This series adds support for enabling VMSA SEV features for SEV-SNP guests through the Qemu command line. This is already supported for IGVM files, so some of that code has been generalized and reused.
The primary change w.r.t v3 (apart from rebasing and targeting v11.1) is a change to patch 6/9 to restrict debug-swap to SEV-SNP guests due to a compatibility issue with SEV-ES guests and pflash, discussed here: http://lore.kernel.org/r/fcqjl5a7m27f2mfpblnhgmozbipdjmvpdyk3m5hhzwcenp4cpg@m2ooa7ykrcvs I plan to post a workaround for that separately. For that reason, I have retained patch 5/9 so that enabling debug-swap for SEV-ES guests will be a simpler subsequent change. The only other concern has been around patch 8/9 adding a new tsc-frequency property on sev-snp-guest object (and not re-using the one on the cpu object). If that's required/possible, I would appreciate some help since I've been unable to get that working. Tom, I have dropped your reviewed-by tag on patch 6/9 due to this change. Kindly take a look once. v3: http://lore.kernel.org/r/[email protected] - Naveen Naveen N Rao (AMD) (9): target/i386: SEV: Generalize handling of SVM_SEV_FEAT_SNP_ACTIVE target/i386: SEV: Ensure SEV features are only set through qemu cli or IGVM target/i386: SEV: Consolidate SEV feature validation to common init path target/i386: SEV: Validate that SEV-ES is enabled when VMSA features are used target/i386: SEV: Enable use of KVM_SEV_INIT2 for SEV-ES guests target/i386: SEV: Add support for enabling debug-swap SEV feature target/i386: SEV: Add support for enabling Secure TSC SEV feature target/i386: SEV: Add support for setting TSC frequency for Secure TSC target/i386: SEV: Refactor check_sev_features() target/i386/sev.h | 4 +- target/i386/sev.c | 177 +++++++++++++++++++++++++++++++++++++--------- qapi/qom.json | 17 ++++- 3 files changed, 163 insertions(+), 35 deletions(-) base-commit: e89049b3ba5f1f0468bc0d294173345597514a1b -- 2.54.0
