mirror of
https://github.com/cloud-hypervisor/cloud-hypervisor.git
synced 2024-10-01 02:55:45 +00:00
sgx: Add mandatory id
field to SgxEpcConfig
In order to uniquely identify each SGX EPC section, we introduce a mandatory option `id` to the `--sgx-epc` parameter. Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit is contained in:
parent
4a3cec8c1f
commit
9aedabe11e
@ -20,6 +20,7 @@ use linux_loader::loader::bootparam::boot_params;
|
|||||||
use linux_loader::loader::elf::start_info::{
|
use linux_loader::loader::elf::start_info::{
|
||||||
hvm_memmap_table_entry, hvm_modlist_entry, hvm_start_info,
|
hvm_memmap_table_entry, hvm_modlist_entry, hvm_start_info,
|
||||||
};
|
};
|
||||||
|
use std::collections::BTreeMap;
|
||||||
use std::mem;
|
use std::mem;
|
||||||
use vm_memory::{
|
use vm_memory::{
|
||||||
Address, ByteValued, Bytes, GuestAddress, GuestAddressSpace, GuestMemory, GuestMemoryAtomic,
|
Address, ByteValued, Bytes, GuestAddress, GuestAddressSpace, GuestMemory, GuestMemoryAtomic,
|
||||||
@ -64,7 +65,7 @@ impl SgxEpcSection {
|
|||||||
pub struct SgxEpcRegion {
|
pub struct SgxEpcRegion {
|
||||||
start: GuestAddress,
|
start: GuestAddress,
|
||||||
size: GuestUsize,
|
size: GuestUsize,
|
||||||
epc_sections: Vec<SgxEpcSection>,
|
epc_sections: BTreeMap<String, SgxEpcSection>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl SgxEpcRegion {
|
impl SgxEpcRegion {
|
||||||
@ -72,7 +73,7 @@ impl SgxEpcRegion {
|
|||||||
SgxEpcRegion {
|
SgxEpcRegion {
|
||||||
start,
|
start,
|
||||||
size,
|
size,
|
||||||
epc_sections: Vec::new(),
|
epc_sections: BTreeMap::new(),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
pub fn start(&self) -> GuestAddress {
|
pub fn start(&self) -> GuestAddress {
|
||||||
@ -81,11 +82,11 @@ impl SgxEpcRegion {
|
|||||||
pub fn size(&self) -> GuestUsize {
|
pub fn size(&self) -> GuestUsize {
|
||||||
self.size
|
self.size
|
||||||
}
|
}
|
||||||
pub fn epc_sections(&self) -> &Vec<SgxEpcSection> {
|
pub fn epc_sections(&self) -> &BTreeMap<String, SgxEpcSection> {
|
||||||
&self.epc_sections
|
&self.epc_sections
|
||||||
}
|
}
|
||||||
pub fn push(&mut self, epc_section: SgxEpcSection) {
|
pub fn insert(&mut self, id: String, epc_section: SgxEpcSection) {
|
||||||
self.epc_sections.push(epc_section);
|
self.epc_sections.insert(id, epc_section);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -34,7 +34,7 @@ memory, the second one being 32MiB with no pre-allocated memory.
|
|||||||
--disk path=focal-server-cloudimg-amd64.raw \
|
--disk path=focal-server-cloudimg-amd64.raw \
|
||||||
--kernel vmlinux \
|
--kernel vmlinux \
|
||||||
--cmdline "console=ttyS0 console=hvc0 root=/dev/vda1 rw" \
|
--cmdline "console=ttyS0 console=hvc0 root=/dev/vda1 rw" \
|
||||||
--sgx-epc size=64M,prefault=on size=32M,prefault=off
|
--sgx-epc id=epc0,size=64M,prefault=on id=epc1,size=32M,prefault=off
|
||||||
```
|
```
|
||||||
|
|
||||||
Once booted, and assuming your guest kernel contains the patches from the
|
Once booted, and assuming your guest kernel contains the patches from the
|
||||||
|
@ -6358,7 +6358,7 @@ mod tests {
|
|||||||
.args(&["--cmdline", DIRECT_KERNEL_BOOT_CMDLINE])
|
.args(&["--cmdline", DIRECT_KERNEL_BOOT_CMDLINE])
|
||||||
.default_disks()
|
.default_disks()
|
||||||
.default_net()
|
.default_net()
|
||||||
.args(&["--sgx-epc", "size=64M"])
|
.args(&["--sgx-epc", "id=epc0,size=64M"])
|
||||||
.capture_output()
|
.capture_output()
|
||||||
.spawn()
|
.spawn()
|
||||||
.unwrap();
|
.unwrap();
|
||||||
|
@ -851,9 +851,12 @@ components:
|
|||||||
|
|
||||||
SgxEpcConfig:
|
SgxEpcConfig:
|
||||||
required:
|
required:
|
||||||
|
- id
|
||||||
- size
|
- size
|
||||||
type: object
|
type: object
|
||||||
properties:
|
properties:
|
||||||
|
id:
|
||||||
|
type: string
|
||||||
size:
|
size:
|
||||||
type: integer
|
type: integer
|
||||||
format: int64
|
format: int64
|
||||||
|
@ -77,6 +77,9 @@ pub enum Error {
|
|||||||
/// Failed to parse SGX EPC parameters
|
/// Failed to parse SGX EPC parameters
|
||||||
#[cfg(target_arch = "x86_64")]
|
#[cfg(target_arch = "x86_64")]
|
||||||
ParseSgxEpc(OptionParserError),
|
ParseSgxEpc(OptionParserError),
|
||||||
|
