From nobody Sun May 5 06:47:24 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 163489884708676.34167436977145; Fri, 22 Oct 2021 03:34:07 -0700 (PDT) Received: from localhost ([::1]:40790 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mdrsD-0003po-UV for importer@patchew.org; Fri, 22 Oct 2021 06:34:06 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51714) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mdrqI-00015E-8F for qemu-devel@nongnu.org; Fri, 22 Oct 2021 06:32:06 -0400 Received: from mga06.intel.com ([134.134.136.31]:5672) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mdrqF-0000Bk-2X for qemu-devel@nongnu.org; Fri, 22 Oct 2021 06:32:05 -0400 Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Oct 2021 03:31:59 -0700 Received: from icx.bj.intel.com ([10.240.192.117]) by orsmga004.jf.intel.com with ESMTP; 22 Oct 2021 03:31:57 -0700 X-IronPort-AV: E=McAfee;i="6200,9189,10144"; a="290113942" X-IronPort-AV: E=Sophos;i="5.87,172,1631602800"; d="scan'208";a="290113942" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.87,172,1631602800"; d="scan'208";a="595506370" From: Yang Zhong To: qemu-devel@nongnu.org Subject: [PATCH v2 1/5] numa: Enable numa for SGX EPC sections Date: Fri, 22 Oct 2021 15:27:50 -0400 Message-Id: <20211022192754.58196-2-yang.zhong@intel.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20211022192754.58196-1-yang.zhong@intel.com> References: <20211022192754.58196-1-yang.zhong@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=134.134.136.31; envelope-from=yang.zhong@intel.com; helo=mga06.intel.com X-Spam_score_int: -6 X-Spam_score: -0.7 X-Spam_bar: / X-Spam_report: (-0.7 / 5.0 requ) BAYES_00=-1.9, DATE_IN_FUTURE_06_12=1.947, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: yang.zhong@intel.com, pbonzini@redhat.com, jarkko@kernel.org, eblake@redhat.com, philmd@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZM-MESSAGEID: 1634898849225100005 Content-Type: text/plain; charset="utf-8" The basic SGX did not enable numa for SGX EPC sections, which result in all EPC sections located in numa node 0. This patch enable SGX numa function in the guest and the EPC section can work with RAM as one numa node. The Guest kernel related log: [ 0.009981] ACPI: SRAT: Node 0 PXM 0 [mem 0x180000000-0x183ffffff] [ 0.009982] ACPI: SRAT: Node 1 PXM 1 [mem 0x184000000-0x185bfffff] The SRAT table can normally show SGX EPC sections menory info in different numa nodes. The SGX EPC numa related command: ...... -m 4G,maxmem=3D20G \ -smp sockets=3D2,cores=3D2 \ -cpu host,+sgx-provisionkey \ -object memory-backend-ram,size=3D2G,host-nodes=3D0,policy=3Dbind,id=3Dnod= e0 \ -object memory-backend-epc,id=3Dmem0,size=3D64M,prealloc=3Don,host-nodes= =3D0,policy=3Dbind \ -numa node,nodeid=3D0,cpus=3D0-1,memdev=3Dnode0 \ -object memory-backend-ram,size=3D2G,host-nodes=3D1,policy=3Dbind,id=3Dnod= e1 \ -object memory-backend-epc,id=3Dmem1,size=3D28M,prealloc=3Don,host-nodes= =3D1,policy=3Dbind \ -numa node,nodeid=3D1,cpus=3D2-3,memdev=3Dnode1 \ -M sgx-epc.0.memdev=3Dmem0,sgx-epc.0.node=3D0,sgx-epc.1.memdev=3Dmem1,sgx-= epc.1.node=3D1 \ ...... Signed-off-by: Yang Zhong --- qapi/machine.json | 10 ++++++++- include/hw/i386/sgx-epc.h | 3 +++ hw/i386/acpi-build.c | 4 ++++ hw/i386/sgx-epc.c | 3 +++ hw/i386/sgx.c | 44 +++++++++++++++++++++++++++++++++++++++ monitor/hmp-cmds.c | 1 + qemu-options.hx | 4 ++-- 7 files changed, 66 insertions(+), 3 deletions(-) diff --git a/qapi/machine.json b/qapi/machine.json index 5db54df298..38a1e3438f 100644 --- a/qapi/machine.json +++ b/qapi/machine.json @@ -1207,12 +1207,15 @@ # # @memdev: memory backend linked with device # +# @node: the numa node +# # Since: 6.2 ## { 'struct': 'SgxEPCDeviceInfo', 'data': { '*id': 