From: Xiaoyao Li <xiaoyao.li@intel.com>
To: "Paolo Bonzini" <pbonzini@redhat.com>,
"Isaku Yamahata" <isaku.yamahata@gmail.com>,
isaku.yamahata@intel.com, "Gerd Hoffmann" <kraxel@redhat.com>,
"Daniel P . Berrangé" <berrange@redhat.com>,
"Philippe Mathieu-Daudé" <f4bug@amsat.org>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Michael S . Tsirkin" <mst@redhat.com>,
"Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
"Cornelia Huck" <cohuck@redhat.com>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
"Laszlo Ersek" <lersek@redhat.com>,
"Eric Blake" <eblake@redhat.com>
Cc: Connor Kuehl <ckuehl@redhat.com>,
erdemaktas@google.com, kvm@vger.kernel.org,
qemu-devel@nongnu.org, seanjc@google.com, xiaoyao.li@intel.com
Subject: [RFC PATCH v4 00/36] TDX QEMU support
Date: Thu, 12 May 2022 11:17:27 +0800 [thread overview]
Message-ID: <20220512031803.3315890-1-xiaoyao.li@intel.com> (raw)
This is the v4 RFC, I would like to get feedback on whether the design
in this series is the good direction to enable TDX on QEMU.
This patch series aims to enable TDX support to allow creating and booting a
TD (TDX VM) with QEMU. It needs to work with corresponding v6 KVM patch
for TDX [1]. You can find TDX related documents in [2].
You can also find this series in below repo in github:
https://github.com/intel/qemu-tdx/tree/tdx-qemu-upstream-rfc-v4
and it's based on two cleanup patches
https://lore.kernel.org/qemu-devel/20220310122811.807794-1-xiaoyao.li@intel.com/
To boot a TDX VM, it requires several changes/additional steps in the flow:
1. specify the vm type KVM_X86_TDX_VM when creating VM with
IOCTL(KVM_CREATE_VM);
2. initialize VM scope configuration before creating any VCPU;
3. initialize VCPU scope configuration;
4. initialize virtual firmware in guest private memory before vcpu running;
Besides, TDX VM needs to boot with TDVF (TDX virtual firmware) and currently
upstream OVMF can serve as TDVF. This series adds the support of parsing TDVF,
loading TDVF into guest's private memory and preparing TD HOB info for TDVF.
[1] KVM TDX basic feature support
https://lore.kernel.org/all/cover.1646422845.git.isaku.yamahata@intel.com/
[2] https://www.intel.com/content/www/us/en/developer/articles/technical/intel-trust-domain-extensions.html
== Limitation and future work ==
- Readonly memslot
TDX only support readonly (write protection) memslot for shared memory, but
not for private memory. For simplicity, just mark readonly memslot not
supported entirely for TDX.
- CPU model
We cannot create a TD with arbitrary CPU model like what for non-TDX VMs,
because only a subset of features can be configured for TD.
- It's recommended to use '-cpu host' to create TD;
- '+feature/-feature' might not work as expected;
future work: To introduce specific CPU model for TDs and enhance +/-features
for TDs.
- gdb suppport
gdb support to debug a TD of off-debug mode is future work.
== Patch organization ==
1 Manually fetch Linux UAPI changes for TDX;
2-15,25-26 Basic TDX support that parses vm-type and invoke TDX
specific IOCTLs
16-24 Load, parse and initialize TDVF for TDX VM;
27-31 Disable unsupported functions for TDX VM;
32-35 Avoid errors due to KVM's requirement on TDX;
36 Add documentation of TDX;
== Change history ==
Changes from RFC v3:
- Load TDVF with -bios interface;
- Adapt to KVM API changes;
- KVM_TDX_CAPABILITIES changes back to KVM-scope;
- struct kvm_tdx_init_vm changes;
- Define TDX_SUPPORTED_KVM_FEATURES;
- Drop the patch of introducing property sept-ve-disable since it's not
public yet;
- some misc cleanups
Changes from RFC v2:
- Get vm-type from confidential-guest-support object type;
- Drop machine_init_done_late_notifiers;
- Refactor tdx_ioctl implementation;
- re-use existing pflash interface to load TDVF (i.e., OVMF binaries);
- introduce new date structure to track memory type instead of changing
e820 table;
- Force smm to off for TDX VM;
- Drop the patches that suppress level-trigger/SMI/INIT/SIPI since KVM
will ingore them;
- Add documentation;
[v2] https://lore.kernel.org/qemu-devel/cover.1625704980.git.isaku.yamahata@intel.com/
Changes from RFC v1:
- suppress level trigger/SMI/INIT/SIPI related to IOAPIC.
