From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743514982; cv=none; d=zohomail.com; s=zohoarc; b=a2UDE3BKy9IzcDjUSfZn/A+sWtX06uApNSS6LkUdK4n38GBd+7tSXRLgukIXJpAHHFi2agIgqov+J3uCBJ3wJfBYMe52VsB1UVmFbup+dIju0hdsdBnotgJPADkJ33bfCes4LlMyA4t4x0fx1fLSvXav6mMaJG5xnlTiXO94cC8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743514982; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=lydZpyOjlWDcBgbBMAn/0Vbl2El6Dh74TUiB8YFU4BE=; b=fQN7yrg1qTN0TmnIFU2YnUi/b4As6/x0kY7j6mFem9kY78V6vIm3XUG2ge7aNCmjbf03syG4bN5Tov40z548kEDF9BzCpJ3XfLg12Suyt7KXH6/oNsULyj5Q/ujVLG5STia6frzOj4IfOjtGMe/RDB2UZUPyHwgXjKBEIuEurA4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743514982266274.7861062425462; Tue, 1 Apr 2025 06:43:02 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbs7-0005Cc-Dv; Tue, 01 Apr 2025 09:41:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbrl-000581-Pi for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:22 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbri-0006X0-CF for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:21 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:13 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:10 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514878; x=1775050878; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=3SVhGUzFlrkSqrq1xjNiQAaSh1TdBYlRfyw2WOvSTA8=; b=Tx+8gR9S0E1sa0tEjVVaZBV64cFOB1NS3Vioz91ZWiHDjZOjw9zVI/Qf LN46A8PxaPdCNdz8QfG2QkLwu0mW8CWRkfGMNhMfG6LH/as6MvJ75PnAF gn5Mrxg6RiZJu6a59D8lcKJEDcCiNxr+RZQlUcujotu1leiMIOZJDyJ6s xKwtzGXLmwRAgBcItpzQ8atrkDAGhPKGo9WCZB9kqrj7zTODy5838nw2C N4f2omB/8W+lfZ6qSQy8zG59rqU/VPvAoZuNwcJsp/JPP3ViZ1Vg4z7C1 IpQU6ltP8x6NsLjWFlW9Wpf89xqL6eWS5fbMa5eR0Sa0gPtZLekK+Kz5p g==; X-CSE-ConnectionGUID: aREE32WqTICQBdYJ7MvH5w== X-CSE-MsgGUID: B6WcxtasQee05i59PXrn/A== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433127" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433127" X-CSE-ConnectionGUID: uIgM9P7EQ/SdC37+GNnbuw== X-CSE-MsgGUID: 0XgS44L9TX23iSquXCLdWQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639845" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 01/55] *** HACK *** linux-headers: Update headers to pull in TDX API changes Date: Tue, 1 Apr 2025 09:01:11 -0400 Message-Id: <20250401130205.2198253-2-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743514983151019000 Content-Type: text/plain; charset="utf-8" Pull in recent TDX updates, which are not backwards compatible. It's just to make this series runnable. It will be updated by script scripts/update-linux-headers.sh once TDX support is upstreamed in linux kernel Signed-off-by: Xiaoyao Li --- linux-headers/asm-x86/kvm.h | 69 +++++++++++++++++++++++++++++++++++++ linux-headers/linux/kvm.h | 1 + 2 files changed, 70 insertions(+) diff --git a/linux-headers/asm-x86/kvm.h b/linux-headers/asm-x86/kvm.h index 86f2c34e7afa..baca2d479365 100644 --- a/linux-headers/asm-x86/kvm.h +++ b/linux-headers/asm-x86/kvm.h @@ -925,4 +925,73 @@ struct kvm_hyperv_eventfd { #define KVM_X86_SNP_VM 4 #define KVM_X86_TDX_VM 5 =20 +/* Trust Domain eXtension sub-ioctl() commands. */ +enum kvm_tdx_cmd_id { + KVM_TDX_CAPABILITIES =3D 0, + KVM_TDX_INIT_VM, + KVM_TDX_INIT_VCPU, + KVM_TDX_INIT_MEM_REGION, + KVM_TDX_FINALIZE_VM, + KVM_TDX_GET_CPUID, + + KVM_TDX_CMD_NR_MAX, +}; + +struct kvm_tdx_cmd { + /* enum kvm_tdx_cmd_id */ + __u32 id; + /* flags for sub-commend. If sub-command doesn't use this, set zero. */ + __u32 flags; + /* + * data for each sub-command. An immediate or a pointer to the actual + * data in process virtual address. If sub-command doesn't use it, + * set zero. + */ + __u64 data; + /* + * Auxiliary error code. The sub-command may return TDX SEAMCALL + * status code in addition to -Exxx. + * Defined for consistency with struct kvm_sev_cmd. + */ + __u64 hw_error; +}; + +struct kvm_tdx_capabilities { + __u64 supported_attrs; + __u64 supported_xfam; + __u64 reserved[254]; + struct kvm_cpuid2 cpuid; +}; + +struct kvm_tdx_init_vm { + __u64 attributes; + __u64 xfam; + __u64 mrconfigid[6]; /* sha384 digest */ + __u64 mrowner[6]; /* sha384 digest */ + __u64 mrownerconfig[6]; /* sha384 digest */ + + /* The total space for TD_PARAMS before the CPUIDs is 256 bytes */ + __u64 reserved[12]; + + /* + * Call KVM_TDX_INIT_VM before vcpu creation, thus before + * KVM_SET_CPUID2. + * This configuration supersedes KVM_SET_CPUID2s for VCPUs because the + * TDX module directly virtualizes those CPUIDs without VMM. The user + * space VMM, e.g. qemu, should make KVM_SET_CPUID2 consistent with + * those values. If it doesn't, KVM may have wrong idea of vCPUIDs of + * the guest, and KVM may wrongly emulate CPUIDs or MSRs that the TDX + * module doesn't virtualize. + */ + struct kvm_cpuid2 cpuid; +}; + +#define KVM_TDX_MEASURE_MEMORY_REGION _BITULL(0) + +struct kvm_tdx_init_mem_region { + __u64 source_addr; + __u64 gpa; + __u64 nr_pages; +}; + #endif /* _ASM_X86_KVM_H */ diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h index 27181b3dd8fb..bf728042db0c 100644 --- a/linux-headers/linux/kvm.h +++ b/linux-headers/linux/kvm.h @@ -369,6 +369,7 @@ struct kvm_run { #define KVM_SYSTEM_EVENT_WAKEUP 4 #define KVM_SYSTEM_EVENT_SUSPEND 5 #define KVM_SYSTEM_EVENT_SEV_TERM 6 +#define KVM_SYSTEM_EVENT_TDX_FATAL 7 __u32 type; __u32 ndata; union { --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515557; cv=none; d=zohomail.com; s=zohoarc; b=TZNWTI9iGuPY7W8WOhw45f0ZEFMdkRxjAc5Jy4QTMMdbh12sHZ97nXL+cfgLG9eLQY9tvrMCd8qzo7PZDXrMUSAbJK1Ct05Prb0Z+BuU/nxhtyHmIChnqOOzXido30KDwtvEypsCnSYzcmR8ixEXfhrtHT2qdLlXyuRBIFIJyeY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515557; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=wRIbu5/hFSg3WFCR/DwqvySWm8nkKjNLaTIb2Bz5pjY=; b=gHr4z+RmIIMV9iUx/PGl6Kc0FFpM6wPgcgNLUmka/mmFf8B5Rp+1ZUwJ6yzp7+g75ZHOl09Rb3V9ZdmFRVf1Oq6AvvsbBPBlXGeSEmeQy350hKUTGUANiBN/q5t1jbwTfxdF484VP23vb2hgwH8eHAIYOQMW6sa+37xbrIR4uv8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515557195557.8124062812589; Tue, 1 Apr 2025 06:52:37 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsI-0005F0-US; Tue, 01 Apr 2025 09:41:55 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbrl-000583-UF for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:22 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbri-0006XQ-CE for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:21 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:16 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:13 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514878; x=1775050878; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=NqPLdKx9K4/ocnNZ/SwlaOAJCtMDFlFx4Dmo25CwXCg=; b=LN7EA4QhVnYDOP9w/x9OjcjbsCwxIXNvr70Pk3Qql+npJLSvzCkEtvfC RoeqbWfaY2bczUhGEBvu71G6axmpXgpmmX8kmQ6BXOMWkNnn+ox+kr80t RCkBWzwbBoR3eXQVpuUQIvFpkyUTwqEu7yh+bCaSzmqYwQxTIvP1lmAQ1 vuYM6vPCLH2lBP7SC/4iXDz5WSJsVCmcXxMUjzu0p1mJXWzLww8snVktY h38Iz1Ta1QD4GvTHf1A86vTTxEtYSuF4lR92DE+sRSyUHA25hs7BH/rzX LA9VFxgZBn6+cCRxnFt2zyQ91iazfwOyy5fai7Ww44302hY9I+93bhyRX Q==; X-CSE-ConnectionGUID: +HlGZmgOSr+UW46mDo4Prw== X-CSE-MsgGUID: nPom+FzYS+qHILCoaTR+wQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433140" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433140" X-CSE-ConnectionGUID: 2fzgoTaLSqeGIxrwvjJTtg== X-CSE-MsgGUID: PLleRpdaTEqehQ82p2UX0g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639856" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 02/55] i386: Introduce tdx-guest object Date: Tue, 1 Apr 2025 09:01:12 -0400 Message-Id: <20250401130205.2198253-3-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515559518019000 Content-Type: text/plain; charset="utf-8" Introduce tdx-guest object which inherits X86_CONFIDENTIAL_GUEST, and will be used to create TDX VMs (TDs) by qemu -machine ...,confidential-guest-support=3Dtdx0 \ -object tdx-guest,id=3Dtdx0 It has one QAPI member 'attributes' defined, which allows user to set TD's attributes directly. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann Acked-by: Markus Armbruster Reviewed-by: Daniel P. Berrang=C3=A9 --- Changes in v7: - update QAPI version to 10.0; - update to use SPDX tags for license info; - update copyright to 2025; Chanegs in v6: - Make tdx-guest inherits X86_CONFIDENTIAL_GUEST; - set cgs->require_guest_memfd; - allow attributes settable via QAPI; - update QAPI version to since 9.2; Changes in v4: - update the new qapi `since` filed from 8.2 to 9.0 Changes in v1 - make @attributes not user-settable --- configs/devices/i386-softmmu/default.mak | 1 + hw/i386/Kconfig | 5 +++ qapi/qom.json | 15 +++++++++ target/i386/kvm/meson.build | 2 ++ target/i386/kvm/tdx.c | 43 ++++++++++++++++++++++++ target/i386/kvm/tdx.h | 21 ++++++++++++ 6 files changed, 87 insertions(+) create mode 100644 target/i386/kvm/tdx.c create mode 100644 target/i386/kvm/tdx.h diff --git a/configs/devices/i386-softmmu/default.mak b/configs/devices/i38= 6-softmmu/default.mak index 4faf2f0315e2..bc0479a7e0a3 100644 --- a/configs/devices/i386-softmmu/default.mak +++ b/configs/devices/i386-softmmu/default.mak @@ -18,6 +18,7 @@ #CONFIG_QXL=3Dn #CONFIG_SEV=3Dn #CONFIG_SGA=3Dn +#CONFIG_TDX=3Dn #CONFIG_TEST_DEVICES=3Dn #CONFIG_TPM_CRB=3Dn #CONFIG_TPM_TIS_ISA=3Dn diff --git a/hw/i386/Kconfig b/hw/i386/Kconfig index d34ce07b215d..cce9521ba934 100644 --- a/hw/i386/Kconfig +++ b/hw/i386/Kconfig @@ -10,6 +10,10 @@ config SGX bool depends on KVM =20 +config TDX + bool + depends on KVM + config PC bool imply APPLESMC @@ -26,6 +30,7 @@ config PC imply QXL imply SEV imply SGX + imply TDX imply TEST_DEVICES imply TPM_CRB imply TPM_TIS_ISA diff --git a/qapi/qom.json b/qapi/qom.json index 28ce24cd8d08..c0b61df964ef 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -1047,6 +1047,19 @@ '*host-data': 'str', '*vcek-disabled': 'bool' } } =20 +## +# @TdxGuestProperties: +# +# Properties for tdx-guest objects. +# +# @attributes: The 'attributes' of a TD guest that is passed to +# KVM_TDX_INIT_VM +# +# Since: 10.1 +## +{ 'struct': 'TdxGuestProperties', + 'data': { '*attributes': 'uint64' } } + ## # @ThreadContextProperties: # @@ -1132,6 +1145,7 @@ 'sev-snp-guest', 'thread-context', 's390-pv-guest', + 'tdx-guest', 'throttle-group', 'tls-creds-anon', 'tls-creds-psk', @@ -1204,6 +1218,7 @@ 'if': 'CONFIG_SECRET_KEYRING' }, 'sev-guest': 'SevGuestProperties', 'sev-snp-guest': 'SevSnpGuestProperties', + 'tdx-guest': 'TdxGuestProperties', 'thread-context': 'ThreadContextProperties', 'throttle-group': 'ThrottleGroupProperties', 'tls-creds-anon': 'TlsCredsAnonProperties', diff --git a/target/i386/kvm/meson.build b/target/i386/kvm/meson.build index 3996cafaf29f..466bccb9cb17 100644 --- a/target/i386/kvm/meson.build +++ b/target/i386/kvm/meson.build @@ -8,6 +8,8 @@ i386_kvm_ss.add(files( =20 i386_kvm_ss.add(when: 'CONFIG_XEN_EMU', if_true: files('xen-emu.c')) =20 +i386_kvm_ss.add(when: 'CONFIG_TDX', if_true: files('tdx.c')) + i386_system_ss.add(when: 'CONFIG_HYPERV', if_true: files('hyperv.c'), if_f= alse: files('hyperv-stub.c')) =20 i386_system_ss.add_all(when: 'CONFIG_KVM', if_true: i386_kvm_ss) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c new file mode 100644 index 000000000000..ec84ae2947bb --- /dev/null +++ b/target/i386/kvm/tdx.c @@ -0,0 +1,43 @@ +/* + * QEMU TDX support + * + * Copyright (c) 2025 Intel Corporation + * + * Author: + * Xiaoyao Li + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "qemu/osdep.h" +#include "qom/object_interfaces.h" + +#include "tdx.h" + +/* tdx guest */ +OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest, + tdx_guest, + TDX_GUEST, + X86_CONFIDENTIAL_GUEST, + { TYPE_USER_CREATABLE }, + { NULL }) + +static void tdx_guest_init(Object *obj) +{ + ConfidentialGuestSupport *cgs =3D CONFIDENTIAL_GUEST_SUPPORT(obj); + TdxGuest *tdx =3D TDX_GUEST(obj); + + cgs->require_guest_memfd =3D true; + tdx->attributes =3D 0; + + object_property_add_uint64_ptr(obj, "attributes", &tdx->attributes, + OBJ_PROP_FLAG_READWRITE); +} + +static void tdx_guest_finalize(Object *obj) +{ +} + +static void tdx_guest_class_init(ObjectClass *oc, void *data) +{ +} diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h new file mode 100644 index 000000000000..f3b725336161 --- /dev/null +++ b/target/i386/kvm/tdx.h @@ -0,0 +1,21 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ + +#ifndef QEMU_I386_TDX_H +#define QEMU_I386_TDX_H + +#include "confidential-guest.h" + +#define TYPE_TDX_GUEST "tdx-guest" +#define TDX_GUEST(obj) OBJECT_CHECK(TdxGuest, (obj), TYPE_TDX_GUEST) + +typedef struct TdxGuestClass { + X86ConfidentialGuestClass parent_class; +} TdxGuestClass; + +typedef struct TdxGuest { + X86ConfidentialGuest parent_obj; + + uint64_t attributes; /* TD attributes */ +} TdxGuest; + +#endif /* QEMU_I386_TDX_H */ --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515039; cv=none; d=zohomail.com; s=zohoarc; b=frExo1lIbznSPgW451RdGmE3EyG7oPhk5ltrjZVNbitzj/DvetiOv4Bu40fD6HVXRd2EetHMFRkaqRjuoekhjthycUI8NjCek/HMclG5qCfJs2Xa80XS9k10DhLI1kScPncDpujKTxrx71i6HBRw5FtAf00W1MASQrZFD2bMUYw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515039; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=IleZqRiWij4n/ldO+kYJsKu+JFwR9YDsZm1BDXOTVLU=; b=XADAIpOstLANugASIqiZ4g+XH9iEbjPlQTzCb0K2hUNiduXAyFb88EDNCy23qYxYFkku6oSGZcaXiD073Ixpf9nEUgmmeCoByQ0goihZaB+z3MXnW0ZCOCb9jkuzi1qGcIPgyZKfDH91aa9B1b04jHAH8s16xtFcHU6KfbPAvNg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515039276405.53479442554647; Tue, 1 Apr 2025 06:43:59 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsH-0005Dq-3Q; Tue, 01 Apr 2025 09:41:53 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbro-00058N-Ia for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:26 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbrl-0006Wn-5G for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:23 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:18 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:16 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514881; x=1775050881; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=BZUvfQp9mnJI50UJFjmIm2ZYfyW4FPAxqgosh1xyGt4=; b=Pacc2zY8mL577lkqmFmfroJ+iEx4GouBG3uMT9cjhdW5L/MjniwZPzR/ EztFRlgc8U4d88oDXVWI7mbGfhklV285C9w0+hrP/xW8GNtwe+OU4iMeb 7qb3DKYvf1OZK4o1hTPG6JYTRaNyF7cSKEDYkbi7Q3j51KUL6eO1zSrfE T5EBTlSJIDuGzrpUPwR+JT02wIVtGdVj+7zC/zdxUKna2DkLSrKPITZyv 9nHXil6YnuZTWsgQA7FVCgDju66LxwdqUDKTpRBR8nlLqnB5LmcT1/oAB Xgw6y7WvmGzoGyzjte8vmY6Z07+0L+qLz4pg0ZHc7FOn8Lja+85OUweMT g==; X-CSE-ConnectionGUID: x55ozo+pTvGDKjSj6XqG8g== X-CSE-MsgGUID: SfTS2qV7Rl+ZK9LsnAsJbg== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433150" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433150" X-CSE-ConnectionGUID: e4qxD9c2TTq+94kJhYaflw== X-CSE-MsgGUID: 7aba2GflQK62g0VD8JVVoA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639866" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 03/55] i386/tdx: Implement tdx_kvm_type() for TDX Date: Tue, 1 Apr 2025 09:01:13 -0400 Message-Id: <20250401130205.2198253-4-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515040985019100 Content-Type: text/plain; charset="utf-8" TDX VM requires VM type to be KVM_X86_TDX_VM. Implement tdx_kvm_type() as X86ConfidentialGuestClass->kvm_type. Signed-off-by: Xiaoyao Li Reviewed-by: Daniel P. Berrang=C3=A9 --- Changes in v6: - new added patch; --- target/i386/kvm/kvm.c | 1 + target/i386/kvm/tdx.c | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 6c749d4ee812..4f1cfb529c19 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -191,6 +191,7 @@ static const char *vm_type_name[] =3D { [KVM_X86_SEV_VM] =3D "SEV", [KVM_X86_SEV_ES_VM] =3D "SEV-ES", [KVM_X86_SNP_VM] =3D "SEV-SNP", + [KVM_X86_TDX_VM] =3D "TDX", }; =20 bool kvm_is_vm_type_supported(int type) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index ec84ae2947bb..d785c1f6d173 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -12,8 +12,17 @@ #include "qemu/osdep.h" #include "qom/object_interfaces.h" =20 +#include "kvm_i386.h" #include "tdx.h" =20 +static int tdx_kvm_type(X86ConfidentialGuest *cg) +{ + /* Do the object check */ + TDX_GUEST(cg); + + return KVM_X86_TDX_VM; +} + /* tdx guest */ OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest, tdx_guest, @@ -40,4 +49,7 @@ static void tdx_guest_finalize(Object *obj) =20 static void tdx_guest_class_init(ObjectClass *oc, void *data) { + X86ConfidentialGuestClass *x86_klass =3D X86_CONFIDENTIAL_GUEST_CLASS(= oc); + + x86_klass->kvm_type =3D tdx_kvm_type; } --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515678; cv=none; d=zohomail.com; s=zohoarc; b=jiSuJJqepQQC2Vqq5kqdlKxTIon++9MhZYxdcYxq6+uo81F6Lhc8xMbnZljWPn5vIABOsdO+szo43yBeWJiQcmJR1P8x1gIA5lgzUnQXLrKd1gBe7MXHZVKEJpqUX3xJTlPtR9m5zh6nqMvE/ZlOrQAkMfOWzNKJM0OhScZTC6M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515678; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=0GHpUpnr2YZIDD4H5qtxU5LdBX/mWI3fmOQU4Yr2P28=; b=beIUMc97kX8GgM4/e6OBeoap1SAR+1/wugif3qVOWV5vPlugTm+kyAOtn99z4QiTeQ5HDfLbEWMRrD+aAadJIc9PI+v8Za59wq3gAyi29s1VNlXOiOpH8DUD/yByM81McqDhlH+tDiWDJLWHeYoCyTdOFxHDEnJ8kVOCL4d9xdQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515678858787.5745955198569; Tue, 1 Apr 2025 06:54:38 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsK-0005Gq-LS; Tue, 01 Apr 2025 09:41:56 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbro-00058O-Ia for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:26 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbrm-0006X0-7e for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:23 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:20 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:18 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514882; x=1775050882; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=i9LA0fuEWyXT3xhCEP6n86n3NtpzUzrXs/78mYcqsME=; b=NLsqHaW0UWby1UHb3qiTdIBWf6u8n1Ktwu2J1PVk2aJJy1O23ygJXmx4 x4BR6LzS9Kr1BNXMay4LgOQR9wZfzxfkYy50ZXU+6Jt39TlQE4hKw98Th e4+zpN9dDKnL+TBsf6Jx5h5OoqcH1FdguMUYIm1DsElOIH5AtO3hM4AdU Sqv8gOA8F7YrOFs0OoU22KR8elg9kB5dv1ygoIXJPAuXjwfg6b7eogAoC ZA0UEyyZZosRDPyrZTK2+clNBuoFAQ4NdYD7pMtzjuAHh9g+BD12zZjQB A3M9TMdTHrXpWdgB82m+gSmUOsYaI3mR537IsUxaazkUbwYi586a7Pshm A==; X-CSE-ConnectionGUID: OmsCjFgVS3SJfMZXgu0+2Q== X-CSE-MsgGUID: Z+9eNUkrS/et3AqyGQplTw== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433158" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433158" X-CSE-ConnectionGUID: vn0hOqBhTDSfHtohqswcNw== X-CSE-MsgGUID: b5K6H5e4T/OM8zToeGW7iQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639879" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 04/55] i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context Date: Tue, 1 Apr 2025 09:01:14 -0400 Message-Id: <20250401130205.2198253-5-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515679854019000 Content-Type: text/plain; charset="utf-8" Implement TDX specific ConfidentialGuestSupportClass::kvm_init() callback, tdx_kvm_init(). Mark guest state is proctected for TDX VM. More TDX specific initialization will be added later. Signed-off-by: Xiaoyao Li Reviewed-by: Daniel P. Berrang=C3=A9 --- Changes in v6: - remove Acked-by from Gerd since the patch changed due to use ConfidentialGuestSupportClass::kvm_init(); --- target/i386/kvm/kvm.c | 11 +---------- target/i386/kvm/tdx.c | 10 ++++++++++ 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 4f1cfb529c19..1af4710556ad 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -3206,16 +3206,7 @@ int kvm_arch_init(MachineState *ms, KVMState *s) Error *local_err =3D NULL; =20 /* - * Initialize SEV context, if required - * - * If no memory encryption is requested (ms->cgs =3D=3D NULL) this is - * a no-op. - * - * It's also a no-op if a non-SEV confidential guest support - * mechanism is selected. SEV is the only mechanism available to - * select on x86 at present, so this doesn't arise, but if new - * mechanisms are supported in future (e.g. TDX), they'll need - * their own initialization either here or elsewhere. + * Initialize confidential guest (SEV/TDX) context, if required */ if (ms->cgs) { ret =3D confidential_guest_kvm_init(ms->cgs, &local_err); diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index d785c1f6d173..4ff94860815d 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -12,9 +12,17 @@ #include "qemu/osdep.h" #include "qom/object_interfaces.h" =20 +#include "hw/i386/x86.h" #include "kvm_i386.h" #include "tdx.h" =20 +static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) +{ + kvm_mark_guest_state_protected(); + + return 0; +} + static int tdx_kvm_type(X86ConfidentialGuest *cg) { /* Do the object check */ @@ -49,7 +57,9 @@ static void tdx_guest_finalize(Object *obj) =20 static void tdx_guest_class_init(ObjectClass *oc, void *data) { + ConfidentialGuestSupportClass *klass =3D CONFIDENTIAL_GUEST_SUPPORT_CL= ASS(oc); X86ConfidentialGuestClass *x86_klass =3D X86_CONFIDENTIAL_GUEST_CLASS(= oc); =20 + klass->kvm_init =3D tdx_kvm_init; x86_klass->kvm_type =3D tdx_kvm_type; } --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515950; cv=none; d=zohomail.com; s=zohoarc; b=A8/Q/SXCswEFxUEI2cmjipKFMhXfReq2mGchbsmWPu3eAX9Eb78X5SFCZAhXXEsnKMbKVMBVACIMra7DjMpcVCA0LGmCTnF2eiINjE2AqYRG15Wjr15wXUWjGf+VsG4SuAbEtqwEu3dbC5OQ4cT86oueg5/omRvws35xuSWqUlE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515950; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=PQBcsaFLBiyjes1lmEHzEHomw6uYXbQlKA+6sz/luTo=; b=LsRgYryOreq0GpG1Ld1hwbdIIzfrdCd8JTk5sd/sRHKaKO879CgrL0ZETaXVmcdEHvwxAaGpLFBp0Hn3iSkdB+X7J6IgNUpnkWlnsKG2jQ2ITvPMcu+hI0yEtQpIrsF6BIoXgFDPhu8Ayi5hHv8cYrBc4D8I5M3n6ir7LADPLxI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515950848233.03288631934947; Tue, 1 Apr 2025 06:59:10 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsK-0005Ha-W4; Tue, 01 Apr 2025 09:41:57 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbrq-00058m-Lf for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:29 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbro-0006XQ-Cp for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:26 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:23 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:20 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514884; x=1775050884; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=XUiftzUtlQMTdDmjWMTwEEomycv0lCjcWSJuGTioF4o=; b=g1jtbP6qZrmrWexGqpTeaHFezXK5x/5RFVJZiAxS8roBBXGk+72tINj4 H/8GIY6RtYJB1MfvFtnneq/E44GbWHCBsWfYLvxguQqCqBcy2pudYE8Ih AIvSN3ponTeLePEaa+7nEpOoW8z6OJJ4eCex4JuBOPCKZE3ehfYRs3gI0 pSSYvSG+/AZFAwxqx5Vqc2BS/cfxt8X+XxC6IT2tY68E96JrUnUz48Ahl ltBfqahw8TBD9XNPKxmdQXCV6BfiGu4T3dMe7m22UZ1IA0Lei2wOef5hK 7LBoHZ+RW+6a135nCWtWiSOiLc2fdUQl4RatZ97ypBikIuKyjlasodXts w==; X-CSE-ConnectionGUID: BBl+XR5JRzGu159rTcGnSg== X-CSE-MsgGUID: i4RZmTFYSs+b0EoKwdrSww== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433166" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433166" X-CSE-ConnectionGUID: 0Wh1Nvg6QrusFaxcBljflA== X-CSE-MsgGUID: SfeoBoO6SHWIKxUENByGpA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639886" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 05/55] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES Date: Tue, 1 Apr 2025 09:01:15 -0400 Message-Id: <20250401130205.2198253-6-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515953005019100 Content-Type: text/plain; charset="utf-8" KVM provides TDX capabilities via sub command KVM_TDX_CAPABILITIES of IOCTL(KVM_MEMORY_ENCRYPT_OP). Get the capabilities when initializing TDX context. It will be used to validate user's setting later. Since there is no interface reporting how many cpuid configs contains in KVM_TDX_CAPABILITIES, QEMU chooses to try starting with a known number and abort when it exceeds KVM_MAX_CPUID_ENTRIES. Besides, introduce the interfaces to invoke TDX "ioctls" at VCPU scope in preparation. Signed-off-by: Xiaoyao Li --- Changes in v7: - refine and unifiy the error handling; (Daniel) Changes in v6: - Pass CPUState * to tdx_vcpu_ioctl(); - update commit message to remove platform scope thing; - dump hw_error when it's non-zero to help debug; Changes in v4: - use {} to initialize struct kvm_tdx_cmd, to avoid memset(); - remove tdx_platform_ioctl() because no user; Changes in v3: - rename __tdx_ioctl() to tdx_ioctl_internal() - Pass errp in get_tdx_capabilities(); changes in v2: - Make the error message more clear; changes in v1: - start from nr_cpuid_configs =3D 6 for the loop; - stop the loop when nr_cpuid_configs exceeds KVM_MAX_CPUID_ENTRIES; --- target/i386/kvm/kvm.c | 2 - target/i386/kvm/kvm_i386.h | 2 + target/i386/kvm/tdx.c | 107 ++++++++++++++++++++++++++++++++++++- 3 files changed, 108 insertions(+), 3 deletions(-) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 1af4710556ad..b4fa35405fe1 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -1779,8 +1779,6 @@ static int hyperv_init_vcpu(X86CPU *cpu) =20 static Error *invtsc_mig_blocker; =20 -#define KVM_MAX_CPUID_ENTRIES 100 - static void kvm_init_xsave(CPUX86State *env) { if (has_xsave2) { diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h index 88565e8dbac1..ed1e61fb8ba9 100644 --- a/target/i386/kvm/kvm_i386.h +++ b/target/i386/kvm/kvm_i386.h @@ -13,6 +13,8 @@ =20 #include "system/kvm.h" =20 +#define KVM_MAX_CPUID_ENTRIES 100 + /* always false if !CONFIG_KVM */ #define kvm_pit_in_kernel() \ (kvm_irqchip_in_kernel() && !kvm_irqchip_is_split()) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 4ff94860815d..c67be5e618e2 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -10,17 +10,122 @@ */ =20 #include "qemu/osdep.h" +#include "qemu/error-report.h" +#include "qapi/error.h" #include "qom/object_interfaces.h" =20 #include "hw/i386/x86.h" #include "kvm_i386.h" #include "tdx.h" =20 +static struct kvm_tdx_capabilities *tdx_caps; + +enum tdx_ioctl_level { + TDX_VM_IOCTL, + TDX_VCPU_IOCTL, +}; + +static int tdx_ioctl_internal(enum tdx_ioctl_level level, void *state, + int cmd_id, __u32 flags, void *data, + Error **errp) +{ + struct kvm_tdx_cmd tdx_cmd =3D {}; + int r; + + const char *tdx_ioctl_name[] =3D { + [KVM_TDX_CAPABILITIES] =3D "KVM_TDX_CAPABILITIES", + [KVM_TDX_INIT_VM] =3D "KVM_TDX_INIT_VM", + [KVM_TDX_INIT_VCPU] =3D "KVM_TDX_INIT_VCPU", + [KVM_TDX_INIT_MEM_REGION] =3D "KVM_TDX_INIT_MEM_REGION", + [KVM_TDX_FINALIZE_VM] =3D "KVM_TDX_FINALIZE_VM", + [KVM_TDX_GET_CPUID] =3D "KVM_TDX_GET_CPUID", + }; + + tdx_cmd.id =3D cmd_id; + tdx_cmd.flags =3D flags; + tdx_cmd.data =3D (__u64)(unsigned long)data; + + switch (level) { + case TDX_VM_IOCTL: + r =3D kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd); + break; + case TDX_VCPU_IOCTL: + r =3D kvm_vcpu_ioctl(state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd); + break; + default: + error_setg(errp, "Invalid tdx_ioctl_level %d", level); + return -EINVAL; + } + + if (r < 0) { + error_setg_errno(errp, -r, "TDX ioctl %s failed, hw_errors: 0x%llx= ", + tdx_ioctl_name[cmd_id], tdx_cmd.hw_error); + } + return r; +} + +static inline int tdx_vm_ioctl(int cmd_id, __u32 flags, void *data, + Error **errp) +{ + return tdx_ioctl_internal(TDX_VM_IOCTL, NULL, cmd_id, flags, data, err= p); +} + +static inline int tdx_vcpu_ioctl(CPUState *cpu, int cmd_id, __u32 flags, + void *data, Error **errp) +{ + return tdx_ioctl_internal(TDX_VCPU_IOCTL, cpu, cmd_id, flags, data, e= rrp); +} + +static int get_tdx_capabilities(Error **errp) +{ + struct kvm_tdx_capabilities *caps; + /* 1st generation of TDX reports 6 cpuid configs */ + int nr_cpuid_configs =3D 6; + size_t size; + int r; + + do { + Error *local_err =3D NULL; + size =3D sizeof(struct kvm_tdx_capabilities) + + nr_cpuid_configs * sizeof(struct kvm_cpuid_entry2); + caps =3D g_malloc0(size); + caps->cpuid.nent =3D nr_cpuid_configs; + + r =3D tdx_vm_ioctl(KVM_TDX_CAPABILITIES, 0, caps, &local_err); + if (r =3D=3D -E2BIG) { + g_free(caps); + nr_cpuid_configs *=3D 2; + if (nr_cpuid_configs > KVM_MAX_CPUID_ENTRIES) { + error_report("KVM TDX seems broken that number of CPUID en= tries" + " in kvm_tdx_capabilities exceeds limit: %d", + KVM_MAX_CPUID_ENTRIES); + error_propagate(errp, local_err); + return r; + } + error_free(local_err); + } else if (r < 0) { + g_free(caps); + error_propagate(errp, local_err); + return r; + } + } while (r =3D=3D -E2BIG); + + tdx_caps =3D caps; + + return 0; +} + static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) { + int r =3D 0; + kvm_mark_guest_state_protected(); =20 - return 0; + if (!tdx_caps) { + r =3D get_tdx_capabilities(errp); + } + + return r; } =20 static int tdx_kvm_type(X86ConfidentialGuest *cg) --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515938; cv=none; d=zohomail.com; s=zohoarc; b=iNetFJngO2rPBkh+u8wSqM6SOeSmlv8EEq4+sdxi7XGBSKKx39eMOFPJ+nuQYwU/xF6L0dug1PCdhRIY1sKIiXOIhnmnaQuHfid1xPtEfDhWWQJgUINT5oJXyu34WqpZwq+k0oGNTuMsaVOlp2J7cQeZ1lQizveNoY5KUMdho7g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515938; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=nPP71AY+vWQ4ystJMawbphInpBNTml5icGOEut5+f6Y=; b=ggNv0OpANgRc2c2fP5/LwA8vcSIPw5DRULYpYFTqD4BVw4+KXVe/SUtNwxR81pntUQYMihMkULd+Qf8SKXKALmcbyuGZgF7vx8ks7H3/xSyD+KA4QMi3KyOVBQy39B2w4W3skCxLHhfW6Lu6NRYc4XbSpels61mg9jicInI6g4w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515938301699.1920274549389; Tue, 1 Apr 2025 06:58:58 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsL-0005Ht-G0; Tue, 01 Apr 2025 09:41:57 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbrs-000595-PU for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:29 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbrr-0006Yg-4Z for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:28 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:25 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:23 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514887; x=1775050887; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=GCKkTbMWJ/L51uaR1qNqwPtA9GBaTmcFf+PDNy5n8SU=; b=H0/nxeJpyrmLSw4WEwSrXBk+0uqCrIHNV8igziG9aNtrIIYtfTR+dznv jwwJfK27V4luUy9lDkHhiXtF+ucTJaNe7Z5aTeSJtbuSMlfw6BE2UrEl4 6voaJJpnTIjWks1BOiEyodAMCfUlYOY59aogrO1bbvrQhtOki4sIFjfVB Uu75FcKRgCdrlTUcAG/1mIcFnPcWeZJZv3E1HmB9NFSkwokJovmzd6uIC HNbwVtfkXLhknVcP8SXRYl8TOalNzyH3wcEEv0MfPNXjsx1i16Bp8ybl0 RZJY/RTlzJPpz0aMhaHKvCVPWKNLpoy3cv2EkJcPsjZzA3BTVMpF0wfR8 w==; X-CSE-ConnectionGUID: bSMp07QHR6GOiX8PmSNrmw== X-CSE-MsgGUID: byd00LmVTqqip/xRBHyXDw== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433174" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433174" X-CSE-ConnectionGUID: rDAC95d2Rv+O6hrMPECjtw== X-CSE-MsgGUID: bUCjn05VQ0qC/+alpOKizA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639908" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 06/55] i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object Date: Tue, 1 Apr 2025 09:01:16 -0400 Message-Id: <20250401130205.2198253-7-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515940187019000 Content-Type: text/plain; charset="utf-8" It will need special handling for TDX VMs all around the QEMU. Introduce is_tdx_vm() helper to query if it's a TDX VM. Cache tdx_guest object thus no need to cast from ms->cgs every time. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann Reviewed-by: Isaku Yamahata --- changes in v3: - replace object_dynamic_cast with TDX_GUEST(); --- target/i386/kvm/tdx.c | 15 ++++++++++++++- target/i386/kvm/tdx.h | 10 ++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index c67be5e618e2..16f67e18ae78 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -18,8 +18,16 @@ #include "kvm_i386.h" #include "tdx.h" =20 +static TdxGuest *tdx_guest; + static struct kvm_tdx_capabilities *tdx_caps; =20 +/* Valid after kvm_arch_init()->confidential_guest_kvm_init()->tdx_kvm_ini= t() */ +bool is_tdx_vm(void) +{ + return !!tdx_guest; +} + enum tdx_ioctl_level { TDX_VM_IOCTL, TDX_VCPU_IOCTL, @@ -117,15 +125,20 @@ static int get_tdx_capabilities(Error **errp) =20 static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) { + TdxGuest *tdx =3D TDX_GUEST(cgs); int r =3D 0; =20 kvm_mark_guest_state_protected(); =20 if (!tdx_caps) { r =3D get_tdx_capabilities(errp); + if (r) { + return r; + } } =20 - return r; + tdx_guest =3D tdx; + return 0; } =20 static int tdx_kvm_type(X86ConfidentialGuest *cg) diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index f3b725336161..de8ae9196163 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -3,6 +3,10 @@ #ifndef QEMU_I386_TDX_H #define QEMU_I386_TDX_H =20 +#ifndef CONFIG_USER_ONLY +#include CONFIG_DEVICES /* CONFIG_TDX */ +#endif + #include "confidential-guest.h" =20 #define TYPE_TDX_GUEST "tdx-guest" @@ -18,4 +22,10 @@ typedef struct TdxGuest { uint64_t attributes; /* TD attributes */ } TdxGuest; =20 +#ifdef CONFIG_TDX +bool is_tdx_vm(void); +#else +#define is_tdx_vm() 0 +#endif /* CONFIG_TDX */ + #endif /* QEMU_I386_TDX_H */ --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515123; cv=none; d=zohomail.com; s=zohoarc; b=eb7mkf31KdveOIHd4LfuHsiEE5zzfhZwTfypKnK+fey3P1wtQvQcxI4iPcQc5NtBz4DuAU/5SrGm6adQ8ZmtYHR9JibMzqWAKOnrMhraSSW5YVc/Om2zs5qV3aENwZoq+JalVfCa0MSPFdohlOpsQatdd0uqUKZ+Ha5SKlxxQeI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515123; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=nWbLF1Kwgl+LyPNQi1GVJRmD7g2LxN5Ni4nLprjcOCs=; b=GuVodeAADXzCseGeBJbZOh7OsooxQfjTPNyGmSlZrr+6DwSSwIAhJh9Qy95NgKMUMlC4StGxdqq03AJAqEDMlhA6mtQYFiygMzXc/uJ+Xfg0qTZRgoFcL8tHBSmajwr4/xK89QSArUM2hNOE8wr/O0dwuI5M/qBqC9c+YLGFSmc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515123977908.1097838380855; Tue, 1 Apr 2025 06:45:23 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsO-0005Ju-Ka; Tue, 01 Apr 2025 09:42:00 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsB-0005Dt-Fh for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:51 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbrt-0006XQ-77 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:30 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:28 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:25 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514889; x=1775050889; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=KiV+cWPr+Rwl5eZVdUQlQ5BkSiOOBFLbtRW8w06bOqA=; b=S5Mb/tNIQen8z2mcztrdk/IcF5GMHMbKeXO/mPu0a9XFTKv69m9Lorii CEv5gCLgQu1mxUEp5LXOvvX2gtyjxqK5dLqmJT6wFIGJWUZ0gAfNhg7+S H92kSvIW8EKVXuOWgOP/30bv4sLnb/dZEwD5P8TCcSfJzvfZeT9buf+/H ZWUHgWmmmkpvGrtAG8qb+8lUTwS/8hN1LFDP0zLLEneU/yg1jIW0Kokcl bzJfKCTS4/Cw+c4dHbrZXncfPiLy2pzReORxIUQ30nTZntDpostGhG535 8zLlfCK2vsnnAbp47HD6etHfzZV3KKpjkpJXlT1Wu2AUvEoOvaOScYPct Q==; X-CSE-ConnectionGUID: hdU5/I1oRpmRMu0cZtvZjA== X-CSE-MsgGUID: XkF7XnIeTZOAVPhhNw2rzQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433181" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433181" X-CSE-ConnectionGUID: AbtUp1fcQ4W44D+htmLvow== X-CSE-MsgGUID: I1Iyd6GrThCknAxOiPbjXA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639920" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 07/55] kvm: Introduce kvm_arch_pre_create_vcpu() Date: Tue, 1 Apr 2025 09:01:17 -0400 Message-Id: <20250401130205.2198253-8-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515125448019000 Content-Type: text/plain; charset="utf-8" Introduce kvm_arch_pre_create_vcpu(), to perform arch-dependent work prior to create any vcpu. This is for i386 TDX because it needs call TDX_INIT_VM before creating any vcpu. The specific implemnet of i386 will be added in the future patch. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann Reviewed-by: Daniel P. Berrang=C3=A9 --- Changes in v7: - Implement stub for all the ARCHes instead of defining it with weak attribute; (Philippe) Changes in v3: - pass @errp to kvm_arch_pre_create_vcpu(); (Per Daniel) --- accel/kvm/kvm-all.c | 5 +++++ include/system/kvm.h | 1 + target/arm/kvm.c | 5 +++++ target/i386/kvm/kvm.c | 5 +++++ target/loongarch/kvm/kvm.c | 4 ++++ target/mips/kvm.c | 5 +++++ target/ppc/kvm.c | 5 +++++ target/riscv/kvm/kvm-cpu.c | 5 +++++ target/s390x/kvm/kvm.c | 5 +++++ 9 files changed, 40 insertions(+) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index f89568bfa397..df9840e53a35 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -540,6 +540,11 @@ int kvm_init_vcpu(CPUState *cpu, Error **errp) =20 trace_kvm_init_vcpu(cpu->cpu_index, kvm_arch_vcpu_id(cpu)); =20 + ret =3D kvm_arch_pre_create_vcpu(cpu, errp); + if (ret < 0) { + goto err; + } + ret =3D kvm_create_vcpu(cpu); if (ret < 0) { error_setg_errno(errp, -ret, diff --git a/include/system/kvm.h b/include/system/kvm.h index ab17c09a551f..d7dfa25493a2 100644 --- a/include/system/kvm.h +++ b/include/system/kvm.h @@ -374,6 +374,7 @@ int kvm_arch_get_default_type(MachineState *ms); =20 int kvm_arch_init(MachineState *ms, KVMState *s); =20 +int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp); int kvm_arch_init_vcpu(CPUState *cpu); int kvm_arch_destroy_vcpu(CPUState *cpu); =20 diff --git a/target/arm/kvm.c b/target/arm/kvm.c index da30bdbb2349..93f1a7245b3f 100644 --- a/target/arm/kvm.c +++ b/target/arm/kvm.c @@ -1874,6 +1874,11 @@ static int kvm_arm_sve_set_vls(ARMCPU *cpu) =20 #define ARM_CPU_ID_MPIDR 3, 0, 0, 0, 5 =20 +int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp) +{ + return 0; +} + int kvm_arch_init_vcpu(CPUState *cs) { int ret; diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index b4fa35405fe1..1a4dd19e24ab 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -2050,6 +2050,11 @@ full: abort(); } =20 +int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp) +{ + return 0; +} + int kvm_arch_init_vcpu(CPUState *cs) { struct { diff --git a/target/loongarch/kvm/kvm.c b/target/loongarch/kvm/kvm.c index 7f63e7c8fe51..5e82dacc677b 100644 --- a/target/loongarch/kvm/kvm.c +++ b/target/loongarch/kvm/kvm.c @@ -1071,7 +1071,11 @@ static int kvm_cpu_check_pv_features(CPUState *cs, E= rror **errp) env->pv_features |=3D BIT(KVM_FEATURE_VIRT_EXTIOI); } } + return 0; +} =20 +int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp) +{ return 0; } =20 diff --git a/target/mips/kvm.c b/target/mips/kvm.c index d67b7c1a8ecb..ec53acb51a1f 100644 --- a/target/mips/kvm.c +++ b/target/mips/kvm.c @@ -61,6 +61,11 @@ int kvm_arch_irqchip_create(KVMState *s) return 0; } =20 +int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp) +{ + return 0; +} + int kvm_arch_init_vcpu(CPUState *cs) { CPUMIPSState *env =3D cpu_env(cs); diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c index 992356cb7593..20fabccecd54 100644 --- a/target/ppc/kvm.c +++ b/target/ppc/kvm.c @@ -479,6 +479,11 @@ static void kvmppc_hw_debug_points_init(CPUPPCState *c= env) } } =20 +int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp) +{ + return 0; +} + int kvm_arch_init_vcpu(CPUState *cs) { PowerPCCPU *cpu =3D POWERPC_CPU(cs); diff --git a/target/riscv/kvm/kvm-cpu.c b/target/riscv/kvm/kvm-cpu.c index 4ffeeaa1c953..451c00f17c2f 100644 --- a/target/riscv/kvm/kvm-cpu.c +++ b/target/riscv/kvm/kvm-cpu.c @@ -1389,6 +1389,11 @@ static int kvm_vcpu_enable_sbi_dbcn(RISCVCPU *cpu, C= PUState *cs) return kvm_set_one_reg(cs, kvm_sbi_dbcn.kvm_reg_id, ®); } =20 +int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp) +{ + return 0; +} + int kvm_arch_init_vcpu(CPUState *cs) { int ret =3D 0; diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c index 4d56e653ddf6..1f592733f4e2 100644 --- a/target/s390x/kvm/kvm.c +++ b/target/s390x/kvm/kvm.c @@ -404,6 +404,11 @@ unsigned long kvm_arch_vcpu_id(CPUState *cpu) return cpu->cpu_index; } =20 +int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp) +{ + return 0; +} + int kvm_arch_init_vcpu(CPUState *cs) { unsigned int max_cpus =3D MACHINE(qdev_get_machine())->smp.max_cpus; --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515119; cv=none; d=zohomail.com; s=zohoarc; b=Mfwcxojb6keqd+5tWlm+oz+pQTQ1l2epRb26XgKWNxyPObUfYneMypEWzzIogoI1weCeq5+lcQ1NWr84TE2hLOAzgMq9wpJkZ2AhiQdz1S6fGVqd6iQDd9/NryLsuQnQTy3NZpuras8Dgrpn3SaP0fuKyQePMRc1BiTCSyNmrZw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515119; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=ugVWQyvyyc/WH6awXxFmTv9otSb8HmVJnKHzhiCsKvY=; b=iCElp+btsNllTcJc3SfJH9lYHQBa/NX0VuTpuyLOeBYqBXNB6W+RIkbT5QOVqI9vxj2+CKPe5DhRpurVYMQQFErbXQdFqRDuKxfpVtofswsLWehEhiaqzTSkdCz7upNyo22Vhm3wO/Dmx4w6aRNOxvsFbdR0gMascCGmoKqF9LM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515119787227.87215875392405; Tue, 1 Apr 2025 06:45:19 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsN-0005JG-9z; Tue, 01 Apr 2025 09:41:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsF-0005EX-QO for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:53 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsC-0006ZP-5f for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:51 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:34 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:28 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514908; x=1775050908; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=EKsK8PWjYl3QvrFgMx0oUHC9LNiAUtXBkauBMePChbY=; b=lEc4OUuto1NUmq/RI4SKGrtOpF4xSAhcW6Ndo5nBJdSIHZEajooVmQPF A69bGbm4b4P3+EXUC01fmvHppC7UTplsDNd7p0W3KjK3iLHpOrPaj50HN ulzGdAew/4y1MXYjZAhC2hbhP9tms9UuKTpq7k/e9j7kRfZYko0ngCcm+ oYo06n6Ip+ie90pVVKHSE2/1GvVYV9fDuCQoWjnFE5weAA+juoRF+pg0S pHHmniIYhIN0MjXcRMaC+Nkq2qjG5/zHAWVwAVvqL4/CF8JyMeQp5DNIo 1TKRpi60T9/dZa3lGgizoevjIp5H4EJItNEbdlYj1qkpxrAjgTU7kawgs g==; X-CSE-ConnectionGUID: UOTnBfdhQEOgBelqMe9jOw== X-CSE-MsgGUID: gR8QM8UoSgKiN+dP5ETntA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433201" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433201" X-CSE-ConnectionGUID: nj9SsVT1TNaIO1U0n+CIDA== X-CSE-MsgGUID: edftOmDeRruST44kgJ4n5w== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639935" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 08/55] i386/tdx: Initialize TDX before creating TD vcpus Date: Tue, 1 Apr 2025 09:01:18 -0400 Message-Id: <20250401130205.2198253-9-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515121309019100 Content-Type: text/plain; charset="utf-8" Invoke KVM_TDX_INIT_VM in kvm_arch_pre_create_vcpu() that KVM_TDX_INIT_VM configures global TD configurations, e.g. the canonical CPUID config, and must be executed prior to creating vCPUs. Use kvm_x86_arch_cpuid() to setup the CPUID settings for TDX VM. Note, this doesn't address the fact that QEMU may change the CPUID configuration when creating vCPUs, i.e. punts on refactoring QEMU to provide a stable CPUID config prior to kvm_arch_init(). Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann Acked-by: Markus Armbruster --- Changes in v8: - Drop the code that initializes cpu->kvm_state before kvm_arch_pre_create_vcpu() because it's not needed anymore. Changes in v7: - Add comments to explain why KVM_TDX_INIT_VM should retry on -EAGAIN; - Add retry limit of 10000 times for -EAGAIN on KVM_TDX_INIT_VM; Changes in v6: - setup xfam explicitly to fit with new uapi; - use tdx_caps->cpuid to filter the input of cpuids because now KVM only allows the leafs that reported via KVM_TDX_GET_CAPABILITIES; Changes in v4: - mark init_vm with g_autofree() and use QEMU_LOCK_GUARD() to eliminate the goto labels; (Daniel) Changes in v3: - Pass @errp in tdx_pre_create_vcpu() and pass error info to it. (Daniel) --- target/i386/kvm/kvm.c | 16 +++--- target/i386/kvm/kvm_i386.h | 5 ++ target/i386/kvm/meson.build | 2 +- target/i386/kvm/tdx-stub.c | 10 ++++ target/i386/kvm/tdx.c | 105 ++++++++++++++++++++++++++++++++++++ target/i386/kvm/tdx.h | 6 +++ 6 files changed, 137 insertions(+), 7 deletions(-) create mode 100644 target/i386/kvm/tdx-stub.c diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 1a4dd19e24ab..a537699bb7df 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -38,6 +38,7 @@ #include "kvm_i386.h" #include "../confidential-guest.h" #include "sev.h" +#include "tdx.h" #include "xen-emu.h" #include "hyperv.h" #include "hyperv-proto.h" @@ -414,9 +415,9 @@ static uint32_t cpuid_entry_get_reg(struct kvm_cpuid_en= try2 *entry, int reg) =20 /* Find matching entry for function/index on kvm_cpuid2 struct */ -static struct kvm_cpuid_entry2 *cpuid_find_entry(struct kvm_cpuid2 *cpuid, - uint32_t function, - uint32_t index) +struct kvm_cpuid_entry2 *cpuid_find_entry(struct kvm_cpuid2 *cpuid, + uint32_t function, + uint32_t index) { int i; for (i =3D 0; i < cpuid->nent; ++i) { @@ -1821,9 +1822,8 @@ static void kvm_init_nested_state(CPUX86State *env) } } =20 -static uint32_t kvm_x86_build_cpuid(CPUX86State *env, - struct kvm_cpuid_entry2 *entries, - uint32_t cpuid_i) +uint32_t kvm_x86_build_cpuid(CPUX86State *env, struct kvm_cpuid_entry2 *en= tries, + uint32_t cpuid_i) { uint32_t limit, i, j; uint32_t unused; @@ -2052,6 +2052,10 @@ full: =20 int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp) { + if (is_tdx_vm()) { + return tdx_pre_create_vcpu(cpu, errp); + } + return 0; } =20 diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h index ed1e61fb8ba9..dc696cb7238a 100644 --- a/target/i386/kvm/kvm_i386.h +++ b/target/i386/kvm/kvm_i386.h @@ -59,6 +59,11 @@ uint64_t kvm_swizzle_msi_ext_dest_id(uint64_t address); void kvm_update_msi_routes_all(void *private, bool global, uint32_t index, uint32_t mask); =20 +struct kvm_cpuid_entry2 *cpuid_find_entry(struct kvm_cpuid2 *cpuid, + uint32_t function, + uint32_t index); +uint32_t kvm_x86_build_cpuid(CPUX86State *env, struct kvm_cpuid_entry2 *en= tries, + uint32_t cpuid_i); #endif /* CONFIG_KVM */ =20 void kvm_pc_setup_irq_routing(bool pci_enabled); diff --git a/target/i386/kvm/meson.build b/target/i386/kvm/meson.build index 466bccb9cb17..3f44cdedb758 100644 --- a/target/i386/kvm/meson.build +++ b/target/i386/kvm/meson.build @@ -8,7 +8,7 @@ i386_kvm_ss.add(files( =20 i386_kvm_ss.add(when: 'CONFIG_XEN_EMU', if_true: files('xen-emu.c')) =20 -i386_kvm_ss.add(when: 'CONFIG_TDX', if_true: files('tdx.c')) +i386_kvm_ss.add(when: 'CONFIG_TDX', if_true: files('tdx.c'), if_false: fil= es('tdx-stub.c')) =20 i386_system_ss.add(when: 'CONFIG_HYPERV', if_true: files('hyperv.c'), if_f= alse: files('hyperv-stub.c')) =20 diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c new file mode 100644 index 000000000000..2344433594ea --- /dev/null +++ b/target/i386/kvm/tdx-stub.c @@ -0,0 +1,10 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ + +#include "qemu/osdep.h" + +#include "tdx.h" + +int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) +{ + return -EINVAL; +} diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 16f67e18ae78..0afaf739c09f 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -149,6 +149,109 @@ static int tdx_kvm_type(X86ConfidentialGuest *cg) return KVM_X86_TDX_VM; } =20 +static int setup_td_xfam(X86CPU *x86cpu, Error **errp) +{ + CPUX86State *env =3D &x86cpu->env; + uint64_t xfam; + + xfam =3D env->features[FEAT_XSAVE_XCR0_LO] | + env->features[FEAT_XSAVE_XCR0_HI] | + env->features[FEAT_XSAVE_XSS_LO] | + env->features[FEAT_XSAVE_XSS_HI]; + + if (xfam & ~tdx_caps->supported_xfam) { + error_setg(errp, "Invalid XFAM 0x%lx for TDX VM (supported: 0x%llx= ))", + xfam, tdx_caps->supported_xfam); + return -1; + } + + tdx_guest->xfam =3D xfam; + return 0; +} + +static void tdx_filter_cpuid(struct kvm_cpuid2 *cpuids) +{ + int i, dest_cnt =3D 0; + struct kvm_cpuid_entry2 *src, *dest, *conf; + + for (i =3D 0; i < cpuids->nent; i++) { + src =3D cpuids->entries + i; + conf =3D cpuid_find_entry(&tdx_caps->cpuid, src->function, src->in= dex); + if (!conf) { + continue; + } + dest =3D cpuids->entries + dest_cnt; + + dest->function =3D src->function; + dest->index =3D src->index; + dest->flags =3D src->flags; + dest->eax =3D src->eax & conf->eax; + dest->ebx =3D src->ebx & conf->ebx; + dest->ecx =3D src->ecx & conf->ecx; + dest->edx =3D src->edx & conf->edx; + + dest_cnt++; + } + cpuids->nent =3D dest_cnt++; +} + +int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) +{ + X86CPU *x86cpu =3D X86_CPU(cpu); + CPUX86State *env =3D &x86cpu->env; + g_autofree struct kvm_tdx_init_vm *init_vm =3D NULL; + Error *local_err =3D NULL; + int retry =3D 10000; + int r =3D 0; + + QEMU_LOCK_GUARD(&tdx_guest->lock); + if (tdx_guest->initialized) { + return r; + } + + init_vm =3D g_malloc0(sizeof(struct kvm_tdx_init_vm) + + sizeof(struct kvm_cpuid_entry2) * KVM_MAX_CPUID_EN= TRIES); + + r =3D setup_td_xfam(x86cpu, errp); + if (r) { + return r; + } + + init_vm->cpuid.nent =3D kvm_x86_build_cpuid(env, init_vm->cpuid.entrie= s, 0); + tdx_filter_cpuid(&init_vm->cpuid); + + init_vm->attributes =3D tdx_guest->attributes; + init_vm->xfam =3D tdx_guest->xfam; + + /* + * KVM_TDX_INIT_VM gets -EAGAIN when KVM side SEAMCALL(TDH_MNG_CREATE) + * gets TDX_RND_NO_ENTROPY due to Random number generation (e.g., RDRA= ND or + * RDSEED) is busy. + * + * Retry for the case. + */ + do { + error_free(local_err); + local_err =3D NULL; + r =3D tdx_vm_ioctl(KVM_TDX_INIT_VM, 0, init_vm, &local_err); + } while (r =3D=3D -EAGAIN && --retry); + + if (r < 0) { + if (!retry) { + error_report("Hardware RNG (Random Number Generator) is busy " + "occupied by someone (via RDRAND/RDSEED) maliciou= sly, " + "which leads to KVM_TDX_INIT_VM keeping failure " + "due to lack of entropy."); + } + error_propagate(errp, local_err); + return r; + } + + tdx_guest->initialized =3D true; + + return 0; +} + /* tdx guest */ OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest, tdx_guest, @@ -162,6 +265,8 @@ static void tdx_guest_init(Object *obj) ConfidentialGuestSupport *cgs =3D CONFIDENTIAL_GUEST_SUPPORT(obj); TdxGuest *tdx =3D TDX_GUEST(obj); =20 + qemu_mutex_init(&tdx->lock); + cgs->require_guest_memfd =3D true; tdx->attributes =3D 0; =20 diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index de8ae9196163..4e2b5c61ff5b 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -19,7 +19,11 @@ typedef struct TdxGuestClass { typedef struct TdxGuest { X86ConfidentialGuest parent_obj; =20 + QemuMutex lock; + + bool initialized; uint64_t attributes; /* TD attributes */ + uint64_t xfam; } TdxGuest; =20 #ifdef CONFIG_TDX @@ -28,4 +32,6 @@ bool is_tdx_vm(void); #define is_tdx_vm() 0 #endif /* CONFIG_TDX */ =20 +int tdx_pre_create_vcpu(CPUState *cpu, Error **errp); + #endif /* QEMU_I386_TDX_H */ --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743514972; cv=none; d=zohomail.com; s=zohoarc; b=LSESDsK2+favz8UblwlSifh4R6Sg6DpntF+l1jgp2hGG/zwS19W+x0o1j+9G3g/2YcPMBG3kaZjBeDepkCrx9JtOLItraNNkU3Xan2GTnrNxCgbAXcdUCpGqBoTqRQTq9lEeMMcplVXJncb5Pho2CxQfwnNTjuAekGB9A9it3+c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743514972; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=eMhaf1r/vkeU2cv0CXdwiNkFRD7+1o4F4ruIqes3CEk=; b=NITKrAoNoEXj8wtVU+w2UP4QA9clsUFxl4S6rdVusMjVpLmifOY8vlxPmQeITzZ/QUJ2b9g/kMWdRMGGvkAZuKSdWlxeR/Of+k50Qk55g32Wk+k+nL1/09dXxTkpuALv1dkK1I7mCZqj68wHsm/Sb+PODG5auoI+jGNCGdIRrF0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743514971972412.83839504848254; Tue, 1 Apr 2025 06:42:51 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsP-0005KE-J9; Tue, 01 Apr 2025 09:42:01 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsF-0005EH-2T for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:53 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsC-0006Zf-8M for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:50 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:34 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:31 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514908; x=1775050908; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=d51UYtQR74/wrHTLkrhxOXXIgmZSkfJnc0YFaHchExE=; b=I1dKk9ULKLSXm1YBto2BToSJtrdnaEcu8KNCKXK1kf8hCcicCJa5DzeD wJrg3vcAUxBf5rwqfVvticGZPvwBBns4jexlTrh4jNog1CEy2e4NXUT1/ hyxzwg5qM0oHPyDp0P3IFISH97ViPVY785SqKpLmQJkUEZWnljSjQKqR5 wOE/d9DtZP9z7W4sle8fzBxLe15HNRn8j2CH9bLRcCYnbzMlg7FtYp0hR y6IqxyEGi4q+dYR1/G38Fkv0XnSxOnbGqlmPwKT2zJoBc9BN2s1Jc11dR wx73uCCvRWLomsjgIxcPcL/pyM5XpBPLGxc27QDA4Kxis6zrX2/S+vU6p w==; X-CSE-ConnectionGUID: mV04mo1nRiOycBIHa1kMpQ== X-CSE-MsgGUID: wKn6qe+tSaiSjsP4escSeg== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433205" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433205" X-CSE-ConnectionGUID: 9/CmWpQ8RRasNSq7aRv4rw== X-CSE-MsgGUID: OmdxE0KVThCIFhtM5FHEWQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639942" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 09/55] i386/tdx: Add property sept-ve-disable for tdx-guest object Date: Tue, 1 Apr 2025 09:01:19 -0400 Message-Id: <20250401130205.2198253-10-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743514975903019100 Content-Type: text/plain; charset="utf-8" Bit 28 of TD attribute, named SEPT_VE_DISABLE. When set to 1, it disables EPT violation conversion to #VE on guest TD access of PENDING pages. Some guest OS (e.g., Linux TD guest) may require this bit as 1. Otherwise refuse to boot. Add sept-ve-disable property for tdx-guest object, for user to configure this bit. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann Acked-by: Markus Armbruster Reviewed-by: Daniel P. Berrang=C3=A9 --- Changes in v4: - collect Acked-by from Markus Changes in v3: - update the comment of property @sept-ve-disable to make it more descriptive and use new format. (Daniel and Markus) --- qapi/qom.json | 8 +++++++- target/i386/kvm/tdx.c | 23 +++++++++++++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/qapi/qom.json b/qapi/qom.json index c0b61df964ef..f229bb07aaec 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -1055,10 +1055,16 @@ # @attributes: The 'attributes' of a TD guest that is passed to # KVM_TDX_INIT_VM # +# @sept-ve-disable: toggle bit 28 of TD attributes to control disabling +# of EPT violation conversion to #VE on guest TD access of PENDING +# pages. Some guest OS (e.g., Linux TD guest) may require this to +# be set, otherwise they refuse to boot. +# # Since: 10.1 ## { 'struct': 'TdxGuestProperties', - 'data': { '*attributes': 'uint64' } } + 'data': { '*attributes': 'uint64', + '*sept-ve-disable': 'bool' } } =20 ## # @ThreadContextProperties: diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 0afaf739c09f..081094ae29db 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -18,6 +18,8 @@ #include "kvm_i386.h" #include "tdx.h" =20 +#define TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE BIT_ULL(28) + static TdxGuest *tdx_guest; =20 static struct kvm_tdx_capabilities *tdx_caps; @@ -252,6 +254,24 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) return 0; } =20 +static bool tdx_guest_get_sept_ve_disable(Object *obj, Error **errp) +{ + TdxGuest *tdx =3D TDX_GUEST(obj); + + return !!(tdx->attributes & TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE); +} + +static void tdx_guest_set_sept_ve_disable(Object *obj, bool value, Error *= *errp) +{ + TdxGuest *tdx =3D TDX_GUEST(obj); + + if (value) { + tdx->attributes |=3D TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE; + } else { + tdx->attributes &=3D ~TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE; + } +} + /* tdx guest */ OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest, tdx_guest, @@ -272,6 +292,9 @@ static void tdx_guest_init(Object *obj) =20 object_property_add_uint64_ptr(obj, "attributes", &tdx->attributes, OBJ_PROP_FLAG_READWRITE); + object_property_add_bool(obj, "sept-ve-disable", + tdx_guest_get_sept_ve_disable, + tdx_guest_set_sept_ve_disable); } =20 static void tdx_guest_finalize(Object *obj) --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515328; cv=none; d=zohomail.com; s=zohoarc; b=kTess7HM8Zf1AK0GNjafrwjumqW7N5yn9sLKOrO5jFDpImg3a8M/XWSjC2wMMYmAKSwVbWw+S/pihsLoU0/4a6akmzOtJbx8Y68rtAkDdZJIi0iuKYrsNRK2JvH/XKknp5jHUPbNkwI4zOHq5UvXpPhO/Jn855wCmnmEgqyeEqk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515328; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=uOutjyPR+iljtVOyY6joVuQEDftwXw3O4mrEUdP/xSE=; b=PsCGrhvzIItMs/cPuRugwnfClOLJYIerEcjUtNLxru5u3CUZhpLcwP11p9CWbF0RyNkplPU7UgHWalf+bV00MBYnzZndSbz8sTza04hn3sRH1M+GSzzgqHnJBbDIJpmirfcc2YTUuBZvRAzJuUcyk18pcX3BJLxEgaNTpH0Gtw0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515328920175.53914853843776; Tue, 1 Apr 2025 06:48:48 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsM-0005In-8z; Tue, 01 Apr 2025 09:41:58 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsD-0005E8-LT for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:53 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsC-0006XQ-2o for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:49 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:37 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:34 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514908; x=1775050908; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=EQ8+EUoubeI/k4cXZyQ//CK2PPPO+mUjqXHGVbQMaYA=; b=VYSKvLjb3pjnUGwMOI6e/6m2/NosH32aDkIfFs/gqqx1X28x4JFMLq18 ZI4itug1+czG+nQFdq5+841Ua54TPo98sf8zSkOYBLw75BCU/sEATr0wY DSGHiSNqyzJV3HVPrv1vBZlvlgoJUxSNBvlFAlur9bT1gd4GZOKQGL9/W 54b5Dv1FhqOH8ilAiX/ANjJ7/AcLiOk5ddQd2V1h+iCyplqId3zjuNXHz mlgjOWJj7W9G2i5zO77Bw1rl58IJVvS5b5bvJSU5O6j3NTufn+/VBXBbA FnCKRhQyEy9FpqSjjdH8zNhuF4sFHZUeCfGHH/r5vHZJYfV8hry8ux8f5 w==; X-CSE-ConnectionGUID: x5WcT87QSkWlYGDPvPH32Q== X-CSE-MsgGUID: ABVT/9DjT6m3BrLxlXNI/A== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433215" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433215" X-CSE-ConnectionGUID: 00kVKO/1T/aN9Rw2xWFB1Q== X-CSE-MsgGUID: n7JHB5q8RMCBGVdzC0zeUA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639952" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 10/55] i386/tdx: Make sept_ve_disable set by default Date: Tue, 1 Apr 2025 09:01:20 -0400 Message-Id: <20250401130205.2198253-11-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515331590019100 Content-Type: text/plain; charset="utf-8" From: Isaku Yamahata For TDX KVM use case, Linux guest is the most major one. It requires sept_ve_disable set. Make it default for the main use case. For other use case, it can be enabled/disabled via qemu command line. Signed-off-by: Isaku Yamahata Signed-off-by: Xiaoyao Li Reviewed-by: Daniel P. Berrang=C3=A9 --- target/i386/kvm/tdx.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 081094ae29db..592fb9cbbf0b 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -288,7 +288,7 @@ static void tdx_guest_init(Object *obj) qemu_mutex_init(&tdx->lock); =20 cgs->require_guest_memfd =3D true; - tdx->attributes =3D 0; + tdx->attributes =3D TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE; =20 object_property_add_uint64_ptr(obj, "attributes", &tdx->attributes, OBJ_PROP_FLAG_READWRITE); --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743514990; cv=none; d=zohomail.com; s=zohoarc; b=WMDkx4921sAgIqJdxsJevErNxqaLTLYkpYCYCKUk0qLuniAT0dFpB69qLT5+jtHN0gNleFrSAj5HpLy8eABzqR/TpbrUM2tNl34YbUdvdx5DKB8tW3PVQZ24QjwY7+i3EhPyXJVx2YEDKAjs2j/+yshHn4A+wjwejaRzb43mxJ0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743514990; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=ZL70JjnQ3mQmSUYuyrtbAbbfWCDkIw59sd8y/zBvnIE=; b=D+KcOb9M/o+X6Q5Rdk5+HKwpDvgBV/27ceLv5ypIyvZOgsPl6MokT4Zivaluo+R9MlYjQd8bx9R2cLWs8nDfnjJo9UvUcDyjuf395FC2UM6sLSA7IDO7OPube5fw7VzQiGW2gwzX6vs/K7Cj2Avtb3QLmDbh5x1WLOriMObBAXc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743514990668585.6523234883035; Tue, 1 Apr 2025 06:43:10 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsR-0005KO-LL; Tue, 01 Apr 2025 09:42:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsH-0005Ek-D0 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:53 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsE-0006XQ-LL for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:53 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:39 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:37 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514910; x=1775050910; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Hr0LEiSSmKtiGfYbEChY/Qw7KF2fXfkBqudO82jSIXs=; b=jo12EDU+a+xez9G7zcp2aZmLztjI6FONrW3m0X/EERaZOPZVeMGHSe87 8CWve4psQRyp2Z3XZzzOQUFD2rAzabGKHFt0fXQeQp8wB7RqISQ4eVksL Wx4B7/+6e9PCW4mTz0VBhE0/nTcgaggnBnEuQxhYmkUSEEfRc6KxJcK36 Q8/aUtbYA0XlE8ZCqhWo0tbT6Gsq/SsFTRAZ2VIXazyneOU20YQLfZXCT 5cLuztm0GurFAxt5YxlGfvXSxyWRFnnkk5nSqXpgaVpdOnoe20Irnhsv9 PqrJs2rhMGPm/nJKPk0lk9E/0swQhOQIpdYlxqUp3E8vXIJTUwZsbns5T Q==; X-CSE-ConnectionGUID: sI3z4kltROKTIS74ApBv3g== X-CSE-MsgGUID: z5MBJ7IzS46mvxYGGbG0zg== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433223" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433223" X-CSE-ConnectionGUID: csIcjxETSz6myEtXNGdxQA== X-CSE-MsgGUID: qf+aoVN9SxuOsRo1cWEbuA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639958" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 11/55] i386/tdx: Wire CPU features up with attributes of TD guest Date: Tue, 1 Apr 2025 09:01:21 -0400 Message-Id: <20250401130205.2198253-12-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743514993217019100 Content-Type: text/plain; charset="utf-8" For QEMU VMs, - PKS is configured via CPUID_7_0_ECX_PKS, e.g., -cpu xxx,+pks and - PMU is configured by x86cpu->enable_pmu, e.g., -cpu xxx,pmu=3Don While the bit 30 (PKS) and bit 63 (PERFMON) of TD's attributes are also used to configure the PKS and PERFMON/PMU of TD, reuse the existing configuration interfaces of 'cpu' for TD's attributes. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann Reviewed-by: Daniel P. Berrang=C3=A9 --- target/i386/kvm/tdx.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 592fb9cbbf0b..1202b2111ba8 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -19,6 +19,8 @@ #include "tdx.h" =20 #define TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE BIT_ULL(28) +#define TDX_TD_ATTRIBUTES_PKS BIT_ULL(30) +#define TDX_TD_ATTRIBUTES_PERFMON BIT_ULL(63) =20 static TdxGuest *tdx_guest; =20 @@ -151,6 +153,15 @@ static int tdx_kvm_type(X86ConfidentialGuest *cg) return KVM_X86_TDX_VM; } =20 +static void setup_td_guest_attributes(X86CPU *x86cpu) +{ + CPUX86State *env =3D &x86cpu->env; + + tdx_guest->attributes |=3D (env->features[FEAT_7_0_ECX] & CPUID_7_0_EC= X_PKS) ? + TDX_TD_ATTRIBUTES_PKS : 0; + tdx_guest->attributes |=3D x86cpu->enable_pmu ? TDX_TD_ATTRIBUTES_PERF= MON : 0; +} + static int setup_td_xfam(X86CPU *x86cpu, Error **errp) { CPUX86State *env =3D &x86cpu->env; @@ -214,6 +225,8 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) init_vm =3D g_malloc0(sizeof(struct kvm_tdx_init_vm) + sizeof(struct kvm_cpuid_entry2) * KVM_MAX_CPUID_EN= TRIES); =20 + setup_td_guest_attributes(x86cpu); + r =3D setup_td_xfam(x86cpu, errp); if (r) { return r; --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515118; cv=none; d=zohomail.com; s=zohoarc; b=Mrwk0Rfj83PyOXVcsnlec8wYBjy9yq330+n2TxgjdSDGG8YzyEOqm4MtAFSctlTQfRSSLgAc2EW7o2X8ZBMsa+FxJ2ZuI9DVVTE2f9ch/oS+Dic4VeB8UWCsV3L43lJHB3IkR+6HxO2/lNj1iJPqjj7S2vBobyyLEz5QeBxK0cg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515118; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=vid8w4jSrPeveKcqz1k6SVXy0NPnKt6YByAob1fEsC0=; b=RCGSBYkMFG5PbsnO3UHq1ycWVz0BjWzj+JcLSrfLeZy7AqvqdTgAJH4AjSAN2Q5l0zFo8ddm49TbiZk3uxt0B3+oiVKecDLFJjLvEVf4l1PsLEQmFRVKMdAM51QQ/zhiq8qV57GR2ZpQcnu5pKu2meO06cY7Ji6Z1OWuZzSR/OM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515118660774.7549846201526; Tue, 1 Apr 2025 06:45:18 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsN-0005Jl-SY; Tue, 01 Apr 2025 09:41:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsH-0005Ej-95 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:53 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsF-0006Zf-KA for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:41:53 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:42 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:39 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514911; x=1775050911; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=lqgmctOznK2bav9EKRyz3Cr7vVK4UhygN00UQ3hENgc=; b=UtqwgxrCcLzAwG+/e9LZKnefmPKW1Igeip/X73G+M0RU/qTsRtsa6QvY JeNYR8d7VAe61kJv6+2Pzv3Ay5YKuzDLBVSFMgyjuLY3T3uW6RvFeM3pV XcGe+RL9nS6oQtUkfyJK0rxeIhcn8QpsZ5XFSrt27M9Y70p8RkTcyEUij g7qXvr+s1ocHSBFwF1MkYd7M48pPue00vUK9Tm6llTruaNJBde5GwDA+t C/NhadZT/B6hAb6u/ytf5Jp3vk36VriMd69WOTncjw4xH2aPWwStBY9Ia vnbKvjoxVUgQG+cYWzzTL17nbWJOIBLm4sbnASiMEqSwxCbCGIbAKY9HV Q==; X-CSE-ConnectionGUID: 7snFiIU8RbWDU0/6Tv9e8A== X-CSE-MsgGUID: SO8Dirs9SSmdwSoGUdh82w== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433230" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433230" X-CSE-ConnectionGUID: DIsW2/koTiKVmrRoUvtDBw== X-CSE-MsgGUID: Oy3V9a/GSHiFsLnjI5JeBQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639962" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 12/55] i386/tdx: Validate TD attributes Date: Tue, 1 Apr 2025 09:01:22 -0400 Message-Id: <20250401130205.2198253-13-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515119381019000 Content-Type: text/plain; charset="utf-8" Validate TD attributes with tdx_caps that only supported bits are allowed by KVM. Besides, sanity check the attribute bits that have not been supported by QEMU yet. e.g., debug bit, it will be allowed in the future when debug TD support lands in QEMU. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- Changes in v8: - Split the mrconfigid/mrowner/mrownerconfig part into a seperate next patch; Changes in v7: - Define TDX_SUPPORTED_TD_ATTRS as QEMU supported mask, to validates user's request. (Rick) Changes in v3: - using error_setg() for error report; (Daniel) --- target/i386/kvm/tdx.c | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 1202b2111ba8..aa043acb1a88 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -18,10 +18,15 @@ #include "kvm_i386.h" #include "tdx.h" =20 +#define TDX_TD_ATTRIBUTES_DEBUG BIT_ULL(0) #define TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE BIT_ULL(28) #define TDX_TD_ATTRIBUTES_PKS BIT_ULL(30) #define TDX_TD_ATTRIBUTES_PERFMON BIT_ULL(63) =20 +#define TDX_SUPPORTED_TD_ATTRS (TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE |\ + TDX_TD_ATTRIBUTES_PKS | \ + TDX_TD_ATTRIBUTES_PERFMON) + static TdxGuest *tdx_guest; =20 static struct kvm_tdx_capabilities *tdx_caps; @@ -153,13 +158,33 @@ static int tdx_kvm_type(X86ConfidentialGuest *cg) return KVM_X86_TDX_VM; } =20 -static void setup_td_guest_attributes(X86CPU *x86cpu) +static int tdx_validate_attributes(TdxGuest *tdx, Error **errp) +{ + if ((tdx->attributes & ~tdx_caps->supported_attrs)) { + error_setg(errp, "Invalid attributes 0x%lx for TDX VM " + "(KVM supported: 0x%llx)", tdx->attributes, + tdx_caps->supported_attrs); + return -1; + } + + if (tdx->attributes & ~TDX_SUPPORTED_TD_ATTRS) { + warn_report("Some QEMU unsupported TD attribute bits being request= ed:" + "requested: 0x%lx QEMU supported: 0x%llx", + tdx->attributes, TDX_SUPPORTED_TD_ATTRS); + } + + return 0; +} + +static int setup_td_guest_attributes(X86CPU *x86cpu, Error **errp) { CPUX86State *env =3D &x86cpu->env; =20 tdx_guest->attributes |=3D (env->features[FEAT_7_0_ECX] & CPUID_7_0_EC= X_PKS) ? TDX_TD_ATTRIBUTES_PKS : 0; tdx_guest->attributes |=3D x86cpu->enable_pmu ? TDX_TD_ATTRIBUTES_PERF= MON : 0; + + return tdx_validate_attributes(tdx_guest, errp); } =20 static int setup_td_xfam(X86CPU *x86cpu, Error **errp) @@ -225,7 +250,10 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) init_vm =3D g_malloc0(sizeof(struct kvm_tdx_init_vm) + sizeof(struct kvm_cpuid_entry2) * KVM_MAX_CPUID_EN= TRIES); =20 - setup_td_guest_attributes(x86cpu); + r =3D setup_td_guest_attributes(x86cpu, errp); + if (r) { + return r; + } =20 r =3D setup_td_xfam(x86cpu, errp); if (r) { --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515436; cv=none; d=zohomail.com; s=zohoarc; b=CRxA7jmZ/MZaVj0llRqmqSRPah3BtOOOfNK5ZCMlIqmin66wEVQ3t55YXI6D1TJ6UClvu/3gp6YttVBE0BXJyQ0C1ioeZtxJ2Gxca9LVNQu/tAk2oSRN+n568Dqi2GPrrRemOYqnPeb2S8CU7NL4YtbzNzWtTDwXEsLHw6hCJvI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515436; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=FLXLa1o6CPtl+wOYCA9a0KeLQUT4sSU8DcAvKSOPA20=; b=m2dbxGnZRQmANETKjgPmbSd5Rgr8ixQManFYYfLHIOMd8veb9VC4+bTASq4A/BONJK/UCabvfHv0aaw0n/1c5KJzROgi2RFpGud1+bIHMmnM+/R4DNV4uqqbBsDMN2eJPtxU6j6WCrGvgrmSGFf9PZvaycN/27/QkcVk4D3CbNg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515436772672.5961930309422; Tue, 1 Apr 2025 06:50:36 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsa-0005V5-FA; Tue, 01 Apr 2025 09:42:14 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsU-0005LY-GL for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:09 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsQ-0006ZP-4o for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:06 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:44 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:42 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514922; x=1775050922; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=mdbz9OkSTyNbzZFyMfnp3iGYyHMQ3poqcVGKHQ1jteI=; b=CFO9APRq3bHK+PNjXw/gE+E2hwGAtD+O5V4ZMZFx7UualgbbB7M1az8c zti9D0/BVsTnJtH0BIySlDQiHSTCgL5hJPAH3deMBBH4YkCAiSkyhAgSo zelSVaCLQOdxciV8CyUWL2olBU4SNccJUIMEnXz3ufl+5U0aW5SKhF/PZ gxdx9PuqStK8TRtxkxbVIhHxpZsECLkcgfyTLKiEDfcdVVvIurpMx49/K DY0tqKyVl1FiQQLn37r9fHkI1mfame9dhPHZQf3vDEIYwJ/eFiaxf3KUY PaAFq8DKV3Wr+hiGDUCrfhgM1XvOQZPL4KlnK3ZB0Y2i0K/uio6POLSEr g==; X-CSE-ConnectionGUID: TcTuJG47TWGQqTuRQiY2XA== X-CSE-MsgGUID: yFpCtJoJThulL/x4bwicLQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433242" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433242" X-CSE-ConnectionGUID: A0AQrzaqS0WPhyaEHfnD4w== X-CSE-MsgGUID: 0SxOCk8DT4yBrDvAENgsPA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639969" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 13/55] i386/tdx: Support user configurable mrconfigid/mrowner/mrownerconfig Date: Tue, 1 Apr 2025 09:01:23 -0400 Message-Id: <20250401130205.2198253-14-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515439074019000 From: Isaku Yamahata Three sha384 hash values, mrconfigid, mrowner and mrownerconfig, of a TD can be provided for TDX attestation. Detailed meaning of them can be found: https://lore.kernel.org/qemu-devel/31d6dbc1-f453-4cef-ab08-4813f4e0f= f92@intel.com/ Allow user to specify those values via property mrconfigid, mrowner and mrownerconfig. They are all in base64 format. example -object tdx-guest, \ mrconfigid=3DASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJ= q83v,\ mrowner=3DASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83= v,\ mrownerconfig=3DASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjR= WeJq83v Signed-off-by: Isaku Yamahata Co-developed-by: Xiaoyao Li Signed-off-by: Xiaoyao Li --- Changes in v8: - it gets squashed into previous patch in v7. So split it out in v8; Changes in v6: - refine the doc comment of QAPI properties; Changes in v5: - refine the description of QAPI properties and add description of default value when not specified; Changes in v4: - describe more of there fields in qom.json - free the old value before set new value to avoid memory leak in _setter(); (Daniel) Changes in v3: - use base64 encoding instread of hex-string; --- qapi/qom.json | 16 +++++++- target/i386/kvm/tdx.c | 86 +++++++++++++++++++++++++++++++++++++++++++ target/i386/kvm/tdx.h | 3 ++ 3 files changed, 104 insertions(+), 1 deletion(-) diff --git a/qapi/qom.json b/qapi/qom.json index f229bb07aaec..a8379bac1719 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -1060,11 +1060,25 @@ # pages. Some guest OS (e.g., Linux TD guest) may require this to # be set, otherwise they refuse to boot. # +# @mrconfigid: ID for non-owner-defined configuration of the guest TD, +# e.g., run-time or OS configuration (base64 encoded SHA384 digest). +# Defaults to all zeros. +# +# @mrowner: ID for the guest TD=E2=80=99s owner (base64 encoded SHA384 dig= est). +# Defaults to all zeros. +# +# @mrownerconfig: ID for owner-defined configuration of the guest TD, +# e.g., specific to the workload rather than the run-time or OS +# (base64 encoded SHA384 digest). Defaults to all zeros. +# # Since: 10.1 ## { 'struct': 'TdxGuestProperties', 'data': { '*attributes': 'uint64', - '*sept-ve-disable': 'bool' } } + '*sept-ve-disable': 'bool', + '*mrconfigid': 'str', + '*mrowner': 'str', + '*mrownerconfig': 'str' } } =20 ## # @ThreadContextProperties: diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index aa043acb1a88..77ddb2655c53 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -11,8 +11,10 @@ =20 #include "qemu/osdep.h" #include "qemu/error-report.h" +#include "qemu/base64.h" #include "qapi/error.h" #include "qom/object_interfaces.h" +#include "crypto/hash.h" =20 #include "hw/i386/x86.h" #include "kvm_i386.h" @@ -239,6 +241,7 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) CPUX86State *env =3D &x86cpu->env; g_autofree struct kvm_tdx_init_vm *init_vm =3D NULL; Error *local_err =3D NULL; + size_t data_len; int retry =3D 10000; int r =3D 0; =20 @@ -250,6 +253,36 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) init_vm =3D g_malloc0(sizeof(struct kvm_tdx_init_vm) + sizeof(struct kvm_cpuid_entry2) * KVM_MAX_CPUID_EN= TRIES); =20 + if (tdx_guest->mrconfigid) { + g_autofree uint8_t *data =3D qbase64_decode(tdx_guest->mrconfigid, + strlen(tdx_guest->mrconfigid), &data_len, er= rp); + if (!data || data_len !=3D QCRYPTO_HASH_DIGEST_LEN_SHA384) { + error_setg(errp, "TDX: failed to decode mrconfigid"); + return -1; + } + memcpy(init_vm->mrconfigid, data, data_len); + } + + if (tdx_guest->mrowner) { + g_autofree uint8_t *data =3D qbase64_decode(tdx_guest->mrowner, + strlen(tdx_guest->mrowner), &data_len, errp); + if (!data || data_len !=3D QCRYPTO_HASH_DIGEST_LEN_SHA384) { + error_setg(errp, "TDX: failed to decode mrowner"); + return -1; + } + memcpy(init_vm->mrowner, data, data_len); + } + + if (tdx_guest->mrownerconfig) { + g_autofree uint8_t *data =3D qbase64_decode(tdx_guest->mrownerconf= ig, + strlen(tdx_guest->mrownerconfig), &data_len, e= rrp); + if (!data || data_len !