Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* virtio-blk: remove SCSI passthrough functionality
* require x86-64-v2 baseline ISA
* SEV-SNP host support
* fix xsave.flat

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* virtio-blk: remove SCSI passthrough functionality
* require x86-64-v2 baseline ISA
* SEV-SNP host support
* fix xsave.flat with TCG
* fixes for CPUID checks done by TCG

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmZgKVYUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroPKYgf/QkWrNXdjjD3yAsv5LbJFVTVyCYW3
# b4Iax29kEDy8k9wbzfLxOfIk9jXIjmbOMO5ZN9LFiHK6VJxbXslsMh6hm50M3xKe
# 49X1Rvf9YuVA7KZX+dWkEuqLYI6Tlgj3HaCilYWfXrjyo6hY3CxzkPV/ChmaeYlV
# Ad4Y8biifoUuuEK8OTeTlcDWLhOHlFXylG3AXqULsUsXp0XhWJ9juXQ60eATv/W4
# eCEH7CSmRhYFu2/rV+IrWFYMnskLRTk1OC1/m6yXGPKOzgnOcthuvQfiUgPkbR/d
# llY6Ni5Aaf7+XX3S7Avcyvoq8jXzaaMzOrzL98rxYGDR1sYBYO+4h4ZToA==
# =qQeP
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 05 Jun 2024 02:01:10 AM PDT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (46 commits)
hw/i386: Add support for loading BIOS using guest_memfd
hw/i386/sev: Use guest_memfd for legacy ROMs
memory: Introduce memory_region_init_ram_guest_memfd()
i386/sev: Allow measured direct kernel boot on SNP
i386/sev: Reorder struct declarations
i386/sev: Extract build_kernel_loader_hashes
i386/sev: Enable KVM_HC_MAP_GPA_RANGE hcall for SNP guests
i386/kvm: Add KVM_EXIT_HYPERCALL handling for KVM_HC_MAP_GPA_RANGE
i386/sev: Invoke launch_updata_data() for SNP class
i386/sev: Invoke launch_updata_data() for SEV class
hw/i386/sev: Add support to encrypt BIOS when SEV-SNP is enabled
i386/sev: Add support for SNP CPUID validation
i386/sev: Add support for populating OVMF metadata pages
hw/i386/sev: Add function to get SEV metadata from OVMF header
i386/sev: Set CPU state to protected once SNP guest payload is finalized
i386/sev: Add handling to encrypt/finalize guest launch data
i386/sev: Add the SNP launch start context
i386/sev: Update query-sev QAPI format to handle SEV-SNP
i386/sev: Add a class method to determine KVM VM type for SNP guests
i386/sev: Don't return launch measurements for SEV-SNP guests
...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

hw/i386/sev: Add support to encrypt BIOS when SEV-SNP is enabled

As with SEV, an SNP guest requires that the BIOS be part of the initial
encrypted/measured guest payload. Extend sev_encrypt_flash()

hw/i386/sev: Add support to encrypt BIOS when SEV-SNP is enabled

As with SEV, an SNP guest requires that the BIOS be part of the initial
encrypted/measured guest payload. Extend sev_encrypt_flash() to handle
the SNP case and plumb through the GPA of the BIOS location since this
is needed for SNP.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
Message-ID: <20240530111643.1091816-25-pankaj.gupta@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

hw/i386/sev: Add function to get SEV metadata from OVMF header

A recent version of OVMF expanded the reset vector GUID list to add
SEV-specific metadata GUID. The SEV metadata describes the reserved

hw/i386/sev: Add function to get SEV metadata from OVMF header

A recent version of OVMF expanded the reset vector GUID list to add
SEV-specific metadata GUID. The SEV metadata describes the reserved
memory regions such as the secrets and CPUID page used during the SEV-SNP
guest launch.

The pc_system_get_ovmf_sev_metadata_ptr() is used to retieve the SEV
metadata pointer from the OVMF GUID list.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
Message-ID: <20240530111643.1091816-19-pankaj.gupta@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

i386/sev: Update query-sev QAPI format to handle SEV-SNP

Most of the current 'query-sev' command is relevant to both legacy
SEV/SEV-ES guests and SEV-SNP guests, with 2 exceptions:

- 'policy' is

i386/sev: Update query-sev QAPI format to handle SEV-SNP

Most of the current 'query-sev' command is relevant to both legacy
SEV/SEV-ES guests and SEV-SNP guests, with 2 exceptions:

- 'policy' is a 64-bit field for SEV-SNP, not 32-bit, and
the meaning of the bit positions has changed
- 'handle' is not relevant to SEV-SNP

To address this, this patch adds a new 'sev-type' field that can be
used as a discriminator to select between SEV and SEV-SNP-specific
fields/formats without breaking compatibility for existing management
tools (so long as management tools that add support for launching
SEV-SNP guest update their handling of query-sev appropriately).

The corresponding HMP command has also been fixed up similarly.

Signed-off-by: Michael Roth <michael.roth@amd.com>
Co-developed-by:Pankaj Gupta <pankaj.gupta@amd.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
Message-ID: <20240530111643.1091816-15-pankaj.gupta@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

i386/sev: Add a sev_snp_enabled() helper

Add a simple helper to check if the current guest type is SNP. Also have
SNP-enabled imply that SEV-ES is enabled as well, and fix up any places
where the se

i386/sev: Add a sev_snp_enabled() helper

Add a simple helper to check if the current guest type is SNP. Also have
SNP-enabled imply that SEV-ES is enabled as well, and fix up any places
where the sev_es_enabled() check is expecting a pure/non-SNP guest.

Signed-off-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
Message-ID: <20240530111643.1091816-9-pankaj.gupta@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

i386/sev: Introduce 'sev-snp-guest' object

SEV-SNP support relies on a different set of properties/state than the
existing 'sev-guest' object. This patch introduces the 'sev-snp-guest'
object, which

i386/sev: Introduce 'sev-snp-guest' object

SEV-SNP support relies on a different set of properties/state than the
existing 'sev-guest' object. This patch introduces the 'sev-snp-guest'
object, which can be used to configure an SEV-SNP guest. For example,
a default-configured SEV-SNP guest with no additional information
passed in for use with attestation:

-object sev-snp-guest,id=sev0

or a fully-specified SEV-SNP guest where all spec-defined binary
blobs are passed in as base64-encoded strings:

-object sev-snp-guest,id=sev0, \
policy=0x30000, \
init-flags=0, \
id-block=YWFhYWFhYWFhYWFhYWFhCg==, \
id-auth=CxHK/OKLkXGn/KpAC7Wl1FSiisWDbGTEKz..., \
author-key-enabled=on, \
host-data=LNkCWBRC5CcdGXirbNUV1OrsR28s..., \
guest-visible-workarounds=AA==, \

See the QAPI schema updates included in this patch for more usage
details.

In some cases these blobs may be up to 4096 characters, but this is
generally well below the default limit for linux hosts where
command-line sizes are defined by the sysconf-configurable ARG_MAX
value, which defaults to 2097152 characters for Ubuntu hosts, for
example.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Co-developed-by: Michael Roth <michael.roth@amd.com>
Acked-by: Markus Armbruster <armbru@redhat.com> (for QAPI schema)
Signed-off-by: Michael Roth <michael.roth@amd.com>
Co-developed-by: Pankaj Gupta <pankaj.gupta@amd.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
Message-ID: <20240530111643.1091816-8-pankaj.gupta@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

i386/sev: Introduce "sev-common" type to encapsulate common SEV state

Currently all SEV/SEV-ES functionality is managed through a single
'sev-guest' QOM type. With upcoming support for SEV-SNP, taki

i386/sev: Introduce "sev-common" type to encapsulate common SEV state

Currently all SEV/SEV-ES functionality is managed through a single
'sev-guest' QOM type. With upcoming support for SEV-SNP, taking this
same approach won't work well since some of the properties/state
managed by 'sev-guest' is not applicable to SEV-SNP, which will instead
rely on a new QOM type with its own set of properties/state.

To prepare for this, this patch moves common state into an abstract
'sev-common' parent type to encapsulate properties/state that are
common to both SEV/SEV-ES and SEV-SNP, leaving only SEV/SEV-ES-specific
properties/state in the current 'sev-guest' type. This should not
affect current behavior or command-line options.

As part of this patch, some related changes are also made:

- a static 'sev_guest' variable is currently used to keep track of
the 'sev-guest' instance. SEV-SNP would similarly introduce an
'sev_snp_guest' static variable. But these instances are now
available via qdev_get_machine()->cgs, so switch to using that
instead and drop the static variable.

- 'sev_guest' is currently used as the name for the static variable
holding a pointer to the 'sev-guest' instance. Re-purpose the name
as a local variable referring the 'sev-guest' instance, and use
that consistently throughout the code so it can be easily
distinguished from sev-common/sev-snp-guest instances.

