| Message ID | 20240229063726.610065-50-xiaoyao.li@intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | QEMU Guest memfd + QEMU TDX support | expand |
Xiaoyao Li <xiaoyao.li@intel.com> writes: > From: Isaku Yamahata <isaku.yamahata@intel.com> > > Add property "quote-generation-socket" to tdx-guest, which is a property > of type SocketAddress to specify Quote Generation Service(QGS). > > On request of GetQuote, it connects to the QGS socket, read request > data from shared guest memory, send the request data to the QGS, > and store the response into shared guest memory, at last notify > TD guest by interrupt. > > command line example: > qemu-system-x86_64 \ > -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-socket":{"type": "vsock", "cid":"1","port":"1234"}}' \ > -machine confidential-guest-support=tdx0 > > Note, above example uses vsock type socket because the QGS we used > implements the vsock socket. It can be other types, like UNIX socket, > which depends on the implementation of QGS. > > To avoid no response from QGS server, setup a timer for the transaction. > If timeout, make it an error and interrupt guest. Define the threshold of > time to 30s at present, maybe change to other value if not appropriate. > > Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> > Codeveloped-by: Chenyi Qiang <chenyi.qiang@intel.com> > Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com> > Codeveloped-by: Xiaoyao Li <xiaoyao.li@intel.com> > Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> [...] > diff --git a/qapi/qom.json b/qapi/qom.json > index cac875349a3a..7b26b0a0d3aa 100644 > --- a/qapi/qom.json > +++ b/qapi/qom.json > @@ -917,13 +917,19 @@ > # (base64 encoded SHA384 digest). (A default value 0 of SHA384 is > # used when absent). > # > +# @quote-generation-socket: socket address for Quote Generation > +# Service (QGS). QGS is a daemon running on the host. User in > +# TD guest cannot get TD quoting for attestation if QGS is not > +# provided. So admin should always provide it. This makes me wonder why it's optional. Can you describe a use case for *not* specifying @quote-generation-socket? > +# > # Since: 9.0 > ## > { 'struct': 'TdxGuestProperties', > 'data': { '*sept-ve-disable': 'bool', > '*mrconfigid': 'str', > '*mrowner': 'str', > - '*mrownerconfig': 'str' } } > + '*mrownerconfig': 'str', > + '*quote-generation-socket': 'SocketAddress' } } > > ## > # @ThreadContextProperties: [...]
On 2/29/2024 4:40 PM, Markus Armbruster wrote: > Xiaoyao Li <xiaoyao.li@intel.com> writes: > >> From: Isaku Yamahata <isaku.yamahata@intel.com> >> >> Add property "quote-generation-socket" to tdx-guest, which is a property >> of type SocketAddress to specify Quote Generation Service(QGS). >> >> On request of GetQuote, it connects to the QGS socket, read request >> data from shared guest memory, send the request data to the QGS, >> and store the response into shared guest memory, at last notify >> TD guest by interrupt. >> >> command line example: >> qemu-system-x86_64 \ >> -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-socket":{"type": "vsock", "cid":"1","port":"1234"}}' \ >> -machine confidential-guest-support=tdx0 >> >> Note, above example uses vsock type socket because the QGS we used >> implements the vsock socket. It can be other types, like UNIX socket, >> which depends on the implementation of QGS. >> >> To avoid no response from QGS server, setup a timer for the transaction. >> If timeout, make it an error and interrupt guest. Define the threshold of >> time to 30s at present, maybe change to other value if not appropriate. >> >> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> >> Codeveloped-by: Chenyi Qiang <chenyi.qiang@intel.com> >> Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com> >> Codeveloped-by: Xiaoyao Li <xiaoyao.li@intel.com> >> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> > > [...] > >> diff --git a/qapi/qom.json b/qapi/qom.json >> index cac875349a3a..7b26b0a0d3aa 100644 >> --- a/qapi/qom.json >> +++ b/qapi/qom.json >> @@ -917,13 +917,19 @@ >> # (base64 encoded SHA384 digest). (A default value 0 of SHA384 is >> # used when absent). >> # >> +# @quote-generation-socket: socket address for Quote Generation >> +# Service (QGS). QGS is a daemon running on the host. User in >> +# TD guest cannot get TD quoting for attestation if QGS is not >> +# provided. So admin should always provide it. > > This makes me wonder why it's optional. Can you describe a use case for > *not* specifying @quote-generation-socket? Maybe at last when all the TDX support lands on all the components, attestation will become a must for a TD guest to be usable. However, at least for today, booting and running a TD guest don't require attestation. So not provide it, doesn't affect anything excepting cannot get a Quote. >> +# >> # Since: 9.0 >> ## >> { 'struct': 'TdxGuestProperties', >> 'data': { '*sept-ve-disable': 'bool', >> '*mrconfigid': 'str', >> '*mrowner': 'str', >> - '*mrownerconfig': 'str' } } >> + '*mrownerconfig': 'str', >> + '*quote-generation-socket': 'SocketAddress' } } >> >> ## >> # @ThreadContextProperties: > > [...] >
Xiaoyao Li <xiaoyao.li@intel.com> writes: > On 2/29/2024 4:40 PM, Markus Armbruster wrote: >> Xiaoyao Li <xiaoyao.li@intel.com> writes: >> >>> From: Isaku Yamahata <isaku.yamahata@intel.com> >>> >>> Add property "quote-generation-socket" to tdx-guest, which is a property >>> of type SocketAddress to specify Quote Generation Service(QGS). >>> >>> On request of GetQuote, it connects to the QGS socket, read request >>> data from shared guest memory, send the request data to the QGS, >>> and store the response into shared guest memory, at last notify >>> TD guest by interrupt. >>> >>> command line example: >>> qemu-system-x86_64 \ >>> -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-socket":{"type": "vsock", "cid":"1","port":"1234"}}' \ >>> -machine confidential-guest-support=tdx0 >>> >>> Note, above example uses vsock type socket because the QGS we used >>> implements the vsock socket. It can be other types, like UNIX socket, >>> which depends on the implementation of QGS. >>> >>> To avoid no response from QGS server, setup a timer for the transaction. >>> If timeout, make it an error and interrupt guest. Define the threshold of >>> time to 30s at present, maybe change to other value if not appropriate. >>> >>> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> >>> Codeveloped-by: Chenyi Qiang <chenyi.qiang@intel.com> >>> Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com> >>> Codeveloped-by: Xiaoyao Li <xiaoyao.li@intel.com> >>> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> >> >> [...] >> >>> diff --git a/qapi/qom.json b/qapi/qom.json >>> index cac875349a3a..7b26b0a0d3aa 100644 >>> --- a/qapi/qom.json >>> +++ b/qapi/qom.json >>> @@ -917,13 +917,19 @@ >>> # (base64 encoded SHA384 digest). (A default value 0 of SHA384 is >>> # used when absent). >>> # >>> +# @quote-generation-socket: socket address for Quote Generation >>> +# Service (QGS). QGS is a daemon running on the host. User in >>> +# TD guest cannot get TD quoting for attestation if QGS is not >>> +# provided. So admin should always provide it. >> >> This makes me wonder why it's optional. Can you describe a use case for >> *not* specifying @quote-generation-socket? > > Maybe at last when all the TDX support lands on all the components, attestation will become a must for a TD guest to be usable. > > However, at least for today, booting and running a TD guest don't require attestation. So not provide it, doesn't affect anything excepting cannot get a Quote. Maybe # @quote-generation-socket: Socket address for Quote Generation # Service (QGS). QGS is a daemon running on the host. Without # it, the guest will not be able to get a TD quote for # attestation. [...]