=3D QCRYPTO_HASH_DIGEST_LEN_SHA384) { + error_setg(errp, "TDX: failed to decode mrownerconfig"); + return -1; + } + memcpy(init_vm->mrownerconfig, data, data_len); + } + r =3D setup_td_guest_attributes(x86cpu, errp); if (r) { return r; @@ -313,6 +346,51 @@ static void tdx_guest_set_sept_ve_disable(Object *obj,= bool value, Error **errp) } } =20 +static char *tdx_guest_get_mrconfigid(Object *obj, Error **errp) +{ + TdxGuest *tdx =3D TDX_GUEST(obj); + + return g_strdup(tdx->mrconfigid); +} + +static void tdx_guest_set_mrconfigid(Object *obj, const char *value, Error= **errp) +{ + TdxGuest *tdx =3D TDX_GUEST(obj); + + g_free(tdx->mrconfigid); + tdx->mrconfigid =3D g_strdup(value); +} + +static char *tdx_guest_get_mrowner(Object *obj, Error **errp) +{ + TdxGuest *tdx =3D TDX_GUEST(obj); + + return g_strdup(tdx->mrowner); +} + +static void tdx_guest_set_mrowner(Object *obj, const char *value, Error **= errp) +{ + TdxGuest *tdx =3D TDX_GUEST(obj); + + g_free(tdx->mrowner); + tdx->mrowner =3D g_strdup(value); +} + +static char *tdx_guest_get_mrownerconfig(Object *obj, Error **errp) +{ + TdxGuest *tdx =3D TDX_GUEST(obj); + + return g_strdup(tdx->mrownerconfig); +} + +static void tdx_guest_set_mrownerconfig(Object *obj, const char *value, Er= ror **errp) +{ + TdxGuest *tdx =3D TDX_GUEST(obj); + + g_free(tdx->mrownerconfig); + tdx->mrownerconfig =3D g_strdup(value); +} + /* tdx guest */ OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest, tdx_guest, @@ -336,6 +414,14 @@ static void tdx_guest_init(Object *obj) object_property_add_bool(obj, "sept-ve-disable", tdx_guest_get_sept_ve_disable, tdx_guest_set_sept_ve_disable); + object_property_add_str(obj, "mrconfigid", + tdx_guest_get_mrconfigid, + tdx_guest_set_mrconfigid); + object_property_add_str(obj, "mrowner", + tdx_guest_get_mrowner, tdx_guest_set_mrowner); + object_property_add_str(obj, "mrownerconfig", + tdx_guest_get_mrownerconfig, + tdx_guest_set_mrownerconfig); } =20 static void tdx_guest_finalize(Object *obj) diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index 4e2b5c61ff5b..e472b11fb0dd 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -24,6 +24,9 @@ typedef struct TdxGuest { bool initialized; uint64_t attributes; /* TD attributes */ uint64_t xfam; + char *mrconfigid; /* base64 encoded sha348 digest */ + char *mrowner; /* base64 encoded sha348 digest */ + char *mrownerconfig; /* base64 encoded sha348 digest */ } TdxGuest; =20 #ifdef CONFIG_TDX --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515050; cv=none; d=zohomail.com; s=zohoarc; b=c1GELsktgaVUn6nw5yvPTPYYdR4u/hRpy0nXl1pOP5w0D8I/O7e247jpH4WZbl6ms7eIho8l46340yD2LpL9smsXs+kRSQkoTplPVLZwckWbyIwNxoLki3wmmqW3pBE7TEG7bncZJoMfV2Bhu8TCaWaAjH1IER5nvBUClt+cqBI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515050; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=8sFIMXMWIyzE/biPT1bP+wnomZ7ZyyKIy4TcQe7FJ1s=; b=T2iXwbXBaxhcLkiY/I+cuVPnjQF3dIxUz5y6KFnA1jPXT6ZHoBkkOso2DUSNOXO3WjI6Oikq29pW8NHRjIbeR91sQYc6R/RmKRG6AVi42kKIUn9qnTHRoDJNVUYPPkEtFzbgDjGWQReHC0NYoxp4yK6Q5EkRtt+5syZJJwKdzGA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515050373946.997375104848; Tue, 1 Apr 2025 06:44:10 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsa-0005Uk-32; Tue, 01 Apr 2025 09:42:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsT-0005L2-5o for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:05 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsR-0006Zf-K0 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:04 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:47 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:44 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514923; x=1775050923; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=jj65KKNKTnmksAnaDvoY5h2mRN3IOIbJ7P4DuI4Zdgw=; b=QBn9bqWuDd7zVfvRqz4o0OnREoNd/BiU2AV25qeaeW46GPgFcElvvbtS efPJJ1XWD9hWux9u4FjWkF/s/dJvHKWV+4M2jbRtL/v72dRDak5QB5bs/ n/nKqMyWsCkaUBDvdTF2yxUpB8f1o/OVjn/K2CfC5rwvoqE20R1ssfU09 cqSsMF3IfuD7arttTtp79KBYewCnPIHgvIBta/r8eI1gtbYE7MdYckJnE Y3szU3L1vrWoz7Iy2iPCBhTADhPx0HT1x+tVz/wmOdnXaTHGOQaTdEUyN OTr8203GH3uXZXJnLXwJXI58Y9ZKaWdXixxgCoX3oBJO1Fb+YHNmLV+ua Q==; X-CSE-ConnectionGUID: 7686ZTpySHawNIOVjqJvEg== X-CSE-MsgGUID: AsPwLgRIT/++AD+CgJbbtA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433253" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433253" X-CSE-ConnectionGUID: RwrVdtcmRu2CEFta/INxAg== X-CSE-MsgGUID: a8oJgQWoRd2uKFhbq2NC5g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639973" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 14/55] i386/tdx: Set APIC bus rate to match with what TDX module enforces Date: Tue, 1 Apr 2025 09:01:24 -0400 Message-Id: <20250401130205.2198253-15-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515051010019000 Content-Type: text/plain; charset="utf-8" TDX advertises core crystal clock with cpuid[0x15] as 25MHz for TD guests and it's unchangeable from VMM. As a result, TDX guest reads the APIC timer as the same frequency, 25MHz. While KVM's default emulated frequency for APIC bus is 1GHz, set the APIC bus rate to match with TDX explicitly to ensure KVM provide correct emulated APIC timer for TD guest. Signed-off-by: Xiaoyao Li Reviewed-by: Daniel P. Berrang=C3=A9 --- Changes in v6: - new patch; --- target/i386/kvm/tdx.c | 13 +++++++++++++ target/i386/kvm/tdx.h | 3 +++ 2 files changed, 16 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 77ddb2655c53..1a99b677686e 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -253,6 +253,19 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) init_vm =3D g_malloc0(sizeof(struct kvm_tdx_init_vm) + sizeof(struct kvm_cpuid_entry2) * KVM_MAX_CPUID_EN= TRIES); =20 + if (!kvm_check_extension(kvm_state, KVM_CAP_X86_APIC_BUS_CYCLES_NS)) { + error_setg(errp, "KVM doesn't support KVM_CAP_X86_APIC_BUS_CYCLES_= NS"); + return -EOPNOTSUPP; + } + + r =3D kvm_vm_enable_cap(kvm_state, KVM_CAP_X86_APIC_BUS_CYCLES_NS, + 0, TDX_APIC_BUS_CYCLES_NS); + if (r < 0) { + error_setg_errno(errp, -r, + "Unable to set core crystal clock frequency to 25= MHz"); + return r; + } + if (tdx_guest->mrconfigid) { g_autofree uint8_t *data =3D qbase64_decode(tdx_guest->mrconfigid, strlen(tdx_guest->mrconfigid), &data_len, er= rp); diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index e472b11fb0dd..d39e733d9fcc 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -16,6 +16,9 @@ typedef struct TdxGuestClass { X86ConfidentialGuestClass parent_class; } TdxGuestClass; =20 +/* TDX requires bus frequency 25MHz */ +#define TDX_APIC_BUS_CYCLES_NS 40 + typedef struct TdxGuest { X86ConfidentialGuest parent_obj; =20 --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515933; cv=none; d=zohomail.com; s=zohoarc; b=nBiLRHXCkOFnroVDVRl5eUEHC4pambLit57G83/qCp3ytbQO+Ic6E4aW6rzw+DD0jnw/yXLISCSw30DZ1IeDWvZhK4+bYTE+gvth6EGpyr1/hVDoQcZCKjrsP1j7jbJXBSSZne/KVo0L8v1R1lv4G/v7GubpzkqyH33knlu8uuA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515933; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=q4eBj8wnThE2O5mZEEeZAhoijYXyapjCsV48XNv6Tug=; b=mLoIn2Up8sbfgRd4aBgME57vP5c+R5a7qYvaJWPmf7TrKBJROXBt6exQMQpfZE43jEgd5PbKB212eEGgISq7UOzzOE7ZqL9SoFBxr/xrGhYu9rI7CTFXHCC32ricc372K47JZ3q+AaKG6JgyD2HzL4lwBuKbiAoyLh0eIcgLo7E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 174351593306653.22859494520151; Tue, 1 Apr 2025 06:58:53 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsu-0005lE-Rr; Tue, 01 Apr 2025 09:42:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsU-0005LZ-IH for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:09 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsR-0006XQ-QB for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:06 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:49 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:47 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514924; x=1775050924; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=xAaYt3pGr9BqYQ/XuVdsIqwLpd+erJRXz4wQDDuNtQU=; b=ciYDVUfMXPg3eDwLfwHSrD8m3NZy6GpqY2OjnG1tbd6OiXSNAnwwGY+5 EgR05xqo0F2Yr1iywmciZDF2hmPW0cWR2GnWO42NersG9d6JijsPIDghb iAbP9vgqtgVii2P0HWe7DjnmV60FfFXX7+tEQR0qv7SyI7PaMRmD8FuyZ c0n/IKjXQLIJB331C8+7uh19fBYvUa6lk/DQmc3spHFExf+faury4rutW OahWpQaLKSlPONkk1rkitgvs4kxMpgipU0JPX9MKcDIlwXpDhKhPIO+2m g6TUW+FjhNIScrXl9SAzWRSHOmQWBYum8AYKmywSBGo9Vdvhl4/UwBbor g==; X-CSE-ConnectionGUID: h0blNzBCQp+lSl2PW4apJg== X-CSE-MsgGUID: tsqNritrSOOFKIBdJ9TVUw== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433260" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433260" X-CSE-ConnectionGUID: JO5xuJA0Ro2+BkNXV6uzrQ== X-CSE-MsgGUID: PI9mUIOYSuWFuyjSC7h4FA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639977" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 15/55] i386/tdx: Implement user specified tsc frequency Date: Tue, 1 Apr 2025 09:01:25 -0400 Message-Id: <20250401130205.2198253-16-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515935425019100 Content-Type: text/plain; charset="utf-8" Reuse "-cpu,tsc-frequency=3D" to get user wanted tsc frequency and call VM scope VM_SET_TSC_KHZ to set the tsc frequency of TD before KVM_TDX_INIT_VM. Besides, sanity check the tsc frequency to be in the legal range and legal granularity (required by TDX module). Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann Reviewed-by: Daniel P. Berrang=C3=A9 --- Changes in v3: - use @errp to report error info; (Daniel) Changes in v1: - Use VM scope VM_SET_TSC_KHZ to set the TSC frequency of TD since KVM side drop the @tsc_khz field in struct kvm_tdx_init_vm --- target/i386/kvm/kvm.c | 9 +++++++++ target/i386/kvm/tdx.c | 25 +++++++++++++++++++++++++ 2 files changed, 34 insertions(+) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index a537699bb7df..7de5014051eb 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -869,6 +869,15 @@ static int kvm_arch_set_tsc_khz(CPUState *cs) int r, cur_freq; bool set_ioctl =3D false; =20 + /* + * TSC of TD vcpu is immutable, it cannot be set/changed via vcpu scope + * VM_SET_TSC_KHZ, but only be initialized via VM scope VM_SET_TSC_KHZ + * before ioctl KVM_TDX_INIT_VM in tdx_pre_create_vcpu() + */ + if (is_tdx_vm()) { + return 0; + } + if (!env->tsc_khz) { return 0; } diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 1a99b677686e..d9e49b7444f8 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -20,6 +20,9 @@ #include "kvm_i386.h" #include "tdx.h" =20 +#define TDX_MIN_TSC_FREQUENCY_KHZ (100 * 1000) +#define TDX_MAX_TSC_FREQUENCY_KHZ (10 * 1000 * 1000) + #define TDX_TD_ATTRIBUTES_DEBUG BIT_ULL(0) #define TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE BIT_ULL(28) #define TDX_TD_ATTRIBUTES_PKS BIT_ULL(30) @@ -266,6 +269,28 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) return r; } =20 + if (env->tsc_khz && (env->tsc_khz < TDX_MIN_TSC_FREQUENCY_KHZ || + env->tsc_khz > TDX_MAX_TSC_FREQUENCY_KHZ)) { + error_setg(errp, "Invalid TSC %ld KHz, must specify cpu_frequency " + "between [%d, %d] kHz", env->tsc_khz, + TDX_MIN_TSC_FREQUENCY_KHZ, TDX_MAX_TSC_FREQUENCY_= KHZ); + return -EINVAL; + } + + if (env->tsc_khz % (25 * 1000)) { + error_setg(errp, "Invalid TSC %ld KHz, it must be multiple of 25MH= z", + env->tsc_khz); + return -EINVAL; + } + + /* it's safe even env->tsc_khz is 0. KVM uses host's tsc_khz in this c= ase */ + r =3D kvm_vm_ioctl(kvm_state, KVM_SET_TSC_KHZ, env->tsc_khz); + if (r < 0) { + error_setg_errno(errp, -r, "Unable to set TSC frequency to %ld kHz= ", + env->tsc_khz); + return r; + } + if (tdx_guest->mrconfigid) { g_autofree uint8_t *data =3D qbase64_decode(tdx_guest->mrconfigid, strlen(tdx_guest->mrconfigid), &data_len, er= rp); --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515219; cv=none; d=zohomail.com; s=zohoarc; b=dFyPZpd6IiPUxrIX8SeK4hhFaAu/UH1+46tTkoh6amEs+3UFxOblJj8w2e4Et8wj4Tw1bdF/JTQwONHeUchAlNOQOAzS4XWY/4l4heHbxjNv3BdX8irfsRKvJ74xu9r5NMYTmZDph5AO2CeofPh+/teARpphqQLSmASg/gQntsM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515219; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=BBnygBHtNO/TVz02oaHaweYGSywvMqTRwabDeRLyF5Q=; b=G35RrJ/aaehFUDi9O/VWsojMWvK6YtzfkQFL7cIrngmuZflPhEcE5AEtqcb6KuqLnF5fgASO+akqIvhUDeecnuI+nmiUejqAZc2qkFp8et/TXyO+SS40BxH9yd1uhy3T4yGx0RSoNUDjMJAokDdjv4+kIn5jCx5ESrccYSO3RUU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515219740691.357766963759; Tue, 1 Apr 2025 06:46:59 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbt0-0005xu-0E; Tue, 01 Apr 2025 09:42:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsi-0005ZS-EX for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:25 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsd-0006Zf-Fo for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:17 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:52 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:49 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514935; x=1775050935; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=WrS7jNmZVgX3aZUWUQDY4IKZ0gq+uAjxSyzLOz1cHZM=; b=HULDQljmwIDxmzwJbFfW28hg2ERtA/HPuWABzBY2r56m+Pg7FU/9NfE7 +Dkoa0aLIxaBhkWKTCyOPKEWlsgeHiRx1IeQ4KnpFyiNWAsyLvjfsuiIg 8SJsPJCYhDWDhhsDLNNk/EAI6n6WjAS5yirk8gBjqodouQl60HkTFcwes Q4b8sknW0yR5oYMNXbUMKJmpBVBLyW5uoXclyKd4m6rjNgyFPbC8bML0S kapzwBD3Fdq8He88kM+zUveDkRuI/h8KUrI6lBcR0UMhrVz0FywEnt3+v QTkK15ou+QBnKLpNaPwXKSc4B6xjgbFFL4dtC7STLgLVzGER0C2BAGY8I Q==; X-CSE-ConnectionGUID: cTqmQLTcTtGWmk57vehj2g== X-CSE-MsgGUID: 3SN2sKDmR9mPvwOSW2bo9w== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433268" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433268" X-CSE-ConnectionGUID: GUv/yLtqTOS1hcggsvnYIQ== X-CSE-MsgGUID: 5J8v+jkDSgOOjAwtgOrylg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639981" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 16/55] i386/tdx: load TDVF for TD guest Date: Tue, 1 Apr 2025 09:01:26 -0400 Message-Id: <20250401130205.2198253-17-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515222002019000 Content-Type: text/plain; charset="utf-8" From: Chao Peng TDVF(OVMF) needs to run at private memory for TD guest. TDX cannot support pflash device since it doesn't support read-only private memory. Thus load TDVF(OVMF) with -bios option for TDs. Use memory_region_init_ram_guest_memfd() to allocate the MemoryRegion for TDVF because it needs to be located at private memory. Also store the MemoryRegion pointer of TDVF since the shared ramblock of it can be discared after it gets copied to private ramblock. Signed-off-by: Chao Peng Co-developed-by: Xiaoyao Li Signed-off-by: Xiaoyao Li --- hw/i386/x86-common.c | 6 +++++- target/i386/kvm/tdx.c | 6 ++++++ target/i386/kvm/tdx.h | 3 +++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/hw/i386/x86-common.c b/hw/i386/x86-common.c index 1b0671c52397..b1b5f11e7396 100644 --- a/hw/i386/x86-common.c +++ b/hw/i386/x86-common.c @@ -44,6 +44,7 @@ #include "standard-headers/asm-x86/bootparam.h" #include CONFIG_DEVICES #include "kvm/kvm_i386.h" +#include "kvm/tdx.h" =20 #ifdef CONFIG_XEN_EMU #include "hw/xen/xen.h" @@ -1035,11 +1036,14 @@ void x86_bios_rom_init(X86MachineState *x86ms, cons= t char *default_firmware, if (machine_require_guest_memfd(MACHINE(x86ms))) { memory_region_init_ram_guest_memfd(&x86ms->bios, NULL, "pc.bios", bios_size, &error_fatal); + if (is_tdx_vm()) { + tdx_set_tdvf_region(&x86ms->bios); + } } else { memory_region_init_ram(&x86ms->bios, NULL, "pc.bios", bios_size, &error_fatal); } - if (sev_enabled()) { + if (sev_enabled() || is_tdx_vm()) { /* * The concept of a "reset" simply doesn't exist for * confidential computing guests, we have to destroy and diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index d9e49b7444f8..b7f6f3b708b0 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -137,6 +137,12 @@ static int get_tdx_capabilities(Error **errp) return 0; } =20 +void tdx_set_tdvf_region(MemoryRegion *tdvf_mr) +{ + assert(!tdx_guest->tdvf_mr); + tdx_guest->tdvf_mr =3D tdvf_mr; +} + static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) { TdxGuest *tdx =3D TDX_GUEST(cgs); diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index d39e733d9fcc..b73461b8d8a3 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -30,6 +30,8 @@ typedef struct TdxGuest { char *mrconfigid; /* base64 encoded sha348 digest */ char *mrowner; /* base64 encoded sha348 digest */ char *mrownerconfig; /* base64 encoded sha348 digest */ + + MemoryRegion *tdvf_mr; } TdxGuest; =20 #ifdef CONFIG_TDX @@ -39,5 +41,6 @@ bool is_tdx_vm(void); #endif /* CONFIG_TDX */ =20 int tdx_pre_create_vcpu(CPUState *cpu, Error **errp); +void tdx_set_tdvf_region(MemoryRegion *tdvf_mr); =20 #endif /* QEMU_I386_TDX_H */ --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515097; cv=none; d=zohomail.com; s=zohoarc; b=O16zXQi5gojfgNGTg7TfvIiMB8TWsAPskomy3FMS6dN+nfdCOCMO/dP1oQoObfBMtDaX1x8rRzsAFcBsGiTVVVQlu9SRYB8QqOuGLSCdu4/9w7sONoGpPBtYz8M9UDHvT68zJUIhy/56KdqCcksuM8YXmPlA1NQ9HKKV8EebDPs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515097; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=oVh8Qvk5m57Mfw/xVFhrp4EOWRXgnlBlJHxuPxWY6V8=; b=Rist9iFtyjqfHR+Y2huoyNCQakSCUpXMmP5J0tt9kV3U9xwSQwjX1LrUC7VJ/axypBT4xpqOLGEEpjcKNsk5JcIGeFmdSa/kloxDCmad66yLEHNHJmvvjY6IdhBdFmDJeo5+wepOubP/g9gbWk8ewd8FPY8a3rlou1CrHyPbE4Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515097049514.3104083170393; Tue, 1 Apr 2025 06:44:57 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbt5-0006En-Ag; Tue, 01 Apr 2025 09:42:43 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsi-0005ZZ-FL for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:25 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbse-0006ZP-Qv for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:18 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:55 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:52 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514937; x=1775050937; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=WTwtv/6pKBWaG3jox22sfdZ9prfinUFSMGgNvIrq8p8=; b=IhcSgcgQv6LHeFRDHM1+/RxApTpYOh9o1Pot0bPko///FMVFkgyBSHFh tdwqHOqpiUEwVKvXVjvJafsi1Sz3gG7TVeUxBTSFUTYNGwBE31x1xc0Lr C/5MSX2a3yprjE2y4JqLVQfwy1inrNzstx5T/0i8vAjE91gMAk+k7fNJB DpSQKg6MALtIn6kz/FqjfuWj3kTceL1jfhQ0tYKDYsWigMVPHI6Jtbuc+ K+3sOsSn9n6lvo/SrfNjd36JwFkbHEb/MGPaS/hSUbBvEs3btX1zDvZjy CuLWrjxRwggZd7SWrBAJAJhhgvbZ42RaBlsI/yUzXfiOKo97XSlgBeCL0 Q==; X-CSE-ConnectionGUID: TK9T3xrkQU2M7xoECp/4Ew== X-CSE-MsgGUID: Fo8YmrM0Rv+I2yuPXhwKjg== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433274" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433274" X-CSE-ConnectionGUID: 5Vp8bJXhTgWTW+M+OwyPZA== X-CSE-MsgGUID: BSRXXYzBQm+v2H4sUCO2rQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639984" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 17/55] i386/tdvf: Introduce function to parse TDVF metadata Date: Tue, 1 Apr 2025 09:01:27 -0400 Message-Id: <20250401130205.2198253-18-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515099375019100 Content-Type: text/plain; charset="utf-8" From: Isaku Yamahata TDX VM needs to boot with its specialized firmware, Trusted Domain Virtual Firmware (TDVF). QEMU needs to parse TDVF and map it in TD guest memory prior to running the TDX VM. A TDVF Metadata in TDVF image describes the structure of firmware. QEMU refers to it to setup memory for TDVF. Introduce function tdvf_parse_metadata() to parse the metadata from TDVF image and store the info of each TDVF section. TDX metadata is located by a TDX metadata offset block, which is a GUID-ed structure. The data portion of the GUID structure contains only an 4-byte field that is the offset of TDX metadata to the end of firmware file. Select X86_FW_OVMF when TDX is enable to leverage existing functions to parse and search OVMF's GUID-ed structures. Signed-off-by: Isaku Yamahata Co-developed-by: Xiaoyao Li Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- Changes in v8: - Drop the failure handling of memcpy() since it cannot fail; Changes in v7: - Update license info to only use SPDX tag; - use g_autofree to avoid manually free; Changes in v6: - Drop the the data endianness change for metadata->Length; Changes in v1: - rename tdvf_parse_section_entry() to tdvf_parse_and_check_section_entry() Changes in RFC v4: - rename TDX_METADATA_GUID to TDX_METADATA_OFFSET_GUID --- hw/i386/Kconfig | 1 + hw/i386/meson.build | 1 + hw/i386/tdvf.c | 183 +++++++++++++++++++++++++++++++++++++++++ include/hw/i386/tdvf.h | 38 +++++++++ 4 files changed, 223 insertions(+) create mode 100644 hw/i386/tdvf.c create mode 100644 include/hw/i386/tdvf.h diff --git a/hw/i386/Kconfig b/hw/i386/Kconfig index cce9521ba934..eb65bda6e071 100644 --- a/hw/i386/Kconfig +++ b/hw/i386/Kconfig @@ -12,6 +12,7 @@ config SGX =20 config TDX bool + select X86_FW_OVMF depends on KVM =20 config PC diff --git a/hw/i386/meson.build b/hw/i386/meson.build index 10bdfde27c69..3bc1da2b6eb4 100644 --- a/hw/i386/meson.build +++ b/hw/i386/meson.build @@ -32,6 +32,7 @@ i386_ss.add(when: 'CONFIG_PC', if_true: files( 'port92.c')) i386_ss.add(when: 'CONFIG_X86_FW_OVMF', if_true: files('pc_sysfw_ovmf.c'), if_false: files('pc_sysfw_ovmf-stu= bs.c')) +i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c')) =20 subdir('kvm') subdir('xen') diff --git a/hw/i386/tdvf.c b/hw/i386/tdvf.c new file mode 100644 index 000000000000..328d1b7ffdf8 --- /dev/null +++ b/hw/i386/tdvf.c @@ -0,0 +1,183 @@ +/* + * Copyright (c) 2025 Intel Corporation + * Author: Isaku Yamahata + * + * Xiaoyao Li + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "qemu/osdep.h" +#include "qemu/error-report.h" + +#include "hw/i386/pc.h" +#include "hw/i386/tdvf.h" +#include "system/kvm.h" + +#define TDX_METADATA_OFFSET_GUID "e47a6535-984a-4798-865e-4685a7bf8ec2" +#define TDX_METADATA_VERSION 1 +#define TDVF_SIGNATURE 0x46564454 /* TDVF as little endian */ + +typedef struct { + uint32_t DataOffset; + uint32_t RawDataSize; + uint64_t MemoryAddress; + uint64_t MemoryDataSize; + uint32_t Type; + uint32_t Attributes; +} TdvfSectionEntry; + +typedef struct { + uint32_t Signature; + uint32_t Length; + uint32_t Version; + uint32_t NumberOfSectionEntries; + TdvfSectionEntry SectionEntries[]; +} TdvfMetadata; + +struct tdx_metadata_offset { + uint32_t offset; +}; + +static TdvfMetadata *tdvf_get_metadata(void *flash_ptr, int size) +{ + TdvfMetadata *metadata; + uint32_t offset =3D 0; + uint8_t *data; + + if ((uint32_t) size !=3D size) { + return NULL; + } + + if (pc_system_ovmf_table_find(TDX_METADATA_OFFSET_GUID, &data, NULL)) { + offset =3D size - le32_to_cpu(((struct tdx_metadata_offset *)data)= ->offset); + + if (offset + sizeof(*metadata) > size) { + return NULL; + } + } else { + error_report("Cannot find TDX_METADATA_OFFSET_GUID"); + return NULL; + } + + metadata =3D flash_ptr + offset; + + /* Finally, verify the signature to determine if this is a TDVF image.= */ + metadata->Signature =3D le32_to_cpu(metadata->Signature); + if (metadata->Signature !=3D TDVF_SIGNATURE) { + error_report("Invalid TDVF signature in metadata!"); + return NULL; + } + + /* Sanity check that the TDVF doesn't overlap its own metadata. */ + metadata->Length =3D le32_to_cpu(metadata->Length); + if (offset + metadata->Length > size) { + return NULL; + } + + /* Only version 1 is supported/defined. */ + metadata->Version =3D le32_to_cpu(metadata->Version); + if (metadata->Version !=3D TDX_METADATA_VERSION) { + return NULL; + } + + return metadata; +} + +static int tdvf_parse_and_check_section_entry(const TdvfSectionEntry *src, + TdxFirmwareEntry *entry) +{ + entry->data_offset =3D le32_to_cpu(src->DataOffset); + entry->data_len =3D le32_to_cpu(src->RawDataSize); + entry->address =3D le64_to_cpu(src->MemoryAddress); + entry->size =3D le64_to_cpu(src->MemoryDataSize); + entry->type =3D le32_to_cpu(src->Type); + entry->attributes =3D le32_to_cpu(src->Attributes); + + /* sanity check */ + if (entry->size < entry->data_len) { + error_report("Broken metadata RawDataSize 0x%x MemoryDataSize 0x%l= x", + entry->data_len, entry->size); + return -1; + } + if (!QEMU_IS_ALIGNED(entry->address, TARGET_PAGE_SIZE)) { + error_report("MemoryAddress 0x%lx not page aligned", entry->addres= s); + return -1; + } + if (!QEMU_IS_ALIGNED(entry->size, TARGET_PAGE_SIZE)) { + error_report("MemoryDataSize 0x%lx not page aligned", entry->size); + return -1; + } + + switch (entry->type) { + case TDVF_SECTION_TYPE_BFV: + case TDVF_SECTION_TYPE_CFV: + /* The sections that must be copied from firmware image to TD memo= ry */ + if (entry->data_len =3D=3D 0) { + error_report("%d section with RawDataSize =3D=3D 0", entry->ty= pe); + return -1; + } + break; + case TDVF_SECTION_TYPE_TD_HOB: + case TDVF_SECTION_TYPE_TEMP_MEM: + /* The sections that no need to be copied from firmware image */ + if (entry->data_len !=3D 0) { + error_report("%d section with RawDataSize 0x%x !=3D 0", + entry->type, entry->data_len); + return -1; + } + break; + default: + error_report("TDVF contains unsupported section type %d", entry->t= ype); + return -1; + } + + return 0; +} + +int tdvf_parse_metadata(TdxFirmware *fw, void *flash_ptr, int size) +{ + g_autofree TdvfSectionEntry *sections =3D NULL; + TdvfMetadata *metadata; + ssize_t entries_size; + int i; + + metadata =3D tdvf_get_metadata(flash_ptr, size); + if (!metadata) { + return -EINVAL; + } + + /* load and parse metadata entries */ + fw->nr_entries =3D le32_to_cpu(metadata->NumberOfSectionEntries); + if (fw->nr_entries < 2) { + error_report("Invalid number of fw entries (%u) in TDVF Metadata", + fw->nr_entries); + return -EINVAL; + } + + entries_size =3D fw->nr_entries * sizeof(TdvfSectionEntry); + if (metadata->Length !=3D sizeof(*metadata) + entries_size) { + error_report("TDVF metadata len (0x%x) mismatch, expected (0x%x)", + metadata->Length, + (uint32_t)(sizeof(*metadata) + entries_size)); + return -EINVAL; + } + + fw->entries =3D g_new(TdxFirmwareEntry, fw->nr_entries); + sections =3D g_new(TdvfSectionEntry, fw->nr_entries); + + memcpy(sections, (void *)metadata + sizeof(*metadata), entries_size); + + for (i =3D 0; i < fw->nr_entries; i++) { + if (tdvf_parse_and_check_section_entry(§ions[i], &fw->entries[= i])) { + goto err; + } + } + + return 0; + +err: + fw->entries =3D 0; + g_free(fw->entries); + return -EINVAL; +} diff --git a/include/hw/i386/tdvf.h b/include/hw/i386/tdvf.h new file mode 100644 index 000000000000..7ebcac42a36c --- /dev/null +++ b/include/hw/i386/tdvf.h @@ -0,0 +1,38 @@ +/* + * Copyright (c) 2025 Intel Corporation + * Author: Isaku Yamahata + * + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef HW_I386_TDVF_H +#define HW_I386_TDVF_H + +#include "qemu/osdep.h" + +#define TDVF_SECTION_TYPE_BFV 0 +#define TDVF_SECTION_TYPE_CFV 1 +#define TDVF_SECTION_TYPE_TD_HOB 2 +#define TDVF_SECTION_TYPE_TEMP_MEM 3 + +#define TDVF_SECTION_ATTRIBUTES_MR_EXTEND (1U << 0) +#define TDVF_SECTION_ATTRIBUTES_PAGE_AUG (1U << 1) + +typedef struct TdxFirmwareEntry { + uint32_t data_offset; + uint32_t data_len; + uint64_t address; + uint64_t size; + uint32_t type; + uint32_t attributes; +} TdxFirmwareEntry; + +typedef struct TdxFirmware { + uint32_t nr_entries; + TdxFirmwareEntry *entries; +} TdxFirmware; + +int tdvf_parse_metadata(TdxFirmware *fw, void *flash_ptr, int size); + +#endif /* HW_I386_TDVF_H */ --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515328; cv=none; d=zohomail.com; s=zohoarc; b=gzhxxjKEs5Pc0AjrzN0klCBxhVAz0DHIRJVQMAwXHobfaeeQyEYL/DBv/PavMx6+vYPvId0AxMQEuWflSLhw5r6RLvy9TJFhLLvaM2QfBTQ217zjRDNUqm5Ezl/3Ti3u3igYKQeG7zj5P4Qjx52MaCM1JnOakjS7uq2V7GGLqgQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515328; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=ytSoWURpbFMWWWJ4PqxGWgonB78XBU4m5OyyjElsGiA=; b=RQPvU5+diaB8+ggv8UttUEl9HbsC6+zuAy75XFiaoMdvYrqz8gG9E+m0DYNvTDY864s4xYlazINqHvk3SnNbBCdoMzLE5MqgLXRqu65T0KYsW8knfBB/B7e1X2KmnSkx6AGICvety4jeyOMtssKzybDKZRyaavP1hRJU5JdmlRI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 174351532808986.29545040550397; Tue, 1 Apr 2025 06:48:48 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbsz-0005uu-Cb; Tue, 01 Apr 2025 09:42:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsi-0005Z6-EN for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:25 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbse-0006XQ-SG for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:18 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:41:57 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:55 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514937; x=1775050937; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=sxVxSLY969vjMMJAy3VMY7IIIEboKcdTT7ho1/4wp/I=; b=i4F+6ymgS5D3okZhVliwRceObA0p3gG7GZqnOeJk/8ze/SkwMK2jRe72 cJcTxSyhPIGDZtrbuIPuy09ueQmZZqf7JvHIYj+NzFtT5ONmSJi2u2TQV cZdcJZUuH4NKfo9NsmAf2/p6s5xg7pCJ4MMnwbHYlSvg9hZahyiiLqYJR 2OEDcSI+jFIK3JurKpjV+n9/Pl7qegU4Lb90J9B4td2D4QoXG/gVC6IxP CrIy/1yo5gO69oNsHwTTulDc4Ip5yEjNszHJcGt5DhhqeRVKeCkZALjxi 6jP228GUgf02FipHAERTPfCSr44PT4V0YPSxjI/SP05Z4vmoNXmzH6hIY g==; X-CSE-ConnectionGUID: RFarozPSTxqRuoO8CZa3KA== X-CSE-MsgGUID: ag8v/WCoQmO7deebRdgBGQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433284" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433284" X-CSE-ConnectionGUID: yiUUuoCrRsmdPBgyoUPRLA== X-CSE-MsgGUID: GFkswqk0TsOJBpTL1Q07mw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126639990" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 18/55] i386/tdx: Parse TDVF metadata for TDX VM Date: Tue, 1 Apr 2025 09:01:28 -0400 Message-Id: <20250401130205.2198253-19-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515330199019100 Content-Type: text/plain; charset="utf-8" After TDVF is loaded to bios MemoryRegion, it needs parse TDVF metadata. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann Reviewed-by: Daniel P. Berrang=C3=A9 --- hw/i386/pc_sysfw.c | 7 +++++++ target/i386/kvm/tdx-stub.c | 5 +++++ target/i386/kvm/tdx.c | 5 +++++ target/i386/kvm/tdx.h | 3 +++ 4 files changed, 20 insertions(+) diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index 1eeb58ab37f9..821396c16e91 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -37,6 +37,7 @@ #include "hw/block/flash.h" #include "system/kvm.h" #include "target/i386/sev.h" +#include "kvm/tdx.h" =20 #define FLASH_SECTOR_SIZE 4096 =20 @@ -280,5 +281,11 @@ void x86_firmware_configure(hwaddr gpa, void *ptr, int= size) } =20 sev_encrypt_flash(gpa, ptr, size, &error_fatal); + } else if (is_tdx_vm()) { + ret =3D tdx_parse_tdvf(ptr, size); + if (ret) { + error_report("failed to parse TDVF for TDX VM"); + exit(1); + } } } diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c index 2344433594ea..7748b6d0a446 100644 --- a/target/i386/kvm/tdx-stub.c +++ b/target/i386/kvm/tdx-stub.c @@ -8,3 +8,8 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) { return -EINVAL; } + +int tdx_parse_tdvf(void *flash_ptr, int size) +{ + return -EINVAL; +} diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index b7f6f3b708b0..8d3475c6752c 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -372,6 +372,11 @@ int tdx_pre_create_vcpu(CPUState *cpu, Error **errp) return 0; } =20 +int tdx_parse_tdvf(void *flash_ptr, int size) +{ + return tdvf_parse_metadata(&tdx_guest->tdvf, flash_ptr, size); +} + static bool tdx_guest_get_sept_ve_disable(Object *obj, Error **errp) { TdxGuest *tdx =3D TDX_GUEST(obj); diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index b73461b8d8a3..28a03c2a7b82 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -8,6 +8,7 @@ #endif =20 #include "confidential-guest.h" +#include "hw/i386/tdvf.h" =20 #define TYPE_TDX_GUEST "tdx-guest" #define TDX_GUEST(obj) OBJECT_CHECK(TdxGuest, (obj), TYPE_TDX_GUEST) @@ -32,6 +33,7 @@ typedef struct TdxGuest { char *mrownerconfig; /* base64 encoded sha348 digest */ =20 MemoryRegion *tdvf_mr; + TdxFirmware tdvf; } TdxGuest; =20 #ifdef CONFIG_TDX @@ -42,5 +44,6 @@ bool is_tdx_vm(void); =20 int tdx_pre_create_vcpu(CPUState *cpu, Error **errp); void tdx_set_tdvf_region(MemoryRegion *tdvf_mr); +int tdx_parse_tdvf(void *flash_ptr, int size); =20 #endif /* QEMU_I386_TDX_H */ --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743514981; cv=none; d=zohomail.com; s=zohoarc; b=KDPXcclxYiM7hKz1GmqYwb4v6uFQrdb3FDQfh3C+4+Pkuhdx+u/Q9pa2k1LwBKYlaIrY1swVpPUPkNU01psdusOgq2wlCSFEhaiwO3CzBg3mrZ83Jyt3Q1A/YOOzHeh6IxFJzSllOKj4k6s6GXxbtJnmuFHDgSKc9LuuxcOjbJQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743514981; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=8kuLJfxsawN5+8Duov5XmN2VI/huj4DycBVW1buboBY=; b=JUl0I0de+JhCVPfUE3Een+UWkx+EbsPofgVumRoXC2YYiIh+p0Q3hvLiCZkabs+IfjxgTuDwbxflVxsBA5UeGLvV8QdGL6SbhNwkye99fWp/JLYqfMOwTLiUERd3mFQ8481+8pu0ujK9idRVXg2olmH0yiqDlrHTqit4LfWq6O4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743514981667695.6429493099415; Tue, 1 Apr 2025 06:43:01 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbt8-0006Wp-M9; Tue, 01 Apr 2025 09:42:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsw-0005sJ-Ar for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:36 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbss-0006Zf-S2 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:33 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:00 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:41:57 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514951; x=1775050951; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=nlAe9WpERrXUlGfHAoVGpLsg+Xj3YjTCOkA2zr+Kkfg=; b=Z4QLeOdtZXgcQYbrJHXiP4WY+dcg8C0Zxj8jXizGrKWr8xbDRZWeALIq jEAxDp4IhzX52dMpCrbXoAooNq4BaezfvtMVopZv/3shx4e8z26Byn1WW p5NuoRtkBHt397w2TITqX2tnaZUGp4r3UckAxosGrNgHVZopq/Qf0lZI+ MGPHs6lAmpfqsckzobwrB4uisiFyMfcLv1i3bdiMuuUBfyuD07MKpbqjo jM0PKHgkKIVopM30YIA8N0cQlQl3ozA/uuNoE2/U6oBeRCEaPTnIkPwTx NznCfSyabc/I6bjkBHEjqziWJmsyca9+5ms1bROTrcxDjvbatM2TyBtAd g==; X-CSE-ConnectionGUID: ma9VuIJCQLmXGkoigC77qA== X-CSE-MsgGUID: byWRbXSFRk2TDgmm5y89nw== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433304" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433304" X-CSE-ConnectionGUID: Z9lq0syESzaQSrUYYJUqTA== X-CSE-MsgGUID: OBFd8pIrQ1yyIJQIep3UJA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640001" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 19/55] i386/tdx: Don't initialize pc.rom for TDX VMs Date: Tue, 1 Apr 2025 09:01:29 -0400 Message-Id: <20250401130205.2198253-20-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743514983278019000 Content-Type: text/plain; charset="utf-8" For TDX, the address below 1MB are entirely general RAM. No need to initialize pc.rom memory region for TDs. Signed-off-by: Xiaoyao Li --- This is more as a workaround of the issue that for q35 machine type, the real memslot update (which requires memslot deletion )for pc.rom happens after tdx_init_memory_region. It leads to the private memory ADD'ed before get lost. I haven't work out a good solution to resolve the order issue. So just skip the pc.rom setup to avoid memslot deletion. --- hw/i386/pc.c | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/hw/i386/pc.c b/hw/i386/pc.c index 01d0581f62a3..bcbbea235645 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -43,6 +43,7 @@ #include "system/xen.h" #include "system/reset.h" #include "kvm/kvm_i386.h" +#include "kvm/tdx.h" #include "hw/xen/xen.h" #include "qobject/qlist.h" #include "qemu/error-report.h" @@ -972,21 +973,23 @@ void pc_memory_init(PCMachineState *pcms, /* Initialize PC system firmware */ pc_system_firmware_init(pcms, rom_memory); =20 - option_rom_mr =3D g_malloc(sizeof(*option_rom_mr)); - if (machine_require_guest_memfd(machine)) { - memory_region_init_ram_guest_memfd(option_rom_mr, NULL, "pc.rom", - PC_ROM_SIZE, &error_fatal); - } else { - memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE, - &error_fatal); - if (pcmc->pci_enabled) { - memory_region_set_readonly(option_rom_mr, true); + if (!is_tdx_vm()) { + option_rom_mr =3D g_malloc(sizeof(*option_rom_mr)); + if (machine_require_guest_memfd(machine)) { + memory_region_init_ram_guest_memfd(option_rom_mr, NULL, "pc.ro= m", + PC_ROM_SIZE, &error_fatal); + } else { + memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_S= IZE, + &error_fatal); + if (pcmc->pci_enabled) { + memory_region_set_readonly(option_rom_mr, true); + } } + memory_region_add_subregion_overlap(rom_memory, + PC_ROM_MIN_VGA, + option_rom_mr, + 1); } - memory_region_add_subregion_overlap(rom_memory, - PC_ROM_MIN_VGA, - option_rom_mr, - 1); =20 fw_cfg =3D fw_cfg_arch_create(machine, x86ms->boot_cpus, x86ms->apic_id_limit); --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515076; cv=none; d=zohomail.com; s=zohoarc; b=nP58VctEwxXQ0PsAfdrTbGDzawtgYoBeUNvYijNstBcVPMJSsO/y9ga8fh3W1GckMTbmtAjWl0rrYxLeIADPqnaJKP7dA7CflBjin5jT4ItqxLm2ZRMMOISKvQaWgTm3mxIC6aZx7crbWJNlAiC9m2n/VZ0sh6S7RVHGjLMuuFE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515076; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=QJ8aGJlKqSeiOTzvSNDFHgAUfotDloDNlgy7mLG3JdE=; b=oE//YHQIRRU1vOKSkpOgcLLGqd0CJ4HBEUcD26r08y5ckRlAAwFumY0Z4YLQbh8X71fCze+/ltPNc4Yt18P7quxlFElSXo9qakWTIqrKziOpWfjjPSGKOLdX3gpH+chzp3Xi/Pif21kYL4I5WUk9uYaoAHfnuPVpVFgPJt3m/wU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 174351507645776.89100056835139; Tue, 1 Apr 2025 06:44:36 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbt6-0006Lv-RI; Tue, 01 Apr 2025 09:42:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsw-0005sH-9H for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:36 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbss-0006XQ-PA for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:32 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:03 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:00 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514950; x=1775050950; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=CKmX1iaFP6SFm1inEVYYWN5LaTESmg2ki/cn9rJWKX0=; b=EZOy69ylAYqEcGyEZ61bDF62X07ddyZJkLRXSOw5CUds635bR+zBAqXM A3JZo+J5c6c8qsRvh8fP9X7r3hyA/gPIUJid/7s6Vks692ZyZJRgv+Dnt a4asyqm1HTZTKd64whMn8vcP3+K46/tPuPjSYywgMtQe/Oz9nX9ReTpqr 31f4CLNpXhT3iMVtDhVELp6K3A1mhdYHdFMEwB1lYoOVK1E6dcCMlKPXO WVT7+F9pVaWs3bZ8WxeMTCOKyTUE+nulODk0h532lu1TuRrELKFXUuQPR DZ/FC3dPPCuJ82PzzvTexvtzDiWvG1e2QUz9RtaPpMuWE0L/h07KT+y5D Q==; X-CSE-ConnectionGUID: lhm+XYu3TVq496/A87ZPzA== X-CSE-MsgGUID: UpeAL9QeTECtUCd2SuvTtA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433317" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433317" X-CSE-ConnectionGUID: JbfrkW+TTPKtMnBVcZWjjw== X-CSE-MsgGUID: wgWx1SAIQeWj6hi9zmUjgg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640028" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 20/55] i386/tdx: Track mem_ptr for each firmware entry of TDVF Date: Tue, 1 Apr 2025 09:01:30 -0400 Message-Id: <20250401130205.2198253-21-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515077108019000 Content-Type: text/plain; charset="utf-8" For each TDVF sections, QEMU needs to copy the content to guest private memory via KVM API (KVM_TDX_INIT_MEM_REGION). Introduce a field @mem_ptr for TdxFirmwareEntry to track the memory pointer of each TDVF sections. So that QEMU can add/copy them to guest private memory later. TDVF sections can be classified into two groups: - Firmware itself, e.g., TDVF BFV and CFV, that located separately from guest RAM. Its memory pointer is the bios pointer. - Sections located at guest RAM, e.g., TEMP_MEM and TD_HOB. mmap a new memory range for them. Register a machine_init_done callback to do the stuff. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- Changes in v8: - Remove the duplicated header include; - Add error handling for qemu_ram_mmap() failure; --- hw/i386/tdvf.c | 1 + include/hw/i386/tdvf.h | 7 +++++++ target/i386/kvm/tdx.c | 37 +++++++++++++++++++++++++++++++++++++ 3 files changed, 45 insertions(+) diff --git a/hw/i386/tdvf.c b/hw/i386/tdvf.c index 328d1b7ffdf8..840c392c44ab 100644 --- a/hw/i386/tdvf.c +++ b/hw/i386/tdvf.c @@ -174,6 +174,7 @@ int tdvf_parse_metadata(TdxFirmware *fw, void *flash_pt= r, int size) } } =20 + fw->mem_ptr =3D flash_ptr; return 0; =20 err: diff --git a/include/hw/i386/tdvf.h b/include/hw/i386/tdvf.h index 7ebcac42a36c..e75c8d1acc68 100644 --- a/include/hw/i386/tdvf.h +++ b/include/hw/i386/tdvf.h @@ -26,13 +26,20 @@ typedef struct TdxFirmwareEntry { uint64_t size; uint32_t type; uint32_t attributes; + + void *mem_ptr; } TdxFirmwareEntry; =20 typedef struct TdxFirmware { + void *mem_ptr; + uint32_t nr_entries; TdxFirmwareEntry *entries; } TdxFirmware; =20 +#define for_each_tdx_fw_entry(fw, e) \ + for (e =3D (fw)->entries; e !=3D (fw)->entries + (fw)->nr_entries; e++) + int tdvf_parse_metadata(TdxFirmware *fw, void *flash_ptr, int size); =20 #endif /* HW_I386_TDVF_H */ diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 8d3475c6752c..0885b99cfb88 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -12,10 +12,13 @@ #include "qemu/osdep.h" #include "qemu/error-report.h" #include "qemu/base64.h" +#include "qemu/mmap-alloc.h" #include "qapi/error.h" #include "qom/object_interfaces.h" #include "crypto/hash.h" +#include "system/system.h" =20 +#include "hw/i386/tdvf.h" #include "hw/i386/x86.h" #include "kvm_i386.h" #include "tdx.h" @@ -143,6 +146,38 @@ void tdx_set_tdvf_region(MemoryRegion *tdvf_mr) tdx_guest->tdvf_mr =3D tdvf_mr; } =20 +static void tdx_finalize_vm(Notifier *notifier, void *unused) +{ + TdxFirmware *tdvf =3D &tdx_guest->tdvf; + TdxFirmwareEntry *entry; + + for_each_tdx_fw_entry(tdvf, entry) { + switch (entry->type) { + case TDVF_SECTION_TYPE_BFV: + case TDVF_SECTION_TYPE_CFV: + entry->mem_ptr =3D tdvf->mem_ptr + entry->data_offset; + break; + case TDVF_SECTION_TYPE_TD_HOB: + case TDVF_SECTION_TYPE_TEMP_MEM: + entry->mem_ptr =3D qemu_ram_mmap(-1, entry->size, + qemu_real_host_page_size(), 0, = 0); + if (entry->mem_ptr =3D=3D MAP_FAILED) { + error_report("Failed to mmap memory for TDVF section %d", + entry->type); + exit(1); + } + break; + default: + error_report("Unsupported TDVF section %d", entry->type); + exit(1); + } + } +} + +static Notifier tdx_machine_done_notify =3D { + .notify =3D tdx_finalize_vm, +}; + static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) { TdxGuest *tdx =3D TDX_GUEST(cgs); @@ -157,6 +192,8 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs, = Error **errp) } } =20 + qemu_add_machine_init_done_notifier(&tdx_machine_done_notify); + tdx_guest =3D tdx; return 0; } --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515666; cv=none; d=zohomail.com; s=zohoarc; b=WuAJNnD2vNIqFUQEIH4NERZgUOb6FIKI+epi0RsfiupHFjga4qHHg3tt/bsF/D1cm/iuGFywycu+QTGbPjKDZ4S6X64M9tIUZqrxlt4zJUTHI5sXsBdGoBuBahQ5Sf6fZuAcyaGoNRtyxysBk78AvyY4ixFs+FlM4ABwFFXsbrA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515666; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=rdPJFcina6ZosQjFBq1FWeaF2aKDxajWJ3nMl8+GJpQ=; b=JHyiyiAhcy0nacYd5xHawIRDUIScxAFpkawMJai90zdMMUV9jLSJcQh+SFvwMxnE9Xt27Pp3ee8Pxw4RvoGct1vNSCb6ECLg6SyclZV5LcAG+8uqS2ntR+gL7XlW9h1dAHhbMpv2fHKDjA8SM8VAl0/5v6blHOeZX1fXu3VyZYU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515666632686.0246391971837; Tue, 1 Apr 2025 06:54:26 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbt7-0006RC-NK; Tue, 01 Apr 2025 09:42:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbsw-0005sI-9V for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:36 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbss-0006ZP-PA for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:33 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:05 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:03 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514950; x=1775050950; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=L0fA5jNVBrqO1OEsWr7LmOE7WG7UbY1S/6Fi3HN47DQ=; b=G1dARIoNWJpYtw8mFJDavYX9ng8U/gHvCyo/7rQ1sM8BbdDTbDXgfS8I 8/kPb/tA0Y/bOtLZXFuGaIxBdYql9dxOzpGIg3GNtBOMgJrf9w/nyurU9 K7wX+sTGbudJ1UWs4csBAvXcWuYUosm98322XYKIUdQoc6hXpQzwR6AoU ZHRjKM91tsAEVizGk1GQxXf27fLpVuFPA2nmS9jRtOjlGxfReZWwr8QcR cMVD06Jjhzwnb2tkTZUjJvAF64sOb2xbziPD77yn/fJxkKtEaFf+qE6f9 wsHwiDUnCTFoFtz+ndge2JIJ4Kwqh5j8j3yjFhUFqU1Qd6FbmrE+xKncL Q==; X-CSE-ConnectionGUID: S4df1yt6QfOdD6BWJ5Ztwg== X-CSE-MsgGUID: 1RE/OVxPR6ejvpSmv8hhJQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433323" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433323" X-CSE-ConnectionGUID: d5XoA9MNR5qfrubGKFIiRA== X-CSE-MsgGUID: xUYwL9paRGiW6pdTcF896A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640039" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 21/55] i386/tdx: Track RAM entries for TDX VM Date: Tue, 1 Apr 2025 09:01:31 -0400 Message-Id: <20250401130205.2198253-22-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515668575019100 Content-Type: text/plain; charset="utf-8" The RAM of TDX VM can be classified into two types: - TDX_RAM_UNACCEPTED: default type of TDX memory, which needs to be accepted by TDX guest before it can be used and will be all-zeros after being accepted. - TDX_RAM_ADDED: the RAM that is ADD'ed to TD guest before running, and can be used directly. E.g., TD HOB and TEMP MEM that needed by TDVF. Maintain TdxRamEntries[] which grabs the initial RAM info from e820 table and mark each RAM range as default type TDX_RAM_UNACCEPTED. Then turn the range of TD HOB and TEMP MEM to TDX_RAM_ADDED since these ranges will be ADD'ed before TD runs and no need to be accepted runtime. The TdxRamEntries[] are later used to setup the memory TD resource HOB that passes memory info from QEMU to TDVF. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- Changes in v3: - use enum TdxRamType in struct TdxRamEntry; (Isaku) - Fix the indention; (Daniel) Changes in v1: - simplify the algorithm of tdx_accept_ram_range() (Suggested-by: Gerd Ho= ffman) (1) Change the existing entry to cover the accepted ram range. (2) If there is room before the accepted ram range add a TDX_RAM_UNACCEPTED entry for that. (3) If there is room after the accepted ram range add a TDX_RAM_UNACCEPTED entry for that. --- target/i386/kvm/tdx.c | 111 ++++++++++++++++++++++++++++++++++++++++++ target/i386/kvm/tdx.h | 14 ++++++ 2 files changed, 125 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 0885b99cfb88..072ffcdfb41d 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -18,6 +18,7 @@ #include "crypto/hash.h" #include "system/system.h" =20 +#include "hw/i386/e820_memory_layout.h" #include "hw/i386/tdvf.h" #include "hw/i386/x86.h" #include "kvm_i386.h" @@ -146,11 +147,117 @@ void tdx_set_tdvf_region(MemoryRegion *tdvf_mr) tdx_guest->tdvf_mr =3D tdvf_mr; } =20 +static void tdx_add_ram_entry(uint64_t address, uint64_t length, + enum TdxRamType type) +{ + uint32_t nr_entries =3D tdx_guest->nr_ram_entries; + tdx_guest->ram_entries =3D g_renew(TdxRamEntry, tdx_guest->ram_entries, + nr_entries + 1); + + tdx_guest->ram_entries[nr_entries].address =3D address; + tdx_guest->ram_entries[nr_entries].length =3D length; + tdx_guest->ram_entries[nr_entries].type =3D type; + tdx_guest->nr_ram_entries++; +} + +static int tdx_accept_ram_range(uint64_t address, uint64_t length) +{ + uint64_t head_start, tail_start, head_length, tail_length; + uint64_t tmp_address, tmp_length; + TdxRamEntry *e; + int i; + + for (i =3D 0; i < tdx_guest->nr_ram_entries; i++) { + e =3D &tdx_guest->ram_entries[i]; + + if (address + length <=3D e->address || + e->address + e->length <=3D address) { + continue; + } + + /* + * The to-be-accepted ram range must be fully contained by one + * RAM entry. + */ + if (e->address > address || + e->address + e->length < address + length) { + return -EINVAL; + } + + if (e->type =3D=3D TDX_RAM_ADDED) { + return -EINVAL; + } + + break; + } + + if (i =3D=3D tdx_guest->nr_ram_entries) { + return -1; + } + + tmp_address =3D e->address; + tmp_length =3D e->length; + + e->address =3D address; + e->length =3D length; + e->type =3D TDX_RAM_ADDED; + + head_length =3D address - tmp_address; + if (head_length > 0) { + head_start =3D tmp_address; + tdx_add_ram_entry(head_start, head_length, TDX_RAM_UNACCEPTED); + } + + tail_start =3D address + length; + if (tail_start < tmp_address + tmp_length) { + tail_length =3D tmp_address + tmp_length - tail_start; + tdx_add_ram_entry(tail_start, tail_length, TDX_RAM_UNACCEPTED); + } + + return 0; +} + +static int tdx_ram_entry_compare(const void *lhs_, const void* rhs_) +{ + const TdxRamEntry *lhs =3D lhs_; + const TdxRamEntry *rhs =3D rhs_; + + if (lhs->address =3D=3D rhs->address) { + return 0; + } + if (le64_to_cpu(lhs->address) > le64_to_cpu(rhs->address)) { + return 1; + } + return -1; +} + +static void tdx_init_ram_entries(void) +{ + unsigned i, j, nr_e820_entries; + + nr_e820_entries =3D e820_get_table(NULL); + tdx_guest->ram_entries =3D g_new(TdxRamEntry, nr_e820_entries); + + for (i =3D 0, j =3D 0; i < nr_e820_entries; i++) { + uint64_t addr, len; + + if (e820_get_entry(i, E820_RAM, &addr, &len)) { + tdx_guest->ram_entries[j].address =3D addr; + tdx_guest->ram_entries[j].length =3D len; + tdx_guest->ram_entries[j].type =3D TDX_RAM_UNACCEPTED; + j++; + } + } + tdx_guest->nr_ram_entries =3D j; +} + static void tdx_finalize_vm(Notifier *notifier, void *unused) { TdxFirmware *tdvf =3D &tdx_guest->tdvf; TdxFirmwareEntry *entry; =20 + tdx_init_ram_entries(); + for_each_tdx_fw_entry(tdvf, entry) { switch (entry->type) { case TDVF_SECTION_TYPE_BFV: @@ -166,12 +273,16 @@ static void tdx_finalize_vm(Notifier *notifier, void = *unused) entry->type); exit(1); } + tdx_accept_ram_range(entry->address, entry->size); break; default: error_report("Unsupported TDVF section %d", entry->type); exit(1); } } + + qsort(tdx_guest->ram_entries, tdx_guest->nr_ram_entries, + sizeof(TdxRamEntry), &tdx_ram_entry_compare); } =20 static Notifier tdx_machine_done_notify =3D { diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index 28a03c2a7b82..36a7400e7480 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -20,6 +20,17 @@ typedef struct TdxGuestClass { /* TDX requires bus frequency 25MHz */ #define TDX_APIC_BUS_CYCLES_NS 40 =20 +enum TdxRamType { + TDX_RAM_UNACCEPTED, + TDX_RAM_ADDED, +}; + +typedef struct TdxRamEntry { + uint64_t address; + uint64_t length; + enum TdxRamType type; +} TdxRamEntry; + typedef struct TdxGuest { X86ConfidentialGuest parent_obj; =20 @@ -34,6 +45,9 @@ typedef struct TdxGuest { =20 MemoryRegion *tdvf_mr; TdxFirmware tdvf; + + uint32_t nr_ram_entries; + TdxRamEntry *ram_entries; } TdxGuest; =20 #ifdef CONFIG_TDX --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743514990; cv=none; d=zohomail.com; s=zohoarc; b=CA7iP3sqxs5N0DlRnIuNDWLze4E5KpUeHRg5phphuxx7sJXTiE2NcIZ9DmUNwdlIEG2xu9B4b2MsX6LZo51LaA0W5/WPVLsE3+xX/pFkwRF6clteBec7HoFCxJsv+z6agApj99Im587m+OcA+3031huCrLglLTgcnPsz9keC9Hk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743514990; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=1ObWESLrFwtLuw50HlRf6jOMQJnFmZwQFKP81Oc63Ak=; b=S/Lucko9rxNWcvPqOeSBlWxAuzB1dG3VGsPbh1txPMNNgE4lK1Fa0v3MgHJ8recEj9ZASXWW6gCCk1G+QK/DX2HAbjg5MOpskaF9nSHBVPdpt3IkeQdFq3HwnofrnpY/Gh5gXlV7AySfQi1V5O9T/B0ocaq+uSjpsPYmuq0LZrM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743514990848887.1367127246164; Tue, 1 Apr 2025 06:43:10 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbtB-0006hE-7T; Tue, 01 Apr 2025 09:42:49 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbt8-0006Xt-PP for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:46 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbt6-0006XQ-IW for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:46 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:08 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:05 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514964; x=1775050964; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=BWDfYdoXih8AY6i82nzgksQivupZnx5MXYglWsPoykQ=; b=X02pytxtzY9uaqCO5UdppSeqA+YDXL57M/lqDzrOxPcJ0ilTFgwNWXAB Eh0eF1OL6MjbEeHn04fYtiphw3vBMN9ZGhnpbTU45KwsDXbCYBLxfs7vG +5y2D/TNz3OsbndvGNdhNdj4WoMKRYnMviRyqtmSY5awvrCeEZ7dv2UBb jlAs1TQkhenHXwWutYKW+jBSUzU3pSxmsYEWWsR7CbXIne3YWtjTJyyD1 xnGhWoFwxg1V5S/k5DySWTxgK3fqKoNZDAzZiTcsw0qWjKuvRJAJHHiJl hn7J7ivjXel7iB+ukKAcufWirCXMU2JLpLWsVYpHuFxcLFeUsvru0+1k6 Q==; X-CSE-ConnectionGUID: FfRq2VCWRX6qR3bnvEniWA== X-CSE-MsgGUID: /riDPqo4Qb+dEc4dCRhPNA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433333" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433333" X-CSE-ConnectionGUID: uilKqBFuS8eBZUECSzSkpw== X-CSE-MsgGUID: J9Rvuy7vSeu4tR5/8X86+g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640047" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 22/55] headers: Add definitions from UEFI spec for volumes, resources, etc... Date: Tue, 1 Apr 2025 09:01:32 -0400 Message-Id: <20250401130205.2198253-23-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743514993401019100 Content-Type: text/plain; charset="utf-8" Add UEFI definitions for literals, enums, structs, GUIDs, etc... that will be used by TDX to build the UEFI Hand-Off Block (HOB) that is passed to the Trusted Domain Virtual Firmware (TDVF). All values come from the UEFI specification [1], PI spec [2] and TDVF design guide[3]. [1] UEFI Specification v2.1.0 https://uefi.org/sites/default/files/resource= s/UEFI_Spec_2_10_Aug29.pdf [2] UEFI PI spec v1.8 https://uefi.org/sites/default/files/resources/UEFI_P= I_Spec_1_8_March3.pdf [3] https://software.intel.com/content/dam/develop/external/us/en/documents= /tdx-virtual-firmware-design-guide-rev-1.pdf Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- Changes in v7: - use SPDX tag; --- include/standard-headers/uefi/uefi.h | 187 +++++++++++++++++++++++++++ 1 file changed, 187 insertions(+) create mode 100644 include/standard-headers/uefi/uefi.h diff --git a/include/standard-headers/uefi/uefi.h b/include/standard-header= s/uefi/uefi.h new file mode 100644 index 000000000000..5256349ec0b6 --- /dev/null +++ b/include/standard-headers/uefi/uefi.h @@ -0,0 +1,187 @@ +/* + * Copyright (C) 2025 Intel Corporation + * + * Author: Isaku Yamahata + * + * Xiaoyao Li + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef HW_I386_UEFI_H +#define HW_I386_UEFI_H + +/*************************************************************************= **/ +/* + * basic EFI definitions + * supplemented with UEFI Specification Version 2.8 (Errata A) + * released February 2020 + */ +/* UEFI integer is little endian */ + +typedef struct { + uint32_t Data1; + uint16_t Data2; + uint16_t Data3; + uint8_t Data4[8]; +} EFI_GUID; + +typedef enum { + EfiReservedMemoryType, + EfiLoaderCode, + EfiLoaderData, + EfiBootServicesCode, + EfiBootServicesData, + EfiRuntimeServicesCode, + EfiRuntimeServicesData, + EfiConventionalMemory, + EfiUnusableMemory, + EfiACPIReclaimMemory, + EfiACPIMemoryNVS, + EfiMemoryMappedIO, + EfiMemoryMappedIOPortSpace, + EfiPalCode, + EfiPersistentMemory, + EfiUnacceptedMemoryType, + EfiMaxMemoryType +} EFI_MEMORY_TYPE; + +#define EFI_HOB_HANDOFF_TABLE_VERSION 0x0009 + +#define EFI_HOB_TYPE_HANDOFF 0x0001 +#define EFI_HOB_TYPE_MEMORY_ALLOCATION 0x0002 +#define EFI_HOB_TYPE_RESOURCE_DESCRIPTOR 0x0003 +#define EFI_HOB_TYPE_GUID_EXTENSION 0x0004 +#define EFI_HOB_TYPE_FV 0x0005 +#define EFI_HOB_TYPE_CPU 0x0006 +#define EFI_HOB_TYPE_MEMORY_POOL 0x0007 +#define EFI_HOB_TYPE_FV2 0x0009 +#define EFI_HOB_TYPE_LOAD_PEIM_UNUSED 0x000A +#define EFI_HOB_TYPE_UEFI_CAPSULE 0x000B +#define EFI_HOB_TYPE_FV3 0x000C +#define EFI_HOB_TYPE_UNUSED 0xFFFE +#define EFI_HOB_TYPE_END_OF_HOB_LIST 0xFFFF + +typedef struct { + uint16_t HobType; + uint16_t HobLength; + uint32_t Reserved; +} EFI_HOB_GENERIC_HEADER; + +typedef uint64_t EFI_PHYSICAL_ADDRESS; +typedef uint32_t EFI_BOOT_MODE; + +typedef struct { + EFI_HOB_GENERIC_HEADER Header; + uint32_t Version; + EFI_BOOT_MODE BootMode; + EFI_PHYSICAL_ADDRESS EfiMemoryTop; + EFI_PHYSICAL_ADDRESS EfiMemoryBottom; + EFI_PHYSICAL_ADDRESS EfiFreeMemoryTop; + EFI_PHYSICAL_ADDRESS EfiFreeMemoryBottom; + EFI_PHYSICAL_ADDRESS EfiEndOfHobList; +} EFI_HOB_HANDOFF_INFO_TABLE; + +#define EFI_RESOURCE_SYSTEM_MEMORY 0x00000000 +#define EFI_RESOURCE_MEMORY_MAPPED_IO 0x00000001 +#define EFI_RESOURCE_IO 0x00000002 +#define EFI_RESOURCE_FIRMWARE_DEVICE 0x00000003 +#define EFI_RESOURCE_MEMORY_MAPPED_IO_PORT 0x00000004 +#define EFI_RESOURCE_MEMORY_RESERVED 0x00000005 +#define EFI_RESOURCE_IO_RESERVED 0x00000006 +#define EFI_RESOURCE_MEMORY_UNACCEPTED 0x00000007 +#define EFI_RESOURCE_MAX_MEMORY_TYPE 0x00000008 + +#define EFI_RESOURCE_ATTRIBUTE_PRESENT 0x00000001 +#define EFI_RESOURCE_ATTRIBUTE_INITIALIZED 0x00000002 +#define EFI_RESOURCE_ATTRIBUTE_TESTED 0x00000004 +#define EFI_RESOURCE_ATTRIBUTE_SINGLE_BIT_ECC 0x00000008 +#define EFI_RESOURCE_ATTRIBUTE_MULTIPLE_BIT_ECC 0x00000010 +#define EFI_RESOURCE_ATTRIBUTE_ECC_RESERVED_1 0x00000020 +#define EFI_RESOURCE_ATTRIBUTE_ECC_RESERVED_2 0x00000040 +#define EFI_RESOURCE_ATTRIBUTE_READ_PROTECTED 0x00000080 +#define EFI_RESOURCE_ATTRIBUTE_WRITE_PROTECTED 0x00000100 +#define EFI_RESOURCE_ATTRIBUTE_EXECUTION_PROTECTED 0x00000200 +#define EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE 0x00000400 +#define EFI_RESOURCE_ATTRIBUTE_WRITE_COMBINEABLE 0x00000800 +#define EFI_RESOURCE_ATTRIBUTE_WRITE_THROUGH_CACHEABLE 0x00001000 +#define EFI_RESOURCE_ATTRIBUTE_WRITE_BACK_CACHEABLE 0x00002000 +#define EFI_RESOURCE_ATTRIBUTE_16_BIT_IO 0x00004000 +#define EFI_RESOURCE_ATTRIBUTE_32_BIT_IO 0x00008000 +#define EFI_RESOURCE_ATTRIBUTE_64_BIT_IO 0x00010000 +#define EFI_RESOURCE_ATTRIBUTE_UNCACHED_EXPORTED 0x00020000 +#define EFI_RESOURCE_ATTRIBUTE_READ_ONLY_PROTECTED 0x00040000 +#define EFI_RESOURCE_ATTRIBUTE_READ_ONLY_PROTECTABLE 0x00080000 +#define EFI_RESOURCE_ATTRIBUTE_READ_PROTECTABLE 0x00100000 +#define EFI_RESOURCE_ATTRIBUTE_WRITE_PROTECTABLE 0x00200000 +#define EFI_RESOURCE_ATTRIBUTE_EXECUTION_PROTECTABLE 0x00400000 +#define EFI_RESOURCE_ATTRIBUTE_PERSISTENT 0x00800000 +#define EFI_RESOURCE_ATTRIBUTE_PERSISTABLE 0x01000000 +#define EFI_RESOURCE_ATTRIBUTE_MORE_RELIABLE 0x02000000 + +typedef uint32_t EFI_RESOURCE_TYPE; +typedef uint32_t EFI_RESOURCE_ATTRIBUTE_TYPE; + +typedef struct { + EFI_HOB_GENERIC_HEADER Header; + EFI_GUID Owner; + EFI_RESOURCE_TYPE ResourceType; + EFI_RESOURCE_ATTRIBUTE_TYPE ResourceAttribute; + EFI_PHYSICAL_ADDRESS PhysicalStart; + uint64_t ResourceLength; +} EFI_HOB_RESOURCE_DESCRIPTOR; + +typedef struct { + EFI_HOB_GENERIC_HEADER Header; + EFI_GUID Name; + + /* guid specific data follows */ +} EFI_HOB_GUID_TYPE; + +typedef struct { + EFI_HOB_GENERIC_HEADER Header; + EFI_PHYSICAL_ADDRESS BaseAddress; + uint64_t Length; +} EFI_HOB_FIRMWARE_VOLUME; + +typedef struct { + EFI_HOB_GENERIC_HEADER Header; + EFI_PHYSICAL_ADDRESS BaseAddress; + uint64_t Length; + EFI_GUID FvName; + EFI_GUID FileName; +} EFI_HOB_FIRMWARE_VOLUME2; + +typedef struct { + EFI_HOB_GENERIC_HEADER Header; + EFI_PHYSICAL_ADDRESS BaseAddress; + uint64_t Length; + uint32_t AuthenticationStatus; + bool ExtractedFv; + EFI_GUID FvName; + EFI_GUID FileName; +} EFI_HOB_FIRMWARE_VOLUME3; + +typedef struct { + EFI_HOB_GENERIC_HEADER Header; + uint8_t SizeOfMemorySpace; + uint8_t SizeOfIoSpace; + uint8_t Reserved[6]; +} EFI_HOB_CPU; + +typedef struct { + EFI_HOB_GENERIC_HEADER Header; +} EFI_HOB_MEMORY_POOL; + +typedef struct { + EFI_HOB_GENERIC_HEADER Header; + + EFI_PHYSICAL_ADDRESS BaseAddress; + uint64_t Length; +} EFI_HOB_UEFI_CAPSULE; + +#define EFI_HOB_OWNER_ZERO \ + ((EFI_GUID){ 0x00000000, 0x0000, 0x0000, \ + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }) + +#endif --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515070; cv=none; d=zohomail.com; s=zohoarc; b=G7iif9GCyYC8DnmNYi79sTN4Z3tPLHnCb+UdZCCMrn7Y7pwCXnZoGxmjuYsUNc0DK3lfHDtSsCTEBYZ5R2sDWxTxlIBX05AVY2+D6iGkVdYmUtB9oPw5OUvkOrWR5tAW3gZxjPiCkl5UaBdRERgJtoaQcz9LdUdnr0NJC0OMRWM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515070; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=4Q7tg8bPhoYjZ/UwnQ66p1V3wGUJDT1V16Z6+uTgpa8=; b=VZbpa55u/N3Edyz5LWZp0AUO4+7NbhpgxLy6dA7Wz7H5KZhW/+BjVgPKHMU265ia3ffkHb77xhvgUK63chiQHXvI/S1zxh9KK+G7aoI8EqQfZsUvlMNmMBh6Xu4yncF3gpL6A4JLfmURG6sDh9sypBLPb8WgzUBJJu6YwDAxZj4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515070456876.1967704413476; Tue, 1 Apr 2025 06:44:30 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbtF-0006s0-1Y; Tue, 01 Apr 2025 09:42:53 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbt8-0006Xu-PX for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:46 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbt6-0006Zf-Ju for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:46 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:10 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:08 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514964; x=1775050964; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Wy4mU6UR8WVVuqbOX/KmcENylel9vpkIgY0KjcfNSaU=; b=aLvwLwcTS/39Tg5Dqj1gs/ZXttJ/XJwsli/sox48cEKJyXLiJ7t4oKyO zoS2fZ7oqgVqBiyBaUjRQ9Zw2388eeTy0NDk5POaG5etlezORd6VsTChK yqB+RRg2bAyw1gKKrNn/MA4WJBKgY/EySDpU/w8SKioFrmimLAnWesmke DYTLMU6y9aMlCh+4RcpHtigQM6QlNlkkVRRL38Icv64dgSCRLmgh6rjmW evw/og/ylseO3xQz2wuq92oI1dO24sdquxnbS93G7N498PaprJBnQeVet QpZo/tY0q44M5XHsnUJ+k2bemOfL4xP/rVsA31NlZ3CYhuVKrF5LPlidy w==; X-CSE-ConnectionGUID: MGlsQdLURquXPrRCXq6lFg== X-CSE-MsgGUID: /HTmWNAVRn+qZ0k63ZYFGg== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433347" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433347" X-CSE-ConnectionGUID: kWDuF69gSgqvfVqKOPgsww== X-CSE-MsgGUID: PGPQnId2TQ6lSy7+zk5xGA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640055" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 23/55] i386/tdx: Setup the TD HOB list Date: Tue, 1 Apr 2025 09:01:33 -0400 Message-Id: <20250401130205.2198253-24-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515071296019100 Content-Type: text/plain; charset="utf-8" The TD HOB list is used to pass the information from VMM to TDVF. The TD HOB must include PHIT HOB and Resource Descriptor HOB. More details can be found in TDVF specification and PI specification. Build the TD HOB in TDX's machine_init_done callback. Co-developed-by: Isaku Yamahata Signed-off-by: Isaku Yamahata Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- Changes in v7: - use SPDX tag for license info; - clean up the included headers; Changes in v1: - drop the code of adding mmio resources since OVMF prepares all the MMIO hob itself. --- hw/i386/meson.build | 2 +- hw/i386/tdvf-hob.c | 130 ++++++++++++++++++++++++++++++++++++++++++ hw/i386/tdvf-hob.h | 26 +++++++++ target/i386/kvm/tdx.c | 16 ++++++ 4 files changed, 173 insertions(+), 1 deletion(-) create mode 100644 hw/i386/tdvf-hob.c create mode 100644 hw/i386/tdvf-hob.h diff --git a/hw/i386/meson.build b/hw/i386/meson.build index 3bc1da2b6eb4..7896f348cff8 100644 --- a/hw/i386/meson.build +++ b/hw/i386/meson.build @@ -32,7 +32,7 @@ i386_ss.add(when: 'CONFIG_PC', if_true: files( 'port92.c')) i386_ss.add(when: 'CONFIG_X86_FW_OVMF', if_true: files('pc_sysfw_ovmf.c'), if_false: files('pc_sysfw_ovmf-stu= bs.c')) -i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c')) +i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c', 'tdvf-hob.c')) =20 subdir('kvm') subdir('xen') diff --git a/hw/i386/tdvf-hob.c b/hw/i386/tdvf-hob.c new file mode 100644 index 000000000000..782b3d157879 --- /dev/null +++ b/hw/i386/tdvf-hob.c @@ -0,0 +1,130 @@ +/* + * Copyright (c) 2025 Intel Corporation + * Author: Isaku Yamahata + * + * Xiaoyao Li + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "qemu/osdep.h" +#include "qemu/error-report.h" +#include "standard-headers/uefi/uefi.h" +#include "hw/pci/pcie_host.h" +#include "tdvf-hob.h" + +typedef struct TdvfHob { + hwaddr hob_addr; + void *ptr; + int size; + + /* working area */ + void *current; + void *end; +} TdvfHob; + +static uint64_t tdvf_current_guest_addr(const TdvfHob *hob) +{ + return hob->hob_addr + (hob->current - hob->ptr); +} + +static void tdvf_align(TdvfHob *hob, size_t align) +{ + hob->current =3D QEMU_ALIGN_PTR_UP(hob->current, align); +} + +static void *tdvf_get_area(TdvfHob *hob, uint64_t size) +{ + void *ret; + + if (hob->current + size > hob->end) { + error_report("TD_HOB overrun, size =3D 0x%" PRIx64, size); + exit(1); + } + + ret =3D hob->current; + hob->current +=3D size; + tdvf_align(hob, 8); + return ret; +} + +static void tdvf_hob_add_memory_resources(TdxGuest *tdx, TdvfHob *hob) +{ + EFI_HOB_RESOURCE_DESCRIPTOR *region; + EFI_RESOURCE_ATTRIBUTE_TYPE attr; + EFI_RESOURCE_TYPE resource_type; + + TdxRamEntry *e; + int i; + + for (i =3D 0; i < tdx->nr_ram_entries; i++) { + e =3D &tdx->ram_entries[i]; + + if (e->type =3D=3D TDX_RAM_UNACCEPTED) { + resource_type =3D EFI_RESOURCE_MEMORY_UNACCEPTED; + attr =3D EFI_RESOURCE_ATTRIBUTE_TDVF_UNACCEPTED; + } else if (e->type =3D=3D TDX_RAM_ADDED) { + resource_type =3D EFI_RESOURCE_SYSTEM_MEMORY; + attr =3D EFI_RESOURCE_ATTRIBUTE_TDVF_PRIVATE; + } else { + error_report("unknown TDX_RAM_ENTRY type %d", e->type); + exit(1); + } + + region =3D tdvf_get_area(hob, sizeof(*region)); + *region =3D (EFI_HOB_RESOURCE_DESCRIPTOR) { + .Header =3D { + .HobType =3D EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, + .HobLength =3D cpu_to_le16(sizeof(*region)), + .Reserved =3D cpu_to_le32(0), + }, + .Owner =3D EFI_HOB_OWNER_ZERO, + .ResourceType =3D cpu_to_le32(resource_type), + .ResourceAttribute =3D cpu_to_le32(attr), + .PhysicalStart =3D cpu_to_le64(e->address), + .ResourceLength =3D cpu_to_le64(e->length), + }; + } +} + +void tdvf_hob_create(TdxGuest *tdx, TdxFirmwareEntry *td_hob) +{ + TdvfHob hob =3D { + .hob_addr =3D td_hob->address, + .size =3D td_hob->size, + .ptr =3D td_hob->mem_ptr, + + .current =3D td_hob->mem_ptr, + .end =3D td_hob->mem_ptr + td_hob->size, + }; + + EFI_HOB_GENERIC_HEADER *last_hob; + EFI_HOB_HANDOFF_INFO_TABLE *hit; + + /* Note, Efi{Free}Memory{Bottom,Top} are ignored, leave 'em zeroed. */ + hit =3D tdvf_get_area(&hob, sizeof(*hit)); + *hit =3D (EFI_HOB_HANDOFF_INFO_TABLE) { + .Header =3D { + .HobType =3D EFI_HOB_TYPE_HANDOFF, + .HobLength =3D cpu_to_le16(sizeof(*hit)), + .Reserved =3D cpu_to_le32(0), + }, + .Version =3D cpu_to_le32(EFI_HOB_HANDOFF_TABLE_VERSION), + .BootMode =3D cpu_to_le32(0), + .EfiMemoryTop =3D cpu_to_le64(0), + .EfiMemoryBottom =3D cpu_to_le64(0), + .EfiFreeMemoryTop =3D cpu_to_le64(0), + .EfiFreeMemoryBottom =3D cpu_to_le64(0), + .EfiEndOfHobList =3D cpu_to_le64(0), /* initialized later */ + }; + + tdvf_hob_add_memory_resources(tdx, &hob); + + last_hob =3D tdvf_get_area(&hob, sizeof(*last_hob)); + *last_hob =3D (EFI_HOB_GENERIC_HEADER) { + .HobType =3D EFI_HOB_TYPE_END_OF_HOB_LIST, + .HobLength =3D cpu_to_le16(sizeof(*last_hob)), + .Reserved =3D cpu_to_le32(0), + }; + hit->EfiEndOfHobList =3D tdvf_current_guest_addr(&hob); +} diff --git a/hw/i386/tdvf-hob.h b/hw/i386/tdvf-hob.h new file mode 100644 index 000000000000..4fc6a3740a57 --- /dev/null +++ b/hw/i386/tdvf-hob.h @@ -0,0 +1,26 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ + +#ifndef HW_I386_TD_HOB_H +#define HW_I386_TD_HOB_H + +#include "hw/i386/tdvf.h" +#include "target/i386/kvm/tdx.h" + +void tdvf_hob_create(TdxGuest *tdx, TdxFirmwareEntry *td_hob); + +#define EFI_RESOURCE_ATTRIBUTE_TDVF_PRIVATE \ + (EFI_RESOURCE_ATTRIBUTE_PRESENT | \ + EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \ + EFI_RESOURCE_ATTRIBUTE_TESTED) + +#define EFI_RESOURCE_ATTRIBUTE_TDVF_UNACCEPTED \ + (EFI_RESOURCE_ATTRIBUTE_PRESENT | \ + EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \ + EFI_RESOURCE_ATTRIBUTE_TESTED) + +#define EFI_RESOURCE_ATTRIBUTE_TDVF_MMIO \ + (EFI_RESOURCE_ATTRIBUTE_PRESENT | \ + EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \ + EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE) + +#endif diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 072ffcdfb41d..2e8d32285d9a 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -21,6 +21,7 @@ #include "hw/i386/e820_memory_layout.h" #include "hw/i386/tdvf.h" #include "hw/i386/x86.h" +#include "hw/i386/tdvf-hob.h" #include "kvm_i386.h" #include "tdx.h" =20 @@ -147,6 +148,19 @@ void tdx_set_tdvf_region(MemoryRegion *tdvf_mr) tdx_guest->tdvf_mr =3D tdvf_mr; } =20 +static TdxFirmwareEntry *tdx_get_hob_entry(TdxGuest *tdx) +{ + TdxFirmwareEntry *entry; + + for_each_tdx_fw_entry(&tdx->tdvf, entry) { + if (entry->type =3D=3D TDVF_SECTION_TYPE_TD_HOB) { + return entry; + } + } + error_report("TDVF metadata doesn't specify TD_HOB location."); + exit(1); +} + static void tdx_add_ram_entry(uint64_t address, uint64_t length, enum TdxRamType type) { @@ -283,6 +297,8 @@ static void tdx_finalize_vm(Notifier *notifier, void *u= nused) =20 qsort(tdx_guest->ram_entries, tdx_guest->nr_ram_entries, sizeof(TdxRamEntry), &tdx_ram_entry_compare); + + tdvf_hob_create(tdx_guest, tdx_get_hob_entry(tdx_guest)); } =20 static Notifier tdx_machine_done_notify =3D { --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743514997; cv=none; d=zohomail.com; s=zohoarc; b=G8D2dHMYq5XN1a0MElr+NgEyOoPbaeUS6r/99NpROy2WCPQN9Msds5KvKj0RyoAe3fcNkfF7Xflx+hhqtrLTvWPrSljHkUOhYtGDhCys0KS3ZDbwsmgUZMRRac1bBvwlJ+Y7DF81hOrxglJ/Z+tZ0WG3U6NizCEIrAhzgWNp+Ws= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743514997; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=a6AXPMpG6zUI7uukMbkjziCvElYrd0V3DCKL6sWKFc8=; b=YAzxJFW0KAfbOcq/XWvS1jde1ijtfhoy3gYil7VRpk7nXwWxoBjtiEvMIM87f2XxZqpO+YUXrOTS9B0+SR6lkO/edNtmF4x4q+u06oBVg7qELUC1FCTl9IWxF1qAhjFJjx5kGJaDUpKUep7z7labBJQoWetG+uNg7IAupurozkc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743514997720765.6237074220711; Tue, 1 Apr 2025 06:43:17 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbtC-0006lm-1R; Tue, 01 Apr 2025 09:42:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtA-0006cm-1v for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:48 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbt6-0006ZP-KW for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:47 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:13 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:10 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514964; x=1775050964; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=wqu9o6NmiFID71zJSe9Jv93Rfvoqh+0K127MsH7jZvg=; b=Q2luFwFYKOjpHz1c435ghmJDfKGx3VDAzz4EQAR/zD9TAbWbktwmRv/o iDsQ8zW+HXGabk4oOmIU5iB486FGlYTJ39jC0lCr+brwlCVGowogfddDB Tt+fPaBvgNnwSgAbvVUbVlazctrG1Iohw5HiMLT/eUzzv8xSnBtmBhCGJ lDAIoAaAsI5+WyzsTGMm78EJ8jMW+p2yaBmrwNJwU1GHxTNJNubhjUjNp 1LI9aiepNy+nMuKLa7vWy55HcOMO1ZINo1Sroq48eM1sqaDwMM4RgN2DI kjYogTUTrJNB1PvSke8k6DY5ERufG+irXCYQL9pODqNRTMXuTYAeE96f1 Q==; X-CSE-ConnectionGUID: Gc2Kda0gQUSEYhI9tVP2gA== X-CSE-MsgGUID: Ac0z8kgdSWyL3gK8+9qkoQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433357" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433357" X-CSE-ConnectionGUID: 3X8TSgnfRy27I50+ZuFnQg== X-CSE-MsgGUID: 2iVoIkbKSRm8G8nVxR9ZQg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640062" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 24/55] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION Date: Tue, 1 Apr 2025 09:01:34 -0400 Message-Id: <20250401130205.2198253-25-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515001176019100 Content-Type: text/plain; charset="utf-8" From: Isaku Yamahata TDVF firmware (CODE and VARS) needs to be copied to TD's private memory via KVM_TDX_INIT_MEM_REGION, as well as TD HOB and TEMP memory. If the TDVF section has TDVF_SECTION_ATTRIBUTES_MR_EXTEND set in the flag, calling KVM_TDX_EXTEND_MEMORY to extend the measurement. After populating the TDVF memory, the original image located in shared ramblock can be discarded. Signed-off-by: Isaku Yamahata Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- Changes in v6: - switch back to use KVM_TDX_INIT_MEM_REGION according to KVM's change; --- target/i386/kvm/tdx.c | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 2e8d32285d9a..4cf0929d22aa 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -17,6 +17,7 @@ #include "qom/object_interfaces.h" #include "crypto/hash.h" #include "system/system.h" +#include "exec/ramblock.h" =20 #include "hw/i386/e820_memory_layout.h" #include "hw/i386/tdvf.h" @@ -269,6 +270,9 @@ static void tdx_finalize_vm(Notifier *notifier, void *u= nused) { TdxFirmware *tdvf =3D &tdx_guest->tdvf; TdxFirmwareEntry *entry; + RAMBlock *ram_block; + Error *local_err =3D NULL; + int r; =20 tdx_init_ram_entries(); =20 @@ -299,6 +303,44 @@ static void tdx_finalize_vm(Notifier *notifier, void *= unused) sizeof(TdxRamEntry), &tdx_ram_entry_compare); =20 tdvf_hob_create(tdx_guest, tdx_get_hob_entry(tdx_guest)); + + for_each_tdx_fw_entry(tdvf, entry) { + struct kvm_tdx_init_mem_region region; + uint32_t flags; + + region =3D (struct kvm_tdx_init_mem_region) { + .source_addr =3D (uint64_t)entry->mem_ptr, + .gpa =3D entry->address, + .nr_pages =3D entry->size >> 12, + }; + + flags =3D entry->attributes & TDVF_SECTION_ATTRIBUTES_MR_EXTEND ? + KVM_TDX_MEASURE_MEMORY_REGION : 0; + + do { + error_free(local_err); + local_err =3D NULL; + r =3D tdx_vcpu_ioctl(first_cpu, KVM_TDX_INIT_MEM_REGION, flags, + ®ion, &local_err); + } while (r =3D=3D -EAGAIN || r =3D=3D -EINTR); + if (r < 0) { + error_report_err(local_err); + exit(1); + } + + if (entry->type =3D=3D TDVF_SECTION_TYPE_TD_HOB || + entry->type =3D=3D TDVF_SECTION_TYPE_TEMP_MEM) { + qemu_ram_munmap(-1, entry->mem_ptr, entry->size); + entry->mem_ptr =3D NULL; + } + } + + /* + * TDVF image has been copied into private region above via + * KVM_MEMORY_MAPPING. It becomes useless. + */ + ram_block =3D tdx_guest->tdvf_mr->ram_block; + ram_block_discard_range(ram_block, 0, ram_block->max_length); } =20 static Notifier tdx_machine_done_notify =3D { --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515030; cv=none; d=zohomail.com; s=zohoarc; b=kl47/FjpK5YPCmQKtls3DjM6Oq7eWhXXg7yM/LuYqL1DvF2nMIQ3wqF6de8bZbM4lqEckAHNwFA0Jhb+OrcVydkQbd1mnP0I2G6Jo+P03Kumlt8CFHXWdOppyRe6zZAXuiPsBpoCXvYFhSxIdBLkVvnHNP98ByWAeyUF/x0rTEk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515030; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=tY7J5sey6C0EotUrGnMP71G2EfeDsHCG3fLC3USBcPA=; b=OJFUvQZPl+niwDDFi3CGCoRnOeMVV99TzCuiHCXW/4Q3fzlNA4vdE7ZcPdBJrfP0b30LnOg1JV15/Ep7zvz9OMNGGND3+7tr6iRpyWI4yftZdV2YbQweRcvIrTrhrONMs0ffK5lCA6a5BXuhw77C86/rai9hMhd/SK7z2LzUhF8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 17435150309831022.265537838177; Tue, 1 Apr 2025 06:43:50 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbtQ-0007Vo-3w; Tue, 01 Apr 2025 09:43:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtL-00077i-Mo for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:59 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtJ-0006Zf-3c for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:59 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:15 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:13 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514977; x=1775050977; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=r/XTDyv/gaufmjRNhe8F5H/EJ068RKsr7xczBD4EBDw=; b=fMjXCHxt8HMv3ImgJr2cSvzVMBoZemli8TR8TBGVE89c9wLJBz3/sk7z BZUKNKJTUtgGYmcSwq5YJqznyJmK98yd03sVluXXZDrwqys9WpKoU2RYx s32MgI1Qd/PGLNzUhWDkWn2RJEiho0E9iAJ2FopNWS0XbgFNHVXTsToQX WnUkfY2kC7Fk0+Pe38sPyIiF9AB4Y4F7EENAnDFLOz4Br5KGzjYjudnkm DnO/VPhpPsVOnVUWwSixl+4rUZqISgwbE4sYDlNfy6J+wcivQ01ZE1OqE N8+nm244MnSwV/y1pK5n2bUL7bNsAXeIQ+ys4xkppqM1q2XgGE20H/cLT A==; X-CSE-ConnectionGUID: CcWVm3+pRjClcIVE5jjUBg== X-CSE-MsgGUID: 2PEziYOySyOoyRS4ebk31g== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433368" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433368" X-CSE-ConnectionGUID: J5O3ey7XS7qTxG5cx03CeA== X-CSE-MsgGUID: HBwbpXyERvKdEXKza0dfoA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640067" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 25/55] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu Date: Tue, 1 Apr 2025 09:01:35 -0400 Message-Id: <20250401130205.2198253-26-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515033053019100 Content-Type: text/plain; charset="utf-8" TDX vcpu needs to be initialized by SEAMCALL(TDH.VP.INIT) and KVM provides vcpu level IOCTL KVM_TDX_INIT_VCPU for it. KVM_TDX_INIT_VCPU needs the address of the HOB as input. Invoke it for each vcpu after HOB list is created. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- target/i386/kvm/tdx.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 4cf0929d22aa..281fcba9f031 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -266,6 +266,18 @@ static void tdx_init_ram_entries(void) tdx_guest->nr_ram_entries =3D j; } =20 +static void tdx_post_init_vcpus(void) +{ + TdxFirmwareEntry *hob; + CPUState *cpu; + + hob =3D tdx_get_hob_entry(tdx_guest); + CPU_FOREACH(cpu) { + tdx_vcpu_ioctl(cpu, KVM_TDX_INIT_VCPU, 0, (void *)hob->address, + &error_fatal); + } +} + static void tdx_finalize_vm(Notifier *notifier, void *unused) { TdxFirmware *tdvf =3D &tdx_guest->tdvf; @@ -304,6 +316,8 @@ static void tdx_finalize_vm(Notifier *notifier, void *u= nused) =20 tdvf_hob_create(tdx_guest, tdx_get_hob_entry(tdx_guest)); =20 + tdx_post_init_vcpus(); + for_each_tdx_fw_entry(tdvf, entry) { struct kvm_tdx_init_mem_region region; uint32_t flags; --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743518274; cv=none; d=zohomail.com; s=zohoarc; b=hM1yAK1+F6B7rFmPtifcHHi5eKvfk9N5TQfY6rGgdXEmdYY2TAmzFILJITPU9Y6xQu9dGAaTbGqA4hbQmTOhCR1U9z4Q8dZWqsgYqhOl9ItbfXn0HXqSZO6BLjlAVJ2VeSoo/ikw4nI/s67kiPWSsW9p2YYMkFC8zP0qH4H0Zmc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743518274; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=IqNdiOrA4PawiMHOoS8eS98xoS2REDR1iPbV+DGcDxY=; b=N2rZNZJtT2F2viAxGIdnr4VPv58iC+PRJQyx3L9KVLN5UNjuxLlR/WmwrrvVRuT8gEXFUWSk8f+AmpO3yZfIf/lS8B9AhQbMWZFxEH9Gv/yD3mb6n7VAtM2zrqrg4G6+SmzDRi0Z1Z2hMbtxgWmr9MLG3fpo/GuraK8YfeolnGk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 174351827436979.04991300745223; Tue, 1 Apr 2025 07:37:54 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbtS-0007dX-E6; Tue, 01 Apr 2025 09:43:06 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtL-00077t-N4 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:59 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtJ-0006XQ-3Y for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:42:59 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:18 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:15 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514977; x=1775050977; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=qZz5/25vnIb2fAr2rlIbdMBqWFWSCSWPsoc4Uj0T2Ik=; b=ho+NN9MHNlkCJ67y4vV0C+KEWIerTO0M5r8yIwqJ022/RoB2W0eGL4Ed WH3tGtrXANzqIO9SkBMy3oh14yi2pWIhrHwH8ifjuoRS/bVYmNzn9xeSf yxuJ+bNomNLWqKlUQn51sPuUVnL8MUren9Ii5jS7IPzi9oWzD7RJ6b8ZH RcNKuLhFj1iHWHOrQ0D0C/qrScW1oSEDJSmAQ3VgaoBv4wyt863oCPLxG kbbMpzUvIAiAi1r/622zcUp4jw0w6aT8vkMk853EHVC++45c+z1q7yHb7 0VAraFCV4gc0gjI6h6kiHJeysyWEFQ/A0dtA1h6JdhIIpD+c5u9EVeDwb w==; X-CSE-ConnectionGUID: o26gdqMTQmmTkUmaQ7uEjw== X-CSE-MsgGUID: 4VGavTb+ThqCMPEJzH8otg== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433376" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433376" X-CSE-ConnectionGUID: KqYuEFVvQKCLuR5NXh00xA== X-CSE-MsgGUID: 90vosaMISfW/neB1EQG5mw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640072" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 26/55] i386/tdx: Finalize TDX VM Date: Tue, 1 Apr 2025 09:01:36 -0400 Message-Id: <20250401130205.2198253-27-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743518275366019100 Content-Type: text/plain; charset="utf-8" Invoke KVM_TDX_FINALIZE_VM to finalize the TD's measurement and make the TD vCPUs runnable once machine initialization is complete. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- target/i386/kvm/tdx.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 281fcba9f031..78764b1d4be4 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -355,6 +355,9 @@ static void tdx_finalize_vm(Notifier *notifier, void *u= nused) */ ram_block =3D tdx_guest->tdvf_mr->ram_block; ram_block_discard_range(ram_block, 0, ram_block->max_length); + + tdx_vm_ioctl(KVM_TDX_FINALIZE_VM, 0, NULL, &error_fatal); + CONFIDENTIAL_GUEST_SUPPORT(tdx_guest)->ready =3D true; } =20 static Notifier tdx_machine_done_notify =3D { --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743518555; cv=none; d=zohomail.com; s=zohoarc; b=IKVHhGumpGlT6GO15WOO6jHqaU//1HnEObG8XfeGMD9+0LHFy9fFlf/760pApuWgK/N71Hxa6hxKHZ8wB77fWINnYkbPsiZv/psip2P/Ta4sIsweOplHNJIMri3BQ+HWj4dveYV47tenqvkwkltdTAntgPAkvcE+kAnhOPyEG0k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743518555; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=4lIrU18PeHKbljffbwdKg/+jPu2SdBoMG6AwU0AbD3E=; b=J4sd1fxU8rIvM4dHwsqD29w1bebSpGBzdRQuG9l/26ewIxhowpHe62zxwXFY+qZXqvZon5lW9ILKZfcEMdjcERO+x1R056g/0CyahM8QfFwf+i23JhRrAUnthBYLXWQljXUjKPFGo+p1qg5EQ/X6F+hWtdsO1FQ/gFlsjs5pkp8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743518555016135.68390581367896; Tue, 1 Apr 2025 07:42:35 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbtS-0007fl-GD; Tue, 01 Apr 2025 09:43:06 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtM-0007Cr-PA for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:00 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtK-0006ZP-IJ for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:00 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:20 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:18 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514978; x=1775050978; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=uQnxSZ38mHAiDqEFbYnrylh7HRvn06RafvKOs7toA0A=; b=FC/bSvXMhlNYbQzgHWr5MLlP8sNv3cWaawP9Tz3ap/f7nj6tTNnpHeSz JdcKp38CrnmH5xXoKNGpEXDGqEWd5DS8pOy77f5zriwfX0yOSZcB7CEcN Mm6jj5sUCVY5lrCaBmU83bPrhLeU5TYFwgHZGooVIPQqXXTAKqQ5kY9+t maUIv932BYfmd3a1n1N+YrHOR8H9eWZXbvq8lVUTtppQg/rzTsBeoe2J0 6eePcFyDQa1ABsHgaIKx78tn1xFTpV7xdneW25MGhAHA5fNXyJOprT5u0 W0V1zqlh6X9T2Yg7ln6cZvsbIhFx96KhOFn3aZK1HQopROX+gIyVxLPDw g==; X-CSE-ConnectionGUID: Ju74cbOmRWKWW4iOUOpSeg== X-CSE-MsgGUID: rzQIA41aTMSavRPupuoIbQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433386" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433386" X-CSE-ConnectionGUID: SETJ9UdwS8KNuqE/Je8tRA== X-CSE-MsgGUID: 9YUabaCZQSKcRJLI3B6odw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640078" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 27/55] i386/tdx: Enable user exit on KVM_HC_MAP_GPA_RANGE Date: Tue, 1 Apr 2025 09:01:37 -0400 Message-Id: <20250401130205.2198253-28-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743518556976019000 Content-Type: text/plain; charset="utf-8" KVM translates TDG.VP.VMCALL to KVM_HC_MAP_GPA_RANGE, and QEMU needs to enable user exit on KVM_HC_MAP_GPA_RANGE in order to handle the memory conversion requested by TD guest. Signed-off-by: Xiaoyao Li --- changes in v6: - new patch; --- target/i386/kvm/tdx.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 78764b1d4be4..f8953f598584 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -19,6 +19,8 @@ #include "system/system.h" #include "exec/ramblock.h" =20 +#include + #include "hw/i386/e820_memory_layout.h" #include "hw/i386/tdvf.h" #include "hw/i386/x86.h" @@ -378,6 +380,11 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs,= Error **errp) } } =20 + /* TDX relies on KVM_HC_MAP_GPA_RANGE to handle TDG.VP.VMCALL = */ + if (!kvm_enable_hypercall(BIT_ULL(KVM_HC_MAP_GPA_RANGE))) { + return -EOPNOTSUPP; + } + qemu_add_machine_init_done_notifier(&tdx_machine_done_notify); =20 tdx_guest =3D tdx; --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515396; cv=none; d=zohomail.com; s=zohoarc; b=R/7TtgV3cncbc6yMw3u8B7ad6lFpGrxuvm8Ns3vRDblB2kJJ8Yy/j98qbLMtBwUSHPQ91G5xtW8o6AQ7yFXRHzLoD7o8Wxio8k9/KbX9IWpiIIGw9NhniK7kCZZ/9ifpnAobFJOUoRhRta/pG7iyXO4rUtJefUkKrNeQVAHMrMk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515396; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=T+IczdsVTqlBzIECdrARLLHDx3hUrRa7kzHzvp8ePkE=; b=Jjmq1MfQtPGrfKfyJeK0JqOUX8oEgvm3uFlHKoVA/mTf5s5cF+HnREKRHfZwZf43/cmYhgF7W/Yp6ilmfjDKspKhtR/mk+Gy7JJVzxa+HE/jknhysWeKBJSLYeHCALL5+yAa3qDaC7SUDzKFcmke3poq/g0jtfks5HRKsaIEeiM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515396319641.9054168248106; Tue, 1 Apr 2025 06:49:56 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbtc-0008Jw-B4; Tue, 01 Apr 2025 09:43:16 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtZ-0008B4-0M for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:13 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtW-0006Zf-2Q for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:11 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:23 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:20 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514990; x=1775050990; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=08H6dI0xe3rRjgkMiP4DtiKFJFaABuJh3KQcsj+dGvk=; b=RmejjbJTNEyz8HhRzNuQBZSmQSNmRll9JJK0GQI/3QV4lnV1Oko/tv5o RMFl+kGDkB22QNN9O5xBc6Iqhc9+7IJu2nKKuH+RMlmx7XDCJL2Wh0t25 LCT7ZBZqYzpnAMmuepgfYh2rl8ZMsZr1mcBnVAYZb45kstq/MxgyTNxw+ tyBTBJjby7J01C999VhhlCHfJ0Aj1mF0Hs48E4aklq3yJpfp+ZGMA111+ CkzoxfVboWCOXrW8EW5AQgygc3GBnMbJ0hdnhvqIF2tKgguIaJu9EAdvt o6XCeKVwHJVUiQj8AccWfloudR2JWzg73LbCtCFnxt5nxRHT+zvkDWqKs Q==; X-CSE-ConnectionGUID: zql0ky9aR5OaVoeX8HP8bg== X-CSE-MsgGUID: UH5xPBkeSHuuP3Kf1nXsLg== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433396" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433396" X-CSE-ConnectionGUID: JbbVKOKJRPKRjr/Rr+Oyig== X-CSE-MsgGUID: JF0ZinGhQGy4aeA3xoIG4Q== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640083" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 28/55] i386/tdx: Handle KVM_SYSTEM_EVENT_TDX_FATAL Date: Tue, 1 Apr 2025 09:01:38 -0400 Message-Id: <20250401130205.2198253-29-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515396698019000 Content-Type: text/plain; charset="utf-8" TD guest can use TDG.VP.VMCALL to request termination. KVM translates such request into KVM_EXIT_SYSTEM_EVENT with type of KVM_SYSTEM_EVENT_TDX_FATAL. Add hanlder for such exit. Parse and print the error message, and terminate the TD guest in the handler. Signed-off-by: Xiaoyao Li --- Changes in v8: - update to the new data ABI of KVM_SYSTEM_EVENT_TDX_FATAL; Changes in v6: - replace the patch " i386/tdx: Handle TDG.VP.VMCALL" in v5; --- target/i386/kvm/kvm.c | 10 +++++++++ target/i386/kvm/tdx-stub.c | 5 +++++ target/i386/kvm/tdx.c | 45 ++++++++++++++++++++++++++++++++++++++ target/i386/kvm/tdx.h | 2 ++ 4 files changed, 62 insertions(+) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 7de5014051eb..a76f34537908 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -6128,6 +6128,16 @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_ru= n *run) case KVM_EXIT_HYPERCALL: ret =3D kvm_handle_hypercall(run); break; + case KVM_EXIT_SYSTEM_EVENT: + switch (run->system_event.type) { + case KVM_SYSTEM_EVENT_TDX_FATAL: + ret =3D tdx_handle_report_fatal_error(cpu, run); + break; + default: + ret =3D -1; + break; + } + break; default: fprintf(stderr, "KVM: unknown exit reason %d\n", run->exit_reason); ret =3D -1; diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c index 7748b6d0a446..720a4ff046ee 100644 --- a/target/i386/kvm/tdx-stub.c +++ b/target/i386/kvm/tdx-stub.c @@ -13,3 +13,8 @@ int tdx_parse_tdvf(void *flash_ptr, int size) { return -EINVAL; } + +int tdx_handle_report_fatal_error(X86CPU *cpu, struct kvm_run *run) +{ + return -EINVAL; +} diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index f8953f598584..74b7e3ac85fe 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -607,6 +607,51 @@ int tdx_parse_tdvf(void *flash_ptr, int size) return tdvf_parse_metadata(&tdx_guest->tdvf, flash_ptr, size); } =20 +int tdx_handle_report_fatal_error(X86CPU *cpu, struct kvm_run *run) +{ + uint64_t error_code =3D run->system_event.data[R_R12]; + uint64_t reg_mask =3D run->system_event.data[R_ECX]; + char *message =3D NULL; + uint64_t *tmp; + + if (error_code & 0xffff) { + error_report("TDX: REPORT_FATAL_ERROR: invalid error code: 0x%lx", + error_code); + return -1; + } + +/* + * Only 8 registers can contain valid ASCII byte stream to form the fatal + * message, and their sequence is: R14, R15, RBX, RDI, RSI, R8, R9, RDX + */ +#define TDX_FATAL_MESSAGE_MAX 64 + if (reg_mask) { + message =3D g_malloc0(TDX_FATAL_MESSAGE_MAX + 1); + tmp =3D (uint64_t *)message; + +#define COPY_REG(REG) \ + do { \ + if (reg_mask & BIT_ULL(REG)) { \ + *(tmp++) =3D run->system_event.data[REG]; \ + } \ + } while (0) + + COPY_REG(R_R14); + COPY_REG(R_R15); + COPY_REG(R_EBX); + COPY_REG(R_EDI); + COPY_REG(R_ESI); + COPY_REG(R_R8); + COPY_REG(R_R9); + COPY_REG(R_EDX); + *((char *)tmp) =3D '\0'; + } +#undef COPY_REG + + error_report("TD guest reports fatal error. %s", message ? : ""); + return -1; +} + static bool tdx_guest_get_sept_ve_disable(Object *obj, Error **errp) { TdxGuest *tdx =3D TDX_GUEST(obj); diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index 36a7400e7480..04b5afe199f9 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -8,6 +8,7 @@ #endif =20 #include "confidential-guest.h" +#include "cpu.h" #include "hw/i386/tdvf.h" =20 #define TYPE_TDX_GUEST "tdx-guest" @@ -59,5 +60,6 @@ bool is_tdx_vm(void); int tdx_pre_create_vcpu(CPUState *cpu, Error **errp); void tdx_set_tdvf_region(MemoryRegion *tdvf_mr); int tdx_parse_tdvf(void *flash_ptr, int size); +int tdx_handle_report_fatal_error(X86CPU *cpu, struct kvm_run *run); =20 #endif /* QEMU_I386_TDX_H */ --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515682; cv=none; d=zohomail.com; s=zohoarc; b=l1EaucgowrZiyVY0OK+t/uGmGVZl88Au2e7OP5e367Et3Cu1c7rRhAZyOyz9DVD8tr0jkhI1kq9YbVHZ0Wl4vUsjbl+pl1ze3HLuUKvDZ+WCP3RzI4Or63goahuDUIDh+w2eBTFUG2OgoeFmoqx9pmPiTPPgI+Dq0YaJloF5FvY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515682; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=EwXekQh0D9heKFpbSyUHh7WfwXKPAFkW6ud/cDmjLZg=; b=NBCMQHL5YwGA/A1qnzQbmyyfRGl0x8yNPf5rjz3p/vG2NJSzPI8+n3o8CTq5VEkzruGrQ0lhAHdRpDGQTAakXKeQZQzemJlo0X3wPKniVQeDsvA6lVLJFpLNyqK3Gboh0HEd5MfwWeUogYJ2ZzcAa8eHq+jHDNj0ncXqW767cI8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 174351568216160.63124942231252; Tue, 1 Apr 2025 06:54:42 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbte-0008W6-GN; Tue, 01 Apr 2025 09:43:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbta-0008Fr-2P for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:15 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtW-0006XQ-3D for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:13 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:26 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:23 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514990; x=1775050990; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=BzUEZQXwyQ0SYtOiOVXTeFahkvxKBSDfEg7mXj11lgM=; b=aPoz4/zvZp5o2Jgi2rc+NM/qdOYQ3rNc9U2uyx3iA6nphG454HDCQ56z ziASUTdPMB9QZAv+r/JDqTZCJqFJHNUX1iitSjCLNl/YGTVb3S2tTiZQT NRImAJ5UFwy34qd4S6Rq8PjlS2cBnYb3srST3fjPBQdOMq5kYtgqaNG5Q XE9yObtek5u4lAQZQQ9FLlM+xn2VDlTsl9kBnTJiSlvhX+UuEkd6ayukZ iQ20co32bNzwHD0ZWofG7nOnQIexzNHp2h1SD8ITaPPrrFY92kOMMMBSO 5VmZA2WtnzMDVpJOHvakr8RhRlGkdXxU9hcT9DSdt6f7Ivs3AsT9ngu4C A==; X-CSE-ConnectionGUID: BqY5lwO4RPukf9f9rLQZOg== X-CSE-MsgGUID: bs8ILDwgSSGBjaeTc73x5w== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433408" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433408" X-CSE-ConnectionGUID: xy7AvXGgQUqqNmdgcK7fgg== X-CSE-MsgGUID: UercaAKwQe21vEJ61dckXA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640086" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 29/55] i386/tdx: Wire TDX_REPORT_FATAL_ERROR with GuestPanic facility Date: Tue, 1 Apr 2025 09:01:39 -0400 Message-Id: <20250401130205.2198253-30-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515684551019100 Content-Type: text/plain; charset="utf-8" Integrate TDX's TDX_REPORT_FATAL_ERROR into QEMU GuestPanic facility Originated-from: Isaku Yamahata Signed-off-by: Xiaoyao Li Acked-by: Markus Armbruster --- Changes in v8: - use g_strdup() for copy string; - use the new data ABI of KVM_SYSTEM_EVENT_TDX_FATAL to grab gpa info; Changes in v6: - change error_code of GuestPanicInformationTdx from uint64_t to uint32_t, to only contains the bit 31:0 returned in r12. Changes in v5: - mention additional error information in gpa when it presents; - refine the documentation; (Markus) Changes in v4: - refine the documentation; (Markus) Changes in v3: - Add docmentation of new type and struct; (Daniel) - refine the error message handling; (Daniel) --- qapi/run-state.json | 31 +++++++++++++++++++-- system/runstate.c | 65 +++++++++++++++++++++++++++++++++++++++++++ target/i386/kvm/tdx.c | 24 +++++++++++++++- 3 files changed, 117 insertions(+), 3 deletions(-) diff --git a/qapi/run-state.json b/qapi/run-state.json index ce95cfa46b73..ee11adc50889 100644 --- a/qapi/run-state.json +++ b/qapi/run-state.json @@ -501,10 +501,12 @@ # # @s390: s390 guest panic information type (Since: 2.12) # +# @tdx: tdx guest panic information type (Since: 10.1) +# # Since: 2.9 ## { 'enum': 'GuestPanicInformationType', - 'data': [ 'hyper-v', 's390' ] } + 'data': [ 'hyper-v', 's390', 'tdx' ] } =20 ## # @GuestPanicInformation: @@ -519,7 +521,8 @@ 'base': {'type': 'GuestPanicInformationType'}, 'discriminator': 'type', 'data': {'hyper-v': 'GuestPanicInformationHyperV', - 's390': 'GuestPanicInformationS390'}} + 's390': 'GuestPanicInformationS390', + 'tdx' : 'GuestPanicInformationTdx'}} =20 ## # @GuestPanicInformationHyperV: @@ -598,6 +601,30 @@ 'psw-addr': 'uint64', 'reason': 'S390CrashReason'}} =20 +## +# @GuestPanicInformationTdx: +# +# TDX Guest panic information specific to TDX, as specified in the +# "Guest-Hypervisor Communication Interface (GHCI) Specification", +# section TDG.VP.VMCALL. +# +# @error-code: TD-specific error code +# +# @message: Human-readable error message provided by the guest. Not +# to be trusted. +# +# @gpa: guest-physical address of a page that contains more verbose +# error information, as zero-terminated string. Present when the +# "GPA valid" bit (bit 63) is set in @error-code. +# +# +# Since: 10.1 +## +{'struct': 'GuestPanicInformationTdx', + 'data': {'error-code': 'uint32', + 'message': 'str', + '*gpa': 'uint64'}} + ## # @MEMORY_FAILURE: # diff --git a/system/runstate.c b/system/runstate.c index 272801d30769..e9d5d7505b4a 100644 --- a/system/runstate.c +++ b/system/runstate.c @@ -565,6 +565,58 @@ static void qemu_system_wakeup(void) } } =20 +static char *tdx_parse_panic_message(char *message) +{ + bool printable =3D false; + char *buf =3D NULL; + int len =3D 0, i; + + /* + * Although message is defined as a json string, we shouldn't + * unconditionally treat it as is because the guest generated it and + * it's not necessarily trustable. + */ + if (message) { + /* The caller guarantees the NULL-terminated string. */ + len =3D strlen(message); + + printable =3D len > 0; + for (i =3D 0; i < len; i++) { + if (!(0x20 <=3D message[i] && message[i] <=3D 0x7e)) { + printable =3D false; + break; + } + } + } + + if (len =3D=3D 0) { + buf =3D g_malloc(1); + buf[0] =3D '\0'; + } else { + if (!printable) { + /* 3 =3D length of "%02x " */ + buf =3D g_malloc(len * 3); + for (i =3D 0; i < len; i++) { + if (message[i] =3D=3D '\0') { + break; + } else { + sprintf(buf + 3 * i, "%02x ", message[i]); + } + } + if (i > 0) { + /* replace the last ' '(space) to NULL */ + buf[i * 3 - 1] =3D '\0'; + } else { + buf[0] =3D '\0'; + } + } else { + buf =3D g_strdup(message); + } + } + + return buf; +} + void qemu_system_guest_panicked(GuestPanicInformation *info) { qemu_log_mask(LOG_GUEST_ERROR, "Guest crashed"); @@ -606,7 +658,20 @@ void qemu_system_guest_panicked(GuestPanicInformation = *info) S390CrashReason_str(info->u.s390.reason), info->u.s390.psw_mask, info->u.s390.psw_addr); + } else if (info->type =3D=3D GUEST_PANIC_INFORMATION_TYPE_TDX) { + char *message =3D tdx_parse_panic_message(info->u.tdx.message); + qemu_log_mask(LOG_GUEST_ERROR, + "\nTDX guest reports fatal error." + " error code: 0x%" PRIx32 " error message:\"%s\"= \n", + info->u.tdx.error_code, message); + g_free(message); + if (info->u.tdx.gpa !=3D -1ull) { + qemu_log_mask(LOG_GUEST_ERROR, "Additional error informati= on " + "can be found at gpa page: 0x%" PRIx64 "\n", + info->u.tdx.gpa); + } } + qapi_free_GuestPanicInformation(info); } } diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 74b7e3ac85fe..282cdbd775c5 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -16,6 +16,7 @@ #include "qapi/error.h" #include "qom/object_interfaces.h" #include "crypto/hash.h" +#include "system/runstate.h" #include "system/system.h" #include "exec/ramblock.h" =20 @@ -607,12 +608,27 @@ int tdx_parse_tdvf(void *flash_ptr, int size) return tdvf_parse_metadata(&tdx_guest->tdvf, flash_ptr, size); } =20 +static void tdx_panicked_on_fatal_error(X86CPU *cpu, uint64_t error_code, + char *message, uint64_t gpa) +{ + GuestPanicInformation *panic_info; + + panic_info =3D g_new0(GuestPanicInformation, 1); + panic_info->type =3D GUEST_PANIC_INFORMATION_TYPE_TDX; + panic_info->u.tdx.error_code =3D (uint32_t) error_code; + panic_info->u.tdx.message =3D message; + panic_info->u.tdx.gpa =3D gpa; + + qemu_system_guest_panicked(panic_info); +} + int tdx_handle_report_fatal_error(X86CPU *cpu, struct kvm_run *run) { uint64_t error_code =3D run->system_event.data[R_R12]; uint64_t reg_mask =3D run->system_event.data[R_ECX]; char *message =3D NULL; uint64_t *tmp; + uint64_t gpa =3D -1ull; =20 if (error_code & 0xffff) { error_report("TDX: REPORT_FATAL_ERROR: invalid error code: 0x%lx", @@ -648,7 +664,13 @@ int tdx_handle_report_fatal_error(X86CPU *cpu, struct = kvm_run *run) } #undef COPY_REG =20 - error_report("TD guest reports fatal error. %s", message ? : ""); +#define TDX_REPORT_FATAL_ERROR_GPA_VALID BIT_ULL(63) + if (error_code & TDX_REPORT_FATAL_ERROR_GPA_VALID) { + gpa =3D run->system_event.data[R_R13]; + } + + tdx_panicked_on_fatal_error(cpu, error_code, message, gpa); + return -1; } =20 --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743517313; cv=none; d=zohomail.com; s=zohoarc; b=kvbFGbOxDypOgLSqVVazp3+0qWsJDNVkXlri8ivmxyYAiNrCWQ2CEgS8cVFRZlAPDAUS/Si9UcriK1UU95Yvm1Fo7uZimFNeovC0zm7dWSVvgXk6LJfImvVUKelAFpCU3ObEnIECn9T02w6aH628KvM3lFI2X/5XczBOv/baWfM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743517313; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=pJiOEV8Aa5OCRegmx84xdTCIdk0Tez7d2LGLSv43cf0=; b=l2qfLGipcuTYCHBbtXx+J99efb+Pwq2Gn1lPDhuJANLeOJRYw0pYvsUTsc+togNbqRMr1UfqvQQjTWOvmVJ9YlW+1iYwoDPl1k7+rrEyLMU6v4G2pNRGt6ppepQrrIKeiNCZX5SBCImGeMtlKuH50jkDLOxxjDHvc9E67lCVBW4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743517313799926.7702204398146; Tue, 1 Apr 2025 07:21:53 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbtg-00008Y-Be; Tue, 01 Apr 2025 09:43:20 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtZ-0008E6-JD for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:13 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtX-0006ZP-2p for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:13 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:28 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:26 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743514991; x=1775050991; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=wiwxhBXcxE7KHNFCmgFXFBZn4NnWmDR0H8WVam0bEko=; b=YQHU6abeB5ymqSGnAmYmzsMSKAhVWCacLkIQ46sw11VuzKHI3J0mId9f b1+Kti4srHW9E7aGgqxrNXNNMLmdZ4WlsnYpQ62rCCmvVaINN9O35L39f QKIOa4Hb4TNK0jlOtI8c8gkLwFp5tcyVfxdDc49e6gThfHAuf+fr6o2op u1KnoRQqJ6fbrvmkjUW6vCOmIewOpqXCLfME6zMjY3+/qygldXtO/zXPq kqziXxUidv/Llt+rbk57QAPw0f9xuhaWhT3DEQq7p5eGasIFuwH7VFW1v cUE7xCgRsX8yVq3vFtm+6yk2C+3xfzvoYH9Hg3p+D6hZY9ViccKtF/4I6 w==; X-CSE-ConnectionGUID: 68wmlEVjT7ebqJooOaqPRg== X-CSE-MsgGUID: KExxDFRdTeuLEaxZQcrMSA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433413" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433413" X-CSE-ConnectionGUID: zzAicSvyRMCxMW0qnQzjow== X-CSE-MsgGUID: 4tOO35KlQl2VN7zDqhKCsQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640090" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 30/55] kvm: Check KVM_CAP_MAX_VCPUS at vm level Date: Tue, 1 Apr 2025 09:01:40 -0400 Message-Id: <20250401130205.2198253-31-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743517316783019100 Content-Type: text/plain; charset="utf-8" KVM with TDX support starts to report different KVM_CAP_MAX_VCPUS per different VM types. So switch to check the KVM_CAP_MAX_VCPUS at vm level. KVM still returns the global KVM_CAP_MAX_VCPUS when the KVM is old that doesn't report different value at vm level. Signed-off-by: Xiaoyao Li --- accel/kvm/kvm-all.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index df9840e53a35..5835d840f3ad 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -2425,7 +2425,7 @@ static int kvm_recommended_vcpus(KVMState *s) =20 static int kvm_max_vcpus(KVMState *s) { - int ret =3D kvm_check_extension(s, KVM_CAP_MAX_VCPUS); + int ret =3D kvm_vm_check_extension(s, KVM_CAP_MAX_VCPUS); return (ret) ? ret : kvm_recommended_vcpus(s); } =20 --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515686; cv=none; d=zohomail.com; s=zohoarc; b=HXrkK7ORFM61RsDd1D9Yn7ja5UfsmokAhnGevKjxIz1ntF5b/6bfQ63LguQRDLa9IlQgqGEqPKpSxhxSXqobbGOFoHJPPBtUd5ADW+X5skJUIlIFyAx0GKuIv4dL1DY3ymEug2CdwZR2C2Au9X2XWDyCOktx+bJ4ue08JQWMABE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515686; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=yIVlogMCAKYWITTNvWjh1JLBvphfGflmzB8f/XiAfJs=; b=X2vEFgJzEI4rW5l1Ug8odSJqDoWBLwIFetjFiOvmVhC30xyF5m3JqcPRTF2xD/CJJycmm6k0EKSrMGw7qk1xr7jE9cvHBGThmsxG2a7Kar1XvSFjxSgdG9scVaRIG/REbTF3JE8X86czts9MOZzlEEpCZySRTJXNBKU4PpeAS+c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515686484332.7099881509257; Tue, 1 Apr 2025 06:54:46 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbuh-0000q6-Ou; Tue, 01 Apr 2025 09:44:24 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtm-0000PU-Sy for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:35 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtj-0006Zf-NS for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:25 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:30 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:28 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515003; x=1775051003; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=yR1VutMQOXp5BiJF+ixz4pbVn5zV1cZoi3SnvuhcpA4=; b=iKTMkcmSi2/b1qqbh+7gwbRtSgXhxLm9Qwdyi2WWi7SQn9jF0tVe4vq+ 68Qt/3aSYZlhROc2jYUr6do1jfFgAJKQwEPGkiScEahuslrHKZOEH84Di AgT8ZHp5idYPpK59u3nfZnHFnraovmy7ZVlwXoqZz7oGVMDadRS4/LcbD zFTxEomYmQrX1sesJIXnRJmNnCgor1krE9p9rirQRcuMA59wBi2sr5BdG C9ZPeh0lSnXjaxXnTZXV0n4+YYjATepdhMOOi8r+LVUagU6c4W/JUU0As Vkizj3tQNTaIOnmRyTwLTtc9JsQiQeb/amNB2/mBQFH6AESCppC9Z03w5 w==; X-CSE-ConnectionGUID: YD5e1j5YT4G5O0dTDvvaKg== X-CSE-MsgGUID: rdiZXMbvSlWy1SYCSO+nKA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433420" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433420" X-CSE-ConnectionGUID: +0ESDZeRSLqFhvyOb6SbpA== X-CSE-MsgGUID: z+VsphhUT3m/c3sBZDbKkQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640096" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 31/55] i386/cpu: introduce x86_confidential_guest_cpu_instance_init() Date: Tue, 1 Apr 2025 09:01:41 -0400 Message-Id: <20250401130205.2198253-32-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515688371019100 Content-Type: text/plain; charset="utf-8" To allow execute confidential guest specific cpu init operations. Signed-off-by: Xiaoyao Li --- Changes in v6: - new patch; --- target/i386/confidential-guest.h | 11 +++++++++++ target/i386/cpu.c | 10 ++++++++++ 2 files changed, 21 insertions(+) diff --git a/target/i386/confidential-guest.h b/target/i386/confidential-gu= est.h index 164be7633a20..a86c42a47558 100644 --- a/target/i386/confidential-guest.h +++ b/target/i386/confidential-guest.h @@ -39,6 +39,7 @@ struct X86ConfidentialGuestClass { =20 /* */ int (*kvm_type)(X86ConfidentialGuest *cg); + void (*cpu_instance_init)(X86ConfidentialGuest *cg, CPUState *cpu); uint32_t (*mask_cpuid_features)(X86ConfidentialGuest *cg, uint32_t fea= ture, uint32_t index, int reg, uint32_t value); }; @@ -59,6 +60,16 @@ static inline int x86_confidential_guest_kvm_type(X86Con= fidentialGuest *cg) } } =20 +static inline void x86_confidential_guest_cpu_instance_init(X86Confidentia= lGuest *cg, + CPUState *cpu) +{ + X86ConfidentialGuestClass *klass =3D X86_CONFIDENTIAL_GUEST_GET_CLASS(= cg); + + if (klass->cpu_instance_init) { + klass->cpu_instance_init(cg, cpu); + } +} + /** * x86_confidential_guest_mask_cpuid_features: * diff --git a/target/i386/cpu.c b/target/i386/cpu.c index add6430f7edd..5c69d1489365 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -36,6 +36,7 @@ #include "hw/qdev-properties.h" #include "hw/i386/topology.h" #ifndef CONFIG_USER_ONLY +#include "confidential-guest.h" #include "system/reset.h" #include "qapi/qapi-commands-machine-target.h" #include "exec/address-spaces.h" @@ -8504,6 +8505,15 @@ static void x86_cpu_post_initfn(Object *obj) } =20 accel_cpu_instance_init(CPU(obj)); + +#ifndef CONFIG_USER_ONLY + MachineState *ms =3D MACHINE(object_dynamic_cast(qdev_get_machine(), + TYPE_MACHINE)); + if (ms && ms->cgs) { + x86_confidential_guest_cpu_instance_init(X86_CONFIDENTIAL_GUEST(ms= ->cgs), + (CPU(obj))); + } +#endif } =20 static void x86_cpu_init_default_topo(X86CPU *cpu) --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743516182; cv=none; d=zohomail.com; s=zohoarc; b=DfoveapVZaUI8d9k4DKG5FH/d7yx7O2A4Odf9wpU2k9HC6B956siSy8IGdS/bTf8lzAwt+dZem0dfQVLsgkJ/vI8BRyzcmGFh7sdOewC5C0RU9Uvw3t95gxejaw3i9KIvng6mbNrVevM85xHjTddPGKLtY2+grDqCg1fPpkhnZY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743516182; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=QGoontbSvzxt5RKWo3IR65qAzH+Bc0NVNf5r10v05F4=; b=XWzBScwtONa/u/3IsJoV4V1V1aDJDO4ChAiFpJ2T3EtF3i0hJ1Jbo8nb53+fltkoqnOdL7f0+wXpvSZMHgOKgFK1f5UJWbh0gZhKozOVdhtVm2Gf64QtmBMH1QXPEapaesru3TzT+CH9TC+GVK9l8wQzwQXrnXAVUgnLGHzK1YM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743516182701127.93104721747716; Tue, 1 Apr 2025 07:03:02 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbv9-0001SP-Nt; Tue, 01 Apr 2025 09:44:53 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtm-0000PT-T7 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:35 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtj-0006ZP-Uu for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:25 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:33 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:30 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515004; x=1775051004; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=SDnDEZ+HemTXUXZSKbpixVjsM4Gefo8sgbEfX5qG/N0=; b=gAnNtXae9bll6JPzoujvfXcpRJWqnHQQSKrMZBTXN32smDkBFj4Vacbb f3mgFa/NBtlikNey81dVl6ntTVwHf5MVffHSq7hANCY5kGDo+JjKlntlQ 5ShQm9y2Kli7Aogde4zSJ80ippP5kiqC9RTkVMn1XwZxgVDdRICmKQFy8 nrvr59PumU+BP+A0jZEmu6s6n+pWNl2QA788nyaaENH7rWOHvlNe4WGNI OS1QN6wxIqbUguM+GpsuplIgKpzsK42fbCXOxT7SC2QzCsyKTrFaG7imu CP/KCqm9QYDlj1KZkThUgnsx9Z8EIum0WJa2h4aIarSovEi9eQAnRmX4X g==; X-CSE-ConnectionGUID: AC0a8speSM6CNVT/ABshcA== X-CSE-MsgGUID: eeb92/dDT+KNULV0vfMe9A== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433435" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433435" X-CSE-ConnectionGUID: wFXhjZwiTBa/hM3OoZqZZw== X-CSE-MsgGUID: T32O+k1vQHqU1eaUlNSZgg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640107" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 32/55] i386/tdx: implement tdx_cpu_instance_init() Date: Tue, 1 Apr 2025 09:01:42 -0400 Message-Id: <20250401130205.2198253-33-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743516184480019100 Content-Type: text/plain; charset="utf-8" Currently, pmu is not supported for TDX by KVM. Signed-off-by: Xiaoyao Li --- chanegs in v6: - new patch; --- target/i386/kvm/tdx.