CPUState *cpu;
+    int ret;
+
+    /* we are not interested in pre vmfd change notification */
+    if (((VmfdChangeNotifier *)data)->pre) {
+        return 0;
+    }
+
+    QLIST_FOREACH(ef, &eventfd_list, node) {
+        ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN;
+        ha.u.evtchn.send_port =3D ef->port;
+        ha.u.evtchn.type =3D ef->type;
+        ha.u.evtchn.flags =3D 0;
+        ha.u.evtchn.deliver.eventfd.port =3D 0;
+        ha.u.evtchn.deliver.eventfd.fd =3D ef->fd;
+
+        ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+        if (ret < 0) {
+            error_setg(errp, "KVM_XEN_HVM_SET_ATTR failed with %d", ret);
+            return ret;
+        }
+    }
+
+    memset(&ha, 0, sizeof(ha));
+
+    QLIST_FOREACH(kp, &kernel_port_list, node) {
+        cpu =3D qemu_get_cpu(kp->vcpu_id);
+        ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN;
+        ha.u.evtchn.send_port =3D kp->port;
+        ha.u.evtchn.type =3D kp->type;
+        ha.u.evtchn.flags =3D 0;
+        ha.u.evtchn.deliver.port.port =3D kp->port;
+        ha.u.evtchn.deliver.port.vcpu =3D kvm_arch_vcpu_id(cpu);
+        ha.u.evtchn.deliver.port.priority =3D
+            KVM_IRQ_ROUTING_XEN_EVTCHN_PRIO_2LEVEL;
+
+        ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+        if (ret < 0) {
+            error_setg(errp, "KVM_XEN_HVM_SET_ATTR failed with %d", ret);
+            return ret;
+        }
+    }
+    return 0;
+}
+
 void xen_evtchn_create(unsigned int nr_gsis, qemu_irq *system_gsis)
 {
     XenEvtchnState *s =3D XEN_EVTCHN(sysbus_create_simple(TYPE_XEN_EVTCHN,
@@ -350,6 +422,9 @@ void xen_evtchn_create(unsigned int nr_gsis, qemu_irq *=
system_gsis)
=20
     /* Set event channel functions for backend drivers to use */
     xen_evtchn_ops =3D &emu_evtchn_backend_ops;
+
+    xen_eventchn_notifier.notify =3D xen_eventchn_handle_vmfd_change;
+    kvm_vmfd_add_change_notifier(&xen_eventchn_notifier);
 }
=20
 static void xen_evtchn_register_types(void)
@@ -547,6 +622,8 @@ static void inject_callback(XenEvtchnState *s, uint32_t=
 vcpu)
 static void deassign_kernel_port(evtchn_port_t port)
 {
     struct kvm_xen_hvm_attr ha;
+    struct kernel_ports *kp;
+    struct eventfds *ef;
     int ret;
=20
     ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN;
@@ -557,6 +634,19 @@ static void deassign_kernel_port(evtchn_port_t port)
     if (ret) {
         qemu_log_mask(LOG_GUEST_ERROR, "Failed to unbind kernel port %d: %=
s\n",
                       port, strerror(ret));
+    } else {
+        QLIST_FOREACH(kp, &kernel_port_list, node) {
+            if (kp->port =3D=3D port) {
+                QLIST_REMOVE(kp, node);
+                g_free(kp);
+            }
+        }
+        QLIST_FOREACH(ef, &eventfd_list, node) {
+            if (ef->port =3D=3D port) {
+                QLIST_REMOVE(ef, node);
+                g_free(ef);
+            }
+        }
     }
 }
=20
@@ -565,6 +655,8 @@ static int assign_kernel_port(uint16_t type, evtchn_por=
t_t port,
 {
     CPUState *cpu =3D qemu_get_cpu(vcpu_id);
     struct kvm_xen_hvm_attr ha;
+    struct kernel_ports *kp =3D g_malloc0(sizeof(*kp));
+    int ret;
=20
     if (!cpu) {
         return -ENOENT;
@@ -578,12 +670,21 @@ static int assign_kernel_port(uint16_t type, evtchn_p=
ort_t port,
     ha.u.evtchn.deliver.port.vcpu =3D kvm_arch_vcpu_id(cpu);
     ha.u.evtchn.deliver.port.priority =3D KVM_IRQ_ROUTING_XEN_EVTCHN_PRIO_=
2LEVEL;
=20
-    return kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+    ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+    if (ret =3D=3D 0) {
+        kp->type =3D type;
+        kp->port =3D port;
+        kp->vcpu_id =3D vcpu_id;
+        QLIST_INSERT_HEAD(&kernel_port_list, kp, node);
+    }
+    return ret;
 }
=20
 static int assign_kernel_eventfd(uint16_t type, evtchn_port_t port, int fd)
 {
     struct kvm_xen_hvm_attr ha;
+    struct eventfds *ef =3D g_malloc0(sizeof(*ef));
+    int ret;
=20
     ha.type =3D KVM_XEN_ATTR_TYPE_EVTCHN;
     ha.u.evtchn.send_port =3D port;
@@ -592,7 +693,14 @@ static int assign_kernel_eventfd(uint16_t type, evtchn=
_port_t port, int fd)
     ha.u.evtchn.deliver.eventfd.port =3D 0;
     ha.u.evtchn.deliver.eventfd.fd =3D fd;
=20
-    return kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+    ret =3D kvm_vm_ioctl(kvm_state, KVM_XEN_HVM_SET_ATTR, &ha);
+    if (ret =3D=3D 0) {
+        ef->type =3D type;
+        ef->port =3D port;
+        ef->fd =3D fd;
+        QLIST_INSERT_HEAD(&eventfd_list, ef, node);
+    }
+    return ret;
 }
=20
 static bool valid_port(evtchn_port_t port)
@@ -2391,4 +2499,3 @@ void hmp_xen_event_inject(Monitor *mon, const QDict *=
qdict)
         monitor_printf(mon, "Delivered port %d\n", port);
     }
 }
-
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491152; cv=none;
	d=zohomail.com; s=zohoarc;
	b=KYheHwqi9OpBlYxPjwJ5p+F/ikJl37iBxFHaYndCgL2H/zMRreU+T2xghhNRhOvR44HGlAWc1Spjz/d2ShITIWlZ12XwWkO6+OCbFOJ2vzorz0zy0WbXGwNaqPhfhVN7fz5mzkhYj/1agyG8UK45F94+5tJfhlg4Ud5heapvfJg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491152;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=gU47pROJlf30vx7cUz6NgZ8ND/evzCsZCahJ4DIhgGw=;
	b=DJWS7b50ciKx1K2JoIs4onRYj/prRnzMrMSwa5TP9bX/jD7EX/v8kWXY54fqC6266cvN9UaovDABgxIRqL3NyWsegYvTC9b/i7WZ0te+PEydisjfyQL/4/IeX7rvyKugxG51yj9k+Z2jW919mZuOUufJRN53kFIv/urSortsdBM=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491152421271.38148526480995;
 Mon, 26 Jan 2026 21:19:12 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbSs-0000Gy-JR; Tue, 27 Jan 2026 00:18:10 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSo-0008U0-7V
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:06 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSl-0000Fe-8Q
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:05 -0500
Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com
 [209.85.216.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-70-Qt9wpXLcPNuY-DEsuA6lpA-1; Tue, 27 Jan 2026 00:18:00 -0500
Received: by mail-pj1-f70.google.com with SMTP id
 98e67ed59e1d1-34c213419f5so3549894a91.2
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:18:00 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.56
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:17:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491082;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=gU47pROJlf30vx7cUz6NgZ8ND/evzCsZCahJ4DIhgGw=;
 b=QwiIL7/OuksIzLAmuDE95ezawGtjcue1nUb5+Yn7K4lt1Tr1Kkgaioyc6P+hg4uY2X4tqx
 wVeHAZX5ODmcl5n4CVREMhtKigxDso/ctbdXuqphDXG+IawuG/k/RWLkusO3DrV+8NbWZo
 aEOMkFuZN59EAL1lQacA/DCxm8NyRnU=
X-MC-Unique: Qt9wpXLcPNuY-DEsuA6lpA-1
X-Mimecast-MFC-AGG-ID: Qt9wpXLcPNuY-DEsuA6lpA_1769491079
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491079; x=1770095879; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=gU47pROJlf30vx7cUz6NgZ8ND/evzCsZCahJ4DIhgGw=;
 b=dxi+iNStKg7XqvVZtK1img/LOd6r39bm46L449mQM28VdBCQ2qRA8ft/lv8FTA8bcF
 uNbUb3EFiMsOpNfYxS6QuS8Un2xUcALYShqIHB8RoWPcJLc0ETJU89JUVZeqN896c8uo
 mKelU5Rfiy2zs601tLvCNr4ooBbvB4QB4vadyC8/trxb9a9CkTnlquHU2w3DEuVv/vjY
 krYl4vghs4LdSD6GNlPC+T/aExmT5e3FUy+fxGzHRxnCazXTfBRVAQAr0GCh2YE25Ymp
 iOnt0fba+BPW7KPyMPXQHnMrqOTilWJErIQesaN7QObJ3VTdFVxVx93FDjP8irrv2FWb
 roRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491079; x=1770095879;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=gU47pROJlf30vx7cUz6NgZ8ND/evzCsZCahJ4DIhgGw=;
 b=gsc3TID8xu3LSjA53E0gHwzPxnkkH2NjiVy4lcphayWW0lKVnt2bvWdWQHBknQRnk9
 4F2lS0OaKt/nCOjcmbG9Gi45Vp3PnbuILM9ackFkUrqZklAhGNMiBP0liZDJX2aDG3VD
