From patchwork Sun Jul 9 08:15:06 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kai Huang X-Patchwork-Id: 9831705 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 45F6560317 for ; Sun, 9 Jul 2017 08:17:37 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3A0D72624A for ; Sun, 9 Jul 2017 08:17:37 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2DF9727C0B; Sun, 9 Jul 2017 08:17:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.6 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_MED, RCVD_IN_SORBS_SPAM, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 5283C2624A for ; Sun, 9 Jul 2017 08:17:36 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dU7ND-0006Wr-Ss; Sun, 09 Jul 2017 08:15:23 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dU7NC-0006W6-Ce for xen-devel@lists.xen.org; Sun, 09 Jul 2017 08:15:22 +0000 Received: from [85.158.139.211] by server-12.bemta-5.messagelabs.com id B5/19-01731-916E1695; Sun, 09 Jul 2017 08:15:21 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrGIsWRWlGSWpSXmKPExsXiVRvspCvxLDH SYNssC4slHxezODB6HN39mymAMYo1My8pvyKBNWP2kpSC5riKC//3MjUwbnLvYuTiEBKYwCjx uv0oO4jDIvCSReL3pvssII6EQD+rxL8574EynEBOnMSqX7vZIOwKiUXLtjGB2EICyhJd3yC6h QQWMUm0PnzCCpJgE1CT2LqknQWiwVZiwbkvzCC2iIC0xLXPlxlBbGYBV4lze7uBbA4OYQFniZ 2NsSBhFgFVidUNh8Dm8wrES5x/9YYJYoy8xK62i2DjOYFGftm/gBniBhuJX8fWM01gFFzAyLC KUb04tagstUjXTC+pKDM9oyQ3MTNH19DAVC83tbg4MT01JzGpWC85P3cTIzDcGIBgB+PUBudD jJIcTEqivGK9CZFCfEn5KZUZicUZ8UWlOanFhxhlODiUJHi/P0mMFBIsSk1PrUjLzAEGPkxag oNHSYTXeTpQmre4IDG3ODMdInWK0ZJjw+r1X5g4Jh3YDiRfTfj/jUmIJS8/L1VKnPc8yDwBkI aM0jy4cbDovMQoKyXMywh0oBBPQWpRbmYJqvwrRnEORiVhXpOnQFN4MvNK4La+AjqICeggtro EkINKEhFSUg2MrLqBrPn7P3fL7zDNVLv3bpVJXfL6mnNb1zGve2O5S+p3K0OO4Ja7jeqrS+eV dyRf9UwuVfh+X1FCrI95+oN1Zmp+oVpfJ54z+bS5wFZyoV1WznU1nns3XZ02a8bX72BJ5+35a JRju8rgO0tPn5mUf8lWHu6FRkGXF9b+jPv/O8/+rntPWbcSS3FGoqEWc1FxIgB4QlSByQIAAA == X-Env-Sender: kaih.linux@gmail.com X-Msg-Ref: server-3.tower-206.messagelabs.com!1499588119!98453705!1 X-Originating-IP: [74.125.83.66] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 9.4.25; banners=-,-,- X-VirusChecked: Checked Received: (qmail 4348 invoked from network); 9 Jul 2017 08:15:20 -0000 Received: from mail-pg0-f66.google.com (HELO mail-pg0-f66.google.com) (74.125.83.66) by server-3.tower-206.messagelabs.com with AES128-GCM-SHA256 encrypted SMTP; 9 Jul 2017 08:15:20 -0000 Received: by mail-pg0-f66.google.com with SMTP id u36so9091148pgn.3 for ; Sun, 09 Jul 2017 01:15:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=HflpVarX1sZPgvDkOQKhYBXyMrKz2ewXRfL6euYRiT0=; b=FXFrJ3ZnJnXppPsDNl200gyEJtwfFTmCPcCvHqVU/4vQwQbC81fi3IYMuge+IOU4Hw rg9RzbW3EUVOsFubmtmXQ35nTFZCJ4Lq0Y5ymUI15tbr97kDH6Fjiymqdji4Zw+ggpWZ RXj2WaUMJpd/HymsU7HceT50i2bq2I686VE+jJnmuCDcgt4oL+9RLRyz7FB1sL/3tkem F4p+pRI+wHvZBphdsZj88e7W0im961fyA0xu1572AKriczoqcKbuh3C46AvyXGFu1cDQ qTPqxg+Q2KagFSY8zsDXAod6Fy2BH3pQKLAmaOFR4fdjxCv7T5JgS2XeI5uT2CbVQADP