* [RFC PATCH 00/23] [RFC PATCH 00/24] TDX support
@ 2021-02-16 2:12 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:12 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata
This patch series is to enable TDX support.
This needs corresponding KVM patch for TDX[] and more patches are needed
that addresses generic corner cases, e.g. ACPI related stuff, are needed.
So This patch series is RFC.
More emulated devices and their behavior needs to be adjusted as some
operations are disallowed.
Patch series is organized as follows
1- 5 code refactoring and simple hooks that will be used later
6- 9 introduce kvm type and tdx type. disallow non-usable operations
10-15 wire up necessary TDX kvm ioctl to initialize TD guest
16-21 load TDVF and setup necessary info for TDVF
22-23 force x2apic and disable PIC
Isaku Yamahata (12):
kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl()
KVM: i386: use VM capability check for KVM_CAP_X86_SMM
vl: Introduce machine_init_done_late notifier
i386/kvm: Skip KVM_X86_SETUP_MCE for TDX guests
target/i386: kvm: don't synchronize guest tsc for TD guest
i386/tdx: Frame in the call for KVM_TDX_INIT_VCPU
hw/i386: Add definitions from UEFI spec for volumes, resources, etc...
i386/tdx: Add definitions for TDVF metadata
i386/tdx: Parse tdvf metadata and store the result into TdxGuest
i386/tdx: Create the TD HOB list upon machine init done
i386/tdx: Add TDVF memory via INIT_MEM_REGION
i386/tdx: Use KVM_TDX_INIT_VCPU to pass HOB to TDVF
Sean Christopherson (7):
target/i386: Expose x86_cpu_get_supported_feature_word() for TDX
i386/kvm: Move architectural CPUID leaf generation to separarte helper
i386/kvm: Squash getting/putting guest state for TDX VMs
i386/tdx: Frame in tdx_get_supported_cpuid with KVM_TDX_CAPABILITIES
i386/tdx: Add hook to require generic device loader
i386/tdx: Force x2apic mode and routing for TDs
target/i386: Add machine option to disable PIC/8259
Xiaoyao Li (4):
hw/i386: Introduce kvm-type for TDX guest
linux-headers: Update headers to pull in TDX API changes
hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX
target/i386/tdx: Finalize the TD's measurement when machine is done
accel/kvm/kvm-all.c | 4 +-
default-configs/devices/i386-softmmu.mak | 1 +
hw/core/generic-loader.c | 5 +
hw/core/machine.c | 26 ++
hw/core/meson.build | 3 +
hw/core/tdvf-stub.c | 6 +
hw/i386/Kconfig | 5 +
hw/i386/meson.build | 1 +
hw/i386/pc.c | 18 +
hw/i386/pc_piix.c | 4 +-
hw/i386/pc_q35.c | 4 +-
hw/i386/pc_sysfw.c | 6 +
hw/i386/tdvf-hob.c | 226 +++++++++++
hw/i386/tdvf-hob.h | 25 ++
hw/i386/tdvf.c | 305 ++++++++++++++
hw/i386/uefi.h | 496 +++++++++++++++++++++++
hw/i386/x86.c | 46 +++
hw/intc/apic_common.c | 12 +
include/hw/i386/apic.h | 1 +
include/hw/i386/apic_internal.h | 1 +
include/hw/i386/pc.h | 2 +
include/hw/i386/tdvf.h | 55 +++
include/hw/i386/x86.h | 1 +
include/sysemu/sysemu.h | 2 +
include/sysemu/tdvf.h | 6 +
include/sysemu/tdx.h | 15 +
linux-headers/asm-x86/kvm.h | 55 +++
linux-headers/linux/kvm.h | 2 +
target/i386/cpu.c | 4 +-
target/i386/cpu.h | 3 +
target/i386/kvm/kvm-stub.c | 5 +
target/i386/kvm/kvm.c | 227 +++++++----
target/i386/kvm/kvm_i386.h | 5 +
target/i386/kvm/meson.build | 1 +
target/i386/kvm/tdx-stub.c | 23 ++
target/i386/kvm/tdx.c | 329 +++++++++++++++
target/i386/kvm/tdx.h | 55 +++
37 files changed, 1893 insertions(+), 92 deletions(-)
create mode 100644 hw/core/tdvf-stub.c
create mode 100644 hw/i386/tdvf-hob.c
create mode 100644 hw/i386/tdvf-hob.h
create mode 100644 hw/i386/tdvf.c
create mode 100644 hw/i386/uefi.h
create mode 100644 include/hw/i386/tdvf.h
create mode 100644 include/sysemu/tdvf.h
create mode 100644 include/sysemu/tdx.h
create mode 100644 target/i386/kvm/tdx-stub.c
create mode 100644 target/i386/kvm/tdx.c
create mode 100644 target/i386/kvm/tdx.h
--
2.17.1
^ permalink raw reply [flat|nested] 54+ messages in thread
* [RFC PATCH 00/23] [RFC PATCH 00/24] TDX support
@ 2021-02-16 2:12 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:12 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, isaku.yamahata, kvm
This patch series is to enable TDX support.
This needs corresponding KVM patch for TDX[] and more patches are needed
that addresses generic corner cases, e.g. ACPI related stuff, are needed.
So This patch series is RFC.
More emulated devices and their behavior needs to be adjusted as some
operations are disallowed.
Patch series is organized as follows
1- 5 code refactoring and simple hooks that will be used later
6- 9 introduce kvm type and tdx type. disallow non-usable operations
10-15 wire up necessary TDX kvm ioctl to initialize TD guest
16-21 load TDVF and setup necessary info for TDVF
22-23 force x2apic and disable PIC
Isaku Yamahata (12):
kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl()
KVM: i386: use VM capability check for KVM_CAP_X86_SMM
vl: Introduce machine_init_done_late notifier
i386/kvm: Skip KVM_X86_SETUP_MCE for TDX guests
target/i386: kvm: don't synchronize guest tsc for TD guest
i386/tdx: Frame in the call for KVM_TDX_INIT_VCPU
hw/i386: Add definitions from UEFI spec for volumes, resources, etc...
i386/tdx: Add definitions for TDVF metadata
i386/tdx: Parse tdvf metadata and store the result into TdxGuest
i386/tdx: Create the TD HOB list upon machine init done
i386/tdx: Add TDVF memory via INIT_MEM_REGION
i386/tdx: Use KVM_TDX_INIT_VCPU to pass HOB to TDVF
Sean Christopherson (7):
target/i386: Expose x86_cpu_get_supported_feature_word() for TDX
i386/kvm: Move architectural CPUID leaf generation to separarte helper
i386/kvm: Squash getting/putting guest state for TDX VMs
i386/tdx: Frame in tdx_get_supported_cpuid with KVM_TDX_CAPABILITIES
i386/tdx: Add hook to require generic device loader
i386/tdx: Force x2apic mode and routing for TDs
target/i386: Add machine option to disable PIC/8259
Xiaoyao Li (4):
hw/i386: Introduce kvm-type for TDX guest
linux-headers: Update headers to pull in TDX API changes
hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX
target/i386/tdx: Finalize the TD's measurement when machine is done
accel/kvm/kvm-all.c | 4 +-
default-configs/devices/i386-softmmu.mak | 1 +
hw/core/generic-loader.c | 5 +
hw/core/machine.c | 26 ++
hw/core/meson.build | 3 +
hw/core/tdvf-stub.c | 6 +
hw/i386/Kconfig | 5 +
hw/i386/meson.build | 1 +
hw/i386/pc.c | 18 +
hw/i386/pc_piix.c | 4 +-
hw/i386/pc_q35.c | 4 +-
hw/i386/pc_sysfw.c | 6 +
hw/i386/tdvf-hob.c | 226 +++++++++++
hw/i386/tdvf-hob.h | 25 ++
hw/i386/tdvf.c | 305 ++++++++++++++
hw/i386/uefi.h | 496 +++++++++++++++++++++++
hw/i386/x86.c | 46 +++
hw/intc/apic_common.c | 12 +
include/hw/i386/apic.h | 1 +
include/hw/i386/apic_internal.h | 1 +
include/hw/i386/pc.h | 2 +
include/hw/i386/tdvf.h | 55 +++
include/hw/i386/x86.h | 1 +
include/sysemu/sysemu.h | 2 +
include/sysemu/tdvf.h | 6 +
include/sysemu/tdx.h | 15 +
linux-headers/asm-x86/kvm.h | 55 +++
linux-headers/linux/kvm.h | 2 +
target/i386/cpu.c | 4 +-
target/i386/cpu.h | 3 +
target/i386/kvm/kvm-stub.c | 5 +
target/i386/kvm/kvm.c | 227 +++++++----
target/i386/kvm/kvm_i386.h | 5 +
target/i386/kvm/meson.build | 1 +
target/i386/kvm/tdx-stub.c | 23 ++
target/i386/kvm/tdx.c | 329 +++++++++++++++
target/i386/kvm/tdx.h | 55 +++
37 files changed, 1893 insertions(+), 92 deletions(-)
create mode 100644 hw/core/tdvf-stub.c
create mode 100644 hw/i386/tdvf-hob.c
create mode 100644 hw/i386/tdvf-hob.h
create mode 100644 hw/i386/tdvf.c
create mode 100644 hw/i386/uefi.h
create mode 100644 include/hw/i386/tdvf.h
create mode 100644 include/sysemu/tdvf.h
create mode 100644 include/sysemu/tdx.h
create mode 100644 target/i386/kvm/tdx-stub.c
create mode 100644 target/i386/kvm/tdx.c
create mode 100644 target/i386/kvm/tdx.h
--
2.17.1
^ permalink raw reply [flat|nested] 54+ messages in thread
* [RFC PATCH 01/23] target/i386: Expose x86_cpu_get_supported_feature_word() for TDX
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:12 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:12 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
From: Sean Christopherson <sean.j.christopherson@intel.com>
Expose x86_cpu_get_supported_feature_word() outside of cpu.c so that it
can be used by TDX to setup the VM-wide CPUID configuration.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
target/i386/cpu.c | 4 ++--
target/i386/cpu.h | 3 +++
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 9c3d2d60b7..578e1fe25f 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -5043,8 +5043,8 @@ CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
return cpu_list;
}
-static uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
- bool migratable_only)
+uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
+ bool migratable_only)
{
FeatureWordInfo *wi = &feature_word_info[w];
uint64_t r = 0;
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 8d599bb5b8..7274e8d1b4 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1815,6 +1815,9 @@ void cpu_set_ignne(void);
/* mpx_helper.c */
void cpu_sync_bndcs_hflags(CPUX86State *env);
+uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
+ bool migratable_only);
+
/* this function must always be used to load data in the segment
cache: it synchronizes the hflags with the segment cache values */
static inline void cpu_x86_load_seg_cache(CPUX86State *env,
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 01/23] target/i386: Expose x86_cpu_get_supported_feature_word() for TDX
@ 2021-02-16 2:12 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:12 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
From: Sean Christopherson <sean.j.christopherson@intel.com>
Expose x86_cpu_get_supported_feature_word() outside of cpu.c so that it
can be used by TDX to setup the VM-wide CPUID configuration.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
target/i386/cpu.c | 4 ++--
target/i386/cpu.h | 3 +++
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 9c3d2d60b7..578e1fe25f 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -5043,8 +5043,8 @@ CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
return cpu_list;
}
-static uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
- bool migratable_only)
+uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
+ bool migratable_only)
{
FeatureWordInfo *wi = &feature_word_info[w];
uint64_t r = 0;
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 8d599bb5b8..7274e8d1b4 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1815,6 +1815,9 @@ void cpu_set_ignne(void);
/* mpx_helper.c */
void cpu_sync_bndcs_hflags(CPUX86State *env);
+uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
+ bool migratable_only);
+
/* this function must always be used to load data in the segment
cache: it synchronizes the hflags with the segment cache values */
static inline void cpu_x86_load_seg_cache(CPUX86State *env,
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 02/23] kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl()
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:12 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:12 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata
Switch to making a VM ioctl() call for KVM_CAP_READONLY_MEM, which may
be conditional on VM type in recent versions of KVM, e.g. when TDX is
supported.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
accel/kvm/kvm-all.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 47516913b7..351c25a5cb 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2164,7 +2164,7 @@ static int kvm_init(MachineState *ms)
}
kvm_readonly_mem_allowed =
- (kvm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
+ (kvm_vm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
kvm_eventfds_allowed =
(kvm_check_extension(s, KVM_CAP_IOEVENTFD) > 0);
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 02/23] kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl()
@ 2021-02-16 2:12 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:12 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, isaku.yamahata, kvm
Switch to making a VM ioctl() call for KVM_CAP_READONLY_MEM, which may
be conditional on VM type in recent versions of KVM, e.g. when TDX is
supported.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
accel/kvm/kvm-all.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 47516913b7..351c25a5cb 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2164,7 +2164,7 @@ static int kvm_init(MachineState *ms)
}
kvm_readonly_mem_allowed =
- (kvm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
+ (kvm_vm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
kvm_eventfds_allowed =
(kvm_check_extension(s, KVM_CAP_IOEVENTFD) > 0);
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 03/23] KVM: i386: use VM capability check for KVM_CAP_X86_SMM
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:12 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:12 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Isaku Yamahata
From: Isaku Yamahata <isaku.yamahata@linux.intel.com>
KVM_CAP_X86_SMM is VM-specific capability for TDX.
So use VM ioctl for KVM_CAP_X86_SMM.
Signed-off-by: Isaku Yamahata <isaku.yamahata@linux.intel.com>
---
target/i386/kvm/kvm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index e97f841757..8a04cf1337 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -136,7 +136,7 @@ int kvm_has_pit_state2(void)
bool kvm_has_smm(void)
{
- return kvm_check_extension(kvm_state, KVM_CAP_X86_SMM);
+ return kvm_vm_check_extension(kvm_state, KVM_CAP_X86_SMM);
}
bool kvm_has_adjust_clock_stable(void)
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 03/23] KVM: i386: use VM capability check for KVM_CAP_X86_SMM
@ 2021-02-16 2:12 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:12 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Isaku Yamahata, isaku.yamahata, kvm
From: Isaku Yamahata <isaku.yamahata@linux.intel.com>
KVM_CAP_X86_SMM is VM-specific capability for TDX.
So use VM ioctl for KVM_CAP_X86_SMM.
Signed-off-by: Isaku Yamahata <isaku.yamahata@linux.intel.com>
---
target/i386/kvm/kvm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index e97f841757..8a04cf1337 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -136,7 +136,7 @@ int kvm_has_pit_state2(void)
bool kvm_has_smm(void)
{
- return kvm_check_extension(kvm_state, KVM_CAP_X86_SMM);
+ return kvm_vm_check_extension(kvm_state, KVM_CAP_X86_SMM);
}
bool kvm_has_adjust_clock_stable(void)
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 04/23] i386/kvm: Move architectural CPUID leaf generation to separarte helper
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
From: Sean Christopherson <sean.j.christopherson@intel.com>
Move the architectural (for lack of a better term) CPUID leaf generation
to a separate helper so that the generation code can be reused by TDX,
which needs to generate a canonical VM-scoped configuration.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
target/i386/kvm/kvm.c | 170 +++++++++++++++++++------------------
target/i386/kvm/kvm_i386.h | 4 +
2 files changed, 93 insertions(+), 81 deletions(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 8a04cf1337..bb241d8aa1 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -1461,82 +1461,11 @@ static int hyperv_init_vcpu(X86CPU *cpu)
static Error *invtsc_mig_blocker;
-#define KVM_MAX_CPUID_ENTRIES 100
-
-int kvm_arch_init_vcpu(CPUState *cs)
+uint32_t kvm_x86_arch_cpuid(CPUX86State *env, struct kvm_cpuid_entry2 *entries,
+ uint32_t cpuid_i)
{
- struct {
- struct kvm_cpuid2 cpuid;
- struct kvm_cpuid_entry2 entries[KVM_MAX_CPUID_ENTRIES];
- } cpuid_data;
- /*
- * The kernel defines these structs with padding fields so there
- * should be no extra padding in our cpuid_data struct.
- */
- QEMU_BUILD_BUG_ON(sizeof(cpuid_data) !=
- sizeof(struct kvm_cpuid2) +
- sizeof(struct kvm_cpuid_entry2) * KVM_MAX_CPUID_ENTRIES);
-
- X86CPU *cpu = X86_CPU(cs);
- CPUX86State *env = &cpu->env;
- uint32_t limit, i, j, cpuid_i;
- uint32_t unused;
+ uint32_t limit, i, j, unused;
struct kvm_cpuid_entry2 *c;
- uint32_t signature[3];
- int kvm_base = KVM_CPUID_SIGNATURE;
- int max_nested_state_len;
- int r;
- Error *local_err = NULL;
-
- memset(&cpuid_data, 0, sizeof(cpuid_data));
-
- cpuid_i = 0;
-
- r = kvm_arch_set_tsc_khz(cs);
- if (r < 0) {
- return r;
- }
-
- /* vcpu's TSC frequency is either specified by user, or following
- * the value used by KVM if the former is not present. In the
- * latter case, we query it from KVM and record in env->tsc_khz,
- * so that vcpu's TSC frequency can be migrated later via this field.
- */
- if (!env->tsc_khz) {
- r = kvm_check_extension(cs->kvm_state, KVM_CAP_GET_TSC_KHZ) ?
- kvm_vcpu_ioctl(cs, KVM_GET_TSC_KHZ) :
- -ENOTSUP;
- if (r > 0) {
- env->tsc_khz = r;
- }
- }
-
- env->apic_bus_freq = KVM_APIC_BUS_FREQUENCY;
-
- /* Paravirtualization CPUIDs */
- r = hyperv_handle_properties(cs, cpuid_data.entries);
- if (r < 0) {
- return r;
- } else if (r > 0) {
- cpuid_i = r;
- kvm_base = KVM_CPUID_SIGNATURE_NEXT;
- has_msr_hv_hypercall = true;
- }
-
- if (cpu->expose_kvm) {
- memcpy(signature, "KVMKVMKVM\0\0\0", 12);
- c = &cpuid_data.entries[cpuid_i++];
- c->function = KVM_CPUID_SIGNATURE | kvm_base;
- c->eax = KVM_CPUID_FEATURES | kvm_base;
- c->ebx = signature[0];
- c->ecx = signature[1];
- c->edx = signature[2];
-
- c = &cpuid_data.entries[cpuid_i++];
- c->function = KVM_CPUID_FEATURES | kvm_base;
- c->eax = env->features[FEAT_KVM];
- c->edx = env->features[FEAT_KVM_HINTS];
- }
cpu_x86_cpuid(env, 0, 0, &limit, &unused, &unused, &unused);
@@ -1545,7 +1474,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
fprintf(stderr, "unsupported level value: 0x%x\n", limit);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
switch (i) {
case 2: {
@@ -1564,7 +1493,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
"cpuid(eax:2):eax & 0xf = 0x%x\n", times);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
c->function = i;
c->flags = KVM_CPUID_FLAG_STATEFUL_FUNC;
cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
@@ -1610,7 +1539,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
"cpuid(eax:0x%x,ecx:0x%x)\n", i, j);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
}
break;
case 0x7:
@@ -1629,7 +1558,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
"cpuid(eax:0x%x,ecx:0x%x)\n", i, j);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
c->function = i;
c->index = j;
c->flags = KVM_CPUID_FLAG_SIGNIFCANT_INDEX;
@@ -1686,7 +1615,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
fprintf(stderr, "unsupported xlevel value: 0x%x\n", limit);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
switch (i) {
case 0x8000001d:
@@ -1705,7 +1634,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
"cpuid(eax:0x%x,ecx:0x%x)\n", i, j);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
}
break;
default:
@@ -1732,7 +1661,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
fprintf(stderr, "unsupported xlevel2 value: 0x%x\n", limit);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
c->function = i;
c->flags = 0;
@@ -1740,6 +1669,85 @@ int kvm_arch_init_vcpu(CPUState *cs)
}
}
+ return cpuid_i;
+}
+
+int kvm_arch_init_vcpu(CPUState *cs)
+{
+ struct {
+ struct kvm_cpuid2 cpuid;
+ struct kvm_cpuid_entry2 entries[KVM_MAX_CPUID_ENTRIES];
+ } cpuid_data;
+ /*
+ * The kernel defines these structs with padding fields so there
+ * should be no extra padding in our cpuid_data struct.
+ */
+ QEMU_BUILD_BUG_ON(sizeof(cpuid_data) !=
+ sizeof(struct kvm_cpuid2) +
+ sizeof(struct kvm_cpuid_entry2) * KVM_MAX_CPUID_ENTRIES);
+
+ X86CPU *cpu = X86_CPU(cs);
+ CPUX86State *env = &cpu->env;
+ uint32_t cpuid_i;
+ struct kvm_cpuid_entry2 *c;
+ uint32_t signature[3];
+ int kvm_base = KVM_CPUID_SIGNATURE;
+ int max_nested_state_len;
+ int r;
+ Error *local_err = NULL;
+
+ memset(&cpuid_data, 0, sizeof(cpuid_data));
+
+ cpuid_i = 0;
+
+ r = kvm_arch_set_tsc_khz(cs);
+ if (r < 0) {
+ return r;
+ }
+
+ /*
+ * vcpu's TSC frequency is either specified by user, or following
+ * the value used by KVM if the former is not present. In the
+ * latter case, we query it from KVM and record in env->tsc_khz,
+ * so that vcpu's TSC frequency can be migrated later via this field.
+ */
+ if (!env->tsc_khz) {
+ r = kvm_check_extension(cs->kvm_state, KVM_CAP_GET_TSC_KHZ) ?
+ kvm_vcpu_ioctl(cs, KVM_GET_TSC_KHZ) :
+ -ENOTSUP;
+ if (r > 0) {
+ env->tsc_khz = r;
+ }
+ }
+
+ env->apic_bus_freq = KVM_APIC_BUS_FREQUENCY;
+
+ /* Paravirtualization CPUIDs */
+ r = hyperv_handle_properties(cs, cpuid_data.entries);
+ if (r < 0) {
+ return r;
+ } else if (r > 0) {
+ cpuid_i = r;
+ kvm_base = KVM_CPUID_SIGNATURE_NEXT;
+ has_msr_hv_hypercall = true;
+ }
+
+ if (cpu->expose_kvm) {
+ memcpy(signature, "KVMKVMKVM\0\0\0", 12);
+ c = &cpuid_data.entries[cpuid_i++];
+ c->function = KVM_CPUID_SIGNATURE | kvm_base;
+ c->eax = KVM_CPUID_FEATURES | kvm_base;
+ c->ebx = signature[0];
+ c->ecx = signature[1];
+ c->edx = signature[2];
+
+ c = &cpuid_data.entries[cpuid_i++];
+ c->function = KVM_CPUID_FEATURES | kvm_base;
+ c->eax = env->features[FEAT_KVM];
+ c->edx = env->features[FEAT_KVM_HINTS];
+ }
+
+ cpuid_i = kvm_x86_arch_cpuid(env, cpuid_data.entries, cpuid_i);
cpuid_data.cpuid.nent = cpuid_i;
if (((env->cpuid_version >> 8)&0xF) >= 6
diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h
index dc72508389..c9a92578b1 100644
--- a/target/i386/kvm/kvm_i386.h
+++ b/target/i386/kvm/kvm_i386.h
@@ -24,6 +24,10 @@
#define kvm_ioapic_in_kernel() \
(kvm_irqchip_in_kernel() && !kvm_irqchip_is_split())
+#define KVM_MAX_CPUID_ENTRIES 100
+uint32_t kvm_x86_arch_cpuid(CPUX86State *env, struct kvm_cpuid_entry2 *entries,
+ uint32_t cpuid_i);
+
#else
#define kvm_pit_in_kernel() 0
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 04/23] i386/kvm: Move architectural CPUID leaf generation to separarte helper
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
From: Sean Christopherson <sean.j.christopherson@intel.com>
Move the architectural (for lack of a better term) CPUID leaf generation
to a separate helper so that the generation code can be reused by TDX,
which needs to generate a canonical VM-scoped configuration.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
target/i386/kvm/kvm.c | 170 +++++++++++++++++++------------------
target/i386/kvm/kvm_i386.h | 4 +
2 files changed, 93 insertions(+), 81 deletions(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 8a04cf1337..bb241d8aa1 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -1461,82 +1461,11 @@ static int hyperv_init_vcpu(X86CPU *cpu)
static Error *invtsc_mig_blocker;
-#define KVM_MAX_CPUID_ENTRIES 100
-
-int kvm_arch_init_vcpu(CPUState *cs)
+uint32_t kvm_x86_arch_cpuid(CPUX86State *env, struct kvm_cpuid_entry2 *entries,
+ uint32_t cpuid_i)
{
- struct {
- struct kvm_cpuid2 cpuid;
- struct kvm_cpuid_entry2 entries[KVM_MAX_CPUID_ENTRIES];
- } cpuid_data;
- /*
- * The kernel defines these structs with padding fields so there
- * should be no extra padding in our cpuid_data struct.
- */
- QEMU_BUILD_BUG_ON(sizeof(cpuid_data) !=
- sizeof(struct kvm_cpuid2) +
- sizeof(struct kvm_cpuid_entry2) * KVM_MAX_CPUID_ENTRIES);
-
- X86CPU *cpu = X86_CPU(cs);
- CPUX86State *env = &cpu->env;
- uint32_t limit, i, j, cpuid_i;
- uint32_t unused;
+ uint32_t limit, i, j, unused;
struct kvm_cpuid_entry2 *c;
- uint32_t signature[3];
- int kvm_base = KVM_CPUID_SIGNATURE;
- int max_nested_state_len;
- int r;
- Error *local_err = NULL;
-
- memset(&cpuid_data, 0, sizeof(cpuid_data));
-
- cpuid_i = 0;
-
- r = kvm_arch_set_tsc_khz(cs);
- if (r < 0) {
- return r;
- }
-
- /* vcpu's TSC frequency is either specified by user, or following
- * the value used by KVM if the former is not present. In the
- * latter case, we query it from KVM and record in env->tsc_khz,
- * so that vcpu's TSC frequency can be migrated later via this field.
- */
- if (!env->tsc_khz) {
- r = kvm_check_extension(cs->kvm_state, KVM_CAP_GET_TSC_KHZ) ?
- kvm_vcpu_ioctl(cs, KVM_GET_TSC_KHZ) :
- -ENOTSUP;
- if (r > 0) {
- env->tsc_khz = r;
- }
- }
-
- env->apic_bus_freq = KVM_APIC_BUS_FREQUENCY;
-
- /* Paravirtualization CPUIDs */
- r = hyperv_handle_properties(cs, cpuid_data.entries);
- if (r < 0) {
- return r;
- } else if (r > 0) {
- cpuid_i = r;
- kvm_base = KVM_CPUID_SIGNATURE_NEXT;
- has_msr_hv_hypercall = true;
- }
-
- if (cpu->expose_kvm) {
- memcpy(signature, "KVMKVMKVM\0\0\0", 12);
- c = &cpuid_data.entries[cpuid_i++];
- c->function = KVM_CPUID_SIGNATURE | kvm_base;
- c->eax = KVM_CPUID_FEATURES | kvm_base;
- c->ebx = signature[0];
- c->ecx = signature[1];
- c->edx = signature[2];
-
- c = &cpuid_data.entries[cpuid_i++];
- c->function = KVM_CPUID_FEATURES | kvm_base;
- c->eax = env->features[FEAT_KVM];
- c->edx = env->features[FEAT_KVM_HINTS];
- }
cpu_x86_cpuid(env, 0, 0, &limit, &unused, &unused, &unused);
@@ -1545,7 +1474,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
fprintf(stderr, "unsupported level value: 0x%x\n", limit);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
switch (i) {
case 2: {
@@ -1564,7 +1493,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
"cpuid(eax:2):eax & 0xf = 0x%x\n", times);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
c->function = i;
c->flags = KVM_CPUID_FLAG_STATEFUL_FUNC;
cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
@@ -1610,7 +1539,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
"cpuid(eax:0x%x,ecx:0x%x)\n", i, j);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
}
break;
case 0x7:
@@ -1629,7 +1558,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
"cpuid(eax:0x%x,ecx:0x%x)\n", i, j);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
c->function = i;
c->index = j;
c->flags = KVM_CPUID_FLAG_SIGNIFCANT_INDEX;
@@ -1686,7 +1615,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
fprintf(stderr, "unsupported xlevel value: 0x%x\n", limit);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
switch (i) {
case 0x8000001d:
@@ -1705,7 +1634,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
"cpuid(eax:0x%x,ecx:0x%x)\n", i, j);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
}
break;
default:
@@ -1732,7 +1661,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
fprintf(stderr, "unsupported xlevel2 value: 0x%x\n", limit);
abort();
}
- c = &cpuid_data.entries[cpuid_i++];
+ c = &entries[cpuid_i++];
c->function = i;
c->flags = 0;
@@ -1740,6 +1669,85 @@ int kvm_arch_init_vcpu(CPUState *cs)
}
}
+ return cpuid_i;
+}
+
+int kvm_arch_init_vcpu(CPUState *cs)
+{
+ struct {
+ struct kvm_cpuid2 cpuid;
+ struct kvm_cpuid_entry2 entries[KVM_MAX_CPUID_ENTRIES];
+ } cpuid_data;
+ /*
+ * The kernel defines these structs with padding fields so there
+ * should be no extra padding in our cpuid_data struct.
+ */
+ QEMU_BUILD_BUG_ON(sizeof(cpuid_data) !=
+ sizeof(struct kvm_cpuid2) +
+ sizeof(struct kvm_cpuid_entry2) * KVM_MAX_CPUID_ENTRIES);
+
+ X86CPU *cpu = X86_CPU(cs);
+ CPUX86State *env = &cpu->env;
+ uint32_t cpuid_i;
+ struct kvm_cpuid_entry2 *c;
+ uint32_t signature[3];
+ int kvm_base = KVM_CPUID_SIGNATURE;
+ int max_nested_state_len;
+ int r;
+ Error *local_err = NULL;
+
+ memset(&cpuid_data, 0, sizeof(cpuid_data));
+
+ cpuid_i = 0;
+
+ r = kvm_arch_set_tsc_khz(cs);
+ if (r < 0) {
+ return r;
+ }
+
+ /*
+ * vcpu's TSC frequency is either specified by user, or following
+ * the value used by KVM if the former is not present. In the
+ * latter case, we query it from KVM and record in env->tsc_khz,
+ * so that vcpu's TSC frequency can be migrated later via this field.
+ */
+ if (!env->tsc_khz) {
+ r = kvm_check_extension(cs->kvm_state, KVM_CAP_GET_TSC_KHZ) ?
