From 4292ec2ebbddb74f28311553bbdd9a915a6f0416 Mon Sep 17 00:00:00 2001 From: Hsy-Intel Date: Thu, 11 Jul 2024 17:18:59 +0800 Subject: [PATCH] Make intel_tdx feature as default --- kernel/aster-nix/Cargo.toml | 2 +- ostd/Cargo.toml | 4 ++-- ostd/src/arch/x86/mod.rs | 25 +++++++++++++++++++++++-- ostd/src/arch/x86/tdx_guest.rs | 27 +++++++++++++-------------- ostd/src/arch/x86/trap.rs | 15 ++++++++++----- ostd/src/lib.rs | 11 ----------- 6 files changed, 49 insertions(+), 35 deletions(-) diff --git a/kernel/aster-nix/Cargo.toml b/kernel/aster-nix/Cargo.toml index 407a0570..b2651c6b 100644 --- a/kernel/aster-nix/Cargo.toml +++ b/kernel/aster-nix/Cargo.toml @@ -42,7 +42,7 @@ smoltcp = { version = "0.9.1", default-features = false, features = [ "socket-raw", "socket-dhcpv4", ] } -tdx-guest = { version = "0.1.0", optional = true } +tdx-guest = { version = "0.1.5", optional = true } # parse elf file xmas-elf = "0.8.0" diff --git a/ostd/Cargo.toml b/ostd/Cargo.toml index ea76215c..bacfdf3d 100644 --- a/ostd/Cargo.toml +++ b/ostd/Cargo.toml @@ -32,7 +32,7 @@ num-traits = { version = "0.2", default-features = false } pod = { git = "https://github.com/asterinas/pod", rev = "d7dba56" } spin = "0.9.4" static_assertions = "1.1.0" -tdx-guest = { version = "0.1.0", optional = true } +tdx-guest = { version = "0.1.5", optional = true } trapframe = { git = "https://github.com/asterinas/trapframe-rs", rev = "4739428" } unwinding = { version = "0.2.2", default-features = false, features = ["fde-gnu-eh-frame-hdr", "hide-trace", "panic", "personality", "unwinder"] } volatile = { version = "0.4.5", features = ["unstable"] } @@ -52,6 +52,6 @@ iced-x86 = { version = "1.21.0", default-features = false, features = [ ], optional = true } [features] -default = ["log_color"] +default = ["intel_tdx", "log_color"] log_color = ["dep:owo-colors"] intel_tdx = ["dep:tdx-guest", "dep:iced-x86"] diff --git a/ostd/src/arch/x86/mod.rs b/ostd/src/arch/x86/mod.rs index eaf47e60..18578758 100644 --- a/ostd/src/arch/x86/mod.rs +++ b/ostd/src/arch/x86/mod.rs @@ -24,14 +24,35 @@ use core::{ sync::atomic::Ordering, }; -#[cfg(feature = "intel_tdx")] -use ::tdx_guest::tdx_is_enabled; use kernel::apic::ioapic; use log::{info, warn}; +#[cfg(feature = "intel_tdx")] +use { + crate::early_println, + ::tdx_guest::{init_tdx, tdcall::InitError, tdx_is_enabled}, +}; pub(crate) fn before_all_init() { enable_common_cpu_features(); serial::init(); + #[cfg(feature = "intel_tdx")] + match init_tdx() { + Ok(td_info) => { + early_println!( + "Intel TDX initialized\ntd gpaw: {}, td attributes: {:?}", + td_info.gpaw, + td_info.attributes + ); + } + Err(InitError::TdxGetVpInfoError(td_call_error)) => { + panic!( + "Intel TDX not initialized, Failed to get TD info: {:?