Hi Gerd,
On 9/7/25 14:30, Gerd Hoffmann wrote:
Implement a ConfidentialGuestSupportClass for non-confidential VMs.
This allows the igvm support code work without sev/tdx.
Is this something we only want in non-KVM builds due to security
boundary concerns?
RfC: Not fully sure this is the best way to implement this.
Alternatively we could add this directly into the igvm backend and run
it in case no confidential guest support object is present.
TODO: Implement proper reset.
- re-initialize memory regions from igvm file content.
- load initial register state (if present).
Usage:
qemu-system-x86_64 \
-object nocc,id=nocc0 \
-machine confidential-guest-support=nocc0
Signed-off-by: Gerd Hoffmann <kra...@redhat.com>
---
target/i386/nocc.c | 283 ++++++++++++++++++++++++++++++++++++++++
qapi/qom.json | 1 +
target/i386/meson.build | 1 +
3 files changed, 285 insertions(+)
create mode 100644 target/i386/nocc.c
