Hi,
This means that if hot plug of virtio devices is supported, the device tree needs to be updated to the realm VM after the virtual machine is ACTIVE.
Yes, the realm guest needs to be notified about the device hotplug by the VMM. The notification mechanism and the related update of device info would be application specific. It would be possible to extend the mechanism that exists today for Regular VMs to the Realm VMs but I don’t know the details of existing mechanism.
If rmm calls data_create after Realm VM is ACTIVE, the Realm Initial Measurement will change. After realm VM is ACTIVE, is RIM still allowed to change?
Data_create is not allowed after Realm VM is ACTIVE and RIM is not allowed to changed after ACTIVE. Data_create_unknown is allowed though, and this API will not change RIM. Any Device tree/ other info about hotplug will need to be transferred in an application specific manner.
Best Regards Soby Mathew
-----Original Message----- From: wuweinan@huawei.com wuweinan@huawei.com Sent: Wednesday, July 24, 2024 8:43 AM To: tf-rmm@lists.trustedfirmware.org Subject: [tf-rmm] Re: Does the confidential virtual machine support hot-plug for CPU, memory, and devices?
Hi For device&memory hot plug, Libvirt supports "attach device" command to hot plug virtio devices and memory. It should be necessary to update the device tree information and notify guest OS. RMM copies the qemu device tree to the realm through data_create when the virtual machine is in the NEW state. This means that if hot plug of virtio devices is supported, the device tree needs to be updated to the realm VM after the virtual machine is ACTIVE.
If rmm calls data_create after Realm VM is ACTIVE, the Realm Initial Measurement will change. After realm VM is ACTIVE, is RIM still allowed to change? _______________________________________________ tf-rmm mailing list -- tf-rmm@lists.trustedfirmware.org To unsubscribe send an email to tf-rmm-leave@lists.trustedfirmware.org