[v2,41/58] i386/tdx: handle TDG.VP.VMCALL<GetQuote>

Message ID	20230818095041.1973309-42-xiaoyao.li@intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <kvm-owner@vger.kernel.org> From: Xiaoyao Li <xiaoyao.li@intel.com> To: Paolo Bonzini <pbonzini@redhat.com>, Richard Henderson <richard.henderson@linaro.org>, "Michael S. Tsirkin" <mst@redhat.com>, Marcel Apfelbaum <marcel.apfelbaum@gmail.com>, Igor Mammedov <imammedo@redhat.com>, Ani Sinha <anisinha@redhat.com>, Peter Xu <peterx@redhat.com>, David Hildenbrand <david@redhat.com>, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= <philmd@linaro.org>, =?utf-8?q?Dani?= =?utf-8?q?el_P=2E_Berrang=C3=A9?= <berrange@redhat.com>, Cornelia Huck <cohuck@redhat.com>, Eric Blake <eblake@redhat.com>, Markus Armbruster <armbru@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>, Gerd Hoffmann <kraxel@redhat.com> Cc: qemu-devel@nongnu.org, kvm@vger.kernel.org, Eduardo Habkost <eduardo@habkost.net>, Laszlo Ersek <lersek@redhat.com>, xiaoyao.li@intel.com, Isaku Yamahata <isaku.yamahata@gmail.com>, erdemaktas@google.com, Chenyi Qiang <chenyi.qiang@intel.com> Subject: [PATCH v2 41/58] i386/tdx: handle TDG.VP.VMCALL<GetQuote> Date: Fri, 18 Aug 2023 05:50:24 -0400 Message-Id: <20230818095041.1973309-42-xiaoyao.li@intel.com> In-Reply-To: <20230818095041.1973309-1-xiaoyao.li@intel.com> References: <20230818095041.1973309-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	TDX QEMU support \| expand [v2,00/58] TDX QEMU support [v2,01/58] * HACK * linux-headers: Update headers to pull in TDX API changes [v2,02/58] i386: Introduce tdx-guest object [v2,03/58] target/i386: Parse TDX vm type [v2,04/58] target/i386: Introduce kvm_confidential_guest_init() [v2,05/58] i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context [v2,06/58] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES [v2,07/58] i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object [v2,08/58] i386/tdx: Adjust the supported CPUID based on TDX restrictions [v2,09/58] i386/tdx: Update tdx_cpuid_lookup[].tdx_fixed0/1 by tdx_caps.cpuid_config[] [v2,10/58] i386/tdx: Integrate tdx_caps->xfam_fixed0/1 into tdx_cpuid_lookup [v2,11/58] i386/tdx: Integrate tdx_caps->attrs_fixed0/1 to tdx_cpuid_lookup [v2,12/58] i386/kvm: Move architectural CPUID leaf generation to separate helper [v2,13/58] kvm: Introduce kvm_arch_pre_create_vcpu() [v2,14/58] i386/tdx: Initialize TDX before creating TD vcpus [v2,15/58] i386/tdx: Add property sept-ve-disable for tdx-guest object [v2,16/58] i386/tdx: Make sept_ve_disable set by default [v2,17/58] i386/tdx: Wire CPU features up with attributes of TD guest [v2,18/58] i386/tdx: Validate TD attributes [v2,19/58] qom: implement property helper for sha384 [v2,20/58] i386/tdx: Allows mrconfigid/mrowner/mrownerconfig for TDX_INIT_VM [v2,21/58] i386/tdx: Implement user specified tsc frequency [v2,22/58] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM [v2,23/58] i386/tdx: Make memory type private by default [v2,24/58] i386/tdx: Create kvm gmem for TD [v2,25/58] kvm/tdx: Don't complain when converting vMMIO region to shared [v2,26/58] kvm/tdx: Ignore memory conversion to shared of unassigned region [v2,27/58] i386/tdvf: Introduce function to parse TDVF metadata [v2,28/58] i386/tdx: Parse TDVF metadata for TDX VM [v2,29/58] i386/tdx: Skip BIOS shadowing setup [v2,30/58] i386/tdx: Don't initialize pc.rom for TDX VMs [v2,31/58] i386/tdx: Track mem_ptr for each firmware entry of TDVF [v2,32/58] i386/tdx: Track RAM entries for TDX VM [v2,33/58] headers: Add definitions from UEFI