From c8eba92f97b68fad3f84dde2fb6fd4409738e626 Mon Sep 17 00:00:00 2001 From: lihuhua Date: Sat, 22 Mar 2025 12:01:26 +0800 Subject: [PATCH] virtcca: add kvm isolation when get tmi version. --- hw/arm/boot.c | 7 ++++++- hw/arm/virt.c | 6 +++++- linux-headers/asm-arm64/kvm.h | 2 -- linux-headers/linux/kvm.h | 1 + 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/hw/arm/boot.c b/hw/arm/boot.c index a3e0dbb68c..9a33601d35 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -1163,7 +1163,12 @@ static void arm_setup_confidential_firmware_boot(ARMCPU *cpu, const char *firmware_filename) { uint64_t tmi_version = 0; - if (kvm_ioctl(kvm_state, KVM_GET_TMI_VERSION, &tmi_version) < 0) { + int ret = -1; + + if (kvm_enabled()) { + ret = kvm_ioctl(kvm_state, KVM_GET_TMI_VERSION, &tmi_version); + } + if (ret < 0) { error_report("please check the kernel version!"); exit(EXIT_FAILURE); } diff --git a/hw/arm/virt.c b/hw/arm/virt.c index 3c31d3667e..fed2f8c4d7 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -2057,7 +2057,11 @@ static void virt_set_memmap(VirtMachineState *vms, int pa_bits) vms->memmap[VIRT_PCIE_MMIO] = (MemMapEntry) { 0x10000000, 0x2edf0000 }; vms->memmap[VIRT_KAE_DEVICE] = (MemMapEntry) { 0x3edf0000, 0x00200000 }; uint64_t tmi_version = 0; - if (kvm_ioctl(kvm_state, KVM_GET_TMI_VERSION, &tmi_version) < 0) { + int ret = -1; + if (kvm_enabled()) { + ret = kvm_ioctl(kvm_state, KVM_GET_TMI_VERSION, &tmi_version); + } + if (ret < 0) { warn_report("can not get tmi version"); } if (tmi_version < MIN_TMI_VERSION_FOR_UEFI_BOOTED_CVM) { diff --git a/linux-headers/asm-arm64/kvm.h b/linux-headers/asm-arm64/kvm.h index d69a71cbec..552fdcb18f 100644 --- a/linux-headers/asm-arm64/kvm.h +++ b/linux-headers/asm-arm64/kvm.h @@ -597,6 +597,4 @@ struct kvm_cap_arm_tmm_populate_region_args { #endif -#define MIN_TMI_VERSION_FOR_UEFI_BOOTED_CVM 0x20001 - #endif /* __ARM_KVM_H__ */ diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h index c9ec7f862a..b94c5fd90f 100644 --- a/linux-headers/linux/kvm.h +++ b/linux-headers/linux/kvm.h @@ -2430,5 +2430,6 @@ struct kvm_s390_zpci_op { /* get tmi version */ #define KVM_GET_TMI_VERSION _IOR(KVMIO, 0xd2, uint64_t) +#define MIN_TMI_VERSION_FOR_UEFI_BOOTED_CVM 0x20001 #endif /* __LINUX_KVM_H */ -- 2.41.0.windows.1