}", + td_call_error + ); + } + // The machine has no TDX support. + Err(_) => {} + } } pub(crate) fn after_all_init() { diff --git a/ostd/src/arch/x86/tdx_guest.rs b/ostd/src/arch/x86/tdx_guest.rs index cf8fab5e..28990ae8 100644 --- a/ostd/src/arch/x86/tdx_guest.rs +++ b/ostd/src/arch/x86/tdx_guest.rs @@ -16,7 +16,6 @@ use crate::{ kspace::{BOOT_PAGE_TABLE, KERNEL_BASE_VADDR, KERNEL_END_VADDR, KERNEL_PAGE_TABLE}, paddr_to_vaddr, page_prop::{PageProperty, PrivilegedPageFlags as PrivFlags}, - page_table::PageTableError, PAGE_SIZE, }, prelude::Paddr, @@ -78,14 +77,14 @@ enum MmioError { InvalidInstruction, InvalidAddress, DecodeFailed, - TdVmcallError(tdvmcall::TdVmcallError), + TdVmcallError, } #[derive(Debug)] pub enum PageConvertError { - PageTableError(PageTableError), - TdCallError(tdcall::TdCallError), - TdVmcallError((u64, tdvmcall::TdVmcallError)), + PageTable, + TdCall, + TdVmcall, } pub fn handle_virtual_exception(trapframe: &mut dyn TdxTrapFrame, ve_info: &TdgVeInfo) { @@ -187,7 +186,7 @@ fn handle_mmio(trapframe: &mut dyn TdxTrapFrame, ve_info: &TdgVeInfo) -> Result< // SAFETY: The mmio_gpa obtained from `ve_info` is valid, and the value and size parsed from the instruction are valid. unsafe { write_mmio(size, ve_info.guest_physical_address, value) - .map_err(MmioError::TdVmcallError)? + .map_err(|_| MmioError::TdVmcallError)? } } InstrMmioType::WriteImm => { @@ -195,14 +194,14 @@ fn handle_mmio(trapframe: &mut dyn TdxTrapFrame, ve_info: &TdgVeInfo) -> Result< // SAFETY: The mmio_gpa obtained from `ve_info` is valid, and the value and size parsed from the instruction are valid. unsafe { write_mmio(size, ve_info.guest_physical_address, value) - .map_err(MmioError::TdVmcallError)? + .map_err(|_| MmioError::TdVmcallError)? } } InstrMmioType::Read => // SAFETY: The mmio_gpa obtained from `ve_info` is valid, and the size parsed from the instruction is valid. unsafe { let read_res = read_mmio(size, ve_info.guest_physical_address) - .map_err(MmioError::TdVmcallError)? + .map_err(|_| MmioError::TdVmcallError)? as usize; match instr.op0_register() { Register::RAX => trapframe.set_rax(read_res), @@ -297,7 +296,7 @@ fn handle_mmio(trapframe: &mut dyn TdxTrapFrame, ve_info: &TdgVeInfo) -> Result< // SAFETY: The mmio_gpa obtained from `ve_info` is valid, and the size parsed from the instruction is valid. unsafe { let read_res = read_mmio(size, ve_info.guest_physical_address) - .map_err(MmioError::TdVmcallError)? + .map_err(|_| MmioError::TdVmcallError)? as usize; match instr.op0_register() { Register::RAX | Register::EAX | Register::AX | Register::AL => { @@ -421,7 +420,7 @@ pub unsafe fn unprotect_gpa_range(gpa: Paddr, page_num: usize) -> Result<(), Pag }; let vaddr = paddr_to_vaddr(gpa); pt.protect(&(vaddr..vaddr + page_num * PAGE_SIZE), protect_op) - .map_err(PageConvertError::PageTableError)?; + .map_err(|_| PageConvertError::PageTable)?; // Protect the page in the boot page table if in the boot phase. { let mut boot_pt_lock = BOOT_PAGE_TABLE.lock(); @@ -436,7 +435,7 @@ pub unsafe fn unprotect_gpa_range(gpa: Paddr, page_num: usize) -> Result<(), Pag (gpa & (!PAGE_MASK)) as u64 | SHARED_MASK, (page_num * PAGE_SIZE) as u64, ) - .map_err(PageConvertError::TdVmcallError) + .map_err(|_| PageConvertError::TdVmcall) } /// Sets