From: Xiaoyao Li <xiaoyao.li@intel.com>
To: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Francesco Lavra" <francescolavra.fl@gmail.com>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
qemu-devel@nongnu.org,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Rick Edgecombe" <rick.p.edgecombe@intel.com>
Subject: Re: [PATCH v8 05/55] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES
Date: Wed, 2 Apr 2025 22:52:38 +0800 [thread overview]
Message-ID: <b1586891-6446-474e-8950-8dbc9ac6e607@intel.com> (raw)
In-Reply-To: <Z-0YzauBkAl8pyIP@redhat.com>
On 4/2/2025 7:00 PM, Daniel P. Berrangé wrote:
> On Tue, Apr 01, 2025 at 09:01:15AM -0400, Xiaoyao Li wrote:
>> KVM provides TDX capabilities via sub command KVM_TDX_CAPABILITIES of
>> IOCTL(KVM_MEMORY_ENCRYPT_OP). Get the capabilities when initializing
>> TDX context. It will be used to validate user's setting later.
>>
>> Since there is no interface reporting how many cpuid configs contains in
>> KVM_TDX_CAPABILITIES, QEMU chooses to try starting with a known number
>> and abort when it exceeds KVM_MAX_CPUID_ENTRIES.
>>
>> Besides, introduce the interfaces to invoke TDX "ioctls" at VCPU scope
>> in preparation.
>>
>> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
>> ---
>> Changes in v7:
>> - refine and unifiy the error handling; (Daniel)
>>
>> Changes in v6:
>> - Pass CPUState * to tdx_vcpu_ioctl();
>> - update commit message to remove platform scope thing;
>> - dump hw_error when it's non-zero to help debug;
>>
>> Changes in v4:
>> - use {} to initialize struct kvm_tdx_cmd, to avoid memset();
>> - remove tdx_platform_ioctl() because no user;
>>
>> Changes in v3:
>> - rename __tdx_ioctl() to tdx_ioctl_internal()
>> - Pass errp in get_tdx_capabilities();
>>
>> changes in v2:
>> - Make the error message more clear;
>>
>> changes in v1:
>> - start from nr_cpuid_configs = 6 for the loop;
>> - stop the loop when nr_cpuid_configs exceeds KVM_MAX_CPUID_ENTRIES;
>> ---
>> target/i386/kvm/kvm.c | 2 -
>> target/i386/kvm/kvm_i386.h | 2 +
>> target/i386/kvm/tdx.c | 107 ++++++++++++++++++++++++++++++++++++-
>> 3 files changed, 108 insertions(+), 3 deletions(-)
>>
>> diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
>> index 1af4710556ad..b4fa35405fe1 100644
>> --- a/target/i386/kvm/kvm.c
>> +++ b/target/i386/kvm/kvm.c
>> @@ -1779,8 +1779,6 @@ static int hyperv_init_vcpu(X86CPU *cpu)
>>
>> static Error *invtsc_mig_blocker;
>>
>> -#define KVM_MAX_CPUID_ENTRIES 100
>> -
>> static void kvm_init_xsave(CPUX86State *env)
>> {
>> if (has_xsave2) {
>> diff --git a/target/i386/kvm/kvm_i386.h b/target/i386/kvm/kvm_i386.h
>> index 88565e8dbac1..ed1e61fb8ba9 100644
>> --- a/target/i386/kvm/kvm_i386.h
>> +++ b/target/i386/kvm/kvm_i386.h
>> @@ -13,6 +13,8 @@
>>
>> #include "system/kvm.h"
>>
>> +#define KVM_MAX_CPUID_ENTRIES 100
>> +
>> /* always false if !CONFIG_KVM */
>> #define kvm_pit_in_kernel() \
>> (kvm_irqchip_in_kernel() && !kvm_irqchip_is_split())
>> diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
>> index 4ff94860815d..c67be5e618e2 100644