- 'sev' is generally used as the name for local variables holding a
pointer to the 'sev-guest' instance. In cases where that now points
to common state, use the name 'sev_common'; in cases where that now
points to state specific to 'sev-guest' instance, use the name
'sev_guest'

In order to enable kernel-hashes for SNP, pull it from
SevGuestProperties to its parent SevCommonProperties so
it will be available for both SEV and SNP.

Signed-off-by: Michael Roth <michael.roth@amd.com>
Co-developed-by: Dov Murik <dovmurik@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Markus Armbruster <armbru@redhat.com> (QAPI schema)
Co-developed-by: Pankaj Gupta <pankaj.gupta@amd.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
Message-ID: <20240530111643.1091816-5-pankaj.gupta@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* cleanups for stubs
* do not link pixman automatically into all targets
* optimize computation of VGA dirty memory region
*

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* cleanups for stubs
* do not link pixman automatically into all targets
* optimize computation of VGA dirty memory region
* kvm: use configs/ definition to conditionalize debug support
* hw: Add compat machines for 9.1
* target/i386: add guest-phys-bits cpu property
* target/i386: Introduce Icelake-Server-v7 and SierraForest models
* target/i386: Export RFDS bit to guests
* q35: SMM ranges cleanups
* target/i386: basic support for confidential guests
* linux-headers: update headers
* target/i386: SEV: use KVM_SEV_INIT2 if possible
* kvm: Introduce support for memory_attributes
* RAMBlock: Add support of KVM private guest memfd
* Consolidate use of warn_report_once()
* pythondeps.toml: warn about updates needed to docs/requirements.txt
* target/i386: always write 32-bits for SGDT and SIDT

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmYn1UkUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroO1nwgAhRQhkYcdtFc649WJWTNvJCNzmek0
# Sg7trH2NKlwA75zG8Qv4TR3E71UrXoY9oItwYstc4Erz+tdf73WyaHMF3cEk1p82
# xx3LcBYhP7jGSjabxTkZsFU8+MM1raOjRN/tHvfcjYLaJOqJZplnkaVhMbNPsVuM
# IPJ5bVQohxpmHKPbeFNpF4QJ9wGyZAYOfJOFCk09xQtHnA8CtFjS9to33QPAR/Se
# OVZwRCigVjf0KNmCnHC8tJHoW8pG/cdQAr3qqd397XbM1vVELv9fiXiMoGF78UsY
# trO4K2yg6N5Sly4Qv/++zZ0OZNkL3BREGp3wf4eTSvLXxqSGvfi8iLpFGA==
# =lwSL
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 23 Apr 2024 08:35:37 AM PDT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [undefined]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (63 commits)
target/i386/translate.c: always write 32-bits for SGDT and SIDT
pythondeps.toml: warn about updates needed to docs/requirements.txt
accel/tcg/icount-common: Consolidate the use of warn_report_once()
target/i386/cpu: Merge the warning and error messages for AMD HT check
target/i386/cpu: Consolidate the use of warn_report_once()
target/i386/host-cpu: Consolidate the use of warn_report_once()
kvm/tdx: Ignore memory conversion to shared of unassigned region
kvm/tdx: Don't complain when converting vMMIO region to shared
kvm: handle KVM_EXIT_MEMORY_FAULT
physmem: Introduce ram_block_discard_guest_memfd_range()
RAMBlock: make guest_memfd require uncoordinated discard
HostMem: Add mechanism to opt in kvm guest memfd via MachineState
kvm/memory: Make memory type private by default if it has guest memfd backend
kvm: Enable KVM_SET_USER_MEMORY_REGION2 for memslot
RAMBlock: Add support of KVM private guest memfd
kvm: Introduce support for memory_attributes
trace/kvm: Split address space and slot id in trace_kvm_set_user_memory()
hw/i386/sev: Use legacy SEV VM types for older machine types
i386/sev: Add 'legacy-vm-type' parameter for SEV guest objects
target/i386: SEV: use KVM_SEV_INIT2 if possible
...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

i386/sev: Switch to use confidential_guest_kvm_init()

Use confidential_guest_kvm_init() instead of calling SEV
specific sev_kvm_init(). This allows the introduction of multiple
confidential-guest-su

i386/sev: Switch to use confidential_guest_kvm_init()

Use confidential_guest_kvm_init() instead of calling SEV
specific sev_kvm_init(). This allows the introduction of multiple
confidential-guest-support subclasses for different x86 vendors.

As a bonus, stubs are not needed anymore since there is no
direct call from target/i386/kvm/kvm.c to SEV code.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Message-Id: <20240229060038.606591-1-xiaoyao.li@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

Merge tag 'misc-20230831' of https://github.com/philmd/qemu into staging

Misc patches queue

Build fixes:
- Only define OS_OBJECT_USE_OBJC with gcc

Overall cleanups:
- Do not declare function proto

Merge tag 'misc-20230831' of https://github.com/philmd/qemu into staging

Misc patches queue

Build fixes:
- Only define OS_OBJECT_USE_OBJC with gcc

Overall cleanups:
- Do not declare function prototypes using 'extern' keyword
- Remove unmaintained HAX accelerator
- Have FEWatchFunc handlers return G_SOURCE_CONTINUE/REMOVE instead of boolean
- Avoid modifying QOM class internals from instance in pmbus_device
- Avoid variable-length array in xhci_get_port_bandwidth
- Remove unuseful kvmclock_create() stub
- Style: permit inline loop variables
- Various header cleanups
- Various spelling fixes

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmTw0oUACgkQ4+MsLN6t
# wN7nZQ/+Jyrw1TnHiKV8nS5NKtQIszMTcAbrcuV8YCk0XgwprmrLzxOsOcVOU+MN
# C9SHOhGGcu8NKho73CDrsKqye/IKm8rumMm0hcZrtqGS+3MX9RQzDBUgRgihgD9b
# 78Pmiz/91mrsV4zjXBkWLILipjDUwAL0oXh+MLfkmkTdzJMVfllF5KfF+hdOipwq
# +ECOzwEAFUtCWQk51aLGfrg9SarKC2jtRBEvd1RhwfvXAMCdGP9+pfXJQqkT7ZTK
# Hf4TuOHkzZjHumHGGcJn+P1WHM6W3ILdocG7AAl+/0Jwkx4vhR+6MENJGLxqg4pa
# VTnOpJiL/HsY8319mTswTmlxqmotEDakGjdaRm4ClWPxPksF7zQkdTspBx0/Qayu
# SPr7U5gFLPXMhCpMnrznvjCS+C/dqLYrJAczs9Ecv6KawOIwMiPRzc0SyimCV4DI
# kcpL88Vn4unoBCF7AdiDluPoY2Q41TZ6gRa7B1/nI/4j9Y+Gs/gWQxYHjMlDso+O
# sNgMJ+sqIPW9n1vhl9s6AQweBYnMRW34A5iok9MV0HyFTxNKMoCoR8Ssfk9YzT+L
# mK5a9AfgT8FrhtQXQz6ojIPFM8Q4zGcAQOMudpPiDICDAJaPuUpzL3XVwStT6Rfc
# YL0+Nb+Ja5hPh0fAhgX3BH0EsqruW+DA8rEZfIgAIXDbOC5QFIo=
# =SVsZ
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 31 Aug 2023 13:48:53 EDT
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE

* tag 'misc-20230831' of https://github.com/philmd/qemu: (39 commits)
build: Only define OS_OBJECT_USE_OBJC with gcc
tests/tcg/aarch64: Rename bti-crt.inc.c -> bti-crt.c.inc
ui: spelling fixes
util: spelling fixes
util/fifo8: Fix typo in fifo8_push_all() description
hw/i386: Rename 'hw/kvm/clock.h' -> 'hw/i386/kvm/clock.h'
hw/i386: Remove unuseful kvmclock_create() stub
hw/usb/hcd-xhci: Avoid variable-length array in xhci_get_port_bandwidth()
hw/usb: spelling fixes
hw/sd: spelling fixes
hw/mips: spelling fixes
hw/display: spelling fixes
hw/ide: spelling fixes
hw/i2c: spelling fixes
hw/i2c/pmbus_device: Fix modifying QOM class internals from instance
hw/char/pl011: Replace magic values by register field definitions
hw/char/pl011: Remove duplicated PL011_INT_[RT]X definitions
hw/char/pl011: Display register name in trace events
hw/char/pl011: Restrict MemoryRegionOps implementation access sizes
hw/char: Have FEWatchFunc handlers return G_SOURCE_CONTINUE/REMOVE
...

