[RFC PATCH 5/7] qemu: add support to TDVF firmware loader
Zhenzhong Duan
zhenzhong.duan at intel.com
Fri Jun 18 08:50:50 UTC 2021
TDX guest need a specific firmware TDVF to bootup, add a new element
in TrustDomain element for that purpose, like below:
<TrustDomain type='tdx'>
<policy>0x0001</policy>
<loader>/path/to/TDVF-binary</loader>
</TrustDomain>
Qemu command line looks like:
$QEMU ... \
-device loader,file= /path/to/TDVF-binary,id=fd0
Signed-off-by: Zhenzhong Duan <zhenzhong.duan at intel.com>
---
docs/schemas/domaincommon.rng | 3 +++
src/conf/domain_conf.c | 6 ++++++
src/conf/domain_conf.h | 1 +
src/qemu/qemu_command.c | 4 ++++
tests/genericxml2xmlindata/trust-domain-tdx.xml | 1 +
tests/qemuxml2argvdata/trust-domain-tdx.xml | 1 +
6 files changed, 16 insertions(+)
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 2b39a01e84..b439012648 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -530,6 +530,9 @@
<element name="policy">
<ref name="hexuint"/>
</element>
+ <element name="loader">
+ <data type="string"/>
+ </element>
</interleave>
</element>
</define>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index a51db088c1..0513d6d016 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -3515,6 +3515,7 @@ virDomainTDXDefFree(virDomainTDXDef *def)
if (!def)
return;
+ g_free(def->loader);
g_free(def);
}
@@ -14849,6 +14850,7 @@ virDomainTDXDefParseXML(xmlNodePtr tdxNode,
}
def->policy = policy;
+ def->loader = virXPathString("string(./loader)", ctxt);
return def;
@@ -26950,6 +26952,10 @@ virDomainTDXDefFormat(virBuffer *buf, virDomainTDXDef *tdx)
virBufferAsprintf(buf, "<TrustDomain type='tdx'>\n");
virBufferAdjustIndent(buf, 2);
virBufferAsprintf(buf, "<policy>0x%04x</policy>\n", tdx->policy);
+
+ if (tdx->loader)
+ virBufferEscapeString(buf, "<loader>%s</loader>\n", tdx->loader);
+
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "</TrustDomain>\n");
}
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 7cb5061c8c..cabfc80b4b 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2671,6 +2671,7 @@ typedef enum {
struct _virDomainTDXDef {
int sectype; /* enum virDomainTrustDomain */
unsigned int policy; /* bit 0 set hint debug enabled, other bit reserved */
+ char *loader; /* patch for TDX TDVF firmware */
};
typedef enum {
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 1e14c95a49..891d795b02 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -9885,6 +9885,10 @@ qemuBuildTDXCommandLine(virDomainObj *vm, virCommand *cmd,
virCommandAddArg(cmd, "-object");
virCommandAddArgBuffer(cmd, &buf);
+
+ virCommandAddArg(cmd, "-device");
+ virCommandAddArgFormat(cmd, "loader,id=fd0,file=%s", tdx->loader);
+
return 0;
}
diff --git a/tests/genericxml2xmlindata/trust-domain-tdx.xml b/tests/genericxml2xmlindata/trust-domain-tdx.xml
index 7a56cf0e92..7422f0c06f 100644
--- a/tests/genericxml2xmlindata/trust-domain-tdx.xml
+++ b/tests/genericxml2xmlindata/trust-domain-tdx.xml
@@ -16,6 +16,7 @@
</devices>
<TrustDomain type='tdx'>
<policy>0x0001</policy>
+ <loader>/path/to/TDVF-binary</loader>
</TrustDomain>
</domain>
diff --git a/tests/qemuxml2argvdata/trust-domain-tdx.xml b/tests/qemuxml2argvdata/trust-domain-tdx.xml
index e0f0b77866..1d8ad45c4c 100644
--- a/tests/qemuxml2argvdata/trust-domain-tdx.xml
+++ b/tests/qemuxml2argvdata/trust-domain-tdx.xml
@@ -32,5 +32,6 @@
</devices>
<TrustDomain type='tdx'>
<policy>0x0001</policy>
+ <loader>/path/to/TDVF-binary</loader>
</TrustDomain>
</domain>
--
2.25.1
More information about the libvir-list
mailing list