From nobody Mon May 6 13:37:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1626405552612972.1558246736945; Thu, 15 Jul 2021 20:19:12 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-271-drrspKcZP1qCJVCPxbTTIw-1; Thu, 15 Jul 2021 23:19:09 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 468B31084F54; Fri, 16 Jul 2021 03:19:03 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4496E60871; Fri, 16 Jul 2021 03:19:02 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 823B24E9F4; Fri, 16 Jul 2021 03:19:01 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 16G3BiNr005873 for ; Thu, 15 Jul 2021 23:11:45 -0400 Received: by smtp.corp.redhat.com (Postfix) id CDFEE20B899C; Fri, 16 Jul 2021 03:11:44 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C936020B8999 for ; Fri, 16 Jul 2021 03:11:43 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E6464800B35 for ; Fri, 16 Jul 2021 03:11:42 +0000 (UTC) Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-275-Xvic8ftOPrWqrAlBFvGBKg-1; Thu, 15 Jul 2021 23:11:40 -0400 Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:38 -0700 Received: from duan-server-s2600bt.bj.intel.com ([10.240.192.114]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:35 -0700 X-MC-Unique: drrspKcZP1qCJVCPxbTTIw-1 X-MC-Unique: Xvic8ftOPrWqrAlBFvGBKg-1 X-IronPort-AV: E=McAfee;i="6200,9189,10046"; a="271779108" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="271779108" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="495774341" From: Zhenzhong Duan To: libvir-list@redhat.com Subject: [RFC PATCH v2 1/8] qemu: Check if INTEL Trust Domain Extention support is enabled Date: Fri, 16 Jul 2021 11:10:29 +0800 Message-Id: <20210716031036.189228-2-zhenzhong.duan@intel.com> In-Reply-To: <20210716031036.189228-1-zhenzhong.duan@intel.com> References: <20210716031036.189228-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: isaku.yamahata@intel.com, pkrempa@redhat.com, jun.j.tian@intel.com, chenyi.qiang@intel.com, phrdina@redhat.com, zhenzhong.duan@intel.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1626405553948100001 Content-Type: text/plain; charset="utf-8" Implement TDX check in order to generate domain feature capability correctly in case the availability of the feature changed. For INTEL TDX the verification is: - checking if /sys/firmware/tdx_seam/vendor_id contains the value "0x8086": meaning TDX is enabled in the host kernel. Signed-off-by: Zhenzhong Duan --- src/qemu/qemu_capabilities.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 0d93cc2052..9085c0b875 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -4748,6 +4748,24 @@ virQEMUCapsKVMSupportsSecureGuestAMD(void) } =20 =20 +/* + * Check whether INTEL Trust Domain Extention (x86) is enabled + */ +static bool +virQEMUCapsKVMSupportsSecureGuestINTEL(void) +{ + g_autofree char *modValue =3D NULL; + + if (virFileReadValueString(&modValue, "/sys/firmware/tdx_seam/vendor_i= d") < 0) + return false; + + if (STRNEQ(modValue,"0x8086")) + return false; + + return true; +} + + /* * Check whether the secure guest functionality is enabled. * See the specific architecture function for details on the verifications= made. @@ -4761,7 +4779,8 @@ virQEMUCapsKVMSupportsSecureGuest(void) return virQEMUCapsKVMSupportsSecureGuestS390(); =20 if (ARCH_IS_X86(arch)) - return virQEMUCapsKVMSupportsSecureGuestAMD(); + return virQEMUCapsKVMSupportsSecureGuestAMD() || + virQEMUCapsKVMSupportsSecureGuestINTEL(); =20 return false; } --=20 2.25.1 From nobody Mon May 6 13:37:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1626405558929841.6494400704723; Thu, 15 Jul 2021 20:19:18 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-528-I-7dr0-lPTaXWPX6Mo3q8w-1; Thu, 15 Jul 2021 23:19:15 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A7D9A18414A5; Fri, 16 Jul 2021 03:19:10 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 80D39100EBAD; Fri, 16 Jul 2021 03:19:10 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C38821801254; Fri, 16 Jul 2021 03:19:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 16G3C2Wi005920 for ; Thu, 15 Jul 2021 23:12:02 -0400 Received: by smtp.corp.redhat.com (Postfix) id 2B2C3113B7C; Fri, 16 Jul 2021 03:12:02 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 260FF113B72 for ; Fri, 16 Jul 2021 03:11:59 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A6FF780015A for ; Fri, 16 Jul 2021 03:11:59 +0000 (UTC) Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-464-l9BHS88ONd-tWuT3DNNJlA-1; Thu, 15 Jul 2021 23:11:55 -0400 Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:40 -0700 Received: from duan-server-s2600bt.bj.intel.com ([10.240.192.114]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:38 -0700 X-MC-Unique: I-7dr0-lPTaXWPX6Mo3q8w-1 X-MC-Unique: l9BHS88ONd-tWuT3DNNJlA-1 X-IronPort-AV: E=McAfee;i="6200,9189,10046"; a="271779111" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="271779111" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="495774348" From: Zhenzhong Duan To: libvir-list@redhat.com Subject: [RFC PATCH v2 2/8] qemu: Add TDX capability Date: Fri, 16 Jul 2021 11:10:30 +0800 Message-Id: <20210716031036.189228-3-zhenzhong.duan@intel.com> In-Reply-To: <20210716031036.189228-1-zhenzhong.duan@intel.com> References: <20210716031036.189228-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: isaku.yamahata@intel.com, pkrempa@redhat.com, jun.j.tian@intel.com, chenyi.qiang@intel.com, phrdina@redhat.com, zhenzhong.duan@intel.