- add VM attribute sha384 to TD measurement.
- guest TSC Hz specification
[v1] https://lore.kernel.org/qemu-devel/cover.1613188118.git.isaku.yamahata@intel.com/
Isaku Yamahata (4):
i386/tdvf: Introduce function to parse TDVF metadata
i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION
hw/i386: add option to forcibly report edge trigger in acpi tables
i386/tdx: Don't synchronize guest tsc for TDs
Sean Christopherson (2):
i386/kvm: Move architectural CPUID leaf generation to separate helper
i386/tdx: Don't get/put guest state for TDX VMs
Xiaoyao Li (30):
*** HACK *** linux-headers: Update headers to pull in TDX API changes
i386: Introduce tdx-guest object
target/i386: Implement mc->kvm_type() to get VM type
target/i386: Introduce kvm_confidential_guest_init()
i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context
i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES
i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object
i386/tdx: Adjust get_supported_cpuid() for TDX VM
KVM: Introduce kvm_arch_pre_create_vcpu()
i386/tdx: Initialize TDX before creating TD vcpus
i386/tdx: Wire CPU features up with attributes of TD guest
i386/tdx: Validate TD attributes
i386/tdx: Implement user specified tsc frequency
i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM
i386/tdx: Parse TDVF metadata for TDX VM
i386/tdx: Skip BIOS shadowing setup
i386/tdx: Don't initialize pc.rom for TDX VMs
i386/tdx: Register a machine_init_done callback for TD
i386/tdx: Track mem_ptr for each firmware entry of TDVF
i386/tdx: Track RAM entries for TDX VM
i386/tdx: Setup the TD HOB list
i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu
i386/tdx: Finalize TDX VM
i386/tdx: Disable SMM for TDX VMs
i386/tdx: Disable PIC for TDX VMs
i386/tdx: Don't allow system reset for TDX VMs
hw/i386: add eoi_intercept_unsupported member to X86MachineState
i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() for TDs
i386/tdx: Skip kvm_put_apicbase() for TDs
docs: Add TDX documentation
accel/kvm/kvm-all.c | 21 +-
configs/devices/i386-softmmu/default.mak | 1 +
docs/system/confidential-guest-support.rst | 1 +
docs/system/i386/tdx.rst | 103 +++++
docs/system/target-i386.rst | 1 +
hw/i386/Kconfig | 6 +
hw/i386/acpi-build.c | 99 ++--
hw/i386/acpi-common.c | 50 +-
hw/i386/meson.build | 1 +
hw/i386/pc.c | 21 +-
hw/i386/pc_sysfw.c | 7 +
hw/i386/tdvf-hob.c | 212 +++++++++
hw/i386/tdvf-hob.h | 25 +
hw/i386/tdvf.c | 198 ++++++++
hw/i386/uefi.h | 198 ++++++++
hw/i386/x86.c | 34 +-
include/hw/i386/tdvf.h | 58 +++
include/hw/i386/x86.h | 1 +
include/sysemu/kvm.h | 1 +
linux-headers/asm-x86/kvm.h | 95 ++++
linux-headers/linux/kvm.h | 2 +
qapi/qom.json | 14 +
target/i386/cpu.h | 5 +
target/i386/kvm/kvm.c | 362 +++++++++------
target/i386/kvm/kvm_i386.h | 5 +
target/i386/kvm/meson.build | 2 +
target/i386/kvm/tdx-stub.c | 19 +
target/i386/kvm/tdx.c | 505 +++++++++++++++++++++
target/i386/kvm/tdx.h | 55 +++
target/i386/sev.c | 1 -
target/i386/sev.h | 2 +
31 files changed, 1897 insertions(+), 208 deletions(-)
create mode 100644 docs/system/i386/tdx.rst
create mode 100644 hw/i386/tdvf-hob.c
create mode 100644 hw/i386/tdvf-hob.h
create mode 100644 hw/i386/tdvf.c
create mode 100644 hw/i386/uefi.h
create mode 100644 include/hw/i386/tdvf.h
create mode 100644 target/i386/kvm/tdx-stub.c
create mode 100644 target/i386/kvm/tdx.c
