aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--accel/kvm/kvm-all.c59
-rw-r--r--hw/core/machine.c61
-rw-r--r--include/hw/boards.h3
-rw-r--r--qemu-options.hx9
-rw-r--r--vl.c3
5 files changed, 62 insertions, 73 deletions
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 34e8f26..b2f1a5b 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -42,6 +42,8 @@
#include "sysemu/sev.h"
#include "sysemu/balloon.h"
#include "qapi/visitor.h"
+#include "qapi/qapi-types-common.h"
+#include "qapi/qapi-visit-common.h"
#include "hw/boards.h"
@@ -94,6 +96,9 @@ struct KVMState
int many_ioeventfds;
int intx_set_mask;
int kvm_shadow_mem;
+ bool kernel_irqchip_allowed;
+ bool kernel_irqchip_required;
+ bool kernel_irqchip_split;
bool sync_mmu;
bool manual_dirty_log_protect;
/* The man page (and posix) say ioctl numbers are signed int, but
@@ -1794,7 +1799,7 @@ static void kvm_irqchip_create(KVMState *s)
* in-kernel irqchip for us */
ret = kvm_arch_irqchip_create(s);
if (ret == 0) {
- if (kvm_kernel_irqchip_split()) {
+ if (s->kernel_irqchip_split) {
perror("Split IRQ chip mode not supported.");
exit(1);
} else {
@@ -2065,7 +2070,7 @@ static int kvm_init(MachineState *ms)
goto err;
}
- if (machine_kernel_irqchip_allowed(ms)) {
+ if (s->kernel_irqchip_allowed) {
kvm_irqchip_create(s);
}
@@ -2983,19 +2988,57 @@ static void kvm_set_kvm_shadow_mem(Object *obj, Visitor *v,
s->kvm_shadow_mem = value;
}
+static void kvm_set_kernel_irqchip(Object *obj, Visitor *v,
+ const char *name, void *opaque,
+ Error **errp)
+{
+ Error *err = NULL;
+ KVMState *s = KVM_STATE(obj);
+ OnOffSplit mode;
+
+ visit_type_OnOffSplit(v, name, &mode, &err);
+ if (err) {
+ error_propagate(errp, err);
+ return;
+ } else {
+ switch (mode) {
+ case ON_OFF_SPLIT_ON:
+ s->kernel_irqchip_allowed = true;
+ s->kernel_irqchip_required = true;
+ s->kernel_irqchip_split = false;
+ break;
+ case ON_OFF_SPLIT_OFF:
+ s->kernel_irqchip_allowed = false;
+ s->kernel_irqchip_required = false;
+ s->kernel_irqchip_split = false;
+ break;
+ case ON_OFF_SPLIT_SPLIT:
+ s->kernel_irqchip_allowed = true;
+ s->kernel_irqchip_required = true;
+ s->kernel_irqchip_split = true;
+ break;
+ default:
+ /* The value was checked in visit_type_OnOffSplit() above. If
+ * we get here, then something is wrong in QEMU.
+ */
+ abort();
+ }
+ }
+}
+
bool kvm_kernel_irqchip_allowed(void)
{
- return machine_kernel_irqchip_allowed(current_machine);
+ return kvm_state->kernel_irqchip_allowed;
}
bool kvm_kernel_irqchip_required(void)
{
- return machine_kernel_irqchip_required(current_machine);
+ return kvm_state->kernel_irqchip_required;
}
bool kvm_kernel_irqchip_split(void)
{
- return machine_kernel_irqchip_split(current_machine);
+ return kvm_state->kernel_irqchip_split;
}
static void kvm_accel_instance_init(Object *obj)
@@ -3013,6 +3056,12 @@ static void kvm_accel_class_init(ObjectClass *oc, void *data)
ac->has_memory = kvm_accel_has_memory;
ac->allowed = &kvm_allowed;
+ object_class_property_add(oc, "kernel-irqchip", "on|off|split",
+ NULL, kvm_set_kernel_irqchip,
+ NULL, NULL, &error_abort);
+ object_class_property_set_description(oc, "kernel-irqchip",
+ "Configure KVM in-kernel irqchip", &error_abort);
+
object_class_property_add(oc, "kvm-shadow-mem", "int",
kvm_get_kvm_shadow_mem, kvm_set_kvm_shadow_mem,
NULL, NULL, &error_abort);
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 9c93353..56137e9 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -178,44 +178,6 @@ GlobalProperty hw_compat_2_1[] = {
};
const size_t hw_compat_2_1_len = G_N_ELEMENTS(hw_compat_2_1);
-static void machine_set_kernel_irqchip(Object *obj, Visitor *v,
- const char *name, void *opaque,
- Error **errp)
-{
- Error *err = NULL;
- MachineState *ms = MACHINE(obj);
- OnOffSplit mode;
-
- visit_type_OnOffSplit(v, name, &mode, &err);
- if (err) {
- error_propagate(errp, err);
- return;
- } else {
- switch (mode) {
- case ON_OFF_SPLIT_ON:
- ms->kernel_irqchip_allowed = true;
- ms->kernel_irqchip_required = true;
- ms->kernel_irqchip_split = false;
- break;
- case ON_OFF_SPLIT_OFF:
- ms->kernel_irqchip_allowed = false;
- ms->kernel_irqchip_required = false;
- ms->kernel_irqchip_split = false;
- break;
- case ON_OFF_SPLIT_SPLIT:
- ms->kernel_irqchip_allowed = true;
- ms->kernel_irqchip_required = true;
- ms->kernel_irqchip_split = true;
- break;
- default:
- /* The value was checked in visit_type_OnOffSplit() above. If
- * we get here, then something is wrong in QEMU.