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1626405559728100001 Content-Type: text/plain; charset="utf-8" QEMU_CAPS_TDX_GUEST set means TDX supported with this qemu. Signed-off-by: Chenyi Qiang Signed-off-by: Zhenzhong Duan --- src/qemu/qemu_capabilities.c | 2 ++ src/qemu/qemu_capabilities.h | 1 + 2 files changed, 3 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 9085c0b875..6a29ec607a 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -637,6 +637,7 @@ VIR_ENUM_IMPL(virQEMUCaps, "confidential-guest-support", "query-display-options", "s390-pv-guest", + "tdx-guest", ); =20 =20 @@ -1356,6 +1357,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "virtio-gpu-gl-pci", QEMU_CAPS_VIRTIO_GPU_GL_PCI }, { "virtio-vga-gl", QEMU_CAPS_VIRTIO_VGA_GL }, { "s390-pv-guest", QEMU_CAPS_S390_PV_GUEST }, + { "tdx-guest", QEMU_CAPS_TDX_GUEST}, }; =20 =20 diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index f99bb211e0..2aa38f55e9 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -617,6 +617,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ QEMU_CAPS_MACHINE_CONFIDENTAL_GUEST_SUPPORT, /* -machine confidential-= guest-support */ QEMU_CAPS_QUERY_DISPLAY_OPTIONS, /* 'query-display-options' qmp comman= d present */ QEMU_CAPS_S390_PV_GUEST, /* -object s390-pv-guest,... */ + QEMU_CAPS_TDX_GUEST, /* -object tdx-guest,... */ =20 QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; --=20 2.25.1 From nobody Mon May 6 13:37:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1626405146515731.6405586940215; Thu, 15 Jul 2021 20:12:26 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-442-9_4lSyKKOcWX8_ybef68nw-1; Thu, 15 Jul 2021 23:12:23 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 8E315100B3AF; Fri, 16 Jul 2021 03:12:18 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6B1245D9C6; Fri, 16 Jul 2021 03:12:18 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0C65A4A712; Fri, 16 Jul 2021 03:12:18 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 16G3BrFq005901 for ; Thu, 15 Jul 2021 23:11:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id A3FA2209D036; Fri, 16 Jul 2021 03:11:53 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9FB9C20962CA for ; Fri, 16 Jul 2021 03:11:50 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9717880270A for ; Fri, 16 Jul 2021 03:11:50 +0000 (UTC) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-420-ESXM3BkqMoqEj-smtbME7g-1; Thu, 15 Jul 2021 23:11:46 -0400 Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:43 -0700 Received: from duan-server-s2600bt.bj.intel.com ([10.240.192.114]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:40 -0700 X-MC-Unique: 9_4lSyKKOcWX8_ybef68nw-1 X-MC-Unique: ESXM3BkqMoqEj-smtbME7g-1 X-IronPort-AV: E=McAfee;i="6200,9189,10046"; a="190345519" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="190345519" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="495774363" From: Zhenzhong Duan To: libvir-list@redhat.com Subject: [RFC PATCH v2 3/8] conf: expose TDX feature in domain capabilities Date: Fri, 16 Jul 2021 11:10:31 +0800 Message-Id: <20210716031036.189228-4-zhenzhong.duan@intel.com> In-Reply-To: <20210716031036.189228-1-zhenzhong.duan@intel.com> References: <20210716031036.189228-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: isaku.yamahata@intel.com, pkrempa@redhat.com, jun.j.tian@intel.com, chenyi.qiang@intel.com, phrdina@redhat.com, zhenzhong.duan@intel.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1626405148514100001 Content-Type: text/plain; charset="utf-8" Extend qemu TDX capability to domain capabilities. Signed-off-by: Chenyi Qiang Signed-off-by: Zhenzhong Duan --- docs/formatdomaincaps.html.in | 17 +++++++++++++++++ docs/schemas/domaincaps.rng | 9 +++++++++ src/conf/domain_capabilities.c | 1 + src/conf/domain_capabilities.h | 1 + src/qemu/qemu_capabilities.c | 16 ++++++++++++++++ 5 files changed, 44 insertions(+) diff --git a/docs/formatdomaincaps.html.in b/docs/formatdomaincaps.html.in index 62f1940e6a..3f057af515 100644 --- a/docs/formatdomaincaps.html.in +++ b/docs/formatdomaincaps.html.in @@ -570,6 +570,7 @@ <cbitpos>47</cbitpos> <reduced-phys-bits>1</reduced-phys-bits> </sev> + <tdx supported=3D'yes'/> </features> </domainCapabilities> @@ -635,6 +636,22 @@ a look at SEV in domain= XML

=20 +

TDX capabilities

+ +

Trust Domain Extensions(TDX) capabilities are exposed under the + tdx element. + TDX is an Intel technology that extends Virtual Machines Extensions (V= MX) + to with a new kind of virtual machine guest called Trust Domain (TD). = A TD + runs in a CPU model which protects the confidentiality of its memory c= ontents + and its CPU state from any other software, including the hosting Virtu= al Machine + Monitor (VMM), unless explicitly shared by the TD itself.

+ +

+ For more details on the TDX feature, please follow resources in the + Intel developer's document. In order to use TDX with libvirt have + a look at TDX in domain= XML +

+
cbitpos
When memory encryption is enabled, one of the physical address b= its diff --git a/docs/schemas/domaincaps.rng b/docs/schemas/domaincaps.rng index d7ee60dd16..60001b3c43 100644 --- a/docs/schemas/domaincaps.rng +++ b/docs/schemas/domaincaps.rng @@ -253,6 +253,9 @@ + + + =20 @@ -307,6 +310,12 @@ =20 + + + + + + diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c index 83d3320980..2380eacde9 100644 --- a/src/conf/domain_capabilities.c +++ b/src/conf/domain_capabilities.c @@ -43,6 +43,7 @@ VIR_ENUM_IMPL(virDomainCapsFeature, "backingStoreInput", "backup", "s390-pv", + "tdx", ); =20 static virClass *virDomainCapsClass; diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index 34b9b8a693..cd3f5be472 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -180,6 +180,7 @@ typedef enum { VIR_DOMAIN_CAPS_FEATURE_BACKING_STORE_INPUT, VIR_DOMAIN_CAPS_FEATURE_BACKUP, VIR_DOMAIN_CAPS_FEATURE_S390_PV, + VIR_DOMAIN_CAPS_FEATURE_TDX, =20 VIR_DOMAIN_CAPS_FEATURE_LAST } virDomainCapsFeature; diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 6a29ec607a..e9906a2f32 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -6351,6 +6351,21 @@ virQEMUCapsFillDomainFeatureS390PVCaps(virQEMUCaps *= qemuCaps, } =20 =20 +static void +virQEMUCapsFillDomainFeatureTDXCaps(virQEMUCaps *qemuCaps, + virDomainCaps *domCaps) +{ + if (ARCH_IS_X86(qemuCaps->arch)) { + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_CONFIDENTAL_GUEST_S= UPPORT) && + virQEMUCapsGet(qemuCaps, QEMU_CAPS_TDX_GUEST) && + virQEMUCapsGetKVMSupportsSecureGuest(qemuCaps)) + domCaps->features[VIR_DOMAIN_CAPS_FEATURE_TDX] =3D VIR_TRISTAT= E_BOOL_YES; + else + domCaps->features[VIR_DOMAIN_CAPS_FEATURE_TDX] =3D VIR_TRISTAT= E_BOOL_NO; + } +} + + int virQEMUCapsFillDomainCaps(virQEMUCaps *qemuCaps, virArch hostarch, @@ -6398,6 +6413,7 @@ virQEMUCapsFillDomainCaps(virQEMUCaps *qemuCaps, virQEMUCapsFillDomainFeatureGICCaps(qemuCaps, domCaps); virQEMUCapsFillDomainFeatureSEVCaps(qemuCaps, domCaps); virQEMUCapsFillDomainFeatureS390PVCaps(qemuCaps, domCaps); + virQEMUCapsFillDomainFeatureTDXCaps(qemuCaps, domCaps); =20 return 0; } --=20 2.25.1 From nobody Mon May 6 13:37:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1626405564455934.3074825198138; Thu, 15 Jul 2021 20:19:24 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-546-9BhmDiPrOjix2D1X-tMZoQ-1; Thu, 15 Jul 2021 23:19:19 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4D12018414A2; Fri, 16 Jul 2021 03:19:14 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2D27769CB9; Fri, 16 Jul 2021 03:19:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E9C7A1801257; Fri, 16 Jul 2021 03:19:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 16G3CAY1005938 for ; Thu, 15 Jul 2021 23:12:10 -0400 Received: by smtp.corp.redhat.com (Postfix) id 0D2DE117C2F6; Fri, 16 Jul 2021 03:12:10 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 07CE8117C2F4 for ; Fri, 16 Jul 2021 03:12:08 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1D2DE858287 for ; Fri, 16 Jul 2021 03:12:08 +0000 (UTC) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-483-TFVvhBiGPWa6MjmGU2-A7Q-1; Thu, 15 Jul 2021 23:12:03 -0400 Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:59 -0700 Received: from duan-server-s2600bt.bj.intel.com ([10.240.192.114]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:43 -0700 X-MC-Unique: 9BhmDiPrOjix2D1X-tMZoQ-1 X-MC-Unique: TFVvhBiGPWa6MjmGU2-A7Q-1 X-IronPort-AV: E=McAfee;i="6200,9189,10046"; a="296308774" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="296308774" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="495774397" From: Zhenzhong Duan To: libvir-list@redhat.com Subject: [RFC PATCH v2 4/8] conf: add tdx as launch security type Date: Fri, 16 Jul 2021 11:10:32 +0800 Message-Id: <20210716031036.189228-5-zhenzhong.duan@intel.com> In-Reply-To: <20210716031036.189228-1-zhenzhong.duan@intel.com> References: <20210716031036.189228-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: isaku.yamahata@intel.com, pkrempa@redhat.com, jun.j.tian@intel.com, chenyi.qiang@intel.com, phrdina@redhat.com, zhenzhong.duan@intel.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1626405565950100001 Content-Type: text/plain; charset="utf-8" When 'tdx' is used, the VM will launched with Intel TDX feature enabled. TDX feature supports running encrypted VM (Trust Domain, TD) under the control of KVM. A TD runs in a CPU model which protects the confidentiality of its memory and its CPU state from other software There is a child element 'policy' and three optional element for tdx type. In 'policy', bit 0 is used to enable TDX debug, other bits are reserved currently. mrconfigid, mrowner and mrownerconfig are hex string of 48 * 2 length each. For example: 0x0001 xxx...xxx xxx...xxx xxx...xxx Signed-off-by: Zhenzhong Duan --- docs/schemas/domaincommon.rng | 16 ++++++++++++ src/conf/domain_conf.c | 47 +++++++++++++++++++++++++++++++++++ src/conf/domain_conf.h | 9 +++++++ src/conf/virconftypes.h | 2 ++ 4 files changed, 74 insertions(+) diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index b81c51728d..fd77601886 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -486,6 +486,7 @@ sev s390-pv + tdx @@ -519,6 +520,21 @@ + + + + + + + + + + + + + + + diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 92ab22d3fd..9510aa7b1f 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1402,6 +1402,7 @@ VIR_ENUM_IMPL(virDomainLaunchSecurity, "", "sev", "s390-pv", + "tdx", ); =20 static virClass *virDomainObjClass; @@ -3502,6 +3503,10 @@ virDomainSecDefFree(virDomainSecDef *def) g_free(def->data.sev.dh_cert); g_free(def->data.sev.session); break; + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: + g_free(def->data.tdx.mrconfigid); + g_free(def->data.tdx.mrowner); + g_free(def->data.tdx.mrownerconfig); case VIR_DOMAIN_LAUNCH_SECURITY_PV: case VIR_DOMAIN_LAUNCH_SECURITY_NONE: case VIR_DOMAIN_LAUNCH_SECURITY_LAST: @@ -14773,6 +14778,29 @@ virDomainSEVDefParseXML(virDomainSEVDef *def, } =20 =20 +static int +virDomainTDXDefParseXML(virDomainTDXDef *def, + xmlXPathContextPtr ctxt) +{ + VIR_XPATH_NODE_AUTORESTORE(ctxt) + unsigned long policy; + + if (virXPathULongHex("string(./policy)", ctxt, &policy) < 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("failed to get launch security policy for " + "launch security type TDX")); + return -1; + } + + def->policy =3D policy; + def->mrconfigid =3D virXPathString("string(./mrconfigid)", ctxt); + def->mrowner =3D virXPathString("string(./mrowner)", ctxt); + def->mrownerconfig =3D virXPathString("string(./mrownerconfig)", ctxt); + + return 0; +} + + static virDomainSecDef * virDomainSecDefParseXML(xmlNodePtr lsecNode, xmlXPathContextPtr ctxt) @@ -14792,6 +14820,10 @@ virDomainSecDefParseXML(xmlNodePtr lsecNode, if (virDomainSEVDefParseXML(&sec->data.sev, lsecNode, ctxt) < 0) return NULL; break; + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: + if (virDomainTDXDefParseXML(&sec->data.tdx, ctxt) < 0) + return NULL; + break; case VIR_DOMAIN_LAUNCH_SECURITY_PV: if ((n =3D virXPathNodeSet("./*", ctxt, NULL)) < 0) return NULL; @@ -26932,6 +26964,21 @@ virDomainSecDefFormat(virBuffer *buf, virDomainSec= Def *sec) break; } =20 + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: { + virDomainTDXDef *tdx =3D &sec->data.tdx; + + virBufferAsprintf(&childBuf, "0x%04x\n", tdx->pol= icy); + + if (tdx->mrconfigid) + virBufferEscapeString(&childBuf, "%s\= n", tdx->mrconfigid); + if (tdx->mrowner) + virBufferEscapeString(&childBuf, "%s\n", td= x->mrowner); + if (tdx->mrownerconfig) + virBufferEscapeString(&childBuf, "%s\n", tdx->mrownerconfig); + + break; + } + case VIR_DOMAIN_LAUNCH_SECURITY_PV: break; =20 diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 5c22f252d0..b29045d0c4 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2646,6 +2646,7 @@ typedef enum { VIR_DOMAIN_LAUNCH_SECURITY_NONE, VIR_DOMAIN_LAUNCH_SECURITY_SEV, VIR_DOMAIN_LAUNCH_SECURITY_PV, + VIR_DOMAIN_LAUNCH_SECURITY_TDX, =20 VIR_DOMAIN_LAUNCH_SECURITY_LAST, } virDomainLaunchSecurity; @@ -2661,10 +2662,18 @@ struct _virDomainSEVDef { unsigned int reduced_phys_bits; }; =20 +struct _virDomainTDXDef { + unsigned int policy; + char *mrconfigid; + char *mrowner; + char *mrownerconfig; +}; + struct _virDomainSecDef { virDomainLaunchSecurity sectype; union { virDomainSEVDef sev; + virDomainTDXDef tdx; } data; }; =20 diff --git a/src/conf/virconftypes.h b/src/conf/virconftypes.h index 21420ba8ea..e920f9a945 100644 --- a/src/conf/virconftypes.h +++ b/src/conf/virconftypes.h @@ -202,6 +202,8 @@ typedef struct _virDomainResourceDef virDomainResourceD= ef; =20 typedef struct _virDomainSEVDef virDomainSEVDef; =20 +typedef struct _virDomainTDXDef virDomainTDXDef; + typedef struct _virDomainSecDef virDomainSecDef; =20 typedef struct _virDomainShmemDef virDomainShmemDef; --=20 2.25.1 From nobody Mon May 6 13:37:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1626405140958650.4066594354695; Thu, 15 Jul 2021 20:12:20 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-152-PFpAvUZ1ND-uouqaPOrptA-1; Thu, 15 Jul 2021 23:12:18 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5DC781835AC4; Fri, 16 Jul 2021 03:12:13 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3AC505D9C6; Fri, 16 Jul 2021 03:12:13 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 82DAC1809CB2; Fri, 16 Jul 2021 03:12:11 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 16G3CAiA005939 for ; Thu, 15 Jul 2021 23:12:10 -0400 Received: by smtp.corp.redhat.com (Postfix) id 0D3CE117C2F7; Fri, 16 Jul 2021 03:12:10 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 07FFB117C2F5 for ; Fri, 16 Jul 2021 03:12:07 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 91982185A794 for ; Fri, 16 Jul 2021 03:12:07 +0000 (UTC) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-483-wc9fR0cUMxusjqu_KimTOQ-2; Thu, 15 Jul 2021 23:12:05 -0400 Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:59 -0700 Received: from duan-server-s2600bt.bj.intel.com ([10.240.192.114]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:56 -0700 X-MC-Unique: PFpAvUZ1ND-uouqaPOrptA-1 X-MC-Unique: wc9fR0cUMxusjqu_KimTOQ-2 X-IronPort-AV: E=McAfee;i="6200,9189,10046"; a="296308775" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="296308775" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="495774416" From: Zhenzhong Duan To: libvir-list@redhat.com Subject: [RFC PATCH v2 5/8] qemu: Add command line and validation for TDX type Date: Fri, 16 Jul 2021 11:10:33 +0800 Message-Id: <20210716031036.189228-6-zhenzhong.duan@intel.com> In-Reply-To: <20210716031036.189228-1-zhenzhong.duan@intel.com> References: <20210716031036.189228-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: isaku.yamahata@intel.com, pkrempa@redhat.com, jun.j.tian@intel.com, chenyi.qiang@intel.com, phrdina@redhat.com, zhenzhong.duan@intel.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1626405142496100001 Content-Type: text/plain; charset="utf-8" QEMU will provides 'tdx-guest' object which is used to launch encrypted VMs on Intel platform using TDX feature. A typical TDX guest launch command line looks like: $QEMU ... \ -object tdx-guest,id=3Dtdx0,debug=3Don \ -machine q35,confidential-guest-support=3Dtdx0,kvm-type=3Dtdx Signed-off-by: Zhenzhong Duan --- src/qemu/qemu_command.c | 33 +++++++++++++++++++++++++++++++++ src/qemu/qemu_firmware.c | 1 + src/qemu/qemu_namespace.c | 1 + src/qemu/qemu_process.c | 1 + src/qemu/qemu_validate.c | 10 ++++++++++ 5 files changed, 46 insertions(+) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index db78deb122..2bc8173d58 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -6979,6 +6979,9 @@ qemuBuildMachineCommandLine(virCommand *cmd, case VIR_DOMAIN_LAUNCH_SECURITY_PV: virBufferAddLit(&buf, ",confidential-guest-support=3Dlsec0"); break; + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: + virBufferAddLit(&buf, ",confidential-guest-support=3Dlsec0,kvm= -type=3Dtdx"); + break; case VIR_DOMAIN_LAUNCH_SECURITY_NONE: break; case VIR_DOMAIN_LAUNCH_SECURITY_LAST: @@ -9897,6 +9900,33 @@ qemuBuildPVCommandLine(virDomainObj *vm, virCommand = *cmd) } =20 =20 +static int +qemuBuildTDXCommandLine(virDomainObj *vm, virCommand *cmd, + virDomainTDXDef *tdx) +{ + g_autoptr(virJSONValue) props =3D NULL; + g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER; + qemuDomainObjPrivate *priv =3D vm->privateData; + + VIR_DEBUG("policy=3D0x%x", tdx->policy); + + if (qemuMonitorCreateObjectProps(&props, "tdx-guest", "lsec0", + "B:debug", !!