In preparation for qemu being able to set SEV features through the cli, add a check to ensure that SEV features are not also set if using IGVM files.
Reviewed-by: Tom Lendacky <[email protected]> Signed-off-by: Naveen N Rao (AMD) <[email protected]> --- target/i386/sev.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/target/i386/sev.c b/target/i386/sev.c index 2fb1268ed788..7cfd15238703 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -1901,6 +1901,16 @@ static int sev_common_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) * as SEV_STATE_UNINIT. */ if (x86machine->igvm) { + /* + * Test only the user-set SEV features by masking out + * SVM_SEV_FEAT_SNP_ACTIVE which is set by default. + */ + if (sev_common->sev_features & ~SVM_SEV_FEAT_SNP_ACTIVE) { + error_setg(errp, + "%s: SEV features can't be specified when using IGVM files", + __func__); + return -1; + } if (IGVM_CFG_GET_CLASS(x86machine->igvm) ->process(x86machine->igvm, machine->cgs, true, errp) == -1) { -- 2.51.0