'str', 'memaddr': 'size', 'size': 'size', + 'node': 'int', 'memdev': 'str' } } @@ -1285,10 +1288,15 @@ # # @memdev: memory backend linked with device # +# @node: the numa node +# # Since: 6.2 ## { 'struct': 'SgxEPC', - 'data': { 'memdev': 'str' } } + 'data': { 'memdev': 'str', + 'node': 'int' + } +} =20 ## # @SgxEPCProperties: diff --git a/include/hw/i386/sgx-epc.h b/include/hw/i386/sgx-epc.h index a6a65be854..581fac389a 100644 --- a/include/hw/i386/sgx-epc.h +++ b/include/hw/i386/sgx-epc.h @@ -25,6 +25,7 @@ #define SGX_EPC_ADDR_PROP "addr" #define SGX_EPC_SIZE_PROP "size" #define SGX_EPC_MEMDEV_PROP "memdev" +#define SGX_EPC_NUMA_NODE_PROP "node" =20 /** * SGXEPCDevice: @@ -38,6 +39,7 @@ typedef struct SGXEPCDevice { =20 /* public */ uint64_t addr; + uint32_t node; HostMemoryBackendEpc *hostmem; } SGXEPCDevice; =20 @@ -56,6 +58,7 @@ typedef struct SGXEPCState { } SGXEPCState; =20 bool sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size); +void sgx_epc_build_srat(GArray *table_data); =20 static inline uint64_t sgx_epc_above_4g_end(SGXEPCState *sgx_epc) { diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c index 81418b7911..563a38992f 100644 --- a/hw/i386/acpi-build.c +++ b/hw/i386/acpi-build.c @@ -2062,6 +2062,10 @@ build_srat(GArray *table_data, BIOSLinker *linker, M= achineState *machine) nvdimm_build_srat(table_data); } =20 + if (pcms->sgx_epc.size !=3D 0) { + sgx_epc_build_srat(table_data); + } + /* * TODO: this part is not in ACPI spec and current linux kernel boots = fine * without these entries. But I recall there were issues the last time= I diff --git a/hw/i386/sgx-epc.c b/hw/i386/sgx-epc.c index 55e2217eae..e5cd2789be 100644 --- a/hw/i386/sgx-epc.c +++ b/hw/i386/sgx-epc.c @@ -21,6 +21,7 @@ =20 static Property sgx_epc_properties[] =3D { DEFINE_PROP_UINT64(SGX_EPC_ADDR_PROP, SGXEPCDevice, addr, 0), + DEFINE_PROP_UINT32(SGX_EPC_NUMA_NODE_PROP, SGXEPCDevice, node, 0), DEFINE_PROP_LINK(SGX_EPC_MEMDEV_PROP, SGXEPCDevice, hostmem, TYPE_MEMORY_BACKEND_EPC, HostMemoryBackendEpc *), DEFINE_PROP_END_OF_LIST(), @@ -139,6 +140,8 @@ static void sgx_epc_md_fill_device_info(const MemoryDev= iceState *md, se->memaddr =3D epc->addr; se->size =3D object_property_get_uint(OBJECT(epc), SGX_EPC_SIZE_PROP, NULL); + se->node =3D object_property_get_uint(OBJECT(epc), SGX_EPC_NUMA_NODE_P= ROP, + NULL); se->memdev =3D object_get_canonical_path(OBJECT(epc->hostmem)); =20 info->u.sgx_epc.data =3D se; diff --git a/hw/i386/sgx.c b/hw/i386/sgx.c index 11607568b6..9a77519609 100644 --- a/hw/i386/sgx.c +++ b/hw/i386/sgx.c @@ -21,6 +21,7 @@ #include "qapi/qapi-commands-misc-target.h" #include "exec/address-spaces.h" #include "sysemu/hw_accel.h" +#include "hw/acpi/aml-build.h" =20 #define SGX_MAX_EPC_SECTIONS 8 #define SGX_CPUID_EPC_INVALID 0x0 @@ -29,6 +30,46 @@ #define SGX_CPUID_EPC_SECTION 0x1 #define SGX_CPUID_EPC_MASK 0xF =20 +static int sgx_epc_device_list(Object *obj, void *opaque) +{ + GSList **list =3D opaque; + + if (object_dynamic_cast(obj, TYPE_SGX_EPC)) { + *list =3D g_slist_append(*list, DEVICE(obj)); + } + + object_child_foreach(obj, sgx_epc_device_list, opaque); + return 0; +} + +static GSList *sgx_epc_get_device_list(void) +{ + GSList *list =3D NULL; + + object_child_foreach(qdev_get_machine(), sgx_epc_device_list, &list); + return list; +} + +void sgx_epc_build_srat(GArray *table_data) +{ + GSList *device_list =3D sgx_epc_get_device_list(); + + for (; device_list; device_list =3D device_list->next) { + DeviceState *dev =3D device_list->data; + Object *obj =3D OBJECT(dev); + uint64_t addr, size; + int node; + + node =3D object_property_get_uint(obj, SGX_EPC_NUMA_NODE_PROP, + &error_abort); + addr =3D object_property_get_uint(obj, SGX_EPC_ADDR_PROP, &error_a= bort); + size =3D object_property_get_uint(obj, SGX_EPC_SIZE_PROP, &error_a= bort); + + build_srat_memory(table_data, addr, size, node, MEM_AFFINITY_ENABL= ED); + } + g_slist_free(device_list); +} + static uint64_t sgx_calc_section_metric(uint64_t low, uint64_t high) { return (low & MAKE_64BIT_MASK(12, 20)) + @@ -179,6 +220,9 @@ void pc_machine_init_sgx_epc(PCMachineState *pcms) /* set the memdev link with memory backend */ object_property_parse(obj, SGX_EPC_MEMDEV_PROP, list->value->memde= v, &error_fatal); + /* set the numa node property for sgx epc object */ + object_property_set_uint(obj, SGX_EPC_NUMA_NODE_PROP, list->value-= >node, + &error_fatal); object_property_set_bool(obj, "realized", true, &error_fatal); object_unref(obj); } diff --git a/monitor/hmp-cmds.c b/monitor/hmp-cmds.c index bcaa41350e..8af26e3e20 100644 --- a/monitor/hmp-cmds.c +++ b/monitor/hmp-cmds.c @@ -1878,6 +1878,7 @@ void hmp_info_memory_devices(Monitor *mon, const QDic= t *qdict) se->id ? se->id : ""); monitor_printf(mon, " memaddr: 0x%" PRIx64 "\n", se->mema= ddr); monitor_printf(mon, " size: %" PRIu64 "\n", se->size); + monitor_printf(mon, " node: %" PRId64 "\n", se->node); monitor_printf(mon, " memdev: %s\n", se->memdev); break; default: diff --git a/qemu-options.hx b/qemu-options.hx index 5f375bbfa6..aaa5a1926d 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -127,11 +127,11 @@ SRST ERST =20 DEF("M", HAS_ARG, QEMU_OPTION_M, - " sgx-epc.0.memdev=3Dmemid\n", + " sgx-epc.0.memdev=3Dmemid,sgx-epc.0.node=3Dnumaid\n", QEMU_ARCH_ALL) =20 SRST -``sgx-epc.0.memdev=3D@var{memid}`` +``sgx-epc.0.memdev=3D@var{memid},sgx-epc.0.node=3D@var{numaid}`` Define an SGX EPC section. ERST =20 From nobody Sun May 5 06:47:24 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1634898841579920.7615738250466; Fri, 22 Oct 2021 03:34:01 -0700 (PDT) Received: from localhost ([::1]:40440 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mdrs7-0003cK-Kg for importer@patchew.org; Fri, 22 Oct 2021 06:33:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51706) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mdrqH-000157-Si for qemu-devel@nongnu.org; Fri, 22 Oct 2021 06:32:05 -0400 Received: from mga06.intel.com ([134.134.136.31]:5677) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mdrqF-0000Dj-AD for qemu-devel@nongnu.org; Fri, 22 Oct 2021 06:32:05 -0400 Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Oct 2021 03:32:01 -0700 Received: from icx.bj.intel.com ([10.240.192.117]) by orsmga004.jf.intel.com with ESMTP; 22 Oct 2021 03:31:59 -0700 X-IronPort-AV: E=McAfee;i="6200,9189,10144"; a="290113945" X-IronPort-AV: E=Sophos;i="5.87,172,1631602800"; d="scan'208";a="290113945" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.87,172,1631602800"; d="scan'208";a="595506378" From: Yang Zhong To: qemu-devel@nongnu.org Subject: [PATCH v2 2/5] monitor: Support 'info numa' command Date: Fri, 22 Oct 2021 15:27:51 -0400 Message-Id: <20211022192754.58196-3-yang.zhong@intel.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20211022192754.58196-1-yang.zhong@intel.com> References: <20211022192754.58196-1-yang.zhong@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=134.134.136.31; envelope-from=yang.zhong@intel.com; helo=mga06.intel.com X-Spam_score_int: -6 X-Spam_score: -0.7 X-Spam_bar: / X-Spam_report: (-0.7 / 5.0 requ) BAYES_00=-1.9, DATE_IN_FUTURE_06_12=1.947, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: yang.zhong@intel.com, pbonzini@redhat.com, jarkko@kernel.org, eblake@redhat.com, philmd@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZM-MESSAGEID: 1634898842914100001 Content-Type: text/plain; charset="utf-8" Add the MEMORY_DEVICE_INFO_KIND_SGX_EPC case for SGX numa info with 'info numa' command in the monitor. Signed-off-by: Yang Zhong --- hw/core/numa.