(tdx->policy & 1), + "S:mrconfigid", tdx->mrconfigid, + "S:mrowner", tdx->mrowner, + "S:mrownerconfig", tdx->mrownerconfig, + NULL) < 0) + return -1; + + if (qemuBuildObjectCommandlineFromJSON(&buf, props, priv->qemuCaps) < = 0) + return -1; + + virCommandAddArg(cmd, "-object"); + virCommandAddArgBuffer(cmd, &buf); + return 0; +} + + static int qemuBuildSecCommandLine(virDomainObj *vm, virCommand *cmd, virDomainSecDef *sec) @@ -9911,6 +9941,9 @@ qemuBuildSecCommandLine(virDomainObj *vm, virCommand = *cmd, case VIR_DOMAIN_LAUNCH_SECURITY_PV: return qemuBuildPVCommandLine(vm, cmd); break; + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: + return qemuBuildTDXCommandLine(vm, cmd, &sec->data.tdx); + break; case VIR_DOMAIN_LAUNCH_SECURITY_NONE: break; case VIR_DOMAIN_LAUNCH_SECURITY_LAST: diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 77c452746f..e144b36f94 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1070,6 +1070,7 @@ qemuFirmwareMatchDomain(const virDomainDef *def, } break; case VIR_DOMAIN_LAUNCH_SECURITY_PV: + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: case VIR_DOMAIN_LAUNCH_SECURITY_NONE: break; case VIR_DOMAIN_LAUNCH_SECURITY_LAST: diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index 42865a6497..e902f0eecc 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -608,6 +608,7 @@ qemuDomainSetupLaunchSecurity(virDomainObj *vm, VIR_DEBUG("Set up launch security for SEV"); break; case VIR_DOMAIN_LAUNCH_SECURITY_PV: + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: case VIR_DOMAIN_LAUNCH_SECURITY_NONE: break; case VIR_DOMAIN_LAUNCH_SECURITY_LAST: diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index f2a523e4f7..b5324c85a1 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6706,6 +6706,7 @@ qemuProcessPrepareLaunchSecurityGuestInput(virDomainO= bj *vm) case VIR_DOMAIN_LAUNCH_SECURITY_SEV: return qemuProcessPrepareSEVGuestInput(vm); case VIR_DOMAIN_LAUNCH_SECURITY_PV: + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: case VIR_DOMAIN_LAUNCH_SECURITY_NONE: break; case VIR_DOMAIN_LAUNCH_SECURITY_LAST: diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 7482bedee6..309d48e62f 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -1234,6 +1234,16 @@ qemuValidateDomainDef(const virDomainDef *def, return -1; } break; + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_CONFIDENTAL_GU= EST_SUPPORT) || + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_TDX_GUEST) || + !virQEMUCapsGetKVMSupportsSecureGuest(qemuCaps)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("INTEL TDX launch security is not support= ed with " + "this QEMU binary")); + return -1; + } + break; case VIR_DOMAIN_LAUNCH_SECURITY_NONE: break; case VIR_DOMAIN_LAUNCH_SECURITY_LAST: --=20 2.25.1 From nobody Mon May 6 13:37:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1626405566577338.2845979418099; Thu, 15 Jul 2021 20:19:26 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-387-FtqGjCI9M9yLgJk95rxNYQ-1; Thu, 15 Jul 2021 23:19:23 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id CE759804308; Fri, 16 Jul 2021 03:19:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A45FA26FA2; Fri, 16 Jul 2021 03:19:17 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 7483E4EA37; Fri, 16 Jul 2021 03:19:17 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 16G3CCba005964 for ; Thu, 15 Jul 2021 23:12:13 -0400 Received: by smtp.corp.redhat.com (Postfix) id D6E8E20B8999; Fri, 16 Jul 2021 03:12:12 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D16B120B8998 for ; Fri, 16 Jul 2021 03:12:09 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 33F7118812C2 for ; Fri, 16 Jul 2021 03:12:09 +0000 (UTC) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-476-Ver-S-UUPqG1JT5okmbSYA-1; Thu, 15 Jul 2021 23:12:05 -0400 Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:12:01 -0700 Received: from duan-server-s2600bt.bj.intel.com ([10.240.192.114]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:11:58 -0700 X-MC-Unique: FtqGjCI9M9yLgJk95rxNYQ-1 X-MC-Unique: Ver-S-UUPqG1JT5okmbSYA-1 X-IronPort-AV: E=McAfee;i="6200,9189,10046"; a="296308777" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="296308777" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="495774428" From: Zhenzhong Duan To: libvir-list@redhat.com Subject: [RFC PATCH v2 6/8] qemu: force special parameters enabled for TDX guest Date: Fri, 16 Jul 2021 11:10:34 +0800 Message-Id: <20210716031036.189228-7-zhenzhong.duan@intel.com> In-Reply-To: <20210716031036.189228-1-zhenzhong.duan@intel.com> References: <20210716031036.189228-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: isaku.yamahata@intel.com, pkrempa@redhat.com, jun.j.tian@intel.com, chenyi.qiang@intel.com, phrdina@redhat.com, zhenzhong.duan@intel.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1626405567818100003 Content-Type: text/plain; charset="utf-8" TDX guest requires some special parameters to boot, They are: "-machine q35-*" "pic=3Dno" "kernel_irqchip=3Dsplit" Signed-off-by: Zhenzhong Duan --- src/qemu/qemu_command.c | 2 +- src/qemu/qemu_validate.c | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 2bc8173d58..c53b0e237d 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -6980,7 +6980,7 @@ qemuBuildMachineCommandLine(virCommand *cmd, virBufferAddLit(&buf, ",confidential-guest-support=3Dlsec0"); break; case VIR_DOMAIN_LAUNCH_SECURITY_TDX: - virBufferAddLit(&buf, ",confidential-guest-support=3Dlsec0,kvm= -type=3Dtdx"); + virBufferAddLit(&buf, ",confidential-guest-support=3Dlsec0,kvm= -type=3Dtdx,pic=3Dno"); break; case VIR_DOMAIN_LAUNCH_SECURITY_NONE: break; diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 309d48e62f..2cb05dc5b2 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -1243,6 +1243,17 @@ qemuValidateDomainDef(const virDomainDef *def, "this QEMU binary")); return -1; } + if (!qemuDomainIsQ35(def)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Intel TDX is supported with q35 machine = types only")); + return -1; + } + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_KERNEL_IRQCHIP= ) || + def->features[VIR_DOMAIN_FEATURE_IOAPIC] !