spec for volumes, resources, etc... [v2,34/58] i386/tdx: Setup the TD HOB list [v2,35/58] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION [v2,36/58] memory: Introduce memory_region_init_ram_gmem() [v2,37/58] i386/tdx: register TDVF as private memory [v2,38/58] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu [v2,39/58] i386/tdx: Finalize TDX VM [v2,40/58] i386/tdx: handle TDG.VP.VMCALL<SetupEventNotifyInterrupt> [v2,41/58] i386/tdx: handle TDG.VP.VMCALL<GetQuote> [v2,42/58] i386/tdx: register the fd read callback with the main loop to read the quote data [v2,43/58] i386/tdx: setup a timer for the qio channel [v2,44/58] i386/tdx: handle TDG.VP.VMCALL<MapGPA> hypercall [v2,45/58] i386/tdx: Limit the range size for MapGPA [v2,46/58] i386/tdx: Handle TDG.VP.VMCALL<REPORT_FATAL_ERROR> [v2,47/58] i386/tdx: Wire REPORT_FATAL_ERROR with GuestPanic facility [v2,48/58] i386/tdx: Disable SMM for TDX VMs [v2,49/58] i386/tdx: Disable PIC for TDX VMs [v2,50/58] i386/tdx: Don't allow system reset for TDX VMs [v2,51/58] i386/tdx: LMCE is not supported for TDX [v2,52/58] hw/i386: add eoi_intercept_unsupported member to X86MachineState [v2,53/58] hw/i386: add option to forcibly report edge trigger in acpi tables [v2,54/58] i386/tdx: Don't synchronize guest tsc for TDs [v2,55/58] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() for TDs [v2,56/58] i386/tdx: Skip kvm_put_apicbase() for TDs [v2,57/58] i386/tdx: Don't get/put guest state for TDX VMs [v2,58/58] docs: Add TDX documentation

diff --git a/qapi/qom.json b/qapi/qom.json index 87c1d440f331..37139949d761 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -879,13 +879,16 @@ # # @mrownerconfig: MROWNERCONFIG SHA384 hex string of 48 * 2 length (default: 0) # +# @quote-generation-service: socket address for Quote Generation Service(QGS) +# # Since: 8.2 ## { 'struct': 'TdxGuestProperties', 'data': { '*sept-ve-disable': 'bool', '*mrconfigid': 'str', '*mrowner': 'str', - '*mrownerconfig': 'str' } } + '*mrownerconfig': 'str', + '*quote-generation-service': 'str' } } ## # @ThreadContextProperties: diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index 1b444886e294..73d6cd88af9e 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -22,6 +22,8 @@ #include "exec/address-spaces.h" #include "exec/ramblock.h" +#include "exec/address-spaces.h" +#include "hw/i386/apic_internal.h" #include "hw/i386/e820_memory_layout.h" #include "hw/i386/x86.h" #include "hw/i386/tdvf.h" @@ -863,6 +865,25 @@ static void tdx_guest_set_sept_ve_disable(Object *obj, bool value, Error **errp) } } +static char *tdx_guest_get_quote_generation( + Object *obj, Error **errp) +{ + TdxGuest *tdx = TDX_GUEST(obj); + return g_strdup(tdx->quote_generation_str); +} + +static void tdx_guest_set_quote_generation( + Object *obj, const char *value, Error **errp) +{ + TdxGuest *tdx = TDX_GUEST(obj); + tdx->quote_generation = socket_parse(value, errp); + if (!tdx->quote_generation) + return; + + g_free(tdx->quote_generation_str); + tdx->quote_generation_str = g_strdup(value); +} + /* tdx guest */ OBJECT_DEFINE_TYPE_WITH_INTERFACES(TdxGuest, tdx_guest, @@ -895,6 +916,12 @@ static void tdx_guest_init(Object *obj) object_property_add_sha384(obj, "mrownerconfig", tdx->mrownerconfig, OBJ_PROP_FLAG_READWRITE); + tdx->quote_generation_str = NULL; + tdx->quote_generation = NULL; + object_property_add_str(obj, "quote-generation-service", + tdx_guest_get_quote_generation, + tdx_guest_set_quote_generation); + tdx->event_notify_interrupt = -1; tdx->event_notify_apic_id = -1; } @@ -907,6 +934,7 @@ static void