create mode 100644 target/i386/kvm/tdx.h
--
2.27.0
next reply other threads:[~2022-05-12 3:18 UTC|newest]
Thread overview: 105+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-12 3:17 Xiaoyao Li [this message]
2022-05-12 3:17 ` [RFC PATCH v4 01/36] *** HACK *** linux-headers: Update headers to pull in TDX API changes Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 02/36] i386: Introduce tdx-guest object Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 03/36] target/i386: Implement mc->kvm_type() to get VM type Xiaoyao Li
2022-05-23 8:36 ` Gerd Hoffmann
2022-05-23 14:55 ` Isaku Yamahata
2022-05-12 3:17 ` [RFC PATCH v4 04/36] target/i386: Introduce kvm_confidential_guest_init() Xiaoyao Li
2022-05-23 8:37 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 05/36] i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context Xiaoyao Li
2022-05-23 8:38 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 06/36] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES Xiaoyao Li
2022-05-12 17:38 ` Isaku Yamahata
2022-05-23 8:45 ` Gerd Hoffmann
2022-05-23 15:30 ` Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 07/36] i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object Xiaoyao Li
2022-05-23 8:48 ` Gerd Hoffmann
2022-05-23 14:59 ` Isaku Yamahata
2022-05-24 6:42 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 08/36] i386/tdx: Adjust get_supported_cpuid() for TDX VM Xiaoyao Li
2022-05-23 9:01 ` Gerd Hoffmann
2022-05-23 15:37 ` Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 09/36] KVM: Introduce kvm_arch_pre_create_vcpu() Xiaoyao Li
2022-05-12 17:50 ` Isaku Yamahata
2022-05-13 0:15 ` Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 10/36] i386/kvm: Move architectural CPUID leaf generation to separate helper Xiaoyao Li
2022-05-12 17:48 ` Isaku Yamahata
2022-05-13 0:37 ` Xiaoyao Li
2022-05-23 9:06 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 11/36] i386/tdx: Initialize TDX before creating TD vcpus Xiaoyao Li
2022-05-23 9:20 ` Gerd Hoffmann
2022-05-23 15:42 ` Xiaoyao Li
2022-05-24 6:57 ` Gerd Hoffmann
2022-06-01 7:20 ` Xiaoyao Li
2022-06-01 7:54 ` Gerd Hoffmann
2022-06-02 1:01 ` Xiaoyao Li
2022-06-07 11:16 ` Gerd Hoffmann
2022-06-08 1:50 ` Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 12/36] i386/tdx: Wire CPU features up with attributes of TD guest Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 13/36] i386/tdx: Validate TD attributes Xiaoyao Li
2022-05-23 9:39 ` Gerd Hoffmann
2022-05-24 4:19 ` Xiaoyao Li
2022-05-24 6:59 ` Gerd Hoffmann
2022-05-24 8:11 ` Xiaoyao Li
2022-05-24 8:29 ` Gerd Hoffmann
2022-05-26 3:44 ` Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 14/36] i386/tdx: Implement user specified tsc frequency Xiaoyao Li
2022-05-12 18:04 ` Isaku Yamahata
2022-05-13 0:46 ` Xiaoyao Li
2022-05-23 9:43 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 15/36] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM Xiaoyao Li
2022-05-23 9:45 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 16/36] i386/tdvf: Introduce function to parse TDVF metadata Xiaoyao Li
2022-05-24 7:02 ` Gerd Hoffmann
2022-05-26 2:25 ` Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 17/36] i386/tdx: Parse TDVF metadata for TDX VM Xiaoyao Li
2022-05-24 7:03 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 18/36] i386/tdx: Skip BIOS shadowing setup Xiaoyao Li
2022-05-24 7:08 ` Gerd Hoffmann
2022-05-26 2:48 ` Xiaoyao Li
2022-05-30 11:49 ` Gerd Hoffmann
2022-07-29 7:14 ` Xiaoyao Li
2022-08-16 7:13 ` Gerd Hoffmann
2022-08-16 7:16 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 19/36] i386/tdx: Don't initialize pc.rom for TDX VMs Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 20/36] i386/tdx: Register a machine_init_done callback for TD Xiaoyao Li
2022-05-24 7:09 ` Gerd Hoffmann
2022-05-26 2:52 ` Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 21/36] i386/tdx: Track mem_ptr for each firmware entry of TDVF Xiaoyao Li
2022-05-24 7:11 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 22/36] i386/tdx: Track RAM entries for TDX VM Xiaoyao Li
2022-05-24 7:37 ` Gerd Hoffmann
2022-05-26 7:33 ` Xiaoyao Li
2022-05-26 18:48 ` Isaku Yamahata
2022-05-27 8:39 ` Xiaoyao Li
2022-05-30 11:59 ` Gerd Hoffmann
2022-05-31 2:09 ` Xiaoyao Li
2022-05-27 8:36 ` Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 23/36] i386/tdx: Setup the TD HOB list Xiaoyao Li
2022-05-12 18:33 ` Isaku Yamahata
2022-05-24 7:56 ` Gerd Hoffmann
2022-06-02 9:27 ` Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 24/36] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION Xiaoyao Li
2022-05-12 18:34 ` Isaku Yamahata
2022-05-13 0:46 ` Xiaoyao Li
2022-05-24 7:57 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 25/36] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu Xiaoyao Li
2022-05-24 7:59 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 26/36] i386/tdx: Finalize TDX VM Xiaoyao Li
2022-05-24 7:59 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 27/36] i386/tdx: Disable SMM for TDX VMs Xiaoyao Li
2022-05-24 8:00 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 28/36] i386/tdx: Disable PIC " Xiaoyao Li
2022-05-24 8:00 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 29/36] i386/tdx: Don't allow system reset " Xiaoyao Li
2022-05-24 8:01 ` Gerd Hoffmann
2022-05-12 3:17 ` [RFC PATCH v4 30/36] hw/i386: add eoi_intercept_unsupported member to X86MachineState Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 31/36] hw/i386: add option to forcibly report edge trigger in acpi tables Xiaoyao Li
2022-05-12 3:17 ` [RFC PATCH v4 32/36] i386/tdx: Don't synchronize guest tsc for TDs Xiaoyao Li
2022-05-24 8:04 ` Gerd Hoffmann
2022-05-12 3:18 ` [RFC PATCH v4 33/36] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() " Xiaoyao Li
2022-05-24 8:05 ` Gerd Hoffmann
2022-05-12 3:18 ` [RFC PATCH v4 34/36] i386/tdx: Skip kvm_put_apicbase() " Xiaoyao Li
2022-05-12 3:18 ` [RFC PATCH v4 35/36] i386/tdx: Don't get/put guest state for TDX VMs Xiaoyao Li
2022-05-12 3:18 ` [RFC PATCH v4 36/36] docs: Add TDX documentation Xiaoyao Li
2022-05-12 18:42 ` Isaku Yamahata
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220512031803.3315890-1-xiaoyao.li@intel.com \
--to=xiaoyao.li@intel.com \
--cc=berrange@redhat.com \
--cc=ckuehl@redhat.com \
--cc=cohuck@redhat.com \
--cc=eblake@redhat.com \
--cc=erdemaktas@google.com \
--cc=f4bug@amsat.org \
--cc=isaku.yamahata@gmail.com \
--cc=isaku.yamahata@intel.com \
--cc=kraxel@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=lersek@redhat.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=mst@redhat.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=seanjc@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.