=3D VIR_DOMAIN_= IOAPIC_QEMU) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("INTEL TDX launch security needs split ke= rnel irqchip")); + return -1; + } break; case VIR_DOMAIN_LAUNCH_SECURITY_NONE: break; --=20 2.25.1 From nobody Mon May 6 13:37:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1626405182812763.3088385184652; Thu, 15 Jul 2021 20:13:02 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-268-6YhhqE5QPdCVPW15B888HA-1; Thu, 15 Jul 2021 23:12:26 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 22297100B3B2; Fri, 16 Jul 2021 03:12:21 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DF70C1ABDF; Fri, 16 Jul 2021 03:12:20 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id A99E51809CB5; Fri, 16 Jul 2021 03:12:20 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 16G3CDs9005969 for ; Thu, 15 Jul 2021 23:12:13 -0400 Received: by smtp.corp.redhat.com (Postfix) id 4254F209D036; Fri, 16 Jul 2021 03:12:13 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3DCB820962CA for ; Fri, 16 Jul 2021 03:12:10 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 481BC80D090 for ; Fri, 16 Jul 2021 03:12:10 +0000 (UTC) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-597-9z6Q6uWCM5S6YNp-FlG1Uw-1; Thu, 15 Jul 2021 23:12:06 -0400 Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:12:03 -0700 Received: from duan-server-s2600bt.bj.intel.com ([10.240.192.114]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:12:01 -0700 X-MC-Unique: 6YhhqE5QPdCVPW15B888HA-1 X-MC-Unique: 9z6Q6uWCM5S6YNp-FlG1Uw-1 X-IronPort-AV: E=McAfee;i="6200,9189,10046"; a="296308781" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="296308781" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="495774444" From: Zhenzhong Duan To: libvir-list@redhat.com Subject: [RFC PATCH v2 7/8] qemu: Add general loader support Date: Fri, 16 Jul 2021 11:10:35 +0800 Message-Id: <20210716031036.189228-8-zhenzhong.duan@intel.com> In-Reply-To: <20210716031036.189228-1-zhenzhong.duan@intel.com> References: <20210716031036.189228-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: isaku.yamahata@intel.com, pkrempa@redhat.com, jun.j.tian@intel.com, chenyi.qiang@intel.com, phrdina@redhat.com, zhenzhong.duan@intel.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1626405184379100001 Content-Type: text/plain; charset="utf-8" Intel TDX requires a general loader to hold its firmware TDVF. Add new loader type VIR_DOMAIN_LOADER_TYPE_GENERIC and VIR_DOMAIN_OS_DEF_FIRMWARE_GENERIC to support this feature. XML looks like: /path/to/TDVF-binary Qemu command line looks like: $QEMU ... \ -device loader,file=3D/path/to/TDVF-binary Signed-off-by: Zhenzhong Duan --- docs/schemas/domaincommon.rng | 1 + src/conf/domain_conf.c | 2 ++ src/conf/domain_conf.h | 2 ++ src/qemu/qemu_capabilities.c | 3 +++ src/qemu/qemu_command.c | 5 +++++ src/qemu/qemu_namespace.c | 1 + 6 files changed, 14 insertions(+) diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index fd77601886..9d0b51ee12 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -319,6 +319,7 @@ rom pflash + generic diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 9510aa7b1f..fbbbe708d4 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1311,6 +1311,7 @@ VIR_ENUM_IMPL(virDomainLoader, "none", "rom", "pflash", + "generic", ); =20 VIR_ENUM_IMPL(virDomainIOAPIC, @@ -1333,6 +1334,7 @@ VIR_ENUM_IMPL(virDomainOsDefFirmware, "none", "bios", "efi", + "generic", ); =20 VIR_ENUM_IMPL(virDomainOsDefFirmwareFeature, diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index b29045d0c4..99b74683a0 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2163,6 +2163,7 @@ typedef enum { VIR_DOMAIN_LOADER_TYPE_NONE =3D 0, VIR_DOMAIN_LOADER_TYPE_ROM, VIR_DOMAIN_LOADER_TYPE_PFLASH, + VIR_DOMAIN_LOADER_TYPE_GENERIC, =20 VIR_DOMAIN_LOADER_TYPE_LAST } virDomainLoader; @@ -2246,6 +2247,7 @@ typedef enum { VIR_DOMAIN_OS_DEF_FIRMWARE_NONE =3D 0, VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS =3D VIR_DOMAIN_LOADER_TYPE_ROM, VIR_DOMAIN_OS_DEF_FIRMWARE_EFI =3D VIR_DOMAIN_LOADER_TYPE_PFLASH, + VIR_DOMAIN_OS_DEF_FIRMWARE_GENERIC =3D VIR_DOMAIN_LOADER_TYPE_GENERIC, =20 VIR_DOMAIN_OS_DEF_FIRMWARE_LAST } virDomainOsDefFirmware; diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index e9906a2f32..d3c30a17e7 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -5888,6 +5888,9 @@ virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoader *= capsLoader, VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->type, VIR_DOMAIN_LOADER_TYPE_PFLASH); =20 + VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->type, + VIR_DOMAIN_LOADER_TYPE_GENERIC); + =20 VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->readonly, VIR_TRISTATE_BOOL_YES, diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index c53b0e237d..99812e37d8 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -9640,6 +9640,11 @@ qemuBuildDomainLoaderCommandLine(virCommand *cmd, qemuBuldDomainLoaderPflashCommandLine(cmd, loader, qemuCaps); break; =20 + case VIR_DOMAIN_LOADER_TYPE_GENERIC: + virCommandAddArg(cmd, "-device"); + virCommandAddArgFormat(cmd, "loader,file=3D%s", loader->path); + break; + case VIR_DOMAIN_LOADER_TYPE_NONE: case VIR_DOMAIN_LOADER_TYPE_LAST: /* nada */ diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index e902f0eecc..aa635b1375 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -569,6 +569,7 @@ qemuDomainSetupLoader(virDomainObj *vm, if (loader) { switch ((virDomainLoader) loader->type) { case VIR_DOMAIN_LOADER_TYPE_ROM: + case VIR_DOMAIN_LOADER_TYPE_GENERIC: *paths =3D g_slist_prepend(*paths, g_strdup(loader->path)); break; =20 --=20 2.25.1 From nobody Mon May 6 13:37:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1626405150543714.3175751072191; Thu, 15 Jul 2021 20:12:30 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-128-YQXS-F0uO-i4y0NINwMoJg-1; Thu, 15 Jul 2021 23:12:27 