From nobody Sun May 12 22:42:13 2024 Delivered-To: importer@patchew.org Received-SPF: none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain of lists.libvirt.org) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; spf=none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain of lists.libvirt.org) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1701075591526961.6159500379866; Mon, 27 Nov 2023 00:59:51 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id 92D521931; Mon, 27 Nov 2023 03:59:50 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 4F3AC18F7; Mon, 27 Nov 2023 03:58:18 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id 3B38D179D; Mon, 27 Nov 2023 03:58:14 -0500 (EST) Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id C0C9218C1 for ; Mon, 27 Nov 2023 03:58:12 -0500 (EST) Received: from fmviesa002.fm.intel.com ([10.60.135.142]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 00:57:10 -0800 Received: from spr-s2600bt.bj.intel.com ([10.240.192.124]) by fmviesa002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 00:57:07 -0800 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.4 X-IronPort-AV: E=McAfee;i="6600,9927,10906"; a="392413720" X-IronPort-AV: E=Sophos;i="6.04,230,1695711600"; d="scan'208";a="392413720" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.04,230,1695711600"; d="scan'208";a="9716758" From: Zhenzhong Duan To: devel@lists.libvirt.org Subject: [PATCH rfcv3 01/11] qemu: Check if INTEL Trust Domain Extention support is enabled Date: Mon, 27 Nov 2023 16:55:11 +0800 Message-Id: <20231127085521.6813-2-zhenzhong.duan@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231127085521.6813-1-zhenzhong.duan@intel.com> References: <20231127085521.6813-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 Message-ID-Hash: Q64J3JXXYEC54ADNSA565ZIPHTJOYTHI X-Message-ID-Hash: Q64J3JXXYEC54ADNSA565ZIPHTJOYTHI X-MailFrom: zhenzhong.duan@intel.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0 CC: phrdina@redhat.com, pkrempa@redhat.com, jjongsma@redhat.com, jsuchane@redhat.com, chenyi.qiang@intel.com, isaku.yamahata@intel.com, xiaoyao.li@intel.com, chao.p.peng@intel.com, edwin.zhai@intel.com, Zhenzhong Duan X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1701075592436000001 Implement TDX check in order to generate domain feature capability correctly in case the availability of the feature changed. For INTEL TDX the verification is: - checking if "/sys/module/kvm_intel/parameters/tdx" contains the value 'Y': meaning TDX is enabled in the host kernel. Signed-off-by: Zhenzhong Duan Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_capabilities.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 83119e871a..5f806c68fb 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -5098,6 +5098,24 @@ virQEMUCapsKVMSupportsSecureGuestAMD(void) } =20 =20 +/* + * Check whether INTEL Trust Domain Extention (x86) is enabled + */ +static bool +virQEMUCapsKVMSupportsSecureGuestINTEL(void) +{ + g_autofree char *modValue =3D NULL; + + if (virFileReadValueString(&modValue, "/sys/module/kvm_intel/parameter= s/tdx") < 0) + return false; + + if (modValue[0] !=3D 'Y') + return false; + + return true; +} + + /* * Check whether the secure guest functionality is enabled. * See the specific architecture function for details on the verifications= made. @@ -5111,7 +5129,8 @@ virQEMUCapsKVMSupportsSecureGuest(void) return virQEMUCapsKVMSupportsSecureGuestS390(); =20 if (ARCH_IS_X86(arch)) - return virQEMUCapsKVMSupportsSecureGuestAMD(); + return virQEMUCapsKVMSupportsSecureGuestAMD() || + virQEMUCapsKVMSupportsSecureGuestINTEL(); =20 return false; } --=20 2.34.1 _______________________________________________ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-leave@lists.libvirt.org From nobody Sun May 12 22:42:13 2024 Delivered-To: importer@patchew.org Received-SPF: none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain of lists.libvirt.org) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; spf=none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain of lists.libvirt.org) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 170107584981056.3221611578515; Mon, 27 Nov 2023 01:04:09 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id 2D70D1A19; Mon, 27 Nov 2023 04:04:09 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 7F6EE19D0; Mon, 27 Nov 2023 03:58:34 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id 05F0118BF; Mon, 27 Nov 2023 03:58:17 -0500 (EST) Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 7766018BE for ; Mon, 27 Nov 2023 03:58:16 -0500 (EST) Received: from fmviesa002.fm.intel.com ([10.60.135.142]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 00:57:14 -0800 Received: from spr-s2600bt.bj.intel.com ([10.240.192.124]) by fmviesa002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 00:57:11 -0800 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.4 X-IronPort-AV: E=McAfee;i="6600,9927,10906"; a="392413733" X-IronPort-AV: E=Sophos;i="6.04,230,1695711600"; d="scan'208";a="392413733" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.04,230,1695711600"; d="scan'208";a="9716767" From: Zhenzhong Duan To: devel@lists.libvirt.org Subject: [PATCH rfcv3 02/11] qemu: Add TDX capability Date: Mon, 27 Nov 2023 16:55:12 +0800 Message-Id: <20231127085521.6813-3-zhenzhong.duan@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231127085521.6813-1-zhenzhong.duan@intel.com> References: <20231127085521.6813-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 Message-ID-Hash: ANNIB7I6POPXWVZH6T2WXHJE6WZJIZUO X-Message-ID-Hash: ANNIB7I6POPXWVZH6T2WXHJE6WZJIZUO X-MailFrom: zhenzhong.duan@intel.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0 CC: phrdina@redhat.com, pkrempa@redhat.com, jjongsma@redhat.com, jsuchane@redhat.com, chenyi.qiang@intel.com, isaku.yamahata@intel.com, xiaoyao.li@intel.com, chao.p.peng@intel.com, edwin.zhai@intel.com, Zhenzhong Duan X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1701075851746000001 QEMU_CAPS_TDX_GUEST set means TDX supported with this QEMU. Signed-off-by: Chenyi Qiang Signed-off-by: Zhenzhong Duan Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_capabilities.c | 2 ++ src/qemu/qemu_capabilities.h | 1 + 2 files changed, 3 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 5f806c68fb..8764df5e9d 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -698,6 +698,7 @@ VIR_ENUM_IMPL(virQEMUCaps, /* 450 */ "run-with.async-teardown", /* QEMU_CAPS_RUN_WITH_ASYNC_TEARD= OWN */ "virtio-blk-vhost-vdpa", /* QEMU_CAPS_DEVICE_VIRTIO_BLK_VHOS= T_VDPA */ + "tdx-guest", /* QEMU_CAPS_TDX_GUEST */ ); =20 =20 @@ -1385,6 +1386,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "virtio-crypto-device", QEMU_CAPS_DEVICE_VIRTIO_CRYPTO }, { "cryptodev-backend-lkcf", QEMU_CAPS_OBJECT_CRYPTO_LKCF }, { "pvpanic-pci", QEMU_CAPS_DEVICE_PANIC_PCI }, + { "tdx-guest", QEMU_CAPS_TDX_GUEST}, }; =20 =20 diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 3c4f7f625b..b88058f6fb 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -677,6 +677,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ /* 450 */ QEMU_CAPS_RUN_WITH_ASYNC_TEARDOWN, /* asynchronous teardown -run-with = async-teardown=3Don|off */ QEMU_CAPS_DEVICE_VIRTIO_BLK_VHOST_VDPA, /* virtio-blk-vhost-vdpa block= driver */ + QEMU_CAPS_TDX_GUEST, /* -object tdx-guest,... */ =20 QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; --=20 2.34.1 _______________________________________________ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-leave@lists.libvirt.org From nobody Sun May 12 22:42:13 2024 Delivered-To: importer@patchew.org Received-SPF: none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain of lists.libvirt.org) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; spf=none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain of lists.libvirt.org) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1701075946356282.1696912944693; Mon, 27 Nov 2023 01:05:46 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id C239F1A1A; Mon, 27 Nov 2023 04:05:45 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 4B7251999; Mon, 27 Nov 2023 03:59:43 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id 98CCE19DF; Mon, 27 Nov 2023 03:59:29 -0500 (EST) Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 5D72A18BF for ; Mon, 27 Nov 2023 03:58:39 -0500 (EST) Received: from fmviesa002.fm.intel.com ([10.60.135.142]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 00:57:18 -0800 Received: from spr-s2600bt.bj.intel.com ([10.240.192.124]) by fmviesa002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 00:57:14 -0800 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.4 X-IronPort-AV: E=McAfee;i="6600,9927,10906"; a="392413751" X-IronPort-AV: E=Sophos;i="6.04,230,1695711600"; d="scan'208";a="392413751" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.04,230,1695711600"; d="scan'208";a="9716774" From: Zhenzhong Duan To: devel@lists.libvirt.org Subject: [PATCH rfcv3 03/11] conf: expose TDX feature in domain capabilities Date: Mon, 27 Nov 2023 16:55:13 +0800 Message-Id: <20231127085521.6813-4-zhenzhong.duan@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231127085521.6813-1-zhenzhong.duan@intel.com> References: <20231127085521.6813-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 Message-ID-Hash: BINR4DTGPA3KSOV4NI2USOHJZ7645TQM X-Message-ID-Hash: BINR4DTGPA3KSOV4NI2USOHJZ7645TQM X-MailFrom: zhenzhong.duan@intel.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0 CC: phrdina@redhat.com, pkrempa@redhat.com, jjongsma@redhat.com, jsuchane@redhat.com, chenyi.qiang@intel.com, isaku.yamahata@intel.com, xiaoyao.li@intel.com, chao.p.peng@intel.com, edwin.zhai@intel.com, Zhenzhong Duan X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1701075947240000001 Extend qemu TDX capability to domain capabilities. Signed-off-by: Chenyi Qiang Signed-off-by: Zhenzhong Duan --- docs/formatdomaincaps.rst | 1 + src/conf/domain_capabilities.c | 1 + src/conf/domain_capabilities.h | 1 + src/conf/schemas/domaincaps.rng | 9 +++++++++ src/qemu/qemu_capabilities.c | 15 +++++++++++++++ 5 files changed, 27 insertions(+) diff --git a/docs/formatdomaincaps.rst b/docs/formatdomaincaps.rst index ef752a0f3a..3acc9a12b4 100644 --- a/docs/formatdomaincaps.rst +++ b/docs/formatdomaincaps.rst @@ -669,6 +669,7 @@ capabilities. All features occur as children of the mai= n ``features`` element. vapic + =20 diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c index f6e09dc584..0f9ddb1e48 100644 --- a/src/conf/domain_capabilities.c +++ b/src/conf/domain_capabilities.c @@ -42,6 +42,7 @@ VIR_ENUM_IMPL(virDomainCapsFeature, "backup", "async-teardown", "s390-pv", + "tdx", ); =20 static virClass *virDomainCapsClass; diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index 01bcfa2e39..cc44cf2363 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -250,6 +250,7 @@ typedef enum { VIR_DOMAIN_CAPS_FEATURE_BACKUP, VIR_DOMAIN_CAPS_FEATURE_ASYNC_TEARDOWN, VIR_DOMAIN_CAPS_FEATURE_S390_PV, + VIR_DOMAIN_CAPS_FEATURE_TDX, =20 VIR_DOMAIN_CAPS_FEATURE_LAST } virDomainCapsFeature; diff --git a/src/conf/schemas/domaincaps.rng b/src/conf/schemas/domaincaps.