From 8317c4c1e8aacb222dd3726685fada0e6e4feabb Mon Sep 17 00:00:00 2001 From: Hsy-Intel Date: Fri, 9 Aug 2024 13:21:52 +0800 Subject: [PATCH] Rename "intel_tdx" feature to "cvm_guest" --- Makefile | 1 - OSDK.toml | 2 +- kernel/Cargo.toml | 2 +- kernel/aster-nix/Cargo.toml | 2 +- kernel/aster-nix/src/device/mod.rs | 4 ++-- osdk/src/config/test/OSDK.toml.full | 2 +- ostd/Cargo.toml | 5 +++-- ostd/src/arch/x86/cpu/mod.rs | 6 +++--- ostd/src/arch/x86/kernel/apic/ioapic.rs | 4 ++-- ostd/src/arch/x86/mm/mod.rs | 8 ++++---- ostd/src/arch/x86/mod.rs | 6 +++--- ostd/src/arch/x86/tdx_guest.rs | 2 +- ostd/src/arch/x86/trap.rs | 6 +++--- ostd/src/bus/mmio/mod.rs | 4 ++-- ostd/src/bus/pci/capability/msix.rs | 4 ++-- ostd/src/lib.rs | 2 +- ostd/src/mm/dma/dma_coherent.rs | 6 +++--- ostd/src/mm/dma/dma_stream.rs | 6 +++--- ostd/src/mm/page_prop.rs | 2 +- 19 files changed, 37 insertions(+), 37 deletions(-) diff --git a/Makefile b/Makefile index 256194a16..773522411 100644 --- a/Makefile +++ b/Makefile @@ -58,7 +58,6 @@ ifeq ($(INTEL_TDX), 1) BOOT_METHOD = grub-qcow2 BOOT_PROTOCOL = linux-efi-handover64 CARGO_OSDK_ARGS += --scheme tdx -CARGO_OSDK_ARGS += --features intel_tdx endif ifneq ($(SCHEME), "") diff --git a/OSDK.toml b/OSDK.toml index eac96f77a..da468e492 100644 --- a/OSDK.toml +++ b/OSDK.toml @@ -44,7 +44,7 @@ qemu.args = "$(./tools/qemu_args.sh iommu)" [scheme."tdx"] supported_archs = ["x86_64"] -build.features = ["intel_tdx"] +build.features = ["cvm_guest"] boot.method = "grub-qcow2" grub.protocol = "linux" qemu.args = """\ diff --git a/kernel/Cargo.toml b/kernel/Cargo.toml index 352805230..8ceec4a48 100644 --- a/kernel/Cargo.toml +++ b/kernel/Cargo.toml @@ -15,4 +15,4 @@ aster-time = { path = "comps/time" } aster-framebuffer = { path = "comps/framebuffer" } [features] -intel_tdx = ["ostd/intel_tdx", "aster-nix/intel_tdx"] +cvm_guest = ["ostd/cvm_guest", "aster-nix/cvm_guest"] diff --git a/kernel/aster-nix/Cargo.toml b/kernel/aster-nix/Cargo.toml index f5b52453e..e2b8de345 100644 --- a/kernel/aster-nix/Cargo.toml +++ b/kernel/aster-nix/Cargo.toml @@ -75,4 +75,4 @@ version = "1.0" features = ["spin_no_std"] [features] -intel_tdx = ["dep:tdx-guest"] +cvm_guest = ["dep:tdx-guest"] diff --git a/kernel/aster-nix/src/device/mod.rs b/kernel/aster-nix/src/device/mod.rs index 5df73f5c8..8b1a528c2 100644 --- a/kernel/aster-nix/src/device/mod.rs +++ b/kernel/aster-nix/src/device/mod.rs @@ -10,7 +10,7 @@ mod urandom; mod zero; cfg_if! { - if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] { + if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] { mod tdxguest; use tdx_guest::tdx_is_enabled; @@ -41,7 +41,7 @@ pub fn init() -> Result<()> { let tty = Arc::new(tty::TtyDevice); add_node(tty, "tty")?; cfg_if! { - if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] { + if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] { let tdx_guest = Arc::new(tdxguest::TdxGuest); if tdx_is_enabled() { diff --git a/osdk/src/config/test/OSDK.toml.full b/osdk/src/config/test/OSDK.toml.full index ffafe94f6..b795cfd1a 100644 --- a/osdk/src/config/test/OSDK.toml.full +++ b/osdk/src/config/test/OSDK.toml.full @@ -40,7 +40,7 @@ qemu.args = """\ [scheme."tdx"] supported_archs = ["x86_64"] -build.features = ["intel_tdx"] +build.features = ["cvm_guest"] boot.method = "grub-qcow2" grub.mkrescue_path = "/tmp/osdk_test_file" grub.protocol = "linux" diff --git a/ostd/Cargo.toml b/ostd/Cargo.toml index f37404cb2..a0ae7009f 100644 --- a/ostd/Cargo.toml +++ b/ostd/Cargo.toml @@ -60,6 +60,7 @@ iced-x86 = { version = "1.21.0", default-features = false, features = [ tdx-guest = { version = "0.1.5", optional = true } [features] -default = ["intel_tdx", "log_color"] +default = ["cvm_guest", "log_color"] log_color = ["dep:owo-colors"] -intel_tdx = ["dep:tdx-guest", "dep:iced-x86"] +# The guest OS support for Confidential VMs (CVMs), e.g., Intel TDX +cvm_guest = ["dep:tdx-guest", "dep:iced-x86"] diff --git a/ostd/src/arch/x86/cpu/mod.rs b/ostd/src/arch/x86/cpu/mod.rs index e884253c2..c9baaffb5 100644 --- a/ostd/src/arch/x86/cpu/mod.rs +++ b/ostd/src/arch/x86/cpu/mod.rs @@ -22,7 +22,7 @@ use crate::{ }; cfg_if! { - if #[cfg(feature = "intel_tdx")] { + if #[cfg(feature = "cvm_guest")] { use tdx_guest::tdcall; use crate::arch::tdx_guest::{handle_virtual_exception, TdxTrapFrame}; } @@ -49,7 +49,7 @@ pub struct CpuExceptionInfo { pub page_fault_addr: usize, } -#[cfg(feature = "intel_tdx")] +#[cfg(feature = "cvm_guest")] impl TdxTrapFrame for RawGeneralRegs { fn rax(&self) -> usize { self.rax @@ -220,7 +220,7 @@ impl UserContextApiInternal for UserContext { self.user_context.run(); match CpuException::to_cpu_exception(self.user_context.trap_num as u16) { Some(exception) => { - #[cfg(feature = "intel_tdx")] + #[cfg(feature = "cvm_guest")] if *exception == VIRTUALIZATION_EXCEPTION { let ve_info = tdcall::get_veinfo().expect("#VE handler: fail to get VE info\n"); diff --git a/ostd/src/arch/x86/kernel/apic/ioapic.rs b/ostd/src/arch/x86/kernel/apic/ioapic.rs index e0a913b39..3dc18015c 100644 --- a/ostd/src/arch/x86/kernel/apic/ioapic.rs +++ b/ostd/src/arch/x86/kernel/apic/ioapic.rs @@ -16,7 +16,7 @@ use crate::{ }; cfg_if! { - if #[cfg(feature = "intel_tdx")] { + if #[cfg(feature = "cvm_guest")] { use ::tdx_guest::tdx_is_enabled; use crate::arch::tdx_guest; } @@ -161,7 +161,7 @@ pub fn init() { // FIXME: Is it possible to have an address that is not the default 0xFEC0_0000? // Need to find a way to determine if it is a valid address or not. const IO_APIC_DEFAULT_ADDRESS: usize = 0xFEC0_0000; - #[cfg(feature = "intel_tdx")] + #[cfg(feature = "cvm_guest")] // SAFETY: // This is safe because we are ensuring that the `IO_APIC_DEFAULT_ADDRESS` is a valid MMIO address before this operation. // The `IO_APIC_DEFAULT_ADDRESS` is a well-known address used for IO APICs in x86 systems, and it is page-aligned, which is a requirement for the `unprotect_gpa_range` function. diff --git a/ostd/src/arch/x86/mm/mod.rs b/ostd/src/arch/x86/mm/mod.rs index 4263df283..c9903e09e 100644 --- a/ostd/src/arch/x86/mm/mod.rs +++ b/ostd/src/arch/x86/mm/mod.rs @@ -59,7 +59,7 @@ bitflags::bitflags! { /// the TLB on an address space switch. const GLOBAL = 1 << 8; /// TDX shared bit. - #[cfg(feature = "intel_tdx")] + #[cfg(feature = "cvm_guest")] const SHARED = 1 << 51; /// Forbid execute codes on the page. The NXE bits in EFER msr must be set. const NO_EXECUTE = 1 << 63; @@ -138,7 +138,7 @@ pub fn current_page_table_paddr() -> Paddr { impl PageTableEntry { cfg_if! { - if #[cfg(feature = "intel_tdx")] { + if #[cfg(feature = "cvm_guest")] { const PHYS_ADDR_MASK: usize = 0x7_FFFF_FFFF_F000; } else { const PHYS_ADDR_MASK: usize = 0xF_FFFF_FFFF_F000; @@ -191,7 +191,7 @@ impl PageTableEntryTrait for PageTableEntry { | parse_flags!(self.0, PageTableFlags::DIRTY, PageFlags::DIRTY); let priv_flags = parse_flags!(self.0, PageTableFlags::USER, PrivFlags::USER) | parse_flags!(self.0, PageTableFlags::GLOBAL, PrivFlags::GLOBAL); - #[cfg(feature = "intel_tdx")] + #[cfg(feature = "cvm_guest")] let priv_flags = priv_flags | parse_flags!(self.0, PageTableFlags::SHARED, PrivFlags::SHARED); let cache = if self.0 & PageTableFlags::NO_CACHE.bits() != 0 { @@ -228,7 +228,7 @@ impl PageTableEntryTrait for PageTableEntry { PrivFlags::GLOBAL, PageTableFlags::GLOBAL ); - #[cfg(feature = "intel_tdx")] + #[cfg(feature = "cvm_guest")] { flags |= parse_flags!