-
Notifications
You must be signed in to change notification settings - Fork 82
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for Intel Trust Domain Extensions (TDX) #228
Draft
jakecorrenti
wants to merge
36
commits into
containers:main
Choose a base branch
from
jakecorrenti:intel-tdx
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes some of the existing feature flags for `tee` and `amd-sev` to be more generic. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Adjust the Makefile to use a TDX environment variable. Fix the launch-tee.c test source code so that it compiles. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Add a TDX target for the Makefile. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Adds the VirTEE TDX crate and also updates the versions of the kvm-ioctls and the kvm-bindings crates since they require newer features for the TDX crate to work. Adds the "intel-tdx" feature flag. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
In `memory_init` we need to use `kvm_userspace_memory_region2`, `kvm_create_guest_memfd`, and `kvm_memory_attributes` for the TDX architecture, otherwise it will fail. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Adds a new `inteltdx` module and implements a feature-flagged `new` method for `VM to create a VM with the TDX architecure. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Implements the `tdx_secure_virt_prepare` method which in turn calls the `KVM_TDX_INIT_VM` TDX ioctl which does VM specific initialization. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
After creating each x86_64 vCPU, call `KVM_TDX_INIT_VCPU` which does TDX-specific vCPU initialization. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Adds definitions from UEFI spec for volumes, resources, etc. and adds related types. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Adds the `TdxRamType` and `TdxRamEntry` structs. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Adds the `TdxFirmwareEntry` struct. Adds the`TdxHob` struct and `TdxHob::new(&TdxFirmwareEntry)` associative function. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Adds the `IntelTdx` method `init_ram_entries` which converts a list of e820 ram entries into TDX ram entries. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Adds API to the `inteltdx` module to create a TD Hand-off-block which will be used by libkrun to communicate with the TD Virtual Firmware. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Adds the `configure_td_memory` method to `IntelTdx` which does the following: - Initialize the TDX Ram entries - Copies the Bfv and Cfv TDVF sections into guest memory - Calls `tdx_accept_ram_range` on the TdHob and TempMem TDVF sections - Creates the TD Hob - Calls `KVM_TDX_INIT_MEM_REGION` for each TDVF section Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Wires together the code to configure the TD memory regions. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Call `KVM_TDX_FINALIZE_VM` which finalizes the initial measurements for the TD. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
For TDX we don't want to use the `KVM_CREATE_IRQCHIP` but rather enable the `KVM_SPLIT_IRQCHIP` capability (which the TDX library does). Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
TDX doesn't allow the VMM to configure the registers since they're confidential. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
TDX doesn't use a "standard" BIOS layout when compared to a typical x86_64 system because it uses TDVF as its BIOS. Makes sure we have the right regions mapped to the guest so we can copy the firmware into those addresses later on. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Ensures that rustc links with the libkrunfw-tdx flavor when the intel-tdx feature flag is enabled. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
…r seems to work as expected... Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
…written section at the reset vector Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
…eed to try and re-write it closer to QEMU implementation Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
…ng it into memory Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
This should determine the size of the TDVF image, determine where in the guest offset from the top of the memory region it should land, and then in `load_payload` it should read the contents of the firmware file into guest memory at the right location. This *should* line up with the commit from v5 of the QEMU patches called "load TDVF for TD guest" Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
We need to keep track of the e820 ram regions for TDX for future configuration of the TD HOB. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
This will be where all of the TDVF configuration is done. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Keep track of the host address for all the TDVF sections Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
A TDX VM's RAM can be classified into two types: - TDX_RAM_UNACCEPTED: default type of TDX memory, which needs to be accepted by the TDX guest before it can be used and will be all-zeroes after being accepted. - TDX_RAM_ADDED: the RAM that is ADD'ed to TD guest before running, and can be used directly e.g., TD HOB and TEMP MEM that are needed by TDVF. Maintain a collection of TdxRamEntries which uses the intial ram entries from the e820 table and mark each RAM range as the default TDX_RAM_UNACCEPTED type. Turn the range of TD HOB and TEMP MEM to TDX_RAM_ADDED since those ranges will be ADD'ed before the TD runs and no need to be accepted at runtime. The collection of TdxRamEntries are later used to setup the memory TD resource HOB that passes memory info from libkrun to the TDVF. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Have debug output from edk2 redirected to stdout. In edk2, TDX assumes that PCI is present. Libkrun doesn't use PCI or ACPI. We either need to add it or change edk2 accordingly. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Feeding libkrun TDVF as the firmware results in a failed assertion in edk2 because libkrun doesnt' support PCI or ACPI, which are both required for edk2 to work properly. Therefore, we should try to use qboot instead. Currently, qboot is starting the VM boot process, but it will triple fault once control gets given to the vCPU. I theorize this is because there isn't anything in the hypervisor or the firmware that knows how to deal with a #VE (Virtualization Exception). Therefore, the exception can't get handled and causes a double, then triple, fault. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds support for the Intel Trust Domain Extensions (TDX) Confidential Computing architecture.
This is currently a draft as the following issues are present:
Before merging there are some commits that will be squashed and/or re-ordered.
There is also additional functionality that I would like to add such as:
KVM_TDX_CAPABILITIES
KVM_TDX_CAPABILITIES
Any early reviews are welcome.