mirror of
https://github.com/cloud-hypervisor/cloud-hypervisor.git
synced 2024-10-01 11:05:46 +00:00
vmm: tdx: Clear unsupported KVM PV features
This matches with the features that QEMU clears as they are not supported with TDX. Signed-off-by: Rob Bradford <robert.bradford@intel.com>
This commit is contained in:
parent
9f5325fd52
commit
c357adae44
@ -62,6 +62,16 @@ const MTRR_EDX_BIT: u8 = 12; // Hypervisor ecx bit.
|
|||||||
// KVM feature bits
|
// KVM feature bits
|
||||||
#[cfg(target_arch = "x86_64")]
|
#[cfg(target_arch = "x86_64")]
|
||||||
const KVM_FEATURE_ASYNC_PF_INT_BIT: u8 = 14;
|
const KVM_FEATURE_ASYNC_PF_INT_BIT: u8 = 14;
|
||||||
|
#[cfg(feature = "tdx")]
|
||||||
|
const KVM_FEATURE_CLOCKSOURCE_BIT: u8 = 0;
|
||||||
|
#[cfg(feature = "tdx")]
|
||||||
|
const KVM_FEATURE_CLOCKSOURCE2_BIT: u8 = 3;
|
||||||
|
#[cfg(feature = "tdx")]
|
||||||
|
const KVM_FEATURE_CLOCKSOURCE_STABLE_BIT: u8 = 24;
|
||||||
|
#[cfg(feature = "tdx")]
|
||||||
|
const KVM_FEATURE_ASYNC_PF_BIT: u8 = 4;
|
||||||
|
#[cfg(feature = "tdx")]
|
||||||
|
const KVM_FEATURE_ASYNC_PF_VMEXIT_BIT: u8 = 10;
|
||||||
|
|
||||||
#[cfg(feature = "acpi")]
|
#[cfg(feature = "acpi")]
|
||||||
pub const CPU_MANAGER_ACPI_SIZE: usize = 0xc;
|
pub const CPU_MANAGER_ACPI_SIZE: usize = 0xc;
|
||||||
@ -533,6 +543,7 @@ impl CpuManager {
|
|||||||
hypervisor: Arc<dyn hypervisor::Hypervisor>,
|
hypervisor: Arc<dyn hypervisor::Hypervisor>,
|
||||||
seccomp_action: SeccompAction,
|
seccomp_action: SeccompAction,
|
||||||
vmmops: Arc<Box<dyn VmmOps>>,
|
vmmops: Arc<Box<dyn VmmOps>>,
|
||||||
|
#[cfg(feature = "tdx")] tdx_enabled: bool,
|
||||||
) -> Result<Arc<Mutex<CpuManager>>> {
|
) -> Result<Arc<Mutex<CpuManager>>> {
|
||||||
let guest_memory = memory_manager.lock().unwrap().guest_memory();
|
let guest_memory = memory_manager.lock().unwrap().guest_memory();
|
||||||
let mut vcpu_states = Vec::with_capacity(usize::from(config.max_vcpus));
|
let mut vcpu_states = Vec::with_capacity(usize::from(config.max_vcpus));
|
||||||
@ -554,6 +565,8 @@ impl CpuManager {
|
|||||||
sgx_epc_sections,
|
sgx_epc_sections,
|
||||||
phys_bits,
|
phys_bits,
|
||||||
config.kvm_hyperv,
|
config.kvm_hyperv,
|
||||||
|
#[cfg(feature = "tdx")]
|
||||||
|
tdx_enabled,
|
||||||
)?
|
)?
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -605,6 +618,7 @@ impl CpuManager {
|
|||||||
sgx_epc_sections: Option<Vec<SgxEpcSection>>,
|
sgx_epc_sections: Option<Vec<SgxEpcSection>>,
|
||||||
phys_bits: u8,
|
phys_bits: u8,
|
||||||
kvm_hyperv: bool,
|
kvm_hyperv: bool,
|
||||||
|
#[cfg(feature = "tdx")] tdx_enabled: bool,
|
||||||
) -> Result<CpuId> {
|
) -> Result<CpuId> {
|
||||||
let cpuid_patches = vec![
|
let cpuid_patches = vec![
|
||||||
// Patch tsc deadline timer bit
|
// Patch tsc deadline timer bit
|
||||||
@ -674,6 +688,16 @@ impl CpuManager {
|
|||||||
// TODO: Re-enable KVM_FEATURE_ASYNC_PF_INT (#2277)
|
// TODO: Re-enable KVM_FEATURE_ASYNC_PF_INT (#2277)
|
||||||
0x4000_0001 => {
|
0x4000_0001 => {
|
||||||
entry.eax &= !(1 << KVM_FEATURE_ASYNC_PF_INT_BIT);
|
entry.eax &= !(1 << KVM_FEATURE_ASYNC_PF_INT_BIT);
|
||||||
|
|
||||||
|
// These features are not supported by TDX
|
||||||
|
#[cfg(feature = "tdx")]
|
||||||
|
if tdx_enabled {
|
||||||
|
entry.eax &= !(1 << KVM_FEATURE_CLOCKSOURCE_BIT
|
||||||
|
| 1 << KVM_FEATURE_CLOCKSOURCE2_BIT
|
||||||
|
| 1 << KVM_FEATURE_CLOCKSOURCE_STABLE_BIT
|
||||||
|
| 1 << KVM_FEATURE_ASYNC_PF_BIT
|
||||||
|
| 1 << KVM_FEATURE_ASYNC_PF_VMEXIT_BIT)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
_ => {}
|
_ => {}
|
||||||
}
|
}
|
||||||
|
@ -558,6 +558,8 @@ impl Vm {
|
|||||||
hypervisor,
|
hypervisor,
|
||||||
seccomp_action.clone(),
|
seccomp_action.clone(),
|
||||||
vm_ops,
|
vm_ops,
|
||||||
|
#[cfg(feature = "tdx")]
|
||||||
|
config.lock().unwrap().tdx.is_some(),
|
||||||
)
|
)
|
||||||
.map_err(Error::CpuManager)?;
|
.map_err(Error::CpuManager)?;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user