+ kvm_vcpu_ioctl(cs, KVM_GET_TSC_KHZ) :
+ -ENOTSUP;
+ if (r > 0) {
+ env->tsc_khz = r;
+ }
+ }
+
+ env->apic_bus_freq = KVM_APIC_BUS_FREQUENCY;
+
+ /* Paravirtualization CPUIDs */
+ r = hyperv_handle_properties(cs, cpuid_data.entries);
+ if (r < 0) {
+ return r;
+ } else if (r > 0) {
+ cpuid_i = r;
+ kvm_base = KVM_CPUID_SIGNATURE_NEXT;
+ has_msr_hv_hypercall = true;
+ }
+
+ if (cpu->expose_kvm) {
+ memcpy(signature, "KVMKVMKVM\0\0\0", 12);
+ c = &cpuid_data.entries[cpuid_i++];
+ c->function = KVM_CPUID_SIGNATURE | kvm_base;
+ c->eax = KVM_CPUID_FEATURES | kvm_base;
+ c->ebx = signature[0];
+ c->ecx = signature[1];
+ c->edx = signature[2];
+
+ c = &cpuid_data.entries[cpuid_i++];
+ c->function = KVM_CPUID_FEATURES | kvm_base;
+ c->eax = env->features[FEAT_KVM];
+ c->edx = env->features[FEAT_KVM_HINTS];
+ }
+
+ cpuid_i = kvm_x86_arch_cpuid(env, cpuid_data.entries, cpuid_i);
cpuid_data.cpuid.nent = cpuid_i;
if (((env->cpuid_version >> 8)&0xF) >= 6
diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h
index dc72508389..c9a92578b1 100644
--- a/target/i386/kvm/kvm_i386.h
+++ b/target/i386/kvm/kvm_i386.h
@@ -24,6 +24,10 @@
#define kvm_ioapic_in_kernel() \
(kvm_irqchip_in_kernel() && !kvm_irqchip_is_split())
+#define KVM_MAX_CPUID_ENTRIES 100
+uint32_t kvm_x86_arch_cpuid(CPUX86State *env, struct kvm_cpuid_entry2 *entries,
+ uint32_t cpuid_i);
+
#else
#define kvm_pit_in_kernel() 0
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 05/23] vl: Introduce machine_init_done_late notifier
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata
Introduce a new notifier, machine_init_done_late, that is notified after
machine_init_done. This will be used by TDX to generate the HOB for its
virtual firmware, which needs to be done after all guest memory has been
added, i.e. after machine_init_done notifiers have run.
some devices adds/updates memory region by machine_init_done notifier.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
hw/core/machine.c | 26 ++++++++++++++++++++++++++
include/sysemu/sysemu.h | 2 ++
2 files changed, 28 insertions(+)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 970046f438..02be08f3d1 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -1231,6 +1231,31 @@ void qemu_remove_machine_init_done_notifier(Notifier *notify)
notifier_remove(notify);
}
+static NotifierList machine_init_done_late_notifiers =
+ NOTIFIER_LIST_INITIALIZER(machine_init_done_late_notifiers);
+
+static bool machine_init_done_late;
+
+void qemu_add_machine_init_done_late_notifier(Notifier *notify)
+{
+ notifier_list_add(&machine_init_done_late_notifiers, notify);
+ if (machine_init_done_late) {
+ notify->notify(notify, NULL);
+ }
+}
+
+void qemu_remove_machine_init_done_late_notifier(Notifier *notify)
+{
+ notifier_remove(notify);
+}
+
+
+static void qemu_run_machine_init_done_late_notifiers(void)
+{
+ machine_init_done_late = true;
+ notifier_list_notify(&machine_init_done_late_notifiers, NULL);
+}
+
void qdev_machine_creation_done(void)
{
cpu_synchronize_all_post_init();
@@ -1264,6 +1289,7 @@ void qdev_machine_creation_done(void)
if (rom_check_and_register_reset() != 0) {
exit(1);
}
+ qemu_run_machine_init_done_late_notifiers();
replay_start();
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index 8fae667172..d44f8cf778 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -19,6 +19,8 @@ void qemu_remove_exit_notifier(Notifier *notify);
void qemu_run_machine_init_done_notifiers(void);
void qemu_add_machine_init_done_notifier(Notifier *notify);
void qemu_remove_machine_init_done_notifier(Notifier *notify);
+void qemu_add_machine_init_done_late_notifier(Notifier *notify);
+void qemu_remove_machine_init_done_late_notifier(Notifier *notify);
void configure_rtc(QemuOpts *opts);
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 05/23] vl: Introduce machine_init_done_late notifier
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, isaku.yamahata, kvm
Introduce a new notifier, machine_init_done_late, that is notified after
machine_init_done. This will be used by TDX to generate the HOB for its
virtual firmware, which needs to be done after all guest memory has been
added, i.e. after machine_init_done notifiers have run.
some devices adds/updates memory region by machine_init_done notifier.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
hw/core/machine.c | 26 ++++++++++++++++++++++++++
include/sysemu/sysemu.h | 2 ++
2 files changed, 28 insertions(+)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 970046f438..02be08f3d1 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -1231,6 +1231,31 @@ void qemu_remove_machine_init_done_notifier(Notifier *notify)
notifier_remove(notify);
}
+static NotifierList machine_init_done_late_notifiers =
+ NOTIFIER_LIST_INITIALIZER(machine_init_done_late_notifiers);
+
+static bool machine_init_done_late;
+
+void qemu_add_machine_init_done_late_notifier(Notifier *notify)
+{
+ notifier_list_add(&machine_init_done_late_notifiers, notify);
+ if (machine_init_done_late) {
+ notify->notify(notify, NULL);
+ }
+}
+
+void qemu_remove_machine_init_done_late_notifier(Notifier *notify)
+{
+ notifier_remove(notify);
+}
+
+
+static void qemu_run_machine_init_done_late_notifiers(void)
+{
+ machine_init_done_late = true;
+ notifier_list_notify(&machine_init_done_late_notifiers, NULL);
+}
+
void qdev_machine_creation_done(void)
{
cpu_synchronize_all_post_init();
@@ -1264,6 +1289,7 @@ void qdev_machine_creation_done(void)
if (rom_check_and_register_reset() != 0) {
exit(1);
}
+ qemu_run_machine_init_done_late_notifiers();
replay_start();
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index 8fae667172..d44f8cf778 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -19,6 +19,8 @@ void qemu_remove_exit_notifier(Notifier *notify);
void qemu_run_machine_init_done_notifiers(void);
void qemu_add_machine_init_done_notifier(Notifier *notify);
void qemu_remove_machine_init_done_notifier(Notifier *notify);
+void qemu_add_machine_init_done_late_notifier(Notifier *notify);
+void qemu_remove_machine_init_done_late_notifier(Notifier *notify);
void configure_rtc(QemuOpts *opts);
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 06/23] hw/i386: Introduce kvm-type for TDX guest
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
From: Xiaoyao Li <xiaoyao.li@intel.com>
Introduce a machine property, kvm-type, to allow the user to create a
Trusted Domain eXtensions (TDX) VM, a.k.a. a Trusted Domain (TD), e.g.:
# $QEMU \
-machine ...,kvm-type=tdx \
...
Only two types are supported: "legacy" and "tdx", with "legacy" being
the default.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
default-configs/devices/i386-softmmu.mak | 1 +
hw/i386/Kconfig | 5 +++
hw/i386/x86.c | 46 ++++++++++++++++++++++++
include/hw/i386/x86.h | 1 +
include/sysemu/tdx.h | 10 ++++++
target/i386/kvm/kvm-stub.c | 5 +++
target/i386/kvm/kvm.c | 15 ++++++++
target/i386/kvm/kvm_i386.h | 1 +
target/i386/kvm/meson.build | 1 +
target/i386/kvm/tdx-stub.c | 10 ++++++
target/i386/kvm/tdx.c | 30 ++++++++++++++++
11 files changed, 125 insertions(+)
create mode 100644 include/sysemu/tdx.h
create mode 100644 target/i386/kvm/tdx-stub.c
create mode 100644 target/i386/kvm/tdx.c
diff --git a/default-configs/devices/i386-softmmu.mak b/default-configs/devices/i386-softmmu.mak
index 84d1a2487c..6e805407b8 100644
--- a/default-configs/devices/i386-softmmu.mak
+++ b/default-configs/devices/i386-softmmu.mak
@@ -18,6 +18,7 @@
#CONFIG_QXL=n
#CONFIG_SEV=n
#CONFIG_SGA=n
+#CONFIG_TDX=n
#CONFIG_TEST_DEVICES=n
#CONFIG_TPM_CRB=n
#CONFIG_TPM_TIS_ISA=n
diff --git a/hw/i386/Kconfig b/hw/i386/Kconfig
index 7f91f30877..bc79e1e84a 100644
--- a/hw/i386/Kconfig
+++ b/hw/i386/Kconfig
@@ -2,6 +2,10 @@ config SEV
bool
depends on KVM
+config TDX
+ bool
+ depends on KVM
+
config PC
bool
imply APPLESMC
@@ -17,6 +21,7 @@ config PC
imply PVPANIC_ISA
imply QXL
imply SEV
+ imply TDX
imply SGA
imply TEST_DEVICES
imply TPM_CRB
diff --git a/hw/i386/x86.c b/hw/i386/x86.c
index 6329f90ef9..a4a0cc83dd 100644
--- a/hw/i386/x86.c
+++ b/hw/i386/x86.c
@@ -21,6 +21,7 @@
* THE SOFTWARE.
*/
#include "qemu/osdep.h"
+#include <linux/kvm.h>
#include "qemu/error-report.h"
#include "qemu/option.h"
#include "qemu/cutils.h"
@@ -31,6 +32,7 @@
#include "qapi/qmp/qerror.h"
#include "qapi/qapi-visit-common.h"
#include "qapi/visitor.h"
+#include "sysemu/kvm_int.h"
#include "sysemu/qtest.h"
#include "sysemu/whpx.h"
#include "sysemu/numa.h"
@@ -1199,6 +1201,43 @@ static void x86_machine_set_acpi(Object *obj, Visitor *v, const char *name,
visit_type_OnOffAuto(v, name, &x86ms->acpi, errp);
}
+static char *x86_get_kvm_type(Object *obj, Error **errp)
+{
+ X86MachineState *x86ms = X86_MACHINE(obj);
+
+ return g_strdup(x86ms->kvm_type);
+}
+
+
+static void x86_set_kvm_type(Object *obj, const char *value, Error **errp)
+{
+ X86MachineState *x86ms = X86_MACHINE(obj);
+
+ g_free(x86ms->kvm_type);
+ x86ms->kvm_type = g_strdup(value);
+}
+
+static int x86_kvm_type(MachineState *ms, const char *vm_type)
+{
+ int kvm_type;
+
+ if (!vm_type || !strcmp(vm_type, "") ||
+ !g_ascii_strcasecmp(vm_type, "legacy")) {
+ kvm_type = KVM_X86_LEGACY_VM;
+ } else if (!g_ascii_strcasecmp(vm_type, "tdx")) {
+ kvm_type = KVM_X86_TDX_VM;
+ } else {
+ error_report("Unknown kvm-type specified '%s'", vm_type);
+ exit(1);
+ }
+ if (kvm_set_vm_type(ms, kvm_type)) {
+ error_report("kvm-type '%s' not supported by KVM", vm_type);
+ exit(1);
+ }
+
+ return kvm_type;
+}
+
static void x86_machine_initfn(Object *obj)
{
X86MachineState *x86ms = X86_MACHINE(obj);
@@ -1207,6 +1246,12 @@ static void x86_machine_initfn(Object *obj)
x86ms->acpi = ON_OFF_AUTO_AUTO;
x86ms->smp_dies = 1;
x86ms->pci_irq_mask = ACPI_BUILD_PCI_IRQS;
+
+
+ object_property_add_str(obj, "kvm-type",
+ x86_get_kvm_type, x86_set_kvm_type);
+ object_property_set_description(obj, "kvm-type",
+ "KVM guest type (legacy, tdx)");
}
static void x86_machine_class_init(ObjectClass *oc, void *data)
@@ -1218,6 +1263,7 @@ static void x86_machine_class_init(ObjectClass *oc, void *data)
mc->cpu_index_to_instance_props = x86_cpu_index_to_props;
mc->get_default_cpu_node_id = x86_get_default_cpu_node_id;
mc->possible_cpu_arch_ids = x86_possible_cpu_arch_ids;
+ mc->kvm_type = x86_kvm_type;
x86mc->compat_apic_id_mode = false;
x86mc->save_tsc_khz = true;
nc->nmi_monitor_handler = x86_nmi;
diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h
index 56080bd1fb..05e3b738d1 100644
--- a/include/hw/i386/x86.h
+++ b/include/hw/i386/x86.h
@@ -56,6 +56,7 @@ struct X86MachineState {
/* RAM information (sizes, addresses, configuration): */
ram_addr_t below_4g_mem_size, above_4g_mem_size;
+ char *kvm_type;
/* CPU and apic information: */
bool apic_xrupt_override;
diff --git a/include/sysemu/tdx.h b/include/sysemu/tdx.h
new file mode 100644
index 0000000000..60ebded851
--- /dev/null
+++ b/include/sysemu/tdx.h
@@ -0,0 +1,10 @@
+#ifndef QEMU_TDX_H
+#define QEMU_TDX_H
+
+#ifndef CONFIG_USER_ONLY
+#include "sysemu/kvm.h"
+
+bool kvm_has_tdx(KVMState *s);
+#endif
+
+#endif
diff --git a/target/i386/kvm/kvm-stub.c b/target/i386/kvm/kvm-stub.c
index 92f49121b8..e9221de76f 100644
--- a/target/i386/kvm/kvm-stub.c
+++ b/target/i386/kvm/kvm-stub.c
@@ -39,3 +39,8 @@ bool kvm_hv_vpindex_settable(void)
{
return false;
}
+
+int kvm_set_vm_type(MachineState *ms, int kvm_type)
+{
+ return 0;
+}
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index bb241d8aa1..ab7a896bd2 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -26,6 +26,7 @@
#include "sysemu/hw_accel.h"
#include "sysemu/kvm_int.h"
#include "sysemu/runstate.h"
+#include "sysemu/tdx.h"
#include "kvm_i386.h"
#include "hyperv.h"
#include "hyperv-proto.h"
@@ -129,6 +130,20 @@ static bool has_msr_mcg_ext_ctl;
static struct kvm_cpuid2 *cpuid_cache;
static struct kvm_msr_list *kvm_feature_msrs;
+static int vm_type;
+
+int kvm_set_vm_type(MachineState *ms, int kvm_type)
+{
+ if (kvm_type == KVM_X86_LEGACY_VM ||
+ (kvm_type == KVM_X86_TDX_VM &&
+ kvm_has_tdx(KVM_STATE(ms->accelerator)))) {
+ vm_type = kvm_type;
+ return 0;
+ }
+
+ return -ENOTSUP;
+}
+
int kvm_has_pit_state2(void)
{
return has_pit_state2;
diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h
index c9a92578b1..8e63365162 100644
--- a/target/i386/kvm/kvm_i386.h
+++ b/target/i386/kvm/kvm_i386.h
@@ -41,6 +41,7 @@ bool kvm_has_adjust_clock(void);
bool kvm_has_adjust_clock_stable(void);
bool kvm_has_exception_payload(void);
void kvm_synchronize_all_tsc(void);
+int kvm_set_vm_type(MachineState *ms, int kvm_type);
void kvm_arch_reset_vcpu(X86CPU *cs);
void kvm_arch_do_init_vcpu(X86CPU *cs);
diff --git a/target/i386/kvm/meson.build b/target/i386/kvm/meson.build
index 1d66559187..03575e66ce 100644
--- a/target/i386/kvm/meson.build
+++ b/target/i386/kvm/meson.build
@@ -1,3 +1,4 @@
i386_ss.add(when: 'CONFIG_KVM', if_false: files('kvm-stub.c'))
i386_softmmu_ss.add(when: 'CONFIG_KVM', if_true: files('kvm.c'))
i386_softmmu_ss.add(when: 'CONFIG_HYPERV', if_true: files('hyperv.c'), if_false: files('hyperv-stub.c'))
+i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdx.c'), if_false: files('tdx-stub.c'))
diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
new file mode 100644
index 0000000000..e1eb09cae1
--- /dev/null
+++ b/target/i386/kvm/tdx-stub.c
@@ -0,0 +1,10 @@
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "sysemu/tdx.h"
+
+#ifndef CONFIG_USER_ONLY
+bool kvm_has_tdx(KVMState *s)
+{
+ return false;
+}
+#endif
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
new file mode 100644
index 0000000000..e62a570f75
--- /dev/null
+++ b/target/i386/kvm/tdx.c
@@ -0,0 +1,30 @@
+/*
+ * QEMU TDX support
+ *
+ * Copyright Intel
+ *
+ * Author:
+ * Xiaoyao Li <xiaoyao.li@intel.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory
+ *
+ */
+
+#include "qemu/osdep.h"
+
+#include <linux/kvm.h>
+
+#include "cpu.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+#include "qom/object_interfaces.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/kvm.h"
+#include "sysemu/kvm_int.h"
+#include "sysemu/tdx.h"
+
+bool kvm_has_tdx(KVMState *s)
+{
+ return !!(kvm_check_extension(s, KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM));
+}
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 06/23] hw/i386: Introduce kvm-type for TDX guest
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
From: Xiaoyao Li <xiaoyao.li@intel.com>
Introduce a machine property, kvm-type, to allow the user to create a
Trusted Domain eXtensions (TDX) VM, a.k.a. a Trusted Domain (TD), e.g.:
# $QEMU \
-machine ...,kvm-type=tdx \
...
Only two types are supported: "legacy" and "tdx", with "legacy" being
the default.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
default-configs/devices/i386-softmmu.mak | 1 +
hw/i386/Kconfig | 5 +++
hw/i386/x86.c | 46 ++++++++++++++++++++++++
include/hw/i386/x86.h | 1 +
include/sysemu/tdx.h | 10 ++++++
target/i386/kvm/kvm-stub.c | 5 +++
target/i386/kvm/kvm.c | 15 ++++++++
target/i386/kvm/kvm_i386.h | 1 +
target/i386/kvm/meson.build | 1 +
target/i386/kvm/tdx-stub.c | 10 ++++++
target/i386/kvm/tdx.c | 30 ++++++++++++++++
11 files changed, 125 insertions(+)
create mode 100644 include/sysemu/tdx.h
create mode 100644 target/i386/kvm/tdx-stub.c
create mode 100644 target/i386/kvm/tdx.c
diff --git a/default-configs/devices/i386-softmmu.mak b/default-configs/devices/i386-softmmu.mak
index 84d1a2487c..6e805407b8 100644
--- a/default-configs/devices/i386-softmmu.mak
+++ b/default-configs/devices/i386-softmmu.mak
@@ -18,6 +18,7 @@
#CONFIG_QXL=n
#CONFIG_SEV=n
#CONFIG_SGA=n
+#CONFIG_TDX=n
#CONFIG_TEST_DEVICES=n
#CONFIG_TPM_CRB=n
#CONFIG_TPM_TIS_ISA=n
diff --git a/hw/i386/Kconfig b/hw/i386/Kconfig
index 7f91f30877..bc79e1e84a 100644
--- a/hw/i386/Kconfig
+++ b/hw/i386/Kconfig
@@ -2,6 +2,10 @@ config SEV
bool
depends on KVM
+config TDX
+ bool
+ depends on KVM
+
config PC
bool
imply APPLESMC
@@ -17,6 +21,7 @@ config PC
imply PVPANIC_ISA
imply QXL
imply SEV
+ imply TDX
imply SGA
imply TEST_DEVICES
imply TPM_CRB
diff --git a/hw/i386/x86.c b/hw/i386/x86.c
index 6329f90ef9..a4a0cc83dd 100644
--- a/hw/i386/x86.c
+++ b/hw/i386/x86.c
@@ -21,6 +21,7 @@
* THE SOFTWARE.
*/
#include "qemu/osdep.h"
+#include <linux/kvm.h>
#include "qemu/error-report.h"
#include "qemu/option.h"
#include "qemu/cutils.h"
@@ -31,6 +32,7 @@
#include "qapi/qmp/qerror.h"
#include "qapi/qapi-visit-common.h"
#include "qapi/visitor.h"
+#include "sysemu/kvm_int.h"
#include "sysemu/qtest.h"
#include "sysemu/whpx.h"
#include "sysemu/numa.h"
@@ -1199,6 +1201,43 @@ static void x86_machine_set_acpi(Object *obj, Visitor *v, const char *name,
visit_type_OnOffAuto(v, name, &x86ms->acpi, errp);
}
+static char *x86_get_kvm_type(Object *obj, Error **errp)
+{
+ X86MachineState *x86ms = X86_MACHINE(obj);
+
+ return g_strdup(x86ms->kvm_type);
+}
+
+
+static void x86_set_kvm_type(Object *obj, const char *value, Error **errp)
+{
+ X86MachineState *x86ms = X86_MACHINE(obj);
+
+ g_free(x86ms->kvm_type);
+ x86ms->kvm_type = g_strdup(value);
+}
+
+static int x86_kvm_type(MachineState *ms, const char *vm_type)
+{
+ int kvm_type;
+
+ if (!vm_type || !strcmp(vm_type, "") ||
+ !g_ascii_strcasecmp(vm_type, "legacy")) {
+ kvm_type = KVM_X86_LEGACY_VM;
+ } else if (!g_ascii_strcasecmp(vm_type, "tdx")) {
+ kvm_type = KVM_X86_TDX_VM;
+ } else {
+ error_report("Unknown kvm-type specified '%s'", vm_type);
+ exit(1);
+ }
+ if (kvm_set_vm_type(ms, kvm_type)) {
+ error_report("kvm-type '%s' not supported by KVM", vm_type);
+ exit(1);
+ }
+
+ return kvm_type;
+}
+
static void x86_machine_initfn(Object *obj)
{
X86MachineState *x86ms = X86_MACHINE(obj);
@@ -1207,6 +1246,12 @@ static void x86_machine_initfn(Object *obj)
x86ms->acpi = ON_OFF_AUTO_AUTO;
x86ms->smp_dies = 1;
x86ms->pci_irq_mask = ACPI_BUILD_PCI_IRQS;
+
+
+ object_property_add_str(obj, "kvm-type",
+ x86_get_kvm_type, x86_set_kvm_type);
+ object_property_set_description(obj, "kvm-type",
+ "KVM guest type (legacy, tdx)");
}
static void x86_machine_class_init(ObjectClass *oc, void *data)
@@ -1218,6 +1263,7 @@ static void x86_machine_class_init(ObjectClass *oc, void *data)
mc->cpu_index_to_instance_props = x86_cpu_index_to_props;
mc->get_default_cpu_node_id = x86_get_default_cpu_node_id;
mc->possible_cpu_arch_ids = x86_possible_cpu_arch_ids;
+ mc->kvm_type = x86_kvm_type;
x86mc->compat_apic_id_mode = false;
x86mc->save_tsc_khz = true;
nc->nmi_monitor_handler = x86_nmi;
diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h
index 56080bd1fb..05e3b738d1 100644
--- a/include/hw/i386/x86.h
+++ b/include/hw/i386/x86.h
@@ -56,6 +56,7 @@ struct X86MachineState {
/* RAM information (sizes, addresses, configuration): */
ram_addr_t below_4g_mem_size, above_4g_mem_size;
+ char *kvm_type;
/* CPU and apic information: */
bool apic_xrupt_override;
diff --git a/include/sysemu/tdx.h b/include/sysemu/tdx.h
new file mode 100644
index 0000000000..60ebded851
--- /dev/null
+++ b/include/sysemu/tdx.h
@@ -0,0 +1,10 @@
+#ifndef QEMU_TDX_H
+#define QEMU_TDX_H
+
+#ifndef CONFIG_USER_ONLY
+#include "sysemu/kvm.h"
+
+bool kvm_has_tdx(KVMState *s);
+#endif
+
+#endif
diff --git a/target/i386/kvm/kvm-stub.c b/target/i386/kvm/kvm-stub.c
index 92f49121b8..e9221de76f 100644
--- a/target/i386/kvm/kvm-stub.c
+++ b/target/i386/kvm/kvm-stub.c
@@ -39,3 +39,8 @@ bool kvm_hv_vpindex_settable(void)
{
return false;
}
+
+int kvm_set_vm_type(MachineState *ms, int kvm_type)
+{
+ return 0;
+}
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index bb241d8aa1..ab7a896bd2 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -26,6 +26,7 @@
#include "sysemu/hw_accel.h"
#include "sysemu/kvm_int.h"
#include "sysemu/runstate.h"
+#include "sysemu/tdx.h"
#include "kvm_i386.h"
#include "hyperv.h"
#include "hyperv-proto.h"
@@ -129,6 +130,20 @@ static bool has_msr_mcg_ext_ctl;
static struct kvm_cpuid2 *cpuid_cache;
static struct kvm_msr_list *kvm_feature_msrs;
+static int vm_type;
+
+int kvm_set_vm_type(MachineState *ms, int kvm_type)
+{
+ if (kvm_type == KVM_X86_LEGACY_VM ||
+ (kvm_type == KVM_X86_TDX_VM &&
+ kvm_has_tdx(KVM_STATE(ms->accelerator)))) {
+ vm_type = kvm_type;
+ return 0;
+ }
+
+ return -ENOTSUP;
+}
+
int kvm_has_pit_state2(void)
{
return has_pit_state2;
diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h
index c9a92578b1..8e63365162 100644
--- a/target/i386/kvm/kvm_i386.h
+++ b/target/i386/kvm/kvm_i386.h
@@ -41,6 +41,7 @@ bool kvm_has_adjust_clock(void);
bool kvm_has_adjust_clock_stable(void);
bool kvm_has_exception_payload(void);
void kvm_synchronize_all_tsc(void);
+int kvm_set_vm_type(MachineState *ms, int kvm_type);
void kvm_arch_reset_vcpu(X86CPU *cs);
void kvm_arch_do_init_vcpu(X86CPU *cs);
diff --git a/target/i386/kvm/meson.build b/target/i386/kvm/meson.build
index 1d66559187..03575e66ce 100644
--- a/target/i386/kvm/meson.build
+++ b/target/i386/kvm/meson.build
@@ -1,3 +1,4 @@
i386_ss.add(when: 'CONFIG_KVM', if_false: files('kvm-stub.c'))
i386_softmmu_ss.add(when: 'CONFIG_KVM', if_true: files('kvm.c'))
i386_softmmu_ss.add(when: 'CONFIG_HYPERV', if_true: files('hyperv.c'), if_false: files('hyperv-stub.c'))
+i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdx.c'), if_false: files('tdx-stub.c'))
diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
new file mode 100644
index 0000000000..e1eb09cae1
--- /dev/null
+++ b/target/i386/kvm/tdx-stub.c
@@ -0,0 +1,10 @@
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "sysemu/tdx.h"
+
+#ifndef CONFIG_USER_ONLY
+bool kvm_has_tdx(KVMState *s)
+{
+ return false;
+}
+#endif
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
new file mode 100644
index 0000000000..e62a570f75
--- /dev/null
+++ b/target/i386/kvm/tdx.c
@@ -0,0 +1,30 @@
+/*
+ * QEMU TDX support
+ *
+ * Copyright Intel
+ *
+ * Author:
+ * Xiaoyao Li <xiaoyao.li@intel.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory
+ *
+ */
+
+#include "qemu/osdep.h"
+
+#include <linux/kvm.h>
+
+#include "cpu.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+#include "qom/object_interfaces.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/kvm.h"
+#include "sysemu/kvm_int.h"
+#include "sysemu/tdx.h"
+
+bool kvm_has_tdx(KVMState *s)
+{
+ return !!(kvm_check_extension(s, KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM));
+}
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 07/23] i386/kvm: Squash getting/putting guest state for TDX VMs
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
From: Sean Christopherson <sean.j.christopherson@intel.com>
Ignore get/put state of TDX VMs as accessing/mutating guest state of
producation TDs is not supported.
Allow kvm_arch_get_registers() to run as normal, except for MSRs, for
debug TDs, and silently ignores attempts to read guest state for
non-debug TDs.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
target/i386/kvm/kvm.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index ab7a896bd2..9c5f669b7c 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -2565,6 +2565,11 @@ void kvm_put_apicbase(X86CPU *cpu, uint64_t value)
{
int ret;
+ /* TODO: Allow accessing guest state for debug TDs. */
+ if (vm_type == KVM_X86_TDX_VM) {
+ return;
+ }
+
ret = kvm_put_one_msr(cpu, MSR_IA32_APICBASE, value);
assert(ret == 1);
}
@@ -4019,6 +4024,11 @@ int kvm_arch_put_registers(CPUState *cpu, int level)
assert(cpu_is_stopped(cpu) || qemu_cpu_is_self(cpu));
+ /* TODO: Allow accessing guest state for debug TDs. */
+ if (vm_type == KVM_X86_TDX_VM) {
+ return 0;
+ }
+
/* must be before kvm_put_nested_state so that EFER.SVME is set */
ret = kvm_put_sregs(x86_cpu);
if (ret < 0) {
@@ -4129,9 +4139,11 @@ int kvm_arch_get_registers(CPUState *cs)
if (ret < 0) {
goto out;
}
- ret = kvm_get_msrs(cpu);
- if (ret < 0) {
- goto out;
+ if (vm_type != KVM_X86_TDX_VM) {
+ ret = kvm_get_msrs(cpu);
+ if (ret < 0) {
+ goto out;
+ }
}
ret = kvm_get_apic(cpu);
if (ret < 0) {
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 07/23] i386/kvm: Squash getting/putting guest state for TDX VMs
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
From: Sean Christopherson <sean.j.christopherson@intel.com>
Ignore get/put state of TDX VMs as accessing/mutating guest state of
producation TDs is not supported.
Allow kvm_arch_get_registers() to run as normal, except for MSRs, for
debug TDs, and silently ignores attempts to read guest state for
non-debug TDs.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
target/i386/kvm/kvm.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index ab7a896bd2..9c5f669b7c 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -2565,6 +2565,11 @@ void kvm_put_apicbase(X86CPU *cpu, uint64_t value)
{
int ret;
+ /* TODO: Allow accessing guest state for debug TDs. */
+ if (vm_type == KVM_X86_TDX_VM) {
+ return;
+ }
+
ret = kvm_put_one_msr(cpu, MSR_IA32_APICBASE, value);
assert(ret == 1);
}
@@ -4019,6 +4024,11 @@ int kvm_arch_put_registers(CPUState *cpu, int level)
assert(cpu_is_stopped(cpu) || qemu_cpu_is_self(cpu));
+ /* TODO: Allow accessing guest state for debug TDs. */
+ if (vm_type == KVM_X86_TDX_VM) {
+ return 0;
+ }
+
/* must be before kvm_put_nested_state so that EFER.SVME is set */
ret = kvm_put_sregs(x86_cpu);
if (ret < 0) {
@@ -4129,9 +4139,11 @@ int kvm_arch_get_registers(CPUState *cs)
if (ret < 0) {
goto out;
}
- ret = kvm_get_msrs(cpu);
- if (ret < 0) {
- goto out;
+ if (vm_type != KVM_X86_TDX_VM) {
+ ret = kvm_get_msrs(cpu);
+ if (ret < 0) {
+ goto out;
+ }
}
ret = kvm_get_apic(cpu);
if (ret < 0) {
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 08/23] i386/kvm: Skip KVM_X86_SETUP_MCE for TDX guests
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata
Despite advertising MCE support to the guest, TDX-SEAM doesn't support
injecting #MCs into the guest. All of the associated setup is thus
rejected by KVM.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
target/i386/kvm/kvm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 9c5f669b7c..fb94cdd370 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -1768,7 +1768,8 @@ int kvm_arch_init_vcpu(CPUState *cs)
if (((env->cpuid_version >> 8)&0xF) >= 6
&& (env->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
(CPUID_MCE | CPUID_MCA)
- && kvm_check_extension(cs->kvm_state, KVM_CAP_MCE) > 0) {
+ && kvm_check_extension(cs->kvm_state, KVM_CAP_MCE) > 0
+ && vm_type != KVM_X86_TDX_VM) {
uint64_t mcg_cap, unsupported_caps;
int banks;
int ret;
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 08/23] i386/kvm: Skip KVM_X86_SETUP_MCE for TDX guests
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, isaku.yamahata, kvm
Despite advertising MCE support to the guest, TDX-SEAM doesn't support
injecting #MCs into the guest. All of the associated setup is thus
rejected by KVM.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
target/i386/kvm/kvm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 9c5f669b7c..fb94cdd370 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -1768,7 +1768,8 @@ int kvm_arch_init_vcpu(CPUState *cs)
if (((env->cpuid_version >> 8)&0xF) >= 6
&& (env->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
(CPUID_MCE | CPUID_MCA)
- && kvm_check_extension(cs->kvm_state, KVM_CAP_MCE) > 0) {
+ && kvm_check_extension(cs->kvm_state, KVM_CAP_MCE) > 0
+ && vm_type != KVM_X86_TDX_VM) {
uint64_t mcg_cap, unsupported_caps;
int banks;
int ret;
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 09/23] target/i386: kvm: don't synchronize guest tsc for TD guest
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata
Make kvm_synchronize_all_tsc() nop for TD-guest.
TDX module specification, 9.11.1 TSC Virtualization
"Virtual TSC values are consistent among all the TD;s VCPUs at the
level suppored by the CPU".
There is no need for qemu to synchronize tsc and VMM can't access
to guest TSC. Actually do_kvm_synchronize_tsc() hits assert due to
failure to write to guest tsc.
> qemu/target/i386/kvm.c:235: kvm_get_tsc: Assertion `ret == 1' failed.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
target/i386/kvm/kvm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index fb94cdd370..beb768a7d3 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -247,7 +247,7 @@ void kvm_synchronize_all_tsc(void)
{
CPUState *cpu;
- if (kvm_enabled()) {
+ if (kvm_enabled() && vm_type != KVM_X86_TDX_VM) {
CPU_FOREACH(cpu) {
run_on_cpu(cpu, do_kvm_synchronize_tsc, RUN_ON_CPU_NULL);
}
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 09/23] target/i386: kvm: don't synchronize guest tsc for TD guest
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, isaku.yamahata, kvm
Make kvm_synchronize_all_tsc() nop for TD-guest.
