Re: [PATCH v9 02/16] backends/confidential-guest-support: Add functions to support IGVM

Tue, 08 Jul 2025 13:58:45 -0700 

On Thu, Jul 03, 2025 at 04:03:10PM +0100, Roy Hopkins wrote:
> In preparation for supporting the processing of IGVM files to configure
> guests, this adds a set of functions to ConfidentialGuestSupport
> allowing configuration of secure virtual machines that can be
> implemented for each supported isolation platform type such as Intel TDX
> or AMD SEV-SNP. These functions will be called by IGVM processing code
> in subsequent patches.
> 
> This commit provides a default implementation of the functions that
> either perform no action or generate an error when they are called.
> Targets that support ConfidentalGuestSupport should override these
> implementations.
> 
> Signed-off-by: Roy Hopkins <roy.hopk...@randomman.co.uk>
> Acked-by: Michael S. Tsirkin <m...@redhat.com>
> Acked-by: Gerd Hoffman <kra...@redhat.com>
> Reviewed-by: Stefano Garzarella <sgarz...@redhat.com>
> Reviewed-by: Ani Sinha <anisi...@redhat.com>
> ---
>  backends/confidential-guest-support.c       | 31 ++++++++++
>  include/system/confidential-guest-support.h | 67 +++++++++++++++++++++
>  2 files changed, 98 insertions(+)
> 
> diff --git a/backends/confidential-guest-support.c 
> b/backends/confidential-guest-support.c
> index 8ff7bfa857..c5bef1fbfa 100644
> --- a/backends/confidential-guest-support.c
> +++ b/backends/confidential-guest-support.c
> @@ -14,15 +14,46 @@
>  #include "qemu/osdep.h"
>  
>  #include "system/confidential-guest-support.h"
> +#include "qapi/error.h"
>  
>  OBJECT_DEFINE_ABSTRACT_TYPE(ConfidentialGuestSupport,
>                              confidential_guest_support,
>                              CONFIDENTIAL_GUEST_SUPPORT,
>                              OBJECT)
>  
> +static bool check_support(ConfidentialGuestPlatformType platform,
> +                         uint16_t platform_version, uint8_t highest_vtl,
> +                         uint64_t shared_gpa_boundary)

Nit-pick - underindented by 1 space.


> diff --git a/include/system/confidential-guest-support.h 
> b/include/system/confidential-guest-support.h
> index ea46b50c56..79ecd21f42 100644
> --- a/include/system/confidential-guest-support.h
> +++ b/include/system/confidential-guest-support.h


> @@ -64,6 +95,42 @@ typedef struct ConfidentialGuestSupportClass {
>  
>      int (*kvm_init)(ConfidentialGuestSupport *cgs, Error **errp);
>      int (*kvm_reset)(ConfidentialGuestSupport *cgs, Error **errp);
> +
> +    /*
> +     * Check to see if this confidential guest supports a particular
> +     * platform or configuration.
> +     *
> +     * Return true if supported or false if not supported.
> +     */
> +    bool (*check_support)(ConfidentialGuestPlatformType platform,
> +                         uint16_t platform_version, uint8_t highest_vtl,
> +                         uint64_t shared_gpa_boundary);

Nit-pick: underindented 1 space.


With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Reply via email to