tdx_guest_class_init(ObjectClass *oc, void *data) { } +#define TDG_VP_VMCALL_GET_QUOTE 0x10002ULL #define TDG_VP_VMCALL_SETUP_EVENT_NOTIFY_INTERRUPT 0x10004ULL #define TDG_VP_VMCALL_SUCCESS 0x0000000000000000ULL @@ -915,6 +943,355 @@ static void tdx_guest_class_init(ObjectClass *oc, void *data) #define TDG_VP_VMCALL_GPA_INUSE 0x8000000000000001ULL #define TDG_VP_VMCALL_ALIGN_ERROR 0x8000000000000002ULL +#define TDX_GET_QUOTE_STRUCTURE_VERSION 1ULL + +#define TDX_VP_GET_QUOTE_SUCCESS 0ULL +#define TDX_VP_GET_QUOTE_IN_FLIGHT (-1ULL) +#define TDX_VP_GET_QUOTE_ERROR 0x8000000000000000ULL +#define TDX_VP_GET_QUOTE_QGS_UNAVAILABLE 0x8000000000000001ULL + +/* Limit to avoid resource starvation. */ +#define TDX_GET_QUOTE_MAX_BUF_LEN (128 * 1024) +#define TDX_MAX_GET_QUOTE_REQUEST 16 + +/* Format of pages shared with guest. */ +struct tdx_get_quote_header { + /* Format version: must be 1 in little endian. */ + uint64_t structure_version; + + /* + * GetQuote status code in little endian: + * Guest must set error_code to 0 to avoid information leak. + * Qemu sets this before interrupting guest. + */ + uint64_t error_code; + + /* + * in-message size in little endian: The message will follow this header. + * The in-message will be send to QGS. + */ + uint32_t in_len; + + /* + * out-message size in little endian: + * On request, out_len must be zero to avoid information leak. + * On return, message size from QGS. Qemu overwrites this field. + * The message will follows this header. The in-message is overwritten. + */ + uint32_t out_len; + + /* + * Message buffer follows. + * Guest sets message that will be send to QGS. If out_len > in_len, guest + * should zero remaining buffer to avoid information leak. + * Qemu overwrites this buffer with a message returned from QGS. + */ +}; + +static hwaddr tdx_shared_bit(X86CPU *cpu) +{ + return (cpu->phys_bits > 48) ? BIT_ULL(51) : BIT_ULL(47); +} + +struct tdx_get_quote_task { + uint32_t apic_id; + hwaddr gpa; + uint64_t buf_len; + struct tdx_get_quote_header hdr; + int event_notify_interrupt; + QIOChannelSocket *ioc; +}; + +struct x86_msi { + union { + struct { + uint32_t reserved_0 : 2, + dest_mode_logical : 1, + redirect_hint : 1, + reserved_1 : 1, + virt_destid_8_14 : 7, + destid_0_7 : 8, + base_address : 12; + } QEMU_PACKED x86_address_lo; + uint32_t address_lo; + }; + union { + struct { + uint32_t reserved : 8, + destid_8_31 : 24; + } QEMU_PACKED x86_address_hi; + uint32_t address_hi; + }; + union { + struct { + uint32_t vector : 8, + delivery_mode : 3, + dest_mode_logical : 1, + reserved : 2, + active_low : 1, + is_level : 1; + } QEMU_PACKED x86_data; + uint32_t data; + }; +}; + +static void tdx_td_notify(struct tdx_get_quote_task *t) +{ + struct x86_msi x86_msi; + struct kvm_msi msi; + int ret; + + /* It is optional for host VMM to interrupt TD. */ + if(!(32 <= t->event_notify_interrupt && t->event_notify_interrupt <= 255)) + return; + + x86_msi = (struct x86_msi) { + .x86_address_lo = { + .reserved_0 = 0, + .dest_mode_logical = 0, + .redirect_hint = 0, + .reserved_1 = 0, + .virt_destid_8_14 = 0, + .destid_0_7 = t->apic_id & 0xff, + }, + .x86_address_hi = { + .reserved = 0, + .destid_8_31 = t->apic_id >> 8, + }, + .x86_data = { + .vector = t->event_notify_interrupt, + .delivery_mode = APIC_DM_FIXED, + .dest_mode_logical = 0, + .reserved = 0, + .active_low = 0, + .is_level = 0, + }, + }; + msi = (struct kvm_msi) { + .address_lo = x86_msi.address_lo, + .address_hi = x86_msi.address_hi, + .data = x86_msi.data, + .flags = 0, + .devid = 0, + }; + ret = kvm_vm_ioctl(kvm_state, KVM_SIGNAL_MSI, &msi); + if (ret < 0) { + /* In this case, no better way to tell it to guest. Log it. */ + error_report("TDX: injection %d failed, interrupt lost (%s).