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hw/core/numa.c b/hw/core/numa.c index 510d096a88..1aa05dcf42 100644 --- a/hw/core/numa.c +++ b/hw/core/numa.c @@ -756,6 +756,7 @@ static void numa_stat_memory_devices(NumaNodeMem node_m= em[]) PCDIMMDeviceInfo *pcdimm_info; VirtioPMEMDeviceInfo *vpi; VirtioMEMDeviceInfo *vmi; + SgxEPCDeviceInfo *se; =20 for (info =3D info_list; info; info =3D info->next) { MemoryDeviceInfo *value =3D info->value; @@ -781,6 +782,11 @@ static void numa_stat_memory_devices(NumaNodeMem node_= mem[]) node_mem[vmi->node].node_mem +=3D vmi->size; node_mem[vmi->node].node_plugged_mem +=3D vmi->size; break; + case MEMORY_DEVICE_INFO_KIND_SGX_EPC: + se =3D value->u.sgx_epc.data; + node_mem[se->node].node_mem +=3D se->size; + node_mem[se->node].node_plugged_mem =3D 0; + break; default: g_assert_not_reached(); } From nobody Sun May 5 06:47:24 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1634898983997628.7244274804277; Fri, 22 Oct 2021 03:36:23 -0700 (PDT) Received: from localhost ([::1]:46366 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mdruR-0007fZ-23 for importer@patchew.org; Fri, 22 Oct 2021 06:36:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51742) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mdrqL-00016c-0i for qemu-devel@nongnu.org; Fri, 22 Oct 2021 06:32:09 -0400 Received: from mga06.intel.com ([134.134.136.31]:5677) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mdrqI-0000Dj-HQ for qemu-devel@nongnu.org; Fri, 22 Oct 2021 06:32:08 -0400 Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Oct 2021 03:32:03 -0700 Received: from icx.bj.intel.com ([10.240.192.117]) by orsmga004.jf.intel.com with ESMTP; 22 Oct 2021 03:32:01 -0700 X-IronPort-AV: E=McAfee;i="6200,9189,10144"; a="290113948" X-IronPort-AV: E=Sophos;i="5.87,172,1631602800"; d="scan'208";a="290113948" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.87,172,1631602800"; d="scan'208";a="595506398" From: Yang Zhong To: qemu-devel@nongnu.org Subject: [PATCH v2 3/5] numa: Support SGX numa in the monitor and Libvirt interfaces Date: Fri, 22 Oct 2021 15:27:52 -0400 Message-Id: <20211022192754.58196-4-yang.zhong@intel.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20211022192754.58196-1-yang.zhong@intel.com> References: <20211022192754.58196-1-yang.zhong@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=134.134.136.31; envelope-from=yang.zhong@intel.com; helo=mga06.intel.com X-Spam_score_int: 12 X-Spam_score: 1.2 X-Spam_bar: + X-Spam_report: (1.2 / 5.0 requ) DATE_IN_FUTURE_06_12=1.947, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: yang.zhong@intel.com, pbonzini@redhat.com, jarkko@kernel.org, eblake@redhat.com, philmd@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZM-MESSAGEID: 1634898985257100001 Content-Type: text/plain; charset="utf-8" Add the SGXEPCSection list into SGXInfo to show the multiple SGX EPC sections detailed info, not the total size like before. This patch can enable numa support for 'info sgx' command and QMP interfaces. The new interfaces show each EPC section info in one numa node. Libvirt can use QMP interface to get the detailed host SGX EPC capabilities to decide how to allocate host EPC sections to guest. (qemu) info sgx SGX support: enabled SGX1 support: enabled SGX2 support: enabled FLC support: enabled NUMA node #0: size=3D67108864 NUMA node #1: size=3D29360128 The QMP interface show: (QEMU) query-sgx {"return": {"sgx": true, "sgx2": true, "sgx1": true, "sections": \ [{"node": 0, "size": 67108864}, {"node": 1, "size": 29360128}], "flc": true= }} (QEMU) query-sgx-capabilities {"return": {"sgx": true, "sgx2": true, "sgx1": true, "sections": \ [{"node": 0, "size": 17070817280}, {"node": 1, "size": 17079205888}], "flc"= : true}} Signed-off-by: Yang Zhong --- qapi/misc-target.json | 19 ++++++++++++++-- hw/i386/sgx.c | 51 +++++++++++++++++++++++++++++++++++-------- 2 files changed, 59 insertions(+), 11 deletions(-) diff --git a/qapi/misc-target.json b/qapi/misc-target.json index 5aa2b95b7d..1022aa0184 100644 --- a/qapi/misc-target.json +++ b/qapi/misc-target.json @@ -337,6 +337,21 @@ 'if': 'TARGET_ARM' } =20 =20 +## +# @SGXEPCSection: +# +# Information about intel SGX EPC section info +# +# @node: the numa node +# +# @size: the size of epc section +# +# Since: 6.2 +## +{ 'struct': 'SGXEPCSection', + 'data': { 'node': 'int', + 'size': 'uint64'}} + ## # @SGXInfo: # @@ -350,7 +365,7 @@ # # @flc: true if FLC is supported # -# @section-size: The EPC section size for guest +# @sections: The EPC sections info for guest # # Since: 6.2 ## @@ -359,7 +374,7 @@ 'sgx1': 'bool', 'sgx2': 'bool', 'flc': 'bool', - 'section-size': 'uint64'}, + 'sections': ['SGXEPCSection']}, 'if': 'TARGET_I386' } =20 ## diff --git a/hw/i386/sgx.c b/hw/i386/sgx.c index 9a77519609..b5b710a556 100644 --- a/hw/i386/sgx.c +++ b/hw/i386/sgx.c @@ -76,11 +76,13 @@ static uint64_t sgx_calc_section_metric(uint64_t low, u= int64_t high) ((high & MAKE_64BIT_MASK(0, 20)) << 32); } =20 -static uint64_t sgx_calc_host_epc_section_size(void) +static SGXEPCSectionList *sgx_calc_host_epc_sections(void) { + SGXEPCSectionList *head =3D NULL, **tail =3D &head; + SGXEPCSection *section; uint32_t i, type; uint32_t eax, ebx, ecx, edx; - uint64_t size =3D 0; + uint32_t j =3D 0; =20 for (i =3D 0; i < SGX_MAX_EPC_SECTIONS; i++) { host_cpuid(0x12, i + 2, &eax, &ebx, &ecx, &edx); @@ -94,10 +96,13 @@ static uint64_t sgx_calc_host_epc_section_size(void) break; } =20 - size +=3D sgx_calc_section_metric(ecx, edx); + section =3D g_new0(SGXEPCSection, 1); + section->node =3D j++; + section->size =3D sgx_calc_section_metric(ecx, edx); + QAPI_LIST_APPEND(tail, section); } =20 - return size; + return head; } =20 SGXInfo *qmp_query_sgx_capabilities(Error **errp) @@ -121,13 +126,35 @@ SGXInfo *qmp_query_sgx_capabilities(Error **errp) info->sgx1 =3D eax & (1U << 0) ? true : false; info->sgx2 =3D eax & (1U << 1) ? true : false; =20 - info->section_size =3D sgx_calc_host_epc_section_size(); + info->sections =3D sgx_calc_host_epc_sections(); =20 close(fd); =20 return info; } =20 +static SGXEPCSectionList *sgx_get_epc_sections_list(void) +{ + GSList *device_list =3D sgx_epc_get_device_list(); + SGXEPCSectionList *head =3D NULL, **tail =3D &head; + SGXEPCSection *section; + + for (; device_list; device_list =3D device_list->next) { + DeviceState *dev =3D device_list->data; + Object *obj =3D OBJECT(dev); + + section =3D g_new0(SGXEPCSection, 1); + section->node =3D object_property_get_uint(obj, SGX_EPC_NUMA_NODE_= PROP, + &error_abort); + section->size =3D object_property_get_uint(obj, SGX_EPC_SIZE_PROP, + &error_abort); + QAPI_LIST_APPEND(tail, section); + } + g_slist_free(device_list); + + return head; +} + SGXInfo *qmp_query_sgx(Error **errp) { SGXInfo *info =3D NULL; @@ -146,14 +173,13 @@ SGXInfo *qmp_query_sgx(Error **errp) return NULL; } =20 - SGXEPCState *sgx_epc =3D &pcms->sgx_epc; info =3D g_new0(SGXInfo, 1); =20 info->sgx =3D true; info->sgx1 =3D true; info->sgx2 =3D true; info->flc =3D true; - info->section_size =3D sgx_epc->size; + info->sections =3D sgx_get_epc_sections_list(); =20 return info; } @@ -161,6 +187,7 @@ SGXInfo *qmp_query_sgx(Error **errp) void hmp_info_sgx(Monitor *mon, const QDict *qdict) { Error *err =3D NULL; + SGXEPCSectionList *section_list, *section; g_autoptr(SGXInfo) info =3D qmp_query_sgx(&err); =20 if (err) { @@ -175,8 +202,14 @@ void hmp_info_sgx(Monitor *mon, const QDict *qdict) info->sgx2 ? "enabled" : "disabled"); monitor_printf(mon, "FLC support: %s\n", info->flc ? "enabled" : "disabled"); - monitor_printf(mon, "size: %" PRIu64 "\n", - info->section_size); + + section_list =3D info->sections; + for (section =3D section_list; section; section =3D section->next) { + monitor_printf(mon, "NUMA node #%" PRId64 ": ", + section->value->node); + monitor_printf(mon, "size=3D%" PRIu64 "\n", + section->value->size); + } } =20 bool sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size) From nobody Sun May 5 06:47:24 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1634898846639165.5463363938611; Fri, 22 Oct 2021 03:34:06 -0700 (PDT) Received: from localhost ([::1]:40822 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mdrsD-0003r8-I9 for importer@patchew.org; Fri, 22 Oct 2021 06:34:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51740) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mdrqK-00016E-PP for qemu-devel@nongnu.org; Fri, 22 Oct 2021 06:32:08 -0400 Received: from mga06.intel.com ([134.134.136.31]:5672) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mdrqI-0000Bk-He for qemu-devel@nongnu.org; Fri, 22 Oct 2021 06:32:08 -0400 Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Oct 2021 03:32:05 -0700 Received: from icx.bj.intel.com ([10.240.192.117]) by orsmga004.jf.intel.com with ESMTP; 22 Oct 2021 03:32:03 -0700 X-IronPort-AV: E=McAfee;i="6200,9189,10144"; a="290113952" X-IronPort-AV: E=Sophos;i="5.87,172,1631602800"; d="scan'208";a="290113952" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.87,172,1631602800"; d="scan'208";a="595506421" From: Yang Zhong To: qemu-devel@nongnu.org Subject: [PATCH v2 4/5] doc: Add the SGX numa description Date: Fri, 22 Oct 2021 15:27:53 -0400 Message-Id: <20211022192754.58196-5-yang.zhong@intel.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20211022192754.58196-1-yang.zhong@intel.com> References: <20211022192754.58196-1-yang.zhong@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=134.134.136.31; envelope-from=yang.zhong@intel.com; helo=mga06.intel.com X-Spam_score_int: -6 X-Spam_score: -0.7 X-Spam_bar: / X-Spam_report: (-0.7 / 5.0 requ) BAYES_00=-1.9, DATE_IN_FUTURE_06_12=1.947, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: yang.zhong@intel.com, pbonzini@redhat.com, jarkko@kernel.org, eblake@redhat.com, philmd@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZM-MESSAGEID: 1634898847216100001 Content-Type: text/plain; charset="utf-8" Add the SGX numa reference command and how to check if SGX numa is support or not with multiple EPC sections. Signed-off-by: Yang Zhong --- docs/system/i386/sgx.rst | 31 +++++++++++++++++++++++++++---- 1 file changed, 27 insertions(+), 4 deletions(-) diff --git a/docs/system/i386/sgx.rst b/docs/system/i386/sgx.rst index f103ae2a2f..9e4ada761f 100644 --- a/docs/system/i386/sgx.rst +++ b/docs/system/i386/sgx.rst @@ -141,8 +141,7 @@ To launch a SGX guest: |qemu_system_x86| \\ -cpu host,+sgx-provisionkey \\ -object memory-backend-epc,id=3Dmem1,size=3D64M,prealloc=3Don \\ - -object memory-backend-epc,id=3Dmem2,size=3D28M \\ - -M sgx-epc.0.memdev=3Dmem1,sgx-epc.1.memdev=3Dmem2 + -M sgx-epc.0.memdev=3Dmem1,sgx-epc.0.node=3D0 =20 Utilizing SGX in the guest requires a kernel/OS with SGX support. The support can be determined in guest by:: @@ -152,8 +151,32 @@ The support can be determined in guest by:: and SGX epc info by:: =20 $ dmesg | grep sgx - [ 1.242142] sgx: EPC section 0x180000000-0x181bfffff - [ 1.242319] sgx: EPC section 0x181c00000-0x1837fffff + [ 0.182807] sgx: EPC section 0x140000000-0x143ffffff + [ 0.183695] sgx: [Firmware Bug]: Unable to map EPC section to online = node. Fallback to the NUMA node 0. + +To launch a SGX numa guest: + +.. parsed-literal:: + + |qemu_system_x86| \\ + -cpu host,+sgx-provisionkey \\ + -object memory-backend-ram,size=3D2G,host-nodes=3D0,policy=3Dbind,id=3D= node0 \\ + -object memory-backend-epc,id=3Dmem0,size=3D64M,prealloc=3Don,host-node= s=3D0,policy=3Dbind \\ + -numa node,nodeid=3D0,cpus=3D0-1,memdev=3Dnode0 \\ + -object memory-backend-ram,size=3D2G,host-nodes=3D1,policy=3Dbind,id=3D= node1 \\ + -object memory-backend-epc,id=3Dmem1,size=3D28M,prealloc=3Don,host-node= s=3D1,policy=3Dbind \\ + -numa node,nodeid=3D1,cpus=3D2-3,memdev=3Dnode1 \\ + -M sgx-epc.0.memdev=3Dmem0,sgx-epc.0.node=3D0,sgx-epc.1.memdev=3Dmem1,s= gx-epc.1.node=3D1 + +and SGX epc numa info by:: + + $ dmesg | grep sgx + [ 0.369937] sgx: EPC section 0x180000000-0x183ffffff + [ 0.370259] sgx: EPC section 0x184000000-0x185bfffff + + $ dmesg | grep SRAT + [ 0.009981] ACPI: SRAT: Node 0 PXM 0 [mem 0x180000000-0x183ffffff] + [ 0.009982] ACPI: SRAT: Node 1 PXM 1 [mem 0x184000000-0x185bfffff] =20 References ---------- From nobody Sun May 5 06:47:24 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 163489909881210.870606642733378; Fri, 22 Oct 2021 03:38:18 -0700 (PDT) Received: from localhost ([::1]:49222 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mdrwH-0001Bg-KV for importer@patchew.org; Fri, 22 Oct 2021 06:38:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51760) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mdrqN-0001BA-75 for qemu-devel@nongnu.org; Fri, 22 Oct 2021 06:32:11 -0400 Received: from mga06.intel.com ([134.134.136.31]:5671) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mdrqK-00008H-MX for qemu-devel@nongnu.org; Fri, 22 Oct 2021 06:32:10 -0400 Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Oct 2021 03:32:08 -0700 Received: from icx.bj.intel.com ([10.240.192.117]) by orsmga004.jf.intel.com with ESMTP; 22 Oct 2021 03:32:06 -0700 X-IronPort-AV: E=McAfee;i="6200,9189,10144"; a="290113959" X-IronPort-AV: E=Sophos;i="5.87,172,1631602800"; d="scan'208";a="290113959" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.87,172,1631602800"; d="scan'208";a="595506436" From: Yang Zhong To: qemu-devel@nongnu.org Subject: [PATCH v2 5/5] sgx: Reset the vEPC regions during VM reboot Date: Fri, 22 Oct 2021 15:27:54 -0400 Message-Id: <20211022192754.58196-6-yang.zhong@intel.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20211022192754.58196-1-yang.zhong@intel.com> References: <20211022192754.58196-1-yang.zhong@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=134.134.136.31; envelope-from=yang.zhong@intel.com; helo=mga06.intel.com X-Spam_score_int: -6 X-Spam_score: -0.7 X-Spam_bar: / X-Spam_report: (-0.7 / 5.0 requ) BAYES_00=-1.9, DATE_IN_FUTURE_06_12=1.947, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: yang.zhong@intel.com, pbonzini@redhat.com, jarkko@kernel.org, eblake@redhat.com, philmd@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZM-MESSAGEID: 1634899099665100001 Content-Type: text/plain; charset="utf-8" For bare-metal SGX on real hardware, the hardware provides guarantees SGX state at reboot. For instance, all pages start out uninitialized. The vepc driver provides a similar guarantee today for freshly-opened vepc instances, but guests such as Windows expect all pages to be in uninitialized state on startup, including after every guest reboot. Qemu can invoke the ioctl to bring its vEPC pages back to uninitialized state. There is a possibility that some pages fail to be removed if they are SECS pages, and the child and SECS pages could be in separate vEPC regions. Therefore, the ioctl returns the number of EREMOVE failures, telling Qemu to try the ioctl again after it's done