the given physical address range to Intel TDX private pages. @@ -464,7 +463,7 @@ pub unsafe fn protect_gpa_range(gpa: Paddr, page_num: usize) -> Result<(), PageC }; let vaddr = paddr_to_vaddr(gpa); pt.protect(&(vaddr..vaddr + page_num * PAGE_SIZE), protect_op) - .map_err(PageConvertError::PageTableError)?; + .map_err(|_| PageConvertError::PageTable)?; // Protect the page in the boot page table if in the boot phase. { let mut boot_pt_lock = BOOT_PAGE_TABLE.lock(); @@ -476,10 +475,10 @@ pub unsafe fn protect_gpa_range(gpa: Paddr, page_num: usize) -> Result<(), PageC } } map_gpa((gpa & PAGE_MASK) as u64, (page_num * PAGE_SIZE) as u64) - .map_err(PageConvertError::TdVmcallError)?; + .map_err(|_| PageConvertError::TdVmcall)?; for i in 0..page_num { unsafe { - accept_page(0, (gpa + i * PAGE_SIZE) as u64).map_err(PageConvertError::TdCallError)?; + accept_page(0, (gpa + i * PAGE_SIZE) as u64).map_err(|_| PageConvertError::TdCall)?; } } Ok(()) diff --git a/ostd/src/arch/x86/trap.rs b/ostd/src/arch/x86/trap.rs index 09a8b3c1..4464f73e 100644 --- a/ostd/src/arch/x86/trap.rs +++ b/ostd/src/arch/x86/trap.rs @@ -7,7 +7,7 @@ use core::sync::atomic::{AtomicBool, Ordering}; use align_ext::AlignExt; use log::debug; #[cfg(feature = "intel_tdx")] -use tdx_guest::tdcall; +use tdx_guest::{tdcall, tdx_is_enabled}; use trapframe::TrapFrame; use super::ex_table::ExTable; @@ -136,6 +136,14 @@ fn handle_kernel_page_fault(f: &TrapFrame, page_fault_vaddr: u64) { let vaddr = (page_fault_vaddr as usize).align_down(PAGE_SIZE); let paddr = vaddr - LINEAR_MAPPING_BASE_VADDR; + #[cfg(not(feature = "intel_tdx"))] + let priv_flags = PrivFlags::GLOBAL; + #[cfg(feature = "intel_tdx")] + let priv_flags = if tdx_is_enabled() { + PrivFlags::SHARED | PrivFlags::GLOBAL + } else { + PrivFlags::GLOBAL + }; // SAFETY: // 1. We have checked that the page fault address falls within the address range of the direct // mapping of physical memory. @@ -149,10 +157,7 @@ fn handle_kernel_page_fault(f: &TrapFrame, page_fault_vaddr: u64) { PageProperty { flags: PageFlags::RW, cache: CachePolicy::Uncacheable, - #[cfg(not(feature = "intel_tdx"))] - priv_flags: PrivFlags::GLOBAL, - #[cfg(feature = "intel_tdx")] - priv_flags: PrivFlags::SHARED | PrivFlags::GLOBAL, + priv_flags, }, ) .unwrap(); diff --git a/ostd/src/lib.rs b/ostd/src/lib.rs index d1b0645a..e4db96a2 100644 --- a/ostd/src/lib.rs +++ b/ostd/src/lib.rs @@ -44,8 +44,6 @@ pub mod trap; pub mod user; pub use ostd_macros::main; -#[cfg(feature = "intel_tdx")] -use tdx_guest::init_tdx; pub use self::{cpu::cpu_local::CpuLocal, error::Error, prelude::Result}; @@ -60,15 +58,6 @@ pub use self::{cpu::cpu_local::CpuLocal, error::Error, prelude::Result}; pub fn init() { arch::before_all_init(); - #[cfg(feature = "intel_tdx")] - let td_info = init_tdx().unwrap(); - #[cfg(feature = "intel_tdx")] - early_println!( - "td gpaw: {}, td attributes: {:?}\nTDX guest is initialized", - td_info.gpaw, - td_info.attributes - ); - mm::heap_allocator::init(); boot::init();