TDX module specification, 9.11.1 TSC Virtualization
"Virtual TSC values are consistent among all the TD;s VCPUs at the
level suppored by the CPU".
There is no need for qemu to synchronize tsc and VMM can't access
to guest TSC. Actually do_kvm_synchronize_tsc() hits assert due to
failure to write to guest tsc.
> qemu/target/i386/kvm.c:235: kvm_get_tsc: Assertion `ret == 1' failed.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
target/i386/kvm/kvm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index fb94cdd370..beb768a7d3 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -247,7 +247,7 @@ void kvm_synchronize_all_tsc(void)
{
CPUState *cpu;
- if (kvm_enabled()) {
+ if (kvm_enabled() && vm_type != KVM_X86_TDX_VM) {
CPU_FOREACH(cpu) {
run_on_cpu(cpu, do_kvm_synchronize_tsc, RUN_ON_CPU_NULL);
}
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 10/23] linux-headers: Update headers to pull in TDX API changes
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
From: Xiaoyao Li <xiaoyao.li@intel.com>
Pull in recent TDX updates, which are not backwards compatible.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
| 55 +++++++++++++++++++++++++++++++++++++
| 2 ++
2 files changed, 57 insertions(+)
--git a/linux-headers/asm-x86/kvm.h b/linux-headers/asm-x86/kvm.h
index 8e76d3701d..26d8197e41 100644
--- a/linux-headers/asm-x86/kvm.h
+++ b/linux-headers/asm-x86/kvm.h
@@ -487,4 +487,59 @@ struct kvm_pmu_event_filter {
#define KVM_PMU_EVENT_ALLOW 0
#define KVM_PMU_EVENT_DENY 1
+#define KVM_X86_LEGACY_VM 0
+#define KVM_X86_SW_PROTECTED_VM 1
+#define KVM_X86_TDX_VM 2
+
+/* Trust Domain eXtension command*/
+enum tdx_cmd_id {
+ KVM_TDX_CAPABILITIES = 0,
+ KVM_TDX_INIT_VM,
+ KVM_TDX_INIT_VCPU,
+ KVM_TDX_INIT_MEM_REGION,
+ KVM_TDX_FINALIZE_VM,
+
+ KVM_TDX_CMD_NR_MAX,
+};
+
+struct kvm_tdx_cmd {
+ __u32 id;
+ __u32 metadata;
+ __u64 data;
+};
+
+struct kvm_tdx_cpuid_config {
+ __u32 leaf;
+ __u32 sub_leaf;
+ __u32 eax;
+ __u32 ebx;
+ __u32 ecx;
+ __u32 edx;
+};
+
+struct kvm_tdx_capabilities {
+ __u64 attrs_fixed0;
+ __u64 attrs_fixed1;
+ __u64 xfam_fixed0;
+ __u64 xfam_fixed1;
+
+ __u32 nr_cpuid_configs;
+ struct kvm_tdx_cpuid_config cpuid_configs[0];
+};
+
+struct kvm_tdx_init_vm {
+ __u32 max_vcpus;
+ __u32 reserved;
+ __u64 attributes;
+ __u64 cpuid;
+};
+
+#define KVM_TDX_MEASURE_MEMORY_REGION (1UL << 0)
+
+struct kvm_tdx_init_mem_region {
+ __u64 source_addr;
+ __u64 gpa;
+ __u64 nr_pages;
+};
+
#endif /* _ASM_X86_KVM_H */
--git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index 020b62a619..0467c335a0 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -1057,6 +1057,8 @@ struct kvm_ppc_resize_hpt {
#define KVM_CAP_SYS_HYPERV_CPUID 191
#define KVM_CAP_DIRTY_LOG_RING 192
+#define KVM_CAP_VM_TYPES 1000
+
#ifdef KVM_CAP_IRQ_ROUTING
struct kvm_irq_routing_irqchip {
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 10/23] linux-headers: Update headers to pull in TDX API changes
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
From: Xiaoyao Li <xiaoyao.li@intel.com>
Pull in recent TDX updates, which are not backwards compatible.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
| 55 +++++++++++++++++++++++++++++++++++++
| 2 ++
2 files changed, 57 insertions(+)
--git a/linux-headers/asm-x86/kvm.h b/linux-headers/asm-x86/kvm.h
index 8e76d3701d..26d8197e41 100644
--- a/linux-headers/asm-x86/kvm.h
+++ b/linux-headers/asm-x86/kvm.h
@@ -487,4 +487,59 @@ struct kvm_pmu_event_filter {
#define KVM_PMU_EVENT_ALLOW 0
#define KVM_PMU_EVENT_DENY 1
+#define KVM_X86_LEGACY_VM 0
+#define KVM_X86_SW_PROTECTED_VM 1
+#define KVM_X86_TDX_VM 2
+
+/* Trust Domain eXtension command*/
+enum tdx_cmd_id {
+ KVM_TDX_CAPABILITIES = 0,
+ KVM_TDX_INIT_VM,
+ KVM_TDX_INIT_VCPU,
+ KVM_TDX_INIT_MEM_REGION,
+ KVM_TDX_FINALIZE_VM,
+
+ KVM_TDX_CMD_NR_MAX,
+};
+
+struct kvm_tdx_cmd {
+ __u32 id;
+ __u32 metadata;
+ __u64 data;
+};
+
+struct kvm_tdx_cpuid_config {
+ __u32 leaf;
+ __u32 sub_leaf;
+ __u32 eax;
+ __u32 ebx;
+ __u32 ecx;
+ __u32 edx;
+};
+
+struct kvm_tdx_capabilities {
+ __u64 attrs_fixed0;
+ __u64 attrs_fixed1;
+ __u64 xfam_fixed0;
+ __u64 xfam_fixed1;
+
+ __u32 nr_cpuid_configs;
+ struct kvm_tdx_cpuid_config cpuid_configs[0];
+};
+
+struct kvm_tdx_init_vm {
+ __u32 max_vcpus;
+ __u32 reserved;
+ __u64 attributes;
+ __u64 cpuid;
+};
+
+#define KVM_TDX_MEASURE_MEMORY_REGION (1UL << 0)
+
+struct kvm_tdx_init_mem_region {
+ __u64 source_addr;
+ __u64 gpa;
+ __u64 nr_pages;
+};
+
#endif /* _ASM_X86_KVM_H */
--git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index 020b62a619..0467c335a0 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -1057,6 +1057,8 @@ struct kvm_ppc_resize_hpt {
#define KVM_CAP_SYS_HYPERV_CPUID 191
#define KVM_CAP_DIRTY_LOG_RING 192
+#define KVM_CAP_VM_TYPES 1000
+
#ifdef KVM_CAP_IRQ_ROUTING
struct kvm_irq_routing_irqchip {
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 11/23] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
From: Xiaoyao Li <xiaoyao.li@intel.com>
Introduce tdx_ioctl() to invoke TDX specific sub-ioctls of
KVM_MEMORY_ENCRYPT_OP. Use tdx_ioctl() to invoke KVM_TDX_INIT, by way
of tdx_init(), during kvm_arch_init(). KVM_TDX_INIT configures global
TD state, e.g. the canonical CPUID config, and must be executed prior to
creating vCPUs.
Note, this doesn't address the fact that Qemu may change the CPUID
configuration when creating vCPUs, i.e. punts on refactoring Qemu to
provide a stable CPUID config prior to kvm_arch_init().
Explicitly set subleaf index and flags when adding CPUID
Set the index and flags when adding a CPUID entry to avoid propagating
stale state from a removed entry, e.g. when the CPUID 0x4 loop bails, it
can leave non-zero index and flags in the array.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
accel/kvm/kvm-all.c | 2 +
include/sysemu/tdx.h | 2 +
target/i386/kvm/tdx-stub.c | 4 ++
target/i386/kvm/tdx.c | 128 +++++++++++++++++++++++++++++++++++++
target/i386/kvm/tdx.h | 24 +++++++
5 files changed, 160 insertions(+)
create mode 100644 target/i386/kvm/tdx.h
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 351c25a5cb..cd13b8c94d 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -40,6 +40,7 @@
#include "trace.h"
#include "hw/irq.h"
#include "sysemu/sev.h"
+#include "sysemu/tdx.h"
#include "qapi/visitor.h"
#include "qapi/qapi-types-common.h"
#include "qapi/qapi-visit-common.h"
@@ -428,6 +429,7 @@ int kvm_init_vcpu(CPUState *cpu, Error **errp)
trace_kvm_init_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu));
+ tdx_pre_create_vcpu(cpu);
ret = kvm_get_vcpu(s, kvm_arch_vcpu_id(cpu));
if (ret < 0) {
error_setg_errno(errp, -ret, "kvm_init_vcpu: kvm_get_vcpu failed (%lu)",
diff --git a/include/sysemu/tdx.h b/include/sysemu/tdx.h
index 60ebded851..36a901e723 100644
--- a/include/sysemu/tdx.h
+++ b/include/sysemu/tdx.h
@@ -7,4 +7,6 @@
bool kvm_has_tdx(KVMState *s);
#endif
+void tdx_pre_create_vcpu(CPUState *cpu);
+
#endif
diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
index e1eb09cae1..93d5913c89 100644
--- a/target/i386/kvm/tdx-stub.c
+++ b/target/i386/kvm/tdx-stub.c
@@ -8,3 +8,7 @@ bool kvm_has_tdx(KVMState *s)
return false;
}
#endif
+
+void tdx_pre_create_vcpu(CPUState *cpu)
+{
+}
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index e62a570f75..00eda80725 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -14,8 +14,10 @@
#include "qemu/osdep.h"
#include <linux/kvm.h>
+#include <sys/ioctl.h>
#include "cpu.h"
+#include "kvm_i386.h"
#include "hw/boards.h"
#include "qapi/error.h"
#include "qom/object_interfaces.h"
@@ -23,8 +25,134 @@
#include "sysemu/kvm.h"
#include "sysemu/kvm_int.h"
#include "sysemu/tdx.h"
+#include "tdx.h"
+
+#define TDX1_TD_ATTRIBUTE_DEBUG BIT_ULL(0)
+#define TDX1_TD_ATTRIBUTE_PERFMON BIT_ULL(63)
bool kvm_has_tdx(KVMState *s)
{
return !!(kvm_check_extension(s, KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM));
}
+
+static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
+ __u32 metadata, void *data)
+{
+ struct kvm_tdx_cmd tdx_cmd;
+ int r;
+
+ memset(&tdx_cmd, 0x0, sizeof(tdx_cmd));
+
+ tdx_cmd.id = ioctl_no;
+ tdx_cmd.metadata = metadata;
+ tdx_cmd.data = (__u64)(unsigned long)data;
+
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ if (r) {
+ error_report("%s failed: %s", ioctl_name, strerror(-r));
+ exit(1);
+ }
+}
+#define tdx_ioctl(ioctl_no, metadata, data) \
+ __tdx_ioctl(ioctl_no, stringify(ioctl_no), metadata, data)
+
+void tdx_pre_create_vcpu(CPUState *cpu)
+{
+ struct {
+ struct kvm_cpuid2 cpuid;
+ struct kvm_cpuid_entry2 entries[KVM_MAX_CPUID_ENTRIES];
+ } cpuid_data;
+
+ /*
+ * The kernel defines these structs with padding fields so there
+ * should be no extra padding in our cpuid_data struct.
+ */
+ QEMU_BUILD_BUG_ON(sizeof(cpuid_data) !=
+ sizeof(struct kvm_cpuid2) +
+ sizeof(struct kvm_cpuid_entry2) *
+ KVM_MAX_CPUID_ENTRIES);
+
+ MachineState *ms = MACHINE(qdev_get_machine());
+ X86CPU *x86cpu = X86_CPU(cpu);
+ CPUX86State *env = &x86cpu->env;
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs),
+ TYPE_TDX_GUEST);
+ struct kvm_tdx_init_vm init_vm;
+
+ if (!tdx) {
+ return;
+ }
+
+ /* HACK: Remove MPX support, which is not allowed by TDX. */
+ env->features[FEAT_XSAVE_COMP_LO] &= ~(XSTATE_BNDREGS_MASK |
+ XSTATE_BNDCSR_MASK);
+
+ if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
+ error_report("TDX VM must support XSAVE features");
+ exit(1);
+ }
+
+ qemu_mutex_lock(&tdx->lock);
+ if (tdx->initialized) {
+ goto out;
+ }
+ tdx->initialized = true;
+
+ memset(&cpuid_data, 0, sizeof(cpuid_data));
+
+ cpuid_data.cpuid.nent = kvm_x86_arch_cpuid(env, cpuid_data.entries, 0);
+ cpuid_data.cpuid.padding = 0;
+
+ init_vm.max_vcpus = ms->smp.cpus;
+ init_vm.attributes = 0;
+ init_vm.attributes |= tdx->debug ? TDX1_TD_ATTRIBUTE_DEBUG : 0;
+ init_vm.attributes |= x86cpu->enable_pmu ? TDX1_TD_ATTRIBUTE_PERFMON : 0;
+
+ init_vm.cpuid = (__u64)(&cpuid_data);
+ tdx_ioctl(KVM_TDX_INIT_VM, 0, &init_vm);
+out:
+ qemu_mutex_unlock(&tdx->lock);
+}
+
+static bool tdx_guest_get_debug(Object *obj, Error **errp)
+{
+ TdxGuest *tdx = TDX_GUEST(obj);
+
+ return tdx->debug;
+}
+
+static void tdx_guest_set_debug(Object *obj, bool value, Error **errp)
+{
+ TdxGuest *tdx = TDX_GUEST(obj);
+
+ tdx->debug = value;
+}
+
+/* tdx guest */
+OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest,
+ tdx_guest,
+ TDX_GUEST,
+ CONFIDENTIAL_GUEST_SUPPORT,
+ { TYPE_USER_CREATABLE },
+ { NULL })
+
+static void tdx_guest_init(Object *obj)
+{
+ TdxGuest *tdx = TDX_GUEST(obj);
+
+ qemu_mutex_init(&tdx->lock);
+ tdx->debug = false;
+ object_property_add_bool(obj, "debug", tdx_guest_get_debug,
+ tdx_guest_set_debug);
+
+ /* TODO: move this after fully TD initialized */
+ tdx->parent_obj.ready = true;
+}
+
+static void tdx_guest_finalize(Object *obj)
+{
+}
+
+static void tdx_guest_class_init(ObjectClass *oc, void *data)
+{
+}
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
new file mode 100644
index 0000000000..6ad6c9a313
--- /dev/null
+++ b/target/i386/kvm/tdx.h
@@ -0,0 +1,24 @@
+#ifndef QEMU_I386_TDX_H
+#define QEMU_I386_TDX_H
+
+#include "qom/object.h"
+#include "exec/confidential-guest-support.h"
+
+#define TYPE_TDX_GUEST "tdx-guest"
+#define TDX_GUEST(obj) \
+ OBJECT_CHECK(TdxGuest, (obj), TYPE_TDX_GUEST)
+
+typedef struct TdxGuestClass {
+ ConfidentialGuestSupportClass parent_class;
+} TdxGuestClass;
+
+typedef struct TdxGuest {
+ ConfidentialGuestSupport parent_obj;
+
+ QemuMutex lock;
+
+ bool initialized;
+ bool debug;
+} TdxGuest;
+
+#endif
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 11/23] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
From: Xiaoyao Li <xiaoyao.li@intel.com>
Introduce tdx_ioctl() to invoke TDX specific sub-ioctls of
KVM_MEMORY_ENCRYPT_OP. Use tdx_ioctl() to invoke KVM_TDX_INIT, by way
of tdx_init(), during kvm_arch_init(). KVM_TDX_INIT configures global
TD state, e.g. the canonical CPUID config, and must be executed prior to
creating vCPUs.
Note, this doesn't address the fact that Qemu may change the CPUID
configuration when creating vCPUs, i.e. punts on refactoring Qemu to
provide a stable CPUID config prior to kvm_arch_init().
Explicitly set subleaf index and flags when adding CPUID
Set the index and flags when adding a CPUID entry to avoid propagating
stale state from a removed entry, e.g. when the CPUID 0x4 loop bails, it
can leave non-zero index and flags in the array.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
accel/kvm/kvm-all.c | 2 +
include/sysemu/tdx.h | 2 +
target/i386/kvm/tdx-stub.c | 4 ++
target/i386/kvm/tdx.c | 128 +++++++++++++++++++++++++++++++++++++
target/i386/kvm/tdx.h | 24 +++++++
5 files changed, 160 insertions(+)
create mode 100644 target/i386/kvm/tdx.h
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 351c25a5cb..cd13b8c94d 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -40,6 +40,7 @@
#include "trace.h"
#include "hw/irq.h"
#include "sysemu/sev.h"
+#include "sysemu/tdx.h"
#include "qapi/visitor.h"
#include "qapi/qapi-types-common.h"
#include "qapi/qapi-visit-common.h"
@@ -428,6 +429,7 @@ int kvm_init_vcpu(CPUState *cpu, Error **errp)
trace_kvm_init_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu));
+ tdx_pre_create_vcpu(cpu);
ret = kvm_get_vcpu(s, kvm_arch_vcpu_id(cpu));
if (ret < 0) {
error_setg_errno(errp, -ret, "kvm_init_vcpu: kvm_get_vcpu failed (%lu)",
diff --git a/include/sysemu/tdx.h b/include/sysemu/tdx.h
index 60ebded851..36a901e723 100644
--- a/include/sysemu/tdx.h
+++ b/include/sysemu/tdx.h
@@ -7,4 +7,6 @@
bool kvm_has_tdx(KVMState *s);
#endif
+void tdx_pre_create_vcpu(CPUState *cpu);
+
#endif
diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
index e1eb09cae1..93d5913c89 100644
--- a/target/i386/kvm/tdx-stub.c
+++ b/target/i386/kvm/tdx-stub.c
@@ -8,3 +8,7 @@ bool kvm_has_tdx(KVMState *s)
return false;
}
#endif
+
+void tdx_pre_create_vcpu(CPUState *cpu)
+{
+}
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index e62a570f75..00eda80725 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -14,8 +14,10 @@
#include "qemu/osdep.h"
#include <linux/kvm.h>
+#include <sys/ioctl.h>
#include "cpu.h"
+#include "kvm_i386.h"
#include "hw/boards.h"
#include "qapi/error.h"
#include "qom/object_interfaces.h"
@@ -23,8 +25,134 @@
#include "sysemu/kvm.h"
#include "sysemu/kvm_int.h"
#include "sysemu/tdx.h"
+#include "tdx.h"
+
+#define TDX1_TD_ATTRIBUTE_DEBUG BIT_ULL(0)
+#define TDX1_TD_ATTRIBUTE_PERFMON BIT_ULL(63)
bool kvm_has_tdx(KVMState *s)
{
return !!(kvm_check_extension(s, KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM));
}
+
+static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
+ __u32 metadata, void *data)
+{
+ struct kvm_tdx_cmd tdx_cmd;
+ int r;
+
+ memset(&tdx_cmd, 0x0, sizeof(tdx_cmd));
+
+ tdx_cmd.id = ioctl_no;
+ tdx_cmd.metadata = metadata;
+ tdx_cmd.data = (__u64)(unsigned long)data;
+
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ if (r) {
+ error_report("%s failed: %s", ioctl_name, strerror(-r));
+ exit(1);
+ }
+}
+#define tdx_ioctl(ioctl_no, metadata, data) \
+ __tdx_ioctl(ioctl_no, stringify(ioctl_no), metadata, data)
+
+void tdx_pre_create_vcpu(CPUState *cpu)
+{
+ struct {
+ struct kvm_cpuid2 cpuid;
+ struct kvm_cpuid_entry2 entries[KVM_MAX_CPUID_ENTRIES];
+ } cpuid_data;
+
+ /*
+ * The kernel defines these structs with padding fields so there
+ * should be no extra padding in our cpuid_data struct.
+ */
+ QEMU_BUILD_BUG_ON(sizeof(cpuid_data) !=
+ sizeof(struct kvm_cpuid2) +
+ sizeof(struct kvm_cpuid_entry2) *
+ KVM_MAX_CPUID_ENTRIES);
+
+ MachineState *ms = MACHINE(qdev_get_machine());
+ X86CPU *x86cpu = X86_CPU(cpu);
+ CPUX86State *env = &x86cpu->env;
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs),
+ TYPE_TDX_GUEST);
+ struct kvm_tdx_init_vm init_vm;
+
+ if (!tdx) {
+ return;
+ }
+
+ /* HACK: Remove MPX support, which is not allowed by TDX. */
+ env->features[FEAT_XSAVE_COMP_LO] &= ~(XSTATE_BNDREGS_MASK |
+ XSTATE_BNDCSR_MASK);
+
+ if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
+ error_report("TDX VM must support XSAVE features");
+ exit(1);
+ }
+
+ qemu_mutex_lock(&tdx->lock);
+ if (tdx->initialized) {
+ goto out;
+ }
+ tdx->initialized = true;
+
+ memset(&cpuid_data, 0, sizeof(cpuid_data));
+
+ cpuid_data.cpuid.nent = kvm_x86_arch_cpuid(env, cpuid_data.entries, 0);
+ cpuid_data.cpuid.padding = 0;
+
+ init_vm.max_vcpus = ms->smp.cpus;
+ init_vm.attributes = 0;
+ init_vm.attributes |= tdx->debug ? TDX1_TD_ATTRIBUTE_DEBUG : 0;
+ init_vm.attributes |= x86cpu->enable_pmu ? TDX1_TD_ATTRIBUTE_PERFMON : 0;
+
+ init_vm.cpuid = (__u64)(&cpuid_data);
+ tdx_ioctl(KVM_TDX_INIT_VM, 0, &init_vm);
+out:
+ qemu_mutex_unlock(&tdx->lock);
+}
+
+static bool tdx_guest_get_debug(Object *obj, Error **errp)
+{
+ TdxGuest *tdx = TDX_GUEST(obj);
+
+ return tdx->debug;
+}
+
+static void tdx_guest_set_debug(Object *obj, bool value, Error **errp)
+{
+ TdxGuest *tdx = TDX_GUEST(obj);
+
+ tdx->debug = value;
+}
+
+/* tdx guest */
+OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest,
+ tdx_guest,
+ TDX_GUEST,
+ CONFIDENTIAL_GUEST_SUPPORT,
+ { TYPE_USER_CREATABLE },
+ { NULL })
+
+static void tdx_guest_init(Object *obj)
+{
+ TdxGuest *tdx = TDX_GUEST(obj);
+
+ qemu_mutex_init(&tdx->lock);
+ tdx->debug = false;
+ object_property_add_bool(obj, "debug", tdx_guest_get_debug,
+ tdx_guest_set_debug);
+
+ /* TODO: move this after fully TD initialized */
+ tdx->parent_obj.ready = true;
+}
+
+static void tdx_guest_finalize(Object *obj)
+{
+}
+
+static void tdx_guest_class_init(ObjectClass *oc, void *data)
+{
+}
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
new file mode 100644
index 0000000000..6ad6c9a313
--- /dev/null
+++ b/target/i386/kvm/tdx.h
@@ -0,0 +1,24 @@
+#ifndef QEMU_I386_TDX_H
+#define QEMU_I386_TDX_H
+
+#include "qom/object.h"
+#include "exec/confidential-guest-support.h"
+
+#define TYPE_TDX_GUEST "tdx-guest"
+#define TDX_GUEST(obj) \
+ OBJECT_CHECK(TdxGuest, (obj), TYPE_TDX_GUEST)
+
+typedef struct TdxGuestClass {
+ ConfidentialGuestSupportClass parent_class;
+} TdxGuestClass;
+
+typedef struct TdxGuest {
+ ConfidentialGuestSupport parent_obj;
+
+ QemuMutex lock;
+
+ bool initialized;
+ bool debug;
+} TdxGuest;
+
+#endif
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 12/23] target/i386/tdx: Finalize the TD's measurement when machine is done
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata
From: Xiaoyao Li <xiaoyao.li@intel.com>
Invoke KVM_TDX_FINALIZEMR to finalize the TD's measurement and make the
TD vCPUs runnable once machine initialization is complete.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
target/i386/kvm/kvm.c | 7 +++++++
target/i386/kvm/tdx.c | 20 ++++++++++++++++++++
target/i386/kvm/tdx.h | 3 +++
3 files changed, 30 insertions(+)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index beb768a7d3..018a757dc6 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -51,6 +51,7 @@
#include "migration/blocker.h"
#include "exec/memattrs.h"
#include "trace.h"
+#include "tdx.h"
//#define DEBUG_KVM
@@ -2184,6 +2185,12 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
return ret;
}
+ ret = tdx_kvm_init(ms->cgs, &local_err);
+ if (ret < 0) {
+ error_report_err(local_err);
+ return ret;
+ }
+
if (!kvm_check_extension(s, KVM_CAP_IRQ_ROUTING)) {
error_report("kvm: KVM_CAP_IRQ_ROUTING not supported by KVM");
return -ENOTSUP;
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 00eda80725..d8b79e975f 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -56,6 +56,26 @@ static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
#define tdx_ioctl(ioctl_no, metadata, data) \
__tdx_ioctl(ioctl_no, stringify(ioctl_no), metadata, data)
+static void tdx_finalize_vm(Notifier *notifier, void *unused)
+{
+ tdx_ioctl(KVM_TDX_FINALIZE_VM, 0, NULL);
+}
+
+static Notifier tdx_machine_done_late_notify = {
+ .notify = tdx_finalize_vm,
+};
+
+int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
+{
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(cgs),
+ TYPE_TDX_GUEST);
+ if (tdx) {
+ qemu_add_machine_init_done_late_notifier(
+ &tdx_machine_done_late_notify);
+ }
+ return 0;
+}
+
void tdx_pre_create_vcpu(CPUState *cpu)
{
struct {
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
index 6ad6c9a313..e15657d272 100644
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@@ -2,6 +2,7 @@
#define QEMU_I386_TDX_H
#include "qom/object.h"
+#include "qapi/error.h"
#include "exec/confidential-guest-support.h"
#define TYPE_TDX_GUEST "tdx-guest"
@@ -21,4 +22,6 @@ typedef struct TdxGuest {
bool debug;
} TdxGuest;
+int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
+
#endif
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 12/23] target/i386/tdx: Finalize the TD's measurement when machine is done
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, isaku.yamahata, kvm
From: Xiaoyao Li <xiaoyao.li@intel.com>
Invoke KVM_TDX_FINALIZEMR to finalize the TD's measurement and make the
TD vCPUs runnable once machine initialization is complete.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
target/i386/kvm/kvm.c | 7 +++++++
target/i386/kvm/tdx.c | 20 ++++++++++++++++++++
target/i386/kvm/tdx.h | 3 +++
3 files changed, 30 insertions(+)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index beb768a7d3..018a757dc6 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -51,6 +51,7 @@
#include "migration/blocker.h"
#include "exec/memattrs.h"
#include "trace.h"
+#include "tdx.h"
//#define DEBUG_KVM
@@ -2184,6 +2185,12 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
return ret;
}
+ ret = tdx_kvm_init(ms->cgs, &local_err);
+ if (ret < 0) {
+ error_report_err(local_err);
+ return ret;
+ }
+
if (!kvm_check_extension(s, KVM_CAP_IRQ_ROUTING)) {
error_report("kvm: KVM_CAP_IRQ_ROUTING not supported by KVM");
return -ENOTSUP;
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 00eda80725..d8b79e975f 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -56,6 +56,26 @@ static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
#define tdx_ioctl(ioctl_no, metadata, data) \
__tdx_ioctl(ioctl_no, stringify(ioctl_no), metadata, data)
+static void tdx_finalize_vm(Notifier *notifier, void *unused)
+{
+ tdx_ioctl(KVM_TDX_FINALIZE_VM, 0, NULL);
+}
+
+static Notifier tdx_machine_done_late_notify = {
+ .notify = tdx_finalize_vm,
+};
+
+int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
+{
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(cgs),
+ TYPE_TDX_GUEST);
+ if (tdx) {
+ qemu_add_machine_init_done_late_notifier(
+ &tdx_machine_done_late_notify);
+ }
+ return 0;
+}
+
void tdx_pre_create_vcpu(CPUState *cpu)
{
struct {
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
index 6ad6c9a313..e15657d272 100644
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@@ -2,6 +2,7 @@
#define QEMU_I386_TDX_H
#include "qom/object.h"
+#include "qapi/error.h"
#include "exec/confidential-guest-support.h"
#define TYPE_TDX_GUEST "tdx-guest"
@@ -21,4 +22,6 @@ typedef struct TdxGuest {
bool debug;
} TdxGuest;
+int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
+
#endif
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 13/23] i386/tdx: Frame in tdx_get_supported_cpuid with KVM_TDX_CAPABILITIES
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
From: Sean Christopherson <sean.j.christopherson@intel.com>
Add support for grabbing KVM_TDX_CAPABILITIES and use the new
kvm_get_supported_cpuid() hook to adjust the supported XCR0 bits.
Add TODOs for the remaining work.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
target/i386/kvm/kvm.c | 2 ++
target/i386/kvm/tdx.c | 84 ++++++++++++++++++++++++++++++++++++++-----
target/i386/kvm/tdx.h | 2 ++
3 files changed, 80 insertions(+), 8 deletions(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 018a757dc6..e6f7015be8 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -441,6 +441,8 @@ uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint32_t function,
ret |= 1U << KVM_HINTS_REALTIME;
}
+ tdx_get_supported_cpuid(s, function, index, reg, &ret);
+
return ret;
}
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index d8b79e975f..9d4195a705 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -21,6 +21,7 @@
#include "hw/boards.h"
#include "qapi/error.h"
#include "qom/object_interfaces.h"
+#include "standard-headers/asm-x86/kvm_para.h"
#include "sysemu/sysemu.h"
#include "sysemu/kvm.h"
#include "sysemu/kvm_int.h"
@@ -47,7 +48,11 @@ static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
tdx_cmd.metadata = metadata;
tdx_cmd.data = (__u64)(unsigned long)data;
- r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ if (ioctl_no == KVM_TDX_CAPABILITIES) {
+ r = kvm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ } else {
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ }
if (r) {
error_report("%s failed: %s", ioctl_name, strerror(-r));
exit(1);
@@ -65,17 +70,83 @@ static Notifier tdx_machine_done_late_notify = {
.notify = tdx_finalize_vm,
};
+#define TDX1_MAX_NR_CPUID_CONFIGS 6
+
+static struct {
+ struct kvm_tdx_capabilities __caps;
+ struct kvm_tdx_cpuid_config __cpuid_configs[TDX1_MAX_NR_CPUID_CONFIGS];
+} __tdx_caps;
+
+static struct kvm_tdx_capabilities *tdx_caps = (void *)&__tdx_caps;
+
+#define XCR0_MASK (MAKE_64BIT_MASK(0, 8) | BIT_ULL(9))
+#define XSS_MASK (~XCR0_MASK)
+
int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
{
TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(cgs),
TYPE_TDX_GUEST);
- if (tdx) {
- qemu_add_machine_init_done_late_notifier(
- &tdx_machine_done_late_notify);
+ if (!tdx) {
+ return 0;
}
+
+ QEMU_BUILD_BUG_ON(sizeof(__tdx_caps) !=
+ sizeof(struct kvm_tdx_capabilities) +
+ sizeof(struct kvm_tdx_cpuid_config) *
+ TDX1_MAX_NR_CPUID_CONFIGS);
+
+ tdx_caps->nr_cpuid_configs = TDX1_MAX_NR_CPUID_CONFIGS;
+ tdx_ioctl(KVM_TDX_CAPABILITIES, 0, tdx_caps);
+
+ qemu_add_machine_init_done_late_notifier(&tdx_machine_done_late_notify);
return 0;
}
+void tdx_get_supported_cpuid(KVMState *s, uint32_t function,
+ uint32_t index, int reg, uint32_t *ret)
+{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs),
+ TYPE_TDX_GUEST);
+
+ if (!tdx) {
+ return;
+ }
+
+ switch (function) {
+ case 1:
+ if (reg == R_ECX) {
+ *ret &= ~CPUID_EXT_VMX;
+ }
+ break;
+ case 0xd:
+ if (index == 0) {
+ if (reg == R_EAX) {
+ *ret &= (uint32_t)tdx_caps->xfam_fixed0 & XCR0_MASK;
+ *ret |= (uint32_t)tdx_caps->xfam_fixed1 & XCR0_MASK;
+ } else if (reg == R_EDX) {
+ *ret &= (tdx_caps->xfam_fixed0 & XCR0_MASK) >> 32;
+ *ret |= (tdx_caps->xfam_fixed1 & XCR0_MASK) >> 32;
+ }
+ } else if (index == 1) {
+ /* TODO: Adjust XSS when it's supported. */
+ }
+ break;
+ case KVM_CPUID_FEATURES:
+ if (reg == R_EAX) {
+ *ret &= ~((1ULL << KVM_FEATURE_CLOCKSOURCE) |
+ (1ULL << KVM_FEATURE_CLOCKSOURCE2) |
+ (1ULL << KVM_FEATURE_CLOCKSOURCE_STABLE_BIT) |
+ (1ULL << KVM_FEATURE_ASYNC_PF) |
+ (1ULL << KVM_FEATURE_ASYNC_PF_VMEXIT));
+ }
+ break;
+ default:
+ /* TODO: Use tdx_caps to adjust CPUID leafs. */
+ break;
+ }
+}
+
void tdx_pre_create_vcpu(CPUState *cpu)
{
struct {
@@ -103,10 +174,7 @@ void tdx_pre_create_vcpu(CPUState *cpu)
return;
}
- /* HACK: Remove MPX support, which is not allowed by TDX. */
- env->features[FEAT_XSAVE_COMP_LO] &= ~(XSTATE_BNDREGS_MASK |
- XSTATE_BNDCSR_MASK);
-
+ /* TODO: Use tdx_caps to validate the config. */
if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
error_report("TDX VM must support XSAVE features");
exit(1);
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
index e15657d272..844d24aade 100644
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@@ -23,5 +23,7 @@ typedef struct TdxGuest {
} TdxGuest;
int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
+void tdx_get_supported_cpuid(KVMState *s, uint32_t function,
+ uint32_t index, int reg, uint32_t *ret);
#endif
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 13/23] i386/tdx: Frame in tdx_get_supported_cpuid with KVM_TDX_CAPABILITIES
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
From: Sean Christopherson <sean.j.christopherson@intel.com>
Add support for grabbing KVM_TDX_CAPABILITIES and use the new
kvm_get_supported_cpuid() hook to adjust the supported XCR0 bits.