\n", + t->event_notify_interrupt, strerror(-ret)); + } +} + +/* + * TODO: If QGS doesn't reply for long time, make it an error and interrupt + * guest. + */ +static void tdx_handle_get_quote_connected(QIOTask *task, gpointer opaque) +{ + struct tdx_get_quote_task *t = opaque; + Error *err = NULL; + char *in_data = NULL; + char *out_data = NULL; + size_t out_len; + ssize_t size; + MachineState *ms; + TdxGuest *tdx; + + t->hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_ERROR); + if (qio_task_propagate_error(task, NULL)) { + t->hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_QGS_UNAVAILABLE); + goto error; + } + + in_data = g_malloc(le32_to_cpu(t->hdr.in_len)); + if (address_space_read(&address_space_memory, t->gpa + sizeof(t->hdr), + MEMTXATTRS_UNSPECIFIED, in_data, + le32_to_cpu(t->hdr.in_len)) != MEMTX_OK) { + goto error; + } + + if (qio_channel_write_all(QIO_CHANNEL(t->ioc), in_data, + le32_to_cpu(t->hdr.in_len), &err) || + err) { + t->hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_QGS_UNAVAILABLE); + goto error; + } + + out_data = g_malloc(t->buf_len); + out_len = 0; + size = 0; + while (true) { + char *buf; + size_t buf_size; + + if (out_len < t->buf_len) { + buf = out_data + out_len; + buf_size = t->buf_len - out_len; + } else { + /* + * The received data is too large to fit in the shared GPA. + * Discard the received data and try to know the data size. + */ + buf = out_data; + buf_size = t->buf_len; + } + + size = qio_channel_read(QIO_CHANNEL(t->ioc), buf, buf_size, &err); + if (err) { + break; + } + if (size <= 0) { + break; + } + out_len += size; + } + /* + * Treat partial read as success and let the QGS client to handle it because + * the client knows better about the QGS. + */ + if (out_len == 0 && (err || size < 0)) { + t->hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_QGS_UNAVAILABLE); + goto error; + } + if (out_len > 0 && out_len > t->buf_len) { + /* + * There is no specific error code defined for this case(E2BIG) at the + * moment. + * TODO: Once an error code for this case is defined in GHCI spec , + * update the error code. + */ + t->hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_ERROR); + t->hdr.out_len = cpu_to_le32(out_len); + goto error_hdr; + } + + if (address_space_write( + &address_space_memory, t->gpa + sizeof(t->hdr), + MEMTXATTRS_UNSPECIFIED, out_data, out_len) != MEMTX_OK) { + goto error; + } + /* + * Even if out_len == 0, it's a success. It's up to the QGS-client contract + * how to interpret the zero-sized message as return message. + */ + t->hdr.out_len = cpu_to_le32(out_len); + t->hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_SUCCESS); + +error: + if (t->hdr.error_code != cpu_to_le64(TDX_VP_GET_QUOTE_SUCCESS)) { + t->hdr.out_len = cpu_to_le32(0); + } +error_hdr: + if (address_space_write( + &address_space_memory, t->gpa, + MEMTXATTRS_UNSPECIFIED, &t->hdr, sizeof(t->hdr)) != MEMTX_OK) { + error_report("TDX: failed to updsate GetQuote header.\n"); + } + tdx_td_notify(t); + + qio_channel_close(QIO_CHANNEL(t->ioc), &err); + object_unref(OBJECT(t->ioc)); + g_free(in_data); + g_free(out_data); + + /* Maintain the number of in-flight requests. */ + ms = MACHINE(qdev_get_machine()); + tdx = TDX_GUEST(ms->cgs); + qemu_mutex_lock(&tdx->lock); + tdx->quote_generation_num--; + qemu_mutex_unlock(&tdx->lock); + + return; +} + +static void tdx_handle_get_quote(X86CPU *cpu, struct kvm_tdx_vmcall *vmcall) +{ + hwaddr gpa = vmcall->in_r12; + uint64_t buf_len = vmcall->in_r13; + struct tdx_get_quote_header hdr; + MachineState *ms; + TdxGuest *tdx; + QIOChannelSocket *ioc; + struct tdx_get_quote_task *t; + + vmcall->status_code = TDG_VP_VMCALL_INVALID_OPERAND; + + /* GPA must be shared. */ + if (!