[PATCH v2 15/17] xen: tools: add new 'sgx' parameter support

[Boqun Feng <boqun.feng@intel.com>]

From: Kai Huang <kai.huang@linux.intel.com>

In order to be able to configure domain's SGX related attributes(EPC
size, Launch Enclave hash key, etc.), a new parameter 'sgx' is added to
XL configuration file, the parameter should be in the following format:

	sgx = 'epc=<size in MB>,lehash=<..>,lewr=<0|1>'

, in which 'lehash=<..>' and 'lewr=<0|1>' are optional.

A new 'libxl_sgx_buildinfo', which contains EPC base and size, and
Launch Enclave hash key and its writable permission, is also
added to libxl_domain_buind_info. EPC base and size are also added to
'xc_dom_image' in order to add EPC to e820 table. EPC base is calculated
internally.

Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
Signed-off-by: Boqun Feng <boqun.feng@intel.com>
---
 tools/libxc/include/xc_dom.h |  4 +++
 tools/libxl/libxl_create.c   | 10 ++++++
 tools/libxl/libxl_dom.c      | 30 +++++++++++++++++
 tools/libxl/libxl_internal.h |  2 ++
 tools/libxl/libxl_types.idl  | 11 +++++++
 tools/libxl/libxl_x86.c      | 12 +++++++
 tools/xl/xl_parse.c          | 76 ++++++++++++++++++++++++++++++++++++++++++++
 tools/xl/xl_parse.h          |  1 +
 8 files changed, 146 insertions(+)

diff --git a/tools/libxc/include/xc_dom.h b/tools/libxc/include/xc_dom.h
index cdcdd07d2bc2..8440532d0e9d 100644
--- a/tools/libxc/include/xc_dom.h
+++ b/tools/libxc/include/xc_dom.h
@@ -203,6 +203,10 @@ struct xc_dom_image {
     xen_paddr_t lowmem_end;
     xen_paddr_t highmem_end;
     xen_pfn_t vga_hole_size;
+#if defined(__i386__) || defined(__x86_64__)
+    xen_paddr_t epc_base;
+    xen_paddr_t epc_size;
+#endif
 
     /* If unset disables the setup of the IOREQ pages. */
     bool device_model;
diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c
index f15fb215c24b..6a5863cd9637 100644
--- a/tools/libxl/libxl_create.c
+++ b/tools/libxl/libxl_create.c
@@ -59,6 +59,14 @@ void libxl__rdm_setdefault(libxl__gc *gc, libxl_domain_build_info *b_info)
                             LIBXL_RDM_MEM_BOUNDARY_MEMKB_DEFAULT;
 }
 
+void libxl__sgx_setdefault(libxl__gc *gc, libxl_domain_build_info *b_info)
+{
+    if (b_info->u.hvm.sgx.epckb == LIBXL_MEMKB_DEFAULT)
+        b_info->u.hvm.sgx.epckb = 0;
+    b_info->u.hvm.sgx.epcbase = 0;
+    libxl_defbool_setdefault(&b_info->u.hvm.sgx.lewr, false);
+}
+
 int libxl__domain_build_info_setdefault(libxl__gc *gc,
                                         libxl_domain_build_info *b_info)
 {
@@ -359,6 +367,8 @@ int libxl__domain_build_info_setdefault(libxl__gc *gc,
         libxl_defbool_setdefault(&b_info->u.hvm.gfx_passthru, false);
 
