1. Patchew
  2. QEMU
  3. [RFC PATCH v2 00/44] TDX support
  4. View patch

[RFC PATCH v2 07/44] i386/kvm: Squash getting/putting guest state for TDX VMs

isaku.yamahata@gmail.com posted 44 patches 4 years, 7 months ago
[RFC PATCH v2 07/44] i386/kvm: Squash getting/putting guest state for TDX VMs
Posted by isaku.yamahata@gmail.com 4 years, 7 months ago 
From: Sean Christopherson <sean.j.christopherson@intel.com>

Ignore get/put state of TDX VMs as accessing/mutating guest state of
producation TDs is not supported.
Allow kvm_arch_get_registers() to run as normal, except for MSRs, for
debug TDs, and silently ignores attempts to read guest state for
non-debug TDs.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
 target/i386/kvm/kvm.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index a3d5b334d1..27b64dedc2 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -2641,6 +2641,11 @@ void kvm_put_apicbase(X86CPU *cpu, uint64_t value)
 {
     int ret;
 
+    /* TODO: Allow accessing guest state for debug TDs. */
+    if (vm_type == KVM_X86_TDX_VM) {
+            return;
+    }
+
     ret = kvm_put_one_msr(cpu, MSR_IA32_APICBASE, value);
     assert(ret == 1);
 }
@@ -4099,6 +4104,11 @@ int kvm_arch_put_registers(CPUState *cpu, int level)
 
     assert(cpu_is_stopped(cpu) || qemu_cpu_is_self(cpu));
 
+    /* TODO: Allow accessing guest state for debug TDs. */
+    if (vm_type == KVM_X86_TDX_VM) {
+        return 0;
+    }
+
     /* must be before kvm_put_nested_state so that EFER.SVME is set */
     ret = kvm_put_sregs(x86_cpu);
     if (ret < 0) {
@@ -4209,9 +4219,11 @@ int kvm_arch_get_registers(CPUState *cs)
     if (ret < 0) {
         goto out;
     }
-    ret = kvm_get_msrs(cpu);
-    if (ret < 0) {
-        goto out;
+    if (vm_type != KVM_X86_TDX_VM) {
+        ret = kvm_get_msrs(cpu);
+        if (ret < 0) {
+            goto out;
+        }
     }
     ret = kvm_get_apic(cpu);
     if (ret < 0) {
-- 
2.25.1
Re: [RFC PATCH v2 07/44] i386/kvm: Squash getting/putting guest state for TDX VMs
Posted by Gerd Hoffmann 4 years, 5 months ago 
On Wed, Jul 07, 2021 at 05:54:37PM -0700, isaku.yamahata@gmail.com wrote:
> From: Sean Christopherson <sean.j.christopherson@intel.com>
> 
> Ignore get/put state of TDX VMs as accessing/mutating guest state of
> producation TDs is not supported.

Why silently ignore instead of returning an error?

take care,
  Gerd
Re: [RFC PATCH v2 07/44] i386/kvm: Squash getting/putting guest state for TDX VMs
Posted by Xiaoyao Li 4 years, 2 months ago 
On 8/26/2021 6:24 PM, Gerd Hoffmann wrote:
> On Wed, Jul 07, 2021 at 05:54:37PM -0700, isaku.yamahata@gmail.com wrote:
>> From: Sean Christopherson <sean.j.christopherson@intel.com>
>>
>> Ignore get/put state of TDX VMs as accessing/mutating guest state of
>> producation TDs is not supported.
> 
> Why silently ignore instead of returning an error?

The error is returned to upper caller in QEMU, right? There deems to be 
somewhere in QEMU to not call the IOCTLs to get guest states of TD VM.

Let's reword it to "Don't". Is it OK?

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.