 moOvDtMz15ne9gjjuEHo6rDdnZ75OkmeMLNpRphQL58QPpJYQ+cp1P0WiUH6Cenc1yMr
 kXZkLxUJKOnT9VfhKipgJ9LinkPhywb0miSj47tyj6JUTNcH92U4JDXzW2DvV6ZRTrF8
 m4bL08W81Irr7/3pxCpFINqWcCwnlBkDP4i5yXY8PkSFTMVb4QIpkhPe9lyGonFTENiI
 f4Jw==
X-Forwarded-Encrypted: i=1;
 AJvYcCX4GXgkmSTwoE+1+AIrh1+hxFs7H8Udx9+H0S77LedF3hfXkKqtrTFDZEudmOeskYQuz/dICtRn2FhP@nongnu.org
X-Gm-Message-State: AOJu0Yyu6zC8xxBXqYEfGHwDK0swM8+eGoE/UrxB//7U2mAW29IL30tM
 A4Hv8FPhoibwOYxIuJCIYWmEQUWPo72727qMGP/78OfjyzdnbfKiDNFpRAOEl+cSKnR7ll2k/zq
 DyaXSFISadsq1DA3Dyol8dJJ7sHXakI1jCLd2rXV5TBgdclIs1uR/2A2w
X-Gm-Gg: AZuq6aI9QA6PuEYQVbLH2MUnrb7qvklFHNkVbQwtOQMi4W4d4rOrq2pRXOIO8Wwc2ni
 yFR1N6agHoq3UhpY5jDPJweLJosPeCy2NqSNnpcESBzdCMzrBU/eniTMwzolt7XhIFQxIHsorMU
 783V1VKKdwCD/OHSb23viDjZMgFqJEcXBx44fTTDcgKvduLfJzGKPFpgBEsntmfckb8veqZkB1/
 p2kEjiorg4JoVPt4/me79D/4Ji5RZjJWWpK4w03kLhtDFJijf0aVCZls/LskgTrPSJzeXZBcykO
 4aHx7kDcU7MqoxrvKJlIl817fG8h0UJXedbKOlfXzQyap19u9UT5ep3/48nUQBZmC+KjQ4RU3Cr
 8QCz2V/WszToUqbAJ8TXA0T2SNeHHjvJ/qsoH975MvA==
X-Received: by 2002:a17:90a:f950:b0:340:f05a:3ed3 with SMTP id
 98e67ed59e1d1-353fed75832mr957740a91.17.1769491079230;
 Mon, 26 Jan 2026 21:17:59 -0800 (PST)
X-Received: by 2002:a17:90a:f950:b0:340:f05a:3ed3 with SMTP id
 98e67ed59e1d1-353fed75832mr957706a91.17.1769491078795;
 Mon, 26 Jan 2026 21:17:58 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Bernhard Beschow <shentey@gmail.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-ppc@nongnu.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 28/33] ppc/openpic: create a new openpic device and
 reattach mem region on coco reset
Date: Tue, 27 Jan 2026 10:45:56 +0530
Message-ID: <20260127051612.219475-29-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491154502154100
Content-Type: text/plain; charset="utf-8"

For confidential guests during the reset process, the old KVM VM file
descriptor is closed and a new one is created. When a new file descriptor is
created, a new openpic device needs to be created against this new KVM VM f=
ile
descriptor as well. Additionally, existing memory region needs to be reatta=
ched
to this new openpic device and proper CPU attributes set associating new fi=
le
descriptor. This change makes this happen with the help of a callback handl=
er
that gets called when the KVM VM file descriptor changes as a part of the
confidential guest reset process.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
Reviewed-by: Bernhard Beschow <shentey@gmail.com>
---
 hw/intc/openpic_kvm.c | 112 +++++++++++++++++++++++++++++++++---------
 1 file changed, 88 insertions(+), 24 deletions(-)

diff --git a/hw/intc/openpic_kvm.c b/hw/intc/openpic_kvm.c
index fbf0bdbe07..b099da20eb 100644
--- a/hw/intc/openpic_kvm.c
+++ b/hw/intc/openpic_kvm.c
@@ -49,6 +49,7 @@ struct KVMOpenPICState {
     uint32_t fd;
     uint32_t model;
     hwaddr mapped;
+    NotifierWithReturn vmfd_change_notifier;
 };
=20
 static void kvm_openpic_set_irq(void *opaque, int n_IRQ, int level)
@@ -114,6 +115,88 @@ static const MemoryRegionOps kvm_openpic_mem_ops =3D {
     },
 };
=20
+static int kvm_openpic_setup(KVMOpenPICState *opp, Error **errp)
+{
+    int kvm_openpic_model;
+    struct kvm_create_device cd =3D {0};
+    KVMState *s =3D kvm_state;
+    int ret;
+
+    switch (opp->model) {
+    case OPENPIC_MODEL_FSL_MPIC_20:
+        kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_20;
+        break;
+
+    case OPENPIC_MODEL_FSL_MPIC_42:
+        kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_42;
+        break;
+
+    default:
+        error_setg(errp, "Unsupported OpenPIC model %" PRIu32, opp->model);
+        return -1;
+    }
+
+    cd.type =3D kvm_openpic_model;
+    ret =3D kvm_vm_ioctl(s, KVM_CREATE_DEVICE, &cd);
+    if (ret < 0) {
+        error_setg(errp, "Can't create device %d: %s",
+                   cd.type, strerror(errno));
+        return -1;
+    }
+    opp->fd =3D cd.fd;
+
+    return 0;
+}
+
+static int kvm_openpic_handle_vmfd_change(NotifierWithReturn *notifier,
+                                          void *data, Error **errp)
+{
+    KVMOpenPICState *opp =3D container_of(notifier, KVMOpenPICState,
+                                        vmfd_change_notifier);
+    uint64_t reg_base;
+    struct kvm_device_attr attr;
+    CPUState *cs;
+    int ret;
+
+    /* we are not interested in pre vmfd change notification */
+    if (((VmfdChangeNotifier *)data)->pre) {
+        return 0;
+    }
+
+    /* close the old descriptor */
+    close(opp->fd);
+
+    if (kvm_openpic_setup(opp, errp) < 0) {
+        return -1;
+    }
+
+    if (!opp->mapped) {
+        return 0;
+    }
+
+    reg_base =3D opp->mapped;
+    attr.group =3D KVM_DEV_MPIC_GRP_MISC;
+    attr.attr =3D KVM_DEV_MPIC_BASE_ADDR;
+    attr.addr =3D (uint64_t)(unsigned long)&reg_base;
+
+    ret =3D ioctl(opp->fd, KVM_SET_DEVICE_ATTR, &attr);
+    if (ret < 0) {
+        error_setg(errp, "%s: %s %" PRIx64, __func__,
+                   strerror(errno), reg_base);
+        return -1;
+    }
+
+    CPU_FOREACH(cs) {
+        ret =3D kvm_vcpu_enable_cap(cs, KVM_CAP_IRQ_MPIC, 0, opp->fd,
+                                   kvm_arch_vcpu_id(cs));
+        if (ret < 0) {
+            return ret;
+        }
+    }
+
+    return 0;
+}
+
 static void kvm_openpic_region_add(MemoryListener *listener,
                                    MemoryRegionSection *section)
 {
@@ -197,36 +280,14 @@ static void kvm_openpic_realize(DeviceState *dev, Err=
or **errp)
     SysBusDevice *d =3D SYS_BUS_DEVICE(dev);
     KVMOpenPICState *opp =3D KVM_OPENPIC(dev);
     KVMState *s =3D kvm_state;
-    int kvm_openpic_model;
-    struct kvm_create_device cd =3D {0};
-    int ret, i;
+    int i;
=20
     if (!kvm_check_extension(s, KVM_CAP_DEVICE_CTRL)) {
         error_setg(errp, "Kernel is lacking Device Control API");
         return;
     }
=20
-    switch (opp->model) {
-    case OPENPIC_MODEL_FSL_MPIC_20:
-        kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_20;
-        break;
-
-    case OPENPIC_MODEL_FSL_MPIC_42:
-        kvm_openpic_model =3D KVM_DEV_TYPE_FSL_MPIC_42;
-        break;
-
-    default:
-        error_setg(errp, "Unsupported OpenPIC model %" PRIu32, opp->model);
-        return;
-    }
-
-    cd.type =3D kvm_openpic_model;
-    ret =3D kvm_vm_ioctl(s, KVM_CREATE_DEVICE, &cd);
-    if (ret < 0) {
-        error_setg_errno(errp, errno, "Can't create device %d", cd.type);
-        return;
-    }
-    opp->fd =3D cd.fd;
+    kvm_openpic_setup(opp, errp);
=20
     sysbus_init_mmio(d, &opp->mem);
     qdev_init_gpio_in(dev, kvm_openpic_set_irq, OPENPIC_MAX_IRQ);
@@ -235,6 +296,9 @@ static void kvm_openpic_realize(DeviceState *dev, Error=
 **errp)
     opp->mem_listener.region_del =3D kvm_openpic_region_del;
     opp->mem_listener.name =3D "openpic-kvm";
     memory_listener_register(&opp->mem_listener, &address_space_memory);
+    opp->vmfd_change_notifier.notify =3D
+        kvm_openpic_handle_vmfd_change;
+    kvm_vmfd_add_change_notifier(&opp->vmfd_change_notifier);
=20
     /* indicate pic capabilities */
     msi_nonbroken =3D true;
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491244; cv=none;
	d=zohomail.com; s=zohoarc;
	b=iAgSVRvVsXDCQypS3FWhsTYuxpM4FuuYU05s3gLFfd8TehF4ELRw7JvaF6ang5RYkyY7Nhm7b4I0omiWVQZ9f+if7amtenzSP5yXzNQMPalFBmSXmgoaG2/UZ6nlEGtlYaG+BQamOB+FyU09vUEnZeVWIQAHQFxywE9fHMPtHfA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491244;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=bEDYSbwkzm3iHaRebY1agUkwYGBShvhOSyrbmVbxi+E=;
	b=KTXI3I5L/bfLLeEYDECbHkyOv5ogGDe7okGw6Shb62Q6caHDldNiNM8r00ESF+CpUeyCg3XTaKXFFoz5Fy4Y1oenT85xxzwbMaiObmWf2wFRffMkaHIP5KbQuNHPpqulCWbCEHCzxvScwt8UTaUO9LDk93OXOUtfAfeyeVS6k1E=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491244896822.4635038671124;
 Mon, 26 Jan 2026 21:20:44 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbT4-0000io-4n; Tue, 27 Jan 2026 00:18:22 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSs-0000O7-40
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:10 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSq-0000GO-I5
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:09 -0500
Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com
 [209.85.215.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-341-vjIktgAGPqqzwq3W8CWrrg-1; Tue, 27 Jan 2026 00:18:02 -0500
Received: by mail-pg1-f200.google.com with SMTP id
 41be03b00d2f7-c551e6fe4b4so3222326a12.3
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:18:02 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.17.59
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:18:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491087;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=bEDYSbwkzm3iHaRebY1agUkwYGBShvhOSyrbmVbxi+E=;
 b=NSmF2WtoDzFNkLlYBlxMO4jdNanTDMOAAEh+GarGE++ZPoaPYHhd5TWUnfGj7cmxV4FwoA
 RSJurzqZgtCVx2YGDveTajXnQxjNGP1tNslJrQk4SiRDh7IQWsSNE4LLGLNWJg8NNPAFXf
 l2FrUdy8RsvpANe0AUO0SfQRPdFSFSA=
X-MC-Unique: vjIktgAGPqqzwq3W8CWrrg-1
X-Mimecast-MFC-AGG-ID: vjIktgAGPqqzwq3W8CWrrg_1769491082
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491082; x=1770095882; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=bEDYSbwkzm3iHaRebY1agUkwYGBShvhOSyrbmVbxi+E=;
 b=M/6S+u2I6ixp39BY04vOZ/wbT7vHfGd8krHEDza90nrN/w3jct5hED7dMYy+Fje/Y2
 BYMLABDolPGC5N0vAebGGKZjG7a3Ditx107vFlva039HE27UKZ5k5T7UhZTHmlgIbLQm
 8/kEuUvqARp7kkkbtE3zk+1SGYeB6Jo/418Sme3p0eXQutaWvDrc8uYb3rgX3/E6GqIY
 pR+Rxm1tw9ppK4FqV1fAByILqBW7xcUmfPOpzVlIzQP8GFj018mZjQsPhtL99Zp1mD7L
 daaaZ90yOemQaaMYeTKGepZqn1EENTnBthmRIzZSenf25nybVRdpCbCbK5dYXQMqPwwg
 yzxQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491082; x=1770095882;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=bEDYSbwkzm3iHaRebY1agUkwYGBShvhOSyrbmVbxi+E=;
 b=NlE73csoLZW7YBdo5yRsfRJCLo0xJbRTdYU06zHtik2Vi3ZKs1rt95T94R0yT23kXP
 IJ2i4pFKzpiz81V+sBQqLel+lBBauuiCjivwQRHaCDfJx/CH3YYr27n8OjRkDfD1g837
 +qZmSxstFVyjpb/obuAosP8zk71Oum9Hi2DJSiVeq3SvwkbGQtBMXv4PJOE3SMq4+Ose
 GOfA/r46KXCLc9pC/+fYFhE/pcWM0Fea5D7A36qcarN6NRr6g2hY3xwE9W80nMejkKHA
 YCFueWNOaY0skn/dKFOMFrkAj4pdcwLPuknGaGNAZSvz1+vDG8t5CUhEs7jhnXzjEjHC
 DH3g==
X-Forwarded-Encrypted: i=1;
 AJvYcCXf4F7FT6O3+sBd0mieYQSl8PDG7kcms4slbE13E6LzjYEWL+ZvPL1/AeUKG153nmAAGvBq1qLKJrQ1@nongnu.org
X-Gm-Message-State: AOJu0Yzl8l4euN2bB+LFgWOriH/1z8xZkJPUzsEruBcTRvX5BGib7dAs
 xlLzPb+XwbqDNQdhyEYcK55ViG/bLptszbw9BcGKMY78cscPVQQz3HgpB9H5PCq6bbepP/l1TJj
 +otzCjrbjlPvphhkQc2rwQateIbbiv9ZQACSnnw9vOr/HgejQgq6e6LOv
X-Gm-Gg: AZuq6aInBO7why8wq0qwnXQqvpesXj5SUI3Yw7YeOBNbyPIyPOK5aZ5+VXGci/yZfL9
 ByXp9yK42DbOKh5RLOISuRlq9sx4nlLADLkY5tYJbj9cf+E+F/qXwOI8sf41hM8/lb0Blzm+Yp/
 hum2EV84W6h4Cla7d2RRH+3q/FkZ8BXeT2S6HxQ+XBnpFzqzG03MFxAqblAkukCovHBu4wVIvRK
 ps/i5zS9CzrG/M98DK9dscT8VUxAgssvWynoFVDmPduFr9zx2APjBF5CGMoo8nI0a5zQqjQLAhI
 K5lYUhw6H8sl19AvdQ9b697g2E3knAWZ+8u0J3V30NUig0jGzHE4J8RRJl7jJRfX/CFCOGXb0iI
 snqVKqNXFbb0fgZb+Ty3ky+kTAX1RZ3p49GOBJkeKIA==
X-Received: by 2002:a05:6a20:918e:b0:366:18b3:85c3 with SMTP id
 adf61e73a8af0-38ec62899cdmr496036637.1.1769491081806;
 Mon, 26 Jan 2026 21:18:01 -0800 (PST)
X-Received: by 2002:a05:6a20:918e:b0:366:18b3:85c3 with SMTP id
 adf61e73a8af0-38ec62899cdmr496015637.1.1769491081377;
 Mon, 26 Jan 2026 21:18:01 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, kvm@vger.kernel.org,
 qemu-devel@nongnu.org
Subject: [PATCH v3 29/33] kvm/vcpu: add notifiers to inform vcpu file
 descriptor change
Date: Tue, 27 Jan 2026 10:45:57 +0530
Message-ID: <20260127051612.219475-30-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491247766154100
Content-Type: text/plain; charset="utf-8"

When new vcpu file descriptors are created and bound to the new kvm file
descriptor as a part of the confidential guest reset mechanism, various
subsystems needs to know about it. This change adds notifiers so that vario=
us
subsystems can take appropriate actions when vcpu fds change by registering
their handlers to this notifier.
Subsequent changes will register specific handlers to this notifier.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 accel/kvm/kvm-all.c    | 26 ++++++++++++++++++++++++++
 accel/stubs/kvm-stub.c | 10 ++++++++++
 include/system/kvm.h   | 17 +++++++++++++++++
 3 files changed, 53 insertions(+)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index d43a363488..a28b0edade 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -127,6 +127,9 @@ static NotifierList kvm_irqchip_change_notifiers =3D
 static NotifierWithReturnList register_vmfd_changed_notifiers =3D
     NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vmfd_changed_notifiers);
=20
+static NotifierWithReturnList register_vcpufd_changed_notifiers =3D
+    NOTIFIER_WITH_RETURN_LIST_INITIALIZER(register_vcpufd_changed_notifier=
s);
+
 static int map_kvm_run(KVMState *s, CPUState *cpu, Error **errp);
 static int map_kvm_dirty_gfns(KVMState *s, CPUState *cpu, Error **errp);
 static int vcpu_unmap_regions(KVMState *s, CPUState *cpu);
@@ -2313,6 +2316,22 @@ static int kvm_vmfd_change_notify(Error **errp)
                                             &vmfd_notifier, errp);
 }
=20
+void kvm_vcpufd_add_change_notifier(NotifierWithReturn *n)
+{
+    notifier_with_return_list_add(&register_vcpufd_changed_notifiers, n);
+}
+
+void kvm_vcpufd_remove_change_notifier(NotifierWithReturn *n)
+{
+    notifier_with_return_remove(n);
+}
+
+static int kvm_vcpufd_change_notify(Error **errp)
+{
+    return notifier_with_return_list_notify(&register_vcpufd_changed_notif=
iers,
+                                            &vmfd_notifier, errp);
+}
+
 int kvm_irqchip_get_virq(KVMState *s)
 {
     int next_virq;
@@ -2840,6 +2859,13 @@ static int kvm_reset_vmfd(MachineState *ms)
     }
     assert(!err);
=20
+    /* notify everyone that vcpu fd has changed. */
+    ret =3D kvm_vcpufd_change_notify(&err);
+    if (ret < 0) {
+        return ret;
+    }
+    assert(!err);
+
     /* these can be only called after ram_block_rebind() */
     memory_listener_register(&kml->listener, &address_space_memory);
     memory_listener_register(&kvm_io_listener, &address_space_io);
diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c
index a6e8a6e16c..c4617caac6 100644
--- a/accel/stubs/kvm-stub.c
+++ b/accel/stubs/kvm-stub.c
@@ -87,6 +87,16 @@ void kvm_vmfd_remove_change_notifier(NotifierWithReturn =
*n)
 {
 }
=20
+void kvm_vcpufd_add_change_notifier(NotifierWithReturn *n)
+{
+    return;
+}
+
+void kvm_vcpufd_remove_change_notifier(NotifierWithReturn *n)
+{
+    return;
+}
+
 int kvm_irqchip_add_irqfd_notifier_gsi(KVMState *s, EventNotifier *n,
                                        EventNotifier *rn, int virq)
 {
diff --git a/include/system/kvm.h b/include/system/kvm.h
index a17cd368ca..8265d0ff4e 100644
--- a/include/system/kvm.h
+++ b/include/system/kvm.h
@@ -589,4 +589,21 @@ void kvm_vmfd_add_change_notifier(NotifierWithReturn *=
n);
  */
 void kvm_vmfd_remove_change_notifier(NotifierWithReturn *n);
=20
+/**
+ * kvm_vcpufd_add_change_notifier - register a notifier to get notified wh=
en
+ * a KVM vcpu file descriptors changes as a part of the confidential guest
+ * "reset" process. Various subsystems should use this mechanism to take
+ * actions such as re-issuing vcpu ioctls as a part of setting up vcpu
+ * features.
