Re: [PATCH v6 18/60] i386/tdvf: Introduce function to parse TDVF metadat

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v6 18/60] i386/tdvf: Introduce function to parse TDVF metadat

From:	Daniel P . Berrangé
Subject:	Re: [PATCH v6 18/60] i386/tdvf: Introduce function to parse TDVF metadata
Date:	Tue, 5 Nov 2024 10:42:47 +0000
User-agent:	Mutt/2.2.13 (2024-03-09)

On Tue, Nov 05, 2024 at 01:23:26AM -0500, Xiaoyao Li wrote:
> From: Isaku Yamahata <isaku.yamahata@intel.com>
> 
> TDX VM needs to boot with its specialized firmware, Trusted Domain
> Virtual Firmware (TDVF). QEMU needs to parse TDVF and map it in TD
> guest memory prior to running the TDX VM.
> 
> A TDVF Metadata in TDVF image describes the structure of firmware.
> QEMU refers to it to setup memory for TDVF. Introduce function
> tdvf_parse_metadata() to parse the metadata from TDVF image and store
> the info of each TDVF section.
> 
> TDX metadata is located by a TDX metadata offset block, which is a
> GUID-ed structure. The data portion of the GUID structure contains
> only an 4-byte field that is the offset of TDX metadata to the end
> of firmware file.
> 
> Select X86_FW_OVMF when TDX is enable to leverage existing functions
> to parse and search OVMF's GUID-ed structures.
> 
> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> Co-developed-by: Xiaoyao Li <xiaoyao.li@intel.com>
> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
> ---
> Changes in v6:
>  - Drop the the data endianness change for metadata->Length;
> 
> Changes in v1:
>  - rename tdvf_parse_section_entry() to
>    tdvf_parse_and_check_section_entry()
> 
> Changes in RFC v4:
>  - rename TDX_METADATA_GUID to TDX_METADATA_OFFSET_GUID
> ---
>  hw/i386/Kconfig        |   1 +
>  hw/i386/meson.build    |   1 +
>  hw/i386/tdvf.c         | 200 +++++++++++++++++++++++++++++++++++++++++
>  include/hw/i386/tdvf.h |  51 +++++++++++
>  4 files changed, 253 insertions(+)
>  create mode 100644 hw/i386/tdvf.c
>  create mode 100644 include/hw/i386/tdvf.h
> 
> diff --git a/hw/i386/Kconfig b/hw/i386/Kconfig
> index 86bc10377c4f..555a000037bc 100644
> --- a/hw/i386/Kconfig
> +++ b/hw/i386/Kconfig
> @@ -12,6 +12,7 @@ config SGX
>  
>  config TDX
>      bool
> +    select X86_FW_OVMF
>      depends on KVM
>  
>  config PC
> diff --git a/hw/i386/meson.build b/hw/i386/meson.build
> index 10bdfde27c69..3bc1da2b6eb4 100644
> --- a/hw/i386/meson.build
> +++ b/hw/i386/meson.build
> @@ -32,6 +32,7 @@ i386_ss.add(when: 'CONFIG_PC', if_true: files(
>    'port92.c'))
>  i386_ss.add(when: 'CONFIG_X86_FW_OVMF', if_true: files('pc_sysfw_ovmf.c'),
>                                          if_false: 
> files('pc_sysfw_ovmf-stubs.c'))
> +i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c'))
>  
>  subdir('kvm')
>  subdir('xen')
> diff --git a/hw/i386/tdvf.c b/hw/i386/tdvf.c
> new file mode 100644
> index 000000000000..4afa636bfa0e
> --- /dev/null
> +++ b/hw/i386/tdvf.c
> @@ -0,0 +1,200 @@
> +/*
> + * SPDX-License-Identifier: GPL-2.0-or-later

Since you have this SPDX tag....

> +
> + * Copyright (c) 2020 Intel Corporation
> + * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
> + *                        <isaku.yamahata at intel.com>
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 2 of the License, or
> + * (at your option) any later version.
> +
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + * GNU General Public License for more details.
> +
> + * You should have received a copy of the GNU General Public License along
> + * with this program; if not, see <http://www.gnu.org/licenses/>.

...you should omit the GPL boilerplate text here, as the new
QEMU standard is to use only SPDX for new files.


> +
> +int tdvf_parse_metadata(TdxFirmware *fw, void *flash_ptr, int size)
> +{
> +    TdvfSectionEntry *sections;

g_autofree TdvfSectionEntry *sections = NULL;

will avoid the duplicated 'g_free' calls later

> +    TdvfMetadata *metadata;
> +    ssize_t entries_size;
> +    int i;
> +
> +    metadata = tdvf_get_metadata(flash_ptr, size);
> +    if (!metadata) {
> +        return -EINVAL;
> +    }
> +
> +    /* load and parse metadata entries */
> +    fw->nr_entries = le32_to_cpu(metadata->NumberOfSectionEntries);
> +    if (fw->nr_entries < 2) {
> +        error_report("Invalid number of fw entries (%u) in TDVF Metadata",
> +                     fw->nr_entries);
> +        return -EINVAL;
> +    }
> +
> +    entries_size = fw->nr_entries * sizeof(TdvfSectionEntry);
> +    if (metadata->Length != sizeof(*metadata) + entries_size) {
> +        error_report("TDVF metadata len (0x%x) mismatch, expected (0x%x)",
> +                     metadata->Length,
> +                     (uint32_t)(sizeof(*metadata) + entries_size));
> +        return -EINVAL;
> +    }
> +
> +    fw->entries = g_new(TdxFirmwareEntry, fw->nr_entries);
> +    sections = g_new(TdvfSectionEntry, fw->nr_entries);
> +
> +    if (!memcpy(sections, (void *)metadata + sizeof(*metadata), 
> entries_size)) {
> +        error_report("Failed to read TDVF section entries");
> +        goto err;
> +    }
> +
> +    for (i = 0; i < fw->nr_entries; i++) {
> +        if (tdvf_parse_and_check_section_entry(&sections[i], 
> &fw->entries[i])) {
> +            goto err;
> +        }
> +    }
> +    g_free(sections);
> +
> +    return 0;
> +
> +err:
> +    g_free(sections);
> +    fw->entries = 0;
> +    g_free(fw->entries);
> +    return -EINVAL;
> +}
> diff --git a/include/hw/i386/tdvf.h b/include/hw/i386/tdvf.h
> new file mode 100644
> index 000000000000..593341eb2e93
> --- /dev/null
> +++ b/include/hw/i386/tdvf.h
> @@ -0,0 +1,51 @@
> +/*
> + * SPDX-License-Identifier: GPL-2.0-or-later
> +
> + * Copyright (c) 2020 Intel Corporation
> + * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
> + *                        <isaku.yamahata at intel.com>
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 2 of the License, or
> + * (at your option) any later version.
> +
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + * GNU General Public License for more details.
> +
> + * You should have received a copy of the GNU General Public License along
> + * with this program; if not, see <http://www.gnu.org/licenses/>.
> + */

Same note about only using SPDX.


With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v6 13/60] i386/tdx: Validate TD attributes, (continued)
- [PATCH v6 14/60] i386/tdx: Support user configurable mrconfigid/mrowner/mrownerconfig, Xiaoyao Li, 2024/11/05
  - Re: [PATCH v6 14/60] i386/tdx: Support user configurable mrconfigid/mrowner/mrownerconfig, Daniel P . Berrangé, 2024/11/05
    - Re: [PATCH v6 14/60] i386/tdx: Support user configurable mrconfigid/mrowner/mrownerconfig, Xiaoyao Li, 2024/11/05
- [PATCH v6 15/60] i386/tdx: Set APIC bus rate to match with what TDX module enforces, Xiaoyao Li, 2024/11/05
- [PATCH v6 17/60] i386/tdx: load TDVF for TD guest, Xiaoyao Li, 2024/11/05
- [PATCH v6 16/60] i386/tdx: Implement user specified tsc frequency, Xiaoyao Li, 2024/11/05
- [PATCH v6 18/60] i386/tdvf: Introduce function to parse TDVF metadata, Xiaoyao Li, 2024/11/05
  - Re: [PATCH v6 18/60] i386/tdvf: Introduce function to parse TDVF metadata, Daniel P . Berrangé <=
- [PATCH v6 19/60] i386/tdx: Parse TDVF metadata for TDX VM, Xiaoyao Li, 2024/11/05
- [PATCH v6 20/60] i386/tdx: Don't initialize pc.rom for TDX VMs, Xiaoyao Li, 2024/11/05
- [PATCH v6 21/60] i386/tdx: Track mem_ptr for each firmware entry of TDVF, Xiaoyao Li, 2024/11/05
- [PATCH v6 23/60] headers: Add definitions from UEFI spec for volumes, resources, etc..., Xiaoyao Li, 2024/11/05
  - Re: [PATCH v6 23/60] headers: Add definitions from UEFI spec for volumes, resources, etc..., Daniel P . Berrangé, 2024/11/05
- [PATCH v6 25/60] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION, Xiaoyao Li, 2024/11/05
- [PATCH v6 22/60] i386/tdx: Track RAM entries for TDX VM, Xiaoyao Li, 2024/11/05
- [PATCH v6 26/60] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu, Xiaoyao Li, 2024/11/05
- [PATCH v6 27/60] i386/tdx: Finalize TDX VM, Xiaoyao Li, 2024/11/05
- [PATCH v6 29/60] i386/tdx: Handle KVM_SYSTEM_EVENT_TDX_FATAL, Xiaoyao Li, 2024/11/05

Prev by Date: Re: How to pass the EFI_MEMORY_SP type to VM in QEMU
Next by Date: [PULL 1/3] contrib/plugins/cflow: fix warning
Previous by thread: [PATCH v6 18/60] i386/tdvf: Introduce function to parse TDVF metadata
Next by thread: [PATCH v6 19/60] i386/tdx: Parse TDVF metadata for TDX VM
Index(es):
- Date
- Thread