On Mon, Feb 17, 2025 at 01:08:12PM +0100, Paolo Bonzini wrote:
> It is possible to start QEMU with a confidential-guest-support object
> even in TCG mode. While there is already a check in
> qemu_machine_creation_done:
>
> if (machine->cgs && !machine->cgs->ready) {
> error_setg(errp, "accelerator does not support confidential guest %s",
> object_get_typename(OBJECT(machine->cgs)));
> exit(1);
> }
>
> the creation of RAMBlocks happens earlier, in qemu_init_board(), if
> the command line does not override the default memory backend with
> -M memdev. Then the RAMBlock will try to use guest_memfd (because
> machine_require_guest_memfd correctly returns true; at least correctly
> according to the current implementation) and trigger the assertion
> failure for kvm_enabled(). This happend with a command line as
> simple as the following:
>
> qemu-system-x86_64 -m 512 -nographic -object
> sev-snp-guest,reduced-phys-bits=48,id=sev0 \
> -M q35,kernel-irqchip=split,confidential-guest-support=sev0
> qemu-system-x86_64: ../system/physmem.c:1871: ram_block_add: Assertion
> `kvm_enabled()' failed.
>
> Cc: Xiaoyao Li <[email protected]>
> Cc: [email protected]
> Signed-off-by: Paolo Bonzini <[email protected]>
> ---
> system/physmem.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
Reviewed-by: Daniel P. Berrangé <[email protected]>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