         libxl__rdm_setdefault(gc, b_info);
+
+        libxl__sgx_setdefault(gc, b_info);
         break;
     case LIBXL_DOMAIN_TYPE_PV:
         libxl_defbool_setdefault(&b_info->u.pv.e820_host, false);
diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c
index ef834e652d65..bbdba7e6e292 100644
--- a/tools/libxl/libxl_dom.c
+++ b/tools/libxl/libxl_dom.c
@@ -1213,6 +1213,36 @@ int libxl__build_hvm(libxl__gc *gc, uint32_t domid,
         highmem_end = (1ull << 32) + (lowmem_end - mmio_start);
         lowmem_end = mmio_start;
     }
+#if defined(__i386__) || defined(__x86_64__)
+    if (info->u.hvm.sgx.epckb) {
+        /*
+         * FIXME:
+         *
+         * Currently EPC base is put at highmem_end + 8G, which should be
+         * safe in most cases.
+         *
+         * I am not quite sure which is the best way to calcualte EPC base.
+         * IMO we can either:
+         * 1) put EPC between lowmem_end to mmio_start, but this brings
+         * additional logic to handle, ex, lowmem_end may become too small
+         * if EPC is large (shall we limit domain's EPC size?), and hvmloader
+         * will try to enlarge MMIO space until lowmem_end, or even relocate
+         * lowmem -- all those make things complicated, so probably put EPC
+         * in hole between lowmem_end to mmio_start is not good.
+         * 2) put EPC after highmem_end, but hvmloader may also relocate MMIO
+         * resource to the place after highmem_end. Maybe the ideal way is to
+         * put EPC right after highmem_end, and change hvmloader to detect
+         * EPC, and put high MMIO resource after EPC. I've done this but I
+         * found a strange bug that EPT mapping of EPC will be (at least part
+         * of the mappings) will be removed by whom I still cannot find.
+         * Currently EPC base is put at highmem_end + 8G, and hvmloader code
+         * is not changed to handle EPC, but this should be safe for most cases.
+         */
+        info->u.hvm.sgx.epcbase = highmem_end + (2ULL << 32);
+    }
+    dom->epc_size = (info->u.hvm.sgx.epckb << 10);
+    dom->epc_base = info->u.hvm.sgx.epcbase;
+#endif
     dom->lowmem_end = lowmem_end;
     dom->highmem_end = highmem_end;
     dom->mmio_start = mmio_start;
diff --git a/tools/libxl/libxl_internal.h b/tools/libxl/libxl_internal.h
index bfa95d861901..ec3522f1b0e0 100644
--- a/tools/libxl/libxl_internal.h
+++ b/tools/libxl/libxl_internal.h
@@ -1253,6 +1253,8 @@ _hidden int libxl__domain_build_info_setdefault(libxl__gc *gc,
                                         libxl_domain_build_info *b_info);
 _hidden void libxl__rdm_setdefault(libxl__gc *gc,
                                    libxl_domain_build_info *b_info);
+_hidden void libxl__sgx_setdefault(libxl__gc *gc,
+                                   libxl_domain_build_info *b_info);
 
 _hidden const char *libxl__device_nic_devname(libxl__gc *gc,
                                               uint32_t domid,
diff --git a/tools/libxl/libxl_types.idl b/tools/libxl/libxl_types.idl
index a23932434163..762de807c7ed 100644
--- a/tools/libxl/libxl_types.idl
+++ b/tools/libxl/libxl_types.idl
@@ -457,6 +457,16 @@ libxl_altp2m_mode = Enumeration("altp2m_mode", [
     (3, "limited"),
     ], init_val = "LIBXL_ALTP2M_MODE_DISABLED")
 
+libxl_sgx_buildinfo = Struct("sgx_buildinfo", [
+    ("epcbase", uint64), # EPC base address
+    ("epckb", MemKB), # EPC size in KB
+    ("lehash0", uint64), # Default SGXPUBKEYHASH
+    ("lehash1", uint64), # Default SGXPUBKEYHASH
+    ("lehash2", uint64), # Default SGXPUBKEYHASH
+    ("lehash3", uint64), # Default SGXPUBKEYHASH
+    ("lewr", libxl_defbool), # SGXPUBKEYHASH writable or not
+    ], dir=DIR_IN)
+
 libxl_domain_build_info = Struct("domain_build_info",[
     ("max_vcpus",       integer),
     ("avail_vcpus",     libxl_bitmap),
@@ -581,6 +591,7 @@ libxl_domain_build_info = Struct("domain_build_info",[
                                        ("rdm", libxl_rdm_reserve),
                                        ("rdm_mem_boundary_memkb", MemKB),
                                        ("mca_caps",         uint64),
+                                       ("sgx", libxl_sgx_buildinfo),
                                        ])),
                  ("pv", Struct(None, [("kernel", string),
                                       ("slack_memkb", MemKB),
diff --git a/tools/libxl/libxl_x86.c b/tools/libxl/libxl_x86.c
index 5f91fe4f92d8..01bd2f8eeef0 100644
--- a/tools/libxl/libxl_x86.c
+++ b/tools/libxl/libxl_x86.c
@@ -539,6 +539,9 @@ int libxl__arch_domain_construct_memmap(libxl__gc *gc,
         if (dom->acpi_modules[i].length)
             e820_entries++;
 
+    if ( dom->epc_base && dom->epc_size )
+        e820_entries++;
+
     if (e820_entries >= E820MAX) {
         LOGD(ERROR, domid, "Ooops! Too many entries in the memory map!");
         rc = ERROR_INVAL;
@@ -579,6 +582,15 @@ int libxl__arch_domain_construct_memmap(libxl__gc *gc,
         e820[nr].addr = ((uint64_t)1 << 32);
         e820[nr].size = highmem_size;
         e820[nr].type = E820_RAM;
+        nr++;
+    }
+
+    /* EPC */
+    if (dom->epc_base && dom->epc_size) {
+        e820[nr].addr = dom->epc_base;
+        e820[nr].size = dom->epc_size;
+        e820[nr].type = E820_RESERVED;
+        nr++;
     }
 
     if (xc_domain_set_memory_map(CTX->xch, domid, e820, e820_entries) != 0) {
diff --git a/tools/xl/xl_parse.c b/tools/xl/xl_parse.c
index 9a692d5ae644..e96612bc71f3 100644
--- a/tools/xl/xl_parse.c
+++ b/tools/xl/xl_parse.c
@@ -804,6 +804,60 @@ int parse_usbdev_config(libxl_device_usbdev *usbdev, char *token)
     return 0;
 }
 
