{"id":2197717,"url":"http://patchwork.ozlabs.org/api/1.0/patches/2197717/?format=json","project":{"id":14,"url":"http://patchwork.ozlabs.org/api/1.0/projects/14/?format=json","name":"QEMU Development","link_name":"qemu-devel","list_id":"qemu-devel.nongnu.org","list_email":"qemu-devel@nongnu.org","web_url":"","scm_url":"","webscm_url":""},"msgid":"<20260218114233.266178-34-anisinha@redhat.com>","date":"2026-02-18T11:42:26","name":"[v5,33/34] qom: add 'confidential-guest-reset' property for x86 confidential vms","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"74aa5136b898586d9a1b79653338705f11b5a930","submitter":{"id":86030,"url":"http://patchwork.ozlabs.org/api/1.0/people/86030/?format=json","name":"Ani Sinha","email":"anisinha@redhat.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/qemu-devel/patch/20260218114233.266178-34-anisinha@redhat.com/mbox/","series":[{"id":492541,"url":"http://patchwork.ozlabs.org/api/1.0/series/492541/?format=json","date":"2026-02-18T11:41:56","name":"Introduce support for confidential guest reset (x86)","version":5,"mbox":"http://patchwork.ozlabs.org/series/492541/mbox/"}],"check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2197717/checks/","tags":{},"headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=TCM4Qtmw;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=google header.b=LcZV4Gon;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org\n (client-ip=209.51.188.17; helo=lists.gnu.org;\n envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n receiver=patchwork.ozlabs.org)"],"Received":["from lists.gnu.org (lists.gnu.org [209.51.188.17])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fGF7K4vWtz1xwr\n\tfor ; Wed, 18 Feb 2026 22:45:17 +1100 (AEDT)","from localhost ([::1] helo=lists1p.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.90_1)\n\t(envelope-from )\n\tid 1vsfzF-0005dX-IJ; Wed, 18 Feb 2026 06:44:57 -0500","from eggs.gnu.org ([2001:470:142:3::10])\n by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from )\n id 1vsfz1-0004Vy-2r\n for qemu-devel@nongnu.org; Wed, 18 Feb 2026 06:44:45 -0500","from us-smtp-delivery-124.mimecast.com ([170.10.133.124])\n by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from )\n id 1vsfyp-0000DB-Th\n for qemu-devel@nongnu.org; Wed, 18 Feb 2026 06:44:33 -0500","from mail-pl1-f200.google.com (mail-pl1-f200.google.com\n [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS\n (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id\n us-mta-670-dfzRB1vKNK6m7qjMrTbauw-1; Wed, 18 Feb 2026 06:44:29 -0500","by mail-pl1-f200.google.com with SMTP id\n d9443c01a7336-2a7a98ba326so11896075ad.1\n for ; Wed, 18 Feb 2026 03:44:29 -0800 (PST)","from rhel9-box.lan ([117.99.83.54])\n by smtp.googlemail.com with ESMTPSA id\n d9443c01a7336-2ad1aaeab38sm127803425ad.82.2026.02.18.03.44.25\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Wed, 18 Feb 2026 03:44:28 -0800 (PST)"],"DKIM-Signature":["v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n s=mimecast20190719; t=1771415071;\n