qiurui
/
asterinas
mirror of https://github.com/asterinas/asterinas.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make intel_tdx feature as default

This commit is contained in:
Hsy-Intel 2024-07-11 17:18:59 +08:00 committed by Tate, Hongliang Tian
parent 4ae59a8f2e
commit 4292ec2ebb
6 changed files with 49 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
kernel/aster-nix/Cargo.toml
View File

@ -42,7 +42,7 @@ smoltcp = { version = "0.9.1", default-features = false, features = [
"socket-raw",
"socket-dhcpv4",
] }
tdx-guest = { version = "0.1.0", optional = true }
tdx-guest = { version = "0.1.5", optional = true }
# parse elf file
xmas-elf = "0.8.0"

4
ostd/Cargo.toml
View File

@ -32,7 +32,7 @@ num-traits = { version = "0.2", default-features = false }
pod = { git = "https://github.com/asterinas/pod", rev = "d7dba56" }
spin = "0.9.4"
static_assertions = "1.1.0"
tdx-guest = { version = "0.1.0", optional = true }
tdx-guest = { version = "0.1.5", optional = true }
trapframe = { git = "https://github.com/asterinas/trapframe-rs", rev = "4739428" }
unwinding = { version = "0.2.2", default-features = false, features = ["fde-gnu-eh-frame-hdr", "hide-trace", "panic", "personality", "unwinder"] }
volatile = { version = "0.4.5", features = ["unstable"] }
@ -52,6 +52,6 @@ iced-x86 = { version = "1.21.0", default-features = false, features = [
], optional = true }
[features]
default = ["log_color"]
default = ["intel_tdx", "log_color"]
log_color = ["dep:owo-colors"]
intel_tdx = ["dep:tdx-guest", "dep:iced-x86"]

25
ostd/src/arch/x86/mod.rs
View File

@ -24,14 +24,35 @@ use core::{
sync::atomic::Ordering,
};
#[cfg(feature = "intel_tdx")]
use ::tdx_guest::tdx_is_enabled;
use kernel::apic::ioapic;
use log::{info, warn};
#[cfg(feature = "intel_tdx")]
use {
crate::early_println,
::tdx_guest::{init_tdx, tdcall::InitError, tdx_is_enabled},
};
pub(crate) fn before_all_init() {
enable_common_cpu_features();
serial::init();
#[cfg(feature = "intel_tdx")]
match init_tdx() {
Ok(td_info) => {
early_println!(
"Intel TDX initialized\ntd gpaw: {}, td attributes: {:?}",
td_info.gpaw,
td_info.attributes
);
}
Err(InitError::TdxGetVpInfoError(td_call_error)) => {
panic!(
"Intel TDX not initialized, Failed to get TD info: {:?}",
td_call_error
);
}
// The machine has no TDX support.
Err(_) => {}
}
}
pub(crate) fn after_all_init() {

27
ostd/src/arch/x86/tdx_guest.rs
View File

@ -16,7 +16,6 @@ use crate::{
kspace::{BOOT_PAGE_TABLE, KERNEL_BASE_VADDR, KERNEL_END_VADDR, KERNEL_PAGE_TABLE},
paddr_to_vaddr,
page_prop::{PageProperty, PrivilegedPageFlags as PrivFlags},
page_table::PageTableError,
PAGE_SIZE,
},
prelude::Paddr,
@ -78,14 +77,14 @@ enum MmioError {
InvalidInstruction,
InvalidAddress,
DecodeFailed,
TdVmcallError(tdvmcall::TdVmcallError),
TdVmcallError,
}
#[derive(Debug)]
pub enum PageConvertError {
PageTableError(PageTableError),
TdCallError(tdcall::TdCallError),
TdVmcallError((u64, tdvmcall::TdVmcallError)),
PageTable,
TdCall,
TdVmcall,
}
pub fn handle_virtual_exception(trapframe: &mut dyn TdxTrapFrame, ve_info: &TdgVeInfo) {
@ -187,7 +186,7 @@ fn handle_mmio(trapframe: &mut dyn TdxTrapFrame, ve_info: &TdgVeInfo) -> Result<
// SAFETY: The mmio_gpa obtained from `ve_info` is valid, and the value and size parsed from the instruction are valid.
unsafe {
write_mmio(size, ve_info.guest_physical_address, value)
.map_err(MmioError::TdVmcallError)?
.map_err(|_| MmioError::TdVmcallError)?
}
}
InstrMmioType::WriteImm => {
@ -195,14 +194,14 @@ fn handle_mmio(trapframe: &mut dyn TdxTrapFrame, ve_info: &TdgVeInfo) -> Result<
// SAFETY: The mmio_gpa obtained from `ve_info` is valid, and the value and size parsed from the instruction are valid.
unsafe {
write_mmio(size, ve_info.guest_physical_address, value)
.map_err(MmioError::TdVmcallError)?
.map_err(|_| MmioError::TdVmcallError)?
}
}
InstrMmioType::Read =>
// SAFETY: The mmio_gpa obtained from `ve_info` is valid, and the size parsed from the instruction is valid.
unsafe {
let read_res = read_mmio(size, ve_info.guest_physical_address)
.map_err(MmioError::TdVmcallError)?
.map_err(|_| MmioError::TdVmcallError)?
as usize;
match instr.op0_register() {
Register::RAX => trapframe.set_rax(read_res),
@ -297,7 +296,7 @@ fn handle_mmio(trapframe: &mut dyn TdxTrapFrame, ve_info: &TdgVeInfo) -> Result<
// SAFETY: The mmio_gpa obtained from `ve_info` is valid, and the size parsed from the instruction is valid.
unsafe {
let read_res = read_mmio(size, ve_info.guest_physical_address)
.map_err(MmioError::TdVmcallError)?
.map_err(|_| MmioError::TdVmcallError)?
as usize;
match instr.op0_register() {
Register::RAX | Register::EAX | Register::AX | Register::AL => {
@ -421,7 +420,7 @@ pub unsafe fn unprotect_gpa_range(gpa: Paddr, page_num: usize) -> Result<(), Pag
};
let vaddr = paddr_to_vaddr(gpa);
pt.protect(&(vaddr..vaddr + page_num * PAGE_SIZE), protect_op)
.map_err(PageConvertError::PageTableError)?;
.map_err(|_| PageConvertError::PageTable)?;
// Protect the page in the boot page table if in the boot phase.
{
let mut boot_pt_lock = BOOT_PAGE_TABLE.lock();
@ -436,7 +435,7 @@ pub unsafe fn unprotect_gpa_range(gpa: Paddr, page_num: usize) -> Result<(), Pag
(gpa & (!PAGE_MASK)) as u64 | SHARED_MASK,
(page_num * PAGE_SIZE) as u64,
)
.map_err(PageConvertError::TdVmcallError)
.map_err(|_| PageConvertError::TdVmcall)
}
/// Sets the given physical address range to Intel TDX private pages.
@ -464,7 +463,7 @@ pub unsafe fn protect_gpa_range(gpa: Paddr, page_num: usize) -> Result<(), PageC
};
let vaddr = paddr_to_vaddr(gpa);
pt.protect(&(vaddr..vaddr + page_num * PAGE_SIZE), protect_op)
.map_err(PageConvertError::PageTableError)?;
.map_err(|_| PageConvertError::PageTable)?;
// Protect the page in the boot page table if in the boot phase.
{
let mut boot_pt_lock = BOOT_PAGE_TABLE.lock();
@ -476,10 +475,10 @@ pub unsafe fn protect_gpa_range(gpa: Paddr, page_num: usize) -> Result<(), PageC
}
}
map_gpa((gpa & PAGE_MASK) as u64, (page_num * PAGE_SIZE) as u64)
.map_err(PageConvertError::TdVmcallError)?;
.map_err(|_| PageConvertError::TdVmcall)?;
for i in 0..page_num {
unsafe {
accept_page(0, (gpa + i * PAGE_SIZE) as u64).map_err(PageConvertError::TdCallError)?;
accept_page(0, (gpa + i * PAGE_SIZE) as u64).map_err(|_| PageConvertError::TdCall)?;
}
}
Ok(())

15
ostd/src/arch/x86/trap.rs
View File

@ -7,7 +7,7 @@ use core::sync::atomic::{AtomicBool, Ordering};
use align_ext::AlignExt;
use log::debug;
#[cfg(feature = "intel_tdx")]
use tdx_guest::tdcall;
use tdx_guest::{tdcall, tdx_is_enabled};
use trapframe::TrapFrame;
use super::ex_table::ExTable;
@ -136,6 +136,14 @@ fn handle_kernel_page_fault(f: &TrapFrame, page_fault_vaddr: u64) {
let vaddr = (page_fault_vaddr as usize).align_down(PAGE_SIZE);
let paddr = vaddr - LINEAR_MAPPING_BASE_VADDR;
#[cfg(not(feature = "intel_tdx"))]
let priv_flags = PrivFlags::GLOBAL;
#[cfg(feature = "intel_tdx")]
let priv_flags = if tdx_is_enabled() {
PrivFlags::SHARED | PrivFlags::GLOBAL
} else {
PrivFlags::GLOBAL
};
// SAFETY:
// 1. We have checked that the page fault address falls within the address range of the direct
// mapping of physical memory.
@ -149,10 +157,7 @@ fn handle_kernel_page_fault(f: &TrapFrame, page_fault_vaddr: u64) {
PageProperty {
flags: PageFlags::RW,
cache: CachePolicy::Uncacheable,
#[cfg(not(feature = "intel_tdx"))]
priv_flags: PrivFlags::GLOBAL,
#[cfg(feature = "intel_tdx")]
priv_flags: PrivFlags::SHARED | PrivFlags::GLOBAL,
priv_flags,
},
)
.unwrap();

11
ostd/src/lib.rs
View File

@ -44,8 +44,6 @@ pub mod trap;
pub mod user;
pub use ostd_macros::main;
#[cfg(feature = "intel_tdx")]
use tdx_guest::init_tdx;
pub use self::{cpu::cpu_local::CpuLocal, error::Error, prelude::Result};
@ -60,15 +58,6 @@ pub use self::{cpu::cpu_local::CpuLocal, error::Error, prelude::Result};
pub fn init() {
arch::before_all_init();
#[cfg(feature = "intel_tdx")]
let td_info = init_tdx().unwrap();
#[cfg(feature = "intel_tdx")]
early_println!(
"td gpaw: {}, td attributes: {:?}\nTDX guest is initialized",
td_info.gpaw,
td_info.attributes
);
mm::heap_allocator::init();
boot::init();