2021-11-16 18:24:11 +01:00
|
|
|
# Intel TDX
|
|
|
|
|
|
|
|
Intel® Trust Domain Extensions (Intel® TDX) is an Intel technology designed to
|
|
|
|
isolate virtual machines from the VMM, hypervisor and any other software on the
|
2023-02-03 09:42:17 -08:00
|
|
|
host platform. Here are some useful links:
|
2021-11-16 18:24:11 +01:00
|
|
|
|
2023-02-03 09:42:17 -08:00
|
|
|
* [TDX Homepage](https://www.intel.com/content/www/us/en/developer/articles/technical/intel-trust-domain-extensions.html):
|
|
|
|
more information about TDX technical aspects, design and specification
|
2021-11-16 18:24:11 +01:00
|
|
|
|
2023-02-03 09:42:17 -08:00
|
|
|
* [KVM TDX tree](https://github.com/intel/tdx/tree/kvm): the required
|
|
|
|
Linux kernel changes for the host side
|
2021-11-16 18:24:11 +01:00
|
|
|
|
2023-02-03 09:42:17 -08:00
|
|
|
* [Guest TDX tree](https://github.com/intel/tdx/tree/guest): the Linux
|
|
|
|
kernel changes for the guest side
|
2021-11-16 18:24:11 +01:00
|
|
|
|
2023-02-03 09:42:17 -08:00
|
|
|
* [EDK2 project](https://github.com/tianocore/edk2): the TDVF firmware
|
|
|
|
|
|
|
|
* [Confidential Containers project](https://github.com/confidential-containers/td-shim):
|
|
|
|
the TDShim firmware
|
|
|
|
|
|
|
|
* [TDX Tools](https://github.com/intel/tdx-tools): a collection of tools
|
|
|
|
and scripts to setup TDX environment for testing purpose (such as
|
|
|
|
installing required packages on the host, creating guest images, and
|
|
|
|
building the custom Linux kernel for TDX host and guest)
|
2022-02-09 11:43:29 +01:00
|
|
|
|
2021-11-16 18:24:11 +01:00
|
|
|
## Cloud Hypervisor support
|
|
|
|
|
2023-02-03 09:42:17 -08:00
|
|
|
It is required to use a machine with TDX enabled in hardware and
|
2021-11-16 18:24:11 +01:00
|
|
|
with the host OS compiled from the [KVM TDX tree](https://github.com/intel/tdx/tree/kvm).
|
2023-02-03 09:42:17 -08:00
|
|
|
The host environment can also be setup with the [TDX Tools](https://github.com/intel/tdx-tools).
|
2021-11-16 18:24:11 +01:00
|
|
|
|
2023-02-03 09:42:17 -08:00
|
|
|
Cloud Hypervisor can run TDX VM (Trust Domain) by loading a TD firmware ([TDVF](https://github.com/tianocore/edk2)),
|
2021-11-16 18:24:11 +01:00
|
|
|
which will then load the guest kernel from the image. The image must be custom
|
|
|
|
as it must include a kernel built from the [Guest TDX tree](https://github.com/intel/tdx/tree/guest).
|
2023-02-03 09:42:17 -08:00
|
|
|
Cloud Hypervisor can also boot a TDX VM with direct kernel boot using [TDshim](https://github.com/confidential-containers/td-shim).
|
|
|
|
The custom Linux kernel for the guest can be built with the [TDX Tools](https://github.com/intel/tdx-tools).
|
|
|
|
|
|
|
|
> **Note**
|
|
|
|
> The latest version of custom host and guest kernel being tested is
|
|
|
|
> from [TDX Tools - 2023ww01](https://github.com/intel/tdx-tools/commits/2023ww01).
|
2022-02-09 11:43:29 +01:00
|
|
|
|
|
|
|
### TDVF
|
|
|
|
|
2023-02-03 09:42:17 -08:00
|
|
|
> **Note**
|
|
|
|
> The latest version of TDVF being tested is [_13b9773_](https://github.com/tianocore/edk2/commit/13b97736c876919b9786055829caaa4fa46984b7).