Hibw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=HflpVarX1sZPgvDkOQKhYBXyMrKz2ewXRfL6euYRiT0=; b=n2cfadsa1j3aiq18Gg3NjGlxUmji2ik9YS1rRRZ3a0qPfipkUZpnbMkDka3NJIhcvk OOrg9n2cVFycGn4JNsDMOOnAQfqQ5RxFaSgaphWmMsSQHTMTo8h36ltd1dXSeRi2cwWL KzebCxINNCv+Mb+Q0biAqfxbhY9FL3+GsoAKkroewWF2LtGLSAadP9ZH7hpQwuKwb6TR gpwG3+7wRtYecPvmKvlH3UGYyVRYYW180ux9Ccc0tPXhDk4e82I9+vLJGV4A+n9DCANu QWc9zNZIjdTeU87OxPPPJtikwp2fl+hMQ2gcCC2xWqJ0hXybpS3VYRhwG8BRw5xRo2Qw vipA== X-Gm-Message-State: AIVw1118AJi6491EXI959aWBzypmKOQSQPKUv03antxB8CaVkZadwXUz VgcdZNTsi47L1jMu X-Received: by 10.101.83.135 with SMTP id x7mr9536803pgq.63.1499588118723; Sun, 09 Jul 2017 01:15:18 -0700 (PDT) Received: from localhost.localdomain (118-92-234-57.dsl.dyn.ihug.co.nz. [118.92.234.57]) by smtp.gmail.com with ESMTPSA id q19sm17953072pfd.24.2017.07.09.01.15.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jul 2017 01:15:18 -0700 (PDT) From: Kai Huang X-Google-Original-From: Kai Huang To: xen-devel@lists.xen.org Date: Sun, 9 Jul 2017 20:15:06 +1200 Message-Id: <90b85ad54da14f6b0ce3c5d0c506d3189691a0b5.1499586046.git.kai.huang@linux.intel.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: References: Cc: wei.liu2@citrix.com, ian.jackson@eu.citrix.com, dave@recoil.org Subject: [Xen-devel] [PATCH 14/15] xen: tools: add SGX to applying CPUID policy X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP In libxc, a new structure 'xc_cpuid_policy_build_info_t' is added to carry domain's EPC base and size info from libxl. libxl_cpuid_apply_policy is also changed to take 'libxl_domain_build_info_t' as parameter, where domain's EPC base and size can be got and passed to xc_cpuid_apply_policy. xc_cpuid_apply_policy is extended to support SGX CPUID. If hypervisor doesn't report SGX feature in host type cpufeatureset, then using 'epc' parameter results in domain creation failure as SGX cannot be supported. Signed-off-by: Kai Huang --- tools/libxc/include/xenctrl.h | 10 ++++++ tools/libxc/xc_cpuid_x86.c | 68 ++++++++++++++++++++++++++++++++++--- tools/libxl/libxl.h | 3 +- tools/libxl/libxl_cpuid.c | 15 ++++++-- tools/libxl/libxl_dom.c | 6 +++- tools/libxl/libxl_nocpuid.c | 4 ++- tools/ocaml/libs/xc/xenctrl_stubs.c | 11 +++++- tools/python/xen/lowlevel/xc/xc.c | 11 +++++- 8 files changed, 117 insertions(+), 11 deletions(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 1629f412dd..b621b35dea 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -1783,6 +1783,15 @@ int xc_domain_debug_control(xc_interface *xch, uint32_t vcpu); #if defined(__i386__) || defined(__x86_64__) +typedef struct xc_cpuid_policy_build_info_sgx { + uint64_t epc_base; + uint64_t epc_size; +} xc_cpuid_policy_build_info_sgx_t; + +typedef struct xc_cpuid_policy_build_info { + xc_cpuid_policy_build_info_sgx_t sgx; +} xc_cpuid_policy_build_info_t; + int xc_cpuid_check(xc_interface *xch, const unsigned int *input, const char **config, @@ -1794,6 +1803,7 @@ int xc_cpuid_set(xc_interface *xch, char **config_transformed); int xc_cpuid_apply_policy(xc_interface *xch, domid_t domid, + xc_cpuid_policy_build_info_t *b_info, uint32_t *featureset, unsigned int nr_features); void xc_cpuid_to_str(const unsigned int *regs, diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index 1bedf050b8..b7eb652db9 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -38,7 +38,7 @@ enum { #define clear_feature(idx, dst) ((dst) &= ~bitmaskof(idx)) #define set_feature(idx, dst) ((dst) |= bitmaskof(idx)) -#define DEF_MAX_BASE 0x0000000du +#define DEF_MAX_BASE 0x00000012u #define DEF_MAX_INTELEXT 0x80000008u #define DEF_MAX_AMDEXT 0x8000001cu @@ -178,6 +178,8 @@ struct cpuid_domain_info /* HVM-only information. */ bool pae; bool nestedhvm; + + xc_cpuid_policy_build_info_t *b_info; }; static void cpuid(const unsigned int *input, unsigned int *regs) @@ -369,6 +371,12 @@ static void intel_xc_cpuid_policy(xc_interface *xch, const struct cpuid_domain_info *info, const unsigned int *input, unsigned int *regs) { + xc_cpuid_policy_build_info_t *b_info = info->b_info; + xc_cpuid_policy_build_info_sgx_t *sgx = NULL; + + if ( b_info ) + sgx = &b_info->sgx; + switch ( input[0] ) { case 0x00000004: @@ -381,6 +389,30 @@ static void intel_xc_cpuid_policy(xc_interface *xch, regs[3] &= 0x3ffu; break; + case 0x00000012: + if ( !sgx ) { + regs[0] = regs[1] = regs[2] = regs[3] = 0; + break; + } + + if ( !sgx->epc_base || !sgx->epc_size ) { + regs[0] = regs[1] = regs[2] = regs[3] = 0; + break; + } + + if ( input[1] == 2 ) { + /* + * FIX EPC base and size for SGX CPUID leaf 2. Xen hypervisor is + * depending on XEN_DOMCTL_set_cpuid to know domain's EPC base + * and size. + */ + regs[0] = (uint32_t)(sgx->epc_base & 0xfffff000) | 0x1; + regs[1] = (uint32_t)(sgx->epc_base >> 32); + regs[2] = (uint32_t)(sgx->epc_size & 0xfffff000) | 0x1; + regs[3] = (uint32_t)(sgx->epc_size >> 32); + } + break; + case 0x80000000: if ( regs[0] > DEF_MAX_INTELEXT ) regs[0] = DEF_MAX_INTELEXT; @@ -444,6 +476,10 @@ static void xc_cpuid_hvm_policy(xc_interface *xch, regs[1] = regs[2] = regs[3] = 0; break; + case 0x00000012: + /* Intel SGX. Passthrough to Intel function */ + break; + case 0x80000000: /* Passthrough to cpu vendor specific functions */ break; @@ -649,12 +685,13 @@ void xc_cpuid_to_str(const unsigned int *regs, char **strs) } } -static void sanitise_featureset(struct cpuid_domain_info *info) +static int sanitise_featureset(struct cpuid_domain_info *info) { const uint32_t fs_size = xc_get_cpu_featureset_size(); uint32_t disabled_features[fs_size]; static const uint32_t deep_features[] = INIT_DEEP_FEATURES; unsigned int i, b; + xc_cpuid_policy_build_info_t *b_info = info->b_info; if ( info->hvm ) { @@ -707,9 +744,19 @@ static void sanitise_featureset(struct cpuid_domain_info *info) disabled_features[i] &= ~dfs[i]; } } + + /* Cannot support 'epc' parameter if SGX is unavailable */ + if ( b_info && b_info->sgx.epc_base && b_info->sgx.epc_size ) + if (!test_bit(X86_FEATURE_SGX, info->featureset)) { + printf("Xen hypervisor doesn't support SGX.