Add TODOs for the remaining work.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
target/i386/kvm/kvm.c | 2 ++
target/i386/kvm/tdx.c | 84 ++++++++++++++++++++++++++++++++++++++-----
target/i386/kvm/tdx.h | 2 ++
3 files changed, 80 insertions(+), 8 deletions(-)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 018a757dc6..e6f7015be8 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -441,6 +441,8 @@ uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint32_t function,
ret |= 1U << KVM_HINTS_REALTIME;
}
+ tdx_get_supported_cpuid(s, function, index, reg, &ret);
+
return ret;
}
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index d8b79e975f..9d4195a705 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -21,6 +21,7 @@
#include "hw/boards.h"
#include "qapi/error.h"
#include "qom/object_interfaces.h"
+#include "standard-headers/asm-x86/kvm_para.h"
#include "sysemu/sysemu.h"
#include "sysemu/kvm.h"
#include "sysemu/kvm_int.h"
@@ -47,7 +48,11 @@ static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
tdx_cmd.metadata = metadata;
tdx_cmd.data = (__u64)(unsigned long)data;
- r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ if (ioctl_no == KVM_TDX_CAPABILITIES) {
+ r = kvm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ } else {
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ }
if (r) {
error_report("%s failed: %s", ioctl_name, strerror(-r));
exit(1);
@@ -65,17 +70,83 @@ static Notifier tdx_machine_done_late_notify = {
.notify = tdx_finalize_vm,
};
+#define TDX1_MAX_NR_CPUID_CONFIGS 6
+
+static struct {
+ struct kvm_tdx_capabilities __caps;
+ struct kvm_tdx_cpuid_config __cpuid_configs[TDX1_MAX_NR_CPUID_CONFIGS];
+} __tdx_caps;
+
+static struct kvm_tdx_capabilities *tdx_caps = (void *)&__tdx_caps;
+
+#define XCR0_MASK (MAKE_64BIT_MASK(0, 8) | BIT_ULL(9))
+#define XSS_MASK (~XCR0_MASK)
+
int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
{
TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(cgs),
TYPE_TDX_GUEST);
- if (tdx) {
- qemu_add_machine_init_done_late_notifier(
- &tdx_machine_done_late_notify);
+ if (!tdx) {
+ return 0;
}
+
+ QEMU_BUILD_BUG_ON(sizeof(__tdx_caps) !=
+ sizeof(struct kvm_tdx_capabilities) +
+ sizeof(struct kvm_tdx_cpuid_config) *
+ TDX1_MAX_NR_CPUID_CONFIGS);
+
+ tdx_caps->nr_cpuid_configs = TDX1_MAX_NR_CPUID_CONFIGS;
+ tdx_ioctl(KVM_TDX_CAPABILITIES, 0, tdx_caps);
+
+ qemu_add_machine_init_done_late_notifier(&tdx_machine_done_late_notify);
return 0;
}
+void tdx_get_supported_cpuid(KVMState *s, uint32_t function,
+ uint32_t index, int reg, uint32_t *ret)
+{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs),
+ TYPE_TDX_GUEST);
+
+ if (!tdx) {
+ return;
+ }
+
+ switch (function) {
+ case 1:
+ if (reg == R_ECX) {
+ *ret &= ~CPUID_EXT_VMX;
+ }
+ break;
+ case 0xd:
+ if (index == 0) {
+ if (reg == R_EAX) {
+ *ret &= (uint32_t)tdx_caps->xfam_fixed0 & XCR0_MASK;
+ *ret |= (uint32_t)tdx_caps->xfam_fixed1 & XCR0_MASK;
+ } else if (reg == R_EDX) {
+ *ret &= (tdx_caps->xfam_fixed0 & XCR0_MASK) >> 32;
+ *ret |= (tdx_caps->xfam_fixed1 & XCR0_MASK) >> 32;
+ }
+ } else if (index == 1) {
+ /* TODO: Adjust XSS when it's supported. */
+ }
+ break;
+ case KVM_CPUID_FEATURES:
+ if (reg == R_EAX) {
+ *ret &= ~((1ULL << KVM_FEATURE_CLOCKSOURCE) |
+ (1ULL << KVM_FEATURE_CLOCKSOURCE2) |
+ (1ULL << KVM_FEATURE_CLOCKSOURCE_STABLE_BIT) |
+ (1ULL << KVM_FEATURE_ASYNC_PF) |
+ (1ULL << KVM_FEATURE_ASYNC_PF_VMEXIT));
+ }
+ break;
+ default:
+ /* TODO: Use tdx_caps to adjust CPUID leafs. */
+ break;
+ }
+}
+
void tdx_pre_create_vcpu(CPUState *cpu)
{
struct {
@@ -103,10 +174,7 @@ void tdx_pre_create_vcpu(CPUState *cpu)
return;
}
- /* HACK: Remove MPX support, which is not allowed by TDX. */
- env->features[FEAT_XSAVE_COMP_LO] &= ~(XSTATE_BNDREGS_MASK |
- XSTATE_BNDCSR_MASK);
-
+ /* TODO: Use tdx_caps to validate the config. */
if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
error_report("TDX VM must support XSAVE features");
exit(1);
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
index e15657d272..844d24aade 100644
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@@ -23,5 +23,7 @@ typedef struct TdxGuest {
} TdxGuest;
int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
+void tdx_get_supported_cpuid(KVMState *s, uint32_t function,
+ uint32_t index, int reg, uint32_t *ret);
#endif
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 14/23] i386/tdx: Frame in the call for KVM_TDX_INIT_VCPU
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
include/sysemu/tdx.h | 1 +
target/i386/kvm/kvm.c | 8 ++++++++
target/i386/kvm/tdx-stub.c | 4 ++++
target/i386/kvm/tdx.c | 20 ++++++++++++++++----
4 files changed, 29 insertions(+), 4 deletions(-)
diff --git a/include/sysemu/tdx.h b/include/sysemu/tdx.h
index 36a901e723..03461b6ae8 100644
--- a/include/sysemu/tdx.h
+++ b/include/sysemu/tdx.h
@@ -8,5 +8,6 @@ bool kvm_has_tdx(KVMState *s);
#endif
void tdx_pre_create_vcpu(CPUState *cpu);
+void tdx_post_init_vcpu(CPUState *cpu);
#endif
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index e6f7015be8..52dbccedb5 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -4034,6 +4034,14 @@ int kvm_arch_put_registers(CPUState *cpu, int level)
assert(cpu_is_stopped(cpu) || qemu_cpu_is_self(cpu));
+ /*
+ * level == KVM_PUT_FULL_STATE is only set by
+ * kvm_cpu_synchronize_post_init() after initialization
+ */
+ if (vm_type == KVM_X86_TDX_VM && level == KVM_PUT_FULL_STATE) {
+ tdx_post_init_vcpu(cpu);
+ }
+
/* TODO: Allow accessing guest state for debug TDs. */
if (vm_type == KVM_X86_TDX_VM) {
return 0;
diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
index 93d5913c89..93afe07ddb 100644
--- a/target/i386/kvm/tdx-stub.c
+++ b/target/i386/kvm/tdx-stub.c
@@ -12,3 +12,7 @@ bool kvm_has_tdx(KVMState *s)
void tdx_pre_create_vcpu(CPUState *cpu)
{
}
+
+void tdx_post_init_vcpu(CPUState *cpu)
+{
+}
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 9d4195a705..d095dab662 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -36,7 +36,7 @@ bool kvm_has_tdx(KVMState *s)
return !!(kvm_check_extension(s, KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM));
}
-static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
+static void __tdx_ioctl(void *state, int ioctl_no, const char *ioctl_name,
__u32 metadata, void *data)
{
struct kvm_tdx_cmd tdx_cmd;
@@ -49,17 +49,21 @@ static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
tdx_cmd.data = (__u64)(unsigned long)data;
if (ioctl_no == KVM_TDX_CAPABILITIES) {
- r = kvm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ r = kvm_ioctl(state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ } else if (ioctl_no == KVM_TDX_INIT_VCPU) {
+ r = kvm_vcpu_ioctl(state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
} else {
- r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ r = kvm_vm_ioctl(state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
}
if (r) {
error_report("%s failed: %s", ioctl_name, strerror(-r));
exit(1);
}
}
+#define _tdx_ioctl(cpu, ioctl_no, metadata, data) \
+ __tdx_ioctl(cpu, ioctl_no, stringify(ioctl_no), metadata, data)
#define tdx_ioctl(ioctl_no, metadata, data) \
- __tdx_ioctl(ioctl_no, stringify(ioctl_no), metadata, data)
+ _tdx_ioctl(kvm_state, ioctl_no, metadata, data)
static void tdx_finalize_vm(Notifier *notifier, void *unused)
{
@@ -202,6 +206,14 @@ out:
qemu_mutex_unlock(&tdx->lock);
}
+void tdx_post_init_vcpu(CPUState *cpu)
+{
+ CPUX86State *env = &X86_CPU(cpu)->env;
+
+ _tdx_ioctl(cpu, KVM_TDX_INIT_VCPU, 0,
+ (void *)(unsigned long)env->regs[R_ECX]);
+}
+
static bool tdx_guest_get_debug(Object *obj, Error **errp)
{
TdxGuest *tdx = TDX_GUEST(obj);
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 14/23] i386/tdx: Frame in the call for KVM_TDX_INIT_VCPU
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
include/sysemu/tdx.h | 1 +
target/i386/kvm/kvm.c | 8 ++++++++
target/i386/kvm/tdx-stub.c | 4 ++++
target/i386/kvm/tdx.c | 20 ++++++++++++++++----
4 files changed, 29 insertions(+), 4 deletions(-)
diff --git a/include/sysemu/tdx.h b/include/sysemu/tdx.h
index 36a901e723..03461b6ae8 100644
--- a/include/sysemu/tdx.h
+++ b/include/sysemu/tdx.h
@@ -8,5 +8,6 @@ bool kvm_has_tdx(KVMState *s);
#endif
void tdx_pre_create_vcpu(CPUState *cpu);
+void tdx_post_init_vcpu(CPUState *cpu);
#endif
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index e6f7015be8..52dbccedb5 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -4034,6 +4034,14 @@ int kvm_arch_put_registers(CPUState *cpu, int level)
assert(cpu_is_stopped(cpu) || qemu_cpu_is_self(cpu));
+ /*
+ * level == KVM_PUT_FULL_STATE is only set by
+ * kvm_cpu_synchronize_post_init() after initialization
+ */
+ if (vm_type == KVM_X86_TDX_VM && level == KVM_PUT_FULL_STATE) {
+ tdx_post_init_vcpu(cpu);
+ }
+
/* TODO: Allow accessing guest state for debug TDs. */
if (vm_type == KVM_X86_TDX_VM) {
return 0;
diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
index 93d5913c89..93afe07ddb 100644
--- a/target/i386/kvm/tdx-stub.c
+++ b/target/i386/kvm/tdx-stub.c
@@ -12,3 +12,7 @@ bool kvm_has_tdx(KVMState *s)
void tdx_pre_create_vcpu(CPUState *cpu)
{
}
+
+void tdx_post_init_vcpu(CPUState *cpu)
+{
+}
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 9d4195a705..d095dab662 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -36,7 +36,7 @@ bool kvm_has_tdx(KVMState *s)
return !!(kvm_check_extension(s, KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM));
}
-static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
+static void __tdx_ioctl(void *state, int ioctl_no, const char *ioctl_name,
__u32 metadata, void *data)
{
struct kvm_tdx_cmd tdx_cmd;
@@ -49,17 +49,21 @@ static void __tdx_ioctl(int ioctl_no, const char *ioctl_name,
tdx_cmd.data = (__u64)(unsigned long)data;
if (ioctl_no == KVM_TDX_CAPABILITIES) {
- r = kvm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ r = kvm_ioctl(state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ } else if (ioctl_no == KVM_TDX_INIT_VCPU) {
+ r = kvm_vcpu_ioctl(state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
} else {
- r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ r = kvm_vm_ioctl(state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
}
if (r) {
error_report("%s failed: %s", ioctl_name, strerror(-r));
exit(1);
}
}
+#define _tdx_ioctl(cpu, ioctl_no, metadata, data) \
+ __tdx_ioctl(cpu, ioctl_no, stringify(ioctl_no), metadata, data)
#define tdx_ioctl(ioctl_no, metadata, data) \
- __tdx_ioctl(ioctl_no, stringify(ioctl_no), metadata, data)
+ _tdx_ioctl(kvm_state, ioctl_no, metadata, data)
static void tdx_finalize_vm(Notifier *notifier, void *unused)
{
@@ -202,6 +206,14 @@ out:
qemu_mutex_unlock(&tdx->lock);
}
+void tdx_post_init_vcpu(CPUState *cpu)
+{
+ CPUX86State *env = &X86_CPU(cpu)->env;
+
+ _tdx_ioctl(cpu, KVM_TDX_INIT_VCPU, 0,
+ (void *)(unsigned long)env->regs[R_ECX]);
+}
+
static bool tdx_guest_get_debug(Object *obj, Error **errp)
{
TdxGuest *tdx = TDX_GUEST(obj);
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 15/23] i386/tdx: Add hook to require generic device loader
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
From: Sean Christopherson <sean.j.christopherson@intel.com>
Add a hook for TDX to denote that the TD Virtual Firmware must be
provided via the "generic" device loader. Error out if pflash is used
in conjuction with TDX.
Suggested-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
hw/i386/pc_sysfw.c | 6 ++++++
include/sysemu/tdx.h | 2 ++
target/i386/kvm/tdx-stub.c | 5 +++++
target/i386/kvm/tdx.c | 25 +++++++++++++++++++++++++
4 files changed, 38 insertions(+)
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 11172214f1..65eed485ff 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -39,6 +39,7 @@
#include "hw/block/flash.h"
#include "sysemu/kvm.h"
#include "sysemu/sev.h"
+#include "sysemu/tdx.h"
#define FLASH_SECTOR_SIZE 4096
@@ -207,6 +208,11 @@ void pc_system_firmware_init(PCMachineState *pcms,
int i;
BlockBackend *pflash_blk[ARRAY_SIZE(pcms->flash)];
+ if (!tdx_system_firmware_init(pcms, rom_memory)) {
+ pc_system_flash_cleanup_unused(pcms);
+ return;
+ }
+
if (!pcmc->pci_enabled) {
x86_bios_rom_init(MACHINE(pcms), "bios.bin", rom_memory, true);
return;
diff --git a/include/sysemu/tdx.h b/include/sysemu/tdx.h
index 03461b6ae8..70eb01348f 100644
--- a/include/sysemu/tdx.h
+++ b/include/sysemu/tdx.h
@@ -3,8 +3,10 @@
#ifndef CONFIG_USER_ONLY
#include "sysemu/kvm.h"
+#include "hw/i386/pc.h"
bool kvm_has_tdx(KVMState *s);
+int tdx_system_firmware_init(PCMachineState *pcms, MemoryRegion *rom_memory);
#endif
void tdx_pre_create_vcpu(CPUState *cpu);
diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
index 93afe07ddb..4e1a0a4280 100644
--- a/target/i386/kvm/tdx-stub.c
+++ b/target/i386/kvm/tdx-stub.c
@@ -7,6 +7,11 @@ bool kvm_has_tdx(KVMState *s)
{
return false;
}
+
+int tdx_system_firmware_init(PCMachineState *pcms, MemoryRegion *rom_memory)
+{
+ return -ENOSYS;
+}
#endif
void tdx_pre_create_vcpu(CPUState *cpu)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index d095dab662..e8cd2a7672 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -106,6 +106,31 @@ int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
return 0;
}
+int tdx_system_firmware_init(PCMachineState *pcms, MemoryRegion *rom_memory)
+{
+ MachineState *ms = MACHINE(pcms);
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs),
+ TYPE_TDX_GUEST);
+ int i;
+
+ if (!tdx) {
+ return -ENOSYS;
+ }
+
+ /*
+ * Sanitiy check for tdx:
+ * TDX uses generic loader to load bios instead of pflash.
+ */
+ for (i = 0; i < ARRAY_SIZE(pcms->flash); i++) {
+ if (drive_get(IF_PFLASH, 0, i)) {
+ error_report("pflash not supported by VM type, "
+ "use -device loader,file=<path>");
+ exit(1);
+ }
+ }
+ return 0;
+}
+
void tdx_get_supported_cpuid(KVMState *s, uint32_t function,
uint32_t index, int reg, uint32_t *ret)
{
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 15/23] i386/tdx: Add hook to require generic device loader
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
From: Sean Christopherson <sean.j.christopherson@intel.com>
Add a hook for TDX to denote that the TD Virtual Firmware must be
provided via the "generic" device loader. Error out if pflash is used
in conjuction with TDX.
Suggested-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
hw/i386/pc_sysfw.c | 6 ++++++
include/sysemu/tdx.h | 2 ++
target/i386/kvm/tdx-stub.c | 5 +++++
target/i386/kvm/tdx.c | 25 +++++++++++++++++++++++++
4 files changed, 38 insertions(+)
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 11172214f1..65eed485ff 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -39,6 +39,7 @@
#include "hw/block/flash.h"
#include "sysemu/kvm.h"
#include "sysemu/sev.h"
+#include "sysemu/tdx.h"
#define FLASH_SECTOR_SIZE 4096
@@ -207,6 +208,11 @@ void pc_system_firmware_init(PCMachineState *pcms,
int i;
BlockBackend *pflash_blk[ARRAY_SIZE(pcms->flash)];
+ if (!tdx_system_firmware_init(pcms, rom_memory)) {
+ pc_system_flash_cleanup_unused(pcms);
+ return;
+ }
+
if (!pcmc->pci_enabled) {
x86_bios_rom_init(MACHINE(pcms), "bios.bin", rom_memory, true);
return;
diff --git a/include/sysemu/tdx.h b/include/sysemu/tdx.h
index 03461b6ae8..70eb01348f 100644
--- a/include/sysemu/tdx.h
+++ b/include/sysemu/tdx.h
@@ -3,8 +3,10 @@
#ifndef CONFIG_USER_ONLY
#include "sysemu/kvm.h"
+#include "hw/i386/pc.h"
bool kvm_has_tdx(KVMState *s);
+int tdx_system_firmware_init(PCMachineState *pcms, MemoryRegion *rom_memory);
#endif
void tdx_pre_create_vcpu(CPUState *cpu);
diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
index 93afe07ddb..4e1a0a4280 100644
--- a/target/i386/kvm/tdx-stub.c
+++ b/target/i386/kvm/tdx-stub.c
@@ -7,6 +7,11 @@ bool kvm_has_tdx(KVMState *s)
{
return false;
}
+
+int tdx_system_firmware_init(PCMachineState *pcms, MemoryRegion *rom_memory)
+{
+ return -ENOSYS;
+}
#endif
void tdx_pre_create_vcpu(CPUState *cpu)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index d095dab662..e8cd2a7672 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -106,6 +106,31 @@ int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
return 0;
}
+int tdx_system_firmware_init(PCMachineState *pcms, MemoryRegion *rom_memory)
+{
+ MachineState *ms = MACHINE(pcms);
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs),
+ TYPE_TDX_GUEST);
+ int i;
+
+ if (!tdx) {
+ return -ENOSYS;
+ }
+
+ /*
+ * Sanitiy check for tdx:
+ * TDX uses generic loader to load bios instead of pflash.
+ */
+ for (i = 0; i < ARRAY_SIZE(pcms->flash); i++) {
+ if (drive_get(IF_PFLASH, 0, i)) {
+ error_report("pflash not supported by VM type, "
+ "use -device loader,file=<path>");
+ exit(1);
+ }
+ }
+ return 0;
+}
+
void tdx_get_supported_cpuid(KVMState *s, uint32_t function,
uint32_t index, int reg, uint32_t *ret)
{
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 16/23] hw/i386: Add definitions from UEFI spec for volumes, resources, etc...
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata
Add definitions for literals, enums, structs, GUIDs, etc... that will be
used by TDX to build the UEFI Hand-Off Block (HOB) that is passed to the
Trusted Domain Virtual Firmware (TDVF). All values come from the UEFI
specification.
note: EFI_RESOURCE_ATTRIBUTE_{ENCRYPTED, UNACCEPTED}, will be added
in future UEFI spec.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
hw/i386/uefi.h | 496 +++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 496 insertions(+)
create mode 100644 hw/i386/uefi.h
diff --git a/hw/i386/uefi.h b/hw/i386/uefi.h
new file mode 100644
index 0000000000..2ff6eeaa9e
--- /dev/null
+++ b/hw/i386/uefi.h
@@ -0,0 +1,496 @@
+/*
+ * Copyright (C) 2020 Intel Corporation
+ *
+ * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
+ * <isaku.yamahata at intel.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef HW_I386_UEFI_H
+#define HW_I386_UEFI_H
+
+/***************************************************************************/
+/*
+ * basic EFI definitions
+ * supplemented with UEFI Specification Version 2.8 (Errata A)
+ * released February 2020
+ */
+/* UEFI integer is little endian */
+
+typedef struct {
+ uint32_t Data1;
+ uint16_t Data2;
+ uint16_t Data3;
+ uint8_t Data4[8];
+} EFI_GUID;
+
+typedef uint64_t EFI_PHYSICAL_ADDRESS;
+typedef uint32_t EFI_BOOT_MODE;
+
+typedef enum {
+ EfiReservedMemoryType,
+ EfiLoaderCode,
+ EfiLoaderData,
+ EfiBootServicesCode,
+ EfiBootServicesData,
+ EfiRuntimeServicesCode,
+ EfiRuntimeServicesData,
+ EfiConventionalMemory,
+ EfiUnusableMemory,
+ EfiACPIReclaimMemory,
+ EfiACPIMemoryNVS,
+ EfiMemoryMappedIO,
+ EfiMemoryMappedIOPortSpace,
+ EfiPalCode,
+ EfiPersistentMemory,
+ EfiMaxMemoryType
+} EFI_MEMORY_TYPE;
+
+
+/*
+ * data structure firmware volume/file
+ * based on
+ * UEFI Platform Initialization Specification Version 1.7. vol 3, 3.2.1
+ */
+
+#define SIGNATURE_16(A, B) (((A) | (B << 8)))
+#define SIGNATURE_32(A, B, C, D) (((A) | (B << 8) | (C << 16) | (D << 24)))
+#define SIGNATURE_64(A, B, C, D, E, F, G, H) \
+ (SIGNATURE_32(A, B, C, D) | ((uint64_t) (SIGNATURE_32(E, F, G, H)) << 32))
+
+/***************************************************************************/
+/* Firmware Volume format */
+
+typedef uint32_t EFI_FV_FILE_ATTRIBUTES;
+
+
+#define EFI_FV_FILE_ATTRIB_ALIGNMENT 0x0000001F
+#define EFI_FV_FILE_ATTRIB_FIXED 0x00000100
+#define EFI_FV_FILE_ATTRIB_MEMORY_MAPPED 0x00000200
+
+typedef uint32_t EFI_FVB_ATTRIBUTES_2;
+
+
+#define EFI_FVB2_READ_DISABLED_CAP 0x00000001
+#define EFI_FVB2_READ_ENABLED_CAP 0x00000002
+#define EFI_FVB2_READ_STATUS 0x00000004
+#define EFI_FVB2_WRITE_DISABLED_CAP 0x00000008
+#define EFI_FVB2_WRITE_ENABLED_CAP 0x00000010
+#define EFI_FVB2_WRITE_STATUS 0x00000020
+#define EFI_FVB2_LOCK_CAP 0x00000040
+#define EFI_FVB2_LOCK_STATUS 0x00000080
+#define EFI_FVB2_STICKY_WRITE 0x00000200
+#define EFI_FVB2_MEMORY_MAPPED 0x00000400
+#define EFI_FVB2_ERASE_POLARITY 0x00000800
+#define EFI_FVB2_READ_LOCK_CAP 0x00001000
+#define EFI_FVB2_READ_LOCK_STATUS 0x00002000
+#define EFI_FVB2_WRITE_LOCK_CAP 0x00004000
+#define EFI_FVB2_WRITE_LOCK_STATUS 0x00008000
+#define EFI_FVB2_ALIGNMENT 0x001F0000
+#define EFI_FVB2_WEAK_ALIGNMENT 0x80000000
+#define EFI_FVB2_ALIGNMENT_1 0x00000000
+#define EFI_FVB2_ALIGNMENT_2 0x00010000
+#define EFI_FVB2_ALIGNMENT_4 0x00020000
+#define EFI_FVB2_ALIGNMENT_8 0x00030000
+#define EFI_FVB2_ALIGNMENT_16 0x00040000
+#define EFI_FVB2_ALIGNMENT_32 0x00050000
+#define EFI_FVB2_ALIGNMENT_64 0x00060000
+#define EFI_FVB2_ALIGNMENT_128 0x00070000
+#define EFI_FVB2_ALIGNMENT_256 0x00080000
+#define EFI_FVB2_ALIGNMENT_512 0x00090000
+#define EFI_FVB2_ALIGNMENT_1K 0x000A0000
+#define EFI_FVB2_ALIGNMENT_2K 0x000B0000
+#define EFI_FVB2_ALIGNMENT_4K 0x000C0000
+#define EFI_FVB2_ALIGNMENT_8K 0x000D0000
+#define EFI_FVB2_ALIGNMENT_16K 0x000E0000
+#define EFI_FVB2_ALIGNMENT_32K 0x000F0000
+#define EFI_FVB2_ALIGNMENT_64K 0x00100000
+#define EFI_FVB2_ALIGNMENT_128K 0x00110000
+#define EFI_FVB2_ALIGNMENT_256K 0x00120000
+#define EFI_FVB2_ALIGNMENT_512K 0x00130000
+#define EFI_FVB2_ALIGNMENT_1M 0x00140000
+#define EFI_FVB2_ALIGNMENT_2M 0x00150000
+#define EFI_FVB2_ALIGNMENT_4M 0x00160000
+#define EFI_FVB2_ALIGNMENT_8M 0x00170000
+#define EFI_FVB2_ALIGNMENT_16M 0x00180000
+#define EFI_FVB2_ALIGNMENT_32M 0x00190000
+#define EFI_FVB2_ALIGNMENT_64M 0x001A0000
+#define EFI_FVB2_ALIGNMENT_128M 0x001B0000
+#define EFI_FVB2_ALIGNMENT_256M 0x001C0000
+#define EFI_FVB2_ALIGNMENT_512M 0x001D0000
+#define EFI_FVB2_ALIGNMENT_1G 0x001E0000
+#define EFI_FVB2_ALIGNMENT_2G 0x001F0000
+
+typedef struct {
+ uint32_t NumBlocks;
+ uint32_t Length;
+} EFI_FV_BLOCK_MAP_ENTRY;
+
+typedef struct {
+ uint8_t ZeroVector[16];
+ EFI_GUID FileSystemGuid;
+ uint64_t FvLength;
+ uint32_t Signature;
+ EFI_FVB_ATTRIBUTES_2 Attributes;
+ uint16_t HeaderLength;
+ uint16_t Checksum;
+ uint16_t ExtHeaderOffset;
+ uint8_t Reserved[1];
+ uint8_t Revision;
+ EFI_FV_BLOCK_MAP_ENTRY BlockMap[1];
+} EFI_FIRMWARE_VOLUME_HEADER;
+
+#define EFI_FVH_SIGNATURE SIGNATURE_32('_', 'F', 'V', 'H')
+
+#define EFI_FVH_REVISION 0x02
+
+typedef struct {
+ EFI_GUID FvName;
+ uint32_t ExtHeaderSize;
+} EFI_FIRMWARE_VOLUME_EXT_HEADER;
+
+typedef struct {
+ uint16_t ExtEntrySize;
+ uint16_t ExtEntryType;
+} EFI_FIRMWARE_VOLUME_EXT_ENTRY;
+
+#define EFI_FV_EXT_TYPE_OEM_TYPE 0x01
+typedef struct {
+ EFI_FIRMWARE_VOLUME_EXT_ENTRY Hdr;
+ uint32_t TypeMask;
+
+ EFI_GUID Types[];
+} EFI_FIRMWARE_VOLUME_EXT_ENTRY_OEM_TYPE;
+
+#define EFI_FV_EXT_TYPE_GUID_TYPE 0x0002
+typedef struct {
+ EFI_FIRMWARE_VOLUME_EXT_ENTRY Hdr;
+ EFI_GUID FormatType;
+
+ uint8_t Data[];
+} EFI_FIRMWARE_VOLUME_EXT_ENTRY_GUID_TYPE;
+
+#define EFI_FV_EXT_TYPE_USED_SIZE_TYPE 0x03
+typedef struct {
+ EFI_FIRMWARE_VOLUME_EXT_ENTRY Hdr;
+ uint32_t UsedSize;
+} EFI_FIRMWARE_VOLUME_EXT_ENTRY_USED_SIZE_TYPE;
+
+/***************************************************************************/
+/* Firmware File */
+
+#pragma pack(push, 1)
+
+typedef union {
+ struct {
+ uint8_t Header;
+ uint8_t File;
+ } Checksum;
+ uint16_t Checksum16;
+} EFI_FFS_INTEGRITY_CHECK;
+
+typedef uint8_t EFI_FV_FILETYPE;
+typedef uint8_t EFI_FFS_FILE_ATTRIBUTES;
+typedef uint8_t EFI_FFS_FILE_STATE;
+
+
+#define EFI_FV_FILETYPE_ALL 0x00
+#define EFI_FV_FILETYPE_RAW 0x01
+#define EFI_FV_FILETYPE_FREEFORM 0x02
+#define EFI_FV_FILETYPE_SECURITY_CORE 0x03
+#define EFI_FV_FILETYPE_PEI_CORE 0x04
+#define EFI_FV_FILETYPE_DXE_CORE 0x05
+#define EFI_FV_FILETYPE_PEIM 0x06
+#define EFI_FV_FILETYPE_DRIVER 0x07
+#define EFI_FV_FILETYPE_COMBINED_PEIM_DRIVER 0x08
+#define EFI_FV_FILETYPE_APPLICATION 0x09
+#define EFI_FV_FILETYPE_SMM 0x0A
+#define EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE 0x0B
+#define EFI_FV_FILETYPE_COMBINED_SMM_DXE 0x0C
+#define EFI_FV_FILETYPE_SMM_CORE 0x0D
+#define EFI_FV_FILETYPE_MM_STANDALONE 0x0E
+#define EFI_FV_FILETYPE_MM_CORE_STANDALONE 0x0F
+#define EFI_FV_FILETYPE_OEM_MIN 0xc0
+#define EFI_FV_FILETYPE_OEM_MAX 0xdf
+#define EFI_FV_FILETYPE_DEBUG_MIN 0xe0
+#define EFI_FV_FILETYPE_DEBUG_MAX 0xef
+#define EFI_FV_FILETYPE_FFS_MIN 0xf0
+#define EFI_FV_FILETYPE_FFS_MAX 0xff
+#define EFI_FV_FILETYPE_FFS_PAD 0xf0
+
+
+#define FFS_ATTRIB_LARGE_FILE 0x01
+#define FFS_ATTRIB_DATA_ALIGNMENT2 0x02
+#define FFS_ATTRIB_FIXED 0x04
+#define FFS_ATTRIB_DATA_ALIGNMENT 0x38
+#define FFS_ATTRIB_CHECKSUM 0x40
+
+
+#define EFI_FILE_HEADER_CONSTRUCTION 0x01
+#define EFI_FILE_HEADER_VALID 0x02
+#define EFI_FILE_DATA_VALID 0x04
+#define EFI_FILE_MARKED_FOR_UPDATE 0x08
+#define EFI_FILE_DELETED 0x10
+#define EFI_FILE_HEADER_INVALID 0x20
+
+
+#define EFI_FILE_ALL_STATE_BITS \
+ (EFI_FILE_HEADER_CONSTRUCTION | \
+ EFI_FILE_HEADER_VALID | \
+ EFI_FILE_DATA_VALID | \
+ EFI_FILE_MARKED_FOR_UPDATE | \
+ EFI_FILE_DELETED | \
+ EFI_FILE_HEADER_INVALID)
+
+
+typedef struct {
+ EFI_GUID Name;
+ EFI_FFS_INTEGRITY_CHECK IntegrityCheck;
+ EFI_FV_FILETYPE Type;
+ EFI_FFS_FILE_ATTRIBUTES Attributes;
+ uint8_t Size[3];
+ EFI_FFS_FILE_STATE State;
+} EFI_FFS_FILE_HEADER;
+
+
+typedef struct {
+ EFI_GUID Name;
+ EFI_FFS_INTEGRITY_CHECK IntegrityCheck;
+ EFI_FV_FILETYPE Type;
+ EFI_FFS_FILE_ATTRIBUTES Attributes;
+ uint8_t Size[3];
+ EFI_FFS_FILE_STATE State;
+ uint64_t ExtendedSize;
+} EFI_FFS_FILE_HEADER2;
+
+#define MAX_FFS_SIZE 0x1000000
+
+#pragma pack(pop)
+
+
+/***************************************************************************/
+/* GUIDs */
+#define EFI_FIRMWARE_FILE_SYSTEM2_GUID \
