[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[RFC PATCH v3 14/36] i386/tdx: Validate TD attributes
|
From: |
Xiaoyao Li |
|
Subject: |
[RFC PATCH v3 14/36] i386/tdx: Validate TD attributes |
|
Date: |
Thu, 17 Mar 2022 21:58:51 +0800 |
Validate TD attributes with tdx_caps that fixed-0 bits must be zero and
fixed-1 bits must be set.
Besides, sanity check the attribute bits that have not been supported by
QEMU yet. e.g., debug bit, that it will be allowed in the future when debug
TD support lands in QEMU.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
target/i386/kvm/tdx.c | 27 +++++++++++++++++++++++++--
1 file changed, 25 insertions(+), 2 deletions(-)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index de4146025995..a76c41fe5724 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -21,6 +21,7 @@
#include "kvm_i386.h"
#include "tdx.h"
+#define TDX_TD_ATTRIBUTES_DEBUG BIT_ULL(0)
#define TDX_TD_ATTRIBUTES_SEPT_VE_DISABLE BIT_ULL(28)
#define TDX_TD_ATTRIBUTES_PKS BIT_ULL(30)
#define TDX_TD_ATTRIBUTES_PERFMON BIT_ULL(63)
@@ -154,13 +155,32 @@ void tdx_get_supported_cpuid(uint32_t function, uint32_t
index, int reg,
}
}
-static void setup_td_guest_attributes(X86CPU *x86cpu)
+static int tdx_validate_attributes(TdxGuest *tdx)
+{
+ if (((tdx->attributes & tdx_caps->attrs_fixed0) | tdx_caps->attrs_fixed1)
!=
+ tdx->attributes) {
+ error_report("Invalid attributes 0x%lx for TDX VM (fixed0 0x%llx,
fixed1 0x%llx)",
+ tdx->attributes, tdx_caps->attrs_fixed0,
tdx_caps->attrs_fixed1);
+ return -EINVAL;
+ }
+
+ if (tdx->attributes & TDX_TD_ATTRIBUTES_DEBUG) {
+ error_report("Current QEMU doesn't support attributes.debug[bit 0] for
TDX VM");
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
+static int setup_td_guest_attributes(X86CPU *x86cpu)
{
CPUX86State *env = &x86cpu->env;
tdx_guest->attributes |= (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_PKS)
?
TDX_TD_ATTRIBUTES_PKS : 0;
tdx_guest->attributes |= x86cpu->enable_pmu ? TDX_TD_ATTRIBUTES_PERFMON :
0;
+
+ return tdx_validate_attributes(tdx_guest);
}
int tdx_pre_create_vcpu(CPUState *cpu)
@@ -189,7 +209,10 @@ int tdx_pre_create_vcpu(CPUState *cpu)
goto out;
}
- setup_td_guest_attributes(x86cpu);
+ r = setup_td_guest_attributes(x86cpu);
+ if (r) {
+ goto out;
+ }
memset(&cpuid_data, 0, sizeof(cpuid_data));
cpuid_data.cpuid.nent = kvm_x86_arch_cpuid(env, cpuid_data.entries, 0);
--
2.27.0
- Re: [RFC PATCH v3 08/36] i386/tdx: Adjust get_supported_cpuid() for TDX VM, (continued)
- [RFC PATCH v3 09/36] KVM: Introduce kvm_arch_pre_create_vcpu(), Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 10/36] i386/kvm: Move architectural CPUID leaf generation to separate helper, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 11/36] i386/tdx: Initialize TDX before creating TD vcpus, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 12/36] i386/tdx: Add property sept-ve-disable for tdx-guest object, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 13/36] i386/tdx: Wire CPU features up with attributes of TD guest, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 14/36] i386/tdx: Validate TD attributes,
Xiaoyao Li <=
- [RFC PATCH v3 16/36] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 15/36] i386/tdx: Implement user specified tsc frequency, Xiaoyao Li, 2022/03/17
- [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF, Xiaoyao Li, 2022/03/17