+ * @n: notifier with return value.
+ */
+void kvm_vcpufd_add_change_notifier(NotifierWithReturn *n);
+
+/**
+ * kvm_vcpufd_remove_change_notifier - de-register a notifer previously
+ * registered with kvm_vcpufd_add_change_notifier call.
+ * @n: notifier that was previously registered.
+ */
+void kvm_vcpufd_remove_change_notifier(NotifierWithReturn *n);
+
 #endif
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491145; cv=none;
	d=zohomail.com; s=zohoarc;
	b=XwJlZfBHgBNidlF3/0JNz/FKbyKM+qv2SkG0/Yg4Q1IYAYFEnqfev3qWuscs+p6wBCEeGT7hWDGOsf8aMuLHn0VQ54ss/Qle/0rCxO5VG61xj6pTDi77YGmSyqQP3xKVeRkEImveUi9dA7cKZ1xnxmw/nPUeAdShkoe3hkzJxpw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491145;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=;
	b=EZQQOM6gG95sVmDT5jAg5zmTtqkcKn+zjvRxtGJk05SZR8PdEIvPDtNDFA8Y7KFQvr2t6UD5e6han2tTWi7O3QmLnazsrH1jEAqWGsC7xHYZSDTMIC61miSP9trfP57mFQY5FMSzDF5CtiTRoHgD6QaGSPiqGtW+1QZBRZSu6jw=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491145432535.3501510110713;
 Mon, 26 Jan 2026 21:19:05 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbT2-0000fV-9a; Tue, 27 Jan 2026 00:18:21 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSs-0000O8-Cg
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:10 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSr-0000GT-0L
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:10 -0500
Received: from mail-pj1-f69.google.com (mail-pj1-f69.google.com
 [209.85.216.69]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-491-ojrE7eJlMBihbRlQuNXSTQ-1; Tue, 27 Jan 2026 00:18:06 -0500
Received: by mail-pj1-f69.google.com with SMTP id
 98e67ed59e1d1-34e5a9f0d6aso4700038a91.0
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:18:05 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.18.01
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:18:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491088;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=;
 b=f1qsQa9H6ir8jeTKBevpfUy+xFQPbl3RGSk4imVNTk2FyAoIiGBKsUqtZiJ14TICujS/E+
 1+2LN/ug09MGgtuMwz1IB7qO6hhr3QDNI81pI6qJfLMP5UivK3T53KubjJCXtiAaNAxjQs
 6t9GiAsjeBVuyy+5xH6UFE18tSslOUE=
X-MC-Unique: ojrE7eJlMBihbRlQuNXSTQ-1
X-Mimecast-MFC-AGG-ID: ojrE7eJlMBihbRlQuNXSTQ_1769491085
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491085; x=1770095885; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=;
 b=RsgYDxECYEcfivs9UviQ/N10b9ESaK1JBvUmEVXE9CJxozztSIsZlkAt18NEcjL156
 nA/7nylznKZdLImc5JT3fhBkAb9A6k0wuMsWc1ZZ3g4a8zT9jzpOPUFU8gGcQtwGDLSs
 rCX5IjwAQC35RDXYFumSvk43sKyLbp7L/XZqD4IE5dazsuBZ+tkDGbogZFNr8KFllamU
 PEvhFu6mH5lsSDNd3ChxHTKbnP7w2ZE6npUXKOUNnE0bEcIIfv34+BznXyodyS2ViyoD
 s4rv3G0qy4RGK1RGW5X1TLr37cQ1noIHYZdFA3pxEtELTcO73SmN7XVExdab7jSD77JY
 UeYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491085; x=1770095885;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=sZTC0TaeHDKR66aLqLlM3/y/CGbtg30ikDOryFdUyg4=;
 b=O6AsRNZK9kFjS9e7rRje/9sogYabsHqKuS8h3C8cs1H//GShTaejAygNpNly8FeOCp
 w8fPXSv/w7S2ejfbhS5ZVYm3nv6TIWMvbivtndIwRX7u1ppRYHcNQCGNXrSKi05tMYDc
 AU4e7v8HtlTQD/RqpGGoXa0gyWWEqGD9xZRbrCZM9CAks04RkZklkpIXACkehlN5gfUE
 dnbUjSM8VHbc7zvXUTYCnpRnEZsoeDaC2aDMbH//RnTqBZaHe5C/CIPoWvcv0h/g2Xvz
 T5piQBKa4dO9B/ZMpddXf45gAvf5IggzHDMpNE4Gca+6OC4MTBAwVgZI+CfUKPKO2+jF
 XszQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCWTTpQO+qTSJ3oJa+yUhDBe2iUCzQkvBZGK0JcvP6eQjN4Nyye2S3+Vrxnsf33UELBBlsQXV91PHuJd@nongnu.org
X-Gm-Message-State: AOJu0YzHrBq/PlJSqq1FAbCBG6YgOmvSQDTy9mwOTrrH47smMqtW6RB3
 YzVAOkP6jucZzjjuNlavm0TVR4TdB1LqupI8FPL/srzxeW+KTZsw5PeIB3eF8UAXoza390Zfg7q
 mx+pj54j0GGqsmS0c5oEWmgugJeI+0zXsOY/8ltS9b1KKKBhZQrT3iNmc
X-Gm-Gg: AZuq6aIpPTUfvLsW1Sjg2Q6xjqaKW18Eu8w1Wuv1sLUubQXGMDV9IeqSm631GaM2cmy
 O+eZz0YMJ+21hLG+iBQC3zDgPSWgpNqgmyEm43hd6DucBi/Nq76KPu2I+S7r0Qh739tMjwVXD7Q
 J+5LenpRnMg0hwe4Wn5cSKxt6kDPExmAmuEsCSxkGeiWkKe2SRp0aGJzOdfJpD97zll0imjF5q3
 xWVC8oQHSPvfl2yFDOQGUYgcO/iSzrqwcfJwZhP55b+TPpP2jCfW68Sh6RwwsIGW1vsviMij/n/
 nh7V0F0ujd7HNCbZt+gFQkpaioN19ZuAQsntvvPdPi1G5qpxCWgDrURq2qNqO2GTBak7TPOEpap
 P617MAZ+YQ0aGf2X6c+OntDaHC7vU+XOlzpIUtXL8Rg==
X-Received: by 2002:a17:90b:3802:b0:343:3898:e7c9 with SMTP id
 98e67ed59e1d1-353ff8b45a6mr479140a91.2.1769491085047;
 Mon, 26 Jan 2026 21:18:05 -0800 (PST)
X-Received: by 2002:a17:90b:3802:b0:343:3898:e7c9 with SMTP id
 98e67ed59e1d1-353ff8b45a6mr479117a91.2.1769491084654;
 Mon, 26 Jan 2026 21:18:04 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 30/33] kvm/i386/apic: set local apic after vcpu file
 descriptors changed
Date: Tue, 27 Jan 2026 10:45:58 +0530
Message-ID: <20260127051612.219475-31-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491145825158500
Content-Type: text/plain; charset="utf-8"

Once the vcpu file descriptors changed after confidential guest reset, the
local apic needs to be reinitialized. This change adds a callback from the
vcpu fd change notifiers to reinitialize local apic for kvm x86.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/kvm/apic.c              | 13 +++++++++++++
 include/hw/i386/apic_internal.h |  1 +
 2 files changed, 14 insertions(+)

diff --git a/hw/i386/kvm/apic.c b/hw/i386/kvm/apic.c
index 82355f0463..f6f8ac2764 100644
--- a/hw/i386/kvm/apic.c
+++ b/hw/i386/kvm/apic.c
@@ -229,6 +229,16 @@ static void kvm_apic_reset(APICCommonState *s)
     run_on_cpu(CPU(s->cpu), kvm_apic_put, RUN_ON_CPU_HOST_PTR(s));
 }
=20
+static int apic_vcpufd_change_handler(NotifierWithReturn *n,
+                                      void *data, Error** errp) {
+    APICCommonState *s =3D container_of(n, APICCommonState,
+                                      vcpufd_change_notifier);
+
+    run_on_cpu(CPU(s->cpu), kvm_apic_put, RUN_ON_CPU_HOST_PTR(s));
+
+    return 0;
+}
+
 static void kvm_apic_realize(DeviceState *dev, Error **errp)
 {
     APICCommonState *s =3D APIC_COMMON(dev);
@@ -238,6 +248,9 @@ static void kvm_apic_realize(DeviceState *dev, Error **=
errp)
=20
     assert(kvm_has_gsi_routing());
     msi_nonbroken =3D true;
+
+    s->vcpufd_change_notifier.notify =3D apic_vcpufd_change_handler;
+    kvm_vcpufd_add_change_notifier(&s->vcpufd_change_notifier);
 }
=20
 static void kvm_apic_unrealize(DeviceState *dev)
diff --git a/include/hw/i386/apic_internal.h b/include/hw/i386/apic_interna=
l.h
index 4a62fdceb4..ffe5815e7f 100644
--- a/include/hw/i386/apic_internal.h
+++ b/include/hw/i386/apic_internal.h
@@ -189,6 +189,7 @@ struct APICCommonState {
     hwaddr vapic_paddr; /* note: persistence via kvmvapic */
     bool legacy_instance_id;
     uint32_t extended_log_dest;
+    NotifierWithReturn vcpufd_change_notifier;
 };
=20
 typedef struct VAPICState {
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491268; cv=none;