+ ((EFI_GUID){ 0x8c8ce578, 0x8a3d, 0x4f1c, \
+ { 0x99, 0x35, 0x89, 0x61, 0x85, 0xc3, 0x2d, 0xd3 } })
+
+#define EFI_FIRMWARE_FILE_SYSTEM3_GUID \
+ ((EFI_GUID){ 0x5473c07a, 0x3dcb, 0x4dca, \
+ { 0xbd, 0x6f, 0x1e, 0x96, 0x89, 0xe7, 0x34, 0x9a } })
+
+#define EFI_SYSTEM_NV_DATA_FV_GUID \
+ ((EFI_GUID){ 0xfff12b8d, 0x7696, 0x4c8b, \
+ { 0xa9, 0x85, 0x27, 0x47, 0x7, 0x5b, 0x4f, 0x50 } })
+
+#define EFI_FFS_VOLUME_TOP_FILE_GUID \
+ ((EFI_GUID){ 0x1BA0062E, 0xC779, 0x4582, \
+ { 0x85, 0x66, 0x33, 0x6A, 0xE8, 0xF7, 0x8F, 0x09 } })
+
+/*
+ * data structure for hob(Hand-Off block)
+ * based on
+ * UEFI Platform Initialization Specification Version 1.7. vol 3, chap 4 and 5
+ */
+
+#define EFI_HOB_TYPE_HANDOFF 0x0001
+#define EFI_HOB_TYPE_MEMORY_ALLOCATION 0x0002
+#define EFI_HOB_TYPE_RESOURCE_DESCRIPTOR 0x0003
+#define EFI_HOB_TYPE_GUID_EXTENSION 0x0004
+#define EFI_HOB_TYPE_FV 0x0005
+#define EFI_HOB_TYPE_CPU 0x0006
+#define EFI_HOB_TYPE_MEMORY_POOL 0x0007
+#define EFI_HOB_TYPE_FV2 0x0009
+#define EFI_HOB_TYPE_LOAD_PEIM_UNUSED 0x000A
+#define EFI_HOB_TYPE_UEFI_CAPSULE 0x000B
+#define EFI_HOB_TYPE_FV3 0x000C
+#define EFI_HOB_TYPE_UNUSED 0xFFFE
+#define EFI_HOB_TYPE_END_OF_HOB_LIST 0xFFFF
+
+typedef struct {
+ uint16_t HobType;
+ uint16_t HobLength;
+ uint32_t Reserved;
+} EFI_HOB_GENERIC_HEADER;
+
+
+#define EFI_HOB_HANDOFF_TABLE_VERSION 0x0009
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ uint32_t Version;
+ EFI_BOOT_MODE BootMode;
+ EFI_PHYSICAL_ADDRESS EfiMemoryTop;
+ EFI_PHYSICAL_ADDRESS EfiMemoryBottom;
+ EFI_PHYSICAL_ADDRESS EfiFreeMemoryTop;
+ EFI_PHYSICAL_ADDRESS EfiFreeMemoryBottom;
+ EFI_PHYSICAL_ADDRESS EfiEndOfHobList;
+} EFI_HOB_HANDOFF_INFO_TABLE;
+
+typedef struct {
+ EFI_GUID Name;
+ EFI_PHYSICAL_ADDRESS MemoryBaseAddress;
+ uint64_t MemoryLength;
+ EFI_MEMORY_TYPE MemoryType;
+ uint8_t Reserved[4];
+} EFI_HOB_MEMORY_ALLOCATION_HEADER;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_HOB_MEMORY_ALLOCATION_HEADER AllocDescriptor;
+} EFI_HOB_MEMORY_ALLOCATION;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_HOB_MEMORY_ALLOCATION_HEADER AllocDescriptor;
+} EFI_HOB_MEMORY_ALLOCATION_STACK;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_HOB_MEMORY_ALLOCATION_HEADER AllocDescriptor;
+} EFI_HOB_MEMORY_ALLOCATION_BSP_STORE;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_HOB_MEMORY_ALLOCATION_HEADER MemoryAllocationHeader;
+ EFI_GUID ModuleName;
+ EFI_PHYSICAL_ADDRESS EntryPoint;
+} EFI_HOB_MEMORY_ALLOCATION_MODULE;
+
+#define EFI_HOB_MEMORY_ALLOC_STACK_GUID \
+ ((EFI_GUID){ 0x4ed4bf27, 0x4092, 0x42e9, \
+ { 0x80, 0x7d, 0x52, 0x7b, 0x1d, 0x0, 0xc9, 0xbd } })
+
+#define EFI_HOB_MEMORY_ALLOC_BSP_STORE_GUID \
+ ((EFI_GUID){ 0x564b33cd, 0xc92a, 0x4593, \
+ { 0x90, 0xbf, 0x24, 0x73, 0xe4, 0x3c, 0x63, 0x22 } })
+
+#define EFI_HOB_MEMORY_ALLOC_MODULE_GUID \
+ ((EFI_GUID){ 0xf8e21975, 0x899, 0x4f58, \
+ { 0xa4, 0xbe, 0x55, 0x25, 0xa9, 0xc6, 0xd7, 0x7a } })
+
+
+typedef uint32_t EFI_RESOURCE_TYPE;
+
+#define EFI_RESOURCE_SYSTEM_MEMORY 0x00000000
+#define EFI_RESOURCE_MEMORY_MAPPED_IO 0x00000001
+#define EFI_RESOURCE_IO 0x00000002
+#define EFI_RESOURCE_FIRMWARE_DEVICE 0x00000003
+#define EFI_RESOURCE_MEMORY_MAPPED_IO_PORT 0x00000004
+#define EFI_RESOURCE_MEMORY_RESERVED 0x00000005
+#define EFI_RESOURCE_IO_RESERVED 0x00000006
+#define EFI_RESOURCE_MAX_MEMORY_TYPE 0x00000007
+
+typedef uint32_t EFI_RESOURCE_ATTRIBUTE_TYPE;
+
+#define EFI_RESOURCE_ATTRIBUTE_PRESENT 0x00000001
+#define EFI_RESOURCE_ATTRIBUTE_INITIALIZED 0x00000002
+#define EFI_RESOURCE_ATTRIBUTE_TESTED 0x00000004
+#define EFI_RESOURCE_ATTRIBUTE_READ_PROTECTED 0x00000080
+
+#define EFI_RESOURCE_ATTRIBUTE_WRITE_PROTECTED 0x00000100
+#define EFI_RESOURCE_ATTRIBUTE_EXECUTION_PROTECTED 0x00000200
+#define EFI_RESOURCE_ATTRIBUTE_PERSISTENT 0x00800000
+
+#define EFI_RESOURCE_ATTRIBUTE_SINGLE_BIT_ECC 0x00000008
+#define EFI_RESOURCE_ATTRIBUTE_MULTIPLE_BIT_ECC 0x00000010
+#define EFI_RESOURCE_ATTRIBUTE_ECC_RESERVED_1 0x00000020
+#define EFI_RESOURCE_ATTRIBUTE_ECC_RESERVED_2 0x00000040
+#define EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE 0x00000400
+#define EFI_RESOURCE_ATTRIBUTE_WRITE_COMBINEABLE 0x00000800
+#define EFI_RESOURCE_ATTRIBUTE_WRITE_THROUGH_CACHEABLE 0x00001000
+#define EFI_RESOURCE_ATTRIBUTE_WRITE_BACK_CACHEABLE 0x00002000
+#define EFI_RESOURCE_ATTRIBUTE_16_BIT_IO 0x00004000
+#define EFI_RESOURCE_ATTRIBUTE_32_BIT_IO 0x00008000
+#define EFI_RESOURCE_ATTRIBUTE_64_BIT_IO 0x00010000
+#define EFI_RESOURCE_ATTRIBUTE_UNCACHED_EXPORTED 0x00020000
+#define EFI_RESOURCE_ATTRIBUTE_READ_PROTECTABLE 0x00100000
+
+#define EFI_RESOURCE_ATTRIBUTE_WRITE_PROTECTABLE 0x00200000
+#define EFI_RESOURCE_ATTRIBUTE_EXECUTION_PROTECTABLE 0x00400000
+#define EFI_RESOURCE_ATTRIBUTE_PERSISTABLE 0x01000000
+
+#define EFI_RESOURCE_ATTRIBUTE_READ_ONLY_PROTECTED 0x00040000
+#define EFI_RESOURCE_ATTRIBUTE_READ_ONLY_PROTECTABLE 0x00080000
+
+#define EFI_RESOURCE_ATTRIBUTE_MORE_RELIABLE 0x02000000
+#define EFI_RESOURCE_ATTRIBUTE_ENCRYPTED 0x04000000
+
+/* FIXME: place holder for now */
+#define EFI_RESOURCE_ATTRIBUTE_UNACCEPTED 0x00000000
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_GUID Owner;
+ EFI_RESOURCE_TYPE ResourceType;
+ EFI_RESOURCE_ATTRIBUTE_TYPE ResourceAttribute;
+ EFI_PHYSICAL_ADDRESS PhysicalStart;
+ uint64_t ResourceLength;
+} EFI_HOB_RESOURCE_DESCRIPTOR;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_GUID Name;
+
+ /* guid specific data follows */
+} EFI_HOB_GUID_TYPE;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_PHYSICAL_ADDRESS BaseAddress;
+ uint64_t Length;
+} EFI_HOB_FIRMWARE_VOLUME;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_PHYSICAL_ADDRESS BaseAddress;
+ uint64_t Length;
+ EFI_GUID FvName;
+ EFI_GUID FileName;
+} EFI_HOB_FIRMWARE_VOLUME2;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_PHYSICAL_ADDRESS BaseAddress;
+ uint64_t Length;
+ uint32_t AuthenticationStatus;
+ bool ExtractedFv;
+ EFI_GUID FvName;
+ EFI_GUID FileName;
+} EFI_HOB_FIRMWARE_VOLUME3;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ uint8_t SizeOfMemorySpace;
+ uint8_t SizeOfIoSpace;
+ uint8_t Reserved[6];
+} EFI_HOB_CPU;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+} EFI_HOB_MEMORY_POOL;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+
+ EFI_PHYSICAL_ADDRESS BaseAddress;
+ uint64_t Length;
+} EFI_HOB_UEFI_CAPSULE;
+
+#define EFI_HOB_OWNER_ZERO \
+ ((EFI_GUID){ 0x00000000, 0x0000, 0x0000, \
+ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } })
+
+#endif
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 16/23] hw/i386: Add definitions from UEFI spec for volumes, resources, etc...
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, isaku.yamahata, kvm
Add definitions for literals, enums, structs, GUIDs, etc... that will be
used by TDX to build the UEFI Hand-Off Block (HOB) that is passed to the
Trusted Domain Virtual Firmware (TDVF). All values come from the UEFI
specification.
note: EFI_RESOURCE_ATTRIBUTE_{ENCRYPTED, UNACCEPTED}, will be added
in future UEFI spec.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
hw/i386/uefi.h | 496 +++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 496 insertions(+)
create mode 100644 hw/i386/uefi.h
diff --git a/hw/i386/uefi.h b/hw/i386/uefi.h
new file mode 100644
index 0000000000..2ff6eeaa9e
--- /dev/null
+++ b/hw/i386/uefi.h
@@ -0,0 +1,496 @@
+/*
+ * Copyright (C) 2020 Intel Corporation
+ *
+ * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
+ * <isaku.yamahata at intel.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef HW_I386_UEFI_H
+#define HW_I386_UEFI_H
+
+/***************************************************************************/
+/*
+ * basic EFI definitions
+ * supplemented with UEFI Specification Version 2.8 (Errata A)
+ * released February 2020
+ */
+/* UEFI integer is little endian */
+
+typedef struct {
+ uint32_t Data1;
+ uint16_t Data2;
+ uint16_t Data3;
+ uint8_t Data4[8];
+} EFI_GUID;
+
+typedef uint64_t EFI_PHYSICAL_ADDRESS;
+typedef uint32_t EFI_BOOT_MODE;
+
+typedef enum {
+ EfiReservedMemoryType,
+ EfiLoaderCode,
+ EfiLoaderData,
+ EfiBootServicesCode,
+ EfiBootServicesData,
+ EfiRuntimeServicesCode,
+ EfiRuntimeServicesData,
+ EfiConventionalMemory,
+ EfiUnusableMemory,
+ EfiACPIReclaimMemory,
+ EfiACPIMemoryNVS,
+ EfiMemoryMappedIO,
+ EfiMemoryMappedIOPortSpace,
+ EfiPalCode,
+ EfiPersistentMemory,
+ EfiMaxMemoryType
+} EFI_MEMORY_TYPE;
+
+
+/*
+ * data structure firmware volume/file
+ * based on
+ * UEFI Platform Initialization Specification Version 1.7. vol 3, 3.2.1
+ */
+
+#define SIGNATURE_16(A, B) (((A) | (B << 8)))
+#define SIGNATURE_32(A, B, C, D) (((A) | (B << 8) | (C << 16) | (D << 24)))
+#define SIGNATURE_64(A, B, C, D, E, F, G, H) \
+ (SIGNATURE_32(A, B, C, D) | ((uint64_t) (SIGNATURE_32(E, F, G, H)) << 32))
+
+/***************************************************************************/
+/* Firmware Volume format */
+
+typedef uint32_t EFI_FV_FILE_ATTRIBUTES;
+
+
+#define EFI_FV_FILE_ATTRIB_ALIGNMENT 0x0000001F
+#define EFI_FV_FILE_ATTRIB_FIXED 0x00000100
+#define EFI_FV_FILE_ATTRIB_MEMORY_MAPPED 0x00000200
+
+typedef uint32_t EFI_FVB_ATTRIBUTES_2;
+
+
+#define EFI_FVB2_READ_DISABLED_CAP 0x00000001
+#define EFI_FVB2_READ_ENABLED_CAP 0x00000002
+#define EFI_FVB2_READ_STATUS 0x00000004
+#define EFI_FVB2_WRITE_DISABLED_CAP 0x00000008
+#define EFI_FVB2_WRITE_ENABLED_CAP 0x00000010
+#define EFI_FVB2_WRITE_STATUS 0x00000020
+#define EFI_FVB2_LOCK_CAP 0x00000040
+#define EFI_FVB2_LOCK_STATUS 0x00000080
+#define EFI_FVB2_STICKY_WRITE 0x00000200
+#define EFI_FVB2_MEMORY_MAPPED 0x00000400
+#define EFI_FVB2_ERASE_POLARITY 0x00000800
+#define EFI_FVB2_READ_LOCK_CAP 0x00001000
+#define EFI_FVB2_READ_LOCK_STATUS 0x00002000
+#define EFI_FVB2_WRITE_LOCK_CAP 0x00004000
+#define EFI_FVB2_WRITE_LOCK_STATUS 0x00008000
+#define EFI_FVB2_ALIGNMENT 0x001F0000
+#define EFI_FVB2_WEAK_ALIGNMENT 0x80000000
+#define EFI_FVB2_ALIGNMENT_1 0x00000000
+#define EFI_FVB2_ALIGNMENT_2 0x00010000
+#define EFI_FVB2_ALIGNMENT_4 0x00020000
+#define EFI_FVB2_ALIGNMENT_8 0x00030000
+#define EFI_FVB2_ALIGNMENT_16 0x00040000
+#define EFI_FVB2_ALIGNMENT_32 0x00050000
+#define EFI_FVB2_ALIGNMENT_64 0x00060000
+#define EFI_FVB2_ALIGNMENT_128 0x00070000
+#define EFI_FVB2_ALIGNMENT_256 0x00080000
+#define EFI_FVB2_ALIGNMENT_512 0x00090000
+#define EFI_FVB2_ALIGNMENT_1K 0x000A0000
+#define EFI_FVB2_ALIGNMENT_2K 0x000B0000
+#define EFI_FVB2_ALIGNMENT_4K 0x000C0000
+#define EFI_FVB2_ALIGNMENT_8K 0x000D0000
+#define EFI_FVB2_ALIGNMENT_16K 0x000E0000
+#define EFI_FVB2_ALIGNMENT_32K 0x000F0000
+#define EFI_FVB2_ALIGNMENT_64K 0x00100000
+#define EFI_FVB2_ALIGNMENT_128K 0x00110000
+#define EFI_FVB2_ALIGNMENT_256K 0x00120000
+#define EFI_FVB2_ALIGNMENT_512K 0x00130000
+#define EFI_FVB2_ALIGNMENT_1M 0x00140000
+#define EFI_FVB2_ALIGNMENT_2M 0x00150000
+#define EFI_FVB2_ALIGNMENT_4M 0x00160000
+#define EFI_FVB2_ALIGNMENT_8M 0x00170000
+#define EFI_FVB2_ALIGNMENT_16M 0x00180000
+#define EFI_FVB2_ALIGNMENT_32M 0x00190000
+#define EFI_FVB2_ALIGNMENT_64M 0x001A0000
+#define EFI_FVB2_ALIGNMENT_128M 0x001B0000
+#define EFI_FVB2_ALIGNMENT_256M 0x001C0000
+#define EFI_FVB2_ALIGNMENT_512M 0x001D0000
+#define EFI_FVB2_ALIGNMENT_1G 0x001E0000
+#define EFI_FVB2_ALIGNMENT_2G 0x001F0000
+
+typedef struct {
+ uint32_t NumBlocks;
+ uint32_t Length;
+} EFI_FV_BLOCK_MAP_ENTRY;
+
+typedef struct {
+ uint8_t ZeroVector[16];
+ EFI_GUID FileSystemGuid;
+ uint64_t FvLength;
+ uint32_t Signature;
+ EFI_FVB_ATTRIBUTES_2 Attributes;
+ uint16_t HeaderLength;
+ uint16_t Checksum;
+ uint16_t ExtHeaderOffset;
+ uint8_t Reserved[1];
+ uint8_t Revision;
+ EFI_FV_BLOCK_MAP_ENTRY BlockMap[1];
+} EFI_FIRMWARE_VOLUME_HEADER;
+
+#define EFI_FVH_SIGNATURE SIGNATURE_32('_', 'F', 'V', 'H')
+
+#define EFI_FVH_REVISION 0x02
+
+typedef struct {
+ EFI_GUID FvName;
+ uint32_t ExtHeaderSize;
+} EFI_FIRMWARE_VOLUME_EXT_HEADER;
+
+typedef struct {
+ uint16_t ExtEntrySize;
+ uint16_t ExtEntryType;
+} EFI_FIRMWARE_VOLUME_EXT_ENTRY;
+
+#define EFI_FV_EXT_TYPE_OEM_TYPE 0x01
+typedef struct {
+ EFI_FIRMWARE_VOLUME_EXT_ENTRY Hdr;
+ uint32_t TypeMask;
+
+ EFI_GUID Types[];
+} EFI_FIRMWARE_VOLUME_EXT_ENTRY_OEM_TYPE;
+
+#define EFI_FV_EXT_TYPE_GUID_TYPE 0x0002
+typedef struct {
+ EFI_FIRMWARE_VOLUME_EXT_ENTRY Hdr;
+ EFI_GUID FormatType;
+
+ uint8_t Data[];
+} EFI_FIRMWARE_VOLUME_EXT_ENTRY_GUID_TYPE;
+
+#define EFI_FV_EXT_TYPE_USED_SIZE_TYPE 0x03
+typedef struct {
+ EFI_FIRMWARE_VOLUME_EXT_ENTRY Hdr;
+ uint32_t UsedSize;
+} EFI_FIRMWARE_VOLUME_EXT_ENTRY_USED_SIZE_TYPE;
+
+/***************************************************************************/
+/* Firmware File */
+
+#pragma pack(push, 1)
+
+typedef union {
+ struct {
+ uint8_t Header;
+ uint8_t File;
+ } Checksum;
+ uint16_t Checksum16;
+} EFI_FFS_INTEGRITY_CHECK;
+
+typedef uint8_t EFI_FV_FILETYPE;
+typedef uint8_t EFI_FFS_FILE_ATTRIBUTES;
+typedef uint8_t EFI_FFS_FILE_STATE;
+
+
+#define EFI_FV_FILETYPE_ALL 0x00
+#define EFI_FV_FILETYPE_RAW 0x01
+#define EFI_FV_FILETYPE_FREEFORM 0x02
+#define EFI_FV_FILETYPE_SECURITY_CORE 0x03
+#define EFI_FV_FILETYPE_PEI_CORE 0x04
+#define EFI_FV_FILETYPE_DXE_CORE 0x05
+#define EFI_FV_FILETYPE_PEIM 0x06
+#define EFI_FV_FILETYPE_DRIVER 0x07
+#define EFI_FV_FILETYPE_COMBINED_PEIM_DRIVER 0x08
+#define EFI_FV_FILETYPE_APPLICATION 0x09
+#define EFI_FV_FILETYPE_SMM 0x0A
+#define EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE 0x0B
+#define EFI_FV_FILETYPE_COMBINED_SMM_DXE 0x0C
+#define EFI_FV_FILETYPE_SMM_CORE 0x0D
+#define EFI_FV_FILETYPE_MM_STANDALONE 0x0E
+#define EFI_FV_FILETYPE_MM_CORE_STANDALONE 0x0F
+#define EFI_FV_FILETYPE_OEM_MIN 0xc0
+#define EFI_FV_FILETYPE_OEM_MAX 0xdf
+#define EFI_FV_FILETYPE_DEBUG_MIN 0xe0
+#define EFI_FV_FILETYPE_DEBUG_MAX 0xef
+#define EFI_FV_FILETYPE_FFS_MIN 0xf0
+#define EFI_FV_FILETYPE_FFS_MAX 0xff
+#define EFI_FV_FILETYPE_FFS_PAD 0xf0
+
+
+#define FFS_ATTRIB_LARGE_FILE 0x01
+#define FFS_ATTRIB_DATA_ALIGNMENT2 0x02
+#define FFS_ATTRIB_FIXED 0x04
+#define FFS_ATTRIB_DATA_ALIGNMENT 0x38
+#define FFS_ATTRIB_CHECKSUM 0x40
+
+
+#define EFI_FILE_HEADER_CONSTRUCTION 0x01
+#define EFI_FILE_HEADER_VALID 0x02
+#define EFI_FILE_DATA_VALID 0x04
+#define EFI_FILE_MARKED_FOR_UPDATE 0x08
+#define EFI_FILE_DELETED 0x10
+#define EFI_FILE_HEADER_INVALID 0x20
+
+
+#define EFI_FILE_ALL_STATE_BITS \
+ (EFI_FILE_HEADER_CONSTRUCTION | \
+ EFI_FILE_HEADER_VALID | \
+ EFI_FILE_DATA_VALID | \
+ EFI_FILE_MARKED_FOR_UPDATE | \
+ EFI_FILE_DELETED | \
+ EFI_FILE_HEADER_INVALID)
+
+
+typedef struct {
+ EFI_GUID Name;
+ EFI_FFS_INTEGRITY_CHECK IntegrityCheck;
+ EFI_FV_FILETYPE Type;
+ EFI_FFS_FILE_ATTRIBUTES Attributes;
+ uint8_t Size[3];
+ EFI_FFS_FILE_STATE State;
+} EFI_FFS_FILE_HEADER;
+
+
+typedef struct {
+ EFI_GUID Name;
+ EFI_FFS_INTEGRITY_CHECK IntegrityCheck;
+ EFI_FV_FILETYPE Type;
+ EFI_FFS_FILE_ATTRIBUTES Attributes;
+ uint8_t Size[3];
+ EFI_FFS_FILE_STATE State;
+ uint64_t ExtendedSize;
+} EFI_FFS_FILE_HEADER2;
+
+#define MAX_FFS_SIZE 0x1000000
+
+#pragma pack(pop)
+
+
+/***************************************************************************/
+/* GUIDs */
+#define EFI_FIRMWARE_FILE_SYSTEM2_GUID \
+ ((EFI_GUID){ 0x8c8ce578, 0x8a3d, 0x4f1c, \
+ { 0x99, 0x35, 0x89, 0x61, 0x85, 0xc3, 0x2d, 0xd3 } })
+
+#define EFI_FIRMWARE_FILE_SYSTEM3_GUID \
+ ((EFI_GUID){ 0x5473c07a, 0x3dcb, 0x4dca, \
+ { 0xbd, 0x6f, 0x1e, 0x96, 0x89, 0xe7, 0x34, 0x9a } })
+
+#define EFI_SYSTEM_NV_DATA_FV_GUID \
+ ((EFI_GUID){ 0xfff12b8d, 0x7696, 0x4c8b, \
+ { 0xa9, 0x85, 0x27, 0x47, 0x7, 0x5b, 0x4f, 0x50 } })
+
+#define EFI_FFS_VOLUME_TOP_FILE_GUID \
+ ((EFI_GUID){ 0x1BA0062E, 0xC779, 0x4582, \
+ { 0x85, 0x66, 0x33, 0x6A, 0xE8, 0xF7, 0x8F, 0x09 } })
+
+/*
+ * data structure for hob(Hand-Off block)
+ * based on
+ * UEFI Platform Initialization Specification Version 1.7. vol 3, chap 4 and 5
+ */
+
+#define EFI_HOB_TYPE_HANDOFF 0x0001
+#define EFI_HOB_TYPE_MEMORY_ALLOCATION 0x0002
+#define EFI_HOB_TYPE_RESOURCE_DESCRIPTOR 0x0003
+#define EFI_HOB_TYPE_GUID_EXTENSION 0x0004
+#define EFI_HOB_TYPE_FV 0x0005
+#define EFI_HOB_TYPE_CPU 0x0006
+#define EFI_HOB_TYPE_MEMORY_POOL 0x0007
+#define EFI_HOB_TYPE_FV2 0x0009
+#define EFI_HOB_TYPE_LOAD_PEIM_UNUSED 0x000A
+#define EFI_HOB_TYPE_UEFI_CAPSULE 0x000B
+#define EFI_HOB_TYPE_FV3 0x000C
+#define EFI_HOB_TYPE_UNUSED 0xFFFE
+#define EFI_HOB_TYPE_END_OF_HOB_LIST 0xFFFF
+
+typedef struct {
+ uint16_t HobType;
+ uint16_t HobLength;
+ uint32_t Reserved;
+} EFI_HOB_GENERIC_HEADER;
+
+
+#define EFI_HOB_HANDOFF_TABLE_VERSION 0x0009
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ uint32_t Version;
+ EFI_BOOT_MODE BootMode;
+ EFI_PHYSICAL_ADDRESS EfiMemoryTop;
+ EFI_PHYSICAL_ADDRESS EfiMemoryBottom;
+ EFI_PHYSICAL_ADDRESS EfiFreeMemoryTop;
+ EFI_PHYSICAL_ADDRESS EfiFreeMemoryBottom;
+ EFI_PHYSICAL_ADDRESS EfiEndOfHobList;
+} EFI_HOB_HANDOFF_INFO_TABLE;
+
+typedef struct {
+ EFI_GUID Name;
+ EFI_PHYSICAL_ADDRESS MemoryBaseAddress;
+ uint64_t MemoryLength;
+ EFI_MEMORY_TYPE MemoryType;
+ uint8_t Reserved[4];
+} EFI_HOB_MEMORY_ALLOCATION_HEADER;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_HOB_MEMORY_ALLOCATION_HEADER AllocDescriptor;
+} EFI_HOB_MEMORY_ALLOCATION;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_HOB_MEMORY_ALLOCATION_HEADER AllocDescriptor;
+} EFI_HOB_MEMORY_ALLOCATION_STACK;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_HOB_MEMORY_ALLOCATION_HEADER AllocDescriptor;
+} EFI_HOB_MEMORY_ALLOCATION_BSP_STORE;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_HOB_MEMORY_ALLOCATION_HEADER MemoryAllocationHeader;
+ EFI_GUID ModuleName;
+ EFI_PHYSICAL_ADDRESS EntryPoint;
+} EFI_HOB_MEMORY_ALLOCATION_MODULE;
+
+#define EFI_HOB_MEMORY_ALLOC_STACK_GUID \
+ ((EFI_GUID){ 0x4ed4bf27, 0x4092, 0x42e9, \
+ { 0x80, 0x7d, 0x52, 0x7b, 0x1d, 0x0, 0xc9, 0xbd } })
+
+#define EFI_HOB_MEMORY_ALLOC_BSP_STORE_GUID \
+ ((EFI_GUID){ 0x564b33cd, 0xc92a, 0x4593, \
+ { 0x90, 0xbf, 0x24, 0x73, 0xe4, 0x3c, 0x63, 0x22 } })
+
+#define EFI_HOB_MEMORY_ALLOC_MODULE_GUID \
+ ((EFI_GUID){ 0xf8e21975, 0x899, 0x4f58, \
+ { 0xa4, 0xbe, 0x55, 0x25, 0xa9, 0xc6, 0xd7, 0x7a } })
+
+
+typedef uint32_t EFI_RESOURCE_TYPE;
+
+#define EFI_RESOURCE_SYSTEM_MEMORY 0x00000000
+#define EFI_RESOURCE_MEMORY_MAPPED_IO 0x00000001
+#define EFI_RESOURCE_IO 0x00000002
+#define EFI_RESOURCE_FIRMWARE_DEVICE 0x00000003
+#define EFI_RESOURCE_MEMORY_MAPPED_IO_PORT 0x00000004
+#define EFI_RESOURCE_MEMORY_RESERVED 0x00000005
+#define EFI_RESOURCE_IO_RESERVED 0x00000006
+#define EFI_RESOURCE_MAX_MEMORY_TYPE 0x00000007
+
+typedef uint32_t EFI_RESOURCE_ATTRIBUTE_TYPE;
+
+#define EFI_RESOURCE_ATTRIBUTE_PRESENT 0x00000001
+#define EFI_RESOURCE_ATTRIBUTE_INITIALIZED 0x00000002
+#define EFI_RESOURCE_ATTRIBUTE_TESTED 0x00000004
+#define EFI_RESOURCE_ATTRIBUTE_READ_PROTECTED 0x00000080
+
+#define EFI_RESOURCE_ATTRIBUTE_WRITE_PROTECTED 0x00000100
+#define EFI_RESOURCE_ATTRIBUTE_EXECUTION_PROTECTED 0x00000200
+#define EFI_RESOURCE_ATTRIBUTE_PERSISTENT 0x00800000
+
+#define EFI_RESOURCE_ATTRIBUTE_SINGLE_BIT_ECC 0x00000008
+#define EFI_RESOURCE_ATTRIBUTE_MULTIPLE_BIT_ECC 0x00000010
+#define EFI_RESOURCE_ATTRIBUTE_ECC_RESERVED_1 0x00000020
+#define EFI_RESOURCE_ATTRIBUTE_ECC_RESERVED_2 0x00000040
+#define EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE 0x00000400
+#define EFI_RESOURCE_ATTRIBUTE_WRITE_COMBINEABLE 0x00000800
+#define EFI_RESOURCE_ATTRIBUTE_WRITE_THROUGH_CACHEABLE 0x00001000
+#define EFI_RESOURCE_ATTRIBUTE_WRITE_BACK_CACHEABLE 0x00002000
+#define EFI_RESOURCE_ATTRIBUTE_16_BIT_IO 0x00004000
+#define EFI_RESOURCE_ATTRIBUTE_32_BIT_IO 0x00008000
+#define EFI_RESOURCE_ATTRIBUTE_64_BIT_IO 0x00010000
+#define EFI_RESOURCE_ATTRIBUTE_UNCACHED_EXPORTED 0x00020000
+#define EFI_RESOURCE_ATTRIBUTE_READ_PROTECTABLE 0x00100000
+
+#define EFI_RESOURCE_ATTRIBUTE_WRITE_PROTECTABLE 0x00200000
+#define EFI_RESOURCE_ATTRIBUTE_EXECUTION_PROTECTABLE 0x00400000
+#define EFI_RESOURCE_ATTRIBUTE_PERSISTABLE 0x01000000
+
+#define EFI_RESOURCE_ATTRIBUTE_READ_ONLY_PROTECTED 0x00040000
+#define EFI_RESOURCE_ATTRIBUTE_READ_ONLY_PROTECTABLE 0x00080000
+
+#define EFI_RESOURCE_ATTRIBUTE_MORE_RELIABLE 0x02000000
+#define EFI_RESOURCE_ATTRIBUTE_ENCRYPTED 0x04000000
+
+/* FIXME: place holder for now */
+#define EFI_RESOURCE_ATTRIBUTE_UNACCEPTED 0x00000000
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_GUID Owner;
+ EFI_RESOURCE_TYPE ResourceType;
+ EFI_RESOURCE_ATTRIBUTE_TYPE ResourceAttribute;
+ EFI_PHYSICAL_ADDRESS PhysicalStart;
+ uint64_t ResourceLength;
+} EFI_HOB_RESOURCE_DESCRIPTOR;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_GUID Name;
+
+ /* guid specific data follows */
+} EFI_HOB_GUID_TYPE;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_PHYSICAL_ADDRESS BaseAddress;
+ uint64_t Length;
+} EFI_HOB_FIRMWARE_VOLUME;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_PHYSICAL_ADDRESS BaseAddress;
+ uint64_t Length;
+ EFI_GUID FvName;
+ EFI_GUID FileName;
+} EFI_HOB_FIRMWARE_VOLUME2;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ EFI_PHYSICAL_ADDRESS BaseAddress;
+ uint64_t Length;
+ uint32_t AuthenticationStatus;
+ bool ExtractedFv;
+ EFI_GUID FvName;
+ EFI_GUID FileName;
+} EFI_HOB_FIRMWARE_VOLUME3;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+ uint8_t SizeOfMemorySpace;
+ uint8_t SizeOfIoSpace;
+ uint8_t Reserved[6];
+} EFI_HOB_CPU;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+} EFI_HOB_MEMORY_POOL;
+
+typedef struct {
+ EFI_HOB_GENERIC_HEADER Header;
+
+ EFI_PHYSICAL_ADDRESS BaseAddress;
+ uint64_t Length;
+} EFI_HOB_UEFI_CAPSULE;
+
+#define EFI_HOB_OWNER_ZERO \
+ ((EFI_GUID){ 0x00000000, 0x0000, 0x0000, \
+ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } })
+
+#endif
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 17/23] i386/tdx: Add definitions for TDVF metadata
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
Add constants and structs for the TD Virtual Firmware metadata, which
describes how the TDVF must be built to ensure correct functionality and
measurement.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
include/hw/i386/tdvf.h | 55 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
create mode 100644 include/hw/i386/tdvf.h
diff --git a/include/hw/i386/tdvf.h b/include/hw/i386/tdvf.h
new file mode 100644
index 0000000000..5c78e2affb
--- /dev/null
+++ b/include/hw/i386/tdvf.h
@@ -0,0 +1,55 @@
+/*
+ * SPDX-License-Identifier: GPL-2.0-or-later
+
+ * Copyright (c) 2020 Intel Corporation
+ * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
+ * <isaku.yamahata at intel.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef HW_I386_TDVF_H
+#define HW_I386_TDVF_H
+
+#include "qemu/osdep.h"
+
+#define TDVF_METDATA_OFFSET_FROM_END 0x20
+
+#define TDVF_SECTION_TYPE_BFV 0
+#define TDVF_SECTION_TYPE_CFV 1
+#define TDVF_SECTION_TYPE_TD_HOB 2
+#define TDVF_SECTION_TYPE_TEMP_MEM 3
+
+#define TDVF_SECTION_ATTRIBUTES_EXTENDMR (1U << 0)
+
+typedef struct {
+ uint32_t DataOffset;
+ uint32_t RawDataSize;
+ uint64_t MemoryAddress;
+ uint64_t MemoryDataSize;
+ uint32_t Type;
+ uint32_t Attributes;
+} TdvfSectionEntry;
+
+#define TDVF_SIGNATURE_LE32 0x46564454 /* TDVF as little endian */
+
+typedef struct {
+ uint8_t Signature[4];
+ uint32_t Length;
+ uint32_t Version;
+ uint32_t NumberOfSectionEntries;
+ TdvfSectionEntry SectionEntries[];
+} TdvfMetadata;
+
+#endif /* HW_I386_TDVF_H */
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 17/23] i386/tdx: Add definitions for TDVF metadata
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
Add constants and structs for the TD Virtual Firmware metadata, which
describes how the TDVF must be built to ensure correct functionality and
measurement.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
include/hw/i386/tdvf.h | 55 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
create mode 100644 include/hw/i386/tdvf.h
diff --git a/include/hw/i386/tdvf.h b/include/hw/i386/tdvf.h
new file mode 100644
index 0000000000..5c78e2affb
--- /dev/null
+++ b/include/hw/i386/tdvf.h
@@ -0,0 +1,55 @@
+/*
+ * SPDX-License-Identifier: GPL-2.0-or-later
+
+ * Copyright (c) 2020 Intel Corporation
+ * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
+ * <isaku.yamahata at intel.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef HW_I386_TDVF_H
+#define HW_I386_TDVF_H
+
+#include "qemu/osdep.h"
+
+#define TDVF_METDATA_OFFSET_FROM_END 0x20
+
+#define TDVF_SECTION_TYPE_BFV 0
+#define TDVF_SECTION_TYPE_CFV 1
+#define TDVF_SECTION_TYPE_TD_HOB 2
+#define TDVF_SECTION_TYPE_TEMP_MEM 3
+
+#define TDVF_SECTION_ATTRIBUTES_EXTENDMR (1U << 0)
+
+typedef struct {
+ uint32_t DataOffset;
+ uint32_t RawDataSize;
+ uint64_t MemoryAddress;
+ uint64_t MemoryDataSize;
+ uint32_t Type;
+ uint32_t Attributes;
+} TdvfSectionEntry;
+
+#define TDVF_SIGNATURE_LE32 0x46564454 /* TDVF as little endian */
+
+typedef struct {
+ uint8_t Signature[4];
+ uint32_t Length;
+ uint32_t Version;
+ uint32_t NumberOfSectionEntries;
+ TdvfSectionEntry SectionEntries[];
+} TdvfMetadata;
+
+#endif /* HW_I386_TDVF_H */
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 18/23] i386/tdx: Parse tdvf metadata and store the result into TdxGuest
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
Add support for loading TDX's Trusted Domain Virtual Firmware (TDVF) via
the generic loader. Prioritize the TDVF above plain hex to avoid false
positives with hex (TDVF has explicit metadata to confirm it's a TDVF).