( prop.priv_flags.bits(), diff --git a/ostd/src/arch/x86/mod.rs b/ostd/src/arch/x86/mod.rs index 279dfcc90..51c181d1f 100644 --- a/ostd/src/arch/x86/mod.rs +++ b/ostd/src/arch/x86/mod.rs @@ -20,7 +20,7 @@ pub mod trap; use cfg_if::cfg_if; cfg_if! { - if #[cfg(feature = "intel_tdx")] { + if #[cfg(feature = "cvm_guest")] { pub(crate) mod tdx_guest; use { @@ -38,7 +38,7 @@ use core::{ use kernel::apic::ioapic; use log::{info, warn}; -#[cfg(feature = "intel_tdx")] +#[cfg(feature = "cvm_guest")] pub(crate) fn check_tdx_init() { match init_tdx() { Ok(td_info) => { @@ -86,7 +86,7 @@ pub(crate) fn init_on_bsp() { timer::init(); cfg_if! { - if #[cfg(feature = "intel_tdx")] { + if #[cfg(feature = "cvm_guest")] { if !tdx_is_enabled() { match iommu::init() { Ok(_) => {} diff --git a/ostd/src/arch/x86/tdx_guest.rs b/ostd/src/arch/x86/tdx_guest.rs index 28990ae8e..db66e4b36 100644 --- a/ostd/src/arch/x86/tdx_guest.rs +++ b/ostd/src/arch/x86/tdx_guest.rs @@ -484,7 +484,7 @@ pub unsafe fn protect_gpa_range(gpa: Paddr, page_num: usize) -> Result<(), PageC Ok(()) } -#[cfg(feature = "intel_tdx")] +#[cfg(feature = "cvm_guest")] impl TdxTrapFrame for TrapFrame { fn rax(&self) -> usize { self.rax diff --git a/ostd/src/arch/x86/trap.rs b/ostd/src/arch/x86/trap.rs index e54349dcc..349578a03 100644 --- a/ostd/src/arch/x86/trap.rs +++ b/ostd/src/arch/x86/trap.rs @@ -21,7 +21,7 @@ use crate::{ }; cfg_if! { - if #[cfg(feature = "intel_tdx")] { + if #[cfg(feature = "cvm_guest")] { use tdx_guest::{tdcall, tdx_is_enabled}; use crate::arch::{cpu::VIRTUALIZATION_EXCEPTION, tdx_guest::handle_virtual_exception}; } @@ -43,7 +43,7 @@ pub fn is_kernel_interrupted() -> bool { extern "sysv64" fn trap_handler(f: &mut TrapFrame) { if CpuException::is_cpu_exception(f.trap_num as u16) { match CpuException::to_cpu_exception(f.trap_num as u16).unwrap() { - #[cfg(feature = "intel_tdx")] + #[cfg(feature = "cvm_guest")] &VIRTUALIZATION_EXCEPTION => { let ve_info = tdcall::get_veinfo().expect("#VE handler: fail to get VE info\n"); handle_virtual_exception(f, &ve_info); @@ -139,7 +139,7 @@ fn handle_kernel_page_fault(f: &TrapFrame, page_fault_vaddr: u64) { let paddr = vaddr - LINEAR_MAPPING_BASE_VADDR; cfg_if! { - if #[cfg(feature = "intel_tdx")] { + if #[cfg(feature = "cvm_guest")] { let priv_flags = if tdx_is_enabled() { PrivFlags::SHARED | PrivFlags::GLOBAL } else { diff --git a/ostd/src/bus/mmio/mod.rs b/ostd/src/bus/mmio/mod.rs index a19d70cd1..8518e8c72 100644 --- a/ostd/src/bus/mmio/mod.rs +++ b/ostd/src/bus/mmio/mod.rs @@ -20,7 +20,7 @@ use crate::{ }; cfg_if! { - if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] { + if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] { use ::tdx_guest::tdx_is_enabled; use crate::arch::tdx_guest; } @@ -33,7 +33,7 @@ pub static MMIO_BUS: SpinLock = SpinLock::new(MmioBus::new()); static IRQS: SpinLock> = SpinLock::new(Vec::new()); pub(crate) fn init() { - #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] + #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] // SAFETY: // This is safe because we are ensuring that the address range 0xFEB0_0000 to 0xFEB0_4000 is valid before this operation. // The address range is page-aligned and falls within the MMIO range, which is a requirement for the `unprotect_gpa_range` function. diff --git a/ostd/src/bus/pci/capability/msix.rs b/ostd/src/bus/pci/capability/msix.rs index befb05cf3..420aa9cac 100644 --- a/ostd/src/bus/pci/capability/msix.rs +++ b/ostd/src/bus/pci/capability/msix.rs @@ -20,7 +20,7 @@ use crate::{ }; cfg_if! { - if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] { + if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] { use ::tdx_guest::tdx_is_enabled; use crate::arch::tdx_guest; } @@ -104,7 +104,7 @@ impl CapabilityMsixData { // Set message address 0xFEE0_0000 for i in 0..table_size { - #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] + #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] // SAFETY: // This is safe because we are ensuring that the physical address of the MSI-X table is valid before this operation. // We are also ensuring that we are only unprotecting a single page. diff --git a/ostd/src/lib.rs b/ostd/src/lib.rs index f99bb07ec..4c40790d6 100644 --- a/ostd/src/lib.rs +++ b/ostd/src/lib.rs @@ -63,7 +63,7 @@ pub fn init() { arch::enable_cpu_features(); arch::serial::init(); - #[cfg(feature = "intel_tdx")] + #[cfg(feature = "cvm_guest")] arch::check_tdx_init(); // SAFETY: This function is called only once and only on the BSP. diff --git a/ostd/src/mm/dma/dma_coherent.rs b/ostd/src/mm/dma/dma_coherent.rs index 41ed450c9..26148f4fc 100644 --- a/ostd/src/mm/dma/dma_coherent.rs +++ b/ostd/src/mm/dma/dma_coherent.rs @@ -19,7 +19,7 @@ use crate::{ }; cfg_if! { - if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] { + if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] { use ::tdx_guest::tdx_is_enabled; use crate::arch::tdx_guest; } @@ -78,7 +78,7 @@ impl DmaCoherent { } let start_daddr = match dma_type() { DmaType::Direct => { - #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] + #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] // SAFETY: // This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations. // The `check_and_insert_dma_mapping` function checks if the physical address range is already mapped. @@ -133,7 +133,7 @@ impl Drop for DmaCoherentInner { start_paddr.checked_add(frame_count * PAGE_SIZE).unwrap(); match dma_type() { DmaType::Direct => { - #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] + #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] // SAFETY: // This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations. // The `start_paddr()` ensures the `start_paddr` is page-aligned. diff --git a/ostd/src/mm/dma/dma_stream.rs b/ostd/src/mm/dma/dma_stream.rs index 273b5e00e..cb79910e7 100644 --- a/ostd/src/mm/dma/dma_stream.rs +++ b/ostd/src/mm/dma/dma_stream.rs @@ -16,7 +16,7 @@ use crate::{ }; cfg_if! { - if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] { + if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] { use ::tdx_guest::tdx_is_enabled; use crate::arch::tdx_guest; } @@ -72,7 +72,7 @@ impl DmaStream { start_paddr.checked_add(frame_count * PAGE_SIZE).unwrap(); let start_daddr = match dma_type() { DmaType::Direct => { - #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] + #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] // SAFETY: // This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations. // The `check_and_insert_dma_mapping` function checks if the physical address range is already mapped. @@ -177,7 +177,7 @@ impl Drop for DmaStreamInner { start_paddr.checked_add(frame_count * PAGE_SIZE).unwrap(); match dma_type() { DmaType::Direct => { - #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] + #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] // SAFETY: // This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations. // The `start_paddr()` ensures the `start_paddr` is page-aligned. diff --git a/ostd/src/mm/page_prop.rs b/ostd/src/mm/page_prop.rs index 1faa6abff..db02aa107 100644 --- a/ostd/src/mm/page_prop.rs +++ b/ostd/src/mm/page_prop.rs @@ -128,7 +128,7 @@ bitflags! { /// (TEE only) If the page is shared with the host. /// Otherwise the page is ensured confidential and not visible outside the guest. - #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] + #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] const SHARED = 0b10000000; } }