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 282cdbd775c5..49e748af3949 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -400,6 +400,11 @@ static int tdx_kvm_type(X86ConfidentialGuest *cg) return KVM_X86_TDX_VM; } =20 +static void tdx_cpu_instance_init(X86ConfidentialGuest *cg, CPUState *cpu) +{ + object_property_set_bool(OBJECT(cpu), "pmu", false, &error_abort); +} + static int tdx_validate_attributes(TdxGuest *tdx, Error **errp) { if ((tdx->attributes & ~tdx_caps->supported_attrs)) { @@ -781,4 +786,5 @@ static void tdx_guest_class_init(ObjectClass *oc, void = *data) =20 klass->kvm_init =3D tdx_kvm_init; x86_klass->kvm_type =3D tdx_kvm_type; + x86_klass->cpu_instance_init =3D tdx_cpu_instance_init; } --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515666; cv=none; d=zohomail.com; s=zohoarc; b=eBF+92YpT/+NFI9uEl8g1zMKQE8y5j8gXimUeOFIszWZpc2mP1l/H0g87r4LeuU0Lft99VSpMJI6K65xBih/cPPoJWB/Sl19WT1gb3lHJ9TImaPl+nH7abBcGO9aGkDzsw8AJgGH5m6CAzEQdTw37fIgF1pyLBXIJmDwSKti0m4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515666; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=5pZ+8BZgObBIMeAVNiB80LiAttvi/+AJny/twYfgfX0=; b=nWC5U0W5yeqd30flI6JqbNV/vB2+PCfaWixzPwPkS1DGkbFpRvqYq0rNiqoZ+Ze+pkShZo2W7OxmrhcxX25wopwhYg7KX64BevjKbKtLMafy3eX18Y1BDhHkg1XRG9SkP1mGJpwAYSTAXmGgF3sTsBDrfdDULt4W6wmX6iI9S6I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515666141518.5395048253414; Tue, 1 Apr 2025 06:54:26 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbuh-0000pE-Od; Tue, 01 Apr 2025 09:44:24 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtp-0000Po-Pe for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:35 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtk-0006XQ-HW for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:26 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:35 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:33 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515004; x=1775051004; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=tFJxc0hPGYbpGryweTt7b9HNFUSwGfkJnzzXKhIIBxQ=; b=GfcI5b++b2uABryzGpV5akBDDHvSxku87J/XT55T0pQnmR7rKLMUT/ZE fu7ynYPKp2EKjYb7cgCAuisj9/eVzSPPTQ/dpChQyq0geGtm41twHB2UC ZEhQzR0YUfTCA6+OwF50Rzf/DvCxdI43blgnoY50JBKHTAFDF6nzGavCT JVWvEIUmyizjSe7bWElL4I21goMuq9wPY/8ECHog7tnUhiANOEO6xj5NC JlMy9dfL1J/SFXONYLzZ+kayu3UX6fOtF3JCO/xq95Ksw3S/h8n8YbfsA 0xrDfw4d7803dAiQIsJOyg1rKnIuPp++YWJ+XHhYyaRswatGbunBA+PB+ Q==; X-CSE-ConnectionGUID: Yf57CIOdQv+RF8KxDRAAIw== X-CSE-MsgGUID: kdnkS+0sRBafJGKUlKCO5g== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433444" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433444" X-CSE-ConnectionGUID: 79LCMqYaRSqf1SZ299nHkg== X-CSE-MsgGUID: NrzSPPumTFKE8piPTEdf0A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640114" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 33/55] i386/cpu: Introduce enable_cpuid_0x1f to force exposing CPUID 0x1f Date: Tue, 1 Apr 2025 09:01:43 -0400 Message-Id: <20250401130205.2198253-34-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515668311019000 Content-Type: text/plain; charset="utf-8" Currently, QEMU exposes CPUID 0x1f to guest only when necessary, i.e., when topology level that cannot be enumerated by leaf 0xB, e.g., die or module level, are configured for the guest, e.g., -smp xx,dies=3D2. However, TDX architecture forces to require CPUID 0x1f to configure CPU topology. Introduce a bool flag, enable_cpuid_0x1f, in CPU for the case that requires CPUID leaf 0x1f to be exposed to guest. Introduce a new function x86_has_cpuid_0x1f(), which is the warpper of cpu->enable_cpuid_0x1f and x86_has_extended_topo() to check if it needs to enable cpuid leaf 0x1f for the guest. Signed-off-by: Xiaoyao Li --- target/i386/cpu.c | 4 ++-- target/i386/cpu.h | 9 +++++++++ target/i386/kvm/kvm.c | 2 +- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 5c69d1489365..f219961b62cd 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -7006,7 +7006,7 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, = uint32_t count, break; case 0x1F: /* V2 Extended Topology Enumeration Leaf */ - if (!x86_has_extended_topo(env->avail_cpu_topo)) { + if (!x86_has_cpuid_0x1f(cpu)) { *eax =3D *ebx =3D *ecx =3D *edx =3D 0; break; } @@ -7870,7 +7870,7 @@ void x86_cpu_expand_features(X86CPU *cpu, Error **err= p) * cpu->vendor_cpuid_only has been unset for compatibility with ol= der * machine types. */ - if (x86_has_extended_topo(env->avail_cpu_topo) && + if (x86_has_cpuid_0x1f(cpu) && (IS_INTEL_CPU(env) || !cpu->vendor_cpuid_only)) { x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x1F); } diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 76f24446a55d..3910b488f775 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -2251,6 +2251,9 @@ struct ArchCPU { /* Compatibility bits for old machine types: */ bool enable_cpuid_0xb; =20 + /* Force to enable cpuid 0x1f */ + bool enable_cpuid_0x1f; + /* Enable auto level-increase for all CPUID leaves */ bool full_cpuid_auto_level; =20 @@ -2513,6 +2516,12 @@ void host_cpuid(uint32_t function, uint32_t count, uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx= ); bool cpu_has_x2apic_feature(CPUX86State *env); =20 +static inline bool x86_has_cpuid_0x1f(X86CPU *cpu) +{ + return cpu->enable_cpuid_0x1f || + x86_has_extended_topo(cpu->env.avail_cpu_topo); +} + /* helper.c */ void x86_cpu_set_a20(X86CPU *cpu, int a20_state); void cpu_sync_avx_hflag(CPUX86State *env); diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index a76f34537908..741b50181ed9 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -1871,7 +1871,7 @@ uint32_t kvm_x86_build_cpuid(CPUX86State *env, struct= kvm_cpuid_entry2 *entries, break; } case 0x1f: - if (!x86_has_extended_topo(env->avail_cpu_topo)) { + if (!x86_has_cpuid_0x1f(env_archcpu(env))) { cpuid_i--; break; } --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743516171; cv=none; d=zohomail.com; s=zohoarc; b=F9nDC0H0f1nI/RLlUO2bDpc7B/FT+P8kWY/CUrDzRLwNM5p+Cd00vy5KyuZFjlol3Kq9aSAnoks5nsVFNTCCI9vQvOrWwNo2XR+L40K2YSqIF+IRhjGfy1bSxnXR6Jo14wlKXmJqlzFhR/mSJ4wJr1KHRtv8CAwKCblK9EucngI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743516171; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=7xBHFU6GUdEUzv7w73UyP8BpLaWvXeAkuGLwM3RDNTE=; b=Zdton4XujZNktcKQhLwxZ523LHA8traprK2EdGCjvyZ/hYYZxSmWwLtXGfp2nIpHw/mad6zLHS/H2cAAWng8EJFWMg/yy+k1/0Qwjmq1lr52E7My8+mDOLxV2YlP0tFEGWe1pmwhRs8f9HpKzGOir3+EY7JNfY7FWX/30wlA810= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743516171885835.9970369798465; Tue, 1 Apr 2025 07:02:51 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbvU-0002Da-O0; Tue, 01 Apr 2025 09:45:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbu7-0000Us-Ke for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:00 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbtz-0006ZP-Uo for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:41 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:38 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:35 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515020; x=1775051020; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=m2lenDu9bW+75Eq/1SrtcTJxjbE4TtBg2fjTNckDDXI=; b=WR0raWR+n+saTmeX5r1PxOGEP9P7uwnfgftuZx+na1sckB5lIl5rnBXN Du9zNskUw/QhFfUna2TBwxPVTMF1QrrPzXoyEKmlGZozXMvO1PKcvJS/N ez1nhDlBplsl5fLEZg84U4oapvpQOIoWa/Xe1IBPompog58qT4DRj33CU XQ21uCIuq7cBm86PilXKSsDYGMqk5dY16y3Kc00InUU19hFl4N718XPj1 W43uZGjajWT+v/gRFP66NcNw2Hw5LVTdK2dR1PxQ97Db8hijIGnlFqf4o Apxv8ulCPEFDZCDe1ouQi04/ZIiNksNNfQmKc++5KuH/537iVjlAbyJPU Q==; X-CSE-ConnectionGUID: zlxCR1usRb61QeHvWIQX3Q== X-CSE-MsgGUID: xm1lJvkBRFKcgvUvC1Z6kA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433454" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433454" X-CSE-ConnectionGUID: CuHhDGo4STK41z4uWKR32g== X-CSE-MsgGUID: k1cFb/oQSt6lOreAfVcxFw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640123" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 34/55] i386/tdx: Force exposing CPUID 0x1f Date: Tue, 1 Apr 2025 09:01:44 -0400 Message-Id: <20250401130205.2198253-35-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743516174461019100 Content-Type: text/plain; charset="utf-8" TDX uses CPUID 0x1f to configure TD guest's CPU topology. So set enable_cpuid_0x1f for TDs. Signed-off-by: Xiaoyao Li --- target/i386/kvm/tdx.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 49e748af3949..b0616eb3d371 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -402,7 +402,11 @@ static int tdx_kvm_type(X86ConfidentialGuest *cg) =20 static void tdx_cpu_instance_init(X86ConfidentialGuest *cg, CPUState *cpu) { + X86CPU *x86cpu =3D X86_CPU(cpu); + object_property_set_bool(OBJECT(cpu), "pmu", false, &error_abort); + + x86cpu->enable_cpuid_0x1f =3D true; } =20 static int tdx_validate_attributes(TdxGuest *tdx, Error **errp) --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515707; cv=none; d=zohomail.com; s=zohoarc; b=bhxRqKPRv2HluuwLUtTMaiyI//Q3bi+KrkQNiqpRblonq+s3KPuCnQjBP/eZTXsQMk02Vg/VEm0lMausTVmnhTh9M5GC3kBlvqqapUeseZ5pWFiU2j3uaIhbtbhi7Xh1APzCXBMzUcqOiK7yuh63jTFi3wNpIlNx61SRYWgWd1I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515707; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=Pb955zOXAnOrIQdEFuBeKzNukscmTChEJPzRw+4YdrE=; b=ZdpxiVbY52hAHUv1mExsDq/HiIg9e6snwVF8eoM0NAAWSH8IawqLEq+W/yhcoYVct/XH55vyOHzXLv/tiNzaH9uEGyqv7SpQn6vWuj33/BjB71a9xDcjw1+X9VYuQ0KsGMZ6XyX4XPb8OMAs0mcLzRvhOu3HD42p8D1owtfe/NI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 17435157078161008.2489436217778; Tue, 1 Apr 2025 06:55:07 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbuh-0000oZ-3N; Tue, 01 Apr 2025 09:44:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbu0-0000U9-JB for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:58 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbty-0006Zf-SI for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:40 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:40 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:38 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515019; x=1775051019; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=cAro8MzxFmRGhh9aV6WIQcVxy6QrVJYyqaC9eDj7okM=; b=CO93svLPrdU0thOky8w7wgZgfrlF+75BvVE8lnQRKN1CE9F8o7W6GE+L Dd+tVQU07ftrk+NRPKdBYsROx00Fh7Kf103z+ej/FCwYQoOhTXq8tz0DD wgtGaUBOdtDV2pYs5xASi+P6ATsbtnDrHLIZy+QcP2mHxfswqD6J6LnK1 Uv1XJUYUuh1zIJTIag3SHLuzrTLGwjqB+vMpQisZxLwtE1iJNOo1cl7Hd YtEI7A2IRPoFNHDR51kP3XpXFdl4Mrohwq033YOrlW8Aw5+Rb9nQhjRHQ 0JVh4jkYwMhLToh+z+oMfbqqH9k/wl72ZehODjh+Hj9LJOGzTvkV8p8E3 Q==; X-CSE-ConnectionGUID: jiXApwvwRNW5pABHh4lkiw== X-CSE-MsgGUID: pSc6p5KzRCimV7wTMhL+uA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433460" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433460" X-CSE-ConnectionGUID: h39X+B+yS9urmiKsWvvY4g== X-CSE-MsgGUID: be4NTG0ARhGb5pVSGoXFfA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640129" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 35/55] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM Date: Tue, 1 Apr 2025 09:01:45 -0400 Message-Id: <20250401130205.2198253-36-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515709973019000 Content-Type: text/plain; charset="utf-8" TDX only supports readonly for shared memory but not for private memory. In the view of QEMU, it has no idea whether a memslot is used as shared memory of private. Thus just mark kvm_readonly_mem_enabled to false to TDX VM for simplicity. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- target/i386/kvm/tdx.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index b0616eb3d371..a816f57043f6 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -386,6 +386,15 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs,= Error **errp) return -EOPNOTSUPP; } =20 + /* + * Set kvm_readonly_mem_allowed to false, because TDX only supports re= adonly + * memory for shared memory but not for private memory. Besides, wheth= er a + * memslot is private or shared is not determined by QEMU. + * + * Thus, just mark readonly memory not supported for simplicity. + */ + kvm_readonly_mem_allowed =3D false; + qemu_add_machine_init_done_notifier(&tdx_machine_done_notify); =20 tdx_guest =3D tdx; --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515694; cv=none; d=zohomail.com; s=zohoarc; b=OYAA1e7sjnDMkxJ1kUcg2iTMiyxBB4Sh794Lu08SxNlVSLywGDE4QKvQiRyydkraa/SqLtmw4UJ1elX1A8tvvJ3z/ObvLXtga1S/5Y7cJfi5kjujBQYde9O7Cal8KqEnkkG+gh/nAQ93n56duwlT/vapqtG1PPIHUo1bIJrGl2g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515694; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=wLQOUv1bz06HgKGCV4EaYxlDccd8mh3Djf8olyjQdJY=; b=j4Xtl1VHSnAYt0bGlyi2HWYU/MneVR+FOcYFsDDdx6N7L7zoEHZt85Lf3JHsahYUpoGuO8EaUtQD1ftMAIlOitx3FaSEOyRFrV/wedyc73O11dRUKS/OG9Uvz058XX/j9zeNGWrobBAF1njRaoVz47ig/fwK78XEu/EfcCE/xe4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515694657718.6044288865486; Tue, 1 Apr 2025 06:54:54 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbxy-0004Cp-TJ; Tue, 01 Apr 2025 09:47:55 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbu7-0000Uu-Kb for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:00 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbu1-0006XQ-1Q for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:45 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:43 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:40 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515021; x=1775051021; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=HwScKJFzwiqf5BzHfzfSKnBgtID2JLDKcoV7qGODNiU=; b=XAt4YXyHOINujcGMCrdzj5do+tdAqOZbm4Hp+U+MZyfzD38WMSru0cLW nkfkLzJvOHBB76q1I55aoH/zhDpPHXZ1MCSJ0293+bu/31P1BX/fj8yFG 2ME5abEBuZvh9XQ696521SwFsvYtTnbq3cI+2/HfLMvKYzmLbrDz5TDiG o11D7dDLD2DcBI6L2ydLV7ZE2y8tUkkrqhpLM67YueX9mVBggxEaRAE0U MlpiRtM821jdux8T7OuPXH2lwjNosHpSQfDHM37OKdgrB3pyCTuyHhVP/ zLU2lT/UoPzIdoayHoGAytFfl/D+3NHkN5uRUe/2SP9/fHps3gPNMGbo9 w==; X-CSE-ConnectionGUID: 72uM4vEfTLCJr39EGznR5A== X-CSE-MsgGUID: cictwSCOREu4JixzfmBr9Q== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433466" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433466" X-CSE-ConnectionGUID: gJVZlGc0Toe5Wi8jv/Td2w== X-CSE-MsgGUID: uBjGreyaRDGGHB9LO4o5bw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640134" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 36/55] i386/tdx: Disable SMM for TDX VMs Date: Tue, 1 Apr 2025 09:01:46 -0400 Message-Id: <20250401130205.2198253-37-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515695919019000 Content-Type: text/plain; charset="utf-8" TDX doesn't support SMM and VMM cannot emulate SMM for TDX VMs because VMM cannot manipulate TDX VM's memory. Disable SMM for TDX VMs and error out if user requests to enable SMM. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann Reviewed-by: Daniel P. Berrang=C3=A9 --- target/i386/kvm/tdx.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index a816f57043f6..0eefd058f7a2 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -369,11 +369,20 @@ static Notifier tdx_machine_done_notify =3D { =20 static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) { + MachineState *ms =3D MACHINE(qdev_get_machine()); + X86MachineState *x86ms =3D X86_MACHINE(ms); TdxGuest *tdx =3D TDX_GUEST(cgs); int r =3D 0; =20 kvm_mark_guest_state_protected(); =20 + if (x86ms->smm =3D=3D ON_OFF_AUTO_AUTO) { + x86ms->smm =3D ON_OFF_AUTO_OFF; + } else if (x86ms->smm =3D=3D ON_OFF_AUTO_ON) { + error_setg(errp, "TDX VM doesn't support SMM"); + return -EINVAL; + } + if (!tdx_caps) { r =3D get_tdx_capabilities(errp); if (r) { --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743518380; cv=none; d=zohomail.com; s=zohoarc; b=MrkdUe5A6stoyUKUavtweXj4rQYUJpBiYuPhl/DkuRIE0hDk+wOgqMKvJGS/St/MBrVDFe7Glbbv3WnA8dvHe1ZsUdWjnXNOtUqYWHu92ZVk5ilElrEgn8y+70OZLF6CZbfni3VbCaRrt/WDcyIzsFRlfSzSQmjuGkYerswvKWs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743518380; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=PGZy+I0deTs+g3yJl2U3yByVtr9+2Jm1QifNo3I5skg=; b=S6Yz7/LvAqh8aOpeuRbx/D/pH9xlxri2O5qFT3iZYUdfsiH6Fr6wD/+3XphbW9tIzNYCrWsz83iXsuf6hVIJ8JW3I4cBapRqqVXSMpc/sDKsAp1M9ZbolDen6Pl4EJFYmGuSayyLpDfUE+3Igf9aS7oTC4eP0cmCkpB2lObmozs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743518379935767.4336785724506; Tue, 1 Apr 2025 07:39:39 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbz0-0006J7-1I; Tue, 01 Apr 2025 09:48:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuI-0000Yw-ST for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:06 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuE-0006Zf-8g for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:43:57 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:45 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:43 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515034; x=1775051034; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=xsvCG5PKYAl5zA9Q6TrXmGU62MgEcnF7Km+/JJfw55A=; b=lFXSDnHkiZDwdh3y8XHNa+JTiG1HsOJPnQkNcdXVuzieAAjil1Rh+bc2 eRy5GoIHK3uGSksQtHc8cI7pAwiDnx1wVrWWo7++tczK5xjK7ocKWHSCq DZ7oMK4W5f9pc9KIw9zdgTqzAU7YaV5tq/9kfEyg5756Lb6F4gdwIqERu FdzlqjZJ9TEyyucVJ4Eg16+dNEw06VkySs3cFc92VXybMCpDCzC4OFoNI 2C83ovm0eMNGtPhA/0ns84AlWZ0mYgNInWmBQm77RT1Pcv4WXVsHrbfHH dhnd7ZArMBmevVPPXxMwWq6+hpG+DbDIVqohYKuKuq0fjbDLYH5sj5Uhe Q==; X-CSE-ConnectionGUID: gc/p/NPoQuac9f+AExTFhA== X-CSE-MsgGUID: ltJPWSJiSd2v7h19yRnoeQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433475" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433475" X-CSE-ConnectionGUID: sSLWwrCwRIa6OTLqXtIk9w== X-CSE-MsgGUID: glcSvyNBQDqTQZA5/m9tew== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640145" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 37/55] i386/tdx: Disable PIC for TDX VMs Date: Tue, 1 Apr 2025 09:01:47 -0400 Message-Id: <20250401130205.2198253-38-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743518381965019000 Content-Type: text/plain; charset="utf-8" Legacy PIC (8259) cannot be supported for TDX VMs since TDX module doesn't allow directly interrupt injection. Using posted interrupts for the PIC is not a viable option as the guest BIOS/kernel will not do EOI for PIC IRQs, i.e. will leave the vIRR bit set. Hence disable PIC for TDX VMs and error out if user wants PIC. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann Reviewed-by: Daniel P. Berrang=C3=A9 --- target/i386/kvm/tdx.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 0eefd058f7a2..0d30506c2021 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -383,6 +383,13 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs,= Error **errp) return -EINVAL; } =20 + if (x86ms->pic =3D=3D ON_OFF_AUTO_AUTO) { + x86ms->pic =3D ON_OFF_AUTO_OFF; + } else if (x86ms->pic =3D=3D ON_OFF_AUTO_ON) { + error_setg(errp, "TDX VM doesn't support PIC"); + return -EINVAL; + } + if (!tdx_caps) { r =3D get_tdx_capabilities(errp); if (r) { --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515840; cv=none; d=zohomail.com; s=zohoarc; b=Ix02PCi+3ww2UuLpihXX7Do09fvO5qBbWEdJaK39ms4H2Iha0Uyee+9zk9OfuzVwWIUZXijSfAeFq3iN8bpS2jEtmc8oTP/w5Ny1iu+mN35rIMYeoVDjfuIGThOpvOU6pv/EPf3n/IzY6DgEzz6ZqqZamhPFs2Asqf5aosE0whY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515840; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=1cZKQsUPXHz10fvO+pSiPFJja10cTTzv7yMS/jDUqQY=; b=JQzXoi3SfjXgguubA54/fHSKDAffpsk1WXMLzHh8aaqsaZRJgyAqle6UcmAcHGq4xOuZjRn3EPXVzAOH6q9Ic2T6QvdRk7vpWjkwXUK4MYkCmw2alpExyZ467g9xQCzIbcEK5fMlwMMm+1lJ6IHZYcH9K3LW5aeTCvX6OjS2XpA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515840128203.07439648302386; Tue, 1 Apr 2025 06:57:20 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbyY-00050a-LI; Tue, 01 Apr 2025 09:48:25 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuL-0000ZM-Jf for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:06 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuJ-0006ZP-Rw for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:01 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:48 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:45 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515040; x=1775051040; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=UW3eh1d/yIqkVIs20XJ3rA7CLhgkMPTvF23AkfBXCms=; b=f12gi7RDaKgFxp+X/UmzWttVBoQ7Srja+SoU/Ri/2F2ir/mdAuEyolI0 970X6uKp5W8Roa9VmJyNICrlYFscvi29C29duquwq4dj7s4RwB5qHz0l2 FTwcfzBw87UK2tnC1g0JR502mTwK/ULWJqblBgXJ1EUPZX4uVKdt4SC9r 8TX4mSPCBmptSr89x+QbuBe6vjWSPJ5DZLEnZUBCAcJWqCyapbo7tDq4S azO5boeXxc7pNN1KyC0ZQ7nCzHWcGPo2WXtj3+glMXUCX4qk54fjtjnCi +7YPuyqbFzHQgMpxlx8nds05Gm5VuhPAjpTw3RAMX1QE2iHE+zjjelO2X Q==; X-CSE-ConnectionGUID: lBlblmw3Sa+wCTRyhtftoA== X-CSE-MsgGUID: F0AdUXtbSDufEeYvTuBrhg== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433483" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433483" X-CSE-ConnectionGUID: X8AXFYTmRp+31arsHcsM1A== X-CSE-MsgGUID: szIn5RjrShO/5hmlcbC1Bw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640150" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 38/55] i386/tdx: Set and check kernel_irqchip mode for TDX Date: Tue, 1 Apr 2025 09:01:48 -0400 Message-Id: <20250401130205.2198253-39-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515842760019100 KVM mandates kernel_irqchip to be split mode. Set it to split mode automatically when users don't provide an explicit value, otherwise check it to be the split mode. Suggested-by: Daniel P. Berrang=C3=A9 Signed-off-by: Xiaoyao Li Reviewed-by: Daniel P. Berrang=C3=A9 --- target/i386/kvm/tdx.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 0d30506c2021..4128f27d6b64 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -16,6 +16,7 @@ #include "qapi/error.h" #include "qom/object_interfaces.h" #include "crypto/hash.h" +#include "system/kvm_int.h" #include "system/runstate.h" #include "system/system.h" #include "exec/ramblock.h" @@ -390,6 +391,13 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs,= Error **errp) return -EINVAL; } =20 + if (kvm_state->kernel_irqchip_split =3D=3D ON_OFF_AUTO_AUTO ) { + kvm_state->kernel_irqchip_split =3D ON_OFF_AUTO_ON; + } else if(kvm_state->kernel_irqchip_split !=3D ON_OFF_AUTO_ON) { + error_setg(errp, "TDX VM requires kernel_irqchip to be split"); + return -EINVAL; + } + if (!tdx_caps) { r =3D get_tdx_capabilities(errp); if (r) { --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743516142; cv=none; d=zohomail.com; s=zohoarc; b=QGgwFNbo6PkETBZG5Ag7M9Cq/z8xyEfrYKpFTXilgurZwWriC6rwN4b+AqaEVPhZZRvwfhcFBRJJHBj50NZBHa+GyqxyIX5r/7tzib/fVYW7HPv9KYRjSJn0zcxD9p9cnCFUQYCvdqurxHHiNl4WCUFG7nko9yKEqlPaXSZSdII= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743516142; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=G8ekRxYM1v63/wHutuAoik2h1zXqjJq0+j3VsIZV3Fc=; b=YK4Hzb9+GBKkf/vhSsLV+wL8yYQVQ+uDQBRTbbgL9j7yyznMkgcBvQayNTarGckG3wvJmIhC8Vh5esh1nZSRqACLyPJ19Bgz0AA7dV646iKoV52Cu10hDsB+4O96d/cvzotQlwOcWNlNfHv4j3amHY7Z1mBDMpiUDUP+maPIuqI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743516142298859.8392201444227; Tue, 1 Apr 2025 07:02:22 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbvS-00026q-4E; Tue, 01 Apr 2025 09:45:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuK-0000Yz-Di for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:06 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuI-0006XQ-K5 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:00 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:50 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:48 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515038; x=1775051038; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=VD5cLhhOxm2rY5XZ6+nf6tMgf/SKVeJGzlvaWHkLI9U=; b=hRMHFNZEFy/V5tFapzLwT3tDnSyfg1hkbYNV/dQOqS24Laf8lH0fAviH +jcZqh/257Ako0UF9aoUc17orZtNxqv9DO/1IveI7rRRgUbHVyh20lBWV I5J6rb/EVb406Sx1SvMj1gWsEhjzWxr4WzgTvHnOwL4qjZmIw3ETWwAN/ zGZ3j9FkyI8rFonNuRv10GH9SKLA77UXQDU2xoAfAdwetDQSapl7ZZz1D EJMouAfiCbIDtv/CLOTlbgj9PTC9wLJfB6KBJ5V25pAFGWbVLZE5B9ENc iOrOeCDm5Zat/3HSOSCs9jJp1rylR035R7KNj8zNw7EebZinp7++W76+r A==; X-CSE-ConnectionGUID: ysdbOeWAR9eCH1BfQnr2Ng== X-CSE-MsgGUID: BVAStVxiRX+R5wBGUnK+SQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433490" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433490" X-CSE-ConnectionGUID: eHzSK8AcS9SW3O5F+CDu4g== X-CSE-MsgGUID: KuK8mVWiTDa1Wj3/LjYC2Q== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640158" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 39/55] i386/tdx: Don't synchronize guest tsc for TDs Date: Tue, 1 Apr 2025 09:01:49 -0400 Message-Id: <20250401130205.2198253-40-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743516144533019100 Content-Type: text/plain; charset="utf-8" From: Isaku Yamahata TSC of TDs is not accessible and KVM doesn't allow access of MSR_IA32_TSC for TDs. To avoid the assert() in kvm_get_tsc, make kvm_synchronize_all_tsc() noop for TDs, Signed-off-by: Isaku Yamahata Reviewed-by: Connor Kuehl Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- target/i386/kvm/kvm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 741b50181ed9..ead1d0263385 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -327,7 +327,7 @@ void kvm_synchronize_all_tsc(void) { CPUState *cpu; =20 - if (kvm_enabled()) { + if (kvm_enabled() && !is_tdx_vm()) { CPU_FOREACH(cpu) { run_on_cpu(cpu, do_kvm_synchronize_tsc, RUN_ON_CPU_NULL); } --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515503; cv=none; d=zohomail.com; s=zohoarc; b=Whwa4mN9SlF9H40XuUL57IzNQGgkimq+LNKv9PpA/n8gINUDs3RkZCswgwLmG8JZAOpGr3O3q20/kpA6mtTQvrsXaNVnXd1idNEF2AAbzZcfQnB17MsdUlqUYtMm0PPgGW7AcCWaoGP8CwVUGjxdN/nrQkuphkxofeRm62SjJcQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515503; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=EesdMYE7HUVZJ4GqxcNg3XkBBvvvWKPgKfDrnCPRlIU=; b=if9fspGc42rSeSzAcCIBMqEHCcd7B8lGeZA5hI9uVzwCnI9IU0BmOf/lf2R7qwDHt1gDxT0MCLYRRpSh1aGj4/cjNZUfM0W3n+gWNXSbnN6xrijgoZiFfR6VAqHjqlmYtx6dmOuqDavRxQ6ixLraRMMvN1eNb+RYxx8kgH3dmXU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515503555114.99798596240441; Tue, 1 Apr 2025 06:51:43 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbvO-0001zf-RQ; Tue, 01 Apr 2025 09:45:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuV-0000im-By for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:12 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuT-0006Zf-73 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:10 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:52 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:50 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515049; x=1775051049; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=1ZBokcORlkGr+ynt1gqXnRjHyyHWXe5wnMVgE1+YOYs=; b=LKT1a1G7sjXhqI2J5eVr4k0/SFMREybznh11RovJaEifZjmpTctIUF55 QHBQvTZM7JTIeSmwqLYMLcyECivk75oD1LqEw43KEuEI8jo5xtO2MBWcw 6LP0qWOqbg1Hmhlx+KLwFCKCK9uWv83YUzxRNJsfT5KeFSzUdAoCqBjGn CoxovH1ZuNmgZ3vadotF00+ZdnCbLOrJzKLkpTyal085jVReUPPpnNAnS BwZVrX3BvvkpidzAxGOw0CHRpGcQfHDgrGXDPa54R/2GRvSIoX/eJZNuE z73rOj6oMMBE2LjFRx1yXP7+pNI3O0qRZvMNOeJTYP5GGgb2wQ0zUrjgZ g==; X-CSE-ConnectionGUID: PbnNOerATTqkdG2HL5PCWQ== X-CSE-MsgGUID: Fv4MEc85T4alLnfJOcn08Q== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433497" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433497" X-CSE-ConnectionGUID: w6T7dAh9R1eyb6hNqpWTfA== X-CSE-MsgGUID: 0B0N4jWdQIqIXkFONq4R8g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640163" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 40/55] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() for TDs Date: Tue, 1 Apr 2025 09:01:50 -0400 Message-Id: <20250401130205.2198253-41-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515506012019100 Content-Type: text/plain; charset="utf-8" For TDs, only MSR_IA32_UCODE_REV in kvm_init_msrs() can be configured by VMM, while the features enumerated/controlled by other MSRs except MSR_IA32_UCODE_REV in kvm_init_msrs() are not under control of VMM. Only configure MSR_IA32_UCODE_REV for TDs. Signed-off-by: Xiaoyao Li Acked-by: Gerd Hoffmann --- target/i386/kvm/kvm.c | 44 ++++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index ead1d0263385..4078ba40473e 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -3863,32 +3863,34 @@ static void kvm_init_msrs(X86CPU *cpu) CPUX86State *env =3D &cpu->env; =20 kvm_msr_buf_reset(cpu); - if (has_msr_arch_capabs) { - kvm_msr_entry_add(cpu, MSR_IA32_ARCH_CAPABILITIES, - env->features[FEAT_ARCH_CAPABILITIES]); - } - - if (has_msr_core_capabs) { - kvm_msr_entry_add(cpu, MSR_IA32_CORE_CAPABILITY, - env->features[FEAT_CORE_CAPABILITY]); - } - - if (has_msr_perf_capabs && cpu->enable_pmu) { - kvm_msr_entry_add_perf(cpu, env->features); + + if (!is_tdx_vm()) { + if (has_msr_arch_capabs) { + kvm_msr_entry_add(cpu, MSR_IA32_ARCH_CAPABILITIES, + env->features[FEAT_ARCH_CAPABILITIES]); + } + + if (has_msr_core_capabs) { + kvm_msr_entry_add(cpu, MSR_IA32_CORE_CAPABILITY, + env->features[FEAT_CORE_CAPABILITY]); + } + + if (has_msr_perf_capabs && cpu->enable_pmu) { + kvm_msr_entry_add_perf(cpu, env->features); + } + + /* + * Older kernels do not include VMX MSRs in KVM_GET_MSR_INDEX_LIST= , but + * all kernels with MSR features should have them. + */ + if (kvm_feature_msrs && cpu_has_vmx(env)) { + kvm_msr_entry_add_vmx(cpu, env->features); + } } =20 if (has_msr_ucode_rev) { kvm_msr_entry_add(cpu, MSR_IA32_UCODE_REV, cpu->ucode_rev); } - - /* - * Older kernels do not include VMX MSRs in KVM_GET_MSR_INDEX_LIST, but - * all kernels with MSR features should have them. - */ - if (kvm_feature_msrs && cpu_has_vmx(env)) { - kvm_msr_entry_add_vmx(cpu, env->features); - } - assert(kvm_buf_set_msrs(cpu) =3D=3D 0); } =20 --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515796; cv=none; d=zohomail.com; s=zohoarc; b=QnDh4Egq2KtCAPzDIdweAjFHX3lYfcMZHH1WNEKS2yglQPLxbQSAVP49zVS7DNa/cRZ6xYtCjOp4ctQIFFKjgbeGgT7x7A9eFqtMiyvMqDIoCYz8UA0ROM4c/lAtaQxJf+aBjm0h+qAyZrtVmsO0R+ooFdII7L8rJh49joSvIo8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515796; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=77xTZmer5l7v3jghWBl/kb5k8rb6I3sOljreaPu7sGc=; b=Goue/xGJUGasqkJKJ8JYt7534QiTjDhJUOijZe0ObJYp+kOqpEZBpgQIAgzSei1s8OKo3/xVYobCwZmsfp/5mc1D8HFtP/S/a495cSA2UkDBUUXg3pO4G1hdM/OHsf7HufWiIxpGDZR9vqKjb4z8vZ9uCqf7yUHEbsHIcMV4Pwg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515796195155.39248189635487; Tue, 1 Apr 2025 06:56:36 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbvh-0002o0-Kw; Tue, 01 Apr 2025 09:45:28 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuY-0000jL-2E for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:18 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuU-0006XQ-On for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:12 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:55 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:52 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515051; x=1775051051; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=XivRqsU75f1UeqvfNnKISLROmXQcU9CQq1uW4OiP9Sw=; b=MGhedKX0sMV6pa/0v9H24EShiLq6/3XQFxup683bQ1L9H+aBv6rmOeG0 JNrSvhVkz4NTKuxWMzWhBA5rOiQq07iKPSearvphN0IKR2qupTuY/Nc4T +XnuzVXLkoUja+UxmaI9f4ioZ4eGaMJ1tI6aicVDJer+Ng/wnEbq0SuzY R1dwPGB2grhPxXY2+S5SejQDHL5PmbKHnOv7oTUciURmDJE6i0wjc/ZtB ImJ0SS6BEN2EvJHn1wGcpgfaJiJbgPLgnSxZdT3ZcmeUgi1weNe268cMM BfHZ6U7XcixBi+Ifc+YeZbjih+I7Rg3Kp5W0c8eY8C//Zfx9urmP68as4 w==; X-CSE-ConnectionGUID: DZNiyhvGS2SQp9pd3UtfFA== X-CSE-MsgGUID: bUDI57fSR5ud6YnWdKt/WA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433502" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433502" X-CSE-ConnectionGUID: Psx4vOG5SZKGPo8x3TRaFA== X-CSE-MsgGUID: WPN9Q/hgQhKr3ThsmXGcoQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640171" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 41/55] i386/apic: Skip kvm_apic_put() for TDX Date: Tue, 1 Apr 2025 09:01:51 -0400 Message-Id: <20250401130205.2198253-42-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515798602019100 Content-Type: text/plain; charset="utf-8" KVM neithers allow writing to MSR_IA32_APICBASE for TDs, nor allow for KVM_SET_LAPIC[*]. Note, KVM_GET_LAPIC is also disallowed for TDX. It is called in the path do_kvm_cpu_synchronize_state() -> kvm_arch_get_registers() -> kvm_get_apic() and it's already disllowed for confidential guest through guest_state_protected. [*] https://lore.kernel.org/all/Z3w4Ku4Jq0CrtXne@google.com/ Signed-off-by: Xiaoyao Li --- Changes in v8: - Fix the coding style; (Francesco) --- hw/i386/kvm/apic.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hw/i386/kvm/apic.c b/hw/i386/kvm/apic.c index 757510600098..cb65fca49586 100644 --- a/hw/i386/kvm/apic.c +++ b/hw/i386/kvm/apic.c @@ -17,6 +17,7 @@ #include "system/hw_accel.h" #include "system/kvm.h" #include "kvm/kvm_i386.h" +#include "kvm/tdx.h" =20 static inline void kvm_apic_set_reg(struct kvm_lapic_state *kapic, int reg_id, uint32_t val) @@ -141,6 +142,10 @@ static void kvm_apic_put(CPUState *cs, run_on_cpu_data= data) struct kvm_lapic_state kapic; int ret; =20 + if (is_tdx_vm()) { + return; + } + kvm_put_apicbase(s->cpu, s->apicbase); kvm_put_apic_state(s, &kapic); =20 --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515327; cv=none; d=zohomail.com; s=zohoarc; b=j4ps+DqOKK7peYxvRSJumMlJav1N6GNakFKHAyiZX+OzUut3bVeGcNS13Bis2yA4JWjVfKpiDyWS91cWTpBinkLxjTj0n2bC7xEt00724BHvJhR0rfcSnSz2oIayjbfeCwwiEcyqIHI+5nAmi9MbluRCAMcSGJaj1ZqYtaIuJTQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515327; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=gxPCHcMNwBvCLOFnCdDmGbsoiW/4/hdQ65mGqhAUm+g=; b=PUeQ/QAyokYHNwkfJWFj10VhEakkSVBK8l9PCWM+54m47lz+euugkds0jOeeT3lEcNT4Jxvywm2KXnJMCXkDglBOu/wRuGRppMUytVKq8ZL0F6vPdpSVe13n5gkgp2Oqymezi/Gr4+Aio+3Imx3giuF0hCABbqfGZNGKtTujjsA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515327557204.2844094390049; Tue, 1 Apr 2025 06:48:47 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbwG-00035O-OT; Tue, 01 Apr 2025 09:46:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuY-0000jM-2X for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:18 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuW-0006ZP-2B for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:13 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:42:57 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:55 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515052; x=1775051052; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=GpbiAevDOu7dBEajhCo3Fos/R3B4WgEf7uAd71HM9uI=; b=NReaV5hg0XphAAa3bbn8oj8uZlcTon3Kql7ktWm8aqdIXUg3Tvxy6wP3 XqAH2nk33BbIi+np0HSn/adrj57qrtq+P5RCBh/AyIB8hDDD/Ka+Cz8oZ RFQTEEZ7ahP5rzTSQ/3b8sluuc1SXQl6VzyHR8b/1fNoB5E1cBDjRNUpU UYyA/59A7nuqNbtWWI5GXdbjgsS7CpoKKMVZcjeI39EiDerYviNgj2BzM kNT2Y4ss7ocHobIbY2n9g7N2w3WdK5DtZUXiBVawbmXEFaBHjygbBCyOA nD4HQqX8ItCX93+9Vzt4uuUbUXduEVxk7d2v/vCu7po+skgV9Xz0XhQ2v w==; X-CSE-ConnectionGUID: agh/lOzoTOu5jWkdDJefFg== X-CSE-MsgGUID: LPZTZNDNS0eevMFDP52N5A== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433509" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433509" X-CSE-ConnectionGUID: GdIZvIZeQ4azEMUoy6dnpg== X-CSE-MsgGUID: ZMAkU/4dR6S9PizJhF3uHA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640177" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 42/55] cpu: Don't set vcpu_dirty when guest_state_protected Date: Tue, 1 Apr 2025 09:01:52 -0400 Message-Id: <20250401130205.2198253-43-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515328376019000 Content-Type: text/plain; charset="utf-8" QEMU calls kvm_arch_put_registers() when vcpu_dirty is true in kvm_vcpu_exec(). However, for confidential guest, like TDX, putting registers is disallowed due to guest state is protected. Only set vcpu_dirty to true with guest state is not protected when creating the vcpu. Signed-off-by: Xiaoyao Li --- Changes in v7: - new patch to replace "i386/tdx: Don't get/put guest state for TDX VMs" in v6; --- accel/kvm/kvm-all.