h=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n to:to:cc:cc:mime-version:mime-version:content-type:content-type:\n content-transfer-encoding:content-transfer-encoding:\n in-reply-to:in-reply-to:references:references;\n bh=wNOtE9iAdY/fz5zXRGOHALzxPR6yavv/SKATwTTFh+E=;\n b=TCM4Qtmw8H71yZo/+9Ch7r4JuaD6noICSCOb2PmrLNoKpkRYuOvKvE7Q+SLH4ARLb5jD8x\n 9wq8tTUjma3fH2Q5uwV6mOaAwenakUFOL66AkIM5Yo0yFcJdtfNzYd0c/HiaMrWim5iY2l\n 8ANJCOkDMb+KBLGR7yGaAcUdyEieULk=","v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=redhat.com; s=google; t=1771415069; x=1772019869; darn=nongnu.org;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:from:to:cc:subject:date\n :message-id:reply-to;\n bh=wNOtE9iAdY/fz5zXRGOHALzxPR6yavv/SKATwTTFh+E=;\n b=LcZV4Gonm2W7NipZXPj/nC8KuJ+2U+8hqIWT+qBmm5T/bs25PKNXnP/gmwKB4fQpO4\n Ijl1C4opcLc5DD+1PGwogedPqqelgjLPMWZpnWE0pXVac9KUSfUl2RkUEhsjda+Zavpu\n arzfufpFQXLMp9cOiB0NgJlWpoTwWmR4JlcjwPL1ZJ3Op1FWbqP5WDj0Hd6NywvU6zlE\n EnwyJxAG9TnapB+ZycxnJ2clMKogs7oazyRuN29v8OcGDtVutv8OYoWgkd2UgGuB1G+x\n 5YSlCR3pnAdKlj/n281hKsgfKsflp8GxUCnuej5TMMa1JgrAVEXJN00+BOnuy9WPSumY\n nAow=="],"X-MC-Unique":"dfzRB1vKNK6m7qjMrTbauw-1","X-Mimecast-MFC-AGG-ID":"dfzRB1vKNK6m7qjMrTbauw_1771415069","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20230601; t=1771415069; x=1772019869;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from\n :to:cc:subject:date:message-id:reply-to;\n bh=wNOtE9iAdY/fz5zXRGOHALzxPR6yavv/SKATwTTFh+E=;\n b=ARJPYsdY0Ve5cifAmtdz+NyNruE1CEmI1DGTPn7eHFpZTQWZ/9AWaeySDtdDqL6OQd\n jays+Vsuwwf2yC8N2qGF6kOU1J1kOdv8k5AJ8wToC7mvGGP3u2gY0wHL6E/RkjeaQ6eR\n dyAWGaVGSsZqkcYsLVpC3V+aDJWcGrXcbHnoP6UkB9ql0qAVCrJpVLM5ABbOvdZ6A0tc\n e3GxnAfUhRP9TOsBK0RRpwhUpS3LHSSGZBFWFxCLzMm57ephv9UW0Wwrdv4qQPAKjeUs\n NXvhHPm9pBiQvkV9LBHDLQmX7KXR7vAJjx8JCzQVK0p8aLJls1S3sAtORaFhXXOs/LDf\n 0bBg==","X-Forwarded-Encrypted":"i=1;\n AJvYcCUBjKONs6684XjQVVJqQXgJm4CrbBNEHKP5dBV0ZmKf+uMmWarfA01p7cjd95o6iTdWNS46g6gLMWKo@nongnu.org","X-Gm-Message-State":"AOJu0YySOUFU1xSaDIGlq60FlY35rS1Ugv8uDVAohyy9wwcic2l0Iq6h\n CdSGPl18kZMK0A5r0sPIQ/k7y9kwjIU2J/r2SvT4G/ENXHlU30g+Ycbo+OCoA6rdi/h9PHnlWlV\n 7ETkZH+C/zvLCFcIZTr5oHmZqyhIG0XpOrTfrocunstHNVDqOvUyZCICU","X-Gm-Gg":"AZuq6aK1HmbZnsws4AxRQVns8F68lUdNrRfOnn5WbQ7IjitVvgjCR+5lKKRmWIdI41g\n LYvHHJxtU7nwuC3rinrhueMeeYtTA+34LM2r8S4VJXjDlvK7TwYk3ZAzqTYO+nRYsC6TOCIg8jz\n e2fXkFTKMcgFMn5VqwYRCVawmQ8OcuqQY+F4B4OuZnOVkfNWupryjjSRaeJnEWJUbnxgQQ33s/+\n J8y1TrzTy96rGNK5Vlq2M50TqWdiJ1Y3+rYTVxMrFTsSznMCd0SQAnhrtZLwf3cDcpf9Hi9EJCy\n JN+5YhzeCnfqvEsoykv7P7+5LtDXYan8fsUYH6e0MDB7dfeJ+GTUB4ve0k4gHtbeksBOjvgSIiA\n JhhaZGFobM/cYJr7Uxz4JBmUul13v0gmYNJlnqM/d1xEey6NrPPKg","X-Received":["by 2002:a17:902:ef03:b0:294:f6e5:b91a with SMTP id\n d9443c01a7336-2ad50bbdcdcmr14727675ad.13.1771415068725;\n Wed, 18 Feb 2026 03:44:28 -0800 (PST)","by 2002:a17:902:ef03:b0:294:f6e5:b91a with SMTP id\n d9443c01a7336-2ad50bbdcdcmr14727525ad.13.1771415068359;\n Wed, 18 Feb 2026 03:44:28 -0800 (PST)"],"From":"Ani Sinha ","To":"Paolo Bonzini ,\n =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= ,\n