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

bulk: Do not declare function prototypes using 'extern' keyword

By default, C function prototypes declared in headers are visible,
so there is no need to declare them as 'extern' functions.
Remove t

bulk: Do not declare function prototypes using 'extern' keyword

By default, C function prototypes declared in headers are visible,
so there is no need to declare them as 'extern' functions.
Remove this redundancy in a single bulk commit; do not modify:

- meson.build (used to check function availability at runtime)
- pc-bios/
- libdecnumber/
- tests/
- *.c

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230605175647.88395-5-philmd@linaro.org>

show more ...

Merge tag 'pull-misc-2022-05-11' of git://repo.or.cz/qemu/armbru into staging

Miscellaneous patches patches for 2022-05-11

# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AO

Merge tag 'pull-misc-2022-05-11' of git://repo.or.cz/qemu/armbru into staging

Miscellaneous patches patches for 2022-05-11

# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmJ7zwISHGFybWJydUBy
# ZWRoYXQuY29tAAoJEDhwtADrkYZThuAQAJdSuj5fpY8EXxhuS3Rc8uHPrz6lP+nZ
# kwxKPOldwFdmkXRJ8qrjcc/BXxiJU3pxmSRvFZ8miCFMrb4Vd16sUzD6PeKb1jr8
# JsrvXcsaWn4f/p0v0WraamwSQeZUMjqsZPgZut93qfJoKmgTaxoZnR+ZDHFKoQJS
# qBrHL/5+RPxSugLa6IEpSQwy80jd0tMBaG/e8V+JxzgFM5jzOExwXtfUujzS92Lr
# NgapnbEZrpqErBC1xhpetQ8Q5I4r0kkLj4Exm/ClNtIM2GByJxI8x2DE+NJZNDnm
# g/tvVKUhEl6cOywQRajAJ/LrhUpVSkz6wsczv35rhRS+1FoCb+PRKr42SxZGI2rB
# tZLYt4ouoSGk2pYiudoIBKsIR1Svu7Cmg4YzOL9yvqF0BS3cRDvPgm3QFvoeErjL
# EML7b41zLdIkbvujsJ7HJqVL44QmMSu13PcLUtDvLh+ivpL9wIUQn3ji+rfsgqh+
# RYw4niJ9JO3N3/VwEhlymc9kRSTgZ6rdIWPrtQ5ACwTADAv30++opxAlksE6mo0m
# TYrqyTG2FHGOKm+5Q4Lyx1heHJDUAE3dlRIhGt8KqD6UKlpSfIVIUU2ztjZK4JQ5
# n85LOLZkE9ejbvbpnLX8hgKfouVKKYwFagc/ZA649cIXvC8YDxdOwvhjEVCxa+V5
# dQbpQsekXf9G
# =jOTx
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 11 May 2022 07:58:10 AM PDT
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [undefined]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653

* tag 'pull-misc-2022-05-11' of git://repo.or.cz/qemu/armbru:
Clean up decorations and whitespace around header guards
Normalize header guard symbol definition
Clean up ill-advised or unusual header guards
Clean up header guards that don't match their file name

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

Clean up header guards that don't match their file name

Header guard symbols should match their file name to make guard
collisions less likely.

Cleaned up with scripts/clean-header-guards.pl, follo

Clean up header guards that don't match their file name

Header guard symbols should match their file name to make guard
collisions less likely.

Cleaned up with scripts/clean-header-guards.pl, followed by some
renaming of new guard symbols picked by the script to better ones.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20220506134911.2856099-2-armbru@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
[Change to generated file ebpf/rss.bpf.skeleton.h backed out]

show more ...

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* SEV and SGX cleanups (Philippe, Dov)
* bugfixes for "check-block"
* bugfix for static build
* ObjectOptions cleanups (

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* SEV and SGX cleanups (Philippe, Dov)
* bugfixes for "check-block"
* bugfix for static build
* ObjectOptions cleanups (Thomas)
* binutils fix for PVH (Cole)
* HVF cleanup (Alex)