On 2/29/2024 9:28 PM, Markus Armbruster wrote: > Xiaoyao Li <xiaoyao.li@intel.com> writes: > >> On 2/29/2024 4:40 PM, Markus Armbruster wrote: >>> Xiaoyao Li <xiaoyao.li@intel.com> writes: >>> >>>> From: Isaku Yamahata <isaku.yamahata@intel.com> >>>> >>>> Add property "quote-generation-socket" to tdx-guest, which is a property >>>> of type SocketAddress to specify Quote Generation Service(QGS). >>>> >>>> On request of GetQuote, it connects to the QGS socket, read request >>>> data from shared guest memory, send the request data to the QGS, >>>> and store the response into shared guest memory, at last notify >>>> TD guest by interrupt. >>>> >>>> command line example: >>>> qemu-system-x86_64 \ >>>> -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-socket":{"type": "vsock", "cid":"1","port":"1234"}}' \ >>>> -machine confidential-guest-support=tdx0 >>>> >>>> Note, above example uses vsock type socket because the QGS we used >>>> implements the vsock socket. It can be other types, like UNIX socket, >>>> which depends on the implementation of QGS. >>>> >>>> To avoid no response from QGS server, setup a timer for the transaction. >>>> If timeout, make it an error and interrupt guest. Define the threshold of >>>> time to 30s at present, maybe change to other value if not appropriate. >>>> >>>> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> >>>> Codeveloped-by: Chenyi Qiang <chenyi.qiang@intel.com> >>>> Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com> >>>> Codeveloped-by: Xiaoyao Li <xiaoyao.li@intel.com> >>>> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> >>> >>> [...] >>> >>>> diff --git a/qapi/qom.json b/qapi/qom.json >>>> index cac875349a3a..7b26b0a0d3aa 100644 >>>> --- a/qapi/qom.json >>>> +++ b/qapi/qom.json >>>> @@ -917,13 +917,19 @@ >>>> # (base64 encoded SHA384 digest). (A default value 0 of SHA384 is >>>> # used when absent). >>>> # >>>> +# @quote-generation-socket: socket address for Quote Generation >>>> +# Service (QGS). QGS is a daemon running on the host. User in >>>> +# TD guest cannot get TD quoting for attestation if QGS is not >>>> +# provided. So admin should always provide it. >>> >>> This makes me wonder why it's optional. Can you describe a use case for >>> *not* specifying @quote-generation-socket? >> >> Maybe at last when all the TDX support lands on all the components, attestation will become a must for a TD guest to be usable. >> >> However, at least for today, booting and running a TD guest don't require attestation. So not provide it, doesn't affect anything excepting cannot get a Quote. > > Maybe > > # @quote-generation-socket: Socket address for Quote Generation > # Service (QGS). QGS is a daemon running on the host. Without > # it, the guest will not be able to get a TD quote for > # attestation. Thanks! will update to it. > [...] >
On Thu, Feb 29, 2024 at 01:37:10AM -0500, Xiaoyao Li wrote: > From: Isaku Yamahata <isaku.yamahata@intel.com> > > Add property "quote-generation-socket" to tdx-guest, which is a property > of type SocketAddress to specify Quote Generation Service(QGS). > > On request of GetQuote, it connects to the QGS socket, read request > data from shared guest memory, send the request data to the QGS, > and store the response into shared guest memory, at last notify > TD guest by interrupt. > > command line example: > qemu-system-x86_64 \ > -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-socket":{"type": "vsock", "cid":"1","port":"1234"}}' \ Can you illustrate this with 'unix' sockets, not 'vsock'. It makes no conceptual sense to be using vsock for two processes on the host to be using vsock to talk to each other. vsock is only needed for the guest to talk to the host. > -machine confidential-guest-support=tdx0 > > Note, above example uses vsock type socket because the QGS we used > implements the vsock socket. It can be other types, like UNIX socket, > which depends on the implementation of QGS. > > To avoid no response from QGS server, setup a timer for the transaction. > If timeout, make it an error and interrupt guest. Define the threshold of > time to 30s at present, maybe change to other value if not appropriate. > > Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> > Codeveloped-by: Chenyi Qiang <chenyi.qiang@intel.com> > Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com> > Codeveloped-by: Xiaoyao Li <xiaoyao.li@intel.com> > Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> > --- > Changes in v5: > - add more decription of quote-generation-socket property; > > Changes in v4: > - merge next patch "i386/tdx: setup a timer for the qio channel"; > > Changes in v3: > - rename property "quote-generation-service" to "quote-generation-socket"; > - change the type of "quote-generation-socket" from str to > SocketAddress; > - squash next patch into this one; > --- > qapi/qom.json | 8 +- > target/i386/kvm/meson.build | 2 +- > target/i386/kvm/tdx-quote-generator.c | 170 ++++++++++++++++++++ > target/i386/kvm/tdx-quote-generator.h | 95 +++++++++++ > target/i386/kvm/tdx.c | 216 ++++++++++++++++++++++++++ > target/i386/kvm/tdx.h | 6 + > 6 files changed, 495 insertions(+), 2 deletions(-) > create mode 100644 target/i386/kvm/tdx-quote-generator.c > create mode 100644 target/i386/kvm/tdx-quote-generator.h With regards, Daniel
On 3/11/2024 5:27 PM, Daniel P. Berrangé wrote: > On Thu, Feb 29, 2024 at 01:37:10AM -0500, Xiaoyao Li wrote: >> From: Isaku Yamahata <isaku.yamahata@intel.com> >> >> Add property "quote-generation-socket" to tdx-guest, which is a property >> of type SocketAddress to specify Quote Generation Service(QGS). >> >> On request of GetQuote, it connects to the QGS socket, read request >> data from shared guest memory, send the request data to the QGS, >> and store the response into shared guest memory, at last notify >> TD guest by interrupt. >> >> command line example: >> qemu-system-x86_64 \ >> -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-socket":{"type": "vsock", "cid":"1","port":"1234"}}' \ > > Can you illustrate this with 'unix' sockets, not 'vsock'. Are you suggesting only updating the commit message to an example of unix socket? Or you want the code to test with some unix socket QGS? (It seems the QGS I got for testing, only supports vsock socket. Because at the time when it got developed, it was supposed to communicate with drivers inside TD guest directly not via VMM (KVM+QEMU). Anyway, I will talk to internal folks to see if any plan to support unix socket.) > It makes no conceptual sense to be using vsock for two > processes on the host to be using vsock to talk to > each other. vsock is only needed for the guest to talk > to the host. > >> -machine confidential-guest-support=tdx0 >> >> Note, above example uses vsock type socket because the QGS we used >> implements the vsock socket. It can be other types, like UNIX socket, >> which depends on the implementation of QGS. >> >> To avoid no response from QGS server, setup a timer for the transaction. >> If timeout, make it an error and interrupt guest. Define the threshold of >> time to 30s at present, maybe change to other value if not appropriate. >> >> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> >> Codeveloped-by: Chenyi Qiang <chenyi.qiang@intel.com> >> Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com> >> Codeveloped-by: Xiaoyao Li <xiaoyao.li@intel.com> >> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> >> --- >> Changes in v5: >> - add more decription of quote-generation-socket property; >> >> Changes in v4: >> - merge next patch "i386/tdx: setup a timer for the qio channel"; >> >> Changes in v3: >> - rename property "quote-generation-service" to "quote-generation-socket"; >> - change the type of "quote-generation-socket" from str to >> SocketAddress; >> - squash next patch into this one; >> --- >> qapi/qom.json | 8 +- >> target/i386/kvm/meson.build | 2 +- >> target/i386/kvm/tdx-quote-generator.c | 170 ++++++++++++++++++++ >> target/i386/kvm/tdx-quote-generator.h | 95 +++++++++++ >> target/i386/kvm/tdx.c | 216 ++++++++++++++++++++++++++ >> target/i386/kvm/tdx.h | 6 + >> 6 files changed, 495 insertions(+), 2 deletions(-) >> create mode 100644 target/i386/kvm/tdx-quote-generator.c >> create mode 100644 target/i386/kvm/tdx-quote-generator.h > > > With regards, > Daniel
On Tue, Mar 12, 2024 at 03:44:32PM +0800, Xiaoyao Li <xiaoyao.li@intel.com> wrote: > On 3/11/2024 5:27 PM, Daniel P. Berrangé wrote: > > On Thu, Feb 29, 2024 at 01:37:10AM -0500, Xiaoyao Li wrote: > > > From: Isaku Yamahata <isaku.yamahata@intel.com> > > > > > > Add property "quote-generation-socket" to tdx-guest, which is a property > > > of type SocketAddress to specify Quote Generation Service(QGS). > > > > > > On request of GetQuote, it connects to the QGS socket, read request > > > data from shared guest memory, send the request data to the QGS, > > > and store the response into shared guest memory, at last notify > > > TD guest by interrupt. > > > > > > command line example: > > > qemu-system-x86_64 \ > > > -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-socket":{"type": "vsock", "cid":"1","port":"1234"}}' \ > > > > Can you illustrate this with 'unix' sockets, not 'vsock'. > > Are you suggesting only updating the commit message to an example of unix > socket? Or you want the code to test with some unix socket QGS? > > (It seems the QGS I got for testing, only supports vsock socket. Because at > the time when it got developed, it was supposed to communicate with drivers > inside TD guest directly not via VMM (KVM+QEMU). Anyway, I will talk to > internal folks to see if any plan to support unix socket.) You can use small utility to proxy sockets for testing purpose. The famous one is socat or nmap ncat. They support vsock. At least their latest version does. QGS <-vsock-> socat <-unix domain-> qemu
On Tue, Mar 12, 2024 at 03:44:32PM +0800, Xiaoyao Li wrote: > On 3/11/2024 5:27 PM, Daniel P. Berrangé wrote: > > On Thu, Feb 29, 2024 at 01:37:10AM -0500, Xiaoyao Li wrote: > > > From: Isaku Yamahata <isaku.yamahata@intel.com> > > > > > > Add property "quote-generation-socket" to tdx-guest, which is a property > > > of type SocketAddress to specify Quote Generation Service(QGS). > > > > > > On request of GetQuote, it connects to the QGS socket, read request > > > data from shared guest memory, send the request data to the QGS, > > > and store the response into shared guest memory, at last notify > > > TD guest by interrupt. > > > > > > command line example: > > > qemu-system-x86_64 \ > > > -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-socket":{"type": "vsock", "cid":"1","port":"1234"}}' \ > > > > Can you illustrate this with 'unix' sockets, not 'vsock'. > > Are you suggesting only updating the commit message to an example of unix > socket? Or you want the code to test with some unix socket QGS? > > (It seems the QGS I got for testing, only supports vsock socket. Because at > the time when it got developed, it was supposed to communicate with drivers > inside TD guest directly not via VMM (KVM+QEMU). Anyway, I will talk to > internal folks to see if any plan to support unix socket.) The QGS provided as part of DCAP supports running with both UNIX sockets and VSOCK, and I would expect QEMU to be made to work with this, since its is Intel's OSS reference impl. Exposing QGS to the guest when we only intend for it to be used by the host QEMU is needlessly expanding the attack surface. With regards, Daniel
On 3/13/2024 11:31 PM, Daniel P. Berrangé wrote: > On Tue, Mar 12, 2024 at 03:44:32PM +0800, Xiaoyao Li wrote: >> On 3/11/2024 5:27 PM, Daniel P. Berrangé wrote: >>> On Thu, Feb 29, 2024 at 01:37:10AM -0500, Xiaoyao Li wrote: >>>> From: Isaku Yamahata <isaku.yamahata@intel.com> >>>> >>>> Add property "quote-generation-socket" to tdx-guest, which is a property >>>> of type SocketAddress to specify Quote Generation Service(QGS). >>>> >>>> On request of GetQuote, it connects to the QGS socket, read request >>>> data from shared guest memory, send the request data to the QGS, >>>> and store the response into shared guest memory, at last notify >>>> TD guest by interrupt. >>>> >>>> command line example: >>>> qemu-system-x86_64 \ >>>> -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-socket":{"type": "vsock", "cid":"1","port":"1234"}}' \ >>> >>> Can you illustrate this with 'unix' sockets, not 'vsock'. >> >> Are you suggesting only updating the commit message to an example of unix >> socket? Or you want the code to test with some unix socket QGS? >> >> (It seems the QGS I got for testing, only supports vsock socket. Because at >> the time when it got developed, it was supposed to communicate with drivers >> inside TD guest directly not via VMM (KVM+QEMU). Anyway, I will talk to >> internal folks to see if any plan to support unix socket.) > > The QGS provided as part of DCAP supports running with both > UNIX sockets and VSOCK, and I would expect QEMU to be made > to work with this, since its is Intel's OSS reference impl. After synced with internal folks, yes, the QGS I used does support unix socket. I tested it and it worked. -object '{"qom-type":"tdx-guest","id":"tdx","quote-generation-socket":{"type":"unix", "path":"/var/run/tdx-qgs/qgs.socket"}}' > Exposing QGS to the guest when we only intend for it to be > used by the host QEMU is needlessly expanding the attack > surface. > > With regards, > Daniel
