External/cloud-hypervisor
1
0
Fork 0
mirror of https://github.com/cloud-hypervisor/cloud-hypervisor.git synced 2024-10-01 11:05:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

vmm: tdx: Clear unsupported KVM PV features

Browse Source 
This matches with the features that QEMU clears as they are not
supported with TDX.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
This commit is contained in:
Rob Bradford 2021-06-01 15:11:49 +00:00 committed by Sebastien Boeuf
parent 9f5325fd52
commit c357adae44
2 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
vmm/src/cpu.rs
View File

@ -62,6 +62,16 @@ const MTRR_EDX_BIT: u8 = 12; // Hypervisor ecx bit.
// KVM feature bits // KVM feature bits
#[cfg(target_arch = "x86_64")] #[cfg(target_arch = "x86_64")]
const KVM_FEATURE_ASYNC_PF_INT_BIT: u8 = 14; const KVM_FEATURE_ASYNC_PF_INT_BIT: u8 = 14;
#[cfg(feature = "tdx")]
const KVM_FEATURE_CLOCKSOURCE_BIT: u8 = 0;
#[cfg(feature = "tdx")]
const KVM_FEATURE_CLOCKSOURCE2_BIT: u8 = 3;
#[cfg(feature = "tdx")]
const KVM_FEATURE_CLOCKSOURCE_STABLE_BIT: u8 = 24;
#[cfg(feature = "tdx")]
const KVM_FEATURE_ASYNC_PF_BIT: u8 = 4;
#[cfg(feature = "tdx")]
const KVM_FEATURE_ASYNC_PF_VMEXIT_BIT: u8 = 10;
#[cfg(feature = "acpi")] #[cfg(feature = "acpi")]
pub const CPU_MANAGER_ACPI_SIZE: usize = 0xc; pub const CPU_MANAGER_ACPI_SIZE: usize = 0xc;
@ -533,6 +543,7 @@ impl CpuManager {
hypervisor: Arc<dyn hypervisor::Hypervisor>, hypervisor: Arc<dyn hypervisor::Hypervisor>,
seccomp_action: SeccompAction, seccomp_action: SeccompAction,
vmmops: Arc<Box<dyn VmmOps>>, vmmops: Arc<Box<dyn VmmOps>>,
#[cfg(feature = "tdx")] tdx_enabled: bool,
) -> Result<Arc<Mutex<CpuManager>>> { ) -> Result<Arc<Mutex<CpuManager>>> {
let guest_memory = memory_manager.lock().unwrap().guest_memory(); let guest_memory = memory_manager.lock().unwrap().guest_memory();
let mut vcpu_states = Vec::with_capacity(usize::from(config.max_vcpus)); let mut vcpu_states = Vec::with_capacity(usize::from(config.max_vcpus));
@ -554,6 +565,8 @@ impl CpuManager {
sgx_epc_sections, sgx_epc_sections,
phys_bits, phys_bits,
config.kvm_hyperv, config.kvm_hyperv,
#[cfg(feature = "tdx")]
tdx_enabled,
)? )?
}; };
@ -605,6 +618,7 @@ impl CpuManager {
sgx_epc_sections: Option<Vec<SgxEpcSection>>, sgx_epc_sections: Option<Vec<SgxEpcSection>>,
phys_bits: u8, phys_bits: u8,
kvm_hyperv: bool, kvm_hyperv: bool,
#[cfg(feature = "tdx")] tdx_enabled: bool,
) -> Result<CpuId> { ) -> Result<CpuId> {
let cpuid_patches = vec![ let cpuid_patches = vec![
// Patch tsc deadline timer bit // Patch tsc deadline timer bit
@ -674,6 +688,16 @@ impl CpuManager {
// TODO: Re-enable KVM_FEATURE_ASYNC_PF_INT (#2277) // TODO: Re-enable KVM_FEATURE_ASYNC_PF_INT (#2277)
0x4000_0001 => { 0x4000_0001 => {
entry.eax &= !(1 << KVM_FEATURE_ASYNC_PF_INT_BIT); entry.eax &= !(1 << KVM_FEATURE_ASYNC_PF_INT_BIT);
// These features are not supported by TDX
#[cfg(feature = "tdx")]
if tdx_enabled {
entry.eax &= !(1 << KVM_FEATURE_CLOCKSOURCE_BIT
| 1 << KVM_FEATURE_CLOCKSOURCE2_BIT
| 1 << KVM_FEATURE_CLOCKSOURCE_STABLE_BIT
| 1 << KVM_FEATURE_ASYNC_PF_BIT
| 1 << KVM_FEATURE_ASYNC_PF_VMEXIT_BIT)
}
} }
_ => {} _ => {}
} }

2
vmm/src/vm.rs
View File

@ -558,6 +558,8 @@ impl Vm {
hypervisor, hypervisor,
seccomp_action.clone(), seccomp_action.clone(),
vm_ops, vm_ops,
#[cfg(feature = "tdx")]
config.lock().unwrap().tdx.is_some(),
) )
.map_err(Error::CpuManager)?; .map_err(Error::CpuManager)?;