From nobody Tue Nov 26 18:20:03 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1706153878; cv=none; d=zohomail.com; s=zohoarc; b=ihp8W3/snQzcP5Tv3RL5VxKdeVQRZpeDO9/Xxiu77/5qLQsyNxs4pEDd4SSV5lZZbbaHtPkDQP+d2mxMdYbcE0XxTmYFVCN/7UPDtyp4VUH+/XU9LvEdCJHgHaMkvrDj2v5iBgtx4koyEHCRHv+DJlzCgQ8Omf4sy91CXb3s45U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1706153878; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=IIeWO3Yp/S3bGtSIxseF5r1wg1WO+UvuhwWpFGfQw/Q=; b=ik0uaHfg/Rlodjig3v8Tfk7C9MCOCrNDsvoFWLZjUg8QAFVIXUdzGPpmOAgYnDoEjntR0nADVPEfMAIZ3Hr1nssMBuH5MFG498pLoUf4FR7PW6RWN53saJ6/RgRu0nCAmQNhm+Npv9QgkiUVGIJH7p0zS59392MpDBpoWOnvcNU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1706153878781975.567678762425; Wed, 24 Jan 2024 19:37:58 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rSqQr-00066G-Ak; Wed, 24 Jan 2024 22:29:37 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rSqQq-0005wL-18 for qemu-devel@nongnu.org; Wed, 24 Jan 2024 22:29:36 -0500 Received: from mgamail.intel.com ([192.198.163.10]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rSqQo-0001Dy-25 for qemu-devel@nongnu.org; Wed, 24 Jan 2024 22:29:35 -0500 Received: from orviesa005.jf.intel.com ([10.64.159.145]) by fmvoesa104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Jan 2024 19:26:12 -0800 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by orviesa005.jf.intel.com with ESMTP; 24 Jan 2024 19:26:07 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706153374; x=1737689374; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=E6VAdkr88fG+BmM8jv4sFZ7xt5v111/0ITZGjojxtF4=; b=D/EZ8Q68ZFzUIG77Jw3+0HiosHnq6Qgdl8xHpjh39cKUt77YLfkX3QKT 15h3OETJdooDp+VRAker95W94hRVWligKjAQkRbJ/WiE1WZR0eyaJ+lS1 TMrC/XnFt4P+KQ3hC69ya4/uayTLUA1g4YmcaEx6DNHTAmPQtIVRclLfr +xgmq3rlOFd4+E2/vboM2HH9cseYF8tKDHNUXRe2/4GMPDFdBfvKpLUIW G3QNf1GdnXH4JXNeMZxZOEl9z7nhuGdjF7wH0DPLk7kUijMKAUWCp4rOd 8FPSpPq2EMuP32H1aqQywFBXn60dASbOJLfU7aB4vyjOIoYYY4uy2N/PV Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10962"; a="9428937" X-IronPort-AV: E=Sophos;i="6.05,216,1701158400"; d="scan'208";a="9428937" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,216,1701158400"; d="scan'208";a="2085694" From: Xiaoyao Li To: Paolo Bonzini , David Hildenbrand , Igor Mammedov , "Michael S . Tsirkin" , Marcel Apfelbaum , Richard Henderson , Peter Xu , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Cornelia Huck , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , Eric Blake , Markus Armbruster , Marcelo Tosatti Cc: qemu-devel@nongnu.org, kvm@vger.kernel.org, xiaoyao.li@intel.com, Michael Roth , Sean Christopherson , Claudio Fontana , Gerd Hoffmann , Isaku Yamahata , Chenyi Qiang Subject: [PATCH v4 28/66] i386/tdx: Validate TD attributes Date: Wed, 24 Jan 2024 22:22:50 -0500 Message-Id: <20240125032328.2522472-29-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240125032328.2522472-1-xiaoyao.li@intel.com> References: <20240125032328.2522472-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.10; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -15 X-Spam_score: -1.6 X-Spam_bar: - X-Spam_report: (-1.6 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.999, HK_RANDOM_FROM=1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1706153879411100001 Content-Type: text/plain; charset="utf-8" Validate TD attributes with tdx_caps that fixed-0 bits must be zero and fixed-1 bits must be set. Besides, sanity check the attribute bits that have not been supported by QEMU yet. e.g., debug bit, it will be allowed in the future when debug TD support lands in QEMU. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- Changes in v3: - using error_setg() for error report; (Daniel) --- target/i386/kvm/tdx.c | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 1cb38b5d6221..8c2bf512397e 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -32,6 +32,7 @@ (1U << KVM_FEATURE_PV_SCHED_YIELD) | \ (1U << KVM_FEATURE_MSI_EXT_DEST_ID)) =20 +#define TDX_TD_ATTRIBUTES_DEBUG BIT_ULL(0) #define TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE BIT_ULL(28) #define TDX_TD_ATTRIBUTES_PKS BIT_ULL(30) #define TDX_TD_ATTRIBUTES_PERFMON BIT_ULL(63) @@ -478,13 +479,34 @@ int tdx_kvm_init(MachineState *ms, Error **errp) return 0; } =20 -static void setup_td_guest_attributes(X86CPU *x86cpu) +static int tdx_validate_attributes(TdxGuest *tdx, Error **errp) +{ + if (((tdx->attributes & tdx_caps->attrs_fixed0) | tdx_caps->attrs_fixe= d1) !=3D + tdx->attributes) { + error_setg(errp, "Invalid attributes 0x%lx for TDX VM " + "(fixed0 0x%llx, fixed1 0x%llx)", + tdx->attributes, tdx_caps->attrs_fixed0, + tdx_caps->attrs_fixed1); + return -1; + } + + if (tdx->attributes & TDX_TD_ATTRIBUTES_DEBUG) { + error_setg(errp, "Current QEMU doesn't support attributes.debug[bi= t 0] for TDX VM"); + return -1; + } + + return 0; +} + +static int setup_td_guest_attributes(X86CPU *x86cpu, Error **errp) { CPUX86State *env =3D &x86cpu->env; =20 tdx_guest->attributes |=3D (env->features[FEAT_7_0_ECX] & CPUID_7_0_EC= X_PKS) ? TDX_TD_ATTRIBUTES_PKS : 0; tdx_guest->attributes |=3D x86cpu->enable_pmu ? TDX_TD_ATTRIBUTES_PERF= MON : 0; + + return tdx_validate_attributes(tdx_guest, errp); } =20 int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) @@ -509,7 +531,10 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) return r; } =20 - setup_td_guest_attributes(x86cpu); + r =3D setup_td_guest_attributes(x86cpu, errp); + if (r) { + return r; + } =20 init_vm->cpuid.nent =3D kvm_x86_arch_cpuid(env, init_vm->cpuid.entries= , 0); =20 --=20 2.34.1