On Tue, Jul 8, 2025 at 8:37 PM Daniel P. Berrangé <berra...@redhat.com> wrote:
>
> On Thu, Jul 03, 2025 at 04:03:10PM +0100, Roy Hopkins wrote:
> > In preparation for supporting the processing of IGVM files to configure
> > guests, this adds a set of functions to ConfidentialGuestSupport
> > allowing configuration of secure virtual machines that can be
> > implemented for each supported isolation platform type such as Intel TDX
> > or AMD SEV-SNP. These functions will be called by IGVM processing code
> > in subsequent patches.
> >
> > This commit provides a default implementation of the functions that
> > either perform no action or generate an error when they are called.
> > Targets that support ConfidentalGuestSupport should override these
> > implementations.
> >
> > Signed-off-by: Roy Hopkins <roy.hopk...@randomman.co.uk>
> > Acked-by: Michael S. Tsirkin <m...@redhat.com>
> > Acked-by: Gerd Hoffman <kra...@redhat.com>
> > Reviewed-by: Stefano Garzarella <sgarz...@redhat.com>
> > Reviewed-by: Ani Sinha <anisi...@redhat.com>
> > ---
> > backends/confidential-guest-support.c | 31 ++++++++++
> > include/system/confidential-guest-support.h | 67 +++++++++++++++++++++
> > 2 files changed, 98 insertions(+)
> >
> > diff --git a/backends/confidential-guest-support.c
> > b/backends/confidential-guest-support.c
> > index 8ff7bfa857..c5bef1fbfa 100644
> > --- a/backends/confidential-guest-support.c
> > +++ b/backends/confidential-guest-support.c
> > @@ -14,15 +14,46 @@
> > #include "qemu/osdep.h"
> >
> > #include "system/confidential-guest-support.h"
> > +#include "qapi/error.h"
> >
> > OBJECT_DEFINE_ABSTRACT_TYPE(ConfidentialGuestSupport,
> > confidential_guest_support,
> > CONFIDENTIAL_GUEST_SUPPORT,
> > OBJECT)
> >
> > +static bool check_support(ConfidentialGuestPlatformType platform,
> > + uint16_t platform_version, uint8_t highest_vtl,
> > + uint64_t shared_gpa_boundary)
>
> Nit-pick - underindented by 1 space.
Speaking of which, running checkpatch on this series reminded me that
MAINTAINERS needs updating for this area.
>
>
> > diff --git a/include/system/confidential-guest-support.h
> > b/include/system/confidential-guest-support.h
> > index ea46b50c56..79ecd21f42 100644
> > --- a/include/system/confidential-guest-support.h
> > +++ b/include/system/confidential-guest-support.h
>
>
> > @@ -64,6 +95,42 @@ typedef struct ConfidentialGuestSupportClass {
> >
> > int (*kvm_init)(ConfidentialGuestSupport *cgs, Error **errp);
> > int (*kvm_reset)(ConfidentialGuestSupport *cgs, Error **errp);
> > +
> > + /*
> > + * Check to see if this confidential guest supports a particular
> > + * platform or configuration.
> > + *
> > + * Return true if supported or false if not supported.
> > + */
> > + bool (*check_support)(ConfidentialGuestPlatformType platform,
> > + uint16_t platform_version, uint8_t highest_vtl,
> > + uint64_t shared_gpa_boundary);
>
> Nit-pick: underindented 1 space.
>
>
> With regards,
> Daniel
> --
> |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org -o- https://fstop138.berrange.com :|
> |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
>