+static uint64_t swap_uint64(uint64_t u)
+{
+    u = ((u << 8) & 0xFF00FF00FF00FF00ULL) | ((u >> 8) & 0x00FF00FF00FF00FFULL);
+    u = ((u << 16) & 0xFFFF0000FFFF0000ULL) | ((u >> 16) & 0x0000FFFF0000FFFFULL);
+    return (u << 32) | (u >> 32);
+}
+
+int parse_sgx_config(libxl_sgx_buildinfo *sgx, char *token)
+{
+    char *oparg;
+    long l;
+
+    if (MATCH_OPTION("epc", token, oparg)) {
+        l = strtol(oparg, NULL, 0);
+
+        /* Get EPC size. EPC base is calculated by toolstack later. */
+        if (l >= 0) {
+            sgx->epckb = l * 1024;
+        }
+    } else if (MATCH_OPTION("lehash", token, oparg)) {
+        if (strlen(oparg) != 64) { /* not 256bit hash */
+            fprintf(stderr, "'lehash=<...>' requires 256bit SHA256 hash\n");
+            return 1;
+        }
+
+        char buf[17];
+
+        memset(buf, 0, 17);
+
+        memcpy(buf, oparg, 16);
+        oparg += 16;
+        sgx->lehash0 = swap_uint64(strtoull(buf, NULL, 16));
+
+        memcpy(buf, oparg, 16);
+        oparg += 16;
+        sgx->lehash1 = swap_uint64(strtoull(buf, NULL, 16));
+
+        memcpy(buf, oparg, 16);
+        oparg += 16;
+        sgx->lehash2 = swap_uint64(strtoull(buf, NULL, 16));
+
+        memcpy(buf, oparg, 16);
+        oparg += 16;
+        sgx->lehash3 = swap_uint64(strtoull(buf, NULL, 16));
+    } else if (MATCH_OPTION("lewr", token, oparg)) {
+        libxl_defbool_set(&sgx->lewr, !!strtoul(oparg, NULL, 0));
+    } else {
+        fprintf(stderr, "Unknown string `%s' in sgx config\n", token);
+        return 1;
+    }
+
+    return 0;
+}
+
 int parse_vdispl_config(libxl_device_vdispl *vdispl, char *token)
 {
     char *oparg;
@@ -1323,6 +1377,28 @@ void parse_config_data(const char *config_source,
         if (!xlu_cfg_get_long (config, "rdm_mem_boundary", &l, 0))
             b_info->u.hvm.rdm_mem_boundary_memkb = l * 1024;
 
+        if (!xlu_cfg_get_string(config, "sgx", &buf, 0)) {
+            char *buf2 = strdup(buf);
+            char *p;
+
+            b_info->u.hvm.sgx.lehash0 = 0;
+            b_info->u.hvm.sgx.lehash1 = 0;
+            b_info->u.hvm.sgx.lehash2 = 0;
+            b_info->u.hvm.sgx.lehash3 = 0;
+
+            p = strtok(buf2, ",");
+            if (!p)
+                goto skip_sgx;
+            do {
+                while (*p == ' ')
+                    p++;
+                if (parse_sgx_config(&b_info->u.hvm.sgx, p))
+                    exit(1);
+            } while ((p = strtok(NULL, ",")) != NULL);
+skip_sgx:
+            free(buf2);
+        }
+
         switch (xlu_cfg_get_list(config, "mca_caps",
                                  &mca_caps, &num_mca_caps, 1))
         {
diff --git a/tools/xl/xl_parse.h b/tools/xl/xl_parse.h
index cc459fb43f4a..14eb69b8e6aa 100644
--- a/tools/xl/xl_parse.h
+++ b/tools/xl/xl_parse.h
@@ -31,6 +31,7 @@ void parse_disk_config_multistring(XLU_Config **config,
                                    libxl_device_disk *disk);
 int parse_usbctrl_config(libxl_device_usbctrl *usbctrl, char *token);
 int parse_usbdev_config(libxl_device_usbdev *usbdev, char *token);
+int parse_sgx_config(libxl_sgx_buildinfo *sgx, char *token);
 int parse_cpurange(const char *cpu, libxl_bitmap *cpumap);
 int parse_nic_config(libxl_device_nic *nic, XLU_Config **config, char *token);
 int parse_vdispl_config(libxl_device_vdispl *vdispl, char *token);
-- 
2.15.0


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel