From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Francesco Lavra" <francescolavra.fl@gmail.com>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
qemu-devel@nongnu.org,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Rick Edgecombe" <rick.p.edgecombe@intel.com>
Subject: Re: [PATCH v8 05/55] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES
Date: Wed, 2 Apr 2025 12:00:29 +0100 [thread overview]
Message-ID: <Z-0YzauBkAl8pyIP@redhat.com> (raw)
In-Reply-To: <20250401130205.2198253-6-xiaoyao.li@intel.com>
On Tue, Apr 01, 2025 at 09:01:15AM -0400, Xiaoyao Li wrote:
> KVM provides TDX capabilities via sub command KVM_TDX_CAPABILITIES of
> IOCTL(KVM_MEMORY_ENCRYPT_OP). Get the capabilities when initializing
> TDX context. It will be used to validate user's setting later.
>
> Since there is no interface reporting how many cpuid configs contains in
> KVM_TDX_CAPABILITIES, QEMU chooses to try starting with a known number
> and abort when it exceeds KVM_MAX_CPUID_ENTRIES.
>
> Besides, introduce the interfaces to invoke TDX "ioctls" at VCPU scope
> in preparation.
>
> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
> ---
> Changes in v7:
> - refine and unifiy the error handling; (Daniel)
>
> Changes in v6:
> - Pass CPUState * to tdx_vcpu_ioctl();
> - update commit message to remove platform scope thing;
> - dump hw_error when it's non-zero to help debug;
>
> Changes in v4:
> - use {} to initialize struct kvm_tdx_cmd, to avoid memset();
> - remove tdx_platform_ioctl() because no user;
>
> Changes in v3:
> - rename __tdx_ioctl() to tdx_ioctl_internal()
> - Pass errp in get_tdx_capabilities();
>
> changes in v2:
> - Make the error message more clear;
>
> changes in v1:
> - start from nr_cpuid_configs = 6 for the loop;
> - stop the loop when nr_cpuid_configs exceeds KVM_MAX_CPUID_ENTRIES;
> ---
> target/i386/kvm/kvm.c | 2 -
> target/i386/kvm/kvm_i386.h | 2 +
> target/i386/kvm/tdx.c | 107 ++++++++++++++++++++++++++++++++++++-
> 3 files changed, 108 insertions(+), 3 deletions(-)
>
> diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
> index 1af4710556ad..b4fa35405fe1 100644
> --- a/target/i386/kvm/kvm.c
> +++ b/target/i386/kvm/kvm.c
> @@ -1779,8 +1779,6 @@ static int hyperv_init_vcpu(X86CPU *cpu)
>
> static Error *invtsc_mig_blocker;
>
> -#define KVM_MAX_CPUID_ENTRIES 100
> -
> static void kvm_init_xsave(CPUX86State *env)
> {
> if (has_xsave2) {
> diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h
> index 88565e8dbac1..ed1e61fb8ba9 100644
> --- a/target/i386/kvm/kvm_i386.h
> +++ b/target/i386/kvm/kvm_i386.h
> @@ -13,6 +13,8 @@
>
> #include "system/kvm.h"
>
> +#define KVM_MAX_CPUID_ENTRIES 100
> +
> /* always false if !CONFIG_KVM */
> #define kvm_pit_in_kernel() \
> (kvm_irqchip_in_kernel() && !kvm_irqchip_is_split())
> diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
> index 4ff94860815d..c67be5e618e2 100644
> --- a/target/i386/kvm/tdx.c
> +++ b/target/i386/kvm/tdx.c
> @@ -10,17 +10,122 @@
> */
>
> #include "qemu/osdep.h"
> +#include "qemu/error-report.h"
> +#include "qapi/error.h"
> #include "qom/object_interfaces.h"
>
> #include "hw/i386/x86.h"
> #include "kvm_i386.h"
> #include "tdx.h"
>
> +static struct kvm_tdx_capabilities *tdx_caps;
> +
> +enum tdx_ioctl_level {
> + TDX_VM_IOCTL,
> + TDX_VCPU_IOCTL,
> +};
> +
> +static int tdx_ioctl_internal(enum tdx_ioctl_level level, void *state,
> + int cmd_id, __u32 flags, void *data,
> + Error **errp)
> +{
> + struct kvm_tdx_cmd tdx_cmd = {};
> + int r;
> +
> + const char *tdx_ioctl_name[] = {
> + [KVM_TDX_CAPABILITIES] = "KVM_TDX_CAPABILITIES",
> + [KVM_TDX_INIT_VM] = "KVM_TDX_INIT_VM",
> + [KVM_TDX_INIT_VCPU] = "KVM_TDX_INIT_VCPU",
> + [KVM_TDX_INIT_MEM_REGION] = "KVM_TDX_INIT_MEM_REGION",
> + [KVM_TDX_FINALIZE_VM] = "KVM_TDX_FINALIZE_VM",
> + [KVM_TDX_GET_CPUID] = "KVM_TDX_GET_CPUID",
> + };
> +
> + tdx_cmd.id = cmd_id;
> + tdx_cmd.flags = flags;
> + tdx_cmd.data = (__u64)(unsigned long)data;
> +
> + switch (level) {
> + case TDX_VM_IOCTL:
> + r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
> + break;
> + case TDX_VCPU_IOCTL:
> + r = kvm_vcpu_ioctl(state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
> + break;
> + default:
> + error_setg(errp, "Invalid tdx_ioctl_level %d", level);
> + return -EINVAL;
> + }
> +
> + if (r < 0) {
> + error_setg_errno(errp, -r, "TDX ioctl %s failed, hw_errors: 0x%llx",
> + tdx_ioctl_name[cmd_id], tdx_cmd.hw_error);
> + }
> + return r;
> +}
> +
> +static inline int tdx_vm_ioctl(int cmd_id, __u32 flags, void *data,
> + Error **errp)
> +{
> + return tdx_ioctl_internal(TDX_VM_IOCTL, NULL, cmd_id, flags, data, errp);
> +}
> +
> +static inline int tdx_vcpu_ioctl(CPUState *cpu, int cmd_id, __u32 flags,
> + void *data, Error **errp)
> +{
> + return tdx_ioctl_internal(TDX_VCPU_IOCTL, cpu, cmd_id, flags, data, errp);
> +}
> +
> +static int get_tdx_capabilities(Error **errp)
> +{
> + struct kvm_tdx_capabilities *caps;
> + /* 1st generation of TDX reports 6 cpuid configs */
> + int nr_cpuid_configs = 6;
> + size_t size;
> + int r;
> +
> + do {
> + Error *local_err = NULL;
> + size = sizeof(struct kvm_tdx_capabilities) +
> + nr_cpuid_configs * sizeof(struct kvm_cpuid_entry2);
> + caps = g_malloc0(size);
> + caps->cpuid.nent = nr_cpuid_configs;
> +
> + r = tdx_vm_ioctl(KVM_TDX_CAPABILITIES, 0, caps, &local_err);
> + if (r == -E2BIG) {
> + g_free(caps);
> + nr_cpuid_configs *= 2;
> + if (nr_cpuid_configs > KVM_MAX_CPUID_ENTRIES) {
> + error_report("KVM TDX seems broken that number of CPUID entries"
> + " in kvm_tdx_capabilities exceeds limit: %d",
> + KVM_MAX_CPUID_ENTRIES);
> + error_propagate(errp, local_err);
> + return r;
> + }
> + error_free(local_err);
IIRC, you'll need 'local_err = NULL' here, otherwise next time around
the loop 'local_err' will be pointing to a free'd error object which
'error_setg' will think is still valid & won't overwrite.
> + } else if (r < 0) {
> + g_free(caps);
> + error_propagate(errp, local_err);
> + return r;
> + }
> + } while (r == -E2BIG);
> +
> + tdx_caps = caps;
> +
> + return 0;
> +}
> +
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2025-04-02 11:01 UTC|newest]
Thread overview: 161+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-01 13:01 [PATCH for 10.1 v8 00/55] QEMU TDX support Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 01/55] *** HACK *** linux-headers: Update headers to pull in TDX API changes Xiaoyao Li
2025-04-18 9:47 ` Zhao Liu
2025-04-22 1:57 ` Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 02/55] i386: Introduce tdx-guest object Xiaoyao Li
2025-04-02 10:53 ` Daniel P. Berrangé
2025-04-18 9:17 ` Zhao Liu
2025-04-22 2:14 ` Xiaoyao Li
2025-04-22 8:24 ` Daniel P. Berrangé
2025-04-22 14:25 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 03/55] i386/tdx: Implement tdx_kvm_type() for TDX Xiaoyao Li
2025-04-02 10:55 ` Daniel P. Berrangé
2025-04-18 9:23 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 04/55] i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context Xiaoyao Li
2025-04-02 10:57 ` Daniel P. Berrangé
2025-04-18 9:32 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 05/55] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES Xiaoyao Li
2025-04-02 11:00 ` Daniel P. Berrangé [this message]
2025-04-02 14:52 ` Xiaoyao Li
2025-04-02 14:54 ` Daniel P. Berrangé
2025-04-01 13:01 ` [PATCH v8 06/55] i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object Xiaoyao Li
2025-04-18 9:45 ` Zhao Liu
2025-04-22 2:32 ` Xiaoyao Li
2025-04-22 14:20 ` Zhao Liu
2025-04-22 14:27 ` Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 07/55] kvm: Introduce kvm_arch_pre_create_vcpu() Xiaoyao Li
2025-04-02 11:43 ` Daniel P. Berrangé
2025-04-22 14:31 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 08/55] i386/tdx: Initialize TDX before creating TD vcpus Xiaoyao Li
2025-04-02 11:41 ` Daniel P. Berrangé
2025-04-08 2:37 ` Xiaoyao Li
2025-04-22 15:34 ` Zhao Liu
2025-04-23 8:00 ` Xiaoyao Li
2025-04-23 12:18 ` Zhao Liu
2025-04-22 14:54 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 09/55] i386/tdx: Add property sept-ve-disable for tdx-guest object Xiaoyao Li
2025-04-02 11:45 ` Daniel P. Berrangé
2025-04-22 14:56 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 10/55] i386/tdx: Make sept_ve_disable set by default Xiaoyao Li
2025-04-02 11:45 ` Daniel P. Berrangé
2025-04-22 15:00 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 11/55] i386/tdx: Wire CPU features up with attributes of TD guest Xiaoyao Li
2025-04-02 11:46 ` Daniel P. Berrangé
2025-04-22 15:06 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 12/55] i386/tdx: Validate TD attributes Xiaoyao Li
2025-04-02 11:47 ` Daniel P. Berrangé
2025-04-09 2:57 ` Xiaoyao Li
2025-04-22 15:35 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 13/55] i386/tdx: Support user configurable mrconfigid/mrowner/mrownerconfig Xiaoyao Li
2025-04-02 11:51 ` Daniel P. Berrangé
2025-04-08 3:14 ` Xiaoyao Li
2025-04-07 11:59 ` Markus Armbruster
2025-04-22 15:42 ` Zhao Liu
2025-04-23 8:11 ` Xiaoyao Li
2025-04-23 12:31 ` Zhao Liu
2025-04-23 13:08 ` Xiaoyao Li
2025-04-23 13:33 ` Daniel P. Berrangé
2025-04-01 13:01 ` [PATCH v8 14/55] i386/tdx: Set APIC bus rate to match with what TDX module enforces Xiaoyao Li
2025-04-02 11:56 ` Daniel P. Berrangé
2025-04-08 3:14 ` Xiaoyao Li
2025-04-22 15:44 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 15/55] i386/tdx: Implement user specified tsc frequency Xiaoyao Li
2025-04-02 12:00 ` Daniel P. Berrangé
2025-04-23 3:25 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 16/55] i386/tdx: load TDVF for TD guest Xiaoyao Li
2025-04-24 7:52 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 17/55] i386/tdvf: Introduce function to parse TDVF metadata Xiaoyao Li
2025-04-02 12:08 ` Daniel P. Berrangé
2025-04-09 4:11 ` Xiaoyao Li
2025-04-24 8:15 ` Zhao Liu
2025-04-24 8:11 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 18/55] i386/tdx: Parse TDVF metadata for TDX VM Xiaoyao Li
2025-04-02 12:11 ` Daniel P. Berrangé
2025-04-24 8:16 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 19/55] i386/tdx: Don't initialize pc.rom for TDX VMs Xiaoyao Li
2025-04-24 14:52 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 20/55] i386/tdx: Track mem_ptr for each firmware entry of TDVF Xiaoyao Li
2025-04-24 15:09 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 21/55] i386/tdx: Track RAM entries for TDX VM Xiaoyao Li
2025-04-25 4:49 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 22/55] headers: Add definitions from UEFI spec for volumes, resources, etc Xiaoyao Li
2025-04-25 4:51 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 23/55] i386/tdx: Setup the TD HOB list Xiaoyao Li
2025-04-25 7:05 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 24/55] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION Xiaoyao Li
2025-04-25 8:07 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 25/55] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu Xiaoyao Li
2025-04-25 8:12 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 26/55] i386/tdx: Finalize TDX VM Xiaoyao Li
2025-04-27 9:07 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 27/55] i386/tdx: Enable user exit on KVM_HC_MAP_GPA_RANGE Xiaoyao Li
2025-04-27 9:07 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 28/55] i386/tdx: Handle KVM_SYSTEM_EVENT_TDX_FATAL Xiaoyao Li
2025-04-28 15:00 ` Zhao Liu
2025-05-08 6:07 ` Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 29/55] i386/tdx: Wire TDX_REPORT_FATAL_ERROR with GuestPanic facility Xiaoyao Li
2025-04-28 15:23 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 30/55] kvm: Check KVM_CAP_MAX_VCPUS at vm level Xiaoyao Li
2025-04-28 15:54 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 31/55] i386/cpu: introduce x86_confidential_guest_cpu_instance_init() Xiaoyao Li