- */
- abort();
- }
- }
-}
-
static char *machine_get_kernel(Object *obj, Error **errp)
{
MachineState *ms = MACHINE(obj);
@@ -757,12 +719,6 @@ static void machine_class_init(ObjectClass *oc, void *data)
mc->numa_mem_align_shift = 23;
mc->numa_auto_assign_ram = numa_default_auto_assign_ram;
- object_class_property_add(oc, "kernel-irqchip", "on|off|split",
- NULL, machine_set_kernel_irqchip,
- NULL, NULL, &error_abort);
- object_class_property_set_description(oc, "kernel-irqchip",
- "Configure KVM in-kernel irqchip", &error_abort);
-
object_class_property_add_str(oc, "kernel",
machine_get_kernel, machine_set_kernel, &error_abort);
object_class_property_set_description(oc, "kernel",
@@ -862,8 +818,6 @@ static void machine_initfn(Object *obj)
MachineState *ms = MACHINE(obj);
MachineClass *mc = MACHINE_GET_CLASS(obj);
- ms->kernel_irqchip_allowed = true;
- ms->kernel_irqchip_split = mc->default_kernel_irqchip_split;
ms->dump_guest_core = true;
ms->mem_merge = true;
ms->enable_graphics = true;
@@ -919,21 +873,6 @@ bool machine_usb(MachineState *machine)
return machine->usb;
}
-bool machine_kernel_irqchip_allowed(MachineState *machine)
-{
- return machine->kernel_irqchip_allowed;
-}
-
-bool machine_kernel_irqchip_required(MachineState *machine)
-{
- return machine->kernel_irqchip_required;
-}
-
-bool machine_kernel_irqchip_split(MachineState *machine)
-{
- return machine->kernel_irqchip_split;
-}
-
int machine_phandle_start(MachineState *machine)
{
return machine->phandle_start;
diff --git a/include/hw/boards.h b/include/hw/boards.h
index 6084e61..61f8bb8 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -63,9 +63,6 @@ extern MachineState *current_machine;
void machine_run_board_init(MachineState *machine);
bool machine_usb(MachineState *machine);
-bool machine_kernel_irqchip_allowed(MachineState *machine);
-bool machine_kernel_irqchip_required(MachineState *machine);
-bool machine_kernel_irqchip_split(MachineState *machine);
int machine_phandle_start(MachineState *machine);
bool machine_dump_guest_core(MachineState *machine);
bool machine_mem_merge(MachineState *machine);
diff --git a/qemu-options.hx b/qemu-options.hx
index 004370c..71ec733 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -32,7 +32,6 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
" selects emulated machine ('-machine help' for list)\n"
" property accel=accel1[:accel2[:...]] selects accelerator\n"
" supported accelerators are kvm, xen, hax, hvf, whpx or tcg (default: tcg)\n"
- " kernel_irqchip=on|off|split controls accelerated irqchip support (default=off)\n"
" vmport=on|off|auto controls emulation of vmport (default: auto)\n"
" dump-guest-core=on|off include guest memory in a core dump (default=on)\n"
" mem-merge=on|off controls memory merge support (default: on)\n"
@@ -67,8 +66,6 @@ This is used to enable an accelerator. Depending on the target architecture,
kvm, xen, hax, hvf, whpx or tcg can be available. By default, tcg is used. If there is
more than one accelerator specified, the next one is used if the previous one
fails to initialize.
-@item kernel_irqchip=on|off
-Controls in-kernel irqchip support for the chosen accelerator when available.
@item vmport=on|off|auto
Enables emulation of VMWare IO port, for vmmouse etc. auto says to select the
value based on accel. For accel=xen the default is off otherwise the default
@@ -115,6 +112,7 @@ DEF("accel", HAS_ARG, QEMU_OPTION_accel,
"-accel [accel=]accelerator[,prop[=value][,...]]\n"
" select accelerator (kvm, xen, hax, hvf, whpx or tcg; use 'help' for a list)\n"
" igd-passthru=on|off (enable Xen integrated Intel graphics passthrough, default=off)\n"
+ " kernel-irqchip=on|off|split controls accelerated irqchip support (default=on)\n"
" kvm-shadow-mem=size of KVM shadow MMU in bytes\n"
" tb-size=n (TCG translation block cache size)\n"
" thread=single|multi (enable multi-threaded TCG)\n", QEMU_ARCH_ALL)
@@ -129,6 +127,11 @@ fails to initialize.
@item igd-passthru=on|off
When Xen is in use, this option controls whether Intel integrated graphics
devices can be passed through to the guest (default=off)
+@item kernel-irqchip=on|off|split
+Controls KVM in-kernel irqchip support. The default is full acceleration of the
+interrupt controllers. On x86, split irqchip reduces the kernel attack
+surface, at a performance cost for non-MSI interrupts. Disabling the in-kernel
+irqchip completely is not recommended except for debugging purposes.
@item kvm-shadow-mem=size
Defines the size of the KVM shadow MMU.
@item tb-size=@var{n}
diff --git a/vl.c b/vl.c
index 8c6fcda..4034c23 100644
--- a/vl.c
+++ b/vl.c
@@ -2514,7 +2514,8 @@ static int machine_set_property(void *opaque,
object_register_sugar_prop(ACCEL_CLASS_NAME("xen"), qom_name, value);
return 0;
}
- if (g_str_equal(qom_name, "kvm-shadow-mem")) {
+ if (g_str_equal(qom_name, "kvm-shadow-mem") ||
+ g_str_equal(qom_name, "kernel-irqchip")) {
object_register_sugar_prop(ACCEL_CLASS_NAME("kvm"), qom_name, value);
return 0;
}