On Thu, Feb 29, 2024 at 01:37:10AM -0500, Xiaoyao Li wrote: > From: Isaku Yamahata <isaku.yamahata@intel.com> > > Add property "quote-generation-socket" to tdx-guest, which is a property > of type SocketAddress to specify Quote Generation Service(QGS). > > On request of GetQuote, it connects to the QGS socket, read request > data from shared guest memory, send the request data to the QGS, > and store the response into shared guest memory, at last notify > TD guest by interrupt. > > command line example: > qemu-system-x86_64 \ > -object '{"qom-type":"tdx-guest","id":"tdx0","quote-generation-socket":{"type": "vsock", "cid":"1","port":"1234"}}' \ > -machine confidential-guest-support=tdx0 > > Note, above example uses vsock type socket because the QGS we used > implements the vsock socket. It can be other types, like UNIX socket, > which depends on the implementation of QGS. > > To avoid no response from QGS server, setup a timer for the transaction. > If timeout, make it an error and interrupt guest. Define the threshold of > time to 30s at present, maybe change to other value if not appropriate. > > Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> > Codeveloped-by: Chenyi Qiang <chenyi.qiang@intel.com> > Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com> > Codeveloped-by: Xiaoyao Li <xiaoyao.li@intel.com> > Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> > diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c > index 49f94d9d46f4..7dfda507cc8c 100644 > --- a/target/i386/kvm/tdx.c > +++ b/target/i386/kvm/tdx.c > +static int tdx_handle_get_quote(X86CPU *cpu, struct kvm_tdx_vmcall *vmcall) > +{ > + struct tdx_generate_quote_task *task; > + struct tdx_get_quote_header hdr; > + hwaddr buf_gpa = vmcall->in_r12; > + uint64_t buf_len = vmcall->in_r13; > + > + QEMU_BUILD_BUG_ON(sizeof(struct tdx_get_quote_header) != TDX_GET_QUOTE_HDR_SIZE); > + > + vmcall->status_code = TDG_VP_VMCALL_INVALID_OPERAND; > + > + if (buf_len == 0) { > + return 0; > + } > + > + /* GPA must be shared. */ > + if (!(buf_gpa & tdx_shared_bit(cpu))) { > + return 0; > + } > + buf_gpa &= ~tdx_shared_bit(cpu); > + > + if (!QEMU_IS_ALIGNED(buf_gpa, 4096) || !QEMU_IS_ALIGNED(buf_len, 4096)) { > + vmcall->status_code = TDG_VP_VMCALL_ALIGN_ERROR; > + return 0; > + } > + > + if (address_space_read(&address_space_memory, buf_gpa, MEMTXATTRS_UNSPECIFIED, > + &hdr, TDX_GET_QUOTE_HDR_SIZE) != MEMTX_OK) { > + error_report("TDX: get-quote: failed to read GetQuote header.\n"); > + return -1; > + } > + > + if (le64_to_cpu(hdr.structure_version) != TDX_GET_QUOTE_STRUCTURE_VERSION) { > + return 0; > + } > + > + /* > + * Paranoid: Guest should clear error_code and out_len to avoid information > + * leak. Enforce it. The initial value of them doesn't matter for qemu to > + * process the request. > + */ > + if (le64_to_cpu(hdr.error_code) != TDX_VP_GET_QUOTE_SUCCESS || > + le32_to_cpu(hdr.out_len) != 0) { > + return 0; > + } > + > + /* Only safe-guard check to avoid too large buffer size. */ > + if (buf_len > TDX_GET_QUOTE_MAX_BUF_LEN || > + le32_to_cpu(hdr.in_len) > buf_len - TDX_GET_QUOTE_HDR_SIZE) { > + return 0; > + } > + > + vmcall->status_code = TDG_VP_VMCALL_SUCCESS; > + if (!tdx_guest->quote_generator) { > + hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_QGS_UNAVAILABLE); > + if (address_space_write(&address_space_memory, buf_gpa, > + MEMTXATTRS_UNSPECIFIED, > + &hdr, TDX_GET_QUOTE_HDR_SIZE) != MEMTX_OK) { > + error_report("TDX: failed to update GetQuote header.\n"); > + return -1; > + } > + return 0; > + } > + > + qemu_mutex_lock(&tdx_guest->quote_generator->lock); > + if (tdx_guest->quote_generator->num >= TDX_MAX_GET_QUOTE_REQUEST) { > + qemu_mutex_unlock(&tdx_guest->quote_generator->lock); > + vmcall->status_code = TDG_VP_VMCALL_RETRY; > + return 0; > + } > + tdx_guest->quote_generator->num++; > + qemu_mutex_unlock(&tdx_guest->quote_generator->lock); > + > + /* Mark the buffer in-flight. */ > + hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_IN_FLIGHT); > + if (address_space_write(&address_space_memory, buf_gpa, > + MEMTXATTRS_UNSPECIFIED, > + &hdr, TDX_GET_QUOTE_HDR_SIZE) != MEMTX_OK) { > + error_report("TDX: failed to update GetQuote header.\n"); > + return -1; > + } > + > + task = g_malloc(sizeof(*task)); > + task->buf_gpa = buf_gpa; > + task->payload_gpa = buf_gpa + TDX_GET_QUOTE_HDR_SIZE; > + task->payload_len = buf_len - TDX_GET_QUOTE_HDR_SIZE; > + task->hdr = hdr; > + task->quote_gen = tdx_guest->quote_generator; > + task->completion = tdx_get_quote_completion; > + > + task->send_data_size = le32_to_cpu(hdr.in_len); > + task->send_data = g_malloc(task->send_data_size); > + task->send_data_sent = 0; > + > + if (address_space_read(&address_space_memory, task->payload_gpa, > + MEMTXATTRS_UNSPECIFIED, task->send_data, > + task->send_data_size) != MEMTX_OK) { > + g_free(task->send_data); > + return -1; > + } In this method we've received "struct tdx_get_quote_header" from the guest OS, and the 'hdr.in_len' field in that struct tells us the payload to read from guest memory. This payload is treated as opaque by QEMU and sent over the UNIX socket directly to QGS with no validation of the payload. The payload is supposed to be a raw TDX report, that QGS will turn into a quote. Nothing guarantees that the guest OS has actually given QEMU a payload that represents a TDX report. The only validation done in this patch is to check the 'hdr.in_len' was not ridiculously huge: #define TDX_GET_QUOTE_MAX_BUF_LEN (128 * 1024) #define TDX_GET_QUOTE_HDR_SIZE 24 ... /* Only safe-guard check to avoid too large buffer size. */ if (buf_len > TDX_GET_QUOTE_MAX_BUF_LEN || le32_to_cpu(hdr.in_len) > buf_len - TDX_GET_QUOTE_HDR_SIZE) { return 0; } IOW, hdr.in_len can be any value between 0 and 