TDX guest requires some special parameters to boot, They are:
"-machine pc-q35-*"
"kernel_irqchip=split"
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@xxxxxxxxx>
---
src/qemu/qemu_validate.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 5a9173e8ff..c4f386fe99 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -1329,6 +1329,16 @@ qemuValidateDomainDef(const virDomainDef *def,
_("INTEL TDX launch security is not supported with this QEMU binary"));
return -1;
}
+ if (!qemuDomainIsQ35(def)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Intel TDX is supported with q35 machine types only"));
+ return -1;
+ }
+ if (def->features[VIR_DOMAIN_FEATURE_IOAPIC] != VIR_DOMAIN_IOAPIC_QEMU) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("INTEL TDX launch security needs split kernel irqchip"));
+ return -1;
+ }
break;
case VIR_DOMAIN_LAUNCH_SECURITY_NONE:
case VIR_DOMAIN_LAUNCH_SECURITY_LAST:
--
2.34.1
_______________________________________________
Devel mailing list -- devel@xxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxx