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 12EE25074F; Fri, 16 Jul 2021 03:12:22 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E1E1110016FD; Fri, 16 Jul 2021 03:12:21 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id AD57818005A2; Fri, 16 Jul 2021 03:12:21 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 16G3CBBP005948 for ; Thu, 15 Jul 2021 23:12:11 -0400 Received: by smtp.corp.redhat.com (Postfix) id E6D45113B7C; Fri, 16 Jul 2021 03:12:10 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E1DB4113B76 for ; Fri, 16 Jul 2021 03:12:10 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C65B280015A for ; Fri, 16 Jul 2021 03:12:10 +0000 (UTC) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-476-pXUzq6NrOA2-AlTzyUBCiw-2; Thu, 15 Jul 2021 23:12:06 -0400 Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:12:05 -0700 Received: from duan-server-s2600bt.bj.intel.com ([10.240.192.114]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 20:12:03 -0700 X-MC-Unique: YQXS-F0uO-i4y0NINwMoJg-1 X-MC-Unique: pXUzq6NrOA2-AlTzyUBCiw-2 X-IronPort-AV: E=McAfee;i="6200,9189,10046"; a="296308784" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="296308784" X-IronPort-AV: E=Sophos;i="5.84,244,1620716400"; d="scan'208";a="495774455" From: Zhenzhong Duan To: libvir-list@redhat.com Subject: [RFC PATCH v2 8/8] qemu: Add firmware descriptor support for TDX Date: Fri, 16 Jul 2021 11:10:36 +0800 Message-Id: <20210716031036.189228-9-zhenzhong.duan@intel.com> In-Reply-To: <20210716031036.189228-1-zhenzhong.duan@intel.com> References: <20210716031036.189228-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: isaku.yamahata@intel.com, pkrempa@redhat.com, jun.j.tian@intel.com, chenyi.qiang@intel.com, phrdina@redhat.com, zhenzhong.duan@intel.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1626405150981100001 Content-Type: text/plain; charset="utf-8" Add a firmware descriptor support for TDVF, then libvirt can auto match TDVF fimware with td-guest. Signed-off-by: Zhenzhong Duan --- docs/schemas/domaincommon.rng | 1 + src/qemu/qemu_capabilities.c | 2 + src/qemu/qemu_firmware.c | 101 +++++++++++++++++++++++++++++++++- src/qemu/qemu_validate.c | 7 +++ 4 files changed, 108 insertions(+), 3 deletions(-) diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 9d0b51ee12..8232025bf7 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -275,6 +275,7 @@ bios efi + generic diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index d3c30a17e7..a01d4c26db 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -5934,6 +5934,8 @@ virQEMUCapsFillDomainOSCaps(virDomainCapsOS *os, VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_= BIOS); if (autoFirmwares & (1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_EFI)) VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_= EFI); + if (autoFirmwares & (1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_GENERIC)) + VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_= GENERIC); =20 if (virQEMUCapsFillDomainLoaderCaps(capsLoader, secure, firmwaresAlt ? firmwaresAlt : firm= wares, diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index e144b36f94..28e006eb82 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -84,12 +84,18 @@ struct _qemuFirmwareMappingMemory { char *filename; }; =20 +typedef struct _qemuFirmwareMappingGeneric qemuFirmwareMappingGeneric; +struct _qemuFirmwareMappingGeneric { + char *filename; +}; + =20 typedef enum { QEMU_FIRMWARE_DEVICE_NONE =3D 0, QEMU_FIRMWARE_DEVICE_FLASH, QEMU_FIRMWARE_DEVICE_KERNEL, QEMU_FIRMWARE_DEVICE_MEMORY, + QEMU_FIRMWARE_DEVICE_GENERIC, =20 QEMU_FIRMWARE_DEVICE_LAST } qemuFirmwareDevice; @@ -101,6 +107,7 @@ VIR_ENUM_IMPL(qemuFirmwareDevice, "flash", "kernel", "memory", + "generic", ); =20 =20 @@ -112,6 +119,7 @@ struct _qemuFirmwareMapping { qemuFirmwareMappingFlash flash; qemuFirmwareMappingKernel kernel; qemuFirmwareMappingMemory memory; + qemuFirmwareMappingGeneric generic; } data; }; =20 @@ -135,6 +143,7 @@ typedef enum { QEMU_FIRMWARE_FEATURE_SECURE_BOOT, QEMU_FIRMWARE_FEATURE_VERBOSE_DYNAMIC, QEMU_FIRMWARE_FEATURE_VERBOSE_STATIC, + QEMU_FIRMWARE_FEATURE_INTEL_TDX, =20 QEMU_FIRMWARE_FEATURE_LAST } qemuFirmwareFeature; @@ -151,7 +160,8 @@ VIR_ENUM_IMPL(qemuFirmwareFeature, "requires-smm", "secure-boot", "verbose-dynamic", - "verbose-static" + "verbose-static", + "intel-tdx" ); =20 =20 @@ -213,6 +223,13 @@ qemuFirmwareMappingMemoryFreeContent(qemuFirmwareMappi= ngMemory *memory) } =20 =20 +static void +qemuFirmwareMappingGenericFreeContent(qemuFirmwareMappingGeneric *generic) +{ + g_free(generic->filename); +} + + static void qemuFirmwareMappingFreeContent(qemuFirmwareMapping *mapping) { @@ -226,6 +243,9 @@ qemuFirmwareMappingFreeContent(qemuFirmwareMapping *map= ping) case QEMU_FIRMWARE_DEVICE_MEMORY: qemuFirmwareMappingMemoryFreeContent(&mapping->data.memory); break; + case QEMU_FIRMWARE_DEVICE_GENERIC: + qemuFirmwareMappingGenericFreeContent(&mapping->data.generic); + break; case QEMU_FIRMWARE_DEVICE_NONE: case QEMU_FIRMWARE_DEVICE_LAST: break; @@ -424,6 +444,25 @@ qemuFirmwareMappingMemoryParse(const char *path, } =20 =20 +static int +qemuFirmwareMappingGenericParse(const char *path, + virJSONValue *doc, + qemuFirmwareMappingGeneric *generic) +{ + const char *filename; + + if (!