From: Philippe Mathieu-Daudé <[email protected]> Currently only the TCG and qtest accelerators can handle an EL3 guest. Instead of making the condition check be "fail if KVM or HVF" (an exclude-list), make it a be "allow if TCG or qtest" (an accept-list).
This is better for if/when we add new accelerators, as it makes the default be that we forbid an EL3 guest. This is the most likely to be correct and also "fails safe"; if the new accelerator really can support EL3 guests then the implementor will see that they need to add it to the accept-list. Reported-by: Alex Bennée <[email protected]> Signed-off-by: Philippe Mathieu-Daudé <[email protected]> Reviewed-by: Richard Henderson <[email protected]> Message-id: [email protected] [PMM: rewrote commit message] Signed-off-by: Peter Maydell <[email protected]> --- hw/arm/virt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/arm/virt.c b/hw/arm/virt.c index ae419e86712..b3b1c6df7fa 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -2200,7 +2200,7 @@ static void machvirt_init(MachineState *machine) exit(1); } - if (vms->secure && (kvm_enabled() || hvf_enabled())) { + if (vms->secure && !tcg_enabled() && !qtest_enabled()) { error_report("mach-virt: %s does not support providing " "Security extensions (TrustZone) to the guest CPU", current_accel_name()); -- 2.43.0