	d=zohomail.com; s=zohoarc;
	b=iwAzdnyu2Qae2Qbl//XK3clCdwWWIN0xji70yCNwz7xvgLLG3T5+kjj4+CJTzC+8UfyzLvcKFjWozZVvtGgxbbj7BYiVRndLHld5JuA1TlRVXHB00/STSmxo+B1/CzPdMpAtdKeTqT2w3JMRqgQOra4v7LOfaO2PLL/mNO+3e7Y=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491268;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=ampkMXpvZM0Uh9Dio1wYKLx68wPyoO/FMFpvVez+X64=;
	b=igB2XSDjI8WwzpDbuqbA1mk3zuBYRvHDcrx9PmR+3Tj1oWS8TRkV6rw29hRp2gH/uuASSQJ0jQCTBUuL6JycyAV+7U8GlYodN7cyglgcdrqTPKuHcwL61BJuS8dX6hW02ZCjhKhL6/dG3lNgO/kuYKRs2lk528EgVDD0CLKzFsc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491268943398.40527908702734;
 Mon, 26 Jan 2026 21:21:08 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbTf-0001it-Cb; Tue, 27 Jan 2026 00:18:59 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSv-0000Ut-Jh
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:15 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSu-0000Gx-5l
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:13 -0500
Received: from mail-pj1-f71.google.com (mail-pj1-f71.google.com
 [209.85.216.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-553-f4FUNuPHN9efHIyW_eSVNg-1; Tue, 27 Jan 2026 00:18:09 -0500
Received: by mail-pj1-f71.google.com with SMTP id
 98e67ed59e1d1-34c93f0849dso4945604a91.1
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:18:09 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.18.05
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:18:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491091;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=ampkMXpvZM0Uh9Dio1wYKLx68wPyoO/FMFpvVez+X64=;
 b=U13JmB55MUIH/uXmETuzFGm/00rQ90MHZ5wIxhpflumtoz1XFX3yTIy92fQckAH4vepe4u
 mg5x6tr/GZ+Jgc+ozN0gQh5GK39LXOKGz0z3E2tg2yjmuksHIPThm8F7CP8hOk+5ZXVWcl
 lPojOjOwZHk055VpX8x1NJ3I2YNQRAg=
X-MC-Unique: f4FUNuPHN9efHIyW_eSVNg-1
X-Mimecast-MFC-AGG-ID: f4FUNuPHN9efHIyW_eSVNg_1769491088
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491088; x=1770095888; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=ampkMXpvZM0Uh9Dio1wYKLx68wPyoO/FMFpvVez+X64=;
 b=S3otqL6fDxErlRNspkVeqaPT0vx437txvFFo3gQoE29BBoxffbBP2xcr6XJYs9eadd
 LH3hhqitAhhLHMrxDmZ3hCnRrqoGM1/Vc0YxtOBBGmb74wRi0gaFjBGKUPye5iCrTxqJ
 7KYP15zplvJd5Qci8ev4E384J9qBqLpmQRYtShC/FrLy+rbPL1pOnH9ip7txZlg57UYt
 Tk0c8QkqGhYnXz5Lf0EFwTfO0mrDxhFHcvlnm8OuA8oPJGb26Wp5NKspChKHV6i1LbOp
 0Tq/ZJLoxPD2QeBY8qtwD90WPeEolIdDwTJKt59YSupJeJxcWqu98Zn35FXP1yRDUFLF
 V4aw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491088; x=1770095888;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=ampkMXpvZM0Uh9Dio1wYKLx68wPyoO/FMFpvVez+X64=;
 b=NKMD3S8zL6WbVdW+1CT7kY6C8pfbM4oOS6opB8HZZ3GBgK/Nt8yuTxHYGNf57Ta1DR
 jDsuSmzenHPtBT5LFA1xlqriGxMDNPqmif8PzU8pVITrqMwWha0LxGUqYt8c5+IZa4yi
 Dkn0cOPqyHdguvX35l0eL1aopz0MDnUqGD3ghOy/ohhDq7finpmeRru62q+2aCMYuHfb
 QsbFibhnexBbO5w6kJ4ut4hefFUIvBfta4/rH32cCG/H3uFlS/zrNTelfY6tEhtKQ0Kz
 paaHE//YaiDAsv14KbMPhTkuQo+BRThxQKpo1Mn9kfk6rnZIMSS6v8HLwLaWJCXwefxi
 gXIg==
X-Forwarded-Encrypted: i=1;
 AJvYcCUVsvw788UJj8mh1CuCEwdMtaURgIJZBF8Q1dRCTmVPTJSscShSyvAcpUGE1yzaLewzklQKGUg1044j@nongnu.org
X-Gm-Message-State: AOJu0Yzo96HNB21ksBhRkouLrz3stDOBrv1Qlx4NsVmGKM2zHLZbIaE1
 XY6v4bLKnOB1c0ZDll5mS2+GvxZVo+2rC8jIqWnhSq7aSW+sXJg2Nd/OjrANBSdvr/IdHshEwJh
 kkvyZeCsvuIzvIqPeW4frArkG/FzQpTPAMueg20E4ynz63aQFw6EvNtUu
X-Gm-Gg: AZuq6aKSh1a5e0fTTCCtxsZ4M5O0uSvyVC2B4yGhP+LFny/uCrbQB4xSgDLsOXzB2Ic
 rnCb0z3gy2xtSu+Tmj4exgFC47qUsRQ5EwZCymDd7LRsxnauku6ie9m9jTnh0Sk2Yy+y198+vJo
 an/indnmqOxIsDHAiVxfVQFc0qnNYEhSVKKRCzCGC6sJ3nDCIhPxg9ciad80L1nD9jEFB7kkRRu
 IteI1jmWX3qwp7xzXaxZ0l0ciilFl+0K0fxIU7YNbdm0IWfV25OJDQcPdlDVY4gGqnkg248Zku1
 IEUb45BVWbftJ7Ih4PXxL5XwswGbYeUf77iOoGXOPcPgshfRXNqB7QpY7+dXGTiGxrWmq1uOFAz
 7iP77o+3KbfcDoWgYRlNP/dPtmhDXdmZfvUBZQBwtgA==
X-Received: by 2002:a17:90b:37ce:b0:353:2972:74a4 with SMTP id
 98e67ed59e1d1-353ffaa4138mr479390a91.13.1769491088247;
 Mon, 26 Jan 2026 21:18:08 -0800 (PST)
X-Received: by 2002:a17:90b:37ce:b0:353:2972:74a4 with SMTP id
 98e67ed59e1d1-353ffaa4138mr479361a91.13.1769491087913;
 Mon, 26 Jan 2026 21:18:07 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Eduardo Habkost <eduardo@habkost.net>,
 "Michael S. Tsirkin" <mst@redhat.com>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 31/33] kvm/clock: add support for confidential guest reset
Date: Tue, 27 Jan 2026 10:45:59 +0530
Message-ID: <20260127051612.219475-32-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491270054154100
Content-Type: text/plain; charset="utf-8"

Confidential guests change the KVM VM file descriptor upon reset and also c=
reate
new VCPU file descriptors against the new KVM VM file descriptor. We need to
save the clock state from kvm before KVM VM file descriptor changes and res=
tore
it after. Also after VCPU file descriptors changed, we must call
KVM_KVMCLOCK_CTRL on the VCPU file descriptor to inform KVM that the VCPU is
in paused state.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/i386/kvm/clock.c | 59 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)

diff --git a/hw/i386/kvm/clock.c b/hw/i386/kvm/clock.c
index aba6842a22..10d34254f0 100644
--- a/hw/i386/kvm/clock.c
+++ b/hw/i386/kvm/clock.c
@@ -50,6 +50,9 @@ struct KVMClockState {
     /* whether the 'clock' value was obtained in a host with
      * reliable KVM_GET_CLOCK */
     bool clock_is_reliable;
+
+    NotifierWithReturn kvmclock_vcpufd_change_notifier;
+    NotifierWithReturn kvmclock_vmfd_change_notifier;
 };
=20
 struct pvclock_vcpu_time_info {
@@ -63,6 +66,9 @@ struct pvclock_vcpu_time_info {
     uint8_t    pad[2];
 } __attribute__((__packed__)); /* 32 bytes */
=20
+static int kvmclock_set_clock(NotifierWithReturn *notifier,
+                              void *data, Error** errp);
+
 static uint64_t kvmclock_current_nsec(KVMClockState *s)
 {
     CPUState *cpu =3D first_cpu;
@@ -219,6 +225,54 @@ static void kvmclock_vm_state_change(void *opaque, boo=
l running,
     }
 }
=20
+static int kvmclock_save_clock(NotifierWithReturn *notifier,
+                               void *data, Error** errp)
+{
+    if (!((VmfdChangeNotifier *)data)->pre) {
+        return 0;
+    }
+    KVMClockState *s =3D container_of(notifier, KVMClockState,
+                                    kvmclock_vmfd_change_notifier);
+    kvm_update_clock(s);
+    return 0;
+}
+
+static int kvmclock_set_clock(NotifierWithReturn *notifier,
+                              void *data, Error** errp)
+{
+    struct kvm_clock_data clock_data =3D {};
+    CPUState *cpu;
+    int ret;
+    KVMClockState *s =3D container_of(notifier, KVMClockState,
+                                    kvmclock_vcpufd_change_notifier);