(filename =3D virJSONValueObjectGetString(doc, "filename"))) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("missing 'filename' in '%s'"), + path); + } + + generic->filename =3D g_strdup(filename); + + return 0; +} + + static int qemuFirmwareMappingParse(const char *path, virJSONValue *doc, @@ -469,6 +508,10 @@ qemuFirmwareMappingParse(const char *path, if (qemuFirmwareMappingMemoryParse(path, mapping, &fw->mapping.dat= a.memory) < 0) return -1; break; + case QEMU_FIRMWARE_DEVICE_GENERIC: + if (qemuFirmwareMappingGenericParse(path, mapping, &fw->mapping.da= ta.generic) < 0) + return -1; + break; =20 case QEMU_FIRMWARE_DEVICE_NONE: case QEMU_FIRMWARE_DEVICE_LAST: @@ -740,6 +783,19 @@ qemuFirmwareMappingMemoryFormat(virJSONValue *mapping, } =20 =20 +static int +qemuFirmwareMappingGenericFormat(virJSONValue *mapping, + qemuFirmwareMappingGeneric *generic) +{ + if (virJSONValueObjectAppendString(mapping, + "filename", + generic->filename) < 0) + return -1; + + return 0; +} + + static int qemuFirmwareMappingFormat(virJSONValue *doc, qemuFirmware *fw) @@ -764,6 +820,10 @@ qemuFirmwareMappingFormat(virJSONValue *doc, if (qemuFirmwareMappingMemoryFormat(mapping, &fw->mapping.data.mem= ory) < 0) return -1; break; + case QEMU_FIRMWARE_DEVICE_GENERIC: + if (qemuFirmwareMappingGenericFormat(mapping, &fw->mapping.data.ge= neric) < 0) + return -1; + break; =20 case QEMU_FIRMWARE_DEVICE_NONE: case QEMU_FIRMWARE_DEVICE_LAST: @@ -905,6 +965,7 @@ qemuFirmwareOSInterfaceTypeFromOsDefFirmware(int fw) case VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS: return QEMU_FIRMWARE_OS_INTERFACE_BIOS; case VIR_DOMAIN_OS_DEF_FIRMWARE_EFI: + case VIR_DOMAIN_OS_DEF_FIRMWARE_GENERIC: return QEMU_FIRMWARE_OS_INTERFACE_UEFI; case VIR_DOMAIN_OS_DEF_FIRMWARE_NONE: case VIR_DOMAIN_OS_DEF_FIRMWARE_LAST: @@ -932,6 +993,7 @@ qemuFirmwareMatchDomain(const virDomainDef *def, bool supportsSEVES =3D false; bool supportsSecureBoot =3D false; bool hasEnrolledKeys =3D false; + bool supportsTDX =3D false; int reqSecureBoot; int reqEnrolledKeys; =20 @@ -995,6 +1057,10 @@ qemuFirmwareMatchDomain(const virDomainDef *def, hasEnrolledKeys =3D true; break; =20 + case QEMU_FIRMWARE_FEATURE_INTEL_TDX: + supportsTDX =3D true; + break; + case QEMU_FIRMWARE_FEATURE_VERBOSE_DYNAMIC: case QEMU_FIRMWARE_FEATURE_VERBOSE_STATIC: case QEMU_FIRMWARE_FEATURE_NONE: @@ -1069,8 +1135,14 @@ qemuFirmwareMatchDomain(const virDomainDef *def, return false; } break; - case VIR_DOMAIN_LAUNCH_SECURITY_PV: case VIR_DOMAIN_LAUNCH_SECURITY_TDX: + if (!supportsTDX) { + VIR_DEBUG("Domain requires TDX, firmware '%s' doesn't supp= ort it", + path); + return false; + } + break; + case VIR_DOMAIN_LAUNCH_SECURITY_PV: case VIR_DOMAIN_LAUNCH_SECURITY_NONE: break; case VIR_DOMAIN_LAUNCH_SECURITY_LAST: @@ -1093,6 +1165,7 @@ qemuFirmwareEnableFeatures(virQEMUDriver *driver, const qemuFirmwareMappingFlash *flash =3D &fw->mapping.data.flash; const qemuFirmwareMappingKernel *kernel =3D &fw->mapping.data.kernel; const qemuFirmwareMappingMemory *memory =3D &fw->mapping.data.memory; + const qemuFirmwareMappingGeneric *generic =3D &fw->mapping.data.generi= c; size_t i; =20 switch (fw->mapping.device) { @@ -1149,6 +1222,17 @@ qemuFirmwareEnableFeatures(virQEMUDriver *driver, def->os.loader->path); break; =20 + case QEMU_FIRMWARE_DEVICE_GENERIC: + if (!def->os.loader) + def->os.loader =3D g_new0(virDomainLoaderDef, 1); + + def->os.loader->type =3D VIR_DOMAIN_LOADER_TYPE_GENERIC; + def->os.loader->path =3D g_strdup(generic->filename); + + VIR_DEBUG("decided on loader '%s'", + def->os.loader->path); + break; + case QEMU_FIRMWARE_DEVICE_NONE: case QEMU_FIRMWARE_DEVICE_LAST: break; @@ -1183,6 +1267,7 @@ qemuFirmwareEnableFeatures(virQEMUDriver *driver, case QEMU_FIRMWARE_FEATURE_SECURE_BOOT: case QEMU_FIRMWARE_FEATURE_VERBOSE_DYNAMIC: case QEMU_FIRMWARE_FEATURE_VERBOSE_STATIC: + case QEMU_FIRMWARE_FEATURE_INTEL_TDX: case QEMU_FIRMWARE_FEATURE_LAST: break; } @@ -1216,6 +1301,7 @@ qemuFirmwareSanityCheck(const qemuFirmware *fw, case QEMU_FIRMWARE_FEATURE_ENROLLED_KEYS: case QEMU_FIRMWARE_FEATURE_VERBOSE_DYNAMIC: case QEMU_FIRMWARE_FEATURE_VERBOSE_STATIC: + case QEMU_FIRMWARE_FEATURE_INTEL_TDX: case QEMU_FIRMWARE_FEATURE_LAST: break; } @@ -1411,6 +1497,7 @@ qemuFirmwareGetSupported(const char *machine, qemuFirmware *fw =3D firmwares[i]; const qemuFirmwareMappingFlash *flash =3D &fw->mapping.data.flash; const qemuFirmwareMappingMemory *memory =3D &fw->mapping.data.memo= ry; + const qemuFirmwareMappingGeneric *generic =3D &fw->mapping.data.ge= neric; const char *fwpath =3D NULL; const char *nvrampath =3D NULL; size_t j; @@ -1421,7 +1508,10 @@ qemuFirmwareGetSupported(const char *machine, for (j =3D 0; j < fw->ninterfaces; j++) { switch (fw->interfaces[j]) { case QEMU_FIRMWARE_OS_INTERFACE_UEFI: - *supported |=3D 1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_EFI; + if (fw->mapping.device =3D=3D QEMU_FIRMWARE_DEVICE_GENERIC) + *supported |=3D 1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_GEN= ERIC; + else + *supported |=3D 1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_EFI; break; case QEMU_FIRMWARE_OS_INTERFACE_BIOS: *supported |=3D 1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS; @@ -1449,6 +1539,7 @@ qemuFirmwareGetSupported(const char *machine, case QEMU_FIRMWARE_FEATURE_SECURE_BOOT: case QEMU_FIRMWARE_FEATURE_VERBOSE_DYNAMIC: case QEMU_FIRMWARE_FEATURE_VERBOSE_STATIC: + case QEMU_FIRMWARE_FEATURE_INTEL_TDX: case QEMU_FIRMWARE_FEATURE_LAST: break; } @@ -1464,6 +1555,10 @@ qemuFirmwareGetSupported(const char *machine, fwpath =3D memory->filename; break; =20 + case QEMU_FIRMWARE_DEVICE_GENERIC: + fwpath =3D generic->filename; + break; + case QEMU_FIRMWARE_DEVICE_KERNEL: case QEMU_FIRMWARE_DEVICE_NONE: case QEMU_FIRMWARE_DEVICE_LAST: diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 2cb05dc5b2..ca507868ad 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -1254,6 +1254,13 @@ qemuValidateDomainDef(const virDomainDef *def, _("INTEL TDX launch security needs split ke= rnel irqchip")); return -1; } + if ((!def->os.loader || + def->os.loader->type !=3D VIR_DOMAIN_LOADER_TYPE_GENERIC) = && + def->os.firmware !=3D VIR_DOMAIN_OS_DEF_FIRMWARE_GENERIC) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("INTEL TDX launch security needs generic = loader type")); + return -1; + } break; case VIR_DOMAIN_LAUNCH_SECURITY_NONE: break; --=20 2.25.1