Confidential guests change the KVM VM file descriptor upon reset and also create new VCPU file descriptors against the new KVM VM file descriptor. We need to save the clock state from kvm before KVM VM file descriptor changes and restore it after. Also after VCPU file descriptors changed, we must call KVM_KVMCLOCK_CTRL on the VCPU file descriptor to inform KVM that the VCPU is in paused state.
Signed-off-by: Ani Sinha <[email protected]> --- hw/i386/kvm/clock.c | 56 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/hw/i386/kvm/clock.c b/hw/i386/kvm/clock.c index f56382717f..91a5a08f05 100644 --- a/hw/i386/kvm/clock.c +++ b/hw/i386/kvm/clock.c @@ -49,6 +49,9 @@ struct KVMClockState { /* whether the 'clock' value was obtained in a host with * reliable KVM_GET_CLOCK */ bool clock_is_reliable; + + NotifierWithReturn kvmclock_vcpufd_change_notifier; + NotifierWithReturn kvmclock_vmfd_pre_change_notifier; }; struct pvclock_vcpu_time_info { @@ -62,6 +65,9 @@ struct pvclock_vcpu_time_info { uint8_t pad[2]; } __attribute__((__packed__)); /* 32 bytes */ +static int kvmclock_set_clock(NotifierWithReturn *notifier, + void *data, Error** errp); + static uint64_t kvmclock_current_nsec(KVMClockState *s) { CPUState *cpu = first_cpu; @@ -218,6 +224,51 @@ static void kvmclock_vm_state_change(void *opaque, bool running, } } +static int kvmclock_save_clock(NotifierWithReturn *notifier, + void *data, Error** errp) +{ + KVMClockState *s = container_of(notifier, KVMClockState, + kvmclock_vmfd_pre_change_notifier); + kvm_update_clock(s); + return 0; +} + +static int kvmclock_set_clock(NotifierWithReturn *notifier, + void *data, Error** errp) +{ + struct kvm_clock_data clock_data = {}; + CPUState *cpu; + int ret; + KVMClockState *s = container_of(notifier, KVMClockState, + kvmclock_vcpufd_change_notifier); + int cap_clock_ctrl = kvm_check_extension(kvm_state, KVM_CAP_KVMCLOCK_CTRL); + + if (!s->clock_is_reliable) { + uint64_t pvclock_via_mem = kvmclock_current_nsec(s); + /* saved clock value before vmfd change is not reliable */ + if (pvclock_via_mem) { + s->clock = pvclock_via_mem; + } + } + + clock_data.clock = s->clock; + ret = kvm_vm_ioctl(kvm_state, KVM_SET_CLOCK, &clock_data); + if (ret < 0) { + fprintf(stderr, "KVM_SET_CLOCK failed: %s\n", strerror(-ret)); + abort(); + } + + if (!cap_clock_ctrl) { + return 0; + } + CPU_FOREACH(cpu) { + run_on_cpu(cpu, do_kvmclock_ctrl, RUN_ON_CPU_NULL); + } + + return 0; +} + + static void kvmclock_realize(DeviceState *dev, Error **errp) { KVMClockState *s = KVM_CLOCK(dev); @@ -229,7 +280,12 @@ static void kvmclock_realize(DeviceState *dev, Error **errp) kvm_update_clock(s); + s->kvmclock_vcpufd_change_notifier.notify = kvmclock_set_clock; + s->kvmclock_vmfd_pre_change_notifier.notify = kvmclock_save_clock; + qemu_add_vm_change_state_handler(kvmclock_vm_state_change, s); + kvm_vcpufd_add_change_notifier(&s->kvmclock_vcpufd_change_notifier); + kvm_vmfd_add_pre_change_notifier(&s->kvmclock_vmfd_pre_change_notifier); } static bool kvmclock_clock_is_reliable_needed(void *opaque) -- 2.42.0