= rng index e7aa4a1066..a5522b1e67 100644 --- a/src/conf/schemas/domaincaps.rng +++ b/src/conf/schemas/domaincaps.rng @@ -308,6 +308,9 @@ + + + @@ -363,6 +366,12 @@ =20 + + + + + + diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 8764df5e9d..0b4988256f 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -6657,6 +6657,20 @@ virQEMUCapsFillDomainFeatureHypervCaps(virQEMUCaps *= qemuCaps, } =20 =20 +static void +virQEMUCapsFillDomainFeatureTDXCaps(virQEMUCaps *qemuCaps, + virDomainCaps *domCaps) +{ + if (domCaps->arch =3D=3D VIR_ARCH_X86_64 && + domCaps->virttype =3D=3D VIR_DOMAIN_VIRT_KVM && + virQEMUCapsGet(qemuCaps, QEMU_CAPS_TDX_GUEST) && + virQEMUCapsGetKVMSupportsSecureGuest(qemuCaps) && + virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_CONFIDENTAL_GUEST_SUPPO= RT) && + (STREQ(domCaps->machine, "q35") || STRPREFIX(domCaps->machine, "pc= -q35-"))) + domCaps->features[VIR_DOMAIN_CAPS_FEATURE_TDX] =3D VIR_TRISTAT= E_BOOL_YES; +} + + int virQEMUCapsFillDomainCaps(virQEMUCaps *qemuCaps, virArch hostarch, @@ -6716,6 +6730,7 @@ virQEMUCapsFillDomainCaps(virQEMUCaps *qemuCaps, virQEMUCapsFillDomainFeatureSGXCaps(qemuCaps, domCaps); virQEMUCapsFillDomainFeatureHypervCaps(qemuCaps, domCaps); virQEMUCapsFillDomainDeviceCryptoCaps(qemuCaps, crypto); + virQEMUCapsFillDomainFeatureTDXCaps(qemuCaps, domCaps); =20 return 0; } --=20 2.34.1 _______________________________________________ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-leave@lists.libvirt.org From nobody Sun May 12 22:42:13 2024 Delivered-To: importer@patchew.org Received-SPF: none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain of lists.libvirt.org) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; spf=none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain of lists.libvirt.org) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1701076179935289.98541435404854; Mon, 27 Nov 2023 01:09:39 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id 50DE51A0D; Mon, 27 Nov 2023 04:09:39 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 359D71A04; Mon, 27 Nov 2023 04:00:06 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id 9BF6D193F; Mon, 27 Nov 2023 03:59:34 -0500 (EST) Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id CCD661918 for ; Mon, 27 Nov 2023 03:58:39 -0500 (EST) Received: from fmviesa002.fm.intel.com ([10.60.135.142]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 00:57:22 -0800 Received: from spr-s2600bt.bj.intel.com ([10.240.192.124]) by fmviesa002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 00:57:18 -0800 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.4 X-IronPort-AV: E=McAfee;i="6600,9927,10906"; a="392413762" X-IronPort-AV: E=Sophos;i="6.04,230,1695711600"; d="scan'208";a="392413762" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.04,230,1695711600"; d="scan'208";a="9716779" From: Zhenzhong Duan To: devel@lists.libvirt.org Subject: [PATCH rfcv3 04/11] conf: add tdx as launch security type Date: Mon, 27 Nov 2023 16:55:14 +0800 Message-Id: <20231127085521.6813-5-zhenzhong.duan@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231127085521.6813-1-zhenzhong.duan@intel.com> References: <20231127085521.6813-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 Message-ID-Hash: FJD7KAIDXJPZBNHM7NRBGLPHIUOEUBZJ X-Message-ID-Hash: FJD7KAIDXJPZBNHM7NRBGLPHIUOEUBZJ X-MailFrom: zhenzhong.duan@intel.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0 CC: phrdina@redhat.com, pkrempa@redhat.com, jjongsma@redhat.com, jsuchane@redhat.com, chenyi.qiang@intel.com, isaku.yamahata@intel.com, xiaoyao.li@intel.com, chao.p.peng@intel.com, edwin.zhai@intel.com, Zhenzhong Duan X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1701076180548000001 When 'tdx' is used, the VM will launched with Intel TDX feature enabled. TDX feature supports running encrypted VM (Trust Domain, TD) under the control of KVM. A TD runs in a CPU model which protects the confidentiality of its memory and its CPU state from other software There is a child element 'policy' and four optional element for tdx type. In 'policy', bit 0 is set to enable TDX debug, bit 28 set to enable sept-ve-disable, other bits are reserved currently. mrConfigId, mrOwner and mrOwnerConfig are hex string of 48 * 2 length each. Quote-Generation-Service is string to specify Quote Generation Service(QGS) in qemu socket address format. The examples of the supported format are "vsock:2:1234", "unix:/run/qgs", "localhost:1234". For example: 0x1 xxx...xxx xxx...xxx xxx...xxx xxx Signed-off-by: Zhenzhong Duan --- src/conf/domain_conf.c | 46 +++++++++++++++++++++++++++++++ src/conf/domain_conf.h | 10 +++++++ src/conf/schemas/domaincommon.rng | 34 +++++++++++++++++++++++ src/conf/virconftypes.h | 2 ++ src/qemu/qemu_command.c | 2 ++ src/qemu/qemu_firmware.c | 1 + src/qemu/qemu_namespace.c | 1 + src/qemu/qemu_process.c | 1 + src/qemu/qemu_validate.c | 1 + 9 files changed, 98 insertions(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 80f467ae7a..08e82c5380 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1513,6 +1513,7 @@ VIR_ENUM_IMPL(virDomainLaunchSecurity, "", "sev", "s390-pv", + "tdx", ); =20 typedef enum { @@ -3808,6 +3809,11 @@ virDomainSecDefFree(virDomainSecDef *def) g_free(def->data.sev.dh_cert); g_free(def->data.sev.session); break; + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: + g_free(def->data.tdx.mrconfigid); + g_free(def->data.tdx.mrowner); + g_free(def->data.tdx.mrownerconfig); + g_free(def->data.tdx.QGS); case VIR_DOMAIN_LAUNCH_SECURITY_PV: case VIR_DOMAIN_LAUNCH_SECURITY_NONE: case VIR_DOMAIN_LAUNCH_SECURITY_LAST: @@ -13452,6 +13458,25 @@ virDomainSEVDefParseXML(virDomainSEVDef *def, } =20 =20 +static int +virDomainTDXDefParseXML(virDomainTDXDef *def, + xmlXPathContextPtr ctxt) +{ + if (virXPathUIntBase("string(./policy)", ctxt, 16, &def->policy) < 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("failed to get launch security policy for launch = security type TDX")); + return -1; + } + + def->mrconfigid =3D virXPathString("string(./mrConfigId)", ctxt); + def->mrowner =3D virXPathString("string(./mrOwner)", ctxt); + def->mrownerconfig =3D virXPathString("string(./mrOwnerConfig)", ctxt); + def->QGS =3D virXPathString("string(./Quote-Generation-Service)", ctxt= ); + + return 0; +} + + static virDomainSecDef * virDomainSecDefParseXML(xmlNodePtr lsecNode, xmlXPathContextPtr ctxt) @@ -13471,6 +13496,10 @@ virDomainSecDefParseXML(xmlNodePtr lsecNode, if (virDomainSEVDefParseXML(&sec->data.sev, ctxt) < 0) return NULL; break; + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: + if (virDomainTDXDefParseXML(&sec->data.tdx, ctxt) < 0) + return NULL; + break; case VIR_DOMAIN_LAUNCH_SECURITY_PV: break; case VIR_DOMAIN_LAUNCH_SECURITY_NONE: @@ -26468,6 +26497,23 @@ virDomainSecDefFormat(virBuffer *buf, virDomainSec= Def *sec) break; } =20 + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: { + virDomainTDXDef *tdx =3D &sec->data.tdx; + + virBufferAsprintf(&childBuf, "0x%04x\n", tdx->pol= icy); + + if (tdx->mrconfigid) + virBufferEscapeString(&childBuf, "%s\= n", tdx->mrconfigid); + if (tdx->mrowner) + virBufferEscapeString(&childBuf, "%s\n", td= x->mrowner); + if (tdx->mrownerconfig) + virBufferEscapeString(&childBuf, "%s\n", tdx->mrownerconfig); + if (tdx->QGS) + virBufferEscapeString(&childBuf, "%s= \n", tdx->QGS); + + break; + } + case VIR_DOMAIN_LAUNCH_SECURITY_PV: break; =20 diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 98f99721f0..3b01850eb4 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2833,6 +2833,7 @@ typedef enum { VIR_DOMAIN_LAUNCH_SECURITY_NONE, VIR_DOMAIN_LAUNCH_SECURITY_SEV, VIR_DOMAIN_LAUNCH_SECURITY_PV, + VIR_DOMAIN_LAUNCH_SECURITY_TDX, =20 VIR_DOMAIN_LAUNCH_SECURITY_LAST, } virDomainLaunchSecurity; @@ -2849,10 +2850,19 @@ struct _virDomainSEVDef { virTristateBool kernel_hashes; }; =20 +struct _virDomainTDXDef { + unsigned int policy; + char *mrconfigid; + char *mrowner; + char *mrownerconfig; + char *QGS; +}; + struct _virDomainSecDef { virDomainLaunchSecurity sectype; union { virDomainSEVDef sev; + virDomainTDXDef tdx; } data; }; =20 diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincom= mon.rng index a26986b5ce..bf3667d727 100644 --- a/src/conf/schemas/domaincommon.rng +++ b/src/conf/schemas/domaincommon.rng @@ -520,6 +520,9 @@ s390-pv + + + @@ -565,6 +568,37 @@ =20 + + + tdx + + + + + + + + + + + + + + + + + + + + + + + + + + + +