On Mon, Jun 23, 2025 at 03:03:19PM +0800, Xiaoyao Li wrote:
> On 6/23/2025 2:43 PM, Cédric Le Goater wrote:
> > Hello,
> >
> > On 6/20/25 18:40, Paolo Bonzini wrote:
> > > From: Isaku Yamahata <isaku.yamah...@intel.com>
> > >
> > > Add property "quote-generation-socket" to tdx-guest, which is a property
> > > of type SocketAddress to specify Quote Generation Service(QGS).
> > >
> > > On request of GetQuote, it connects to the QGS socket, read request
> > > data from shared guest memory, send the request data to the QGS,
> > > and store the response into shared guest memory, at last notify
> > > TD guest by interrupt.
> > >
> > > command line example:
> > > qemu-system-x86_64 \
> > > -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-
> > > socket":{"type":"unix", "path":"/var/run/tdx-qgs/qgs.socket"}}' \
> > > -machine confidential-guest-support=tdx0
> > >
> > > Note, above example uses the unix socket. It can be other types,
> > > like vsock,
> > > which depends on the implementation of QGS.
> > >
> > > To avoid no response from QGS server, setup a timer for the transaction.
> > > If timeout, make it an error and interrupt guest. Define the threshold of
> > > time to 30s at present, maybe change to other value if not appropriate.
> > >
> > > Signed-off-by: Isaku Yamahata <isaku.yamah...@intel.com>
> > > Co-developed-by: Chenyi Qiang <chenyi.qi...@intel.com>
> > > Signed-off-by: Chenyi Qiang <chenyi.qi...@intel.com>
> > > Co-developed-by: Xiaoyao Li <xiaoyao...@intel.com>
> > > Signed-off-by: Xiaoyao Li <xiaoyao...@intel.com>
> > > Tested-by: Xiaoyao Li <xiaoyao...@intel.com>
> > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
> > > ---
> > > qapi/qom.json | 8 +-
> > > target/i386/kvm/tdx-quote-generator.h | 82 +++++++
> > > target/i386/kvm/tdx.h | 10 +
> > > target/i386/kvm/kvm.c | 3 +
> > > target/i386/kvm/tdx-quote-generator.c | 300 ++++++++++++++++++++++++++
> > > target/i386/kvm/tdx-stub.c | 4 +
> > > target/i386/kvm/tdx.c | 176 ++++++++++++++-
> > > target/i386/kvm/meson.build | 2 +-
> > > 8 files changed, 582 insertions(+), 3 deletions(-)
> > > create mode 100644 target/i386/kvm/tdx-quote-generator.h
> > > create mode 100644 target/i386/kvm/tdx-quote-generator.c
> >
> > These changes broke the build on 32-bit host.
> >
> > Could you please send a patch to avoid compiling TDX in such environment ?
>
> Paolo is on vacation.
>
> I would like to help, but I don't have 32-bit host environment on hand. Do
> you know how to set up such environment quickly? (I tried to set up within a
> 32-bit VM but the 32-bit OS is too old and I didn't get it work to install
> the required package for building QEMU)
You should be able to use QEMU's docker containers to get yourself a
Debian i386 container, on a x86_64 host.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