2025-04-24 5:51 ` Xiaoyao Li
2025-04-29 10:06 ` Zhao Liu
2025-05-07 1:42 ` Xiaoyao Li
2025-04-29 6:35 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 32/55] i386/tdx: implement tdx_cpu_instance_init() Xiaoyao Li
2025-04-29 6:42 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 33/55] i386/cpu: Introduce enable_cpuid_0x1f to force exposing CPUID 0x1f Xiaoyao Li
2025-04-29 10:10 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 34/55] i386/tdx: Force " Xiaoyao Li
2025-04-29 10:10 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 35/55] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM Xiaoyao Li
2025-04-29 10:12 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 36/55] i386/tdx: Disable SMM for TDX VMs Xiaoyao Li
2025-04-02 12:25 ` Daniel P. Berrangé
2025-04-29 10:15 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 37/55] i386/tdx: Disable PIC " Xiaoyao Li
2025-04-02 12:27 ` Daniel P. Berrangé
2025-04-29 10:16 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 38/55] i386/tdx: Set and check kernel_irqchip mode for TDX Xiaoyao Li
2025-04-02 10:41 ` Daniel P. Berrangé
2025-04-08 5:03 ` Xiaoyao Li
2025-04-29 10:22 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 39/55] i386/tdx: Don't synchronize guest tsc for TDs Xiaoyao Li
2025-04-29 10:18 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 40/55] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() " Xiaoyao Li
2025-04-29 10:20 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 41/55] i386/apic: Skip kvm_apic_put() for TDX Xiaoyao Li
2025-05-04 15:46 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 42/55] cpu: Don't set vcpu_dirty when guest_state_protected Xiaoyao Li
2025-05-04 15:48 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 43/55] i386/cgs: Rename *mask_cpuid_features() to *adjust_cpuid_features() Xiaoyao Li
2025-04-02 12:57 ` Daniel P. Berrangé
2025-05-04 15:49 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 44/55] i386/tdx: Implement adjust_cpuid_features() for TDX Xiaoyao Li
2025-05-04 16:05 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 45/55] i386/tdx: Add TDX fixed1 bits to supported CPUIDs Xiaoyao Li
2025-04-02 12:32 ` Daniel P. Berrangé
2025-05-04 16:38 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 46/55] i386/tdx: Add supported CPUID bits related to TD Attributes Xiaoyao Li
2025-05-06 11:31 ` Zhao Liu
2025-05-08 6:31 ` Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 47/55] i386/tdx: Add supported CPUID bits relates to XFAM Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 48/55] i386/tdx: Add XFD to supported bit of TDX Xiaoyao Li
2025-05-06 11:25 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 49/55] i386/tdx: Define supported KVM features for TDX Xiaoyao Li
2025-05-05 15:09 ` Zhao Liu
2025-04-01 13:02 ` [PATCH v8 50/55] i386/cgs: Introduce x86_confidential_guest_check_features() Xiaoyao Li
2025-05-05 15:11 ` Zhao Liu
2025-04-01 13:02 ` [PATCH v8 51/55] i386/tdx: Fetch and validate CPUID of TD guest Xiaoyao Li
2025-04-01 13:02 ` [PATCH v8 52/55] i386/tdx: Don't treat SYSCALL as unavailable Xiaoyao Li
2025-05-05 15:40 ` Zhao Liu
2025-04-01 13:02 ` [PATCH v8 53/55] i386/tdx: Make invtsc default on Xiaoyao Li
2025-05-05 15:14 ` Zhao Liu
2025-04-01 13:02 ` [PATCH v8 54/55] i386/tdx: Validate phys_bits against host value Xiaoyao Li
2025-04-02 12:37 ` Daniel P. Berrangé
2025-05-05 15:29 ` Zhao Liu
2025-05-08 6:33 ` Xiaoyao Li
2025-04-01 13:02 ` [PATCH v8 55/55] docs: Add TDX documentation Xiaoyao Li
2025-04-02 10:50 ` Daniel P. Berrangé
2025-04-02 11:47 ` Jiří Denemark
2025-04-08 5:15 ` Xiaoyao Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z-0YzauBkAl8pyIP@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=francescolavra.fl@gmail.com \
--cc=mst@redhat.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=rick.p.edgecombe@intel.com \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.