|
|
|
|
|
2021-11-16 18:24:11 +01:00
|
|
|
The firmware can be built as follows:
|
|
|
|
|
|
|
|
```bash
|
2023-09-11 16:58:13 +03:00
|
|
|
sudo apt-get update
|
|
|
|
sudo apt-get install uuid-dev nasm iasl build-essential python3-distutils git
|
|
|
|
|
2023-01-20 10:21:47 -08:00
|
|
|
git clone https://github.com/tianocore/edk2.git
|
|
|
|
cd edk2
|
2023-02-03 09:42:17 -08:00
|
|
|
git checkout 13b97736c876919b9786055829caaa4fa46984b7
|
2023-09-11 16:52:04 +03:00
|
|
|
source ./edksetup.sh
|
2021-11-16 18:24:11 +01:00
|
|
|
git submodule update --init --recursive
|
2023-09-11 14:48:54 +03:00
|
|
|
make -C BaseTools -j `nproc`
|
2023-01-20 10:21:47 -08:00
|
|
|
build -p OvmfPkg/IntelTdx/IntelTdxX64.dsc -a X64 -t GCC5 -b RELEASE
|
2021-11-16 18:24:11 +01:00
|
|
|
```
|
|
|
|
|
|
|
|
If debug logs are needed, here is the alternative command:
|
|
|
|
|
|
|
|
```bash
|
2023-01-20 10:21:47 -08:00
|
|
|
build -p OvmfPkg/IntelTdx/IntelTdxX64.dsc -a X64 -t GCC5 -D DEBUG_ON_SERIAL_PORT=TRUE
|
2021-11-16 18:24:11 +01:00
|
|
|
```
|
|
|
|
|
|
|
|
On the Cloud Hypervisor side, all you need is to build the project with the
|
|
|
|
`tdx` feature enabled:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
cargo build --features tdx
|
|
|
|
```
|
|
|
|
|
|
|
|
And run a TDX VM by providing the firmware previously built, along with the
|
2022-04-01 18:15:09 +02:00
|
|
|
guest image containing the TDX enlightened kernel. The latest image
|
|
|
|
`td-guest-rhel8.5.raw` contains `console=hvc0` on the kernel boot parameters,
|
|
|
|
meaning it will be printing guest kernel logs to the `virtio-console` device.
|
2021-11-16 18:24:11 +01:00
|
|
|
|
|
|
|
```bash
|
|
|
|
./cloud-hypervisor \
|
2022-09-02 17:19:32 +02:00
|
|
|
--platform tdx=on
|
2023-01-20 10:21:47 -08:00
|
|
|
--firmware edk2/Build/IntelTdx/RELEASE_GCC5/FV/OVMF.fd \
|
2021-11-16 18:24:11 +01:00
|
|
|
--cpus boot=1 \
|
|
|
|
--memory size=1G \
|
|
|
|
--disk path=tdx_guest_img
|
|
|
|
```
|
|
|
|
|
2022-04-01 18:15:09 +02:00
|
|
|
And here is the alternative command when looking for debug logs from the
|
|
|
|
firmware:
|
2021-11-16 18:24:11 +01:00
|
|
|
|
|
|
|
```bash
|
|
|
|
./cloud-hypervisor \
|
2022-09-02 17:19:32 +02:00
|
|
|
--platform tdx=on
|
2023-01-20 10:21:47 -08:00
|
|
|
--firmware edk2/Build/IntelTdx/DEBUG_GCC5/FV/OVMF.fd \
|
2021-11-16 18:24:11 +01:00
|
|
|
--cpus boot=1 \
|
|
|
|
--memory size=1G \
|
|
|
|
--disk path=tdx_guest_img \
|
2022-04-01 18:15:09 +02:00
|
|
|
--serial file=/tmp/ch_serial \
|
|
|
|
--console tty
|
2021-11-16 18:24:11 +01:00
|
|
|
```
|
2022-02-09 11:43:29 +01:00
|
|
|
|
|
|
|
### TDShim
|
|
|
|
|
2023-02-03 09:42:17 -08:00
|
|
|
> **Note**
|
2024-01-04 15:33:01 +00:00
|
|
|
> The latest version of TDShim being tested is [_v0.8.0_](https://github.com/confidential-containers/td-shim/releases/tag/v0.8.0).
|
2023-02-03 09:42:17 -08:00
|
|
|
|
2022-02-09 11:43:29 +01:00
|
|
|
This is a lightweight version of the TDVF, written in Rust and designed for
|
|
|
|
direct kernel boot, which is useful for containers use cases.