>> --- a/target/i386/kvm/tdx.c
>> +++ b/target/i386/kvm/tdx.c
>> @@ -10,17 +10,122 @@
>> */
>>
>> #include "qemu/osdep.h"
>> +#include "qemu/error-report.h"
>> +#include "qapi/error.h"
>> #include "qom/object_interfaces.h"
>>
>> #include "hw/i386/x86.h"
>> #include "kvm_i386.h"
>> #include "tdx.h"
>>
>> +static struct kvm_tdx_capabilities *tdx_caps;
>> +
>> +enum tdx_ioctl_level {
>> + TDX_VM_IOCTL,
>> + TDX_VCPU_IOCTL,
>> +};
>> +
>> +static int tdx_ioctl_internal(enum tdx_ioctl_level level, void *state,
>> + int cmd_id, __u32 flags, void *data,
>> + Error **errp)
>> +{
>> + struct kvm_tdx_cmd tdx_cmd = {};
>> + int r;
>> +
>> + const char *tdx_ioctl_name[] = {
>> + [KVM_TDX_CAPABILITIES] = "KVM_TDX_CAPABILITIES",
>> + [KVM_TDX_INIT_VM] = "KVM_TDX_INIT_VM",
>> + [KVM_TDX_INIT_VCPU] = "KVM_TDX_INIT_VCPU",
>> + [KVM_TDX_INIT_MEM_REGION] = "KVM_TDX_INIT_MEM_REGION",
>> + [KVM_TDX_FINALIZE_VM] = "KVM_TDX_FINALIZE_VM",
>> + [KVM_TDX_GET_CPUID] = "KVM_TDX_GET_CPUID",
>> + };
>> +
>> + tdx_cmd.id = cmd_id;
>> + tdx_cmd.flags = flags;
>> + tdx_cmd.data = (__u64)(unsigned long)data;
>> +
>> + switch (level) {
>> + case TDX_VM_IOCTL:
>> + r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
>> + break;
>> + case TDX_VCPU_IOCTL:
>> + r = kvm_vcpu_ioctl(state, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
>> + break;
>> + default:
>> + error_setg(errp, "Invalid tdx_ioctl_level %d", level);
>> + return -EINVAL;
>> + }
>> +
>> + if (r < 0) {
>> + error_setg_errno(errp, -r, "TDX ioctl %s failed, hw_errors: 0x%llx",
>> + tdx_ioctl_name[cmd_id], tdx_cmd.hw_error);
>> + }
>> + return r;
>> +}
>> +
>> +static inline int tdx_vm_ioctl(int cmd_id, __u32 flags, void *data,
>> + Error **errp)
>> +{
>> + return tdx_ioctl_internal(TDX_VM_IOCTL, NULL, cmd_id, flags, data, errp);
>> +}
>> +
>> +static inline int tdx_vcpu_ioctl(CPUState *cpu, int cmd_id, __u32 flags,
>> + void *data, Error **errp)
>> +{
>> + return tdx_ioctl_internal(TDX_VCPU_IOCTL, cpu, cmd_id, flags, data, errp);
>> +}
>> +
>> +static int get_tdx_capabilities(Error **errp)
>> +{
>> + struct kvm_tdx_capabilities *caps;
>> + /* 1st generation of TDX reports 6 cpuid configs */
>> + int nr_cpuid_configs = 6;
>> + size_t size;
>> + int r;
>> +
>> + do {
>> + Error *local_err = NULL;
>> + size = sizeof(struct kvm_tdx_capabilities) +
>> + nr_cpuid_configs * sizeof(struct kvm_cpuid_entry2);
>> + caps = g_malloc0(size);
>> + caps->cpuid.nent = nr_cpuid_configs;
>> +
>> + r = tdx_vm_ioctl(KVM_TDX_CAPABILITIES, 0, caps, &local_err);
>> + if (r == -E2BIG) {
>> + g_free(caps);
>> + nr_cpuid_configs *= 2;
>> + if (nr_cpuid_configs > KVM_MAX_CPUID_ENTRIES) {
>> + error_report("KVM TDX seems broken that number of CPUID entries"
>> + " in kvm_tdx_capabilities exceeds limit: %d",
>> + KVM_MAX_CPUID_ENTRIES);
>> + error_propagate(errp, local_err);
>> + return r;
>> + }
>> + error_free(local_err);
>
> IIRC, you'll need 'local_err = NULL' here, otherwise next time around
> the loop 'local_err' will be pointing to a free'd error object which
> 'error_setg' will think is still valid & won't overwrite.
it's set to NULL at the beginning of the do loop.
(It looks I need to declare Error *local_err outside the do loop.)
>> + } else if (r < 0) {
>> + g_free(caps);
>> + error_propagate(errp, local_err);
>> + return r;
>> + }
>> + } while (r == -E2BIG);
>> +
>> + tdx_caps = caps;
>> +
>> + return 0;
>> +}
>> +
>
>
> With regards,
> Daniel
next prev parent reply other threads:[~2025-04-02 14:54 UTC|newest]
Thread overview: 161+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-01 13:01 [PATCH for 10.1 v8 00/55] QEMU TDX support Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 01/55] *** HACK *** linux-headers: Update headers to pull in TDX API changes Xiaoyao Li
2025-04-18 9:47 ` Zhao Liu
2025-04-22 1:57 ` Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 02/55] i386: Introduce tdx-guest object Xiaoyao Li
2025-04-02 10:53 ` Daniel P. Berrangé
2025-04-18 9:17 ` Zhao Liu
2025-04-22 2:14 ` Xiaoyao Li
2025-04-22 8:24 ` Daniel P. Berrangé
2025-04-22 14:25 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 03/55] i386/tdx: Implement tdx_kvm_type() for TDX Xiaoyao Li
2025-04-02 10:55 ` Daniel P. Berrangé
2025-04-18 9:23 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 04/55] i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context Xiaoyao Li
2025-04-02 10:57 ` Daniel P. Berrangé
2025-04-18 9:32 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 05/55] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES Xiaoyao Li
2025-04-02 11:00 ` Daniel P. Berrangé
2025-04-02 14:52 ` Xiaoyao Li [this message]
2025-04-02 14:54 ` Daniel P. Berrangé
2025-04-01 13:01 ` [PATCH v8 06/55] i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object Xiaoyao Li
2025-04-18 9:45 ` Zhao Liu
2025-04-22 2:32 ` Xiaoyao Li
2025-04-22 14:20 ` Zhao Liu
2025-04-22 14:27 ` Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 07/55] kvm: Introduce kvm_arch_pre_create_vcpu() Xiaoyao Li
2025-04-02 11:43 ` Daniel P. Berrangé
2025-04-22 14:31 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 08/55] i386/tdx: Initialize TDX before creating TD vcpus Xiaoyao Li
2025-04-02 11:41 ` Daniel P. Berrangé
2025-04-08 2:37 ` Xiaoyao Li
2025-04-22 15:34 ` Zhao Liu
2025-04-23 8:00 ` Xiaoyao Li
2025-04-23 12:18 ` Zhao Liu
2025-04-22 14:54 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 09/55] i386/tdx: Add property sept-ve-disable for tdx-guest object Xiaoyao Li
2025-04-02 11:45 ` Daniel P. Berrangé
2025-04-22 14:56 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 10/55] i386/tdx: Make sept_ve_disable set by default Xiaoyao Li
2025-04-02 11:45 ` Daniel P. Berrangé
2025-04-22 15:00 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 11/55] i386/tdx: Wire CPU features up with attributes of TD guest Xiaoyao Li
2025-04-02 11:46 ` Daniel P. Berrangé
2025-04-22 15:06 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 12/55] i386/tdx: Validate TD attributes Xiaoyao Li
2025-04-02 11:47 ` Daniel P. Berrangé
2025-04-09 2:57 ` Xiaoyao Li
2025-04-22 15:35 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 13/55] i386/tdx: Support user configurable mrconfigid/mrowner/mrownerconfig Xiaoyao Li
2025-04-02 11:51 ` Daniel P. Berrangé
2025-04-08 3:14 ` Xiaoyao Li
2025-04-07 11:59 ` Markus Armbruster
2025-04-22 15:42 ` Zhao Liu
2025-04-23 8:11 ` Xiaoyao Li
2025-04-23 12:31 ` Zhao Liu
2025-04-23 13:08 ` Xiaoyao Li
2025-04-23 13:33 ` Daniel P. Berrangé
2025-04-01 13:01 ` [PATCH v8 14/55] i386/tdx: Set APIC bus rate to match with what TDX module enforces Xiaoyao Li
2025-04-02 11:56 ` Daniel P. Berrangé
2025-04-08 3:14 ` Xiaoyao Li
2025-04-22 15:44 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 15/55] i386/tdx: Implement user specified tsc frequency Xiaoyao Li
2025-04-02 12:00 ` Daniel P. Berrangé
2025-04-23 3:25 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 16/55] i386/tdx: load TDVF for TD guest Xiaoyao Li
2025-04-24 7:52 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 17/55] i386/tdvf: Introduce function to parse TDVF metadata Xiaoyao Li
2025-04-02 12:08 ` Daniel P. Berrangé
2025-04-09 4:11 ` Xiaoyao Li
2025-04-24 8:15 ` Zhao Liu
2025-04-24 8:11 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 18/55] i386/tdx: Parse TDVF metadata for TDX VM Xiaoyao Li
2025-04-02 12:11 ` Daniel P. Berrangé
2025-04-24 8:16 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 19/55] i386/tdx: Don't initialize pc.rom for TDX VMs Xiaoyao Li
2025-04-24 14:52 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 20/55] i386/tdx: Track mem_ptr for each firmware entry of TDVF Xiaoyao Li
2025-04-24 15:09 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 21/55] i386/tdx: Track RAM entries for TDX VM Xiaoyao Li
2025-04-25 4:49 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 22/55] headers: Add definitions from UEFI spec for volumes, resources, etc Xiaoyao Li
2025-04-25 4:51 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 23/55] i386/tdx: Setup the TD HOB list Xiaoyao Li
2025-04-25 7:05 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 24/55] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION Xiaoyao Li
2025-04-25 8:07 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 25/55] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu Xiaoyao Li
2025-04-25 8:12 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 26/55] i386/tdx: Finalize TDX VM Xiaoyao Li
2025-04-27 9:07 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 27/55] i386/tdx: Enable user exit on KVM_HC_MAP_GPA_RANGE Xiaoyao Li
2025-04-27 9:07 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 28/55] i386/tdx: Handle KVM_SYSTEM_EVENT_TDX_FATAL Xiaoyao Li
2025-04-28 15:00 ` Zhao Liu
2025-05-08 6:07 ` Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 29/55] i386/tdx: Wire TDX_REPORT_FATAL_ERROR with GuestPanic facility Xiaoyao Li
2025-04-28 15:23 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 30/55] kvm: Check KVM_CAP_MAX_VCPUS at vm level Xiaoyao Li
2025-04-28 15:54 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 31/55] i386/cpu: introduce x86_confidential_guest_cpu_instance_init() Xiaoyao Li
2025-04-24 5:51 ` Xiaoyao Li
2025-04-29 10:06 ` Zhao Liu
2025-05-07 1:42 ` Xiaoyao Li
2025-04-29 6:35 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 32/55] i386/tdx: implement tdx_cpu_instance_init() Xiaoyao Li
2025-04-29 6:42 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 33/55] i386/cpu: Introduce enable_cpuid_0x1f to force exposing CPUID 0x1f Xiaoyao Li
2025-04-29 10:10 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 34/55] i386/tdx: Force " Xiaoyao Li
2025-04-29 10:10 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 35/55] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM Xiaoyao Li
2025-04-29 10:12 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 36/55] i386/tdx: Disable SMM for TDX VMs Xiaoyao Li
2025-04-02 12:25 ` Daniel P. Berrangé
2025-04-29 10:15 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 37/55] i386/tdx: Disable PIC " Xiaoyao Li
2025-04-02 12:27 ` Daniel P. Berrangé
2025-04-29 10:16 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 38/55] i386/tdx: Set and check kernel_irqchip mode for TDX Xiaoyao Li
2025-04-02 10:41 ` Daniel P. Berrangé
2025-04-08 5:03 ` Xiaoyao Li
2025-04-29 10:22 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 39/55] i386/tdx: Don't synchronize guest tsc for TDs Xiaoyao Li
2025-04-29 10:18 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 40/55] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() " Xiaoyao Li
2025-04-29 10:20 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 41/55] i386/apic: Skip kvm_apic_put() for TDX Xiaoyao Li
2025-05-04 15:46 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 42/55] cpu: Don't set vcpu_dirty when guest_state_protected Xiaoyao Li
2025-05-04 15:48 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 43/55] i386/cgs: Rename *mask_cpuid_features() to *adjust_cpuid_features() Xiaoyao Li
2025-04-02 12:57 ` Daniel P. Berrangé
2025-05-04 15:49 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 44/55] i386/tdx: Implement adjust_cpuid_features() for TDX Xiaoyao Li
2025-05-04 16:05 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 45/55] i386/tdx: Add TDX fixed1 bits to supported CPUIDs Xiaoyao Li
2025-04-02 12:32 ` Daniel P. Berrangé
2025-05-04 16:38 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 46/55] i386/tdx: Add supported CPUID bits related to TD Attributes Xiaoyao Li
2025-05-06 11:31 ` Zhao Liu
2025-05-08 6:31 ` Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 47/55] i386/tdx: Add supported CPUID bits relates to XFAM Xiaoyao Li
2025-04-01 13:01 ` [PATCH v8 48/55] i386/tdx: Add XFD to supported bit of TDX Xiaoyao Li
2025-05-06 11:25 ` Zhao Liu
2025-04-01 13:01 ` [PATCH v8 49/55] i386/tdx: Define supported KVM features for TDX Xiaoyao Li
2025-05-05 15:09 ` Zhao Liu
2025-04-01 13:02 ` [PATCH v8 50/55] i386/cgs: Introduce x86_confidential_guest_check_features() Xiaoyao Li
2025-05-05 15:11 ` Zhao Liu
2025-04-01 13:02 ` [PATCH v8 51/55] i386/tdx: Fetch and validate CPUID of TD guest Xiaoyao Li
2025-04-01 13:02 ` [PATCH v8 52/55] i386/tdx: Don't treat SYSCALL as unavailable Xiaoyao Li
2025-05-05 15:40 ` Zhao Liu
2025-04-01 13:02 ` [PATCH v8 53/55] i386/tdx: Make invtsc default on Xiaoyao Li
2025-05-05 15:14 ` Zhao Liu
2025-04-01 13:02 ` [PATCH v8 54/55] i386/tdx: Validate phys_bits against host value Xiaoyao Li
2025-04-02 12:37 ` Daniel P. Berrangé
2025-05-05 15:29 ` Zhao Liu
2025-05-08 6:33 ` Xiaoyao Li
2025-04-01 13:02 ` [PATCH v8 55/55] docs: Add TDX documentation Xiaoyao Li
2025-04-02 10:50 ` Daniel P. Berrangé
2025-04-02 11:47 ` Jiří Denemark
2025-04-08 5:15 ` Xiaoyao Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b1586891-6446-474e-8950-8dbc9ac6e607@intel.com \
--to=xiaoyao.li@intel.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=francescolavra.fl@gmail.com \
--cc=mst@redhat.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=rick.p.edgecombe@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).