From nobody Fri Dec 19 20:17:32 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=randomman.co.uk ARC-Seal: i=1; a=rsa-sha256; t=1751555512; cv=none; d=zohomail.com; s=zohoarc; b=eR1Fy+L9zyuMWyRDYCOLa7uSPefj/bIaj46MzcRsFGhSiBl8pRbYwpVYFA1GyocIomINgogw+RmZnpSWRPdGIrczyzszZ2rnShqrIJnrkNmAaGlLAdmVe5mXz6FdaRPSGhePso/r+kCOC+OfB0jw5XFsXwArlIWlXZvvR4v5YOY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1751555512; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=7tTRuEYzTnfzw1HSyKFGprA4q7MU2seFDdz/NxxlYpA=; b=QCQI59FWRjD4MEM3Gf8n7GaELXdWa/LgJtGupxZGP1UKLUdcsUtgBe6DU1OPqixCu5ZA3CMYF0cGQPc8tGnNmprwctJfTi7lZQzgzahRwL2fbalFV4ROPhJTzb8EufISwRd8evFyw2HAoToWwzgN4oM5vgqDVOWWgPzhLtE2JVE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 175155551235910.545235996279075; Thu, 3 Jul 2025 08:11:52 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uXLb7-0004iE-32; Thu, 03 Jul 2025 11:11:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uXLb5-0004fx-5I for qemu-devel@nongnu.org; Thu, 03 Jul 2025 11:11:35 -0400 Received: from smtp-out-60.livemail.co.uk ([213.171.216.60] helo=dkim.livemail.co.uk) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uXLb0-0005d7-Py for qemu-devel@nongnu.org; Thu, 03 Jul 2025 11:11:34 -0400 Received: from smtp.livemail.co.uk (unknown [10.44.132.84]) by dkim.livemail.co.uk (Postfix) with ESMTPS id BDFAE4021F; Thu, 3 Jul 2025 16:11:27 +0100 (BST) Received: from localhost.localdomain (unknown [145.40.191.116]) (Authenticated sender: roy.hopkins@randomman.co.uk) by smtp.livemail.co.uk (Postfix) with ESMTPSA id 31639A0176; Thu, 3 Jul 2025 16:11:23 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=randomman.co.uk; s=livemail2; t=1751555487; bh=UUhDVqRVN7oQx75h5PUMv6XLd2uwUSu+4ibxjWS4gXc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=qmGeWUDZn6vM3SIU1OQc/W/KMAMa5fD5ORKH5aSlCIGr0NqHz+pX2hq7cXGapZiIA dICIw0jDkV3SqA2RGsw7RI8/abx/gcHtPZSyHvVHE9IDJLqNRlCETvEIjXFpcuC4n3 na7V8xnPEjGHYvbyc8aMRuGQnSzYb9/16JaQocOI= From: Roy Hopkins To: qemu-devel@nongnu.org Cc: Roy Hopkins , Paolo Bonzini , "Daniel P . Berrange" , Stefano Garzarella , Marcelo Tosatti , "Michael S . Tsirkin" , Cornelia Huck , Marcel Apfelbaum , Sergio Lopez , Eduardo Habkost , Alistair Francis , Peter Xu , David Hildenbrand , Igor Mammedov , Tom Lendacky , Michael Roth , Ani Sinha , Gerd Hoffman , Pankaj Gupta , Joerg Roedel Subject: [PATCH v9 04/16] hw/i386: Add igvm-cfg object and processing for IGVM files Date: Thu, 3 Jul 2025 16:11:02 +0100 Message-ID: <23bc66ae4504ba5cf2134826e055b25df3fc9cd9.1751554099.git.roy.hopkins@randomman.co.uk> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=213.171.216.60; envelope-from=roy.hopkins@randomman.co.uk; helo=dkim.livemail.co.uk X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.237, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @randomman.co.uk) X-ZM-MESSAGEID: 1751555515061116600 Content-Type: text/plain; charset="utf-8" An IGVM file contains configuration of guest state that should be applied during configuration of the guest, before the guest is started. This patch allows the user to add an igvm-cfg object to an X86 machine configuration that allows an IGVM file to be configured that will be applied to the guest before it is started. If an IGVM configuration is provided then the IGVM file is processed at the end of the board initialization, before the state transition to PHASE_MACHINE_INITIALIZED. Signed-off-by: Roy Hopkins Acked-by: Gerd Hoffman Reviewed-by: Michael S. Tsirkin Reviewed-by: Stefano Garzarella Reviewed-by: Ani Sinha --- hw/i386/pc.c | 12 ++++++++++++ hw/i386/pc_piix.c | 10 ++++++++++ hw/i386/pc_q35.c | 10 ++++++++++ include/hw/i386/x86.h | 3 +++ qemu-options.hx | 