+    int cap_clock_ctrl =3D kvm_check_extension(kvm_state, KVM_CAP_KVMCLOCK=
_CTRL);
+
+    if (!s->clock_is_reliable) {
+        uint64_t pvclock_via_mem =3D kvmclock_current_nsec(s);
+        /* saved clock value before vmfd change is not reliable */
+        if (pvclock_via_mem) {
+            s->clock =3D pvclock_via_mem;
+        }
+    }
+
+    clock_data.clock =3D s->clock;
+    ret =3D kvm_vm_ioctl(kvm_state, KVM_SET_CLOCK, &clock_data);
+    if (ret < 0) {
+        fprintf(stderr, "KVM_SET_CLOCK failed: %s\n", strerror(-ret));
+        abort();
+    }
+
+    if (!cap_clock_ctrl) {
+        return 0;
+    }
+    CPU_FOREACH(cpu) {
+        run_on_cpu(cpu, do_kvmclock_ctrl, RUN_ON_CPU_NULL);
+    }
+
+    return 0;
+}
+
+
 static void kvmclock_realize(DeviceState *dev, Error **errp)
 {
     KVMClockState *s =3D KVM_CLOCK(dev);
@@ -230,7 +284,12 @@ static void kvmclock_realize(DeviceState *dev, Error *=
*errp)
=20
     kvm_update_clock(s);
=20
+    s->kvmclock_vcpufd_change_notifier.notify =3D kvmclock_set_clock;
+    s->kvmclock_vmfd_change_notifier.notify =3D kvmclock_save_clock;
+
     qemu_add_vm_change_state_handler(kvmclock_vm_state_change, s);
+    kvm_vcpufd_add_change_notifier(&s->kvmclock_vcpufd_change_notifier);
+    kvm_vmfd_add_change_notifier(&s->kvmclock_vmfd_change_notifier);
 }
=20
 static bool kvmclock_clock_is_reliable_needed(void *opaque)
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491210; cv=none;
	d=zohomail.com; s=zohoarc;
	b=M9g7K6WBjb28RFpy34KEbe9D0FrU+YfyCclpFGEPK2xcgUY+wOQmO01emmPpFF+abdH4RhNLpWFqXpo+r13QN0FLUfzrDGTjNdWP0DFOxOi4ppfYvi9+l8BxLEJdpbtrZKzNV92PgUbBgPv4I2bXvl80bNsLBsv35oIpr6Qr038=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491210;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=yFYMvKOUQKIGJ/bgL+z2/AhFQ5ODxClXmfogU8hnHt8=;
	b=AA/uzOl5PlYhVjxA1qWqt810pitxXFsag3tJ1MbDWqMtjWRyN7P3NUi9Q8Phy/JKsnssUBKP0wTu2dVtRPdnIy39vVxjm8Qm61AuJXSpxFTjPPf/y9nA5znjf1/zla5sS23pFK9X9KGal5I/143muGtBNE4mdlIYMfOQCCHBMY4=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1769491210790960.0521313155771;
 Mon, 26 Jan 2026 21:20:10 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbT8-0000zL-Px; Tue, 27 Jan 2026 00:18:27 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbT0-0000fX-QY
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:19 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbSz-0000Hn-9h
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:18 -0500
Received: from mail-pj1-f69.google.com (mail-pj1-f69.google.com
 [209.85.216.69]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-179-DL-ZCg00OZiqed8CNUm-sw-1; Tue, 27 Jan 2026 00:18:12 -0500
Received: by mail-pj1-f69.google.com with SMTP id
 98e67ed59e1d1-34c48a76e75so4683046a91.1
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:18:12 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.18.08
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:18:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491096;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=yFYMvKOUQKIGJ/bgL+z2/AhFQ5ODxClXmfogU8hnHt8=;
 b=VB1mvM89C/GbPWGkDmQ2aZuM9/a1yaCOrXgoe/kP0+JBIkrjxpzlgnva0SpX24SqN2ziAy
 /VslV242WA8aKUjhnGGI5SA1yYzHjbEiBlRQGgqa05yrLlEZ/OwT1vwRj4rZDIo3R93IKo
 2WQ7honG8AIu/WFCfCcuudWH9l45fgI=
X-MC-Unique: DL-ZCg00OZiqed8CNUm-sw-1
X-Mimecast-MFC-AGG-ID: DL-ZCg00OZiqed8CNUm-sw_1769491092
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491092; x=1770095892; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=yFYMvKOUQKIGJ/bgL+z2/AhFQ5ODxClXmfogU8hnHt8=;
 b=mJj6xz1ii9dKXqT7GCHCY65TVzL4Z2Au0BROR+R9v1zGTPFoIxfXbYDrDclh/zAFZ6
 ecMeq+iDjpzrISpVRbTkM8T9BmPrj6LIeepAncRgWmpltqHksSqSnCYIc32VBw5HGwaS
 VLccr2FDaOKDAojoju5YLcvxnCJ5now+0Rf7JYZ+9cv7KR29ngf+PJzqO7bvpH49WBV1
 pNYHNl4igV8MhfOSJ5O5G6I4H7VuFMmKc4CPHQ+Vj4yAp4v44eGMOfcHMgSkDN5NlBCq
 XK9RqILHx5yAM9rUJSpG1WlAZfbkZmSlMcNsEh5fA36O1PN6s05klaw2EOe5p0BlLpt0
 XvXg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491092; x=1770095892;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=yFYMvKOUQKIGJ/bgL+z2/AhFQ5ODxClXmfogU8hnHt8=;
 b=pzqtoJZE3A/OobTC+ChPq5IOuhxCH2Wry/hcoEIyzqMjJGNOVDZZjLBXfMefPjZdmS
 cFjvq0hyEgNdv/eZk9FCzGSHp7xUGAEXUF0n4IDZzDhfcJfqyvLvkZ/MxjjzEpybB8k/
 q7AoVsnfaRyISH7b3kkDOvPGh31rtCxKWxy0mB+FBF4wxfaP4Wmogr9Hg4hpLbIS02YZ
 imhCBy1tkDkyv4tRChZPlajhQDccrLBS+DjT1CJwA3foEUmfaB80gK9LeAbHoIB0/DFh
 +fTaLvnkG+q56NEHeD/MQrFlLDx3d+XYIDI32EOUYjayBB8XJp/XSkJm78mYUtC+UlUF
 pi6w==
X-Forwarded-Encrypted: i=1;
 AJvYcCUpbjheibhBrg1gPdX7QR1CEYUKOiD/6RsFsXa7iLbIhpHQsXpEhmyy4bLbU82xohf+pfPytxO2cAEX@nongnu.org
X-Gm-Message-State: AOJu0Yy/WRYqb9Dlz5iSUc6bP8RZ2T3PSBfxauVsxB6oorSoJ2ORCaR2
 FcJJm2I+Shpe/83bhEj6f+BNUJkiScxXqA7DR9xL1kUHdVlB3DCPn/mzrRZSxBJhOdh/jVJd6ll
 Y/pShuyZ2aX+Lb1M0w68ebsrKJPWetYAZHSOWePTiSm8XoLWNBBjfd/ae
X-Gm-Gg: AZuq6aIc2AXd05CIkqT9wF/3CqFtUh7ZGo27hC7EMQKts5yMhE+hfLiYNvBzB5KzCfe
 m5MZIk9+30/h804e4alrVPZ787LpM6D75GYTAua/Kb6CWRVyMbG3pF4P7ypV39/8NC0WuKzNz0m
 bi4co424g415Crr5ydPqSC5/tP/afCmpGhH6uosVTh8Fn9FFGm0Yw6lKMSumzS0qdvPZ5Pk3vQp
 LUlVVcYE9LrzHEmoS1h8YLaEcqN5Jh3OuXKFZjPtOL6AOdYjjb5BRKFA6EQAkLUxU5drLxCmSX1
 XdeVRK03cm0ytAzfCLwXd0NLKZLwDgm/ZnYGk8B4z+E/l72GoUgOkG/AABBMjM2IsO0sGLIojGZ
 VywrGojL45pOBnhmhJIINyh2XxiYVwEEMhKQQzWxTig==
X-Received: by 2002:a17:90a:c2cb:b0:34a:b4a2:f0bf with SMTP id
 98e67ed59e1d1-353fecdb3d5mr741019a91.16.1769491091783;
 Mon, 26 Jan 2026 21:18:11 -0800 (PST)
X-Received: by 2002:a17:90a:c2cb:b0:34a:b4a2:f0bf with SMTP id
 98e67ed59e1d1-353fecdb3d5mr740991a91.16.1769491091411;
 Mon, 26 Jan 2026 21:18:11 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Eduardo Habkost <eduardo@habkost.net>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,
 =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>,
 Yanan Wang <wangyanan55@huawei.com>, Zhao Liu <zhao1.liu@intel.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kraxel@redhat.com, Ani Sinha <anisinha@redhat.com>, qemu-devel@nongnu.org
Subject: [PATCH v3 32/33] hw/machine: introduce machine specific option
 'x-change-vmfd-on-reset'
Date: Tue, 27 Jan 2026 10:46:00 +0530
Message-ID: <20260127051612.219475-33-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.129.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491213480154100
Content-Type: text/plain; charset="utf-8"

A new machine specific option 'x-change-vmfd-on-reset' is introduced for
debugging and testing only (hence the 'x-' prefix). This option when enabled
will force KVM VM file descriptor to be changed upon guest reset like
in the case of confidential guests. This can be used to exercize the code
changes that are specific for confidential guests on non-confidential
guests as well (except changes that require hardware support for
confidential guests).