131048, and the payload data read can contain arbitrary bytes. Over in the QGS code, QGS historically had a socket protocol taking various messages from the libtdxattest library which were defined in this: https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/main/QuoteGeneration/quote_wrapper/qgs_msg_lib/inc/qgs_msg_lib.h typedef enum _qgs_msg_type_t { GET_QUOTE_REQ = 0, GET_QUOTE_RESP = 1, GET_COLLATERAL_REQ = 2, GET_COLLATERAL_RESP = 3, GET_PLATFORM_INFO_REQ = 4, GET_PLATFORM_INFO_RESP = 5, QGS_MSG_TYPE_MAX } qgs_msg_type_t; typedef struct _qgs_msg_header_t { uint16_t major_version; uint16_t minor_version; uint32_t type; uint32_t size; // size of the whole message, include this header, in byte uint32_t error_code; // used in response only } qgs_msg_header_t; such messages are processed by the 'get_resp' method in QGS: https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/main/QuoteGeneration/quote_wrapper/qgs/qgs_ql_logic.cpp#L78 The 1.21 release of DCAP introduced a new "raw" mode in QGS which just receives the raw 1024 byte packet from the client which is supposed to be a raw TDX report. This is what this QEMU patch is relying on IIUC. The QGS daemon decides whether a client is speaking the formal protocol, or "raw" mode, by trying to interpret the incoming data as a 'qgs_msg_header_t' struct. If the header size looks wrong & it has exactly 1024 bytes, then QGS assumes it has got a raw TDX report: https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/main/QuoteGeneration/quote_wrapper/qgs/qgs_server.cpp#L165 This all works if the data QEMU gets from the guest is indeed a 1024 byte raw TDX report, but what happens if we face a malicious guest ? AFAICT, the guest OS is able to send a "qgs_msg_header_t" packet to QEMU, which QEMU blindly passes on to QGS. This allows the guest OS to invoke any of the three QGS commands - GET_QUOTE_REQ, GET_COLLATERAL_REQ, or GET_PLATFORM_INFO_REQ. Fortunately I think those three messages are all safe to invoke, but none the less, this should not be permitted, as it leaves a wide open door for possible future exploits. As mentioned before, I don't know why this raw mode was invented for QGS, when QEMU itself could just take the guest report and pack it into the 'GET_QUOTE_REQ' message format and send it to QGS. This prevents the guest OS from being able to exploit QEMU to invoke arbirtary QGS messages. IMHO, QEMU should be made to pack & unpack the TDX report from the guest into the GET_QUOTE_REQ / GET_QUOTE_RESP messages, and this "raw" mode should be removed to QGS as it is inherantly dangerous to have this magic protocol overloading. Below is a patch on top of this one that illustrates how QEMU could use the GET_QUOTE_REQ / GET_QUOTE_RESP messages and avoid the "raw" mode of QGS. > + > + task->receive_buf = g_malloc0(task->payload_len); > + task->receive_buf_received = 0; > + > + tdx_generate_quote(task); > + > + return 0; > +} --- qemu-9.0.0-rc3/target/i386/kvm/tdx-quote-generator.c 2024-10-02 11:05:31.328003392 -0400 +++ qemu-9.0.0/target/i386/kvm/tdx-quote-generator.c 2024-10-03 13:46:25.744775539 -0400 @@ -24,6 +24,61 @@ OBJECT_DEFINE_TYPE(TdxQuoteGenerator, tdx_quote_generator, TDX_QUOTE_GENERATOR, OBJECT) +const uint32_t QGS_MSG_LIB_MAJOR_VER = 1; +const uint32_t QGS_MSG_LIB_MINOR_VER = 1; + +typedef enum _qgs_msg_type_t { + GET_QUOTE_REQ = 0, + GET_QUOTE_RESP = 1, + GET_COLLATERAL_REQ = 2, + GET_COLLATERAL_RESP = 3, + GET_PLATFORM_INFO_REQ = 4, + GET_PLATFORM_INFO_RESP = 5, + QGS_MSG_TYPE_MAX +} qgs_msg_type_t; + +typedef struct _qgs_msg_header_t { + uint16_t major_version; + uint16_t minor_version; + uint32_t type; + uint32_t size; // size of the whole message, include this header, in byte + uint32_t error_code; // used in response only +} qgs_msg_header_t; + +typedef struct _qgs_msg_get_quote_req_t { + qgs_msg_header_t header; // header.type = GET_QUOTE_REQ + uint32_t report_size; // cannot be 0 + uint32_t id_list_size; // length of id_list, in byte, can be 0 +} qgs_msg_get_quote_req_t; + +typedef struct _qgs_msg_get_quote_resp_s { + qgs_msg_header_t header; // header.type = GET_QUOTE_RESP + uint32_t selected_id_size; // can be 0 in case only one id is sent in request + uint32_t quote_size; // length of quote_data, in byte + uint8_t id_quote[]; // selected id followed by quote +} qgs_msg_get_quote_resp_t; + +const unsigned HEADER_SIZE = 4; + +static uint32_t decode_header(const char *buf, size_t len) { + if (len < HEADER_SIZE) { + return 0; + } + uint32_t msg_size = 0; + for (uint32_t i = 0; i < HEADER_SIZE; ++i) { + msg_size = msg_size * 256 + (buf[i] & 0xFF); + } + return msg_size; +} + +static void encode_header(char *buf, size_t len, uint32_t size) { + assert(len >= HEADER_SIZE); + buf[0] = ((size >> 24) & 0xFF); + buf[1] = ((size >> 16) & 0xFF); + buf[2] = ((size >> 8) & 0xFF); + buf[3] = (size & 0xFF); +} + static void tdx_quote_generator_finalize(Object *obj) { } @@ -70,9 +125,86 @@ goto end; } } + + if (ret == 0) { + error_report("End of file before reply received"); + task->status_code = TDX_VP_GET_QUOTE_ERROR; + goto end; + } task->receive_buf_received += ret; - if (ret == 0 || task->receive_buf_received == task->payload_len) { + if (task->receive_buf_received >= HEADER_SIZE) { + uint32_t len = decode_header(task->receive_buf, + task->receive_buf_received); + if (len == 0 || + len > (task->payload_len - HEADER_SIZE)) { + error_report("Message len %u must be non-zero & less than %zu", + len, (task->payload_len - HEADER_SIZE)); + task->status_code = TDX_VP_GET_QUOTE_ERROR; + goto end; + } + + /* Now we know the size, shrink to fit */ + task->payload_len = HEADER_SIZE + len; + task->receive_buf = g_renew(char, + task->receive_buf, + task->payload_len); + } + + if (task->receive_buf_received >= (sizeof(qgs_msg_header_t) + HEADER_SIZE)) { + qgs_msg_header_t *hdr = (qgs_msg_header_t *)(task->receive_buf + HEADER_SIZE); + if (hdr->major_version != QGS_MSG_LIB_MAJOR_VER || + hdr->minor_version != QGS_MSG_LIB_MINOR_VER) { + error_report("Invalid QGS message header version %d.%d\n", + hdr->major_version, + hdr->minor_version); + task->status_code = TDX_VP_GET_QUOTE_ERROR; + goto end; + } + if (hdr->type != GET_QUOTE_RESP) { + error_report("Invalid QGS message type %d\n", + hdr->type); + task->status_code = TDX_VP_GET_QUOTE_ERROR; + goto end; + } + if (hdr->size > (task->payload_len - HEADER_SIZE)) { + error_report("QGS message size %d exceeds payload capacity %zu", + hdr->size, task->payload_len); + task->status_code = TDX_VP_GET_QUOTE_ERROR; + goto end; + } + if (hdr->error_code != 0) { + error_report("QGS message error code %d", + hdr->error_code); + task->status_code = TDX_VP_GET_QUOTE_ERROR; + goto end; + } + } + if (task->receive_buf_received >= (sizeof(qgs_msg_get_quote_resp_t) + HEADER_SIZE)) { + qgs_msg_get_quote_resp_t *msg = (qgs_msg_get_quote_resp_t *)(task->receive_buf + HEADER_SIZE); + if (msg->selected_id_size != 0) { + error_report("QGS message selected ID was %d not 0", + msg->selected_id_size); + task->status_code = TDX_VP_GET_QUOTE_ERROR; + goto end; + } + + if ((task->payload_len - HEADER_SIZE - sizeof(qgs_msg_get_quote_resp_t)) != + msg->quote_size) { + error_report("QGS quote size %d should be %zu", + msg->quote_size, + (task->payload_len - sizeof(qgs_msg_get_quote_resp_t))); + task->status_code = TDX_VP_GET_QUOTE_ERROR; + goto end; + } + } + + if (task->receive_buf_received == task->payload_len) { + size_t strip = HEADER_SIZE + sizeof(qgs_msg_get_quote_resp_t); + memmove(task->receive_buf, + task->receive_buf + strip, + task->receive_buf_received - strip); + task->receive_buf_received -= strip; task->status_code = TDX_VP_GET_QUOTE_SUCCESS; goto end; } @@ -158,6 +290,29 @@ { struct TdxQuoteGenerator *quote_gen = task->quote_gen; QIOChannelSocket *sioc; + qgs_msg_get_quote_req_t msg; + + /* Prepare a QGS message prelude */ + msg.header.major_version = QGS_MSG_LIB_MAJOR_VER; + msg.header.minor_version = QGS_MSG_LIB_MINOR_VER; + msg.header.type = GET_QUOTE_REQ; + msg.header.size = sizeof(msg) + task->send_data_size; + msg.header.error_code = 0; + msg.report_size = task->send_data_size; + msg.id_list_size = 0; + + /* Make room to add the QGS message prelude */ + task->send_data = g_renew(char, + task->send_data, + task->send_data_size + sizeof(msg) + HEADER_SIZE); + memmove(task->send_data + sizeof(msg) + HEADER_SIZE, + task->send_data, + task->send_data_size); + memcpy(task->send_data + HEADER_SIZE, + &msg, + sizeof(msg)); + encode_header(task->send_data, HEADER_SIZE, task->send_data_size + sizeof(msg)); + task->send_data_size += sizeof(msg) + HEADER_SIZE; sioc = qio_channel_socket_new(); task->sioc = sioc; With regards, Daniel
diff --git a/qapi/qom.json b/qapi/qom.json index cac875349a3a..7b26b0a0d3aa 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -917,13 +917,19 @@ # (base64 encoded SHA384 digest). (A default value 0 of SHA384 is # used when absent). # +# @quote-generation-socket: socket address for Quote Generation +# Service (QGS). QGS is a daemon running on the host. User in +# TD guest cannot get TD quoting for attestation if QGS is not +# provided. So admin should always provide it. +# # Since: 9.0 ## { 'struct': 'TdxGuestProperties', 'data': { '*sept-ve-disable': 'bool', '*mrconfigid': 'str', '*mrowner': 'str', - '*mrownerconfig': 'str' } } + '*mrownerconfig': 'str', + '*quote-generation-socket': 'SocketAddress' } } ## # @ThreadContextProperties: diff --git a/target/i386/kvm/meson.build b/target/i386/kvm/meson.build index 460c5f8f85f3..d38b8e8e5fca 100644 --- a/target/i386/kvm/meson.build +++ b/target/i386/kvm/meson.build @@ -7,7 +7,7 @@ i386_kvm_ss.add(files( i386_kvm_ss.add(when: 'CONFIG_XEN_EMU', if_true: files('xen-emu.c')) -i386_kvm_ss.add(when: 'CONFIG_TDX', if_true: files('tdx.c'), if_false: files('tdx-stub.c')) +i386_kvm_ss.add(when: 'CONFIG_TDX', if_true: files('tdx.c', 'tdx-quote-generator.c'), if_false: files('tdx-stub.c')) i386_system_ss.add(when: 'CONFIG_HYPERV', if_true: files('hyperv.c'), if_false: files('hyperv-stub.c')) diff --git a/target/i386/kvm/tdx-quote-generator.c b/target/i386/kvm/tdx-quote-generator.c new file mode 100644 index 000000000000..057ad09e7e95 --- /dev/null +++ b/target/i386/kvm/tdx-quote-generator.c @@ -0,0 +1,170 @@ +/* + * QEMU TDX support + * + * Copyright Intel + * + * Author: + * Xiaoyao Li <xiaoyao.li@intel.com> + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory + * + */ + +#include "qemu/osdep.h" +#include "qemu/error-report.h" +#include "qapi/error.h" +#include "qapi/qapi-visit-sockets.h" + +#include "tdx-quote-generator.h" + +typedef struct TdxQuoteGeneratorClass { + DeviceClass parent_class; +} TdxQuoteGeneratorClass; + +OBJECT_DEFINE_TYPE(TdxQuoteGenerator, tdx_quote_generator, TDX_QUOTE_GENERATOR, OBJECT) + +static void tdx_quote_generator_finalize(Object *obj) +{ +} + +static void tdx_quote_generator_class_init(ObjectClass *oc, void *data) +{ +} + +static void tdx_quote_generator_init(Object *obj) +{ +} + +static void tdx_generate_quote_cleanup(struct tdx_generate_quote_task *task) +{ + timer_del(&task->timer); + + g_source_remove(task->watch); + qio_channel_close(QIO_CHANNEL(task->sioc), NULL); + object_unref(OBJECT(task->sioc)); + + /* Maintain the number of in-flight requests. */ + qemu_mutex_lock(&task->quote_gen->lock); + task->quote_gen->num--; + qemu_mutex_unlock(&task->quote_gen->lock); + + task->completion(task); +} + +static gboolean tdx_get_quote_read(QIOChannel *ioc, GIOCondition condition, + gpointer opaque) +{ + struct tdx_generate_quote_task *task = opaque; + Error *err = NULL; + int ret; + + ret = qio_channel_read(ioc, task->receive_buf + task->receive_buf_received, + task->payload_len - task->receive_buf_received, &err); + if (ret < 0) { + if (ret == QIO_CHANNEL_ERR_BLOCK) { + return G_SOURCE_CONTINUE; + } else { + error_report_err(err); + task->status_code = TDX_VP_GET_QUOTE_ERROR; + goto end; + } + } + + task->receive_buf_received += ret; + if (ret == 0 || task->receive_buf_received == task->payload_len) { + task->status_code = TDX_VP_GET_QUOTE_SUCCESS; + goto end; + } + + return G_SOURCE_CONTINUE; + +end: + tdx_generate_quote_cleanup(task); + return G_SOURCE_REMOVE; +} + +static gboolean tdx_send_report(QIOChannel *ioc, GIOCondition condition, + gpointer opaque) +{ + struct tdx_generate_quote_task *task = opaque; + Error *err = NULL; + int ret; + + ret = qio_channel_write(ioc, task->send_data + task->send_data_sent, + task->send_data_size - task->send_data_sent, &err); + if (ret < 0) { + if (ret == QIO_CHANNEL_ERR_BLOCK) { + ret = 0; + } else { + error_report_err(err); + task->status_code = TDX_VP_GET_QUOTE_ERROR; + tdx_generate_quote_cleanup(task); + goto end; + } + } + task->send_data_sent += ret; + + if (task->send_data_sent == task->send_data_size) { + task->watch = qio_channel_add_watch(QIO_CHANNEL(task->sioc), G_IO_IN, + tdx_get_quote_read, task, NULL); + goto end; + } + + return G_SOURCE_CONTINUE; + +end: + return G_SOURCE_REMOVE; +} + +static void tdx_quote_generator_connected(QIOTask *qio_task, gpointer opaque) +{ + struct tdx_generate_quote_task *task = opaque; + Error *err = NULL; + int ret; + + ret = qio_task_propagate_error(qio_task, &err); + if (ret) { + error_report_err(err); + task->status_code = TDX_VP_GET_QUOTE_QGS_UNAVAILABLE; + tdx_generate_quote_cleanup(task); + return; + } + + task->watch = qio_channel_add_watch(QIO_CHANNEL(task->sioc), G_IO_OUT, + tdx_send_report, task, NULL); +} + +#define TRANSACTION_TIMEOUT 30000 + +static void getquote_expired(void *opaque) +{ + struct tdx_generate_quote_task *task = opaque; + + task->status_code = TDX_VP_GET_QUOTE_ERROR; + tdx_generate_quote_cleanup(task); +} + +static void setup_get_quote_timer(struct tdx_generate_quote_task *task) +{ + int64_t time; + + timer_init_ms(&task->timer, QEMU_CLOCK_VIRTUAL, getquote_expired, task); + time = qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL); + timer_mod(&task->timer, time + TRANSACTION_TIMEOUT); +} + +void tdx_generate_quote(struct tdx_generate_quote_task *task) +{ + struct TdxQuoteGenerator *quote_gen = task->quote_gen; + QIOChannelSocket *sioc; + + sioc = qio_channel_socket_new(); + task->sioc = sioc; + + setup_get_quote_timer(task); + + qio_channel_socket_connect_async(sioc, quote_gen->socket, + tdx_quote_generator_connected, task, + NULL, NULL); +} diff --git a/target/i386/kvm/tdx-quote-generator.h b/target/i386/kvm/tdx-quote-generator.h new file mode 100644 index 000000000000..54899d44aa6f --- /dev/null +++ b/target/i386/kvm/tdx-quote-generator.h @@ -0,0 +1,95 @@ +#ifndef QEMU_I386_TDX_QUOTE_GENERATOR_H +#define QEMU_I386_TDX_QUOTE_GENERATOR_H + +#include "qom/object_interfaces.h" +#include "io/channel-socket.h" +#include "exec/hwaddr.h" + +/* tdx quote generation */ +struct TdxQuoteGenerator { + Object parent_obj; + + int num; + SocketAddress *socket; + + QemuMutex lock; +}; + +#define TYPE_TDX_QUOTE_GENERATOR "tdx-quote-generator" + +OBJECT_DECLARE_SIMPLE_TYPE(TdxQuoteGenerator, TDX_QUOTE_GENERATOR) + + +#define TDX_GET_QUOTE_STRUCTURE_VERSION 1ULL + +#define TDX_VP_GET_QUOTE_SUCCESS 0ULL +#define TDX_VP_GET_QUOTE_IN_FLIGHT (-1ULL) +#define TDX_VP_GET_QUOTE_ERROR 0x8000000000000000ULL +#define TDX_VP_GET_QUOTE_QGS_UNAVAILABLE 0x8000000000000001ULL + +/* Limit to avoid resource starvation. */ +#define TDX_GET_QUOTE_MAX_BUF_LEN (128 * 1024) +#define TDX_MAX_GET_QUOTE_REQUEST 16 + +#define TDX_GET_QUOTE_HDR_SIZE 24 + +/* Format of pages shared with guest. */ +struct tdx_get_quote_header { + /* Format version: must be 1 in little endian. */ + uint64_t structure_version; + + /* + * GetQuote status code in little endian: + * Guest must set error_code to 0 to avoid information leak. + * Qemu sets this before interrupting guest. + */ + uint64_t error_code; + + /* + * in-message size in little endian: The message will follow this header. + * The in-message will be send to QGS. + */ + uint32_t in_len; + + /* + * out-message size in little endian: + * On request, out_len must be zero to avoid information leak. + * On return, message size from QGS. Qemu overwrites this field. + * The message will follows this header. The in-message is overwritten. + */ + uint32_t out_len; + + /* + * Message buffer follows. + * Guest sets message that will be send to QGS. If out_len > in_len, guest + * should zero remaining buffer to avoid information leak. + * Qemu overwrites this buffer with a message returned from QGS. + */ +}; + +struct tdx_generate_quote_task { + hwaddr buf_gpa; + hwaddr payload_gpa; + uint64_t payload_len; + + char *send_data; + uint64_t send_data_size; + uint64_t send_data_sent; + + char *receive_buf; + uint64_t receive_buf_received; + + uint64_t status_code; + struct tdx_get_quote_header hdr; + + QIOChannelSocket *sioc; + guint watch; + QEMUTimer timer; + struct TdxQuoteGenerator *quote_gen; + + void (*completion)(struct tdx_generate_quote_task *task); +}; + +void tdx_generate_quote(struct tdx_generate_quote_task *task); + +#endif /* QEMU_I386_TDX_QUOTE_GENERATOR_H */ diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 49f94d9d46f4..7dfda507cc8c 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -16,18 +16,23 @@ #include "qemu/base64.h" #include "qemu/mmap-alloc.h" #include "qapi/error.h" +#include "qapi/qapi-visit-sockets.h" #include "qom/object_interfaces.h" #include "standard-headers/asm-x86/kvm_para.h" #include "sysemu/kvm.h" #include "sysemu/sysemu.h" #include "exec/ramblock.h" +#include "hw/i386/apic_internal.h" +#include "hw/i386/apic-msidef.h" #include "hw/i386/e820_memory_layout.h" #include "hw/i386/x86.h" #include "hw/i386/tdvf.h" #include "hw/i386/tdvf-hob.h" +#include "hw/pci/msi.h" #include "kvm_i386.h" #include "tdx.h" +#include "tdx-quote-generator.h" #include "../cpu-internal.h" #define TDX_SUPPORTED_KVM_FEATURES ((1U << KVM_FEATURE_NOP_IO_DELAY) | \ @@ -866,6 +871,175 @@ int tdx_parse_tdvf(void *flash_ptr, int size) return tdvf_parse_metadata(&tdx_guest->tdvf, flash_ptr, size); } +static void tdx_inject_interrupt(uint32_t apicid, uint32_t vector) +{ + int ret; + + if (vector < 32 || vector > 255) { + return; + } + + MSIMessage msg = { + .address = ((apicid & 0xff) << MSI_ADDR_DEST_ID_SHIFT) | + (((uint64_t)apicid & 0xffffff00) << 32), + .data = vector | (APIC_DM_FIXED << MSI_DATA_DELIVERY_MODE_SHIFT), + }; + + ret = kvm_irqchip_send_msi(kvm_state, msg); + if (ret < 0) { + /* In this case, no better way to tell it to guest. Log it. */ + error_report("TDX: injection %d failed, interrupt lost (%s).\n", + vector, strerror(-ret)); + } +} + +static hwaddr tdx_shared_bit(X86CPU *cpu) +{ + return (cpu->phys_bits > 48) ? BIT_ULL(51) : BIT_ULL(47); +} + +static void tdx_get_quote_completion(struct tdx_generate_quote_task *task) +{ + int ret; + + if (task->status_code == TDX_VP_GET_QUOTE_SUCCESS) { + ret = address_space_write(&address_space_memory, task->payload_gpa, + MEMTXATTRS_UNSPECIFIED, task->receive_buf, + task->receive_buf_received); + if (ret != MEMTX_OK) { + error_report("TDX: get-quote: failed to write quote data.