These patches implement almost everything that is needed for SMM support in OVMF and KVM. The only missing bit is support for SMRAM regions in KVM, but it need not block review of these ones, and possibly inclusion of the first 26.
There are many small parts in this patches, but I am posting them together because each small part alone adds very little. Patch 1 comes from mst's pull request. Patches 2-6 are target-i386 patches. They add support for memory attributes in target-i386, enabling the "secure" attribute whenever the CPU is in system management mode. They also fix two SMM bugs found while working on KVM support. Patches 7-9 add support for secure access to parallel flash. If enabled, parallel flash behaves as ROM unless the "secure" memory transaction attribute is set. Patches 10-12 are general infrastructure patches that didn't fit elsewhere. Note that patch 10 introduces new command-line syntax. Patches 13-16 rewrite the SMRAM handling in TCG mode, so that the SMRAM setup is done just once using the memory API, and then enabled/disabled by the CPU without intervention from the chipset. The resulting chipset code is simpler and... ... patches 17-23 then rely on this to implement support for more q35 SMI features, in particular high SMRAM, TSEG and SMI_LOCK. This part was done almost entirely by Gerd. Patches 24-26 are for q35 feature parity with PIIX4. They are from Laszlo and they are included just because they conflict with the next few. Patches 27 and 28 implement KVM support for SMM. Note that this support is not yet upstream (will be in Linux 4.2); these patches will be rebased after the updated KVM headers are taken from kvm.git. Patches 29-31 add a "-machine smm=on|off|auto" option (QOM property) that can be used to hide SMM or make it available on any accelerator. The compat gunk makes it available by default on TCG but not on KVM. That's it. Go ahead and review. Paolo Gerd Hoffmann (6): q35: fix ESMRAMC default q35: add config space wmask for SMRAM and ESMRAMC q35: implement SMRAM.D_LCK q35: add test for SMRAM.D_LCK q35: implement TSEG ich9: implement SMI_LOCK Jason Wang (1): pc: add 2.4 machine types Laszlo Ersek (3): hw/acpi: acpi_pm1_cnt_init(): take "disable_s3" and "disable_s4" hw/acpi: move "etc/system-states" fw_cfg file from PIIX4 to core hw/acpi: piix4_pm_init(): take fw_cfg object no more Paolo Bonzini (21): target-i386: introduce cpu_get_mem_attrs target-i386: Use correct memory attributes for memory accesses target-i386: Use correct memory attributes for ioport accesses target-i386: mask NMIs on entry to SMM target-i386: set G=1 in SMM big real mode selectors pflash_cfi01: change big-endian property to BIT type pflash_cfi01: change to new-style MMIO accessors pflash_cfi01: add secure property vl: allow full-blown QemuOpts syntax for -global qom: add object_property_add_const_link vl: run "late" notifiers immediately target-i386: create a separate AddressSpace for each CPU hw/i386: add a separate region that tracks the SMRAME bit target-i386: use memory API to implement SMRAM hw/i386: remove smram_update q35: implement high SMRAM target-i386: add support for SMBASE MSR and SMIs vga: disable chain4_alias if KVM supports SMRAM pc_piix: rename kvm_enabled to smm_enabled ich9: add smm_enabled field and arguments pc: add SMM property bsd-user/main.c | 4 - hw/acpi/core.c | 15 +- hw/acpi/ich9.c | 12 +- hw/acpi/piix4.c | 21 +-- hw/block/pflash_cfi01.c | 204 +++++++++++---------------- hw/display/vga.c | 8 +- hw/display/vga_int.h | 1 + hw/i386/pc.c | 72 +++++++--- hw/i386/pc_piix.c | 53 +++++-- hw/i386/pc_q35.c | 33 ++++- hw/isa/lpc_ich9.c | 23 ++- hw/isa/vt82c686.c | 2 +- hw/mips/mips_malta.c | 2 +- hw/pci-host/pam.c | 20 --- hw/pci-host/piix.c | 39 +++--- hw/pci-host/q35.c | 137 ++++++++++++++++-- include/exec/memattrs.h | 4 +- include/hw/acpi/acpi.h | 3 +- include/hw/acpi/ich9.h | 4 +- include/hw/i386/ich9.h | 8 +- include/hw/i386/pc.h | 7 +- include/hw/pci-host/pam.h | 4 - include/hw/pci-host/q35.h | 36 +++-- include/qom/object.h | 18 +++ include/sysemu/kvm.h | 1 + kvm-all.c | 5 + kvm-stub.c | 5 + linux-headers/asm-x86/kvm.h | 11 +- linux-headers/linux/kvm.h | 5 +- linux-user/main.c | 4 - qdev-monitor.c | 18 ++- qemu-options.hx | 7 +- qom/object.c | 16 +++ target-i386/Makefile.objs | 2 - target-i386/cpu-qom.h | 3 + target-i386/cpu.c | 43 ++++++ target-i386/cpu.h | 41 ++++-- target-i386/helper.c | 135 +++++++++++++++--- target-i386/helper.h | 12 +- target-i386/ioport-user.c | 60 -------- target-i386/kvm.c | 75 ++++++++-- target-i386/machine.c | 3 + target-i386/misc_helper.c | 59 ++++++-- target-i386/seg_helper.c | 12 +- target-i386/smm_helper.c | 331 +++++++++++++++++++++++--------------------- target-i386/svm_helper.c | 230 +++++++++++++++--------------- target-i386/translate.c | 12 +- tests/Makefile | 2 + tests/smram-test.c | 80 +++++++++++ vl.c | 6 + 50 files changed, 1220 insertions(+), 688 deletions(-) delete mode 100644 target-i386/ioport-user.c create mode 100644 tests/smram-test.c -- 1.8.3.1