A new functional test has been added in the next patch that uses this new
parameter to test the VM file descriptor changes.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 hw/core/machine.c        | 22 ++++++++++++++++++++++
 include/hw/core/boards.h |  6 ++++++
 system/runstate.c        | 17 +++++++++--------
 3 files changed, 37 insertions(+), 8 deletions(-)

diff --git a/hw/core/machine.c b/hw/core/machine.c
index 6411e68856..95d7650db9 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -450,6 +450,21 @@ static void machine_set_dump_guest_core(Object *obj, b=
ool value, Error **errp)
     ms->dump_guest_core =3D value;
 }
=20
+static bool machine_get_new_accel_vmfd_on_reset(Object *obj, Error **errp)
+{
+    MachineState *ms =3D MACHINE(obj);
+
+    return ms->new_accel_vmfd_on_reset;
+}
+
+static void machine_set_new_accel_vmfd_on_reset(Object *obj,
+                                                bool value, Error **errp)
+{
+    MachineState *ms =3D MACHINE(obj);
+
+    ms->new_accel_vmfd_on_reset =3D value;
+}
+
 static bool machine_get_mem_merge(Object *obj, Error **errp)
 {
     MachineState *ms =3D MACHINE(obj);
@@ -1198,6 +1213,13 @@ static void machine_class_init(ObjectClass *oc, cons=
t void *data)
     object_class_property_set_description(oc, "dump-guest-core",
         "Include guest memory in a core dump");
=20
+    object_class_property_add_bool(oc, "x-change-vmfd-on-reset",
+        machine_get_new_accel_vmfd_on_reset,
+        machine_set_new_accel_vmfd_on_reset);
+    object_class_property_set_description(oc, "x-change-vmfd-on-reset",
+        "Generate new accelerator fd on reset, "
+        "to be used only for testing and debugging.");
+
     object_class_property_add_bool(oc, "mem-merge",
         machine_get_mem_merge, machine_set_mem_merge);
     object_class_property_set_description(oc, "mem-merge",
diff --git a/include/hw/core/boards.h b/include/hw/core/boards.h
index 07f8938752..ee3cc9130e 100644
--- a/include/hw/core/boards.h
+++ b/include/hw/core/boards.h
@@ -447,6 +447,12 @@ struct MachineState {
     struct NVDIMMState *nvdimms_state;
     struct NumaState *numa_state;
     bool acpi_spcr_enabled;
+    /*
+     * whether to change virtual machine accelerator file descriptor upon
+     * reset or not. used only for debugging and testing purpose.
+     * It should be set to false for all regular use.
+     */
+    bool new_accel_vmfd_on_reset;
 };
=20
 /*
diff --git a/system/runstate.c b/system/runstate.c
index d2ece27729..06036a9170 100644
--- a/system/runstate.c
+++ b/system/runstate.c
@@ -525,22 +525,23 @@ void qemu_system_reset(ShutdownCause reason)
         type =3D RESET_TYPE_COLD;
     }
=20
-    /*
-     * different accelerators implement how to close the old file handle of
-     * the accelerator descriptor and create a new one here. Resetting
-     * file handle is necessary to create a new confidential VM context po=
st
-     * VM reset.
-     */
-    if (!cpus_are_resettable() && reason =3D=3D SHUTDOWN_CAUSE_GUEST_RESET=
) {
+    if (reason =3D=3D SHUTDOWN_CAUSE_GUEST_RESET &&
+        (current_machine->new_accel_vmfd_on_reset || !cpus_are_resettable(=
))) {
         if (ac->reset_vmfd) {
             ret =3D ac->reset_vmfd(current_machine);
             if (ret < 0) {
                 error_report("unable to reset vmfd: %s(%d)",
                              strerror(-ret), ret);
                 vm_stop(RUN_STATE_INTERNAL_ERROR);
+            } else if (current_machine->new_accel_vmfd_on_reset) {
+                info_report("virtual machine accel file descriptor "
+                            "has changed.");
             }
+        } else if (!cpus_are_resettable())  {
+            error_report("accelerator does not support reset!");
         } else {
-            error_report("accelerator does not support reset");
+            error_report("accelerator does not support vmfd change reset, "
+                         "proceeding with normal reset!");
         }
     }
=20
--=20
2.42.0
From nobody Mon Feb  9 03:52:23 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1769491319; cv=none;
	d=zohomail.com; s=zohoarc;
	b=SxQd9S8GYTHDnm2LGakKOKHbjfc50mAaX0vSIKMH1a0AyOWCMbG5O1CcSlLhKVPxRik5lrXrwuSKBod3xlLT1Dy2exIU+u9CW6st/n4bGiZgxdu5uHOQOjLpryqcscIw/zuuubrh9DUuPwBlRtrku77LXf8PJoOi0AnXRT/6n8g=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1769491319;
 h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=bB4+97qjGRq+qTWDV6RdEjp9dd6Nvg48/ohMnASGL1U=;
	b=Bk7Ebsyz7fsP5/2C2RXzT+B4WZJdgG+ky7hwTB0CiMrk2gyy1Xky0ZpsA3Ze4jmbH4mta1Z6p2hFh9HKhvGQBnN4ER12tR1qPMulCMldE8XF/f/k6Z4Bf2XPEYbTHKkDQ0+2/frwJWOLw9d0gKJl32wKCjAq4uTDpQ/t6UY8sZY=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<anisinha@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 176949131988178.66637044417462;
 Mon, 26 Jan 2026 21:21:59 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vkbTh-00020T-5p; Tue, 27 Jan 2026 00:19:01 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbTP-0001W1-PO
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:49 -0500
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anisinha@redhat.com>)
 id 1vkbTL-0000K1-CD
 for qemu-devel@nongnu.org; Tue, 27 Jan 2026 00:18:43 -0500
Received: from mail-pj1-f71.google.com (mail-pj1-f71.google.com
 [209.85.216.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-584-XT4GWsYsMDm2zi4tv6N-Rw-1; Tue, 27 Jan 2026 00:18:25 -0500
Received: by mail-pj1-f71.google.com with SMTP id
 98e67ed59e1d1-352c7924ebcso4741990a91.3
 for <qemu-devel@nongnu.org>; Mon, 26 Jan 2026 21:18:25 -0800 (PST)
Received: from rhel9-box.lan ([122.163.48.79])
 by smtp.googlemail.com with ESMTPSA id
 98e67ed59e1d1-353f6230d5dsm1110925a91.17.2026.01.26.21.18.11
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Jan 2026 21:18:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1769491114;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=bB4+97qjGRq+qTWDV6RdEjp9dd6Nvg48/ohMnASGL1U=;
 b=VH+Ir6R/aacdc6rPOCaIB+Iwef2RcPgZK7owynw21HhuuxkTOeB4ZoulVtgGhUQDnyHdJw
 FcJIDcpJKYi97I1Fo2AeNkrDYbmz4T922PQcexsqp5dJSF2aO1bXFlV61vq35hRj481pCM
 PYrE3cZURo+3W2JXomQZBOrey5UO0+I=
X-MC-Unique: XT4GWsYsMDm2zi4tv6N-Rw-1
X-Mimecast-MFC-AGG-ID: XT4GWsYsMDm2zi4tv6N-Rw_1769491095
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=redhat.com; s=google; t=1769491094; x=1770095894; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=bB4+97qjGRq+qTWDV6RdEjp9dd6Nvg48/ohMnASGL1U=;
 b=pHjcr5f/QbT6CLwa4uSCLhWUdQOSnuM4vdiVwNnnrXMb5xjWvk41XGeZV1je3rMIIY
 M/KYGSV+yXfg+H0OwDgm6GleZ97UfFVUMFNXv5CLM3GRH71AIurVRKAwcycBt3q6xUQk
 2WaGnW5M6mBdxy7XchNRvCwcBNzeP7qUQ06MuV8BJG31CwVI2/RoFRD1Lt2lKHsS/WtF
 0RmlOycNZEXjcyJpsyY3KX1inEG0iOXSdoJ2j81dVwjECdobvjLg+o2nCbHFUujXdpww
 uzME0ImD9tkCp8WZxP0wHTAVMxSvzsZadV9QLwWpsl0Kv11g+SRiXG2jaUzX5lpX5mOb
 DbkA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1769491094; x=1770095894;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=bB4+97qjGRq+qTWDV6RdEjp9dd6Nvg48/ohMnASGL1U=;
 b=bn75wVRSL19d2IkANjufdu/F3c2cJ+YEm0RWnxS0TcPSG6ggTscGmewTzyDITnPBDA
 EnCcEGWdFGWqDEd1UGvPcI4BxPVwEqX5enu8Km6sVsJUs5dIqSDaF0cJarHRmaJz8Yl1
 1bXnCmtP5zw+vzQMSXAMoQocQ4umfGy9ogmZSOuzqu1JxFUi7pu6fWW1cs9HEcy6eQf+
 9W2P8oL8N1l/NTWZha5emAdu4E4T1tHi3zxfRneXFYYhXJTAMyICQZ7BdRPU4Bj4xrSv
 ty91w1X92ByGSCOqq1Nc0n/lycVr9XKqGLhhLfmZN9wzthtyiTyFhEqGoHvBAplgyogh
 3wqw==
X-Forwarded-Encrypted: i=1;
 AJvYcCXsYDQ/JIrHJPcX7xtTUgaYagudrzvLnHUpJ+gxoXRc6zT/jwkxQtqnufj1XXheV8K+BUEt+L/b99h+@nongnu.org