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index 5835d840f3ad..9862d8ff1d38 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -466,7 +466,9 @@ int kvm_create_vcpu(CPUState *cpu) =20 cpu->kvm_fd =3D kvm_fd; cpu->kvm_state =3D s; - cpu->vcpu_dirty =3D true; + if (!s->guest_state_protected) { + cpu->vcpu_dirty =3D true; + } cpu->dirty_pages =3D 0; cpu->throttle_us_per_full =3D 0; =20 --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515996; cv=none; d=zohomail.com; s=zohoarc; b=T+50fPq5QcV5TxEwSZDqNvfcIyrNvVa7ThlgYS5YHthp1R9l0BEVI2EzlNC3oB9o0D0sTXTYgiNFfJxA6y822U1bdk/vX+MxRRDP19WowVbTCgOisNuuaAnwYLFM073izYBoAyJeIgmuzUlFi6Jnmnm5rKFljmNFC9+CX8OqUFE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515996; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=XoSb4tu3vMN1NFRVAp7/CxSXRCwPRbAA3veBqPnt+xs=; b=irX1CNLqKsuiKxS8BRj4D/eaM1C6ZWbKdixMPq+sZ+Ooy0xB6FnJAfTADqZCAK7EuFUk7WKxU2K1Mu+9ncnvKic0b3orr7GpMEtTCbqOGUMXVZkQW208nXjUPF7oZUwhpPuDyYQn+lh5o+scMwK0npbpt+s5RxhioNhTcU+ByhM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515996549766.1701329426372; Tue, 1 Apr 2025 06:59:56 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbyu-0005gI-KL; Tue, 01 Apr 2025 09:48:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuh-0000rD-JO for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:23 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuf-0006Zf-M6 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:23 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:00 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:42:57 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515061; x=1775051061; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=XEwqmQoSvwYMfkPqc6TzR0UgP5NnIAttqomtt/9PTFQ=; b=MtxKClP/0cqBS7WvrBaSdaxjokXTuUEHPYMKxKMqoHY5vcS1nUz67wRy KHW1vb7aKsM91bhv7REpVcU46EtO00Tq/VcBntPyBLtIgzRMYocxWvkCV 2+rt3nGS9Exv6wy0Ib2vo0UnSqct0ID8zldOOBkABmSbp7zcxWTtMJerF 5zH1pPMhJaVUIfQuNCGyguGe0FqumthOEkKJ2uei01THros66JJZM2rP6 yqc6C55f+0QFGQp/OPgODqxZwuaWvaibzC2REciYp/3AHkHbQo9bjQDwf fgXBdiTcegxsN9Gd6LErV9zHFBrEZ6dspBztSjU9FUI/v18Yf+w48nFmr Q==; X-CSE-ConnectionGUID: wngH2rInTA+fmsQZK8AmGw== X-CSE-MsgGUID: QgRbCRBfSgiI8f/J5BVnFg== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433513" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433513" X-CSE-ConnectionGUID: bT+JGD2FQGuZGZSxrBVLLg== X-CSE-MsgGUID: qBgUs5PmTmiC0aGQheHqmQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640199" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 43/55] i386/cgs: Rename *mask_cpuid_features() to *adjust_cpuid_features() Date: Tue, 1 Apr 2025 09:01:53 -0400 Message-Id: <20250401130205.2198253-44-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515997176019000 Content-Type: text/plain; charset="utf-8" Because for TDX case, there are also fixed-1 bits that enfored by TDX module. Signed-off-by: Xiaoyao Li Reviewed-by: Daniel P. Berrang=C3=A9 --- target/i386/confidential-guest.h | 20 ++++++++++---------- target/i386/kvm/kvm.c | 2 +- target/i386/sev.c | 4 ++-- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/target/i386/confidential-guest.h b/target/i386/confidential-gu= est.h index a86c42a47558..777d43cc9688 100644 --- a/target/i386/confidential-guest.h +++ b/target/i386/confidential-guest.h @@ -40,8 +40,8 @@ struct X86ConfidentialGuestClass { /* */ int (*kvm_type)(X86ConfidentialGuest *cg); void (*cpu_instance_init)(X86ConfidentialGuest *cg, CPUState *cpu); - uint32_t (*mask_cpuid_features)(X86ConfidentialGuest *cg, uint32_t fea= ture, uint32_t index, - int reg, uint32_t value); + uint32_t (*adjust_cpuid_features)(X86ConfidentialGuest *cg, uint32_t f= eature, + uint32_t index, int reg, uint32_t va= lue); }; =20 /** @@ -71,21 +71,21 @@ static inline void x86_confidential_guest_cpu_instance_= init(X86ConfidentialGuest } =20 /** - * x86_confidential_guest_mask_cpuid_features: + * x86_confidential_guest_adjust_cpuid_features: * - * Removes unsupported features from a confidential guest's CPUID values, = returns - * the value with the bits removed. The bits removed should be those that= KVM - * provides independent of host-supported CPUID features, but are not supp= orted by - * the confidential computing firmware. + * Adjust the supported features from a confidential guest's CPUID values, + * returns the adjusted value. There are bits being removed that are not + * supported by the confidential computing firmware or bits being added th= at + * are forcibly exposed to guest by the confidential computing firmware. */ -static inline int x86_confidential_guest_mask_cpuid_features(X86Confidenti= alGuest *cg, +static inline int x86_confidential_guest_adjust_cpuid_features(X86Confiden= tialGuest *cg, uint32_t feat= ure, uint32_t index, int reg, uint= 32_t value) { X86ConfidentialGuestClass *klass =3D X86_CONFIDENTIAL_GUEST_GET_CLASS(= cg); =20 - if (klass->mask_cpuid_features) { - return klass->mask_cpuid_features(cg, feature, index, reg, value); + if (klass->adjust_cpuid_features) { + return klass->adjust_cpuid_features(cg, feature, index, reg, value= ); } else { return value; } diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 4078ba40473e..fa46edaeac8d 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -573,7 +573,7 @@ uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint= 32_t function, } =20 if (current_machine->cgs) { - ret =3D x86_confidential_guest_mask_cpuid_features( + ret =3D x86_confidential_guest_adjust_cpuid_features( X86_CONFIDENTIAL_GUEST(current_machine->cgs), function, index, reg, ret); } diff --git a/target/i386/sev.c b/target/i386/sev.c index 0e1dbb6959ec..a6c0a697250b 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -946,7 +946,7 @@ out: } =20 static uint32_t -sev_snp_mask_cpuid_features(X86ConfidentialGuest *cg, uint32_t feature, ui= nt32_t index, +sev_snp_adjust_cpuid_features(X86ConfidentialGuest *cg, uint32_t feature, = uint32_t index, int reg, uint32_t value) { switch (feature) { @@ -2404,7 +2404,7 @@ sev_snp_guest_class_init(ObjectClass *oc, void *data) klass->launch_finish =3D sev_snp_launch_finish; klass->launch_update_data =3D sev_snp_launch_update_data; klass->kvm_init =3D sev_snp_kvm_init; - x86_klass->mask_cpuid_features =3D sev_snp_mask_cpuid_features; + x86_klass->adjust_cpuid_features =3D sev_snp_adjust_cpuid_features; x86_klass->kvm_type =3D sev_snp_kvm_type; =20 object_class_property_add(oc, "policy", "uint64", --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743518981; cv=none; d=zohomail.com; s=zohoarc; b=gcdD6cttaQPGOvDBId4nUMMO9lGiO+iS2eYLjTks5KHGO+Zzwq1KCzF+lZY3dCfWcPAUuRj2crpdBvF/FET/lPqyQLyuxOLogKme/6YuF3+/qi5BhsUvbitQenk734mOnqdlGpvdZDnpfrFtjS65n8ck/ibjR9+5XHYeNz2m2F0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743518981; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=y8/ldBK/K63Nh8M5COoW+4PqxIYSOnIDA11/hMMrTe4=; b=fuuJ0YjthGkEi6+JccIr5WMb7kBJBbm0kAb1uYU/jnpQbF2L3PaYwRkxqXXPreecwjmZk7XtfwP2E3oBBwByAPsJjvRGFjevoHzlW0cph+T8N0ocM/U5rbmI0IMCdl9VbYaFPxKNxCdnvYkBBQlO/rDp3avM95WG259NaFkrt7s= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743518981181529.2707171734164; Tue, 1 Apr 2025 07:49:41 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbyy-00069S-P0; Tue, 01 Apr 2025 09:48:48 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbul-00014c-Lt for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:29 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbui-0006XQ-J0 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:27 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:02 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:00 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515064; x=1775051064; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=cZBW6+bWAvYI3eaiq1KLwD7+rkeaAgANzXrfYjRXdeo=; b=BxSnDoT2DxWP9zl8qbbXqhnIQPTOLLj17Nqn7+DiGmaE1ejY9YrwRhg7 oEsJmBsZ6/s8KZbcyn+ajzfWOcYyIbMGBGLAVqP3bLHTuc8XFWxleaXyE J6yjKYWCUhJXm2bcITqbt70voQNkScj5kKORYC6J6wPr59YYv9Wdi+Pd8 OzTSX9A1q6SJe3YWhfcXOBETbLUhersrtn6hBJ8Xc92ldl4sbgJzaqnVP puvzal0ZK7ys2tCYJc/WNQtTRu+7qInaW2b1Q/W1kZxjQXjTmIE4lV4zX lbJN2DpyR34vkQt7IA4sTlbH3rxX4ZkOrdIW241daWFM4g+d/ms0NDpBW w==; X-CSE-ConnectionGUID: 5WK/OK81QJ2ku5tK5L6HnQ== X-CSE-MsgGUID: 12xOG4+BTs+NLNLO64GS2w== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433522" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433522" X-CSE-ConnectionGUID: wXDH2ZBjR0KuVUl77bSgxw== X-CSE-MsgGUID: g+f3eYfgQfaKQsw3/ZeVPQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640218" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 44/55] i386/tdx: Implement adjust_cpuid_features() for TDX Date: Tue, 1 Apr 2025 09:01:54 -0400 Message-Id: <20250401130205.2198253-45-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743518985254019100 Content-Type: text/plain; charset="utf-8" Maintain a TDX specific supported CPUID set, and use it to mask the common supported CPUID value of KVM. It can avoid newly added supported features (reported via KVM_GET_SUPPORTED_CPUID) for common VMs being falsely reported as supported for TDX. As the first step, initialize the TDX supported CPUID set with all the configurable CPUID bits. It's not complete because there are other CPUID bits are supported for TDX but not reported as directly configurable. E.g. the XFAM related bits, attribute related bits and fixed-1 bits. They will be handled in the future. Also, what matters are the CPUID bits related to QEMU's feature word. Only mask the CPUID leafs which are feature word leaf. Signed-off-by: Xiaoyao Li --- target/i386/cpu.c | 18 ++++++++++++++++++ target/i386/cpu.h | 1 + target/i386/kvm/kvm.c | 2 +- target/i386/kvm/kvm_i386.h | 1 + target/i386/kvm/tdx.c | 34 ++++++++++++++++++++++++++++++++++ 5 files changed, 55 insertions(+), 1 deletion(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index f219961b62cd..4061d38d3fbe 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -1655,6 +1655,24 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] =3D= { }, }; =20 +bool is_feature_word_cpuid(uint32_t feature, uint32_t index, int reg) +{ + FeatureWordInfo *wi; + FeatureWord w; + + for (w =3D 0; w < FEATURE_WORDS; w++) + { + wi =3D &feature_word_info[w]; + if (wi->type =3D=3D CPUID_FEATURE_WORD && wi->cpuid.eax =3D=3D fea= ture && + (!wi->cpuid.needs_ecx || wi->cpuid.ecx =3D=3D index) && + wi->cpuid.reg =3D=3D reg) + { + return true; + } + } + return false; +} + typedef struct FeatureMask { FeatureWord index; uint64_t mask; diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 3910b488f775..42ef77789ded 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -2515,6 +2515,7 @@ void cpu_set_apic_feature(CPUX86State *env); void host_cpuid(uint32_t function, uint32_t count, uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx= ); bool cpu_has_x2apic_feature(CPUX86State *env); +bool is_feature_word_cpuid(uint32_t feature, uint32_t index, int reg); =20 static inline bool x86_has_cpuid_0x1f(X86CPU *cpu) { diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index fa46edaeac8d..17d7bf6ae9aa 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -393,7 +393,7 @@ static bool host_tsx_broken(void) =20 /* Returns the value for a specific register on the cpuid entry */ -static uint32_t cpuid_entry_get_reg(struct kvm_cpuid_entry2 *entry, int re= g) +uint32_t cpuid_entry_get_reg(struct kvm_cpuid_entry2 *entry, int reg) { uint32_t ret =3D 0; switch (reg) { diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h index dc696cb7238a..484a1de84d51 100644 --- a/target/i386/kvm/kvm_i386.h +++ b/target/i386/kvm/kvm_i386.h @@ -62,6 +62,7 @@ void kvm_update_msi_routes_all(void *private, bool global, struct kvm_cpuid_entry2 *cpuid_find_entry(struct kvm_cpuid2 *cpuid, uint32_t function, uint32_t index); +uint32_t cpuid_entry_get_reg(struct kvm_cpuid_entry2 *entry, int reg); uint32_t kvm_x86_build_cpuid(CPUX86State *env, struct kvm_cpuid_entry2 *en= tries, uint32_t cpuid_i); #endif /* CONFIG_KVM */ diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 4128f27d6b64..b9a96c2e392d 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -45,6 +45,7 @@ static TdxGuest *tdx_guest; =20 static struct kvm_tdx_capabilities *tdx_caps; +static struct kvm_cpuid2 *tdx_supported_cpuid; =20 /* Valid after kvm_arch_init()->confidential_guest_kvm_init()->tdx_kvm_ini= t() */ bool is_tdx_vm(void) @@ -368,6 +369,20 @@ static Notifier tdx_machine_done_notify =3D { .notify =3D tdx_finalize_vm, }; =20 +static void tdx_setup_supported_cpuid(void) +{ + if (tdx_supported_cpuid) { + return; + } + + tdx_supported_cpuid =3D g_malloc0(sizeof(*tdx_supported_cpuid) + + KVM_MAX_CPUID_ENTRIES * sizeof(struct kvm_cpuid_entry2= )); + + memcpy(tdx_supported_cpuid->entries, tdx_caps->cpuid.entries, + tdx_caps->cpuid.nent * sizeof(struct kvm_cpuid_entry2)); + tdx_supported_cpuid->nent =3D tdx_caps->cpuid.nent; +} + static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) { MachineState *ms =3D MACHINE(qdev_get_machine()); @@ -405,6 +420,8 @@ static int tdx_kvm_init(ConfidentialGuestSupport *cgs, = Error **errp) } } =20 + tdx_setup_supported_cpuid(); + /* TDX relies on KVM_HC_MAP_GPA_RANGE to handle TDG.VP.VMCALL = */ if (!kvm_enable_hypercall(BIT_ULL(KVM_HC_MAP_GPA_RANGE))) { return -EOPNOTSUPP; @@ -442,6 +459,22 @@ static void tdx_cpu_instance_init(X86ConfidentialGuest= *cg, CPUState *cpu) x86cpu->enable_cpuid_0x1f =3D true; } =20 +static uint32_t tdx_adjust_cpuid_features(X86ConfidentialGuest *cg, + uint32_t feature, uint32_t index, + int reg, uint32_t value) +{ + struct kvm_cpuid_entry2 *e; + + if (is_feature_word_cpuid(feature, index, reg)) { + e =3D cpuid_find_entry(tdx_supported_cpuid, feature, index); + if (e) { + value &=3D cpuid_entry_get_reg(e, reg); + } + } + + return value; +} + static int tdx_validate_attributes(TdxGuest *tdx, Error **errp) { if ((tdx->attributes & ~tdx_caps->supported_attrs)) { @@ -824,4 +857,5 @@ static void tdx_guest_class_init(ObjectClass *oc, void = *data) klass->kvm_init =3D tdx_kvm_init; x86_klass->kvm_type =3D tdx_kvm_type; x86_klass->cpu_instance_init =3D tdx_cpu_instance_init; + x86_klass->adjust_cpuid_features =3D tdx_adjust_cpuid_features; } --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515328; cv=none; d=zohomail.com; s=zohoarc; b=Sxy8Uo8LCLoRu3ojy7E1qLxfvIez8Xvp3vhRMTeLRna9MwUM2dEoGIxVoPIX4SndDRUa0mUkQRVf0VxFo8FKQ1pCMTW3kik0wbGoMsjDkQ51/Bsh9hXk0ECftLglm2T00PWMDfPoh3lB+eXoasgJ0aDsciVC54DxXeD26xLAMTM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515328; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=tul3Lx31VDwyrGM72ajii5fLj3RD5kpk024LmkNNSEA=; b=XfCkAzUDrvwvhyVWywj3O+yjDI6W7sXcu5vXOFexSrsaPjtAfiah9qo/BnWhY3C5qAlkAp/VO1BQdWHymFuD8tDQg2q79hWpSNEGHTf7yRuvd8UOZMFngaSVg0fE1/ywusBOGZCCO9z1vdo3dXXzTpRVKGSGYB2kZ6DAN+bGU2E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515328274259.38164125733067; Tue, 1 Apr 2025 06:48:48 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbyp-0005D1-7E; Tue, 01 Apr 2025 09:48:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbul-00014d-Qu for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:29 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbui-0006ZP-J2 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:27 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:05 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:02 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515064; x=1775051064; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=dCqogoyYG6qGaIWRDdW3DG5t0kRWSGhPDSbOwdRrrSk=; b=bIuKlxho8NSsN48AFwJxC8DDpXXWeYFEl8gocjIjryfxe2iFMOh+/6h9 rtZzf5ii0AS6H4TDXhzWKPszvYEUvvIIuiUUBqbrKaTZcTP/IsUyJkBun QrD2oL8BWIxoRmvSKBP/uExLHKUpRfl4Uge6hs+t5QH59wxA2vRr1vUVX R8jeLEODGLGIxAVU3DbNbnv/wkWeLELwahXOaSX3SdcEwbMnYTbT8zpde T2kZU90cZNwy2sdxizL7eEW75L7ZgckdK8IOJNd1KR4p3yaTs/7gkmrpS T1QESSLvW601ppoAcDRi82l30rTmWB9Kyxt3YVEjb0A8JCMUlY4oVSv1h A==; X-CSE-ConnectionGUID: 2W1ZzjQESvG8OfNo+rFM/A== X-CSE-MsgGUID: ThBA7TLUT6+oEcuK24GHkw== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433529" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433529" X-CSE-ConnectionGUID: cfaMfFdgQ5KpGkX2jBRt8g== X-CSE-MsgGUID: wMJvDbbhS+WP6gaC8mFz0A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640233" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 45/55] i386/tdx: Add TDX fixed1 bits to supported CPUIDs Date: Tue, 1 Apr 2025 09:01:55 -0400 Message-Id: <20250401130205.2198253-46-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515330369019100 Content-Type: text/plain; charset="utf-8" TDX architecture forcibly sets some CPUID bits for TD guest that VMM cannot disable it. They are fixed1 bits. Fixed1 bits are not covered by tdx_caps.cpuid (which only contians the directly configurable bits), while fixed1 bits are supported for TD guest obviously. Add fixed1 bits to tdx_supported_cpuid. Besides, set all the fixed1 bits to the initial set of KVM's support since KVM might not report them as supported. Signed-off-by: Xiaoyao Li --- target/i386/cpu.h | 2 + target/i386/kvm/kvm_i386.h | 7 ++ target/i386/kvm/tdx.c | 132 +++++++++++++++++++++++++++++++++++++ target/i386/sev.c | 5 -- 4 files changed, 141 insertions(+), 5 deletions(-) diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 42ef77789ded..115137279a1a 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -924,6 +924,8 @@ uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu= , FeatureWord w); #define CPUID_7_0_EDX_FSRM (1U << 4) /* AVX512 Vector Pair Intersection to a Pair of Mask Registers */ #define CPUID_7_0_EDX_AVX512_VP2INTERSECT (1U << 8) + /* "md_clear" VERW clears CPU buffers */ +#define CPUID_7_0_EDX_MD_CLEAR (1U << 10) /* SERIALIZE instruction */ #define CPUID_7_0_EDX_SERIALIZE (1U << 14) /* TSX Suspend Load Address Tracking instruction */ diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h index 484a1de84d51..c1bafcfc9b63 100644 --- a/target/i386/kvm/kvm_i386.h +++ b/target/i386/kvm/kvm_i386.h @@ -13,8 +13,15 @@ =20 #include "system/kvm.h" =20 +#include + #define KVM_MAX_CPUID_ENTRIES 100 =20 +typedef struct KvmCpuidInfo { + struct kvm_cpuid2 cpuid; + struct kvm_cpuid_entry2 entries[KVM_MAX_CPUID_ENTRIES]; +} KvmCpuidInfo; + /* always false if !CONFIG_KVM */ #define kvm_pit_in_kernel() \ (kvm_irqchip_in_kernel() && !kvm_irqchip_is_split()) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index b9a96c2e392d..49a94d8ffe7d 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -369,6 +369,131 @@ static Notifier tdx_machine_done_notify =3D { .notify =3D tdx_finalize_vm, }; =20 +/* + * Some CPUID bits change from fixed1 to configurable bits when TDX module + * supports TDX_FEATURES0.VE_REDUCTION. e.g., MCA/MCE/MTRR/CORE_CAPABILITY. + * + * To make QEMU work with all the versions of TDX module, keep the fixed1 = bits + * here if they are ever fixed1 bits in any of the version though not fixe= d1 in + * the latest version. Otherwise, with the older version of TDX module, QE= MU may + * treat the fixed1 bit as unsupported. + * + * For newer TDX module, it does no harm to keep them in tdx_fixed1_bits e= ven + * though they changed to configurable bits. Because tdx_fixed1_bits is us= ed to + * setup the supported bits. + */ +KvmCpuidInfo tdx_fixed1_bits =3D { + .cpuid.nent =3D 8, + .entries[0] =3D { + .function =3D 0x1, + .index =3D 0, + .ecx =3D CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_DTES64 | + CPUID_EXT_DSCPL | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | + CPUID_EXT_PDCM | CPUID_EXT_PCID | CPUID_EXT_SSE41 | + CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE | + CPUID_EXT_POPCNT | CPUID_EXT_AES | CPUID_EXT_XSAVE | + CPUID_EXT_RDRAND | CPUID_EXT_HYPERVISOR, + .edx =3D CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC= | + CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | + CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV= | + CPUID_PAT | CPUID_CLFLUSH | CPUID_DTS | CPUID_MMX | CPUID_F= XSR | + CPUID_SSE | CPUID_SSE2, + }, + .entries[1] =3D { + .function =3D 0x6, + .index =3D 0, + .eax =3D CPUID_6_EAX_ARAT, + }, + .entries[2] =3D { + .function =3D 0x7, + .index =3D 0, + .flags =3D KVM_CPUID_FLAG_SIGNIFCANT_INDEX, + .ebx =3D CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_FDP_EXCPTN_ONLY | + CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_INVPCID | + CPUID_7_0_EBX_ZERO_FCS_FDS | CPUID_7_0_EBX_RDSEED | + CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT | + CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_SHA_NI, + .ecx =3D CPUID_7_0_ECX_BUS_LOCK_DETECT | CPUID_7_0_ECX_MOVDIRI | + CPUID_7_0_ECX_MOVDIR64B, + .edx =3D CPUID_7_0_EDX_MD_CLEAR | CPUID_7_0_EDX_SPEC_CTRL | + CPUID_7_0_EDX_STIBP | CPUID_7_0_EDX_FLUSH_L1D | + CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_CORE_CAPABI= LITY | + CPUID_7_0_EDX_SPEC_CTRL_SSBD, + }, + .entries[3] =3D { + .function =3D 0x7, + .index =3D 2, + .flags =3D KVM_CPUID_FLAG_SIGNIFCANT_INDEX, + .edx =3D (1U << 0) | (1U << 1) | (1U << 2) | (1U << 4), + }, + .entries[4] =3D { + .function =3D 0xD, + .index =3D 0, + .flags =3D KVM_CPUID_FLAG_SIGNIFCANT_INDEX, + .eax =3D XSTATE_FP_MASK | XSTATE_SSE_MASK, + }, + .entries[5] =3D { + .function =3D 0xD, + .index =3D 1, + .flags =3D KVM_CPUID_FLAG_SIGNIFCANT_INDEX, + .eax =3D CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC| + CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES, + }, + .entries[6] =3D { + .function =3D 0x80000001, + .index =3D 0, + .ecx =3D CPUID_EXT3_LAHF_LM | CPUID_EXT3_ABM | CPUID_EXT3_3DNOWPRE= FETCH, + /* strictly speaking, SYSCALL is not fixed1 bit since it depends on + * the CPU to be in 64-bit mode. But here fixed1 is used to serve = the + * purpose of supported bits for TDX. In this sense, SYACALL is al= ways + * supported. + */ + .edx =3D CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB | + CPUID_EXT2_RDTSCP | CPUID_EXT2_LM, + }, + .entries[7] =3D { + .function =3D 0x80000007, + .index =3D 0, + .edx =3D CPUID_APM_INVTSC, + }, +}; + +static struct kvm_cpuid_entry2 *find_in_supported_entry(uint32_t function, + uint32_t index) +{ + struct kvm_cpuid_entry2 *e; + + e =3D cpuid_find_entry(tdx_supported_cpuid, function, index); + if (!e) { + if (tdx_supported_cpuid->nent >=3D KVM_MAX_CPUID_ENTRIES) { + error_report("tdx_supported_cpuid requries more space than %d = entries", + KVM_MAX_CPUID_ENTRIES); + exit(1); + } + e =3D &tdx_supported_cpuid->entries[tdx_supported_cpuid->nent++]; + e->function =3D function; + e->index =3D index; + } + + return e; +} + +static void tdx_add_supported_cpuid_by_fixed1_bits(void) +{ + struct kvm_cpuid_entry2 *e, *e1; + int i; + + for (i =3D 0; i < tdx_fixed1_bits.cpuid.nent; i++) { + e =3D &tdx_fixed1_bits.entries[i]; + + e1 =3D find_in_supported_entry(e->function, e->index); + e1->eax |=3D e->eax; + e1->ebx |=3D e->ebx; + e1->ecx |=3D e->ecx; + e1->edx |=3D e->edx; + } +} + static void tdx_setup_supported_cpuid(void) { if (tdx_supported_cpuid) { @@ -381,6 +506,8 @@ static void tdx_setup_supported_cpuid(void) memcpy(tdx_supported_cpuid->entries, tdx_caps->cpuid.entries, tdx_caps->cpuid.nent * sizeof(struct kvm_cpuid_entry2)); tdx_supported_cpuid->nent =3D tdx_caps->cpuid.nent; + + tdx_add_supported_cpuid_by_fixed1_bits(); } =20 static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) @@ -465,6 +592,11 @@ static uint32_t tdx_adjust_cpuid_features(X86Confident= ialGuest *cg, { struct kvm_cpuid_entry2 *e; =20 + e =3D cpuid_find_entry(&tdx_fixed1_bits.cpuid, feature, index); + if (e) { + value |=3D cpuid_entry_get_reg(e, reg); + } + if (is_feature_word_cpuid(feature, index, reg)) { e =3D cpuid_find_entry(tdx_supported_cpuid, feature, index); if (e) { diff --git a/target/i386/sev.c b/target/i386/sev.c index a6c0a697250b..217b19ad7bc6 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -214,11 +214,6 @@ static const char *const sev_fw_errlist[] =3D { /* doesn't expose this, so re-use the max from kvm.c */ #define KVM_MAX_CPUID_ENTRIES 100 =20 -typedef struct KvmCpuidInfo { - struct kvm_cpuid2 cpuid; - struct kvm_cpuid_entry2 entries[KVM_MAX_CPUID_ENTRIES]; -} KvmCpuidInfo; - #define SNP_CPUID_FUNCTION_MAXCOUNT 64 #define SNP_CPUID_FUNCTION_UNKNOWN 0xFFFFFFFF =20 --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515706; cv=none; d=zohomail.com; s=zohoarc; b=iChcCIYjWl/pvKrfSknfwEOiiBbPY+0n9kAam/+qtPkKzYVoSUyCoGuv6KfMz0+wiVXCn7mEhsFUNhrOyxgUmiJmCkgQYxCblhFQSYwqDda4+mlYMMFHai6wPNMSo9vfJArM5sc0ZFXzfgyDA4kPnU4SJcjdM6PtkYtxkxLbgRE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515706; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=6l4C+TL4UG0WcM8YEmKaOTKUmXEVJxQGmWdzxheT1ZM=; b=lAyphWtRaJ/xpkQwB0zowFOza+Zh7dvoeZ3jIQpulLdy6+u+cBdAiTobHZiaF54Tpfak5femFWSSPEwvMDHWoQdciOLokmd6uQJSvXpMhWqReY2dRxC8ABCgeILxOMy4sYI4jnIWR0qJBZaVMOTdf4Y2aZQf0ojF7+Liiibrng4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515706022255.49399241898936; Tue, 1 Apr 2025 06:55:06 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbva-0002cL-VS; Tue, 01 Apr 2025 09:45:20 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuu-0001Iy-4t for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:41 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbus-0006Zf-3A for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:35 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:08 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:05 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515074; x=1775051074; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ZhwC6hibePhTCwcaMfL+r3F4/lIzR3KteqZx+VX9tQE=; b=HuUndlpAqrGxnbOJUsLT/eCSCcmTTyUTXsK1V0CH7dH9J/wgyrQUGvfo zYkWSAw4sn9M9APVFDV9erDpkBeG5fCubsHpD0dGXJb6/scblSkSunFqZ xxOvFQfPRwE2al4o/wtzSepy+7py2oCKqop9bya7LIIb/Gxchs/YhlBi7 vn4hsAGamQEnUtT5uLaindeCnHWceak9HP0cAksKgf8xMoTCqMvcRsBDt lw9kHglRm8/B+AZQaU0EHwRklwNbHGkN8QOh61JYp0iMABVAqETVzblpe Qh4cgLHYzsePYcfgrmTtl2gEN0dSBKuWILPJLnwBbfQZF6xHotOSCi7gc g==; X-CSE-ConnectionGUID: iuknbXx/S1upo47gfMNN0Q== X-CSE-MsgGUID: iqOUF0auS3KKgyKqo7u1yA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433539" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433539" X-CSE-ConnectionGUID: RMpW43U9S+uxtw7cQW/2qg== X-CSE-MsgGUID: Mi65CvthQyuF36zqMHLwkw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640240" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 46/55] i386/tdx: Add supported CPUID bits related to TD Attributes Date: Tue, 1 Apr 2025 09:01:56 -0400 Message-Id: <20250401130205.2198253-47-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515708228019000 Content-Type: text/plain; charset="utf-8" For TDX, some CPUID feature bit is configured via TD attributes. They are not covered by tdx_caps.cpuid (which only contians the configurable bits), but they are actually supported when the related attributre bit is supported. Signed-off-by: Xiaoyao Li --- target/i386/cpu.h | 4 +++ target/i386/kvm/tdx.c | 59 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 115137279a1a..0e984ec42bb6 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -903,6 +903,8 @@ uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu= , FeatureWord w); #define CPUID_7_0_ECX_LA57 (1U << 16) /* Read Processor ID */ #define CPUID_7_0_ECX_RDPID (1U << 22) +/* KeyLocker */ +#define CPUID_7_0_ECX_KeyLocker (1U << 23) /* Bus Lock Debug Exception */ #define CPUID_7_0_ECX_BUS_LOCK_DETECT (1U << 24) /* Cache Line Demote Instruction */ @@ -963,6 +965,8 @@ uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu= , FeatureWord w); #define CPUID_7_1_EAX_AVX_VNNI (1U << 4) /* AVX512 BFloat16 Instruction */ #define CPUID_7_1_EAX_AVX512_BF16 (1U << 5) +/* Linear address space separation */ +#define CPUID_7_1_EAX_LASS (1U << 6) /* CMPCCXADD Instructions */ #define CPUID_7_1_EAX_CMPCCXADD (1U << 7) /* Fast Zero REP MOVS */ diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 49a94d8ffe7d..5d72f1814606 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -458,6 +458,33 @@ KvmCpuidInfo tdx_fixed1_bits =3D { }, }; =20 +typedef struct TdxAttrsMap { + uint32_t attr_index; + uint32_t cpuid_leaf; + uint32_t cpuid_subleaf; + int cpuid_reg; + uint32_t feat_mask; +} TdxAttrsMap; + +static TdxAttrsMap tdx_attrs_maps[] =3D { + {.attr_index =3D 27, + .cpuid_leaf =3D 7, + .cpuid_subleaf =3D 1, + .cpuid_reg =3D R_EAX, + .feat_mask =3D CPUID_7_1_EAX_LASS}, + {.attr_index =3D 30, + .cpuid_leaf =3D 7, + .cpuid_subleaf =3D 0, + .cpuid_reg =3D R_ECX, + .feat_mask =3D CPUID_7_0_ECX_PKS,}, + {.attr_index =3D 31, + .cpuid_leaf =3D 7, + .cpuid_subleaf =3D 0, + .cpuid_reg =3D R_ECX, + .feat_mask =3D CPUID_7_0_ECX_KeyLocker, + }, +}; + static struct kvm_cpuid_entry2 *find_in_supported_entry(uint32_t function, uint32_t index) { @@ -494,6 +521,37 @@ static void tdx_add_supported_cpuid_by_fixed1_bits(voi= d) } } =20 +static void tdx_add_supported_cpuid_by_attrs(void) +{ + struct kvm_cpuid_entry2 *e; + TdxAttrsMap *map; + int i; + + for (i =3D 0; i < ARRAY_SIZE(tdx_attrs_maps); i++) { + map =3D &tdx_attrs_maps[i]; + if (!((1ULL << map->attr_index) & tdx_caps->supported_attrs)) { + continue; + } + + e =3D find_in_supported_entry(map->cpuid_leaf, map->cpuid_subleaf); + + switch(map->cpuid_reg) { + case R_EAX: + e->eax |=3D map->feat_mask; + break; + case R_EBX: + e->ebx |=3D map->feat_mask; + break; + case R_ECX: + e->ecx |=3D map->feat_mask; + break; + case R_EDX: + e->edx |=3D map->feat_mask; + break; + } + } +} + static void tdx_setup_supported_cpuid(void) { if (tdx_supported_cpuid) { @@ -508,6 +566,7 @@ static void tdx_setup_supported_cpuid(void) tdx_supported_cpuid->nent =3D tdx_caps->cpuid.nent; =20 tdx_add_supported_cpuid_by_fixed1_bits(); + tdx_add_supported_cpuid_by_attrs(); } =20 static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743519144; cv=none; d=zohomail.com; s=zohoarc; b=KJ8oGTKCVc2jfutqJHuO+/FCP4sdnwL5z/h7r5JjWFph3k/c+beLZ3+QNpvwQG4HYTKC1utdk5EBgodgdTE+ENwC6JFjKlxbRTGIQ6ojRYCeYZLMB3biMphuk2wCDW+4JJtQSx5afisTUNDU2SHV7NYSEGzweDPBsuXNJC9R8hI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743519144; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=XHlrUYLSI6ERjRR1H0CSC0ct5L0XbDDkT3yOcYuzBwY=; b=XwiU3Jv6E+6fOAtwY08MbiQdCloEKnghdQ2C0f+fs4yYQjrid7O8RnEWbs9Dl5kfSp4r2lPw/9onpt3cxhDqzeyb4vuS0IpBmrDNbY4dz3TUKRDYRjFKU2Ds0jz0QAgZ57ZUqtpgJRE/Qu5nHUjhBc66NlnNTKbntE+7PJUBdzQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743519144751445.42045788337794; Tue, 1 Apr 2025 07:52:24 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbwP-0003Ec-2G; Tue, 01 Apr 2025 09:46:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuz-0001Qw-7o for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:42 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbux-0006XQ-4q for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:40 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:10 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:08 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515079; x=1775051079; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Ok8qhyI9I7c1GkICpo3h+qBKvmZgesDdAiav3DZU3tc=; b=lgoUBQjV8eAHcwzsa/X0Lg5i9e++XDJ+OUMp1tYfQziGg5sRjS75ReeJ DbbqTQdXrhrImKfStztinYHbxd+Q9SQmmGr/Y1c8aHpe7iFcelAGQDc2W uIHREmFyPF8JQCrYmKNTxpFzXFEaJgxXoEFIb4VltVTMi6HVMypMwjhBO kCEPWD7lydaNqMyHsE3+AGwDTbjMe8AvElSakyD768D/Thz6c2dLbia9M /MnrjM+tFMsgbTZ0+oROwxMKKDWLHDiWjo0eb0rrhBVqbt/FjwuEtjj7c ydW1Ks1Hmditg/vajJBPGN+n58WXgp8gIDX0wMqGoGfvQ/wlRDMChx7CU A==; X-CSE-ConnectionGUID: b5CoOM/sQhm1Ts8oEXGAow== X-CSE-MsgGUID: QdfS1J4sQgaPWWhyYwzZOQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433547" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433547" X-CSE-ConnectionGUID: B84GwlDPT7qzxTcwiNy5wg== X-CSE-MsgGUID: mgkIRpqTRqWD35K9ol0CSg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640247" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 47/55] i386/tdx: Add supported CPUID bits relates to XFAM Date: Tue, 1 Apr 2025 09:01:57 -0400 Message-Id: <20250401130205.2198253-48-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743519147339019100 Content-Type: text/plain; charset="utf-8" Some CPUID bits are controlled by XFAM. They are not covered by tdx_caps.cpuid (which only contians the directly configurable bits), but they are actually supported when the related XFAM bit is supported. Add these XFAM controlled bits to TDX supported CPUID bits based on the supported_xfam. Besides, incorporate the supported_xfam into the supported CPUID leaf of 0xD. Signed-off-by: Xiaoyao Li --- target/i386/cpu.c | 12 ------- target/i386/cpu.h | 16 ++++++++++ target/i386/kvm/tdx.c | 73 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 89 insertions(+), 12 deletions(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 4061d38d3fbe..f09a1caac071 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -1673,15 +1673,6 @@ bool is_feature_word_cpuid(uint32_t feature, uint32_= t index, int reg) return false; } =20 -typedef struct FeatureMask { - FeatureWord index; - uint64_t mask; -} FeatureMask; - -typedef struct FeatureDep { - FeatureMask from, to; -} FeatureDep; - static FeatureDep feature_dependencies[] =3D { { .from =3D { FEAT_7_0_EDX, CPUID_7_0_EDX_ARCH_CAPABILIT= IES }, @@ -1850,9 +1841,6 @@ static const X86RegisterInfo32 x86_reg_info_32[CPU_NB= _REGS32] =3D { }; #undef REGISTER =20 -/* CPUID feature bits available in XSS */ -#define CPUID_XSTATE_XSS_MASK (XSTATE_ARCH_LBR_MASK) - ExtSaveArea x86_ext_save_areas[XSAVE_STATE_AREA_COUNT] =3D { [XSTATE_FP_BIT] =3D { /* x87 FP state component is always enabled if XSAVE is supported = */ diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 0e984ec42bb6..132312d70a54 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -588,6 +588,7 @@ typedef enum X86Seg { #define XSTATE_OPMASK_BIT 5 #define XSTATE_ZMM_Hi256_BIT 6 #define XSTATE_Hi16_ZMM_BIT 7 +#define XSTATE_PT_BIT 8 #define XSTATE_PKRU_BIT 9 #define XSTATE_ARCH_LBR_BIT 15 #define XSTATE_XTILE_CFG_BIT 17 @@ -601,6 +602,7 @@ typedef enum X86Seg { #define XSTATE_OPMASK_MASK (1ULL << XSTATE_OPMASK_BIT) #define XSTATE_ZMM_Hi256_MASK (1ULL << XSTATE_ZMM_Hi256_BIT) #define XSTATE_Hi16_ZMM_MASK (1ULL << XSTATE_Hi16_ZMM_BIT) +#define XSTATE_PT_MASK (1ULL << XSTATE_PT_BIT) #define XSTATE_PKRU_MASK (1ULL << XSTATE_PKRU_BIT) #define XSTATE_ARCH_LBR_MASK (1ULL << XSTATE_ARCH_LBR_BIT) #define XSTATE_XTILE_CFG_MASK (1ULL << XSTATE_XTILE_CFG_BIT) @@ -623,6 +625,11 @@ typedef enum X86Seg { XSTATE_Hi16_ZMM_MASK | XSTATE_PKRU_MASK |= \ XSTATE_XTILE_CFG_MASK | XSTATE_XTILE_DATA= _MASK) =20 +/* CPUID feature bits available in XSS */ +#define CPUID_XSTATE_XSS_MASK (XSTATE_ARCH_LBR_MASK) + +#define CPUID_XSTATE_MASK (CPUID_XSTATE_XCR0_MASK | CPUID_XSTATE_XSS= _MASK) + /* CPUID feature words */ typedef enum FeatureWord { FEAT_1_EDX, /* CPUID[1].EDX */ @@ -671,6 +678,15 @@ typedef enum FeatureWord { FEATURE_WORDS, } FeatureWord; =20 +typedef struct FeatureMask { + FeatureWord index; + uint64_t mask; +} FeatureMask; + +typedef struct FeatureDep { + FeatureMask from, to; +} FeatureDep; + typedef uint64_t FeatureWordArray[FEATURE_WORDS]; uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu, FeatureWord w); =20 diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 5d72f1814606..c7b4a098d12f 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -23,6 +23,8 @@ =20 #include =20 +#include "cpu.h" +#include "cpu-internal.h" #include "hw/i386/e820_memory_layout.h" #include "hw/i386/tdvf.h" #include "hw/i386/x86.h" @@ -485,6 +487,32 @@ static TdxAttrsMap tdx_attrs_maps[] =3D { }, }; =20 +typedef struct TdxXFAMDep { + int xfam_bit; + FeatureMask feat_mask; +} TdxXFAMDep; + +/* + * Note, only the CPUID bits whose virtualization type are "XFAM & Native"= are + * defiend here. + * + * For those whose virtualization type are "XFAM & Configured & Native", t= hey + * are reported as configurable bits. And they are not supported if not in= the + * configureable bits list from KVM even if the corresponding XFAM bit is + * supported. + */ +TdxXFAMDep tdx_xfam_deps[] =3D { + { XSTATE_YMM_BIT, { FEAT_1_ECX, CPUID_EXT_FMA }}, + { XSTATE_YMM_BIT, { FEAT_7_0_EBX, CPUID_7_0_EBX_AVX2 }}, + { XSTATE_OPMASK_BIT, { FEAT_7_0_ECX, CPUID_7_0_ECX_AVX512_VBMI}}, + { XSTATE_OPMASK_BIT, { FEAT_7_0_EDX, CPUID_7_0_EDX_AVX512_FP16}}, + { XSTATE_PT_BIT, { FEAT_7_0_EBX, CPUID_7_0_EBX_INTEL_PT}}, + { XSTATE_PKRU_BIT, { FEAT_7_0_ECX, CPUID_7_0_ECX_PKU}}, + { XSTATE_XTILE_CFG_BIT, { FEAT_7_0_EDX, CPUID_7_0_EDX_AMX_BF16 }}, + { XSTATE_XTILE_CFG_BIT, { FEAT_7_0_EDX, CPUID_7_0_EDX_AMX_TILE }}, + { XSTATE_XTILE_CFG_BIT, { FEAT_7_0_EDX, CPUID_7_0_EDX_AMX_INT8 }}, +}; + static struct kvm_cpuid_entry2 *find_in_supported_entry(uint32_t function, uint32_t index) { @@ -552,6 +580,50 @@ static void tdx_add_supported_cpuid_by_attrs(void) } } =20 +static void tdx_add_supported_cpuid_by_xfam(void) +{ + struct kvm_cpuid_entry2 *e; + int i; + + const TdxXFAMDep *xfam_dep; + const FeatureWordInfo *f; + for (i =3D 0; i < ARRAY_SIZE(tdx_xfam_deps); i++) { + xfam_dep =3D &tdx_xfam_deps[i]; + if (!((1ULL << xfam_dep->xfam_bit) & tdx_caps->supported_xfam)) { + continue; + } + + f =3D &feature_word_info[xfam_dep->feat_mask.index]; + if (f->type !=3D CPUID_FEATURE_WORD) { + continue; + } + + e =3D find_in_supported_entry(f->cpuid.eax, f->cpuid.ecx); + switch(f->cpuid.reg) { + case R_EAX: + e->eax |=3D xfam_dep->feat_mask.mask; + break; + case R_EBX: + e->ebx |=3D xfam_dep->feat_mask.mask; + break; + case R_ECX: + e->ecx |=3D xfam_dep->feat_mask.mask; + break; + case R_EDX: + e->edx |=3D xfam_dep->feat_mask.mask; + break; + } + } + + e =3D find_in_supported_entry(0xd, 0); + e->eax |=3D (tdx_caps->supported_xfam & CPUID_XSTATE_XCR0_MASK); + e->edx |=3D (tdx_caps->supported_xfam & CPUID_XSTATE_XCR0_MASK) >> 32; + + e =3D find_in_supported_entry(0xd, 1); + e->ecx |=3D (tdx_caps->supported_xfam & CPUID_XSTATE_XSS_MASK); + e->edx |=3D (tdx_caps->supported_xfam & CPUID_XSTATE_XSS_MASK) >> 32; +} + static void tdx_setup_supported_cpuid(void) { if (tdx_supported_cpuid) { @@ -567,6 +639,7 @@ static void tdx_setup_supported_cpuid(void) =20 tdx_add_supported_cpuid_by_fixed1_bits(); tdx_add_supported_cpuid_by_attrs(); + tdx_add_supported_cpuid_by_xfam(); } =20 static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515557; cv=none; d=zohomail.com; s=zohoarc; b=jZU73LbV5ldd9ifKsC68fsVPGZt8Od1vge6hbgnStS8lt/sZCBEeZme9aIGpzwqElJdfwN3POa0d0m+hXOBP1QnuGQ59xqnk+gToIIPilE25u9oQrXTvrJ6EojWjRmh17KvH2/CwONIyNVeq+B/bGMif7cmCfjz9mgcOeVObZ+M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515557; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=y+AUEueVQhJpt25EIkvJjpV5QZUaLAvREQigMjsWXLY=; b=Ah22TKL+mkATDprxQW55L+PpkrXMVBLyTNzdq4mnYrD6x06LjoZnICdvcT0Q41sap2lXjzncU6a1lXAXUzk1MbafI3jsOAHlpFEdN7YiwKhh7qEgI+B57Pz6ZL7WY+z/CNYTRqIqvKbv3iG5j/JmfpqKHMV769aOEcBfahGeeC8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 174351555727565.98154289504055; Tue, 1 Apr 2025 06:52:37 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbwk-0003R6-B1; Tue, 01 Apr 2025 09:46:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbux-0001Mf-OE for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:42 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbuw-0006ZP-4K for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:39 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:12 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:10 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515078; x=1775051078; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=xXJsHp6IKbQ0urWG/A57EAspFBUln9gJODiT0xlm4gY=; b=WDSgL4vHA8LQKmKWODSd3mjRB4mlsLBJX3gL0840/5Wd97r51ImG1t4Q XWs0Zhf54uQSkADI4O/sj0Nb1F6zp1QxlFkQxCGo/3EoTfxBU17iRhD0l CJnHxykRaTjRKzOqalWzxuF5NWByA2k71ctEyqkAUbCvuKTg1MlHQ82sC Yq6Vh9xem4fLLBwph1dKzBnwxR3zRNLMsG99gkKkwKrUDT9RZ9idswx5E J+4U/tSBztXZW8Bxyr7lMRu7SBIXFBtQXiOYh/IaOpH83zA9pSuiX2naZ Uq1q71Cjqwm1GauYXnYjAYwavgLZvcLje7gUzeM4bSWg6Okm2bu9jk2e3 g==; X-CSE-ConnectionGUID: A8qWQc1ySnCO4QawgW4j4g== X-CSE-MsgGUID: NdG5JK1bRL+O537OXrikBw== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433552" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433552" X-CSE-ConnectionGUID: eLruHHsSQp6zcuVnYtf3zA== X-CSE-MsgGUID: AlbD/7EaT+eJ+vvVw5r3Jg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640253" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 48/55] i386/tdx: Add XFD to supported bit of TDX Date: Tue, 1 Apr 2025 09:01:58 -0400 Message-Id: <20250401130205.2198253-49-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515559451019000 Content-Type: text/plain; charset="utf-8" Just mark XFD as always supported for TDX. This simple solution relies on the fact KVM will report XFD as 0 when it's not supported by the hardware. Signed-off-by: Xiaoyao Li --- target/i386/cpu.h | 1 + target/i386/kvm/tdx.c | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 132312d70a54..a223e09a25c4 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -1126,6 +1126,7 @@ uint64_t x86_cpu_get_supported_feature_word(X86CPU *c= pu, FeatureWord w); #define CPUID_XSAVE_XSAVEC (1U << 1) #define CPUID_XSAVE_XGETBV1 (1U << 2) #define CPUID_XSAVE_XSAVES (1U << 3) +#define CPUID_XSAVE_XFD (1U << 4) =20 #define CPUID_6_EAX_ARAT (1U << 2) =20 diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index c7b4a098d12f..e07cd9a1ee15 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -620,6 +620,11 @@ static void tdx_add_supported_cpuid_by_xfam(void) e->edx |=3D (tdx_caps->supported_xfam & CPUID_XSTATE_XCR0_MASK) >> 32; =20 e =3D find_in_supported_entry(0xd, 1); + /* Mark XFD always support for TDX, it will be cleared finally in + * tdx_adjust_cpuid_features() if XFD is unavailable on the hardware + * because in this case the original data has it as 0. + */ + e->eax |=3D CPUID_XSAVE_XFD; e->ecx |=3D (tdx_caps->supported_xfam & CPUID_XSTATE_XSS_MASK); e->edx |=3D (tdx_caps->supported_xfam & CPUID_XSTATE_XSS_MASK) >> 32; } --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515329; cv=none; d=zohomail.com; s=zohoarc; b=NWfMxN+tSjiLJzBmr0XA1TQ4EiIVswIc+sVLUGa9kguRSc0907IHrrjBI5hRhYKQIB5K/kAvc9LfvYjfvX04llPNyt108DlpNnFL+yGFHp2zmIvx1dOQ7Be81t/TCBiMVFO24agoRf/Mn7qgxRsxzEGYE3Di5uMgkrmYAekUsR8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515329; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=lgHX63yRFypWeoJP0Nj4dqQdgZjECPw9KDxx6E5O1Rg=; b=CepNB3uYxj9gqNb/vD7nWb963aFZr8AudrcxLQpiTL6zszn1wfSQs9ncVffyW6Nj9qRShxFUahJ9ATNMaoQQI7QQdo3Q9khXVpbyyWd8LTU1AImDPzySeJ4qtjVa9YuDt2FuUmRJNuOJTum4giNUvVY0MTAciy47HctVeldlemQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515329263335.3501825089759; Tue, 1 Apr 2025 06:48:49 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbxy-0004Cq-T6; Tue, 01 Apr 2025 09:47:55 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbv7-0001Vj-3q for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:51 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbv4-0006Zf-Ll for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:48 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:15 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:12 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515086; x=1775051086; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=qc403tQtaS3XiL+U4JspzsP2n45u6luhwv6QZO33vJA=; b=S/yMYiQAS5immoflM1bt4dOcsws23Pz8HATHdHf7DcIJfx5J09H422BE s++r90D4yxV1bf7FjJ5TJ+5Ds+Ii6/Z016RzCH1Apa42HXPkuXjLBOk95 276kbe6IvgsjZXqz9Sa/kBMKyiQljS6nvbFADYzfAuJDxcVoJgWvGBZ7C U+EPOCXkx26JPQHPvkPjmKbWNMBNT84K0E1mwKSs5dev5kYl2dCn4ds9F VCB/TzOLmXYJVPN3dkTZv+SOlPw/Z9m7I0/9Y+z3EJTZeFoZLHvFZ+Uej aPlqV9Btie7tU85YHEs2VM3TBY0JdHjK2Qy1kFWW6sWX45X1pWRei+kOR Q==; X-CSE-ConnectionGUID: cM1BaQyDQrC3RmQ4VM38uQ== X-CSE-MsgGUID: bvQ32rW6Taq5E+d6O5lOfg== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433563" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433563" X-CSE-ConnectionGUID: +uwqTifORuKREla3jCcJTg== X-CSE-MsgGUID: IZsjWTFaQH6RWn1mjDXSqg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640264" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 49/55] i386/tdx: Define supported KVM features for TDX Date: Tue, 1 Apr 2025 09:01:59 -0400 Message-Id: <20250401130205.2198253-50-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515331612019100 Content-Type: text/plain; charset="utf-8" For TDX, only limited KVM PV features are supported. Signed-off-by: Xiaoyao Li --- target/i386/kvm/tdx.