From nobody Sat Nov 23 22:32:05 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1730789558; cv=none; d=zohomail.com; s=zohoarc; b=dOwHML8hB3plb/Uype3///FWGvoaR/SEVrk8vWNJJQH5Jt4QUAJWqF/f5G71uMAfchJmeScradyoiFzi/ZTau/6F72UWWIEnMw8GT5PClMTwaAZYEztocXFLLPPF7larS+ERO/f9TaUWZgXFWThhali6THcv6TvQZtz44D7WAKQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1730789558; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=rDp54o6bxQP4OFQ/S75LGdsXaddqxZ0borWQjos4ol4=; b=WK4wT+9a6yaT6DNMtlTlCtWhLoCVZKC6X/oDhz/4nKXjrGALYgaXWfgs4zfArbsp7riCqB2I583vpDTvhzTYo5jabvLqljPNKbebd/Dg+w+4fwWxH1t/awgOjIqeh+Tt4/Bea4367OVlqkxQcejxXbPWiS40t4oi9BGdRFTkSp8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1730789558910400.4528936871974; Mon, 4 Nov 2024 22:52:38 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1t8DC6-00058Z-3x; Tue, 05 Nov 2024 01:37:39 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1t8DBn-0004x8-Ac for qemu-devel@nongnu.org; Tue, 05 Nov 2024 01:37:22 -0500 Received: from mgamail.intel.com ([198.175.65.18]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1t8DBl-0001tE-Ln for qemu-devel@nongnu.org; Tue, 05 Nov 2024 01:37:19 -0500 Received: from fmviesa009.fm.intel.com ([10.60.135.149]) by orvoesa110.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Nov 2024 22:37:17 -0800 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa009.fm.intel.com with ESMTP; 04 Nov 2024 22:37:13 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730788638; x=1762324638; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=/c6iKYuArYsGCvrbLnQoYffE/JqYul3IweXytxDmZNY=; b=RldKdVscHrrfupkBzDTvBRpWCPS1jRd7EBSgnFTv5felInNnHZ6/D+yu ynbh/iyrYy3H8btFiJRmrFFG/2I4H2UqNIrIzDwHWIOGH0bKQ9dKmL/wO 9WCzPffMY73Jws7yp45XB3QfIHEs/yDVTK3Vpp2eC3NUGskM+OTMgeS7Q Gj3Uxk50gN742F8SlAKs0hFjv8Z5RIBXZBrVXxvyie4LrVkQnROJEFE5M ktc2mVhoIR3eiNUmcIjhDVVPlvBDoP0C1+EWBdFI6lvo4Zhlk5ZPclMNR hDDKDzovWRufTmY/iKm5enviUKunsrPMb13zGiZBhZrWkfqGRBEERX1lX Q==; X-CSE-ConnectionGUID: Q6JxRguiQ92QoEHlKAy65A== X-CSE-MsgGUID: 0nmEqxVDQGmRX13O1961QA== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="30689423" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="30689423" X-CSE-ConnectionGUID: L6eSPwevRTCTpTItmtpCDQ== X-CSE-MsgGUID: bP+aULKLSei0fDyQJ6ZDzA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,259,1725346800"; d="scan'208";a="83988794" From: Xiaoyao Li To: Paolo Bonzini , Riku Voipio , Richard Henderson , Zhao Liu , "Michael S. Tsirkin" , Marcel Apfelbaum , Igor Mammedov , Ani Sinha Cc: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Yanan Wang , Cornelia Huck , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , Eric Blake , Markus Armbruster , Marcelo Tosatti , rick.p.edgecombe@intel.com, kvm@vger.kernel.org, qemu-devel@nongnu.org, xiaoyao.li@intel.com Subject: [PATCH v6 13/60] i386/tdx: Validate TD attributes Date: Tue, 5 Nov 2024 01:23:21 -0500 Message-Id: <20241105062408.3533704-14-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241105062408.3533704-1-xiaoyao.li@intel.com> References: <20241105062408.3533704-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=198.175.65.18; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -39 X-Spam_score: -4.0 X-Spam_bar: ---- X-Spam_report: (-4.0 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.34, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.781, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1730789559292116600 Content-Type: text/plain; charset="utf-8" Validate TD attributes with tdx_caps that fixed-0 bits must be zero and fixed-1 bits must be set. Besides, sanity check the attribute bits that have not been supported by QEMU yet. e.g., debug bit, it will be allowed in the future when debug TD support lands in QEMU. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- Changes in v3: - using error_setg() for error report; (Daniel) --- target/i386/kvm/tdx.c | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 6cf81f788fe0..5a9ce2ada89d 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -20,6 +20,7 @@ #include "kvm_i386.h" #include "tdx.h" =20 +#define TDX_TD_ATTRIBUTES_DEBUG BIT_ULL(0) #define TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE BIT_ULL(28) #define TDX_TD_ATTRIBUTES_PKS BIT_ULL(30) #define TDX_TD_ATTRIBUTES_PERFMON BIT_ULL(63) @@ -141,13 +142,33 @@ static int tdx_kvm_type(X86ConfidentialGuest *cg) return KVM_X86_TDX_VM; } =20 -static void setup_td_guest_attributes(X86CPU *x86cpu) +static int tdx_validate_attributes(TdxGuest *tdx, Error **errp) +{ + if ((tdx->attributes & ~tdx_caps->supported_attrs)) { + error_setg(errp, "Invalid attributes 0x%lx for TDX VM " + "(supported: 0x%llx)", + tdx->attributes, tdx_caps->supported_attrs); + return -1; + } + + if (tdx->attributes & TDX_TD_ATTRIBUTES_DEBUG) { + error_setg(errp, "Current QEMU doesn't support attributes.debug[bi= t 0] " + "for TDX VM"); + return -1; + } + + return 0; +} + +static int setup_td_guest_attributes(X86CPU *x86cpu, Error **errp) { CPUX86State *env =3D &x86cpu->env; =20 tdx_guest->attributes |=3D (env->features[FEAT_7_0_ECX] & CPUID_7_0_EC= X_PKS) ? TDX_TD_ATTRIBUTES_PKS : 0; tdx_guest->attributes |=3D x86cpu->enable_pmu ? TDX_TD_ATTRIBUTES_PERF= MON : 0; + + return tdx_validate_attributes(tdx_guest, errp); } =20 static int setup_td_xfam(X86CPU *x86cpu, Error **errp) @@ -211,7 +232,10 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) init_vm =3D g_malloc0(sizeof(struct kvm_tdx_init_vm) + sizeof(struct kvm_cpuid_entry2) * KVM_MAX_CPUID_EN= TRIES); =20 - setup_td_guest_attributes(x86cpu); + r =3D setup_td_guest_attributes(x86cpu, errp); + if (r) { + return r; + } =20 r =3D setup_td_xfam(x86cpu, errp); if (r) { --=20 2.34.1