X-Gm-Message-State: AOJu0Yw4PjVMzvwnXrBGv1g5tvIdQBTBabPkrrQ/gW1TvlMaTSrIXhpf
 3IEN3dZS4Y6fwKxRYvrqhlyMDoOwI4HPBqfYARYx63KyTB4+L3zZEVRZcfiXzd5nNO1a3hVBkwa
 Ab5rEYL5Kcdg2MR8emIa12tQ96hoYaY7UnTr2OGnGYU25RWGe5cnPR3cbhtJxGfyU
X-Gm-Gg: AZuq6aJZHaQQenaYRvznXdICwTI/FIj+9/fEk26BCAVXHa0Mc7hkHPR2FfrSI9jjjLV
 4GDoc1EB/OJNCKr51xIbSkXEVv7XgcwZnGnBH7GpI4hvE1LXfTcVspq3sckKQ9u0NtEdNf+IV89
 /sH9qvAf2PlUZ5z17pAH3LdC8aFYcO1M3vz7FUvrKzMl5zl5R3ntSkHOzimE/vhrP+M4ewzh1Yh
 b50yLKVW+H74pTfeBh7i3oV8oOz570nnE54bmbUM2j3AjxTbxvRpKD2IVCkS6OMJlngSr8TESak
 KRO8jG0iGTFtJi60WvVgoq/vdEMAcX81RIuYyz6SdLnOSxmWaiVDCKa62OL//dv3kPaqg5/b2B2
 3B0RzSgijO3TJslF+DnAQs+BvRJ1Wnd8QSUyLWBFZ2g==
X-Received: by 2002:a17:90b:288a:b0:34c:75d1:6f90 with SMTP id
 98e67ed59e1d1-353fed6ebf4mr818776a91.17.1769491094325;
 Mon, 26 Jan 2026 21:18:14 -0800 (PST)
X-Received: by 2002:a17:90b:288a:b0:34c:75d1:6f90 with SMTP id
 98e67ed59e1d1-353fed6ebf4mr818749a91.17.1769491093982;
 Mon, 26 Jan 2026 21:18:13 -0800 (PST)
From: Ani Sinha <anisinha@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Zhao Liu <zhao1.liu@intel.com>,
 Ani Sinha <anisinha@redhat.com>
Cc: kraxel@redhat.com,
	qemu-devel@nongnu.org
Subject: [PATCH v3 33/33] tests/functional/x86_64: add functional test to
 exercise vm fd change on reset
Date: Tue, 27 Jan 2026 10:46:01 +0530
Message-ID: <20260127051612.219475-34-anisinha@redhat.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20260127051612.219475-1-anisinha@redhat.com>
References: <20260127051612.219475-1-anisinha@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=anisinha@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1769491321088154100

A new functional test is added that exercises the code changes related to
closing of the old KVM VM file descriptor and opening a new one upon VM res=
et.
This normally happens when confidential guests are resetted but for
non-confidential guests, we use a special machine specific debug/test param=
eter
'x-change-vmfd-on-reset' to enable this behavior.
Only specific code changes related to re-initialization of SEV-ES, SEV-SNP =
and
TDX platforms are not exercized in this test as they require hardware that
supports running confidential guests.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 MAINTAINERS                                   |  6 ++
 tests/functional/x86_64/meson.build           |  1 +
 .../x86_64/test_vmfd_change_reboot.py         | 96 +++++++++++++++++++
 3 files changed, 103 insertions(+)
 create mode 100755 tests/functional/x86_64/test_vmfd_change_reboot.py

diff --git a/MAINTAINERS b/MAINTAINERS
index c1e586c58f..f3367d4251 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -151,6 +151,12 @@ F: tools/i386/
 F: tests/functional/i386/
 F: tests/functional/x86_64/
=20
+X86 VM file descriptor change on reset test
+M: Ani Sinha <anisinha@redhat.com>
+M: Paolo Bonzini <pbonzini@redhat.com>
+S: Maintained
+F: tests/functional/x86_64/test_vmfd_change_reboot.py
+
 Guest CPU cores (TCG)
 ---------------------
 Overall TCG CPUs
diff --git a/tests/functional/x86_64/meson.build b/tests/functional/x86_64/=
meson.build
index f78eec5e6c..784d9791cb 100644
--- a/tests/functional/x86_64/meson.build
+++ b/tests/functional/x86_64/meson.build
@@ -36,4 +36,5 @@ tests_x86_64_system_thorough =3D [
   'vfio_user_client',
   'virtio_balloon',
   'virtio_gpu',
+  'vmfd_change_reboot',
 ]
diff --git a/tests/functional/x86_64/test_vmfd_change_reboot.py b/tests/fun=
ctional/x86_64/test_vmfd_change_reboot.py
new file mode 100755
index 0000000000..b9e099aae1
--- /dev/null
+++ b/tests/functional/x86_64/test_vmfd_change_reboot.py
@@ -0,0 +1,96 @@
+#!/usr/bin/env python3
+#
+# KVM VM file descriptor change on reset test
+#
+# Copyright =C2=A9 2026 Red Hat, Inc.
+#
+# Author:
+#  Ani Sinha <anisinha@redhat.com>
+#
+# SPDX-License-Identifier: GPL-2.0-or-later
+
+import os
+from qemu.machine import machine
+
+from qemu_test import QemuSystemTest, Asset, exec_command_and_wait_for_pat=
tern
+from qemu_test import wait_for_console_pattern
+
+class KVMGuest(QemuSystemTest):
+
+    # ASSET UKI was generated using
+    # https://gitlab.com/kraxel/edk2-tests/-/blob/unittest/tools/make-supe=
rmin.sh
+    ASSET_UKI =3D Asset('https://gitlab.com/anisinha/misc-artifacts/'
+                      '-/raw/main/uki.x86-64.efi?ref_type=3Dheads',
+                      'e0f806bd1fa24111312e1fe849d2ee69808d4343930a5'
+                      'dc8c1688da17c65f576')
+    # ASSET_OVMF comes from /usr/share/edk2/ovmf/OVMF.stateless.fd of a fc=
43
+    # distro which in turn comes from the edk2-ovmf-20251119-3.fc43.noarch=
 rpm.
+    ASSET_OVMF =3D Asset('https://gitlab.com/anisinha/misc-artifacts/'
+                       '-/raw/main/OVMF.stateless.fd?ref_type=3Dheads',
+                       '58a4275aafa8774bd6b1540adceae4ea434b8db75b476'
+                       '11839ff47be88cfcf22')
+
+    def common_vm_setup(self, kvm_args=3DNone, cpu_args=3DNone):
+        self.require_accelerator("kvm")
+
+        self.vm.set_console()
+        if kvm_args:
+            self.vm.add_args("-accel", "kvm,%s" %kvm_args)
+        else:
+            self.vm.add_args("-accel", "kvm")
+        self.vm.add_args("-smp", "2")
+        if cpu_args:
+            self.vm.add_args("-cpu", "host,%s" %cpu_args)
+        else:
+            self.vm.add_args("-cpu", "host")
+        self.vm.add_args("-m", "2G")
+        self.vm.add_args("-nographic", "-nodefaults")
+
+        self.uki_path =3D self.ASSET_UKI.fetch()
+        self.ovmf_path =3D self.ASSET_OVMF.fetch()
+
+    def run_and_check(self):
+        self.vm.add_args('-kernel', self.uki_path)
+        self.vm.add_args("-bios", self.ovmf_path)
+        # enable KVM VMFD change on reset for a non-coco VM
+        self.vm.add_args("-machine", "q35,x-change-vmfd-on-reset=3Don")
+        # enable tracing
+        self.vm.add_args("-d", "trace:kvm_reset_vmfd")
+
+        try:
+            self.vm.launch()
+        except machine.VMLaunchFailure as e:
+            if "Xen HVM guest support not present" in e.output:
+                self.skipTest("KVM Xen support is not present "
+                              "(need v5.12+ kernel with CONFIG_KVM_XEN)")
+            elif "Property 'kvm-accel.xen-version' not found" in e.output:
+                self.skipTest("QEMU not built with CONFIG_XEN_EMU support")
+            else:
+                raise e
+
+        self.log.info('VM launched')
+        console_pattern =3D 'bash-5.1#'
+        wait_for_console_pattern(self, console_pattern)
+        self.log.info('VM ready with a bash prompt')
+
+        exec_command_and_wait_for_pattern(self, '/usr/sbin/reboot -f',
+                                          'reboot: machine restart')
+        console_pattern =3D '# --- Hello world ---'
+        wait_for_console_pattern(self, console_pattern)
+        self.vm.shutdown()
+        self.assertRegex(self.vm.get_log(),
+                         r'kvm_reset_vmfd')
+        self.assertRegex(self.vm.get_log(),
+                         r'virtual machine accel file descriptor has chang=
ed')
+
+    def test_vmfd_change_on_reset(self):
+        self.common_vm_setup()
+        self.run_and_check()
+
+    def test_xen_emulation(self):
+        self.common_vm_setup("xen-version=3D0x4000a,kernel-irqchip=3Dsplit=
")
+        self.run_and_check()
+
+
+if __name__ =3D=3D '__main__':
+    QemuSystemTest.main()
--=20
2.42.0