# gpg: Signature made Wed 13 Oct 2021 01:47:56 AM PDT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]

* remotes/bonzini/tags/for-upstream: (40 commits)
ebpf: really include it only in system emulators
target/i386/sev: Use local variable for kvm_sev_launch_measure
target/i386/sev: Use local variable for kvm_sev_launch_start
monitor: Tidy up find_device_state()
Revert "hw/misc: applesmc: use host osk as default on macs"
hw/i386/sgx: Move qmp_query_sgx() and hmp_info_sgx() to hw/i386/sgx.c
hw/i386/sgx: Move qmp_query_sgx_capabilities() to hw/i386/sgx.c
hw/i386/sgx: Have sgx_epc_get_section() return a boolean
MAINTAINERS: Cover SGX documentation file with X86/KVM section
hvf: Determine slot count from struct layout
tests: tcg: Fix PVH test with binutils 2.36+
qapi: Make some ObjectTypes depend on the build settings
MAINTAINERS: Cover SEV-related files with X86/KVM section
monitor: Reduce hmp_info_sev() declaration
target/i386/sev: Move qmp_query_sev() & hmp_info_sev() to sev.c
target/i386/sev: Move qmp_query_sev_launch_measure() to sev.c
target/i386/sev: Move qmp_query_sev_capabilities() to sev.c
target/i386/sev: Move qmp_sev_inject_launch_secret() to sev.c
target/i386/sev: Move qmp_query_sev_attestation_report() to sev.c
target/i386/sev: Remove stubs by using code elision
...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

target/i386/sev: Move qmp_query_sev() & hmp_info_sev() to sev.c

Move qmp_query_sev() & hmp_info_sev()() from monitor.c to sev.c
and make sev_get_info() static. We don't need the stub anymore,
remove

target/i386/sev: Move qmp_query_sev() & hmp_info_sev() to sev.c

Move qmp_query_sev() & hmp_info_sev()() from monitor.c to sev.c
and make sev_get_info() static. We don't need the stub anymore,
remove it. Add a stub for hmp_info_sev().

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211007161716.453984-22-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

target/i386/sev: Move qmp_query_sev_launch_measure() to sev.c

Move qmp_query_sev_launch_measure() from monitor.c to sev.c
and make sev_get_launch_measurement() static. We don't need the
stub anymore

target/i386/sev: Move qmp_query_sev_launch_measure() to sev.c

Move qmp_query_sev_launch_measure() from monitor.c to sev.c
and make sev_get_launch_measurement() static. We don't need the
stub anymore, remove it.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211007161716.453984-21-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

target/i386/sev: Move qmp_query_sev_capabilities() to sev.c

Move qmp_query_sev_capabilities() from monitor.c to sev.c
and make sev_get_capabilities() static. We don't need the
stub anymore, remove i

target/i386/sev: Move qmp_query_sev_capabilities() to sev.c

Move qmp_query_sev_capabilities() from monitor.c to sev.c
and make sev_get_capabilities() static. We don't need the
stub anymore, remove it.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211007161716.453984-20-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

target/i386/sev: Move qmp_query_sev_attestation_report() to sev.c

Move qmp_query_sev_attestation_report() from monitor.c to sev.c
and make sev_get_attestation_report() static. We don't need the
stub

target/i386/sev: Move qmp_query_sev_attestation_report() to sev.c

Move qmp_query_sev_attestation_report() from monitor.c to sev.c
and make sev_get_attestation_report() static. We don't need the
stub anymore, remove it.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211007161716.453984-18-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

target/i386/sev: Remove stubs by using code elision

Only declare sev_enabled() and sev_es_enabled() when CONFIG_SEV is
set, to allow the compiler to elide unused code. Remove unnecessary
stubs.

Sig

target/i386/sev: Remove stubs by using code elision

Only declare sev_enabled() and sev_es_enabled() when CONFIG_SEV is
set, to allow the compiler to elide unused code. Remove unnecessary
stubs.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20211007161716.453984-17-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

target/i386/sev: Declare system-specific functions in 'sev.h'

"sysemu/sev.h" is only used from x86-specific files. Let's move it
to include/hw/i386, and merge it with target/i386/sev.h.

Suggested-b

target/i386/sev: Declare system-specific functions in 'sev.h'

"sysemu/sev.h" is only used from x86-specific files. Let's move it
to include/hw/i386, and merge it with target/i386/sev.h.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211007161716.453984-16-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

target/i386/sev: Rename sev_i386.h -> sev.h

SEV is a x86 specific feature, and the "sev_i386.h" header
is already in target/i386/. Rename it as "sev.h" to simplify.

Patch created mechanically using

target/i386/sev: Rename sev_i386.h -> sev.h

SEV is a x86 specific feature, and the "sev_i386.h" header
is already in target/i386/. Rename it as "sev.h" to simplify.

Patch created mechanically using:

$ git mv target/i386/sev_i386.h target/i386/sev.h
$ sed -i s/sev_i386.h/sev.h/ $(git grep -l sev_i386.h)

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20211007161716.453984-15-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...