with all vEPC regions. The related kernel patches v4 will be merged into kernel release and link: https://lore.kernel.org/all/20211021201155.1523989-1-pbonzini@redhat.com/ Once this kernel patchset is merged, the kernel commit ids will be updated here. Signed-off-by: Yang Zhong --- include/hw/i386/x86.h | 1 + linux-headers/linux/kvm.h | 6 +++++ hw/i386/sgx.c | 53 +++++++++++++++++++++++++++++++++++++++ hw/i386/x86.c | 4 +++ 4 files changed, 64 insertions(+) diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h index 23267a3674..e78ca6c156 100644 --- a/include/hw/i386/x86.h +++ b/include/hw/i386/x86.h @@ -141,5 +141,6 @@ qemu_irq x86_allocate_cpu_irq(void); void gsi_handler(void *opaque, int n, int level); void ioapic_init_gsi(GSIState *gsi_state, const char *parent_name); DeviceState *ioapic_init_secondary(GSIState *gsi_state); +void sgx_epc_reset(void *opaque); =20 #endif diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h index bcaf66cc4d..ee110e660b 100644 --- a/linux-headers/linux/kvm.h +++ b/linux-headers/linux/kvm.h @@ -887,6 +887,12 @@ struct kvm_ppc_resize_hpt { #define KVM_GET_EMULATED_CPUID _IOWR(KVMIO, 0x09, struct kvm_cpuid2) #define KVM_GET_MSR_FEATURE_INDEX_LIST _IOWR(KVMIO, 0x0a, struct kvm_ms= r_list) =20 +/* + * ioctl for /dev/sgx_vepc + */ +#define SGX_MAGIC 0xA4 +#define SGX_IOC_VEPC_REMOVE_ALL _IO(SGX_MAGIC, 0x04) + /* * Extension capability list. */ diff --git a/hw/i386/sgx.c b/hw/i386/sgx.c index b5b710a556..3e21094c30 100644 --- a/hw/i386/sgx.c +++ b/hw/i386/sgx.c @@ -22,6 +22,8 @@ #include "exec/address-spaces.h" #include "sysemu/hw_accel.h" #include "hw/acpi/aml-build.h" +#include "hw/i386/x86.h" +#include =20 #define SGX_MAX_EPC_SECTIONS 8 #define SGX_CPUID_EPC_INVALID 0x0 @@ -70,6 +72,57 @@ void sgx_epc_build_srat(GArray *table_data) g_slist_free(device_list); } =20 +static int sgx_remove_all_pages(PCMachineState *pcms, int num) +{ + HostMemoryBackend *hostmem; + SGXEPCDevice *epc; + int failures =3D 0, failures_1 =3D 0; + unsigned long ret =3D 0; + int fd, j; + + for (j =3D 0; j < num; j++) { + epc =3D pcms->sgx_epc.sections[j]; + hostmem =3D MEMORY_BACKEND(epc->hostmem); + fd =3D memory_region_get_fd(host_memory_backend_get_memory(hostmem= )); + + failures =3D ioctl(fd, SGX_IOC_VEPC_REMOVE_ALL); + if (failures < 0) { + return failures; + } else if (failures > 0) { + /* Remove SECS pages */ + sleep(1); + failures_1 =3D ioctl(fd, SGX_IOC_VEPC_REMOVE_ALL); + } + + /* + * The host or guest can support 8 EPC sections, use the + * corresponding bit to show each section removal status. + */ + if (failures_1) { + set_bit(j, &ret); + } + } + + return ret; +} + +void sgx_epc_reset(void *opaque) +{ + PCMachineState *pcms =3D PC_MACHINE(qdev_get_machine()); + GSList *device_list =3D sgx_epc_get_device_list(); + int len =3D g_slist_length(device_list); + int ret; + + do { + ret =3D sgx_remove_all_pages(pcms, len); + if (ret =3D=3D -ENOTTY) { + break; + } + } while (ret); + + g_slist_free(device_list); +} + static uint64_t sgx_calc_section_metric(uint64_t low, uint64_t high) { return (low & MAKE_64BIT_MASK(12, 20)) + diff --git a/hw/i386/x86.c b/hw/i386/x86.c index 76de7e2265..03d30a487a 100644 --- a/hw/i386/x86.c +++ b/hw/i386/x86.c @@ -39,6 +39,7 @@ #include "sysemu/replay.h" #include "sysemu/sysemu.h" #include "sysemu/cpu-timers.h" +#include "sysemu/reset.h" #include "trace.h" =20 #include "hw/i386/x86.h" @@ -1307,6 +1308,9 @@ static void machine_set_sgx_epc(Object *obj, Visitor = *v, const char *name, visit_type_SgxEPCList(v, name, &x86ms->sgx_epc_list, errp); =20 qapi_free_SgxEPCList(list); + + /* register the reset callback for sgx reset */ + qemu_register_reset(sgx_epc_reset, NULL); } =20 static void x86_machine_initfn(Object *obj)