Eduardo Habkost , Eric Blake ,\n Markus Armbruster ","Cc":"Ani Sinha , kraxel@redhat.com, qemu-devel@nongnu.org","Subject":"[PATCH v5 33/34] qom: add 'confidential-guest-reset' property for x86\n confidential vms","Date":"Wed, 18 Feb 2026 17:12:26 +0530","Message-ID":"<20260218114233.266178-34-anisinha@redhat.com>","X-Mailer":"git-send-email 2.42.0","In-Reply-To":"<20260218114233.266178-1-anisinha@redhat.com>","References":"<20260218114233.266178-1-anisinha@redhat.com>","MIME-Version":"1.0","Content-Type":"text/plain; charset=UTF-8","Content-Transfer-Encoding":"8bit","Received-SPF":"pass client-ip=170.10.133.124;\n envelope-from=anisinha@redhat.com;\n helo=us-smtp-delivery-124.mimecast.com","X-Spam_score_int":"-20","X-Spam_score":"-2.1","X-Spam_bar":"--","X-Spam_report":"(-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.043,\n DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,\n RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001,\n RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,\n SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no","X-Spam_action":"no action","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"qemu development ","List-Unsubscribe":",\n ","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n ","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org"},"content":"Through the new 'confidential-guest-reset' property, control plane should be\nable to detect if the hypervisor supports x86 confidential guest resets. Older\nhypervisors that do not support resets will not have this property populated.\n\nSuggested-by: Daniel P. Berrangé \nSigned-off-by: Ani Sinha \n---\n qapi/qom.json | 16 ++++++++++++++--\n 1 file changed, 14 insertions(+), 2 deletions(-)","diff":"diff --git a/qapi/qom.json b/qapi/qom.json\nindex 6f5c9de0f0..c653248f85 100644\n--- a/qapi/qom.json\n+++ b/qapi/qom.json\n@@ -1009,13 +1009,19 @@\n # designated guest firmware page for measured boot with -kernel\n # (default: false) (since 6.2)\n #\n+# Features:\n+#\n+# @confidential-guest-reset: If present, the hypervisor supports\n+# confidential guest resets (since 11.0).\n+#\n # Since: 9.1\n ##\n { 'struct': 'SevCommonProperties',\n 'data': { '*sev-device': 'str',\n '*cbitpos': 'uint32',\n 'reduced-phys-bits': 'uint32',\n- '*kernel-hashes': 'bool' } }\n+ '*kernel-hashes': 'bool' },\n+ 'features': ['confidential-guest-reset']}\n \n ##\n # @SevGuestProperties:\n@@ -1136,6 +1142,11 @@\n # it, the guest will not be able to get a TD quote for\n # attestation.\n #\n+# Features:\n+#\n+# @confidential-guest-reset: If present, the hypervisor supports\n+# confidential guest resets (since 11.0).\n+#\n # Since: 10.1\n ##\n { 'struct': 'TdxGuestProperties',\n@@ -1144,7 +1155,8 @@\n '*mrconfigid': 'str',\n '*mrowner': 'str',\n '*mrownerconfig': 'str',\n- '*quote-generation-socket': 'SocketAddress' } }\n+ '*quote-generation-socket': 'SocketAddress' },\n+ 'features': ['confidential-guest-reset']}\n \n ##\n # @ThreadContextProperties:\n","prefixes":["v5","33/34"]}