-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Implement KVM_TDX_INIT_VM and KVM_TDX_INIT_VCPU ioctl
Implement the KVM_TDX_INIT_VM and KVM_TDX_INIT_VCPU ioctls. Additionally move some device agnostic types into a shared `src/linux/` folder. Exposes the vm filedescriptor in the `TdxVm` type. Implement a conversion from `i32` to `TdxError` Signed-off-by: Jake Correnti <[email protected]>
- Loading branch information
1 parent
313f162
commit 393b335
Showing
9 changed files
with
262 additions
and
64 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,3 +2,6 @@ | |
|
||
pub mod vcpu; | ||
pub mod vm; | ||
|
||
#[cfg(target_os="linux")] | ||
pub mod linux; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
/// Trust Domain eXtensions sub-ioctl() commands | ||
#[repr(u32)] | ||
pub enum CmdId { | ||
GetCapabilities = 0, | ||
InitVm = 1, | ||
InitVcpu = 2, | ||
} | ||
|
||
/// Contains information for the sub-ioctl() command to be run. This is | ||
/// equivalent to `struct kvm_tdx_cmd` in the kernel. | ||
#[derive(Default)] | ||
#[repr(C)] | ||
pub struct Cmd { | ||
/// TDX command identifier | ||
pub id: u32, | ||
|
||
/// Flags for sub-command. If sub-command doesn't use it, set to zero. | ||
pub flags: u32, | ||
|
||
/// A u64 representing a generic pointer to the respective ioctl input. | ||
/// This data is read differently according to the TDX ioctl identifier. | ||
pub data: u64, | ||
|
||
/// Auxiliary error code. The sub-command may return TDX SEAMCALL status | ||
/// code in addition to -Exxx. | ||
pub error: u64, | ||
|
||
/// Reserved. | ||
pub _unused: u64, | ||
} | ||
|
||
#[derive(Debug)] | ||
pub struct TdxError { | ||
pub code: i32, | ||
pub message: String, | ||
} | ||
|
||
impl From<kvm_ioctls::Error> for TdxError { | ||
fn from(kvm_err: kvm_ioctls::Error) -> Self { | ||
TdxError::from(kvm_err.errno()) | ||
} | ||
} | ||
|
||
impl From<i32> for TdxError { | ||
fn from(errno: i32) -> Self { | ||
match errno { | ||
7 => TdxError { | ||
code: 7, | ||
message: String::from("Invalid value for NR_CPUID_CONFIGS"), | ||
}, | ||
25 => TdxError { | ||
code: 25, | ||
message: String::from("Inappropriate ioctl for device. Ensure the proper VM type is being used for the ioctl"), | ||
}, | ||
_ => TdxError { | ||
code: errno, | ||
message: format!("errno: {}", errno), | ||
}, | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,3 @@ | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
pub mod ioctl; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,36 @@ | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
mod linux; | ||
|
||
use crate::linux::{Cmd, CmdId, TdxError}; | ||
use kvm_bindings::*; | ||
use vmm_sys_util::*; | ||
|
||
vmm_sys_util::ioctl_iowr_nr!(KVM_MEMORY_ENCRYPT_OP, KVMIO, 0xba, std::os::raw::c_ulong); | ||
|
||
pub struct TdxVcpu { | ||
pub fd: kvm_ioctls::VcpuFd, | ||
} | ||
|
||
impl TdxVcpu { | ||
pub fn new(vm: &crate::vm::TdxVm, id: u64) -> Result<TdxVcpu, crate::linux::TdxError> { | ||
let vcpufd = vm.fd.create_vcpu(id)?; | ||
Ok(Self {fd: vcpufd}) | ||
} | ||
|
||
/// TDX specific VCPU initialization using a TDVF HOB address | ||
pub fn init_vcpu(&self, hob_addr: u64) -> Result<(), TdxError> { | ||
let mut cmd = Cmd { | ||
id: CmdId::InitVcpu as u32, | ||
flags: 0, | ||
data: hob_addr as *const u64 as _, | ||
error: 0, | ||
_unused: 0, | ||
}; | ||
let ret = unsafe { ioctl::ioctl_with_mut_ptr(&self.fd, KVM_MEMORY_ENCRYPT_OP(), &mut cmd) }; | ||
if ret < 0 { | ||
return Err(TdxError::from(ret)); | ||
} | ||
Ok(()) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters