On Mon, Jun 23, 2025 at 9:09 AM Daniel P. Berrangé <berra...@redhat.com> wrote:
>
> On Mon, Jun 23, 2025 at 09:04:33AM -0400, Stefan Hajnoczi wrote:
> > On Mon, Jun 23, 2025 at 4:04 AM Daniel P. Berrangé <berra...@redhat.com>
> > wrote:
> > >
> > > On Mon, Jun 23, 2025 at 03:03:19PM +0800, Xiaoyao Li wrote:
> > > > On 6/23/2025 2:43 PM, Cédric Le Goater wrote:
> > > > > Hello,
> > > > >
> > > > > On 6/20/25 18:40, Paolo Bonzini wrote:
> > > > > > From: Isaku Yamahata <isaku.yamah...@intel.com>
> > > > > >
> > > > > > Add property "quote-generation-socket" to tdx-guest, which is a
> > > > > > property
> > > > > > of type SocketAddress to specify Quote Generation Service(QGS).
> > > > > >
> > > > > > On request of GetQuote, it connects to the QGS socket, read request
> > > > > > data from shared guest memory, send the request data to the QGS,
> > > > > > and store the response into shared guest memory, at last notify
> > > > > > TD guest by interrupt.
> > > > > >
> > > > > > command line example:
> > > > > > qemu-system-x86_64 \
> > > > > > -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-
> > > > > > socket":{"type":"unix", "path":"/var/run/tdx-qgs/qgs.socket"}}' \
> > > > > > -machine confidential-guest-support=tdx0
> > > > > >
> > > > > > Note, above example uses the unix socket. It can be other types,
> > > > > > like vsock,
> > > > > > which depends on the implementation of QGS.
> > > > > >
> > > > > > To avoid no response from QGS server, setup a timer for the
> > > > > > transaction.
> > > > > > If timeout, make it an error and interrupt guest. Define the
> > > > > > threshold of
> > > > > > time to 30s at present, maybe change to other value if not
> > > > > > appropriate.
> > > > > >
> > > > > > Signed-off-by: Isaku Yamahata <isaku.yamah...@intel.com>
> > > > > > Co-developed-by: Chenyi Qiang <chenyi.qi...@intel.com>
> > > > > > Signed-off-by: Chenyi Qiang <chenyi.qi...@intel.com>
> > > > > > Co-developed-by: Xiaoyao Li <xiaoyao...@intel.com>
> > > > > > Signed-off-by: Xiaoyao Li <xiaoyao...@intel.com>
> > > > > > Tested-by: Xiaoyao Li <xiaoyao...@intel.com>
> > > > > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
> > > > > > ---
> > > > > > qapi/qom.json | 8 +-
> > > > > > target/i386/kvm/tdx-quote-generator.h | 82 +++++++
> > > > > > target/i386/kvm/tdx.h | 10 +
> > > > > > target/i386/kvm/kvm.c | 3 +
> > > > > > target/i386/kvm/tdx-quote-generator.c | 300
> > > > > > ++++++++++++++++++++++++++
> > > > > > target/i386/kvm/tdx-stub.c | 4 +
> > > > > > target/i386/kvm/tdx.c | 176 ++++++++++++++-
> > > > > > target/i386/kvm/meson.build | 2 +-
> > > > > > 8 files changed, 582 insertions(+), 3 deletions(-)
> > > > > > create mode 100644 target/i386/kvm/tdx-quote-generator.h
> > > > > > create mode 100644 target/i386/kvm/tdx-quote-generator.c
> > > > >
> > > > > These changes broke the build on 32-bit host.
> > > > >
> > > > > Could you please send a patch to avoid compiling TDX in such
> > > > > environment ?
> > > >
> > > > Paolo is on vacation.
> > > >
> > > > I would like to help, but I don't have 32-bit host environment on hand.
> > > > Do
> > > > you know how to set up such environment quickly? (I tried to set up
> > > > within a
> > > > 32-bit VM but the 32-bit OS is too old and I didn't get it work to
> > > > install
> > > > the required package for building QEMU)
> > >
> > > You should be able to use QEMU's docker containers to get yourself a
> > > Debian i386 container, on a x86_64 host.
> >
> > The cross-i686-system (Debian) build CI job succeeded:
> > https://gitlab.com/qemu-project/qemu/-/jobs/10423776600
> >
> > I wonder why the CI didn't catch the issue?
>
> It didn't build the x86_64 target:
>
> --target-list-exclude="arm-softmmu i386-softmmu microblaze-softmmu
> mips-softmmu mipsel-softmmu mips64-softmmu ppc-softmmu riscv32-softmmu
> sh4-softmmu sparc-softmmu xtensa-softmmu $CROSS_SKIP_TARGETS"
>
> so in turn didn't build any TDX code
Here are the targets that were built by the CI job:
target list : avr-softmmu m68k-softmmu microblazeel-softmmu
or1k-softmmu rx-softmmu sh4eb-softmmu tricore-softmmu xtensaeb-softmmu
64-bit targets are not supported on 32-bit hosts since commit
acce728cbc6c ("meson: Disallow 64-bit on 32-bit emulation"). I don't
think the x86_64 target can be built on 32-bit hosts.
But notice that i386-softmmu is missing from the target list. That
could be why the CI job succeeded.
Cédric: What were your ./configure options?
Stefan
>
> With regards,
> Daniel
> --
> |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org -o- https://fstop138.berrange.com :|
> |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
>