|
|
|
|
|
2023-02-03 09:42:17 -08:00
|
|
|
To build TDShim from source, it is required to install `Rust`, `NASM`,
|
|
|
|
and `LLVM` first. The TDshim can be build as follows:
|
|
|
|
```bash
|
|
|
|
git clone https://github.com/confidential-containers/td-shim
|
|
|
|
cd td-shim
|
2024-01-04 15:33:01 +00:00
|
|
|
git checkout v0.8.0
|
2023-02-03 09:42:17 -08:00
|
|
|
cargo install cargo-xbuild
|
|
|
|
export CC=clang
|
|
|
|
export AR=llvm-ar
|
|
|
|
export CC_x86_64_unknown_none=clang
|
|
|
|
export AR_x86_64_unknown_none=llvm-ar
|
|
|
|
git submodule update --init --recursive
|
|
|
|
./sh_script/preparation.sh
|
2024-01-04 15:33:01 +00:00
|
|
|
cargo image --release
|
2023-02-03 09:42:17 -08:00
|
|
|
```
|
|
|
|
|
|
|
|
If debug logs from the TDShim is needed, here are the alternative
|
|
|
|
commands:
|
|
|
|
```bash
|
2024-01-04 15:33:01 +00:00
|
|
|
cargo image
|
2023-02-03 09:42:17 -08:00
|
|
|
```
|
2022-02-09 11:43:29 +01:00
|
|
|
|
|
|
|
And run a TDX VM by providing the firmware previously built, along with a guest
|
2023-02-03 09:42:17 -08:00
|
|
|
kernel built from the [Guest TDX tree](https://github.com/intel/tdx/tree/guest)
|
|
|
|
or the [TDX Tools](https://github.com/intel/tdx-tools).
|
2022-02-09 11:43:29 +01:00
|
|
|
The appropriate kernel boot options must be provided through the `--cmdline`
|
|
|
|
option as well.
|
|
|
|
|
|
|
|
```bash
|
|
|
|
./cloud-hypervisor \
|
2022-09-02 17:19:32 +02:00
|
|
|
--platform tdx=on
|
2023-02-03 09:42:17 -08:00
|
|
|
--firmware td-shim/target/release/final.bin \
|
|
|
|
--kernel bzImage \
|
|
|
|
--cmdline "root=/dev/vda3 console=hvc0 rw"
|
|
|
|
--cpus boot=1 \
|
|
|
|
--memory size=1G \
|
|
|
|
--disk path=tdx_guest_img
|
|
|
|
```
|
|
|
|
|
|
|
|
And here is the alternative command when looking for debug logs from the
|
|
|
|
TDShim:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
./cloud-hypervisor \
|
|
|
|
--platform tdx=on
|
|
|
|
--firmware td-shim/target/debug/final.bin \
|
2022-02-09 11:43:29 +01:00
|
|
|
--kernel bzImage \
|
2022-04-01 18:15:09 +02:00
|
|
|
--cmdline "root=/dev/vda3 console=hvc0 rw"
|
2022-02-09 11:43:29 +01:00
|
|
|
--cpus boot=1 \
|
|
|
|
--memory size=1G \
|
|
|
|
--disk path=tdx_guest_img
|
2022-04-01 18:15:09 +02:00
|
|
|
```
|
|
|
|
|
2022-07-26 16:56:14 +02:00
|
|
|
### Guest kernel limitations
|
|
|
|
|
|
|
|
#### Serial ports disabled
|
2022-04-01 18:15:09 +02:00
|
|
|
|
|
|
|
The latest guest kernel that can be found in the latest image
|
|
|
|
`td-guest-rhel8.5.raw` disabled the support for serial ports. This means adding
|
2022-07-26 16:56:14 +02:00
|
|
|
`console=ttyS0` will have no effect and will not print any log from the guest.
|
|
|
|
|
|
|
|
#### PCI hotplug through ACPI
|
|
|
|
|
|
|
|
Unless you run the guest kernel with the parameter `tdx_disable_filter`, ACPI
|
|
|
|
devices responsible for handling PCI hotplug (PCI hotplug controller, PCI
|
|
|
|
Express Bus and Generic Event Device) will not be allowed, therefore the
|
|
|
|
corresponding drivers will not be loaded and the PCI hotplug feature will not
|
|
|
|
be supported.
|