| Message ID | 20230127150727.612594-3-jean-philippe@linaro.org |
|---|---|
| State | Superseded |
| Headers | show |
| Series | arm: Run Arm CCA VMs with KVM | expand |
On 1/27/23 05:07, Jean-Philippe Brucker wrote: > Add a new RmeGuest object, inheriting from ConfidentialGuestSupport, to > support the Arm Realm Management Extension (RME). It is instantiated by > passing on the command-line: > > -M virt,confidential-guest-support=<id> > -object guest-rme,id=<id>[,options...] > > This is only the skeleton. Support will be added in following patches. > > Signed-off-by: Jean-Philippe Brucker<jean-philippe@linaro.org> > --- > docs/system/confidential-guest-support.rst | 1 + > qapi/qom.json | 3 +- > target/arm/kvm-rme.c | 48 ++++++++++++++++++++++ > target/arm/meson.build | 7 +++- > 4 files changed, 57 insertions(+), 2 deletions(-) > create mode 100644 target/arm/kvm-rme.c Reviewed-by: Richard Henderson <richard.henderson@linaro.org> r~
On 27/1/23 16:07, Jean-Philippe Brucker wrote: > Add a new RmeGuest object, inheriting from ConfidentialGuestSupport, to > support the Arm Realm Management Extension (RME). It is instantiated by > passing on the command-line: > > -M virt,confidential-guest-support=<id> > -object guest-rme,id=<id>[,options...] > > This is only the skeleton. Support will be added in following patches. > > Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org> > --- > docs/system/confidential-guest-support.rst | 1 + > qapi/qom.json | 3 +- > target/arm/kvm-rme.c | 48 ++++++++++++++++++++++ > target/arm/meson.build | 7 +++- > 4 files changed, 57 insertions(+), 2 deletions(-) > create mode 100644 target/arm/kvm-rme.c > diff --git a/target/arm/kvm-rme.c b/target/arm/kvm-rme.c > new file mode 100644 > index 0000000000..22aa3dc712 > --- /dev/null > +++ b/target/arm/kvm-rme.c > @@ -0,0 +1,48 @@ > +/* > + * QEMU Arm RME support > + * > + * Copyright Linaro 2022 > + */ > + > +#include "qemu/osdep.h" > + > +#include "exec/confidential-guest-support.h" > +#include "hw/boards.h" > +#include "hw/core/cpu.h" > +#include "kvm_arm.h" > +#include "migration/blocker.h" > +#include "qapi/error.h" > +#include "qom/object_interfaces.h" > +#include "sysemu/kvm.h" > +#include "sysemu/runstate.h" > + > +#define TYPE_RME_GUEST "rme-guest" > +OBJECT_DECLARE_SIMPLE_TYPE(RmeGuest, RME_GUEST) > + > +typedef struct RmeGuest RmeGuest; OBJECT_DECLARE_SIMPLE_TYPE() already forward-declares RmeGuest, otherwise: Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
diff --git a/docs/system/confidential-guest-support.rst b/docs/system/confidential-guest-support.rst index 0c490dbda2..acf46d8856 100644 --- a/docs/system/confidential-guest-support.rst +++ b/docs/system/confidential-guest-support.rst @@ -40,5 +40,6 @@ Currently supported confidential guest mechanisms are: * AMD Secure Encrypted Virtualization (SEV) (see :doc:`i386/amd-memory-encryption`) * POWER Protected Execution Facility (PEF) (see :ref:`power-papr-protected-execution-facility-pef`) * s390x Protected Virtualization (PV) (see :doc:`s390x/protvirt`) +* Arm Realm Management Extension (RME) Other mechanisms may be supported in future. diff --git a/qapi/qom.json b/qapi/qom.json index 30e76653ad..7ca27bb86c 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -917,7 +917,8 @@ 'tls-creds-x509', 'tls-cipher-suites', { 'name': 'x-remote-object', 'features': [ 'unstable' ] }, - { 'name': 'x-vfio-user-server', 'features': [ 'unstable' ] } + { 'name': 'x-vfio-user-server', 'features': [ 'unstable' ] }, + 'rme-guest' ] } ## diff --git a/target/arm/kvm-rme.c b/target/arm/kvm-rme.c new file mode 100644 index 0000000000..22aa3dc712 --- /dev/null +++ b/target/arm/kvm-rme.c @@ -0,0 +1,48 @@ +/* + * QEMU Arm RME support + * + * Copyright Linaro 2022 + */ + +#include "qemu/osdep.h" + +#include "exec/confidential-guest-support.h" +#include "hw/boards.h" +#include "hw/core/cpu.h" +#include "kvm_arm.h" +#include "migration/blocker.h" +#include "qapi/error.h" +#include "qom/object_interfaces.h" +#include "sysemu/kvm.h" +#include "sysemu/runstate.h" + +#define TYPE_RME_GUEST "rme-guest" +OBJECT_DECLARE_SIMPLE_TYPE(RmeGuest, RME_GUEST) + +typedef struct RmeGuest RmeGuest; + +struct RmeGuest { + ConfidentialGuestSupport parent_obj; +}; + +static void rme_guest_class_init(ObjectClass *oc, void *data) +{ +} + +static const TypeInfo rme_guest_info = { + .parent = TYPE_CONFIDENTIAL_GUEST_SUPPORT, + .name = TYPE_RME_GUEST, + .instance_size = sizeof(struct RmeGuest), + .class_init = rme_guest_class_init, + .interfaces = (InterfaceInfo[]) { + { TYPE_USER_CREATABLE }, + { } + } +}; + +static void rme_register_types(void) +{ + type_register_static(&rme_guest_info); +} + +type_init(rme_register_types); diff --git a/target/arm/meson.build b/target/arm/meson.build index 87e911b27f..a2224c0d23 100644 --- a/target/arm/meson.build +++ b/target/arm/meson.build @@ -40,7 +40,12 @@ arm_ss.add(files( )) arm_ss.add(zlib) -arm_ss.add(when: 'CONFIG_KVM', if_true: files('kvm.c', 'kvm64.c'), if_false: files('kvm-stub.c')) +arm_ss.add(when: 'CONFIG_KVM', + if_true: files( + 'kvm.c', + 'kvm64.c', + 'kvm-rme.c'), + if_false: files('kvm-stub.c')) arm_ss.add(when: 'TARGET_AARCH64', if_true: files( 'cpu64.c',
Add a new RmeGuest object, inheriting from ConfidentialGuestSupport, to support the Arm Realm Management Extension (RME). It is instantiated by passing on the command-line: -M virt,confidential-guest-support=<id> -object guest-rme,id=<id>[,options...] This is only the skeleton. Support will be added in following patches. Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org> --- docs/system/confidential-guest-support.rst | 1 + qapi/qom.json | 3 +- target/arm/kvm-rme.c | 48 ++++++++++++++++++++++ target/arm/meson.build | 7 +++- 4 files changed, 57 insertions(+), 2 deletions(-) create mode 100644 target/arm/kvm-rme.c