28 ++++++++++++++++++++++++++++ 5 files changed, 63 insertions(+) diff --git a/hw/i386/pc.c b/hw/i386/pc.c index b211633575..432ab288a8 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -1833,6 +1833,18 @@ static void pc_machine_class_init(ObjectClass *oc, c= onst void *data) object_class_property_add_bool(oc, "fd-bootchk", pc_machine_get_fd_bootchk, pc_machine_set_fd_bootchk); + +#if defined(CONFIG_IGVM) + object_class_property_add_link(oc, "igvm-cfg", + TYPE_IGVM_CFG, + offsetof(X86MachineState, igvm), + object_property_allow_set_link, + OBJ_PROP_LINK_STRONG); + object_class_property_set_description(oc, "igvm-cfg", + "Set IGVM configuration"); +#endif + + } =20 static const TypeInfo pc_machine_info =3D { diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c index ea7572e783..3184ea1b37 100644 --- a/hw/i386/pc_piix.c +++ b/hw/i386/pc_piix.c @@ -366,6 +366,16 @@ static void pc_init1(MachineState *machine, const char= *pci_type) x86_nvdimm_acpi_dsmio, x86ms->fw_cfg, OBJECT(pcms)); } + +#if defined(CONFIG_IGVM) + /* Apply guest state from IGVM if supplied */ + if (x86ms->igvm) { + if (IGVM_CFG_GET_CLASS(x86ms->igvm) + ->process(x86ms->igvm, machine->cgs, &error_fatal) < 0) { + g_assert_not_reached(); + } + } +#endif } =20 typedef enum PCSouthBridgeOption { diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c index 33211b1876..6990e1c669 100644 --- a/hw/i386/pc_q35.c +++ b/hw/i386/pc_q35.c @@ -325,6 +325,16 @@ static void pc_q35_init(MachineState *machine) x86_nvdimm_acpi_dsmio, x86ms->fw_cfg, OBJECT(pcms)); } + +#if defined(CONFIG_IGVM) + /* Apply guest state from IGVM if supplied */ + if (x86ms->igvm) { + if (IGVM_CFG_GET_CLASS(x86ms->igvm) + ->process(x86ms->igvm, machine->cgs, &error_fatal) < 0) { + g_assert_not_reached(); + } + } +#endif } =20 #define DEFINE_Q35_MACHINE(major, minor) \ diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h index fc460b82f8..8755cad50a 100644 --- a/include/hw/i386/x86.h +++ b/include/hw/i386/x86.h @@ -25,6 +25,7 @@ #include "hw/intc/ioapic.h" #include "hw/isa/isa.h" #include "qom/object.h" +#include "system/igvm-cfg.h" =20 struct X86MachineClass { MachineClass parent; @@ -92,6 +93,8 @@ struct X86MachineState { * which means no limitation on the guest's bus locks. */ uint64_t bus_lock_ratelimit; + + IgvmCfg *igvm; }; =20 #define X86_MACHINE_SMM "smm" diff --git a/qemu-options.hx b/qemu-options.hx index 1f862b19a6..f4c05b388b 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -5992,6 +5992,34 @@ SRST -machine ...,memory-encryption=3Dsev0 \\ ..... =20 + ``-object igvm-cfg,file=3Dfile`` + Create an IGVM configuration object that defines the initial state + of the guest using a file in that conforms to the Independent Guest + Virtual Machine (IGVM) file format. + + This is currently only supported by ``-machine q35`` and + ``-machine pc``. + + The ``file`` parameter is used to specify the IGVM file to load. + When provided, the IGVM file is used to populate the initial + memory of the virtual machine and, depending on the platform, can + define the initial processor state, memory map and parameters. + + The IGVM file is expected to contain the firmware for the virtual + machine, therefore an ``igvm-cfg`` object cannot be provided along + with other ways of specifying firmware, such as the ``-bios`` + parameter on x86 machines. + + e.g to launch a machine providing the firmware in an IGVM file + + .. parsed-literal:: + + # |qemu_system_x86| \\ + ...... \\ + -object igvm-cfg,id=3Digvm0,file=3Dbios.igvm \\ + -machine ...,igvm-cfg=3Digvm0 \\ + ..... + ``-object authz-simple,id=3Did,identity=3Dstring`` Create an authorization object that will control access to network services. --=20 2.43.0