External/cloud-hypervisor
1
0
Fork 0
mirror of https://github.com/cloud-hypervisor/cloud-hypervisor.git synced 2024-08-21 23:41:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

arch, vmm: Add e820 entry related to SGX EPC region

Browse Source 
SGX expects the EPC region to be reported as "reserved" from the e820
table. This patch adds a new entry to the table if SGX is enabled.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit is contained in:
Sebastien Boeuf 2020-07-09 10:25:37 +02:00 committed by Samuel Ortiz
parent e10d9b13d4
commit a5c4f0fc6f
2 changed files with 47 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
arch/src/x86_64/mod.rs
View File

@ -76,6 +76,7 @@ impl SgxEpcSection {
} }
} }
#[derive(Clone)]
pub struct SgxEpcRegion { pub struct SgxEpcRegion {
start: GuestAddress, start: GuestAddress,
size: GuestUsize, size: GuestUsize,
@ -423,6 +424,7 @@ pub fn configure_system(
setup_hdr: Option<setup_header>, setup_hdr: Option<setup_header>,
rsdp_addr: Option<GuestAddress>, rsdp_addr: Option<GuestAddress>,
boot_prot: BootProtocol, boot_prot: BootProtocol,
sgx_epc_region: Option<SgxEpcRegion>,
) -> super::Result<()> { ) -> super::Result<()> {
smbios::setup_smbios(guest_mem).map_err(Error::SmbiosSetup)?; smbios::setup_smbios(guest_mem).map_err(Error::SmbiosSetup)?;
@ -439,7 +441,13 @@ pub fn configure_system(
match boot_prot { match boot_prot {
BootProtocol::PvhBoot => { BootProtocol::PvhBoot => {
configure_pvh(guest_mem, cmdline_addr, initramfs, rsdp_addr)?; configure_pvh(
guest_mem,
cmdline_addr,
initramfs,
rsdp_addr,
sgx_epc_region,
)?;
} }
BootProtocol::LinuxBoot => { BootProtocol::LinuxBoot => {
configure_64bit_boot( configure_64bit_boot(
@ -449,6 +457,7 @@ pub fn configure_system(
initramfs, initramfs,
setup_hdr, setup_hdr,
rsdp_addr, rsdp_addr,
sgx_epc_region,
)?; )?;
} }
} }
@ -461,6 +470,7 @@ fn configure_pvh(
cmdline_addr: GuestAddress, cmdline_addr: GuestAddress,
initramfs: &Option<InitramfsConfig>, initramfs: &Option<InitramfsConfig>,
rsdp_addr: Option<GuestAddress>, rsdp_addr: Option<GuestAddress>,
sgx_epc_region: Option<SgxEpcRegion>,
) -> super::Result<()> { ) -> super::Result<()> {
const XEN_HVM_START_MAGIC_VALUE: u32 = 0x336ec578; const XEN_HVM_START_MAGIC_VALUE: u32 = 0x336ec578;
@ -534,6 +544,15 @@ fn configure_pvh(
E820_RESERVED, E820_RESERVED,
)?; )?;
if let Some(sgx_epc_region) = sgx_epc_region {
add_memmap_entry(
&mut memmap,
sgx_epc_region.start().raw_value(),
sgx_epc_region.size() as u64,
E820_RESERVED,
)?;
}
start_info.0.memmap_entries = memmap.len() as u32; start_info.0.memmap_entries = memmap.len() as u32;
// Copy the vector with the memmap table to the MEMMAP_START address // Copy the vector with the memmap table to the MEMMAP_START address
@ -600,6 +619,7 @@ fn configure_64bit_boot(
initramfs: &Option<InitramfsConfig>, initramfs: &Option<InitramfsConfig>,
setup_hdr: Option<setup_header>, setup_hdr: Option<setup_header>,
rsdp_addr: Option<GuestAddress>, rsdp_addr: Option<GuestAddress>,
sgx_epc_region: Option<SgxEpcRegion>,
) -> super::Result<()> { ) -> super::Result<()> {
const KERNEL_BOOT_FLAG_MAGIC: u16 = 0xaa55; const KERNEL_BOOT_FLAG_MAGIC: u16 = 0xaa55;
const KERNEL_HDR_MAGIC: u32 = 0x53726448; const KERNEL_HDR_MAGIC: u32 = 0x53726448;
@ -663,6 +683,15 @@ fn configure_64bit_boot(
E820_RESERVED, E820_RESERVED,
)?; )?;
if let Some(sgx_epc_region) = sgx_epc_region {
add_e820_entry(
&mut params.0,
sgx_epc_region.start().raw_value(),
sgx_epc_region.size() as u64,
E820_RESERVED,
)?;
}
if let Some(rsdp_addr) = rsdp_addr { if let Some(rsdp_addr) = rsdp_addr {
params.0.acpi_rsdp_addr = rsdp_addr.0; params.0.acpi_rsdp_addr = rsdp_addr.0;
} }
@ -888,6 +917,7 @@ mod tests {
None, None,
Some(layout::RSDP_POINTER), Some(layout::RSDP_POINTER),
BootProtocol::LinuxBoot, BootProtocol::LinuxBoot,
None,
); );
assert!(config_err.is_err()); assert!(config_err.is_err());
@ -909,6 +939,7 @@ mod tests {
None, None,
None, None,
BootProtocol::LinuxBoot, BootProtocol::LinuxBoot,
None,
) )
.unwrap(); .unwrap();
@ -921,6 +952,7 @@ mod tests {
None, None,
None, None,
BootProtocol::PvhBoot, BootProtocol::PvhBoot,
None,
) )
.unwrap(); .unwrap();
@ -942,6 +974,7 @@ mod tests {
None, None,
None, None,
BootProtocol::LinuxBoot, BootProtocol::LinuxBoot,
None,
) )
.unwrap(); .unwrap();
@ -954,6 +987,7 @@ mod tests {
None, None,
None, None,
BootProtocol::PvhBoot, BootProtocol::PvhBoot,
None,
) )
.unwrap(); .unwrap();
@ -975,6 +1009,7 @@ mod tests {
None, None,
None, None,
BootProtocol::LinuxBoot, BootProtocol::LinuxBoot,
None,
) )
.unwrap(); .unwrap();
@ -987,6 +1022,7 @@ mod tests {
None, None,
None, None,
BootProtocol::PvhBoot, BootProtocol::PvhBoot,
None,
) )
.unwrap(); .unwrap();
} }

10
vmm/src/vm.rs
View File

@ -584,6 +584,14 @@ impl Vm {
)); ));
} }
let sgx_epc_region = self
.memory_manager
.lock()
.unwrap()
.sgx_epc_region()
.as_ref()
.cloned();
match entry_addr.setup_header { match entry_addr.setup_header {
Some(hdr) => { Some(hdr) => {
arch::configure_system( arch::configure_system(
@ -595,6 +603,7 @@ impl Vm {
Some(hdr), Some(hdr),
rsdp_addr, rsdp_addr,
BootProtocol::LinuxBoot, BootProtocol::LinuxBoot,
sgx_epc_region,
) )
.map_err(Error::ConfigureSystem)?; .map_err(Error::ConfigureSystem)?;
} }
@ -608,6 +617,7 @@ impl Vm {
None, None,
rsdp_addr, rsdp_addr,
entry_addr.protocol, entry_addr.protocol,
sgx_epc_region,
) )
.map_err(Error::ConfigureSystem)?; .map_err(Error::ConfigureSystem)?;
} }