\n"); + return -EFAULT; + } + + return 0; } int xc_cpuid_apply_policy(xc_interface *xch, domid_t domid, + xc_cpuid_policy_build_info_t *b_info, uint32_t *featureset, unsigned int nr_features) { @@ -722,6 +769,8 @@ int xc_cpuid_apply_policy(xc_interface *xch, domid_t domid, if ( rc ) goto out; + info.b_info = b_info; + cpuid(input, regs); base_max = (regs[0] <= DEF_MAX_BASE) ? regs[0] : DEF_MAX_BASE; input[0] = 0x80000000; @@ -732,7 +781,9 @@ int xc_cpuid_apply_policy(xc_interface *xch, domid_t domid, else ext_max = (regs[0] <= DEF_MAX_INTELEXT) ? regs[0] : DEF_MAX_INTELEXT; - sanitise_featureset(&info); + rc = sanitise_featureset(&info); + if ( rc ) + goto out; input[0] = 0; input[1] = XEN_CPUID_INPUT_UNUSED; @@ -757,12 +808,21 @@ int xc_cpuid_apply_policy(xc_interface *xch, domid_t domid, continue; } + /* Intel SGX */ + if ( input[0] == 0x12 ) + { + input[1]++; + /* Intel SGX has 3 leaves */ + if ( input[1] < 3 ) + continue; + } + input[0]++; if ( !(input[0] & 0x80000000u) && (input[0] > base_max ) ) input[0] = 0x80000000u; input[1] = XEN_CPUID_INPUT_UNUSED; - if ( (input[0] == 4) || (input[0] == 7) ) + if ( (input[0] == 4) || (input[0] == 7) || input[0] == 0x12) input[1] = 0; else if ( input[0] == 0xd ) input[1] = 1; /* Xen automatically calculates almost everything. */ diff --git a/tools/libxl/libxl.h b/tools/libxl/libxl.h index cf8687aa7e..dad72bf277 100644 --- a/tools/libxl/libxl.h +++ b/tools/libxl/libxl.h @@ -1949,7 +1949,8 @@ libxl_device_pci *libxl_device_pci_assignable_list(libxl_ctx *ctx, int *num); int libxl_cpuid_parse_config(libxl_cpuid_policy_list *cpuid, const char* str); int libxl_cpuid_parse_config_xend(libxl_cpuid_policy_list *cpuid, const char* str); -void libxl_cpuid_apply_policy(libxl_ctx *ctx, uint32_t domid); +int libxl_cpuid_apply_policy(libxl_ctx *ctx, uint32_t domid, + libxl_domain_build_info *info); void libxl_cpuid_set(libxl_ctx *ctx, uint32_t domid, libxl_cpuid_policy_list cpuid); diff --git a/tools/libxl/libxl_cpuid.c b/tools/libxl/libxl_cpuid.c index 24591e2461..550258bdf4 100644 --- a/tools/libxl/libxl_cpuid.c +++ b/tools/libxl/libxl_cpuid.c @@ -332,9 +332,20 @@ int libxl_cpuid_parse_config_xend(libxl_cpuid_policy_list *cpuid, return 0; } -void libxl_cpuid_apply_policy(libxl_ctx *ctx, uint32_t domid) +int libxl_cpuid_apply_policy(libxl_ctx *ctx, uint32_t domid, + libxl_domain_build_info *info) { - xc_cpuid_apply_policy(ctx->xch, domid, NULL, 0); + xc_cpuid_policy_build_info_t cpuid_binfo; + + memset(&cpuid_binfo, 0, sizeof (xc_cpuid_policy_build_info_t)); + + /* Currently only Intel SGX needs info when applying CPUID policy */ + if (info->type == LIBXL_DOMAIN_TYPE_HVM) { + cpuid_binfo.sgx.epc_base = info->u.hvm.sgx.epcbase; + cpuid_binfo.sgx.epc_size = (info->u.hvm.sgx.epckb << 10); + } + + return xc_cpuid_apply_policy(ctx->xch, domid, &cpuid_binfo, NULL, 0); } void libxl_cpuid_set(libxl_ctx *ctx, uint32_t domid, diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c index 6d1d51d35d..9d05d2813e 100644 --- a/tools/libxl/libxl_dom.c +++ b/tools/libxl/libxl_dom.c @@ -535,7 +535,11 @@ int libxl__build_post(libxl__gc *gc, uint32_t domid, return ERROR_FAIL; } - libxl_cpuid_apply_policy(ctx, domid); + rc = libxl_cpuid_apply_policy(ctx, domid, info); + if (rc) { + LOG(ERROR, "Failed to apply CPUID policy (%d)", rc); + return ERROR_FAIL; + } if (info->cpuid != NULL) libxl_cpuid_set(ctx, domid, info->cpuid); diff --git a/tools/libxl/libxl_nocpuid.c b/tools/libxl/libxl_nocpuid.c index ef1161c434..70e0486e98 100644 --- a/tools/libxl/libxl_nocpuid.c +++ b/tools/libxl/libxl_nocpuid.c @@ -34,8 +34,10 @@ int libxl_cpuid_parse_config_xend(libxl_cpuid_policy_list *cpuid, return 0; } -void libxl_cpuid_apply_policy(libxl_ctx *ctx, uint32_t domid) +int libxl_cpuid_apply_policy(libxl_ctx *ctx, uint32_t domid, + libxl_domain_build_info *info) { + return 0; } void libxl_cpuid_set(libxl_ctx *ctx, uint32_t domid, diff --git a/tools/ocaml/libs/xc/xenctrl_stubs.c b/tools/ocaml/libs/xc/xenctrl_stubs.c index 5e455519d4..34f90bc630 100644 --- a/tools/ocaml/libs/xc/xenctrl_stubs.c +++ b/tools/ocaml/libs/xc/xenctrl_stubs.c @@ -796,7 +796,16 @@ CAMLprim value stub_xc_domain_cpuid_apply_policy(value xch, value domid) #if defined(__i386__) || defined(__x86_64__) int r; - r = xc_cpuid_apply_policy(_H(xch), _D(domid), NULL, 0); + /* + * FIXME: + * + * Don't support passing SGX info to xc_cpuid_apply_policy here. To be + * honest I don't know the purpose of this CAML function, so I don't + * know whether we need to allow *caller* of this function to pass SGX + * info. As EPC base is calculated internally by toolstack so I think + * it is also impossible to pass EPC base from *user*. + */ + r = xc_cpuid_apply_policy(_H(xch), _D(domid), NULL, NULL, 0); if (r < 0) failwith_xc(_H(xch)); #else diff --git a/tools/python/xen/lowlevel/xc/xc.c b/tools/python/xen/lowlevel/xc/xc.c index 5d112af6e0..a3e753589e 100644 --- a/tools/python/xen/lowlevel/xc/xc.c +++ b/tools/python/xen/lowlevel/xc/xc.c @@ -742,7 +742,16 @@ static PyObject *pyxc_dom_set_policy_cpuid(XcObject *self, if ( !PyArg_ParseTuple(args, "i", &domid) ) return NULL; - if ( xc_cpuid_apply_policy(self->xc_handle, domid, NULL, 0) ) + /* + * FIXME: + * + * Don't support passing SGX info to xc_cpuid_apply_policy here. To be + * honest I don't know the purpose of this python function, so I don't + * know whether we need to allow *caller* of this function to pass SGX + * info. As EPC base is calculated internally by toolstack so I think + * it is also impossible to pass EPC base from *user*. + */ + if ( xc_cpuid_apply_policy(self->xc_handle, domid, NULL, NULL, 0) ) return pyxc_error_to_exception(self->xc_handle); Py_INCREF(zero);