Enumerate TempMem as added, private memory, i.e. E820_RESERVED,
otherwise TDVF will interpret the whole shebang as MMIO and complain
that the aperture overlaps other MMIO regions.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
hw/core/generic-loader.c | 5 +
hw/core/meson.build | 3 +
hw/core/tdvf-stub.c | 6 +
hw/i386/meson.build | 1 +
hw/i386/tdvf.c | 305 +++++++++++++++++++++++++++++++++++++++
include/sysemu/tdvf.h | 6 +
target/i386/kvm/tdx.h | 26 ++++
7 files changed, 352 insertions(+)
create mode 100644 hw/core/tdvf-stub.c
create mode 100644 hw/i386/tdvf.c
create mode 100644 include/sysemu/tdvf.h
diff --git a/hw/core/generic-loader.c b/hw/core/generic-loader.c
index 2b2a7b5e9a..c2f89bc0c9 100644
--- a/hw/core/generic-loader.c
+++ b/hw/core/generic-loader.c
@@ -35,6 +35,7 @@
#include "hw/sysbus.h"
#include "sysemu/dma.h"
#include "sysemu/reset.h"
+#include "sysemu/tdvf.h"
#include "hw/boards.h"
#include "hw/loader.h"
#include "hw/qdev-properties.h"
@@ -148,6 +149,10 @@ static void generic_loader_realize(DeviceState *dev, Error **errp)
as);
}
+ if (size < 0) {
+ size = load_tdvf(s->file);
+ }
+
if (size < 0) {
size = load_targphys_hex_as(s->file, &entry, as);
}
diff --git a/hw/core/meson.build b/hw/core/meson.build
index 032576f571..d69a021c76 100644
--- a/hw/core/meson.build
+++ b/hw/core/meson.build
@@ -23,6 +23,9 @@ common_ss.add(when: 'CONFIG_REGISTER', if_true: files('register.c'))
common_ss.add(when: 'CONFIG_SPLIT_IRQ', if_true: files('split-irq.c'))
common_ss.add(when: 'CONFIG_XILINX_AXI', if_true: files('stream.c'))
+common_ss.add(when: 'CONFIG_TDX', if_false: files('tdvf-stub.c'))
+common_ss.add(when: 'CONFIG_ALL', if_true: files('tdvf-stub.c'))
+
softmmu_ss.add(files(
'fw-path-provider.c',
'loader.c',
diff --git a/hw/core/tdvf-stub.c b/hw/core/tdvf-stub.c
new file mode 100644
index 0000000000..5f2586dd70
--- /dev/null
+++ b/hw/core/tdvf-stub.c
@@ -0,0 +1,6 @@
+#include "sysemu/tdvf.h"
+
+int load_tdvf(const char *filename)
+{
+ return -1;
+}
diff --git a/hw/i386/meson.build b/hw/i386/meson.build
index e5d109f5c6..945e805525 100644
--- a/hw/i386/meson.build
+++ b/hw/i386/meson.build
@@ -24,6 +24,7 @@ i386_ss.add(when: 'CONFIG_PC', if_true: files(
'pc_sysfw.c',
'acpi-build.c',
'port92.c'))
+i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c'))
subdir('kvm')
subdir('xen')
diff --git a/hw/i386/tdvf.c b/hw/i386/tdvf.c
new file mode 100644
index 0000000000..bf0d5a9866
--- /dev/null
+++ b/hw/i386/tdvf.c
@@ -0,0 +1,305 @@
+/*
+ * SPDX-License-Identifier: GPL-2.0-or-later
+
+ * Copyright (c) 2020 Intel Corporation
+ * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
+ * <isaku.yamahata at intel.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+#include "qemu/units.h"
+#include "cpu.h"
+#include "exec/hwaddr.h"
+#include "hw/boards.h"
+#include "hw/i386/e820_memory_layout.h"
+#include "hw/i386/tdvf.h"
+#include "hw/i386/x86.h"
+#include "hw/loader.h"
+#include "sysemu/tdx.h"
+#include "sysemu/tdvf.h"
+#include "target/i386/kvm/tdx.h"
+
+static void tdvf_init_ram_memory(MachineState *ms, TdxFirmwareEntry *entry)
+{
+ void *ram_ptr = memory_region_get_ram_ptr(ms->ram);
+ X86MachineState *x86ms = X86_MACHINE(ms);
+
+ if (entry->type == TDVF_SECTION_TYPE_BFV ||
+ entry->type == TDVF_SECTION_TYPE_CFV) {
+ error_report("TDVF type %u addr 0x%" PRIx64 " in RAM (disallowed)",
+ entry->type, entry->address);
+ exit(1);
+ }
+
+ if (entry->address < 4 * GiB) {
+ entry->mem_ptr = ram_ptr + entry->address;
+ } else {
+ if (entry->address >= 4 * GiB + x86ms->above_4g_mem_size) {
+ error_report("TDVF type %u address 0x%" PRIx64 " above high memory",
+ entry->type, entry->address);
+ exit(1);
+ }
+ entry->mem_ptr = ram_ptr + x86ms->below_4g_mem_size +
+ entry->address - 4 * GiB;
+ }
+}
+
+static void tdvf_init_bios_memory(int fd, const char *filename,
+ TdxFirmwareEntry *entry)
+{
+ static unsigned int nr_cfv;
+ static unsigned int nr_tmp;
+
+ MemoryRegion *system_memory = get_system_memory();
+ Error *err = NULL;
+ const char *name;
+
+ /* Error out if the section might overlap other structures. */
+ if (entry->address < 4 * GiB - 16 * MiB) {
+ error_report("TDVF type %u address 0x%" PRIx64 " in PCI hole",
+ entry->type, entry->address);
+ exit(1);
+ }
+
+ if (entry->type == TDVF_SECTION_TYPE_BFV) {
+ name = g_strdup("tdvf.bfv");
+ } else if (entry->type == TDVF_SECTION_TYPE_CFV) {
+ name = g_strdup_printf("tdvf.cfv%u", nr_cfv++);
+ } else if (entry->type == TDVF_SECTION_TYPE_TD_HOB) {
+ name = g_strdup("tdvf.hob");
+ } else if (entry->type == TDVF_SECTION_TYPE_TEMP_MEM) {
+ name = g_strdup_printf("tdvf.tmp%u", nr_tmp++);
+ } else {
+ error_report("TDVF type %u unknown/unsupported", entry->type);
+ exit(1);
+ }
+ entry->mr = g_malloc(sizeof(*entry->mr));
+
+ memory_region_init_ram(entry->mr, NULL, name, entry->size, &err);
+ if (err) {
+ error_report_err(err);
+ exit(1);
+ }
+
+ entry->mem_ptr = memory_region_get_ram_ptr(entry->mr);
+ if (entry->data_len) {
+ /*
+ * The memory_region api doesn't allow partial file mapping, create
+ * ram and copy the contents
+ */
+ if (lseek(fd, entry->data_offset, SEEK_SET) != entry->data_offset) {
+ error_report("can't seek to 0x%x %s", entry->data_offset, filename);
+ exit(1);
+ }
+ if (read(fd, entry->mem_ptr, entry->data_len) != entry->data_len) {
+ error_report("can't read 0x%x %s", entry->data_len, filename);
+ exit(1);
+ }
+ }
+
+ memory_region_add_subregion(system_memory, entry->address, entry->mr);
+
+ if (entry->type == TDVF_SECTION_TYPE_TEMP_MEM) {
+ e820_add_entry(entry->address, entry->size, E820_RESERVED);
+ }
+}
+
+static void tdvf_parse_section_entry(TdxFirmwareEntry *entry,
+ const TdvfSectionEntry *src,
+ uint64_t file_size)
+{
+ entry->data_offset = le32_to_cpu(src->DataOffset);
+ entry->data_len = le32_to_cpu(src->RawDataSize);
+ entry->address = le64_to_cpu(src->MemoryAddress);
+ entry->size = le64_to_cpu(src->MemoryDataSize);
+ entry->type = le32_to_cpu(src->Type);
+ entry->attributes = le32_to_cpu(src->Attributes);
+
+ /* sanity check */
+ if (entry->data_offset + entry->data_len > file_size) {
+ error_report("too large section: DataOffset 0x%x RawDataSize 0x%x",
+ entry->data_offset, entry->data_len);
+ exit(1);
+ }
+ if (entry->size < entry->data_len) {
+ error_report("broken metadata RawDataSize 0x%x MemoryDataSize 0x%lx",
+ entry->data_len, entry->size);
+ exit(1);
+ }
+ if (!QEMU_IS_ALIGNED(entry->address, TARGET_PAGE_SIZE)) {
+ error_report("MemoryAddress 0x%lx not page aligned", entry->address);
+ exit(1);
+ }
+ if (!QEMU_IS_ALIGNED(entry->size, TARGET_PAGE_SIZE)) {
+ error_report("MemoryDataSize 0x%lx not page aligned", entry->size);
+ exit(1);
+ }
+ if (entry->type == TDVF_SECTION_TYPE_TD_HOB ||
+ entry->type == TDVF_SECTION_TYPE_TEMP_MEM) {
+ if (entry->data_len > 0) {
+ error_report("%d section with RawDataSize 0x%x > 0",
+ entry->type, entry->data_len);
+ exit(1);
+ }
+ }
+}
+
+static void tdvf_parse_metadata_entries(int fd, TdxFirmware *fw,
+ TdvfMetadata *metadata)
+{
+
+ TdvfSectionEntry *sections;
+ ssize_t entries_size;
+ uint32_t len, i;
+
+ fw->nr_entries = le32_to_cpu(metadata->NumberOfSectionEntries);
+ if (fw->nr_entries < 2) {
+ error_report("Invalid number of entries (%u) in TDVF", fw->nr_entries);
+ exit(1);
+ }
+
+ len = le32_to_cpu(metadata->Length);
+ entries_size = fw->nr_entries * sizeof(TdvfSectionEntry);
+ if (len != sizeof(*metadata) + entries_size) {
+ error_report("TDVF metadata len (0x%x) mismatch, expected (0x%x)",
+ len, (uint32_t)(sizeof(*metadata) + entries_size));
+ exit(1);
+ }
+
+ fw->entries = g_new(TdxFirmwareEntry, fw->nr_entries);
+ sections = g_new(TdvfSectionEntry, fw->nr_entries);
+
+ if (read(fd, sections, entries_size) != entries_size) {
+ error_report("Failed to read TDVF section entries");
+ exit(1);
+ }
+
+ for (i = 0; i < fw->nr_entries; i++) {
+ tdvf_parse_section_entry(&fw->entries[i], §ions[i], fw->file_size);
+ }
+ g_free(sections);
+}
+
+static int tdvf_parse_metadata_header(int fd, TdvfMetadata *metadata)
+{
+ uint32_t offset;
+ int64_t size;
+
+ size = lseek(fd, 0, SEEK_END);
+ if (size < TDVF_METDATA_OFFSET_FROM_END || (uint32_t)size != size) {
+ return -1;
+ }
+
+ /* Chase the metadata pointer to get to the actual metadata. */
+ offset = size - TDVF_METDATA_OFFSET_FROM_END;
+ if (lseek(fd, offset, SEEK_SET) != offset) {
+ return -1;
+ }
+ if (read(fd, &offset, sizeof(offset)) != sizeof(offset)) {
+ return -1;
+ }
+
+ offset = le32_to_cpu(offset);
+ if (offset > size - sizeof(*metadata)) {
+ return -1;
+ }
+
+ /* Pointer to the metadata has been resolved, read the actual metadata. */
+ if (lseek(fd, offset, SEEK_SET) != offset) {
+ return -1;
+ }
+ if (read(fd, metadata, sizeof(*metadata)) != sizeof(*metadata)) {
+ return -1;
+ }
+
+ /* Finally, verify the signature to determine if this is a TDVF image. */
+ if (metadata->Signature[0] != 'T' || metadata->Signature[1] != 'D' ||
+ metadata->Signature[2] != 'V' || metadata->Signature[3] != 'F') {
+ return -1;
+ }
+
+ /* Sanity check that the TDVF doesn't overlap its own metadata. */
+ metadata->Length = le32_to_cpu(metadata->Length);
+ if (metadata->Length > size - offset) {
+ return -1;
+ }
+
+ /* Only version 1 is supported/defined. */
+ metadata->Version = le32_to_cpu(metadata->Version);
+ if (metadata->Version != 1) {
+ return -1;
+ }
+
+ return size;
+}
+
+int load_tdvf(const char *filename)
+{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ X86MachineState *x86ms = X86_MACHINE(ms);
+ TdxFirmwareEntry *entry;
+ TdvfMetadata metadata;
+ TdxGuest *tdx;
+ TdxFirmware *fw;
+ int64_t size;
+ int fd;
+
+ if (!kvm_enabled()) {
+ return -1;
+ }
+
+ tdx = (void *)object_dynamic_cast(OBJECT(ms->cgs), TYPE_TDX_GUEST);
+ if (!tdx) {
+ return -1;
+ }
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if (fd < 0) {
+ return -1;
+ }
+
+ size = tdvf_parse_metadata_header(fd, &metadata);
+ if (size < 0) {
+ close(fd);
+ return -1;
+ }
+
+ /* Error out if the user is attempting to load multiple TDVFs. */
+ fw = &tdx->fw;
+ if (fw->file_name) {
+ error_report("tdvf can only be specified once.");
+ exit(1);
+ }
+
+ fw->file_size = size;
+ fw->file_name = g_strdup(filename);
+
+ tdvf_parse_metadata_entries(fd, fw, &metadata);
+
+ for_each_fw_entry(fw, entry) {
+ if (entry->address < x86ms->below_4g_mem_size ||
+ entry->address > 4 * GiB) {
+ tdvf_init_ram_memory(ms, entry);
+ } else {
+ tdvf_init_bios_memory(fd, filename, entry);
+ }
+ }
+
+ close(fd);
+ return 0;
+}
diff --git a/include/sysemu/tdvf.h b/include/sysemu/tdvf.h
new file mode 100644
index 0000000000..0cf085e3ae
--- /dev/null
+++ b/include/sysemu/tdvf.h
@@ -0,0 +1,6 @@
+#ifndef QEMU_TDVF_H
+#define QEMU_TDVF_H
+
+int load_tdvf(const char *filename);
+
+#endif
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
index 844d24aade..2fed27b3fb 100644
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@@ -5,6 +5,30 @@
#include "qapi/error.h"
#include "exec/confidential-guest-support.h"
+typedef struct TdxFirmwareEntry {
+ uint32_t data_offset;
+ uint32_t data_len;
+ uint64_t address;
+ uint64_t size;
+ uint32_t type;
+ uint32_t attributes;
+
+ MemoryRegion *mr;
+ void *mem_ptr;
+} TdxFirmwareEntry;
+
+typedef struct TdxFirmware {
+ const char *file_name;
+ uint64_t file_size;
+
+ /* metadata */
+ uint32_t nr_entries;
+ TdxFirmwareEntry *entries;
+} TdxFirmware;
+
+#define for_each_fw_entry(fw, e) \
+ for (e = (fw)->entries; e != (fw)->entries + (fw)->nr_entries; e++)
+
#define TYPE_TDX_GUEST "tdx-guest"
#define TDX_GUEST(obj) \
OBJECT_CHECK(TdxGuest, (obj), TYPE_TDX_GUEST)
@@ -20,6 +44,8 @@ typedef struct TdxGuest {
bool initialized;
bool debug;
+
+ TdxFirmware fw;
} TdxGuest;
int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 18/23] i386/tdx: Parse tdvf metadata and store the result into TdxGuest
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
Add support for loading TDX's Trusted Domain Virtual Firmware (TDVF) via
the generic loader. Prioritize the TDVF above plain hex to avoid false
positives with hex (TDVF has explicit metadata to confirm it's a TDVF).
Enumerate TempMem as added, private memory, i.e. E820_RESERVED,
otherwise TDVF will interpret the whole shebang as MMIO and complain
that the aperture overlaps other MMIO regions.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
hw/core/generic-loader.c | 5 +
hw/core/meson.build | 3 +
hw/core/tdvf-stub.c | 6 +
hw/i386/meson.build | 1 +
hw/i386/tdvf.c | 305 +++++++++++++++++++++++++++++++++++++++
include/sysemu/tdvf.h | 6 +
target/i386/kvm/tdx.h | 26 ++++
7 files changed, 352 insertions(+)
create mode 100644 hw/core/tdvf-stub.c
create mode 100644 hw/i386/tdvf.c
create mode 100644 include/sysemu/tdvf.h
diff --git a/hw/core/generic-loader.c b/hw/core/generic-loader.c
index 2b2a7b5e9a..c2f89bc0c9 100644
--- a/hw/core/generic-loader.c
+++ b/hw/core/generic-loader.c
@@ -35,6 +35,7 @@
#include "hw/sysbus.h"
#include "sysemu/dma.h"
#include "sysemu/reset.h"
+#include "sysemu/tdvf.h"
#include "hw/boards.h"
#include "hw/loader.h"
#include "hw/qdev-properties.h"
@@ -148,6 +149,10 @@ static void generic_loader_realize(DeviceState *dev, Error **errp)
as);
}
+ if (size < 0) {
+ size = load_tdvf(s->file);
+ }
+
if (size < 0) {
size = load_targphys_hex_as(s->file, &entry, as);
}
diff --git a/hw/core/meson.build b/hw/core/meson.build
index 032576f571..d69a021c76 100644
--- a/hw/core/meson.build
+++ b/hw/core/meson.build
@@ -23,6 +23,9 @@ common_ss.add(when: 'CONFIG_REGISTER', if_true: files('register.c'))
common_ss.add(when: 'CONFIG_SPLIT_IRQ', if_true: files('split-irq.c'))
common_ss.add(when: 'CONFIG_XILINX_AXI', if_true: files('stream.c'))
+common_ss.add(when: 'CONFIG_TDX', if_false: files('tdvf-stub.c'))
+common_ss.add(when: 'CONFIG_ALL', if_true: files('tdvf-stub.c'))
+
softmmu_ss.add(files(
'fw-path-provider.c',
'loader.c',
diff --git a/hw/core/tdvf-stub.c b/hw/core/tdvf-stub.c
new file mode 100644
index 0000000000..5f2586dd70
--- /dev/null
+++ b/hw/core/tdvf-stub.c
@@ -0,0 +1,6 @@
+#include "sysemu/tdvf.h"
+
+int load_tdvf(const char *filename)
+{
+ return -1;
+}
diff --git a/hw/i386/meson.build b/hw/i386/meson.build
index e5d109f5c6..945e805525 100644
--- a/hw/i386/meson.build
+++ b/hw/i386/meson.build
@@ -24,6 +24,7 @@ i386_ss.add(when: 'CONFIG_PC', if_true: files(
'pc_sysfw.c',
'acpi-build.c',
'port92.c'))
+i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c'))
subdir('kvm')
subdir('xen')
diff --git a/hw/i386/tdvf.c b/hw/i386/tdvf.c
new file mode 100644
index 0000000000..bf0d5a9866
--- /dev/null
+++ b/hw/i386/tdvf.c
@@ -0,0 +1,305 @@
+/*
+ * SPDX-License-Identifier: GPL-2.0-or-later
+
+ * Copyright (c) 2020 Intel Corporation
+ * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
+ * <isaku.yamahata at intel.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+#include "qemu/units.h"
+#include "cpu.h"
+#include "exec/hwaddr.h"
+#include "hw/boards.h"
+#include "hw/i386/e820_memory_layout.h"
+#include "hw/i386/tdvf.h"
+#include "hw/i386/x86.h"
+#include "hw/loader.h"
+#include "sysemu/tdx.h"
+#include "sysemu/tdvf.h"
+#include "target/i386/kvm/tdx.h"
+
+static void tdvf_init_ram_memory(MachineState *ms, TdxFirmwareEntry *entry)
+{
+ void *ram_ptr = memory_region_get_ram_ptr(ms->ram);
+ X86MachineState *x86ms = X86_MACHINE(ms);
+
+ if (entry->type == TDVF_SECTION_TYPE_BFV ||
+ entry->type == TDVF_SECTION_TYPE_CFV) {
+ error_report("TDVF type %u addr 0x%" PRIx64 " in RAM (disallowed)",
+ entry->type, entry->address);
+ exit(1);
+ }
+
+ if (entry->address < 4 * GiB) {
+ entry->mem_ptr = ram_ptr + entry->address;
+ } else {
+ if (entry->address >= 4 * GiB + x86ms->above_4g_mem_size) {
+ error_report("TDVF type %u address 0x%" PRIx64 " above high memory",
+ entry->type, entry->address);
+ exit(1);
+ }
+ entry->mem_ptr = ram_ptr + x86ms->below_4g_mem_size +
+ entry->address - 4 * GiB;
+ }
+}
+
+static void tdvf_init_bios_memory(int fd, const char *filename,
+ TdxFirmwareEntry *entry)
+{
+ static unsigned int nr_cfv;
+ static unsigned int nr_tmp;
+
+ MemoryRegion *system_memory = get_system_memory();
+ Error *err = NULL;
+ const char *name;
+
+ /* Error out if the section might overlap other structures. */
+ if (entry->address < 4 * GiB - 16 * MiB) {
+ error_report("TDVF type %u address 0x%" PRIx64 " in PCI hole",
+ entry->type, entry->address);
+ exit(1);
+ }
+
+ if (entry->type == TDVF_SECTION_TYPE_BFV) {
+ name = g_strdup("tdvf.bfv");
+ } else if (entry->type == TDVF_SECTION_TYPE_CFV) {
+ name = g_strdup_printf("tdvf.cfv%u", nr_cfv++);
+ } else if (entry->type == TDVF_SECTION_TYPE_TD_HOB) {
+ name = g_strdup("tdvf.hob");
+ } else if (entry->type == TDVF_SECTION_TYPE_TEMP_MEM) {
+ name = g_strdup_printf("tdvf.tmp%u", nr_tmp++);
+ } else {
+ error_report("TDVF type %u unknown/unsupported", entry->type);
+ exit(1);
+ }
+ entry->mr = g_malloc(sizeof(*entry->mr));
+
+ memory_region_init_ram(entry->mr, NULL, name, entry->size, &err);
+ if (err) {
+ error_report_err(err);
+ exit(1);
+ }
+
+ entry->mem_ptr = memory_region_get_ram_ptr(entry->mr);
+ if (entry->data_len) {
+ /*
+ * The memory_region api doesn't allow partial file mapping, create
+ * ram and copy the contents
+ */
+ if (lseek(fd, entry->data_offset, SEEK_SET) != entry->data_offset) {
+ error_report("can't seek to 0x%x %s", entry->data_offset, filename);
+ exit(1);
+ }
+ if (read(fd, entry->mem_ptr, entry->data_len) != entry->data_len) {
+ error_report("can't read 0x%x %s", entry->data_len, filename);
+ exit(1);
+ }
+ }
+
+ memory_region_add_subregion(system_memory, entry->address, entry->mr);
+
+ if (entry->type == TDVF_SECTION_TYPE_TEMP_MEM) {
+ e820_add_entry(entry->address, entry->size, E820_RESERVED);
+ }
+}
+
+static void tdvf_parse_section_entry(TdxFirmwareEntry *entry,
+ const TdvfSectionEntry *src,
+ uint64_t file_size)
+{
+ entry->data_offset = le32_to_cpu(src->DataOffset);
+ entry->data_len = le32_to_cpu(src->RawDataSize);
+ entry->address = le64_to_cpu(src->MemoryAddress);
+ entry->size = le64_to_cpu(src->MemoryDataSize);
+ entry->type = le32_to_cpu(src->Type);
+ entry->attributes = le32_to_cpu(src->Attributes);
+
+ /* sanity check */
+ if (entry->data_offset + entry->data_len > file_size) {
+ error_report("too large section: DataOffset 0x%x RawDataSize 0x%x",
+ entry->data_offset, entry->data_len);
+ exit(1);
+ }
+ if (entry->size < entry->data_len) {
+ error_report("broken metadata RawDataSize 0x%x MemoryDataSize 0x%lx",
+ entry->data_len, entry->size);
+ exit(1);
+ }
+ if (!QEMU_IS_ALIGNED(entry->address, TARGET_PAGE_SIZE)) {
+ error_report("MemoryAddress 0x%lx not page aligned", entry->address);
+ exit(1);
+ }
+ if (!QEMU_IS_ALIGNED(entry->size, TARGET_PAGE_SIZE)) {
+ error_report("MemoryDataSize 0x%lx not page aligned", entry->size);
+ exit(1);
+ }
+ if (entry->type == TDVF_SECTION_TYPE_TD_HOB ||
+ entry->type == TDVF_SECTION_TYPE_TEMP_MEM) {
+ if (entry->data_len > 0) {
+ error_report("%d section with RawDataSize 0x%x > 0",
+ entry->type, entry->data_len);
+ exit(1);
+ }
+ }
+}
+
+static void tdvf_parse_metadata_entries(int fd, TdxFirmware *fw,
+ TdvfMetadata *metadata)
+{
+
+ TdvfSectionEntry *sections;
+ ssize_t entries_size;
+ uint32_t len, i;
+
+ fw->nr_entries = le32_to_cpu(metadata->NumberOfSectionEntries);
+ if (fw->nr_entries < 2) {
+ error_report("Invalid number of entries (%u) in TDVF", fw->nr_entries);
+ exit(1);
+ }
+
+ len = le32_to_cpu(metadata->Length);
+ entries_size = fw->nr_entries * sizeof(TdvfSectionEntry);
+ if (len != sizeof(*metadata) + entries_size) {
+ error_report("TDVF metadata len (0x%x) mismatch, expected (0x%x)",
+ len, (uint32_t)(sizeof(*metadata) + entries_size));
+ exit(1);
+ }
+
+ fw->entries = g_new(TdxFirmwareEntry, fw->nr_entries);
+ sections = g_new(TdvfSectionEntry, fw->nr_entries);
+
+ if (read(fd, sections, entries_size) != entries_size) {
+ error_report("Failed to read TDVF section entries");
+ exit(1);
+ }
+
+ for (i = 0; i < fw->nr_entries; i++) {
+ tdvf_parse_section_entry(&fw->entries[i], §ions[i], fw->file_size);
+ }
+ g_free(sections);
+}
+
+static int tdvf_parse_metadata_header(int fd, TdvfMetadata *metadata)
+{
+ uint32_t offset;
+ int64_t size;
+
+ size = lseek(fd, 0, SEEK_END);
+ if (size < TDVF_METDATA_OFFSET_FROM_END || (uint32_t)size != size) {
+ return -1;
+ }
+
+ /* Chase the metadata pointer to get to the actual metadata. */
+ offset = size - TDVF_METDATA_OFFSET_FROM_END;
+ if (lseek(fd, offset, SEEK_SET) != offset) {
+ return -1;
+ }
+ if (read(fd, &offset, sizeof(offset)) != sizeof(offset)) {
+ return -1;
+ }
+
+ offset = le32_to_cpu(offset);
+ if (offset > size - sizeof(*metadata)) {
+ return -1;
+ }
+
+ /* Pointer to the metadata has been resolved, read the actual metadata. */
+ if (lseek(fd, offset, SEEK_SET) != offset) {
+ return -1;
+ }
+ if (read(fd, metadata, sizeof(*metadata)) != sizeof(*metadata)) {
+ return -1;
+ }
+
+ /* Finally, verify the signature to determine if this is a TDVF image. */
+ if (metadata->Signature[0] != 'T' || metadata->Signature[1] != 'D' ||
+ metadata->Signature[2] != 'V' || metadata->Signature[3] != 'F') {
+ return -1;
+ }
+
+ /* Sanity check that the TDVF doesn't overlap its own metadata. */
+ metadata->Length = le32_to_cpu(metadata->Length);
+ if (metadata->Length > size - offset) {
+ return -1;
+ }
+
+ /* Only version 1 is supported/defined. */
+ metadata->Version = le32_to_cpu(metadata->Version);
+ if (metadata->Version != 1) {
+ return -1;
+ }
+
+ return size;
+}
+
+int load_tdvf(const char *filename)
+{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ X86MachineState *x86ms = X86_MACHINE(ms);
+ TdxFirmwareEntry *entry;
+ TdvfMetadata metadata;
+ TdxGuest *tdx;
+ TdxFirmware *fw;
+ int64_t size;
+ int fd;
+
+ if (!kvm_enabled()) {
+ return -1;
+ }
+
+ tdx = (void *)object_dynamic_cast(OBJECT(ms->cgs), TYPE_TDX_GUEST);
+ if (!tdx) {
+ return -1;
+ }
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if (fd < 0) {
+ return -1;
+ }
+
+ size = tdvf_parse_metadata_header(fd, &metadata);
+ if (size < 0) {
+ close(fd);
+ return -1;
+ }
+
+ /* Error out if the user is attempting to load multiple TDVFs. */
+ fw = &tdx->fw;
+ if (fw->file_name) {
+ error_report("tdvf can only be specified once.");
+ exit(1);
+ }
+
+ fw->file_size = size;
+ fw->file_name = g_strdup(filename);
+
+ tdvf_parse_metadata_entries(fd, fw, &metadata);
+
+ for_each_fw_entry(fw, entry) {
+ if (entry->address < x86ms->below_4g_mem_size ||
+ entry->address > 4 * GiB) {
+ tdvf_init_ram_memory(ms, entry);
+ } else {
+ tdvf_init_bios_memory(fd, filename, entry);
+ }
+ }
+
+ close(fd);
+ return 0;
+}
diff --git a/include/sysemu/tdvf.h b/include/sysemu/tdvf.h
new file mode 100644
index 0000000000..0cf085e3ae
--- /dev/null
+++ b/include/sysemu/tdvf.h
@@ -0,0 +1,6 @@
+#ifndef QEMU_TDVF_H
+#define QEMU_TDVF_H
+
+int load_tdvf(const char *filename);
+
+#endif
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
index 844d24aade..2fed27b3fb 100644
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@@ -5,6 +5,30 @@
#include "qapi/error.h"
#include "exec/confidential-guest-support.h"
+typedef struct TdxFirmwareEntry {
+ uint32_t data_offset;
+ uint32_t data_len;
+ uint64_t address;
+ uint64_t size;
+ uint32_t type;
+ uint32_t attributes;
+
+ MemoryRegion *mr;
+ void *mem_ptr;
+} TdxFirmwareEntry;
+
+typedef struct TdxFirmware {
+ const char *file_name;
+ uint64_t file_size;
+
+ /* metadata */
+ uint32_t nr_entries;
+ TdxFirmwareEntry *entries;
+} TdxFirmware;
+
+#define for_each_fw_entry(fw, e) \
+ for (e = (fw)->entries; e != (fw)->entries + (fw)->nr_entries; e++)
+
#define TYPE_TDX_GUEST "tdx-guest"
#define TDX_GUEST(obj) \
OBJECT_CHECK(TdxGuest, (obj), TYPE_TDX_GUEST)
@@ -20,6 +44,8 @@ typedef struct TdxGuest {
bool initialized;
bool debug;
+
+ TdxFirmware fw;
} TdxGuest;
int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 19/23] i386/tdx: Create the TD HOB list upon machine init done
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
Build the TD HOB during machine late initialization, i.e. once guest
memory is fully defined.
