From b02aff5761e982572b49be216f9ee1b57c2ddaff Mon Sep 17 00:00:00 2001 From: Rob Bradford Date: Tue, 23 Feb 2021 14:29:30 +0000 Subject: [PATCH] vmm: memory_manager: Disable dirty page logging when running on TDX It is not permitted to have this enabled in memory that is part of a TD. Signed-off-by: Rob Bradford --- vmm/src/memory_manager.rs | 23 +++++++++++++++++++---- vmm/src/vm.rs | 6 ++++++ 2 files changed, 25 insertions(+), 4 deletions(-) diff --git a/vmm/src/memory_manager.rs b/vmm/src/memory_manager.rs index ed863432f..da7f8eed5 100644 --- a/vmm/src/memory_manager.rs +++ b/vmm/src/memory_manager.rs @@ -137,6 +137,7 @@ pub struct MemoryManager { user_provided_zones: bool, snapshot_memory_regions: Vec, memory_zones: MemoryZones, + log_dirty: bool, // Enable dirty logging for created RAM regions // Keep track of calls to create_userspace_mapping() for guest RAM. // This is useful for getting the dirty pages as we need to know the @@ -503,6 +504,7 @@ impl MemoryManager { config: &MemoryConfig, prefault: bool, phys_bits: u8, + #[cfg(feature = "tdx")] tdx_enabled: bool, ) -> Result>, Error> { let user_provided_zones = config.size == 0; let mut allow_mem_hotplug: bool = false; @@ -741,6 +743,11 @@ impl MemoryManager { .allocate_mmio_addresses(None, MEMORY_MANAGER_ACPI_SIZE as u64, None) .ok_or(Error::AllocateMMIOAddress)?; + #[cfg(not(feature = "tdx"))] + let log_dirty = true; + #[cfg(feature = "tdx")] + let log_dirty = !tdx_enabled; // Cannot log dirty pages on a TD + let memory_manager = Arc::new(Mutex::new(MemoryManager { boot_guest_memory, guest_memory: guest_memory.clone(), @@ -768,6 +775,7 @@ impl MemoryManager { guest_ram_mappings: Vec::new(), #[cfg(feature = "acpi")] acpi_address, + log_dirty, })); guest_memory.memory().with_regions(|_, region| { @@ -778,7 +786,7 @@ impl MemoryManager { region.as_ptr() as u64, config.mergeable, false, - true, + log_dirty, )?; mm.guest_ram_mappings.push(GuestRamMapping { gpa: region.start_addr().raw_value(), @@ -797,7 +805,7 @@ impl MemoryManager { region.as_ptr() as u64, config.mergeable, false, - true, + log_dirty, )?; mm.guest_ram_mappings.push(GuestRamMapping { @@ -833,7 +841,14 @@ impl MemoryManager { prefault: bool, phys_bits: u8, ) -> Result>, Error> { - let mm = MemoryManager::new(vm, config, prefault, phys_bits)?; + let mm = MemoryManager::new( + vm, + config, + prefault, + phys_bits, + #[cfg(feature = "tdx")] + false, + )?; if let Some(source_url) = source_url { let url = Url::parse(source_url).unwrap(); @@ -1118,7 +1133,7 @@ impl MemoryManager { region.as_ptr() as u64, self.mergeable, false, - true, + self.log_dirty, )?; self.guest_ram_mappings.push(GuestRamMapping { gpa: region.start_addr().raw_value(), diff --git a/vmm/src/vm.rs b/vmm/src/vm.rs index b76d57198..1b0586b20 100644 --- a/vmm/src/vm.rs +++ b/vmm/src/vm.rs @@ -675,11 +675,15 @@ impl Vm { #[cfg(target_arch = "x86_64")] vm.enable_split_irq().unwrap(); let phys_bits = physical_bits(config.lock().unwrap().cpus.max_phys_bits); + #[cfg(feature = "tdx")] + let tdx_enabled = config.lock().unwrap().tdx.is_some(); let memory_manager = MemoryManager::new( vm.clone(), &config.lock().unwrap().memory.clone(), false, phys_bits, + #[cfg(feature = "tdx")] + tdx_enabled, ) .map_err(Error::MemoryManager)?; @@ -794,6 +798,8 @@ impl Vm { &config.lock().unwrap().memory.clone(), false, phys_bits, + #[cfg(feature = "tdx")] + false, ) .map_err(Error::MemoryManager)?;