diff options
| author | Xiaoyao Li <xiaoyao.li@intel.com> | 2025-05-08 10:59:42 -0400 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2025-05-28 19:35:54 +0200 |
| commit | 810d4e83d07ca0d072205453a42c324a51d5a5fa (patch) | |
| tree | 9ec542f8841341b8fa2d73f0103c3edec88c3292 | |
| parent | da6728658bf63d6a3989f1587a33566b3e54bed8 (diff) | |
| download | qemu-810d4e83d07ca0d072205453a42c324a51d5a5fa.zip qemu-810d4e83d07ca0d072205453a42c324a51d5a5fa.tar.gz qemu-810d4e83d07ca0d072205453a42c324a51d5a5fa.tar.bz2 | |
i386/tdx: Disable SMM for TDX VMs
TDX doesn't support SMM and VMM cannot emulate SMM for TDX VMs because
VMM cannot manipulate TDX VM's memory.
Disable SMM for TDX VMs and error out if user requests to enable SMM.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
Link: https://lore.kernel.org/r/20250508150002.689633-37-xiaoyao.li@intel.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| -rw-r--r-- | target/i386/kvm/tdx.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 344e560..87c5bf0 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -367,11 +367,20 @@ static Notifier tdx_machine_done_notify = { static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) { + MachineState *ms = MACHINE(qdev_get_machine()); + X86MachineState *x86ms = X86_MACHINE(ms); TdxGuest *tdx = TDX_GUEST(cgs); int r = 0; kvm_mark_guest_state_protected(); + if (x86ms->smm == ON_OFF_AUTO_AUTO) { + x86ms->smm = ON_OFF_AUTO_OFF; + } else if (x86ms->smm == ON_OFF_AUTO_ON) { + error_setg(errp, "TDX VM doesn't support SMM"); + return -EINVAL; + } + if (!tdx_caps) { r = get_tdx_capabilities(errp); if (r) { |