(gpa & tdx_shared_bit(cpu))) { + return; + } + gpa &= ~tdx_shared_bit(cpu); + + if (!QEMU_IS_ALIGNED(gpa, 4096) || !QEMU_IS_ALIGNED(buf_len, 4096)) { + vmcall->status_code = TDG_VP_VMCALL_ALIGN_ERROR; + return; + } + if (buf_len == 0) { + return; + } + + if (address_space_read(&address_space_memory, gpa, MEMTXATTRS_UNSPECIFIED, + &hdr, sizeof(hdr)) != MEMTX_OK) { + return; + } + if (le64_to_cpu(hdr.structure_version) != TDX_GET_QUOTE_STRUCTURE_VERSION) { + return; + } + /* + * Paranoid: Guest should clear error_code and out_len to avoid information + * leak. Enforce it. The initial value of them doesn't matter for qemu to + * process the request. + */ + if (le64_to_cpu(hdr.error_code) != TDX_VP_GET_QUOTE_SUCCESS || + le32_to_cpu(hdr.out_len) != 0) { + return; + } + + /* Only safe-guard check to avoid too large buffer size. */ + if (buf_len > TDX_GET_QUOTE_MAX_BUF_LEN || + le32_to_cpu(hdr.in_len) > TDX_GET_QUOTE_MAX_BUF_LEN || + le32_to_cpu(hdr.in_len) > buf_len) { + return; + } + + /* Mark the buffer in-flight. */ + hdr.error_code = cpu_to_le64(TDX_VP_GET_QUOTE_IN_FLIGHT); + if (address_space_write(&address_space_memory, gpa, MEMTXATTRS_UNSPECIFIED, + &hdr, sizeof(hdr)) != MEMTX_OK) { + return; + } + + ms = MACHINE(qdev_get_machine()); + tdx = TDX_GUEST(ms->cgs); + ioc = qio_channel_socket_new(); + + t = g_malloc(sizeof(*t)); + t->apic_id = tdx->event_notify_apic_id; + t->gpa = gpa; + t->buf_len = buf_len; + t->hdr = hdr; + t->ioc = ioc; + + qemu_mutex_lock(&tdx->lock); + if (!tdx->quote_generation || + /* Prevent too many in-flight get-quote request. */ + tdx->quote_generation_num >= TDX_MAX_GET_QUOTE_REQUEST) { + qemu_mutex_unlock(&tdx->lock); + vmcall->status_code = TDG_VP_VMCALL_RETRY; + object_unref(OBJECT(ioc)); + g_free(t); + return; + } + tdx->quote_generation_num++; + t->event_notify_interrupt = tdx->event_notify_interrupt; + qio_channel_socket_connect_async( + ioc, tdx->quote_generation, tdx_handle_get_quote_connected, t, g_free, + NULL); + qemu_mutex_unlock(&tdx->lock); + + vmcall->status_code = TDG_VP_VMCALL_SUCCESS; +} + static void tdx_handle_setup_event_notify_interrupt(X86CPU *cpu, struct kvm_tdx_vmcall *vmcall) { @@ -943,6 +1320,9 @@ static void tdx_handle_vmcall(X86CPU *cpu, struct kvm_tdx_vmcall *vmcall) } switch (vmcall->subfunction) { + case TDG_VP_VMCALL_GET_QUOTE: + tdx_handle_get_quote(cpu, vmcall); + break; case TDG_VP_VMCALL_SETUP_EVENT_NOTIFY_INTERRUPT: tdx_handle_setup_event_notify_interrupt(cpu, vmcall); break; diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h index 50a151fc79c2..d861d8516668 100644 --- a/target/i386/kvm/tdx.h +++ b/target/i386/kvm/tdx.h @@ -5,8 +5,10 @@ #include CONFIG_DEVICES /* CONFIG_TDX */ #endif +#include <linux/kvm.h> #include "exec/confidential-guest-support.h" #include "hw/i386/tdvf.h" +#include "io/channel-socket.h" #include "sysemu/kvm.h" #define TYPE_TDX_GUEST "tdx-guest" @@ -47,6 +49,11 @@ typedef struct TdxGuest { /* runtime state */ int event_notify_interrupt; uint32_t event_notify_apic_id; + + /* GetQuote */ + int quote_generation_num; + char *quote_generation_str; + SocketAddress *quote_generation; } TdxGuest; #ifdef CONFIG_TDX

[v2,41/58] i386/tdx: handle TDG.VP.VMCALL<GetQuote>

Commit Message

Comments

Patch