/// Missing 'id' from SGX EPC section
|
||||||
|
#[cfg(target_arch = "x86_64")]
|
||||||
|
ParseSgxEpcIdMissing,
|
||||||
/// Failed to parse NUMA parameters
|
/// Failed to parse NUMA parameters
|
||||||
ParseNuma(OptionParserError),
|
ParseNuma(OptionParserError),
|
||||||
/// Failed to validate configuration
|
/// Failed to validate configuration
|
||||||
@ -215,6 +218,7 @@ impl fmt::Display for Error {
|
|||||||
ParseRestore(o) => write!(f, "Error parsing --restore: {}", o),
|
ParseRestore(o) => write!(f, "Error parsing --restore: {}", o),
|
||||||
#[cfg(target_arch = "x86_64")]
|
#[cfg(target_arch = "x86_64")]
|
||||||
ParseSgxEpc(o) => write!(f, "Error parsing --sgx-epc: {}", o),
|
ParseSgxEpc(o) => write!(f, "Error parsing --sgx-epc: {}", o),
|
||||||
|
ParseSgxEpcIdMissing => write!(f, "Error parsing --sgx-epc: id missing"),
|
||||||
ParseNuma(o) => write!(f, "Error parsing --numa: {}", o),
|
ParseNuma(o) => write!(f, "Error parsing --numa: {}", o),
|
||||||
ParseRestoreSourceUrlMissing => {
|
ParseRestoreSourceUrlMissing => {
|
||||||
write!(f, "Error parsing --restore: source_url missing")
|
write!(f, "Error parsing --restore: source_url missing")
|
||||||
@ -1593,6 +1597,7 @@ impl TdxConfig {
|
|||||||
#[cfg(target_arch = "x86_64")]
|
#[cfg(target_arch = "x86_64")]
|
||||||
#[derive(Clone, Debug, PartialEq, Deserialize, Serialize, Default)]
|
#[derive(Clone, Debug, PartialEq, Deserialize, Serialize, Default)]
|
||||||
pub struct SgxEpcConfig {
|
pub struct SgxEpcConfig {
|
||||||
|
pub id: String,
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
pub size: u64,
|
pub size: u64,
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
@ -1602,12 +1607,13 @@ pub struct SgxEpcConfig {
|
|||||||
#[cfg(target_arch = "x86_64")]
|
#[cfg(target_arch = "x86_64")]
|
||||||
impl SgxEpcConfig {
|
impl SgxEpcConfig {
|
||||||
pub const SYNTAX: &'static str = "SGX EPC parameters \
|
pub const SYNTAX: &'static str = "SGX EPC parameters \
|
||||||
\"size=<epc_section_size>,prefault=on|off\"";
|
\"id=<epc_section_identifier>,size=<epc_section_size>,prefault=on|off\"";
|
||||||
pub fn parse(sgx_epc: &str) -> Result<Self> {
|
pub fn parse(sgx_epc: &str) -> Result<Self> {
|
||||||
let mut parser = OptionParser::new();
|
let mut parser = OptionParser::new();
|
||||||
parser.add("size").add("prefault");
|
parser.add("id").add("size").add("prefault");
|
||||||
parser.parse(sgx_epc).map_err(Error::ParseSgxEpc)?;
|
parser.parse(sgx_epc).map_err(Error::ParseSgxEpc)?;
|
||||||
|
|
||||||
|
let id = parser.get("id").ok_or(Error::ParseSgxEpcIdMissing)?;
|
||||||
let size = parser
|
let size = parser
|
||||||
.convert::<ByteSized>("size")
|
.convert::<ByteSized>("size")
|
||||||
.map_err(Error::ParseSgxEpc)?
|
.map_err(Error::ParseSgxEpc)?
|
||||||
@ -1619,7 +1625,7 @@ impl SgxEpcConfig {
|
|||||||
.unwrap_or(Toggle(false))
|
.unwrap_or(Toggle(false))
|
||||||
.0;
|
.0;
|
||||||
|
|
||||||
Ok(SgxEpcConfig { size, prefault })
|
Ok(SgxEpcConfig { id, size, prefault })
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -572,7 +572,7 @@ impl CpuManager {
|
|||||||
.unwrap()
|
.unwrap()
|
||||||
.sgx_epc_region()
|
.sgx_epc_region()
|
||||||
.as_ref()
|
.as_ref()
|
||||||
.map(|sgx_epc_region| sgx_epc_region.epc_sections().clone());
|
.map(|sgx_epc_region| sgx_epc_region.epc_sections().values().cloned().collect());
|
||||||
#[cfg(target_arch = "x86_64")]
|
#[cfg(target_arch = "x86_64")]
|
||||||
let cpuid = {
|
let cpuid = {
|
||||||
let phys_bits = physical_bits(config.max_phys_bits);
|
let phys_bits = physical_bits(config.max_phys_bits);
|
||||||
|
@ -1458,10 +1458,13 @@ impl MemoryManager {
|
|||||||
false,
|
false,
|
||||||
)?;
|
)?;
|
||||||
|
|
||||||
sgx_epc_region.push(SgxEpcSection::new(
|
sgx_epc_region.insert(
|
||||||
GuestAddress(epc_section_start),
|
epc_section.id.clone(),
|
||||||
epc_section.size as GuestUsize,
|
SgxEpcSection::new(
|
||||||
));
|
GuestAddress(epc_section_start),
|
||||||
|
epc_section.size as GuestUsize,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
epc_section_start += epc_section.size;
|
epc_section_start += epc_section.size;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user