Note, the attribute absolutely for MMIO HOB entries must include
UNCACHEABLE, else TDVF will effectively consider it a bad HOB entry
and ignore it.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
hw/i386/meson.build | 2 +-
hw/i386/tdvf-hob.c | 226 ++++++++++++++++++++++++++++++++++++++++++
hw/i386/tdvf-hob.h | 25 +++++
target/i386/kvm/tdx.c | 19 ++++
4 files changed, 271 insertions(+), 1 deletion(-)
create mode 100644 hw/i386/tdvf-hob.c
create mode 100644 hw/i386/tdvf-hob.h
diff --git a/hw/i386/meson.build b/hw/i386/meson.build
index 945e805525..8175c3c638 100644
--- a/hw/i386/meson.build
+++ b/hw/i386/meson.build
@@ -24,7 +24,7 @@ i386_ss.add(when: 'CONFIG_PC', if_true: files(
'pc_sysfw.c',
'acpi-build.c',
'port92.c'))
-i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c'))
+i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c', 'tdvf-hob.c'))
subdir('kvm')
subdir('xen')
diff --git a/hw/i386/tdvf-hob.c b/hw/i386/tdvf-hob.c
new file mode 100644
index 0000000000..c37fb22396
--- /dev/null
+++ b/hw/i386/tdvf-hob.c
@@ -0,0 +1,226 @@
+/*
+ * SPDX-License-Identifier: GPL-2.0-or-later
+
+ * Copyright (c) 2020 Intel Corporation
+ * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
+ * <isaku.yamahata at intel.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "e820_memory_layout.h"
+#include "hw/i386/pc.h"
+#include "hw/i386/x86.h"
+#include "hw/pci/pci_host.h"
+#include "sysemu/tdx.h"
+#include "tdvf-hob.h"
+#include "uefi.h"
+
+typedef struct TdvfHob {
+ hwaddr hob_addr;
+ void *ptr;
+ int size;
+
+ /* working area */
+ void *current;
+ void *end;
+} TdvfHob;
+
+static uint64_t tdvf_current_guest_addr(const TdvfHob *hob)
+{
+ return hob->hob_addr + (hob->current - hob->ptr);
+}
+
+static void tdvf_align(TdvfHob *hob, size_t align)
+{
+ hob->current = QEMU_ALIGN_PTR_UP(hob->current, align);
+}
+
+static void *tdvf_get_area(TdvfHob *hob, uint64_t size)
+{
+ void *ret;
+
+ if (hob->current + size > hob->end) {
+ error_report("TD_HOB overrun, size = 0x%" PRIx64, size);
+ exit(1);
+ }
+
+ ret = hob->current;
+ hob->current += size;
+ tdvf_align(hob, 8);
+ return ret;
+}
+
+static void tdvf_hob_add_mmio_resource(TdvfHob *hob, uint64_t start,
+ uint64_t end)
+{
+ EFI_HOB_RESOURCE_DESCRIPTOR *region;
+
+ if (!start) {
+ return;
+ }
+
+ region = tdvf_get_area(hob, sizeof(*region));
+ *region = (EFI_HOB_RESOURCE_DESCRIPTOR) {
+ .Header = {
+ .HobType = EFI_HOB_TYPE_RESOURCE_DESCRIPTOR,
+ .HobLength = cpu_to_le16(sizeof(*region)),
+ .Reserved = cpu_to_le32(0),
+ },
+ .Owner = EFI_HOB_OWNER_ZERO,
+ .ResourceType = cpu_to_le32(EFI_RESOURCE_MEMORY_MAPPED_IO),
+ .ResourceAttribute = cpu_to_le32(EFI_RESOURCE_ATTRIBUTE_TDVF_MMIO),
+ .PhysicalStart = cpu_to_le64(start),
+ .ResourceLength = cpu_to_le64(end - start),
+ };
+}
+
+static void tdvf_hob_add_mmio_resources(TdvfHob *hob)
+{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ X86MachineState *x86ms = X86_MACHINE(ms);
+ PCIHostState *pci_host;
+ uint64_t start, end;
+ Object *host;
+
+ /* Effectively PCI hole + other MMIO devices. */
+ tdvf_hob_add_mmio_resource(hob, x86ms->below_4g_mem_size,
+ APIC_DEFAULT_ADDRESS);
+
+ /* Stolen from acpi_get_i386_pci_host(), there's gotta be an easier way. */
+ pci_host = OBJECT_CHECK(PCIHostState,
+ object_resolve_path("/machine/i440fx", NULL),
+ TYPE_PCI_HOST_BRIDGE);
+ if (!pci_host) {
+ pci_host = OBJECT_CHECK(PCIHostState,
+ object_resolve_path("/machine/q35", NULL),
+ TYPE_PCI_HOST_BRIDGE);
+ }
+ g_assert(pci_host);
+
+ host = OBJECT(pci_host);
+
+ /* PCI hole above 4gb. */
+ start = object_property_get_uint(host, PCI_HOST_PROP_PCI_HOLE64_START,
+ NULL);
+ end = object_property_get_uint(host, PCI_HOST_PROP_PCI_HOLE64_END, NULL);
+ tdvf_hob_add_mmio_resource(hob, start, end);
+}
+
+static int tdvf_e820_compare(const void *lhs_, const void* rhs_)
+{
+ const struct e820_entry *lhs = lhs_;
+ const struct e820_entry *rhs = rhs_;
+
+ if (lhs->address == rhs->address) {
+ return 0;
+ }
+ if (le64_to_cpu(lhs->address) > le64_to_cpu(rhs->address)) {
+ return 1;
+ }
+ return -1;
+}
+
+static void tdvf_hob_add_memory_resources(TdvfHob *hob)
+{
+ EFI_HOB_RESOURCE_DESCRIPTOR *region;
+ EFI_RESOURCE_ATTRIBUTE_TYPE attr;
+ EFI_RESOURCE_TYPE resource_type;
+
+ struct e820_entry *e820_entries, *e820_entry;
+ int nr_e820_entries, i;
+
+ nr_e820_entries = e820_get_num_entries();
+ e820_entries = g_new(struct e820_entry, nr_e820_entries);
+
+ /* Copy and sort the e820 tables to add them to the HOB. */
+ memcpy(e820_entries, e820_table,
+ nr_e820_entries * sizeof(struct e820_entry));
+ qsort(e820_entries, nr_e820_entries, sizeof(struct e820_entry),
+ &tdvf_e820_compare);
+
+ for (i = 0; i < nr_e820_entries; i++) {
+ e820_entry = &e820_entries[i];
+
+ if (le32_to_cpu(e820_entry->type) == E820_RAM) {
+ resource_type = EFI_RESOURCE_SYSTEM_MEMORY;
+ attr = EFI_RESOURCE_ATTRIBUTE_TDVF_UNACCEPTED;
+ } else {
+ resource_type = EFI_RESOURCE_MEMORY_RESERVED;
+ attr = EFI_RESOURCE_ATTRIBUTE_TDVF_PRIVATE;
+ }
+
+ region = tdvf_get_area(hob, sizeof(*region));
+ *region = (EFI_HOB_RESOURCE_DESCRIPTOR) {
+ .Header = {
+ .HobType = EFI_HOB_TYPE_RESOURCE_DESCRIPTOR,
+ .HobLength = cpu_to_le16(sizeof(*region)),
+ .Reserved = cpu_to_le32(0),
+ },
+ .Owner = EFI_HOB_OWNER_ZERO,
+ .ResourceType = cpu_to_le32(resource_type),
+ .ResourceAttribute = cpu_to_le32(attr),
+ .PhysicalStart = e820_entry->address,
+ .ResourceLength = e820_entry->length,
+ };
+ }
+
+ g_free(e820_entries);
+}
+
+void tdvf_hob_create(TdxGuest *tdx, TdxFirmwareEntry *hob_entry)
+{
+ TdvfHob hob = {
+ .hob_addr = hob_entry->address,
+ .ptr = hob_entry->mem_ptr,
+ .size = hob_entry->size,
+
+ .current = hob_entry->mem_ptr,
+ .end = hob_entry->mem_ptr + hob_entry->size,
+ };
+
+ EFI_HOB_GENERIC_HEADER *last_hob;
+ EFI_HOB_HANDOFF_INFO_TABLE *hit;
+
+ /* Note, Efi{Free}Memory{Bottom,Top} are ignored, leave 'em zeroed. */
+ hit = tdvf_get_area(&hob, sizeof(*hit));
+ *hit = (EFI_HOB_HANDOFF_INFO_TABLE) {
+ .Header = {
+ .HobType = EFI_HOB_TYPE_HANDOFF,
+ .HobLength = cpu_to_le16(sizeof(*hit)),
+ .Reserved = cpu_to_le32(0),
+ },
+ .Version = cpu_to_le32(EFI_HOB_HANDOFF_TABLE_VERSION),
+ .BootMode = cpu_to_le32(0),
+ .EfiMemoryTop = cpu_to_le64(0),
+ .EfiMemoryBottom = cpu_to_le64(0),
+ .EfiFreeMemoryTop = cpu_to_le64(0),
+ .EfiFreeMemoryBottom = cpu_to_le64(0),
+ .EfiEndOfHobList = cpu_to_le64(0), /* initialized later */
+ };
+
+ tdvf_hob_add_memory_resources(&hob);
+
+ tdvf_hob_add_mmio_resources(&hob);
+
+ last_hob = tdvf_get_area(&hob, sizeof(*last_hob));
+ *last_hob = (EFI_HOB_GENERIC_HEADER) {
+ .HobType = EFI_HOB_TYPE_END_OF_HOB_LIST,
+ .HobLength = cpu_to_le16(sizeof(*last_hob)),
+ .Reserved = cpu_to_le32(0),
+ };
+ hit->EfiEndOfHobList = tdvf_current_guest_addr(&hob);
+}
diff --git a/hw/i386/tdvf-hob.h b/hw/i386/tdvf-hob.h
new file mode 100644
index 0000000000..9967dbfe5a
--- /dev/null
+++ b/hw/i386/tdvf-hob.h
@@ -0,0 +1,25 @@
+#ifndef HW_I386_TD_HOB_H
+#define HW_I386_TD_HOB_H
+
+#include "hw/i386/tdvf.h"
+#include "target/i386/kvm/tdx.h"
+
+void tdvf_hob_create(TdxGuest *tdx, TdxFirmwareEntry *hob_entry);
+
+#define EFI_RESOURCE_ATTRIBUTE_TDVF_PRIVATE \
+ (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
+ EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
+ EFI_RESOURCE_ATTRIBUTE_ENCRYPTED | \
+ EFI_RESOURCE_ATTRIBUTE_TESTED)
+
+#define EFI_RESOURCE_ATTRIBUTE_TDVF_UNACCEPTED \
+ (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
+ EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
+ EFI_RESOURCE_ATTRIBUTE_UNACCEPTED)
+
+#define EFI_RESOURCE_ATTRIBUTE_TDVF_MMIO \
+ (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
+ EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
+ EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE)
+
+#endif
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index e8cd2a7672..8e4bf98735 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -19,6 +19,7 @@
#include "cpu.h"
#include "kvm_i386.h"
#include "hw/boards.h"
+#include "hw/i386/tdvf-hob.h"
#include "qapi/error.h"
#include "qom/object_interfaces.h"
#include "standard-headers/asm-x86/kvm_para.h"
@@ -65,8 +66,26 @@ static void __tdx_ioctl(void *state, int ioctl_no, const char *ioctl_name,
#define tdx_ioctl(ioctl_no, metadata, data) \
_tdx_ioctl(kvm_state, ioctl_no, metadata, data)
+static TdxFirmwareEntry *tdx_get_hob_entry(TdxGuest *tdx)
+{
+ TdxFirmwareEntry *entry;
+
+ for_each_fw_entry(&tdx->fw, entry) {
+ if (entry->type == TDVF_SECTION_TYPE_TD_HOB) {
+ return entry;
+ }
+ }
+ error_report("TDVF metadata doesn't specify TD_HOB location.");
+ exit(1);
+}
+
static void tdx_finalize_vm(Notifier *notifier, void *unused)
{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ TdxGuest *tdx = TDX_GUEST(ms->cgs);
+
+ tdvf_hob_create(tdx, tdx_get_hob_entry(tdx));
+
tdx_ioctl(KVM_TDX_FINALIZE_VM, 0, NULL);
}
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 19/23] i386/tdx: Create the TD HOB list upon machine init done
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
Build the TD HOB during machine late initialization, i.e. once guest
memory is fully defined.
Note, the attribute absolutely for MMIO HOB entries must include
UNCACHEABLE, else TDVF will effectively consider it a bad HOB entry
and ignore it.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
hw/i386/meson.build | 2 +-
hw/i386/tdvf-hob.c | 226 ++++++++++++++++++++++++++++++++++++++++++
hw/i386/tdvf-hob.h | 25 +++++
target/i386/kvm/tdx.c | 19 ++++
4 files changed, 271 insertions(+), 1 deletion(-)
create mode 100644 hw/i386/tdvf-hob.c
create mode 100644 hw/i386/tdvf-hob.h
diff --git a/hw/i386/meson.build b/hw/i386/meson.build
index 945e805525..8175c3c638 100644
--- a/hw/i386/meson.build
+++ b/hw/i386/meson.build
@@ -24,7 +24,7 @@ i386_ss.add(when: 'CONFIG_PC', if_true: files(
'pc_sysfw.c',
'acpi-build.c',
'port92.c'))
-i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c'))
+i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c', 'tdvf-hob.c'))
subdir('kvm')
subdir('xen')
diff --git a/hw/i386/tdvf-hob.c b/hw/i386/tdvf-hob.c
new file mode 100644
index 0000000000..c37fb22396
--- /dev/null
+++ b/hw/i386/tdvf-hob.c
@@ -0,0 +1,226 @@
+/*
+ * SPDX-License-Identifier: GPL-2.0-or-later
+
+ * Copyright (c) 2020 Intel Corporation
+ * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
+ * <isaku.yamahata at intel.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "e820_memory_layout.h"
+#include "hw/i386/pc.h"
+#include "hw/i386/x86.h"
+#include "hw/pci/pci_host.h"
+#include "sysemu/tdx.h"
+#include "tdvf-hob.h"
+#include "uefi.h"
+
+typedef struct TdvfHob {
+ hwaddr hob_addr;
+ void *ptr;
+ int size;
+
+ /* working area */
+ void *current;
+ void *end;
+} TdvfHob;
+
+static uint64_t tdvf_current_guest_addr(const TdvfHob *hob)
+{
+ return hob->hob_addr + (hob->current - hob->ptr);
+}
+
+static void tdvf_align(TdvfHob *hob, size_t align)
+{
+ hob->current = QEMU_ALIGN_PTR_UP(hob->current, align);
+}
+
+static void *tdvf_get_area(TdvfHob *hob, uint64_t size)
+{
+ void *ret;
+
+ if (hob->current + size > hob->end) {
+ error_report("TD_HOB overrun, size = 0x%" PRIx64, size);
+ exit(1);
+ }
+
+ ret = hob->current;
+ hob->current += size;
+ tdvf_align(hob, 8);
+ return ret;
+}
+
+static void tdvf_hob_add_mmio_resource(TdvfHob *hob, uint64_t start,
+ uint64_t end)
+{
+ EFI_HOB_RESOURCE_DESCRIPTOR *region;
+
+ if (!start) {
+ return;
+ }
+
+ region = tdvf_get_area(hob, sizeof(*region));
+ *region = (EFI_HOB_RESOURCE_DESCRIPTOR) {
+ .Header = {
+ .HobType = EFI_HOB_TYPE_RESOURCE_DESCRIPTOR,
+ .HobLength = cpu_to_le16(sizeof(*region)),
+ .Reserved = cpu_to_le32(0),
+ },
+ .Owner = EFI_HOB_OWNER_ZERO,
+ .ResourceType = cpu_to_le32(EFI_RESOURCE_MEMORY_MAPPED_IO),
+ .ResourceAttribute = cpu_to_le32(EFI_RESOURCE_ATTRIBUTE_TDVF_MMIO),
+ .PhysicalStart = cpu_to_le64(start),
+ .ResourceLength = cpu_to_le64(end - start),
+ };
+}
+
+static void tdvf_hob_add_mmio_resources(TdvfHob *hob)
+{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ X86MachineState *x86ms = X86_MACHINE(ms);
+ PCIHostState *pci_host;
+ uint64_t start, end;
+ Object *host;
+
+ /* Effectively PCI hole + other MMIO devices. */
+ tdvf_hob_add_mmio_resource(hob, x86ms->below_4g_mem_size,
+ APIC_DEFAULT_ADDRESS);
+
+ /* Stolen from acpi_get_i386_pci_host(), there's gotta be an easier way. */
+ pci_host = OBJECT_CHECK(PCIHostState,
+ object_resolve_path("/machine/i440fx", NULL),
+ TYPE_PCI_HOST_BRIDGE);
+ if (!pci_host) {
+ pci_host = OBJECT_CHECK(PCIHostState,
+ object_resolve_path("/machine/q35", NULL),
+ TYPE_PCI_HOST_BRIDGE);
+ }
+ g_assert(pci_host);
+
+ host = OBJECT(pci_host);
+
+ /* PCI hole above 4gb. */
+ start = object_property_get_uint(host, PCI_HOST_PROP_PCI_HOLE64_START,
+ NULL);
+ end = object_property_get_uint(host, PCI_HOST_PROP_PCI_HOLE64_END, NULL);
+ tdvf_hob_add_mmio_resource(hob, start, end);
+}
+
+static int tdvf_e820_compare(const void *lhs_, const void* rhs_)
+{
+ const struct e820_entry *lhs = lhs_;
+ const struct e820_entry *rhs = rhs_;
+
+ if (lhs->address == rhs->address) {
+ return 0;
+ }
+ if (le64_to_cpu(lhs->address) > le64_to_cpu(rhs->address)) {
+ return 1;
+ }
+ return -1;
+}
+
+static void tdvf_hob_add_memory_resources(TdvfHob *hob)
+{
+ EFI_HOB_RESOURCE_DESCRIPTOR *region;
+ EFI_RESOURCE_ATTRIBUTE_TYPE attr;
+ EFI_RESOURCE_TYPE resource_type;
+
+ struct e820_entry *e820_entries, *e820_entry;
+ int nr_e820_entries, i;
+
+ nr_e820_entries = e820_get_num_entries();
+ e820_entries = g_new(struct e820_entry, nr_e820_entries);
+
+ /* Copy and sort the e820 tables to add them to the HOB. */
+ memcpy(e820_entries, e820_table,
+ nr_e820_entries * sizeof(struct e820_entry));
+ qsort(e820_entries, nr_e820_entries, sizeof(struct e820_entry),
+ &tdvf_e820_compare);
+
+ for (i = 0; i < nr_e820_entries; i++) {
+ e820_entry = &e820_entries[i];
+
+ if (le32_to_cpu(e820_entry->type) == E820_RAM) {
+ resource_type = EFI_RESOURCE_SYSTEM_MEMORY;
+ attr = EFI_RESOURCE_ATTRIBUTE_TDVF_UNACCEPTED;
+ } else {
+ resource_type = EFI_RESOURCE_MEMORY_RESERVED;
+ attr = EFI_RESOURCE_ATTRIBUTE_TDVF_PRIVATE;
+ }
+
+ region = tdvf_get_area(hob, sizeof(*region));
+ *region = (EFI_HOB_RESOURCE_DESCRIPTOR) {
+ .Header = {
+ .HobType = EFI_HOB_TYPE_RESOURCE_DESCRIPTOR,
+ .HobLength = cpu_to_le16(sizeof(*region)),
+ .Reserved = cpu_to_le32(0),
+ },
+ .Owner = EFI_HOB_OWNER_ZERO,
+ .ResourceType = cpu_to_le32(resource_type),
+ .ResourceAttribute = cpu_to_le32(attr),
+ .PhysicalStart = e820_entry->address,
+ .ResourceLength = e820_entry->length,
+ };
+ }
+
+ g_free(e820_entries);
+}
+
+void tdvf_hob_create(TdxGuest *tdx, TdxFirmwareEntry *hob_entry)
+{
+ TdvfHob hob = {
+ .hob_addr = hob_entry->address,
+ .ptr = hob_entry->mem_ptr,
+ .size = hob_entry->size,
+
+ .current = hob_entry->mem_ptr,
+ .end = hob_entry->mem_ptr + hob_entry->size,
+ };
+
+ EFI_HOB_GENERIC_HEADER *last_hob;
+ EFI_HOB_HANDOFF_INFO_TABLE *hit;
+
+ /* Note, Efi{Free}Memory{Bottom,Top} are ignored, leave 'em zeroed. */
+ hit = tdvf_get_area(&hob, sizeof(*hit));
+ *hit = (EFI_HOB_HANDOFF_INFO_TABLE) {
+ .Header = {
+ .HobType = EFI_HOB_TYPE_HANDOFF,
+ .HobLength = cpu_to_le16(sizeof(*hit)),
+ .Reserved = cpu_to_le32(0),
+ },
+ .Version = cpu_to_le32(EFI_HOB_HANDOFF_TABLE_VERSION),
+ .BootMode = cpu_to_le32(0),
+ .EfiMemoryTop = cpu_to_le64(0),
+ .EfiMemoryBottom = cpu_to_le64(0),
+ .EfiFreeMemoryTop = cpu_to_le64(0),
+ .EfiFreeMemoryBottom = cpu_to_le64(0),
+ .EfiEndOfHobList = cpu_to_le64(0), /* initialized later */
+ };
+
+ tdvf_hob_add_memory_resources(&hob);
+
+ tdvf_hob_add_mmio_resources(&hob);
+
+ last_hob = tdvf_get_area(&hob, sizeof(*last_hob));
+ *last_hob = (EFI_HOB_GENERIC_HEADER) {
+ .HobType = EFI_HOB_TYPE_END_OF_HOB_LIST,
+ .HobLength = cpu_to_le16(sizeof(*last_hob)),
+ .Reserved = cpu_to_le32(0),
+ };
+ hit->EfiEndOfHobList = tdvf_current_guest_addr(&hob);
+}
diff --git a/hw/i386/tdvf-hob.h b/hw/i386/tdvf-hob.h
new file mode 100644
index 0000000000..9967dbfe5a
--- /dev/null
+++ b/hw/i386/tdvf-hob.h
@@ -0,0 +1,25 @@
+#ifndef HW_I386_TD_HOB_H
+#define HW_I386_TD_HOB_H
+
+#include "hw/i386/tdvf.h"
+#include "target/i386/kvm/tdx.h"
+
+void tdvf_hob_create(TdxGuest *tdx, TdxFirmwareEntry *hob_entry);
+
+#define EFI_RESOURCE_ATTRIBUTE_TDVF_PRIVATE \
+ (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
+ EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
+ EFI_RESOURCE_ATTRIBUTE_ENCRYPTED | \
+ EFI_RESOURCE_ATTRIBUTE_TESTED)
+
+#define EFI_RESOURCE_ATTRIBUTE_TDVF_UNACCEPTED \
+ (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
+ EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
+ EFI_RESOURCE_ATTRIBUTE_UNACCEPTED)
+
+#define EFI_RESOURCE_ATTRIBUTE_TDVF_MMIO \
+ (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
+ EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
+ EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE)
+
+#endif
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index e8cd2a7672..8e4bf98735 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -19,6 +19,7 @@
#include "cpu.h"
#include "kvm_i386.h"
#include "hw/boards.h"
+#include "hw/i386/tdvf-hob.h"
#include "qapi/error.h"
#include "qom/object_interfaces.h"
#include "standard-headers/asm-x86/kvm_para.h"
@@ -65,8 +66,26 @@ static void __tdx_ioctl(void *state, int ioctl_no, const char *ioctl_name,
#define tdx_ioctl(ioctl_no, metadata, data) \
_tdx_ioctl(kvm_state, ioctl_no, metadata, data)
+static TdxFirmwareEntry *tdx_get_hob_entry(TdxGuest *tdx)
+{
+ TdxFirmwareEntry *entry;
+
+ for_each_fw_entry(&tdx->fw, entry) {
+ if (entry->type == TDVF_SECTION_TYPE_TD_HOB) {
+ return entry;
+ }
+ }
+ error_report("TDVF metadata doesn't specify TD_HOB location.");
+ exit(1);
+}
+
static void tdx_finalize_vm(Notifier *notifier, void *unused)
{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ TdxGuest *tdx = TDX_GUEST(ms->cgs);
+
+ tdvf_hob_create(tdx, tdx_get_hob_entry(tdx));
+
tdx_ioctl(KVM_TDX_FINALIZE_VM, 0, NULL);
}
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 20/23] i386/tdx: Add TDVF memory via INIT_MEM_REGION
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
Add, and optionally measure, TDVF memory via KVM_TDX_INIT_MEM_REGION as
part of finalizing the TD.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
target/i386/kvm/tdx.c | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 8e4bf98735..49b4355849 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -83,10 +83,26 @@ static void tdx_finalize_vm(Notifier *notifier, void *unused)
{
MachineState *ms = MACHINE(qdev_get_machine());
TdxGuest *tdx = TDX_GUEST(ms->cgs);
+ TdxFirmwareEntry *entry;
tdvf_hob_create(tdx, tdx_get_hob_entry(tdx));
+ for_each_fw_entry(&tdx->fw, entry) {
+ struct kvm_tdx_init_mem_region mem_region = {
+ .source_addr = (__u64)entry->mem_ptr,
+ .gpa = entry->address,
+ .nr_pages = entry->size / 4096,
+ };
+
+ __u32 metadata = entry->attributes & TDVF_SECTION_ATTRIBUTES_EXTENDMR ?
+ KVM_TDX_MEASURE_MEMORY_REGION : 0;
+
+ tdx_ioctl(KVM_TDX_INIT_MEM_REGION, metadata, &mem_region);
+ }
+
tdx_ioctl(KVM_TDX_FINALIZE_VM, 0, NULL);
+
+ tdx->parent_obj.ready = true;
}
static Notifier tdx_machine_done_late_notify = {
@@ -288,9 +304,6 @@ static void tdx_guest_init(Object *obj)
tdx->debug = false;
object_property_add_bool(obj, "debug", tdx_guest_get_debug,
tdx_guest_set_debug);
-
- /* TODO: move this after fully TD initialized */
- tdx->parent_obj.ready = true;
}
static void tdx_guest_finalize(Object *obj)
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 20/23] i386/tdx: Add TDVF memory via INIT_MEM_REGION
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
Add, and optionally measure, TDVF memory via KVM_TDX_INIT_MEM_REGION as
part of finalizing the TD.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
target/i386/kvm/tdx.c | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 8e4bf98735..49b4355849 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -83,10 +83,26 @@ static void tdx_finalize_vm(Notifier *notifier, void *unused)
{
MachineState *ms = MACHINE(qdev_get_machine());
TdxGuest *tdx = TDX_GUEST(ms->cgs);
+ TdxFirmwareEntry *entry;
tdvf_hob_create(tdx, tdx_get_hob_entry(tdx));
+ for_each_fw_entry(&tdx->fw, entry) {
+ struct kvm_tdx_init_mem_region mem_region = {
+ .source_addr = (__u64)entry->mem_ptr,
+ .gpa = entry->address,
+ .nr_pages = entry->size / 4096,
+ };
+
+ __u32 metadata = entry->attributes & TDVF_SECTION_ATTRIBUTES_EXTENDMR ?
+ KVM_TDX_MEASURE_MEMORY_REGION : 0;
+
+ tdx_ioctl(KVM_TDX_INIT_MEM_REGION, metadata, &mem_region);
+ }
+
tdx_ioctl(KVM_TDX_FINALIZE_VM, 0, NULL);
+
+ tdx->parent_obj.ready = true;
}
static Notifier tdx_machine_done_late_notify = {
@@ -288,9 +304,6 @@ static void tdx_guest_init(Object *obj)
tdx->debug = false;
object_property_add_bool(obj, "debug", tdx_guest_get_debug,
tdx_guest_set_debug);
-
- /* TODO: move this after fully TD initialized */
- tdx->parent_obj.ready = true;
}
static void tdx_guest_finalize(Object *obj)
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 21/23] i386/tdx: Use KVM_TDX_INIT_VCPU to pass HOB to TDVF
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata
Specify the initial value for RCX/R8 to be the address of the HOB.
Don't propagate the value to Qemu's cache of the registers so as to
avoid implying that the register state is valid, e.g. Qemu doesn't model
TDX-SEAM behavior for initializing other GPRs.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
target/i386/kvm/tdx.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 49b4355849..007d33989b 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -268,10 +268,17 @@ out:
void tdx_post_init_vcpu(CPUState *cpu)
{
- CPUX86State *env = &X86_CPU(cpu)->env;
+ MachineState *ms = MACHINE(qdev_get_machine());
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs),
+ TYPE_TDX_GUEST);
+ TdxFirmwareEntry *hob;
+
+ if (!tdx) {
+ return;
+ }
- _tdx_ioctl(cpu, KVM_TDX_INIT_VCPU, 0,
- (void *)(unsigned long)env->regs[R_ECX]);
+ hob = tdx_get_hob_entry(tdx);
+ _tdx_ioctl(cpu, KVM_TDX_INIT_VCPU, 0, (void *)hob->address);
}
static bool tdx_guest_get_debug(Object *obj, Error **errp)
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 21/23] i386/tdx: Use KVM_TDX_INIT_VCPU to pass HOB to TDVF
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, isaku.yamahata, kvm
Specify the initial value for RCX/R8 to be the address of the HOB.
Don't propagate the value to Qemu's cache of the registers so as to
avoid implying that the register state is valid, e.g. Qemu doesn't model
TDX-SEAM behavior for initializing other GPRs.
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
target/i386/kvm/tdx.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 49b4355849..007d33989b 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -268,10 +268,17 @@ out:
void tdx_post_init_vcpu(CPUState *cpu)
{
- CPUX86State *env = &X86_CPU(cpu)->env;
+ MachineState *ms = MACHINE(qdev_get_machine());
+ TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs),
+ TYPE_TDX_GUEST);
+ TdxFirmwareEntry *hob;
+
+ if (!tdx) {
+ return;
+ }
- _tdx_ioctl(cpu, KVM_TDX_INIT_VCPU, 0,
- (void *)(unsigned long)env->regs[R_ECX]);
+ hob = tdx_get_hob_entry(tdx);
+ _tdx_ioctl(cpu, KVM_TDX_INIT_VCPU, 0, (void *)hob->address);
}
static bool tdx_guest_get_debug(Object *obj, Error **errp)
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 22/23] i386/tdx: Force x2apic mode and routing for TDs
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
From: Sean Christopherson <sean.j.christopherson@intel.com>
TDX requires x2apic and "resets" vCPUs to have x2apic enabled. Model
this in QEMU and unconditionally enable x2apic interrupt routing.
This fixes issues where interrupts from IRQFD would not get forwarded to
the guest due to KVM silently dropping the invalid routing entry.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
hw/intc/apic_common.c | 12 ++++++++++++
include/hw/i386/apic.h | 1 +
include/hw/i386/apic_internal.h | 1 +
target/i386/kvm/tdx.c | 7 +++++++
4 files changed, 21 insertions(+)
diff --git a/hw/intc/apic_common.c b/hw/intc/apic_common.c
index 97dd96dffa..6a69027377 100644
--- a/hw/intc/apic_common.c
+++ b/hw/intc/apic_common.c
@@ -263,6 +263,15 @@ void apic_designate_bsp(DeviceState *dev, bool bsp)
}
}
+void apic_force_x2apic(DeviceState *dev)
+{
+ if (dev == NULL) {
+ return;
+ }
+
+ APIC_COMMON(dev)->force_x2apic = true;
+}
+
static void apic_reset_common(DeviceState *dev)
{
APICCommonState *s = APIC_COMMON(dev);
@@ -271,6 +280,9 @@ static void apic_reset_common(DeviceState *dev)
bsp = s->apicbase & MSR_IA32_APICBASE_BSP;
s->apicbase = APIC_DEFAULT_ADDRESS | bsp | MSR_IA32_APICBASE_ENABLE;
+ if (s->force_x2apic) {
+ s->apicbase |= MSR_IA32_APICBASE_EXTD;
+ }
s->id = s->initial_apic_id;
apic_reset_irq_delivered();
diff --git a/include/hw/i386/apic.h b/include/hw/i386/apic.h
index da1d2fe155..7d05abd7e0 100644
--- a/include/hw/i386/apic.h
+++ b/include/hw/i386/apic.h
@@ -19,6 +19,7 @@ void apic_init_reset(DeviceState *s);
void apic_sipi(DeviceState *s);
void apic_poll_irq(DeviceState *d);
void apic_designate_bsp(DeviceState *d, bool bsp);
+void apic_force_x2apic(DeviceState *d);
int apic_get_highest_priority_irr(DeviceState *dev);
/* pc.c */
diff --git a/include/hw/i386/apic_internal.h b/include/hw/i386/apic_internal.h
index c175e7e718..eda0b5a587 100644
--- a/include/hw/i386/apic_internal.h
+++ b/include/hw/i386/apic_internal.h
@@ -187,6 +187,7 @@ struct APICCommonState {
DeviceState *vapic;
hwaddr vapic_paddr; /* note: persistence via kvmvapic */
bool legacy_instance_id;
+ bool force_x2apic;
};
typedef struct VAPICState {
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 007d33989b..b4bd157fe1 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -137,6 +137,11 @@ int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
tdx_caps->nr_cpuid_configs = TDX1_MAX_NR_CPUID_CONFIGS;
tdx_ioctl(KVM_TDX_CAPABILITIES, 0, tdx_caps);
+ if (!kvm_enable_x2apic()) {
+ error_report("Failed to enable x2apic in KVM");
+ exit(1);
+ }
+
qemu_add_machine_init_done_late_notifier(&tdx_machine_done_late_notify);
return 0;
}
@@ -279,6 +284,8 @@ void tdx_post_init_vcpu(CPUState *cpu)
hob = tdx_get_hob_entry(tdx);
_tdx_ioctl(cpu, KVM_TDX_INIT_VCPU, 0, (void *)hob->address);
+
+ apic_force_x2apic(X86_CPU(cpu)->apic_state);
}
static bool tdx_guest_get_debug(Object *obj, Error **errp)
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 22/23] i386/tdx: Force x2apic mode and routing for TDs
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
From: Sean Christopherson <sean.j.christopherson@intel.com>
TDX requires x2apic and "resets" vCPUs to have x2apic enabled. Model
this in QEMU and unconditionally enable x2apic interrupt routing.
This fixes issues where interrupts from IRQFD would not get forwarded to
the guest due to KVM silently dropping the invalid routing entry.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
hw/intc/apic_common.c | 12 ++++++++++++
include/hw/i386/apic.h | 1 +
include/hw/i386/apic_internal.h | 1 +
target/i386/kvm/tdx.c | 7 +++++++
4 files changed, 21 insertions(+)
diff --git a/hw/intc/apic_common.c b/hw/intc/apic_common.c
index 97dd96dffa..6a69027377 100644
--- a/hw/intc/apic_common.c
+++ b/hw/intc/apic_common.c
@@ -263,6 +263,15 @@ void apic_designate_bsp(DeviceState *dev, bool bsp)
}
}
+void apic_force_x2apic(DeviceState *dev)
+{
+ if (dev == NULL) {
+ return;
+ }
+
+ APIC_COMMON(dev)->force_x2apic = true;
+}
+
static void apic_reset_common(DeviceState *dev)
{
APICCommonState *s = APIC_COMMON(dev);
@@ -271,6 +280,9 @@ static void apic_reset_common(DeviceState *dev)
bsp = s->apicbase & MSR_IA32_APICBASE_BSP;
s->apicbase = APIC_DEFAULT_ADDRESS | bsp | MSR_IA32_APICBASE_ENABLE;
+ if (s->force_x2apic) {
+ s->apicbase |= MSR_IA32_APICBASE_EXTD;
+ }
s->id = s->initial_apic_id;
apic_reset_irq_delivered();
diff --git a/include/hw/i386/apic.h b/include/hw/i386/apic.h
index da1d2fe155..7d05abd7e0 100644
--- a/include/hw/i386/apic.h
+++ b/include/hw/i386/apic.h
@@ -19,6 +19,7 @@ void apic_init_reset(DeviceState *s);
void apic_sipi(DeviceState *s);
void apic_poll_irq(DeviceState *d);
void apic_designate_bsp(DeviceState *d, bool bsp);
+void apic_force_x2apic(DeviceState *d);
int apic_get_highest_priority_irr(DeviceState *dev);
/* pc.c */
diff --git a/include/hw/i386/apic_internal.h b/include/hw/i386/apic_internal.h
index c175e7e718..eda0b5a587 100644
--- a/include/hw/i386/apic_internal.h
+++ b/include/hw/i386/apic_internal.h
@@ -187,6 +187,7 @@ struct APICCommonState {
DeviceState *vapic;
hwaddr vapic_paddr; /* note: persistence via kvmvapic */
bool legacy_instance_id;
+ bool force_x2apic;
};
typedef struct VAPICState {
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 007d33989b..b4bd157fe1 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -137,6 +137,11 @@ int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
tdx_caps->nr_cpuid_configs = TDX1_MAX_NR_CPUID_CONFIGS;
tdx_ioctl(KVM_TDX_CAPABILITIES, 0, tdx_caps);
+ if (!kvm_enable_x2apic()) {
+ error_report("Failed to enable x2apic in KVM");
+ exit(1);
+ }
+
qemu_add_machine_init_done_late_notifier(&tdx_machine_done_late_notify);
return 0;
}
@@ -279,6 +284,8 @@ void tdx_post_init_vcpu(CPUState *cpu)
hob = tdx_get_hob_entry(tdx);
_tdx_ioctl(cpu, KVM_TDX_INIT_VCPU, 0, (void *)hob->address);
+
+ apic_force_x2apic(X86_CPU(cpu)->apic_state);
}
static bool tdx_guest_get_debug(Object *obj, Error **errp)
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 23/23] target/i386: Add machine option to disable PIC/8259
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 2:13 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata, isaku.yamahata, Sean Christopherson
From: Sean Christopherson <sean.j.christopherson@intel.com>
Add a machine option to disable the legacy PIC (8259), which cannot be
supported for TDX guests as TDX-SEAM doesn't allow directly interrupt
injection. Using posted interrupts for the PIC is not a viable option
as the guest BIOS/kernel will not do EOI for PIC IRQs, i.e. will leave
the vIRR bit set.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
hw/i386/pc.c | 18 ++++++++++++++++++
hw/i386/pc_piix.c | 4 +++-
hw/i386/pc_q35.c | 4 +++-
include/hw/i386/pc.h | 2 ++
4 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 8aa85dec54..12d44659bf 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1532,6 +1532,20 @@ static void pc_machine_set_hpet(Object *obj, bool value, Error **errp)
pcms->hpet_enabled = value;
}
+static bool pc_machine_get_pic(Object *obj, Error **errp)
+{
+ PCMachineState *pcms = PC_MACHINE(obj);
+
+ return pcms->pic_enabled;
+}
+
+static void pc_machine_set_pic(Object *obj, bool value, Error **errp)
+{
+ PCMachineState *pcms = PC_MACHINE(obj);
+
+ pcms->pic_enabled = value;
+}
+
static void pc_machine_get_max_ram_below_4g(Object *obj, Visitor *v,
const char *name, void *opaque,
Error **errp)
@@ -1672,6 +1686,7 @@ static void pc_machine_initfn(Object *obj)
pcms->smbus_enabled = true;
pcms->sata_enabled = true;
pcms->pit_enabled = true;
+ pcms->pic_enabled = true;
pcms->max_fw_size = 8 * MiB;
#ifdef CONFIG_HPET
pcms->hpet_enabled = true;
@@ -1797,6 +1812,9 @@ static void pc_machine_class_init(ObjectClass *oc, void *data)
object_class_property_add_bool(oc, PC_MACHINE_PIT,
pc_machine_get_pit, pc_machine_set_pit);
+ object_class_property_add_bool(oc, PC_MACHINE_PIC,
+ pc_machine_get_pic, pc_machine_set_pic);
+
object_class_property_add_bool(oc, "hpet",
pc_machine_get_hpet, pc_machine_set_hpet);
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 2904b40163..4b59d40c3c 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -220,7 +220,9 @@ static void pc_init1(MachineState *machine,
}
isa_bus_irqs(isa_bus, x86ms->gsi);
- pc_i8259_create(isa_bus, gsi_state->i8259_irq);
+ if (pcms->pic_enabled) {
+ pc_i8259_create(isa_bus, gsi_state->i8259_irq);
+ }
if (pcmc->pci_enabled) {
ioapic_init_gsi(gsi_state, "i440fx");
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 0a212443aa..c68799efbb 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -250,7 +250,9 @@ static void pc_q35_init(MachineState *machine)
pci_bus_set_route_irq_fn(host_bus, ich9_route_intx_pin_to_irq);
isa_bus = ich9_lpc->isa_bus;
- pc_i8259_create(isa_bus, gsi_state->i8259_irq);
+ if (pcms->pic_enabled) {
+ pc_i8259_create(isa_bus, gsi_state->i8259_irq);
+ }
if (pcmc->pci_enabled) {
ioapic_init_gsi(gsi_state, "q35");
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 5f93540a43..6368f7bf77 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -44,6 +44,7 @@ typedef struct PCMachineState {
bool sata_enabled;
bool pit_enabled;
bool hpet_enabled;
+ bool pic_enabled;
uint64_t max_fw_size;
char *oem_id;
char *oem_table_id;
@@ -63,6 +64,7 @@ typedef struct PCMachineState {
#define PC_MACHINE_SMBUS "smbus"
#define PC_MACHINE_SATA "sata"
#define PC_MACHINE_PIT "pit"
+#define PC_MACHINE_PIC "pic"
#define PC_MACHINE_MAX_FW_SIZE "max-fw-size"
#define PC_MACHINE_OEM_ID "oem-id"
#define PC_MACHINE_OEM_TABLE_ID "oem-table-id"
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* [RFC PATCH 23/23] target/i386: Add machine option to disable PIC/8259
@ 2021-02-16 2:13 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-16 2:13 UTC (permalink / raw)
To: qemu-devel, pbonzini, alistair, ehabkost, marcel.apfelbaum, mst,
cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, isaku.yamahata, kvm
From: Sean Christopherson <sean.j.christopherson@intel.com>
Add a machine option to disable the legacy PIC (8259), which cannot be
supported for TDX guests as TDX-SEAM doesn't allow directly interrupt
injection. Using posted interrupts for the PIC is not a viable option
as the guest BIOS/kernel will not do EOI for PIC IRQs, i.e. will leave
the vIRR bit set.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
hw/i386/pc.c | 18 ++++++++++++++++++
hw/i386/pc_piix.c | 4 +++-
hw/i386/pc_q35.c | 4 +++-
include/hw/i386/pc.h | 2 ++
4 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 8aa85dec54..12d44659bf 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1532,6 +1532,20 @@ static void pc_machine_set_hpet(Object *obj, bool value, Error **errp)
pcms->hpet_enabled = value;
}
+static bool pc_machine_get_pic(Object *obj, Error **errp)
+{
+ PCMachineState *pcms = PC_MACHINE(obj);
+
+ return pcms->pic_enabled;
+}
+
+static void pc_machine_set_pic(Object *obj, bool value, Error **errp)
+{
+ PCMachineState *pcms = PC_MACHINE(obj);
+
+ pcms->pic_enabled = value;
+}
+
static void pc_machine_get_max_ram_below_4g(Object *obj, Visitor *v,
const char *name, void *opaque,
Error **errp)
@@ -1672,6 +1686,7 @@ static void pc_machine_initfn(Object *obj)
pcms->smbus_enabled = true;
pcms->sata_enabled = true;
pcms->pit_enabled = true;
+ pcms->pic_enabled = true;
pcms->max_fw_size = 8 * MiB;
#ifdef CONFIG_HPET
pcms->hpet_enabled = true;
@@ -1797,6 +1812,9 @@ static void pc_machine_class_init(ObjectClass *oc, void *data)
object_class_property_add_bool(oc, PC_MACHINE_PIT,
pc_machine_get_pit, pc_machine_set_pit);
+ object_class_property_add_bool(oc, PC_MACHINE_PIC,
+ pc_machine_get_pic, pc_machine_set_pic);
+
object_class_property_add_bool(oc, "hpet",
pc_machine_get_hpet, pc_machine_set_hpet);
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 2904b40163..4b59d40c3c 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -220,7 +220,9 @@ static void pc_init1(MachineState *machine,
}
isa_bus_irqs(isa_bus, x86ms->gsi);
- pc_i8259_create(isa_bus, gsi_state->i8259_irq);
+ if (pcms->pic_enabled) {
+ pc_i8259_create(isa_bus, gsi_state->i8259_irq);
+ }
if (pcmc->pci_enabled) {
ioapic_init_gsi(gsi_state, "i440fx");
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 0a212443aa..c68799efbb 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -250,7 +250,9 @@ static void pc_q35_init(MachineState *machine)
pci_bus_set_route_irq_fn(host_bus, ich9_route_intx_pin_to_irq);
isa_bus = ich9_lpc->isa_bus;
- pc_i8259_create(isa_bus, gsi_state->i8259_irq);
+ if (pcms->pic_enabled) {
+ pc_i8259_create(isa_bus, gsi_state->i8259_irq);
+ }
if (pcmc->pci_enabled) {
ioapic_init_gsi(gsi_state, "q35");
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 5f93540a43..6368f7bf77 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -44,6 +44,7 @@ typedef struct PCMachineState {
bool sata_enabled;
bool pit_enabled;
bool hpet_enabled;
+ bool pic_enabled;
uint64_t max_fw_size;
char *oem_id;
char *oem_table_id;
@@ -63,6 +64,7 @@ typedef struct PCMachineState {
#define PC_MACHINE_SMBUS "smbus"
#define PC_MACHINE_SATA "sata"
#define PC_MACHINE_PIT "pit"
+#define PC_MACHINE_PIC "pic"
#define PC_MACHINE_MAX_FW_SIZE "max-fw-size"
#define PC_MACHINE_OEM_ID "oem-id"
#define PC_MACHINE_OEM_TABLE_ID "oem-table-id"
--
2.17.1
^ permalink raw reply related [flat|nested] 54+ messages in thread
* Re: [RFC PATCH 01/23] target/i386: Expose x86_cpu_get_supported_feature_word() for TDX
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 7:53 ` Philippe Mathieu-Daudé
-1 siblings, 0 replies; 54+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-02-16 7:53 UTC (permalink / raw)
To: Isaku Yamahata, qemu-devel, pbonzini, alistair, ehabkost,
marcel.apfelbaum, mst, cohuck, mtosatti, xiaoyao.li, seanjc
Cc: Sean Christopherson, isaku.yamahata, kvm
On 2/16/21 3:12 AM, Isaku Yamahata wrote:
> From: Sean Christopherson <sean.j.christopherson@intel.com>
>
> Expose x86_cpu_get_supported_feature_word() outside of cpu.c so that it
> can be used by TDX to setup the VM-wide CPUID configuration.
>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> ---
> target/i386/cpu.c | 4 ++--
> target/i386/cpu.h | 3 +++
> 2 files changed, 5 insertions(+), 2 deletions(-)
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
^ permalink raw reply [flat|nested] 54+ messages in thread
* Re: [RFC PATCH 01/23] target/i386: Expose x86_cpu_get_supported_feature_word() for TDX
@ 2021-02-16 7:53 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 54+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-02-16 7:53 UTC (permalink / raw)
To: Isaku Yamahata, qemu-devel, pbonzini, alistair, ehabkost,
marcel.apfelbaum, mst, cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, Sean Christopherson, kvm
On 2/16/21 3:12 AM, Isaku Yamahata wrote:
> From: Sean Christopherson <sean.j.christopherson@intel.com>
>
> Expose x86_cpu_get_supported_feature_word() outside of cpu.c so that it
> can be used by TDX to setup the VM-wide CPUID configuration.
>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> ---
> target/i386/cpu.c | 4 ++--
> target/i386/cpu.h | 3 +++
> 2 files changed, 5 insertions(+), 2 deletions(-)
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
^ permalink raw reply [flat|nested] 54+ messages in thread
* Re: [RFC PATCH 02/23] kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl()
2021-02-16 2:12 ` Isaku Yamahata
@ 2021-02-16 7:56 ` Philippe Mathieu-Daudé
-1 siblings, 0 replies; 54+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-02-16 7:56 UTC (permalink / raw)
To: Isaku Yamahata, qemu-devel, pbonzini, alistair, ehabkost,
marcel.apfelbaum, mst, cohuck, mtosatti, xiaoyao.li, seanjc
Cc: isaku.yamahata, kvm
Hi Isaku,
On 2/16/21 3:12 AM, Isaku Yamahata wrote:
> Switch to making a VM ioctl() call for KVM_CAP_READONLY_MEM, which may
> be conditional on VM type in recent versions of KVM, e.g. when TDX is
> supported.
>
> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> ---
> accel/kvm/kvm-all.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
> index 47516913b7..351c25a5cb 100644
> --- a/accel/kvm/kvm-all.c
> +++ b/accel/kvm/kvm-all.c
> @@ -2164,7 +2164,7 @@ static int kvm_init(MachineState *ms)
> }
>
> kvm_readonly_mem_allowed =
> - (kvm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
> + (kvm_vm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
Can this check with "recent KVM" be a problem with older ones?
Maybe for backward compatibility we need:
= (kvm_vm_check_extension(s, KVM_CAP_READONLY_MEM) > 0) ||
(kvm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
> kvm_eventfds_allowed =
> (kvm_check_extension(s, KVM_CAP_IOEVENTFD) > 0);
>
^ permalink raw reply [flat|nested] 54+ messages in thread
* Re: [RFC PATCH 02/23] kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl()
@ 2021-02-16 7:56 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 54+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-02-16 7:56 UTC (permalink / raw)
To: Isaku Yamahata, qemu-devel, pbonzini, alistair, ehabkost,
marcel.apfelbaum, mst, cohuck, mtosatti, xiaoyao.li, seanjc
Cc: kvm, isaku.yamahata
Hi Isaku,
On 2/16/21 3:12 AM, Isaku Yamahata wrote:
> Switch to making a VM ioctl() call for KVM_CAP_READONLY_MEM, which may
> be conditional on VM type in recent versions of KVM, e.g. when TDX is
> supported.
>
> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> ---
> accel/kvm/kvm-all.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
> index 47516913b7..351c25a5cb 100644
> --- a/accel/kvm/kvm-all.c
> +++ b/accel/kvm/kvm-all.c
> @@ -2164,7 +2164,7 @@ static int kvm_init(MachineState *ms)
> }
>
> kvm_readonly_mem_allowed =
> - (kvm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
> + (kvm_vm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
Can this check with "recent KVM" be a problem with older ones?
Maybe for backward compatibility we need:
= (kvm_vm_check_extension(s, KVM_CAP_READONLY_MEM) > 0) ||
(kvm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
> kvm_eventfds_allowed =
> (kvm_check_extension(s, KVM_CAP_IOEVENTFD) > 0);
>
^ permalink raw reply [flat|nested] 54+ messages in thread
* Re: [RFC PATCH 02/23] kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl()
2021-02-16 7:56 ` Philippe Mathieu-Daudé
@ 2021-02-23 3:23 ` Isaku Yamahata
-1 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-23 3:23 UTC (permalink / raw)
To: Philippe Mathieu-Daudé
Cc: Isaku Yamahata, qemu-devel, pbonzini, alistair, ehabkost,
marcel.apfelbaum, mst, cohuck, mtosatti, xiaoyao.li, seanjc, kvm,
isaku.yamahata
On Tue, Feb 16, 2021 at 08:56:45AM +0100,
Philippe Mathieu-Daudé <philmd@redhat.com> wrote:
> Hi Isaku,
>
> On 2/16/21 3:12 AM, Isaku Yamahata wrote:
> > Switch to making a VM ioctl() call for KVM_CAP_READONLY_MEM, which may
> > be conditional on VM type in recent versions of KVM, e.g. when TDX is
> > supported.
> >
> > Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> > ---
> > accel/kvm/kvm-all.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
> > index 47516913b7..351c25a5cb 100644
> > --- a/accel/kvm/kvm-all.c
> > +++ b/accel/kvm/kvm-all.c
> > @@ -2164,7 +2164,7 @@ static int kvm_init(MachineState *ms)
> > }
> >
> > kvm_readonly_mem_allowed =
> > - (kvm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
> > + (kvm_vm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
>
> Can this check with "recent KVM" be a problem with older ones?
>
> Maybe for backward compatibility we need:
>
> = (kvm_vm_check_extension(s, KVM_CAP_READONLY_MEM) > 0) ||
> (kvm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
Agreed. That's safer and it's difficult to check the very old version of kenel
and non-x86 arch.
Thanks,
--
Isaku Yamahata <isaku.yamahata@gmail.com>
^ permalink raw reply [flat|nested] 54+ messages in thread
* Re: [RFC PATCH 02/23] kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl()
@ 2021-02-23 3:23 ` Isaku Yamahata
0 siblings, 0 replies; 54+ messages in thread
From: Isaku Yamahata @ 2021-02-23 3:23 UTC (permalink / raw)
To: Philippe Mathieu-Daudé
Cc: Isaku Yamahata, cohuck, ehabkost, kvm, mst, seanjc, alistair,
xiaoyao.li, qemu-devel, mtosatti, pbonzini, isaku.yamahata
On Tue, Feb 16, 2021 at 08:56:45AM +0100,
Philippe Mathieu-Daudé <philmd@redhat.com> wrote:
> Hi Isaku,
>
> On 2/16/21 3:12 AM, Isaku Yamahata wrote:
> > Switch to making a VM ioctl() call for KVM_CAP_READONLY_MEM, which may
> > be conditional on VM type in recent versions of KVM, e.g. when TDX is
> > supported.
> >
> > Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> > ---
> > accel/kvm/kvm-all.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
> > index 47516913b7..351c25a5cb 100644
> > --- a/accel/kvm/kvm-all.c
> > +++ b/accel/kvm/kvm-all.c
> > @@ -2164,7 +2164,7 @@ static int kvm_init(MachineState *ms)
> > }
> >
> > kvm_readonly_mem_allowed =
> > - (kvm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
> > + (kvm_vm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
>
> Can this check with "recent KVM" be a problem with older ones?
>
> Maybe for backward compatibility we need:
>
> = (kvm_vm_check_extension(s, KVM_CAP_READONLY_MEM) > 0) ||
> (kvm_check_extension(s, KVM_CAP_READONLY_MEM) > 0);
Agreed. That's safer and it's difficult to check the very old version of kenel
and non-x86 arch.
Thanks,
--
Isaku Yamahata <isaku.yamahata@gmail.com>
^ permalink raw reply [flat|nested] 54+ messages in thread
end of thread, other threads:[~2021-02-23 3:23 UTC | newest]
Thread overview: 54+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-16 2:12 [RFC PATCH 00/23] [RFC PATCH 00/24] TDX support Isaku Yamahata
2021-02-16 2:12 ` Isaku Yamahata
2021-02-16 2:12 ` [RFC PATCH 01/23] target/i386: Expose x86_cpu_get_supported_feature_word() for TDX Isaku Yamahata
2021-02-16 2:12 ` Isaku Yamahata
2021-02-16 7:53 ` Philippe Mathieu-Daudé
2021-02-16 7:53 ` Philippe Mathieu-Daudé
2021-02-16 2:12 ` [RFC PATCH 02/23] kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl() Isaku Yamahata
2021-02-16 2:12 ` Isaku Yamahata
2021-02-16 7:56 ` Philippe Mathieu-Daudé
2021-02-16 7:56 ` Philippe Mathieu-Daudé
2021-02-23 3:23 ` Isaku Yamahata
2021-02-23 3:23 ` Isaku Yamahata
2021-02-16 2:12 ` [RFC PATCH 03/23] KVM: i386: use VM capability check for KVM_CAP_X86_SMM Isaku Yamahata
2021-02-16 2:12 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 04/23] i386/kvm: Move architectural CPUID leaf generation to separarte helper Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 05/23] vl: Introduce machine_init_done_late notifier Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 06/23] hw/i386: Introduce kvm-type for TDX guest Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 07/23] i386/kvm: Squash getting/putting guest state for TDX VMs Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 08/23] i386/kvm: Skip KVM_X86_SETUP_MCE for TDX guests Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 09/23] target/i386: kvm: don't synchronize guest tsc for TD guest Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 10/23] linux-headers: Update headers to pull in TDX API changes Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 11/23] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 12/23] target/i386/tdx: Finalize the TD's measurement when machine is done Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 13/23] i386/tdx: Frame in tdx_get_supported_cpuid with KVM_TDX_CAPABILITIES Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 14/23] i386/tdx: Frame in the call for KVM_TDX_INIT_VCPU Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 15/23] i386/tdx: Add hook to require generic device loader Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 16/23] hw/i386: Add definitions from UEFI spec for volumes, resources, etc Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 17/23] i386/tdx: Add definitions for TDVF metadata Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 18/23] i386/tdx: Parse tdvf metadata and store the result into TdxGuest Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 19/23] i386/tdx: Create the TD HOB list upon machine init done Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 20/23] i386/tdx: Add TDVF memory via INIT_MEM_REGION Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 21/23] i386/tdx: Use KVM_TDX_INIT_VCPU to pass HOB to TDVF Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 22/23] i386/tdx: Force x2apic mode and routing for TDs Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
2021-02-16 2:13 ` [RFC PATCH 23/23] target/i386: Add machine option to disable PIC/8259 Isaku Yamahata
2021-02-16 2:13 ` Isaku Yamahata
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.