\n"); + } else { + task->hdr.out_len = cpu_to_le64(task->receive_buf_received); + } + } + task->hdr.error_code = cpu_to_le32(task->status_code); + + /* Publish the response contents before marking this request completed. */ + smp_wmb(); + ret = address_space_write(&address_space_memory, task->buf_gpa, + MEMTXATTRS_UNSPECIFIED, &task->hdr, + TDX_GET_QUOTE_HDR_SIZE); + if (ret != MEMTX_OK) { + error_report("TDX: get-quote: failed to update GetQuote header."); + } + + tdx_inject_interrupt(tdx_guest->event_notify_apicid, + tdx_guest->event_notify_vector); + + g_free(task->send_data); + g_free(task->receive_buf); + g_free(task); +} + +static int tdx_handle_get_quote(X86CPU *cpu, struct kvm_tdx_vmcall *vmcall) +{ + struct tdx_generate_quote_task *task; + struct tdx_get_quote_header hdr; + hwaddr buf_gpa = vmcall->in_r12; + uint64_t buf_len = vmcall->in_r13; + + QEMU_BUILD_BUG_ON(sizeof(struct tdx_get_quote_header) != TDX_GET_QUOTE_HDR_SIZE); + + vmcall->status_code = TDG_VP_VMCALL_INVALID_OPERAND; + + if (buf_len == 0) { + return 0; + } + + /* GPA must be shared. */ + if (!(buf_gpa & tdx_shared_bit(cpu))) { + return 0; + } + buf_gpa &= ~tdx_shared_bit(cpu); + + if (!QEMU_IS_ALIGNED(buf_gpa, 4096) || !QEMU_IS_ALIGNED(buf_len, 4096)) { + vmcall->status_code = TDG_VP_VMCALL_ALIGN_ERROR; + return 0; + } + + if (address_space_read(&address_space_memory, buf_gpa, MEMTXATTRS_UNSPECIFIED, + &hdr, TDX_GET_QUOTE_HDR_SIZE) != MEMTX_OK) { + error_report("TDX: get-quote: failed to read GetQuote header.\n"); + return -1; + } + + if (le64_to_cpu(hdr.structure_version) != TDX_GET_QUOTE_STRUCTURE_VERSION) { + return 0; + } + + /* + * Paranoid: Guest should clear error_code and out_len to avoid information + * leak. Enforce it. The initial value of them doesn't matter for qemu to + * process the request. + */ + if (le64_to_cpu(hdr.error_code) != TDX_VP_GET_QUOTE_SUCCESS || + le32_to_cpu(hdr.out_len) != 0) { + return 0; + } + + /* Only safe-guard check to avoid too large buffer size. */ + if (buf_len > TDX_GET_QUOTE_MAX_BUF_LEN || + le32_to_cpu(hdr.in_len) > buf_len - TDX_GET_QUOTE_HDR_SIZE) { + return 0; + } + + vmcall->status_code = TDG_VP_VMCALL_SUCCESS; + if (!tdx_guest->quote_generator) { + hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_QGS_UNAVAILABLE); + if (address_space_write(&address_space_memory, buf_gpa, + MEMTXATTRS_UNSPECIFIED, + &hdr, TDX_GET_QUOTE_HDR_SIZE) != MEMTX_OK) { + error_report("TDX: failed to update GetQuote header.\n"); + return -1; + } + return 0; + } + + qemu_mutex_lock(&tdx_guest->quote_generator->lock); + if (tdx_guest->quote_generator->num >= TDX_MAX_GET_QUOTE_REQUEST) { + qemu_mutex_unlock(&tdx_guest->quote_generator->lock); + vmcall->status_code = TDG_VP_VMCALL_RETRY; + return 0; + } + tdx_guest->quote_generator->num++; + qemu_mutex_unlock(&tdx_guest->quote_generator->lock); + + /* Mark the buffer in-flight. */ + hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_IN_FLIGHT); + if (address_space_write(&address_space_memory, buf_gpa, + MEMTXATTRS_UNSPECIFIED, + &hdr, TDX_GET_QUOTE_HDR_SIZE) != MEMTX_OK) { + error_report("TDX: failed to update GetQuote header.\n"); + return -1; + } + + task = g_malloc(sizeof(*task)); + task->buf_gpa = buf_gpa; + task->payload_gpa = buf_gpa + TDX_GET_QUOTE_HDR_SIZE; + task->payload_len = buf_len - TDX_GET_QUOTE_HDR_SIZE; + task->hdr = hdr; + task->quote_gen = tdx_guest->quote_generator; + task->completion = tdx_get_quote_completion; + + task->send_data_size = le32_to_cpu(hdr.in_len); + task->send_data = g_malloc(task->send_data_size); + task->send_data_sent = 0; + + if (address_space_read(&address_space_memory, task->payload_gpa, + MEMTXATTRS_UNSPECIFIED, task->send_data, + task->send_data_size) != MEMTX_OK) { + g_free(task->send_data); + return -1; + } + + task->receive_buf = g_malloc0(task->payload_len); + task->receive_buf_received = 0; + + tdx_generate_quote(task); + + return 0; +} + static int tdx_handle_setup_event_notify_interrupt(X86CPU *cpu, struct kvm_tdx_vmcall *vmcall) { @@ -896,6 +1070,8 @@ static int tdx_handle_vmcall(X86CPU *cpu, struct kvm_tdx_vmcall *vmcall) } switch (vmcall->subfunction) { + case TDG_VP_VMCALL_GET_QUOTE: + return tdx_handle_get_quote(cpu, vmcall); case TDG_VP_VMCALL_SETUP_EVENT_NOTIFY_INTERRUPT: return tdx_handle_setup_event_notify_interrupt(cpu, vmcall); default: @@ -979,6 +1155,40 @@ static void tdx_guest_set_mrownerconfig(Object *obj, const char *value, Error ** tdx->mrownerconfig = g_strdup(value); } +static void tdx_guest_get_quote_generation(Object *obj, Visitor *v, + const char *name, void *opaque, + Error **errp) +{ + TdxGuest *tdx = TDX_GUEST(obj); + + visit_type_SocketAddress(v, name, &tdx->quote_generator->socket, errp); +} + +static void tdx_guest_set_quote_generation(Object *obj, Visitor *v, + const char *name, void *opaque, + Error **errp) +{ + TdxGuest *tdx = TDX_GUEST(obj); + SocketAddress *sock = NULL; + Object *qg_obj; + TdxQuoteGenerator *quote_generator; + + if (!visit_type_SocketAddress(v, name, &sock, errp)) { + return; + } + + if (tdx->quote_generator) { + object_unref(tdx->quote_generator); + } + + qg_obj = object_new(TYPE_TDX_QUOTE_GENERATOR); + quote_generator = TDX_QUOTE_GENERATOR(qg_obj); + quote_generator->socket = sock; + qemu_mutex_init("e_generator->lock); + + tdx->quote_generator = quote_generator; +} + /* tdx guest */ OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest, tdx_guest, @@ -1007,6 +1217,12 @@ static void tdx_guest_init(Object *obj) tdx_guest_get_mrownerconfig, tdx_guest_set_mrownerconfig); + tdx->quote_generator = NULL; + object_property_add(obj, "quote-generation-socket", "SocketAddress", + tdx_guest_get_quote_generation, + tdx_guest_set_quote_generation, + NULL, NULL); + tdx->event_notify_vector = -1; tdx->event_notify_apicid = -1; } diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index b3d4462fe718..b7ce793d6037 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -9,6 +9,8 @@ #include "hw/i386/tdvf.h" #include "sysemu/kvm.h" +#include "tdx-quote-generator.h" + #define TYPE_TDX_GUEST "tdx-guest" #define TDX_GUEST(obj) OBJECT_CHECK(TdxGuest, (obj), TYPE_TDX_GUEST) @@ -16,6 +18,7 @@ typedef struct TdxGuestClass { ConfidentialGuestSupportClass parent_class; } TdxGuestClass; +#define TDG_VP_VMCALL_GET_QUOTE 0x10002ULL #define TDG_VP_VMCALL_SETUP_EVENT_NOTIFY_INTERRUPT 0x10004ULL #define TDG_VP_VMCALL_SUCCESS 0x0000000000000000ULL @@ -55,6 +58,9 @@ typedef struct TdxGuest { /* runtime state */ uint32_t event_notify_vector; uint32_t event_notify_apicid; + + /* GetQuote */ + TdxQuoteGenerator *quote_generator; } TdxGuest; #ifdef CONFIG_TDX