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index e07cd9a1ee15..7382b53fcc51 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -32,6 +32,8 @@ #include "kvm_i386.h" #include "tdx.h" =20 +#include "standard-headers/asm-x86/kvm_para.h" + #define TDX_MIN_TSC_FREQUENCY_KHZ (100 * 1000) #define TDX_MAX_TSC_FREQUENCY_KHZ (10 * 1000 * 1000) =20 @@ -44,6 +46,14 @@ TDX_TD_ATTRIBUTES_PKS | \ TDX_TD_ATTRIBUTES_PERFMON) =20 +#define TDX_SUPPORTED_KVM_FEATURES ((1U << KVM_FEATURE_NOP_IO_DELAY) | \ + (1U << KVM_FEATURE_PV_UNHALT) | \ + (1U << KVM_FEATURE_PV_TLB_FLUSH) | \ + (1U << KVM_FEATURE_PV_SEND_IPI) | \ + (1U << KVM_FEATURE_POLL_CONTROL) | \ + (1U << KVM_FEATURE_PV_SCHED_YIELD) | \ + (1U << KVM_FEATURE_MSI_EXT_DEST_ID)) + static TdxGuest *tdx_guest; =20 static struct kvm_tdx_capabilities *tdx_caps; @@ -629,6 +639,14 @@ static void tdx_add_supported_cpuid_by_xfam(void) e->edx |=3D (tdx_caps->supported_xfam & CPUID_XSTATE_XSS_MASK) >> 32; } =20 +static void tdx_add_supported_kvm_features(void) +{ + struct kvm_cpuid_entry2 *e; + + e =3D find_in_supported_entry(0x40000001, 0); + e->eax =3D TDX_SUPPORTED_KVM_FEATURES; +} + static void tdx_setup_supported_cpuid(void) { if (tdx_supported_cpuid) { @@ -645,6 +663,8 @@ static void tdx_setup_supported_cpuid(void) tdx_add_supported_cpuid_by_fixed1_bits(); tdx_add_supported_cpuid_by_attrs(); tdx_add_supported_cpuid_by_xfam(); + + tdx_add_supported_kvm_features(); } =20 static int tdx_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515717; cv=none; d=zohomail.com; s=zohoarc; b=UORR6+AXRtXLSxweSJF3fXqTQyxBjFZSggAM0sFVC8vFiMjPtBVAql8m2IVnYZDci12oyJUUhr7MNeFdgFUSkMsg+MaOkYZ2xC1WlZhXHlZYeyyeM7l2yaf1WklU3tABCdktDYXDhTXCyfbnAsCS/DS4nBzdzgrjb/hto3PJe3A= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515717; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=7i/5Etv54DES3sFnimLV2ppjYzXcgog2BH3Uuah94+4=; b=GK5EICrOPAt7AqOa2lQraxiNnke1FFv1sN8+oqfLjbQ+1n+kEYTgTecC4JLBx1NktnNus8s3g/eMbqcsYRNa9qZJP6tjjHBaWnU/crhXKikrjmtzcYj3yMpuN6WIhrNbnWyj3Q4/zjf5VGKB3RTv/gzisSmfmUwIRqCQzomklV0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515717514146.08181582518648; Tue, 1 Apr 2025 06:55:17 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbz5-0006b1-Vu; Tue, 01 Apr 2025 09:48:56 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbvA-0001Z1-4j for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:53 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbv8-0006ZP-27 for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:51 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:17 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:15 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515090; x=1775051090; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=JKMlucssmDcGsanH6kb+uP0DlL1BGA8NocL5uyi4aSQ=; b=DxhoRu/n/t5pjBnSlNRaQoLtHE0admoU0CqfvtnVXqBGw4nSHQxvsSgA OywNacpb8l7NNx+jFpdvtRhpao/kQpdhEK9M2Y9AdDD/MT6y9UXU+XeW7 wv6vvGyItmouOHsRN0bfcbSBcfyIO1bU3IT5FuU+O+Y8FraFj5oXk0SMM INR+0i5GSMMCp2ta/tTAnyP/UK897Q21lRd/DUecU2QH48l4LLexJQFBD oDHOOcfnYkeGPRuoGdqNAexhJXX8kxhIKS4+G0pjjIGSqNEnvWfWLDC5G vv/yuAeU4KtYP7n7esWyfYf+iJQ8Mz6evgb+R3mPcdswHque7+hObCWDw Q==; X-CSE-ConnectionGUID: vpNHQca8RfqfSW77BUIeEg== X-CSE-MsgGUID: OJuJFXDTTK6UjYsTAvbShw== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433572" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433572" X-CSE-ConnectionGUID: soV37tHIRrqHZ3XcBXxZZw== X-CSE-MsgGUID: kODZuYubSb+ZnGe13hBtWA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640269" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 50/55] i386/cgs: Introduce x86_confidential_guest_check_features() Date: Tue, 1 Apr 2025 09:02:00 -0400 Message-Id: <20250401130205.2198253-51-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515720513019100 Content-Type: text/plain; charset="utf-8" To do cgs specific feature checking. Note the feature checking in x86_cpu_filter_features() is valid for non-cgs VMs. For cgs VMs like TDX, what features can be supported has more restrictions. Signed-off-by: Xiaoyao Li --- target/i386/confidential-guest.h | 13 +++++++++++++ target/i386/kvm/kvm.c | 8 ++++++++ 2 files changed, 21 insertions(+) diff --git a/target/i386/confidential-guest.h b/target/i386/confidential-gu= est.h index 777d43cc9688..48b88dbd3130 100644 --- a/target/i386/confidential-guest.h +++ b/target/i386/confidential-guest.h @@ -42,6 +42,7 @@ struct X86ConfidentialGuestClass { void (*cpu_instance_init)(X86ConfidentialGuest *cg, CPUState *cpu); uint32_t (*adjust_cpuid_features)(X86ConfidentialGuest *cg, uint32_t f= eature, uint32_t index, int reg, uint32_t va= lue); + int (*check_features)(X86ConfidentialGuest *cg, CPUState *cs); }; =20 /** @@ -91,4 +92,16 @@ static inline int x86_confidential_guest_adjust_cpuid_fe= atures(X86ConfidentialGu } } =20 +static inline int x86_confidential_guest_check_features(X86ConfidentialGue= st *cg, + CPUState *cs) +{ + X86ConfidentialGuestClass *klass =3D X86_CONFIDENTIAL_GUEST_GET_CLASS(= cg); + + if (klass->check_features) { + return klass->check_features(cg, cs); + } + + return 0; +} + #endif diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 17d7bf6ae9aa..27b4a069d194 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -2092,6 +2092,14 @@ int kvm_arch_init_vcpu(CPUState *cs) int r; Error *local_err =3D NULL; =20 + if (current_machine->cgs) { + r =3D x86_confidential_guest_check_features( + X86_CONFIDENTIAL_GUEST(current_machine->cgs), cs); + if (r < 0) { + return r; + } + } + memset(&cpuid_data, 0, sizeof(cpuid_data)); =20 cpuid_i =3D 0; --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515842; cv=none; d=zohomail.com; s=zohoarc; b=h+1ikVBdLIhU149kddatkI6w2dhjn2zyYlPhl8q4q4xhXLdXGMxXRDDVX8EqW20S22gqW5bxVk8LwNY4IHguiR8xFyAPKw7jfwBx7CfF6UD7poNuiXLaareHaOfR0tmYFJHDqpWFSdBVBMfK8D/eLL2FO7SHuyMoCZMc+MWta90= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515842; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=cy1wawduOgy/K084rlWKYtg7gekj8ccbJvdpxSfqf3o=; b=XxJ3oCGf21AwJBVp1HstVbVxTeb05bdWAtLAoZgxl+yMSSigKoewjqCntK7Y50YwkbSYmu9cnpk1YPzVSL/AgoS3C/jiD5CLBKHLhWGBBmFFgyfCyTyzO5VH2YQKDwfc7vJDJP70qF2B3ntXY3Ax/gJlfQA7dBltlE365oAGgPY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515842703516.8629019629959; Tue, 1 Apr 2025 06:57:22 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbz5-0006YU-8Q; Tue, 01 Apr 2025 09:48:55 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbvB-0001aj-Ii for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:56 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbv9-0006XQ-Ju for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:44:53 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:20 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:17 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515091; x=1775051091; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=AcHHhoVG9se9MbdT2EDS9uPRBBoFYbEBeDYXAlLrBrg=; b=cKXNLKALVHC0KeDh5xsYzAyPtGOC+yTmCZ3BF4P3ddnvV3Us60w/cTri MQSyGpvd+gQDatBK3u2SSYLD7t2vZoA2ZSlcZOy5latU1Tg21wFedGbAj UIXtzT1uM13O5TzOGK+Jfo+hqbGb0ymq1sAWDouvWD/v/irHnZuX0YBq5 Dqm9m77b8oalyFWMqedb+XayQNPnTubgsAv0jnz4NLdFLtGx0Qkciy1bD TrNhuuvISysXjcV9aT2TMGfpDQyhwitdT2jXpQkUGLby7TnlYq3Ds1P5B v88pqNKB66c8yzF1jAMdUXkitfcDiSIHqlRDUXMFNdIkzb0SfzVDnjI6k w==; X-CSE-ConnectionGUID: OWqSvCoXT4iCcJmM5sBQWA== X-CSE-MsgGUID: RyNb2gLlSnGizx4QgUP3BA== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433583" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433583" X-CSE-ConnectionGUID: bLObRQfcSHK7Jyt7ZjG1hw== X-CSE-MsgGUID: VqFJBFAkT+2Fz68AuMw+xw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640277" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 51/55] i386/tdx: Fetch and validate CPUID of TD guest Date: Tue, 1 Apr 2025 09:02:01 -0400 Message-Id: <20250401130205.2198253-52-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515845210019100 Content-Type: text/plain; charset="utf-8" Use KVM_TDX_GET_CPUID to get the CPUIDs that are managed and enfored by TDX module for TD guest. Check QEMU's configuration against the fetched data. Print wanring message when 1. a feature is not supported but requested by QEMU or 2. QEMU doesn't want to expose a feature while it is enforced enabled. - If cpu->enforced_cpuid is not set, prints the warning message of both 1) and 2) and tweak QEMU's configuration. - If cpu->enforced_cpuid is set, quit if any case of 1) or 2). Signed-off-by: Xiaoyao Li --- target/i386/cpu.c | 33 ++++++++++++++- target/i386/cpu.h | 7 +++ target/i386/kvm/tdx.c | 99 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 137 insertions(+), 2 deletions(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index f09a1caac071..41407c8a7248 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -5772,8 +5772,8 @@ static bool x86_cpu_have_filtered_features(X86CPU *cp= u) return false; } =20 -static void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t= mask, - const char *verbose_prefix) +void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t mask, + const char *verbose_prefix) { CPUX86State *env =3D &cpu->env; FeatureWordInfo *f =3D &feature_word_info[w]; @@ -5800,6 +5800,35 @@ static void mark_unavailable_features(X86CPU *cpu, F= eatureWord w, uint64_t mask, } } =20 +void mark_forced_on_features(X86CPU *cpu, FeatureWord w, uint64_t mask, + const char *verbose_prefix) +{ + CPUX86State *env =3D &cpu->env; + FeatureWordInfo *f =3D &feature_word_info[w]; + int i; + + if (!cpu->force_features) { + env->features[w] |=3D mask; + } + + cpu->forced_on_features[w] |=3D mask; + + if (!verbose_prefix) { + return; + } + + for (i =3D 0; i < 64; ++i) { + if ((1ULL << i) & mask) { + g_autofree char *feat_word_str =3D feature_word_description(f); + warn_report("%s: %s%s%s [bit %d]", + verbose_prefix, + feat_word_str, + f->feat_names[i] ? "." : "", + f->feat_names[i] ? f->feat_names[i] : "", i); + } + } +} + static void x86_cpuid_version_get_family(Object *obj, Visitor *v, const char *name, void *opaque, Error **errp) diff --git a/target/i386/cpu.h b/target/i386/cpu.h index a223e09a25c4..1600e826f372 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -2227,6 +2227,9 @@ struct ArchCPU { /* Features that were filtered out because of missing host capabilitie= s */ FeatureWordArray filtered_features; =20 + /* Features that are forced enabled by underlying hypervisor, e.g., TD= X */ + FeatureWordArray forced_on_features; + /* Enable PMU CPUID bits. This can't be enabled by default yet because * it doesn't have ABI stability guarantees, as it passes all PMU CPUID * bits returned by GET_SUPPORTED_CPUID (that depend on host CPU and k= ernel @@ -2539,6 +2542,10 @@ void host_cpuid(uint32_t function, uint32_t count, uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx= ); bool cpu_has_x2apic_feature(CPUX86State *env); bool is_feature_word_cpuid(uint32_t feature, uint32_t index, int reg); +void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t mask, + const char *verbose_prefix); +void mark_forced_on_features(X86CPU *cpu, FeatureWord w, uint64_t mask, + const char *verbose_prefix); =20 static inline bool x86_has_cpuid_0x1f(X86CPU *cpu) { diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 7382b53fcc51..58797470ba7e 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -764,6 +764,104 @@ static uint32_t tdx_adjust_cpuid_features(X86Confiden= tialGuest *cg, return value; } =20 +static struct kvm_cpuid2 *tdx_fetch_cpuid(CPUState *cpu) +{ + struct kvm_cpuid2 *fetch_cpuid; + int size =3D KVM_MAX_CPUID_ENTRIES; + Error *local_err =3D NULL; + int r; + + do { + error_free(local_err); + local_err =3D NULL; + + fetch_cpuid =3D g_malloc0(sizeof(*fetch_cpuid) + + sizeof(struct kvm_cpuid_entry2) * size); + fetch_cpuid->nent =3D size; + r =3D tdx_vcpu_ioctl(cpu, KVM_TDX_GET_CPUID, 0, fetch_cpuid, &loca= l_err); + if (r =3D=3D -E2BIG) { + g_free(fetch_cpuid); + size =3D fetch_cpuid->nent; + } + } while (r =3D=3D -E2BIG); + + if (r < 0) { + error_report_err(local_err); + return NULL; + } + + return fetch_cpuid; +} + +static int tdx_check_features(X86ConfidentialGuest *cg, CPUState *cs) +{ + uint64_t actual, requested, unavailable, forced_on; + g_autofree struct kvm_cpuid2 *fetch_cpuid; + const char *forced_on_prefix =3D NULL; + const char *unav_prefix =3D NULL; + struct kvm_cpuid_entry2 *entry; + X86CPU *cpu =3D X86_CPU(cs); + CPUX86State *env =3D &cpu->env; + FeatureWordInfo *wi; + FeatureWord w; + bool mismatch =3D false; + + fetch_cpuid =3D tdx_fetch_cpuid(cs); + if (!fetch_cpuid) { + return -1; + } + + if (cpu->check_cpuid || cpu->enforce_cpuid) { + unav_prefix =3D "TDX doesn't support requested feature"; + forced_on_prefix =3D "TDX forcibly sets the feature"; + } + + for (w =3D 0; w < FEATURE_WORDS; w++) { + wi =3D &feature_word_info[w]; + actual =3D 0; + + switch (wi->type) { + case CPUID_FEATURE_WORD: + entry =3D cpuid_find_entry(fetch_cpuid, wi->cpuid.eax, wi->cpu= id.ecx); + if (!entry) { + /* + * If KVM doesn't report it means it's totally configurable + * by QEMU + */ + continue; + } + + actual =3D cpuid_entry_get_reg(entry, wi->cpuid.reg); + break; + case MSR_FEATURE_WORD: + /* + * TODO: + * validate MSR features when KVM has interface report them. + */ + continue; + } + + requested =3D env->features[w]; + unavailable =3D requested & ~actual; + mark_unavailable_features(cpu, w, unavailable, unav_prefix); + if (unavailable) { + mismatch =3D true; + } + + forced_on =3D actual & ~requested; + mark_forced_on_features(cpu, w, forced_on, forced_on_prefix); + if (forced_on) { + mismatch =3D true; + } + } + + if (cpu->enforce_cpuid && mismatch) { + return -1; + } + + return 0; +} + static int tdx_validate_attributes(TdxGuest *tdx, Error **errp) { if ((tdx->attributes & ~tdx_caps->supported_attrs)) { @@ -1147,4 +1245,5 @@ static void tdx_guest_class_init(ObjectClass *oc, voi= d *data) x86_klass->kvm_type =3D tdx_kvm_type; x86_klass->cpu_instance_init =3D tdx_cpu_instance_init; x86_klass->adjust_cpuid_features =3D tdx_adjust_cpuid_features; + x86_klass->check_features =3D tdx_check_features; } --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515736; cv=none; d=zohomail.com; s=zohoarc; b=D0SfKjsfZMVUf9NgjcZZJ/QlpmNIZl72IDH9J32Yixfbwj7ktcZ29+tdLS3SKd7NRe/mE50Fd6tsIrEamh38Baiquqlc4qECbt+/9iC6MGzwFEgPji3JIQdhZnVUv7T8SnJw0Yai2DWVSUpungDnjCatDURjTPxz9wvx7Gs//1g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515736; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=pYQ5JxAuGr6DLI0cbsDQjTyJ7S4WPedtdM2fj7QmEHQ=; b=lMrldU/devcqvTVTCmQ9OowUxoZj25hlaJ3Vt7o94eOavdzm+tubclpV3voUpHneBqYqf3TUIEMY7Blyk0yOb1Ln1IO314+FtYQEM8MP+YcOovlwrwtg4/28Rp7Mu4VA1Px3KzOHDLXrRb3SIv43mckDP1AkN4Vxlk3XKpJoItI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515736293397.11019905406306; Tue, 1 Apr 2025 06:55:36 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbyu-0005e9-19; Tue, 01 Apr 2025 09:48:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbvJ-0001tV-GC for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:45:02 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbvH-0006Zf-NH for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:45:01 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:22 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:20 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515099; x=1775051099; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=kqJ6YMAigc2oOLvepy0MLHccWgmrlM/N47RQdC2WKiw=; b=jUCUTISMJPKLguTE7TF+dgwOmT0NhWq8Cx+XJ7mWq1DFCvWFrNIBaNJ/ FGG68SQnRUtVL3+jhPUUO7n3aY2cdpPeo4/vl0pk2a0t8UE4wvdZu/KcA d9kNZrNz0OjzCP37gPTPlLVjROdVcIugsTSpJSn+hBZ2vbG1DlM81wcZ2 3ytB3ccx71+tKLcLUCHzjXKXi60d2rANRToFOuTSePxt+AfPfKUPaWPcX TgRlJjzGZeFwSJbf4M75hs1NNpFEBxbq6xwJPOsewO0d+mv43+1nQUW9F Afy7yIGZ9WI/fQNRUR+2m1Wv4NgWGzFGWAm3XoSZvrK9tpXet8Jg9AlnU g==; X-CSE-ConnectionGUID: pAHsWdNWT66aU20wMLZM6w== X-CSE-MsgGUID: YaJW5ygnRGKNTIzpQqfp7Q== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433592" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433592" X-CSE-ConnectionGUID: ZV68wfqgR3C5EqD6bIsn1A== X-CSE-MsgGUID: b3rLLittR9W9jxJV7yZXMA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640286" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 52/55] i386/tdx: Don't treat SYSCALL as unavailable Date: Tue, 1 Apr 2025 09:02:02 -0400 Message-Id: <20250401130205.2198253-53-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515738448019100 Content-Type: text/plain; charset="utf-8" Signed-off-by: Xiaoyao Li --- Changes in v7: - fix CPUID_EXT2_SYSCALL by adding it to actual; --- target/i386/kvm/tdx.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 58797470ba7e..cd8e96d476b8 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -841,6 +841,19 @@ static int tdx_check_features(X86ConfidentialGuest *cg= , CPUState *cs) continue; } =20 + /* Fixup for special cases */ + switch (w) { + case FEAT_8000_0001_EDX: + /* + * Intel enumerates SYSCALL bit as 1 only when processor in 64= -bit + * mode and before vcpu running it's not in 64-bit mode. + */ + actual |=3D CPUID_EXT2_SYSCALL; + break; + default: + break; + } + requested =3D env->features[w]; unavailable =3D requested & ~actual; mark_unavailable_features(cpu, w, unavailable, unav_prefix); --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515794; cv=none; d=zohomail.com; s=zohoarc; b=E8L88mmpOyG5oFG3Ajl22ZDsryWtgJcDuI+TP87MxnaJgBayhuCX9I8YLo0/iyNjxqL/Q2iYtIngDLfuJ3mdSnZusRjhZY60n8PhTyHAwvaWibc4dpsLaMSKxuKaH7yrM8iMQkXQjrPeRjrn7xc4hawJrkGeQ3cy3TJOLXeBudg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515794; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=7MNNvKyXc5j3udZGKKXU5g3mQ+lY/ZDdJrfoel/kPGE=; b=mBXHs4VdNf87GzWoFb/64neI1sqS/lkUAjs6y603tXA4IJtVIRirDBE+txD59hOd1+btxhosFG4nZPiW9o7P9SCStpxdIuktO3gnH+t7jIvkACffFMMWHUlVCfkQ3xjUhMTvzfMUXomX9Q9qvLsOAA8GgNwh+Sejz9EvhVx/EQE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1743515794849466.8921864534643; Tue, 1 Apr 2025 06:56:34 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzc0v-0008S0-3J; Tue, 01 Apr 2025 09:50:52 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbvP-0002B9-Va for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:45:09 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbvK-0006ZP-MI for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:45:07 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:25 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:22 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515102; x=1775051102; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=e68AirCJWIClPEQKyzO8wJ+Cnbr4OJ/RbXFGL+GpFsQ=; b=oKWUXquC0HbaA685UmKMksiaRHdHW+sKMEalGIbha+W+z1JHHilRm4td RegFf7Mjzs7LQ04RMeuzvrs61F0CHZ5EpoodDc5vP1XMa41elS78Boow8 Irrs4Zk7cBjw4yx6vLIjGMC569zvZ4mDq9ffpwLs59GZyqKjzzCGtnMq4 BfL1Yga6PO4+w4DzZkVCpUyYjCAFdB+l8rJkBuv7ETsx1SQdN/AQQ/3RC wYjUteuL0Y4nFd4rGIrl4E3IM8mgXYIWuXMUBfzFRJHbE7bwLbm6Ctr4t MElLTtJtz2pk7wAiluRkcULOUyk6r5Hoah8J2yU4OK8OvPVNSIvO05pv6 A==; X-CSE-ConnectionGUID: KNuGyL8ERmSjkZ+0ujlCjw== X-CSE-MsgGUID: AGkmxK6gTNqIhNMS7nC+dw== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433602" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433602" X-CSE-ConnectionGUID: DzMgGzwHRvaBL9otKnUYRw== X-CSE-MsgGUID: L79C2wnbSJagB5JOsPOJTA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640294" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 53/55] i386/tdx: Make invtsc default on Date: Tue, 1 Apr 2025 09:02:03 -0400 Message-Id: <20250401130205.2198253-54-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -33 X-Spam_score: -3.4 X-Spam_bar: --- X-Spam_report: (-3.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515796769019100 Content-Type: text/plain; charset="utf-8" Because it's fixed1 bit that enforced by TDX module. Signed-off-by: Xiaoyao Li --- target/i386/kvm/tdx.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index cd8e96d476b8..8f075ba5a4de 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -740,6 +740,9 @@ static void tdx_cpu_instance_init(X86ConfidentialGuest = *cg, CPUState *cpu) =20 object_property_set_bool(OBJECT(cpu), "pmu", false, &error_abort); =20 + /* invtsc is fixed1 for TD guest */ + object_property_set_bool(OBJECT(cpu), "invtsc", true, &error_abort); + x86cpu->enable_cpuid_0x1f =3D true; } =20 --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743516163; cv=none; d=zohomail.com; s=zohoarc; b=cGk5Qzr8xUaWxpOP0MSK5FBY8LAXzXtEjNsJGAknGhKH+l9h4E8fj8avh8kXxw4mI/IWReflegc2JeVFrK/Pu+qEtfjfE4aqDBum5EHbIZTqiZVA/FFoqkpOGInAiiah3/Wkg3QGAH5YYeTdYBdfdUWfnwuDhNEruUwLy27TG3w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743516163; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=s3eVVN/HQgjR9xatBk6jrErFkVEvC/RMcXRjTYEAM4Y=; b=f/lsLRYIzoyMF6/V124k9kiIVtsDA0mI87pohukMTXgM04/1I7PSoX+zl+vNlbp7SBvwFqgBNJSnJTycXgBPTs4CmmlP0om/cSrdMr9A6gcksC5pyUjtQn7uEDg+jhnQPrwkptQ4Q2sP7IRTk5+0VitXohW2h37k8R3TG0pDxBo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 174351616338253.175067307180484; Tue, 1 Apr 2025 07:02:43 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbyU-0004xC-FN; Tue, 01 Apr 2025 09:48:20 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbvN-00026f-Pm for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:45:06 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbvL-0006XQ-St for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:45:05 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:27 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:25 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515104; x=1775051104; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Koh+nRw4jmZ1Op1sYV3lYvpDb8Uq9tjL8EWr3Rspt5U=; b=YwVOoZ0tCzwRhjA50VHu5uMVFzUB34cpqf4lTf3OUc/EG3/B6y7Bq38t jJpoYk9sriWk0uk3fq1AlH64UQocuS/Fb6JSkme66JuQznQzLEtnnpg8G JRQfVQfJVcZ9yHpZiIyttC54p9FvFCs+B68gzVHcZ9zgHMVjBSlxcyXVt IDuRrubY0QzKVdnHLwjRicIu5rDM5fynu8wXKofdPX0aMLC+Bsw+fCVmh ox6tQkcaUNbhf+AaUGSyTIP7/5ph6R/fx084woN4sh6ND3BF6P7OBvFyP L9EmFfVZd1m5dyYypSUYSaqGZ9PqdpIJiAZyOTbWjga15Po6voLEUa9ty A==; X-CSE-ConnectionGUID: tU0QZlniQ7KaRuTn05+RCA== X-CSE-MsgGUID: +ojHv8EhTKm8f1CqODKOpw== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433608" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433608" X-CSE-ConnectionGUID: 9mN3EbrUSq2Pf/nGt3yShw== X-CSE-MsgGUID: Mmuf2A6TQmSeLar6DINvkQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640302" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 54/55] i386/tdx: Validate phys_bits against host value Date: Tue, 1 Apr 2025 09:02:04 -0400 Message-Id: <20250401130205.2198253-55-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743516164426019100 Content-Type: text/plain; charset="utf-8" For TDX guest, the phys_bits is not configurable and can only be host/native value. Validate phys_bits inside tdx_check_features(). Signed-off-by: Xiaoyao Li Reviewed-by: Daniel P. Berrang=C3=A9 --- target/i386/host-cpu.c | 2 +- target/i386/host-cpu.h | 1 + target/i386/kvm/tdx.c | 8 ++++++++ 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/target/i386/host-cpu.c b/target/i386/host-cpu.c index 3e4e85e729c8..8a15af458b05 100644 --- a/target/i386/host-cpu.c +++ b/target/i386/host-cpu.c @@ -15,7 +15,7 @@ #include "system/system.h" =20 /* Note: Only safe for use on x86(-64) hosts */ -static uint32_t host_cpu_phys_bits(void) +uint32_t host_cpu_phys_bits(void) { uint32_t eax; uint32_t host_phys_bits; diff --git a/target/i386/host-cpu.h b/target/i386/host-cpu.h index 6a9bc918baa4..b97ec01c9bec 100644 --- a/target/i386/host-cpu.h +++ b/target/i386/host-cpu.h @@ -10,6 +10,7 @@ #ifndef HOST_CPU_H #define HOST_CPU_H =20 +uint32_t host_cpu_phys_bits(void); void host_cpu_instance_init(X86CPU *cpu); void host_cpu_max_instance_init(X86CPU *cpu); bool host_cpu_realizefn(CPUState *cs, Error **errp); diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 8f075ba5a4de..c8fffa94c7d2 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -25,6 +25,7 @@ =20 #include "cpu.h" #include "cpu-internal.h" +#include "host-cpu.h" #include "hw/i386/e820_memory_layout.h" #include "hw/i386/tdvf.h" #include "hw/i386/x86.h" @@ -875,6 +876,13 @@ static int tdx_check_features(X86ConfidentialGuest *cg= , CPUState *cs) return -1; } =20 + if (cpu->phys_bits !=3D host_cpu_phys_bits()) { + error_report("TDX requires guest CPU physical bits (%u) " + "to match host CPU physical bits (%u)", + cpu->phys_bits, host_cpu_phys_bits()); + exit(1); + } + return 0; } =20 --=20 2.34.1 From nobody Sat Apr 5 05:26:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1743515940; cv=none; d=zohomail.com; s=zohoarc; b=hfUd2RP2mmTqnA3qrHrrDSEDTLns95JNJ/t779hpMDyUOUIjNKHnzk6aUId6CnWCfFbhbmPFCn/DyI6ij7idiaj28HqLRGxyCiJQ35rbFfnPyPTAyU61EwnMrpvBu7vxe9KwfQJ2m9QRCK9PgidRjdOMsXgM44Xsi34hmUTrfL0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1743515940; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=lwvWDxfp8dtWiHJbMTWjdOivjhU1yAFD1PfNNXiBVfA=; b=HLMVR4MtjmdJhfvL69na/dNb8XZl80XlExTgjKwXms19tl9yqWdB9wh8W9O75320SF8cdnVqM1WJ7Rm/oW7V2Gt2B/wPixpL1FsobxZeBVTxuEU1dgKGh+hjdW1XeWGn7PFZDft8xJDtHnmUU9jTtbPKGH5OOCSd9Nug4LIDwFY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 174351594051585.27422432508433; Tue, 1 Apr 2025 06:59:00 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tzbyy-00069T-Pm; Tue, 01 Apr 2025 09:48:49 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbvY-0002VS-Sa for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:45:17 -0400 Received: from mgamail.intel.com ([192.198.163.16]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tzbvU-0006Zf-6F for qemu-devel@nongnu.org; Tue, 01 Apr 2025 09:45:16 -0400 Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2025 06:43:30 -0700 Received: from lxy-clx-4s.sh.intel.com ([10.239.48.52]) by fmviesa008.fm.intel.com with ESMTP; 01 Apr 2025 06:43:27 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1743515112; x=1775051112; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=EUwHVgF5vEEMvJW0RWlFhvQxAskobUwBHDJmxFXAZbY=; b=WuztuGS6aJqYd7EplKBdx6zJUf0XwH2XgrNmXcWzzk5jbtpIekayWQlU lre2rI9cyT1CcOYTFGYsn+ZHFc3jLTqUVV1x5UUM0cMmntWERm8WtnV3X qc1AIwdF92vTYScWRMU0cJiAyTwzzZyGw2bhkNkXEY2R4baYtpP+qMBD/ CSPTpmIadxc03TyD+YWf+tCIgR4fGP8O/jtuXtsz87jPnaxQLvPFWdhja kuIl8BKtt8JyzY4t2FvM/ymjqe1DE/1GVaRgj/ncAyh1TMj8CEZBGcPBs H2UdnmMuiEquyJrIiQDyZtuk/M0A4tCRE1OcJHadZy6sYUUY+1qb/q0uG w==; X-CSE-ConnectionGUID: i5tOTME1R/OYVhvKMLJjXA== X-CSE-MsgGUID: jeFsBnx7QrOAGFjdBKJpYQ== X-IronPort-AV: E=McAfee;i="6700,10204,11391"; a="32433617" X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="32433617" X-CSE-ConnectionGUID: uIOZPd4uQfmZWINjGpHygA== X-CSE-MsgGUID: tYVyRyOhQjC9xJGrW5peuA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.14,293,1736841600"; d="scan'208";a="126640311" From: Xiaoyao Li To: Paolo Bonzini , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Cc: "Michael S. Tsirkin" , Markus Armbruster , Francesco Lavra , Marcelo Tosatti , qemu-devel@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Rick Edgecombe , Xiaoyao Li Subject: [PATCH v8 55/55] docs: Add TDX documentation Date: Tue, 1 Apr 2025 09:02:05 -0400 Message-Id: <20250401130205.2198253-56-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250401130205.2198253-1-xiaoyao.li@intel.com> References: <20250401130205.2198253-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=192.198.163.16; envelope-from=xiaoyao.li@intel.com; helo=mgamail.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.997, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1743515941515019000 Content-Type: text/plain; charset="utf-8" Add docs/system/i386/tdx.rst for TDX support, and add tdx in confidential-guest-support.rst Signed-off-by: Xiaoyao Li --- Changes in v6: - Add more information of "Feature configuration" - Mark TD Attestation as future work because KVM now drops the support of it. Changes in v5: - Add TD attestation section and update the QEMU parameter; Changes since v1: - Add prerequisite of private gmem; - update example command to launch TD; Changes since RFC v4: - add the restriction that kernel-irqchip must be split --- docs/system/confidential-guest-support.rst | 1 + docs/system/i386/tdx.rst | 156 +++++++++++++++++++++ docs/system/target-i386.rst | 1 + 3 files changed, 158 insertions(+) create mode 100644 docs/system/i386/tdx.rst diff --git a/docs/system/confidential-guest-support.rst b/docs/system/confi= dential-guest-support.rst index 0c490dbda2b7..66129fbab64c 100644 --- a/docs/system/confidential-guest-support.rst +++ b/docs/system/confidential-guest-support.rst @@ -38,6 +38,7 @@ Supported mechanisms Currently supported confidential guest mechanisms are: =20 * AMD Secure Encrypted Virtualization (SEV) (see :doc:`i386/amd-memory-enc= ryption`) +* Intel Trust Domain Extension (TDX) (see :doc:`i386/tdx`) * POWER Protected Execution Facility (PEF) (see :ref:`power-papr-protected= -execution-facility-pef`) * s390x Protected Virtualization (PV) (see :doc:`s390x/protvirt`) =20 diff --git a/docs/system/i386/tdx.rst b/docs/system/i386/tdx.rst new file mode 100644 index 000000000000..ea2e601dde9a --- /dev/null +++ b/docs/system/i386/tdx.rst @@ -0,0 +1,156 @@ +Intel Trusted Domain eXtension (TDX) +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +Intel Trusted Domain eXtensions (TDX) refers to an Intel technology that e= xtends +Virtual Machine Extensions (VMX) and Multi-Key Total Memory Encryption (MK= TME) +with a new kind of virtual machine guest called a Trust Domain (TD). A TD = runs +in a CPU mode that is designed to protect the confidentiality of its memory +contents and its CPU state from any other software, including the hosting +Virtual Machine Monitor (VMM), unless explicitly shared by the TD itself. + +Prerequisites +------------- + +To run TD, the physical machine needs to have TDX module loaded and initia= lized +while KVM hypervisor has TDX support and has TDX enabled. If those require= ments +are met, the ``KVM_CAP_VM_TYPES`` will report the support of ``KVM_X86_TDX= _VM``. + +Trust Domain Virtual Firmware (TDVF) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Trust Domain Virtual Firmware (TDVF) is required to provide TD services to= boot +TD Guest OS. TDVF needs to be copied to guest private memory and measured = before +the TD boots. + +KVM vcpu ioctl ``KVM_TDX_INIT_MEM_REGION`` can be used to populate the TDVF +content into its private memory. + +Since TDX doesn't support readonly memslot, TDVF cannot be mapped as pflash +device and it actually works as RAM. "-bios" option is chosen to load TDVF. + +OVMF is the opensource firmware that implements the TDVF support. Thus the +command line to specify and load TDVF is ``-bios OVMF.fd`` + +Feature Configuration +--------------------- + +Unlike non-TDX VM, the CPU features (enumerated by CPU or MSR) of a TD are= not +under full control of VMM. VMM can only configure part of features of a TD= on +``KVM_TDX_INIT_VM`` command of VM scope ``MEMORY_ENCRYPT_OP`` ioctl. + +The configurable features have three types: + +- Attributes: + - PKS (bit 30) controls whether Supervisor Protection Keys is exposed to= TD, + which determines related CPUID bit and CR4 bit; + - PERFMON (bit 63) controls whether PMU is exposed to TD. + +- XSAVE related features (XFAM): + XFAM is a 64b mask, which has the same format as XCR0 or IA32_XSS MSR. It + determines the set of extended features available for use by the guest T= D. + +- CPUID features: + Only some bits of some CPUID leaves are directly configurable by VMM. + +What features can be configured is reported via TDX capabilities. + +TDX capabilities +~~~~~~~~~~~~~~~~ + +The VM scope ``MEMORY_ENCRYPT_OP`` ioctl provides command ``KVM_TDX_CAPABI= LITIES`` +to get the TDX capabilities from KVM. It returns a data structure of +``struct kvm_tdx_capabilities``, which tells the supported configuration of +attributes, XFAM and CPUIDs. + +TD attributes +~~~~~~~~~~~~~ + +QEMU supports configuring raw 64-bit TD attributes directly via "attribute= s" +property of "tdx-guest" object. Note, it's users' responsibility to provid= e a +valid value because some bits may not supported by current QEMU or KVM yet. + +QEMU also supports the configuration of individual attribute bits that are +supported by it, via properties of "tdx-guest" object. +E.g., "sept-ve-disable" (bit 28). + +MSR based features +~~~~~~~~~~~~~~~~~~ + +Current KVM doesn't support MSR based feature (e.g., MSR_IA32_ARCH_CAPABIL= ITIES) +configuration for TDX, and it's a future work to enable it in QEMU when KV= M adds +support of it. + +Feature check +~~~~~~~~~~~~~ + +QEMU checks if the final (CPU) features, determined by given cpu model and +explicit feature adjustment of "+featureA/-featureB", can be supported or = not. +It can produce feature not supported warning like + + "warning: host doesn't support requested feature: CPUID.07H:EBX.intel-pt= [bit 25]" + +It can also produce warning like + + "warning: TDX forcibly sets the feature: CPUID.80000007H:EDX.invtsc [bit= 8]" + +if the fixed-1 feature is requested to be disabled explicitly. This is new= ly +added to QEMU for TDX because TDX has fixed-1 features that are forcibly e= nabled +by TDX module and VMM cannot disable them. + +Launching a TD (TDX VM) +----------------------- + +To launch a TD, the necessary command line options are tdx-guest object and +split kernel-irqchip, as below: + +.. parsed-literal:: + + |qemu_system_x86| \\ + -object tdx-guest,id=3Dtdx0 \\ + -machine ...,kernel-irqchip=3Dsplit,confidential-guest-support=3Dt= dx0 \\ + -bios OVMF.fd \\ + +Restrictions +------------ + + - kernel-irqchip must be split; + + - No readonly support for private memory; + + - No SMM support: SMM support requires manipulating the guest register st= ates + which is not allowed; + +Debugging +--------- + +Bit 0 of TD attributes, is DEBUG bit, which decides if the TD runs in off-= TD +debug mode. When in off-TD debug mode, TD's VCPU state and private memory = are +accessible via given SEAMCALLs. This requires KVM to expose APIs to invoke= those +SEAMCALLs and corresonponding QEMU change. + +It's targeted as future work. + +TD attestation +-------------- + +In TD guest, the attestation process is used to verify the TDX guest +trustworthiness to other entities before provisioning secrets to the guest. + +TD attestation is initiated first by calling TDG.MR.REPORT inside TD to ge= t the +REPORT. Then the REPORT data needs to be converted into a remotely verifia= ble +Quote by SGX Quoting Enclave (QE). + +It's a future work in QEMU to add support of TD attestation since it lacks +support in current KVM. + +Live Migration +-------------- + +Future work. + +References +---------- + +- `TDX Homepage `__ + +- `SGX QE `__ diff --git a/docs/system/target-i386.rst b/docs/system/target-i386.rst index ab7af1a75d6e..43b09c79d6be 100644 --- a/docs/system/target-i386.rst +++ b/docs/system/target-i386.rst @@ -31,6 +31,7 @@ Architectural features i386/kvm-pv i386/sgx i386/amd-memory-encryption + i386/tdx =20 OS requirements ~~~~~~~~~~~~~~~ --=20 2.34.1