Samuka007/asterinas
1
0
Fork 0
mirror of https://github.com/asterinas/asterinas.git synced 2025-06-08 12:56:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make if_tdx_enabled macro x86-specific

Browse Source
This commit is contained in:
Zejun Zhao 2025-03-25 14:17:18 +08:00 committed by Tate, Hongliang Tian
parent dd67a9a175
commit e4aa261c48
14 changed files with 80 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
kernel/Cargo.toml
View File

@ -67,7 +67,6 @@ riscv = { version = "0.11.1", features = ["s-mode"] }
[features]
all = ["cvm_guest"]
cvm_guest = ["dep:tdx-guest", "ostd/cvm_guest"]
[lints]

16
kernel/src/device/mod.rs
View File

@ -1,7 +1,5 @@
// SPDX-License-Identifier: MPL-2.0
use cfg_if::cfg_if;
mod null;
mod pty;
mod random;
@ -10,15 +8,9 @@ pub mod tty;
mod urandom;
mod zero;
cfg_if! {
if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] {
mod tdxguest;
#[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))]
mod tdxguest;
pub use tdxguest::TdxGuest;
}
}
use ostd::if_tdx_enabled;
pub use pty::{new_pty_pair, PtyMaster, PtySlave};
pub use random::Random;
pub use urandom::Urandom;
@ -40,8 +32,8 @@ pub fn init() -> Result<()> {
add_node(console, "console")?;
let tty = Arc::new(tty::TtyDevice);
add_node(tty, "tty")?;
if_tdx_enabled!({
#[cfg(target_arch = "x86_64")]
#[cfg(target_arch = "x86_64")]
ostd::if_tdx_enabled!({
add_node(Arc::new(tdxguest::TdxGuest), "tdx_guest")?;
});
let random = Arc::new(random::Random);

5
ostd/src/arch/x86/boot/linux_boot/mod.rs
View File

@ -5,13 +5,14 @@
use linux_boot_params::{BootParams, E820Type, LINUX_BOOT_HEADER_MAGIC};
#[cfg(feature = "cvm_guest")]
use crate::arch::x86::init_cvm_guest;
use crate::{
arch::init_cvm_guest,
arch::x86::if_tdx_enabled,
boot::{
memory_region::{MemoryRegion, MemoryRegionArray, MemoryRegionType},
BootloaderAcpiArg, BootloaderFramebufferArg,
},
if_tdx_enabled,
mm::kspace::paddr_to_vaddr,
};

14
ostd/src/arch/x86/boot/smp.rs
View File

@ -30,18 +30,20 @@
use acpi::madt::MadtEntry;
use crate::{
arch::x86::kernel::{
acpi::get_acpi_tables,
apic::{
self, ApicId, DeliveryMode, DeliveryStatus, DestinationMode, DestinationShorthand, Icr,
Level, TriggerMode,
arch::{
if_tdx_enabled,
kernel::{
acpi::get_acpi_tables,
apic::{
self, ApicId, DeliveryMode, DeliveryStatus, DestinationMode, DestinationShorthand,
Icr, Level, TriggerMode,
},
},
},
boot::{
memory_region::{MemoryRegion, MemoryRegionType},
smp::PerApRawInfo,
},
if_tdx_enabled,
mm::{Paddr, PAGE_SIZE},
};

3
ostd/src/arch/x86/kernel/apic/ioapic.rs
View File

@ -15,8 +15,7 @@ use volatile::{
};
use crate::{
arch::{iommu::has_interrupt_remapping, x86::kernel::acpi::get_platform_info},
if_tdx_enabled,
arch::{if_tdx_enabled, iommu::has_interrupt_remapping, kernel::acpi::get_platform_info},
io::IoMemAllocatorBuilder,
mm::paddr_to_vaddr,
sync::SpinLock,

18
ostd/src/arch/x86/mod.rs
View File

@ -18,20 +18,12 @@ pub mod task;
pub mod timer;
pub mod trap;
use cfg_if::cfg_if;
use io::construct_io_mem_allocator_builder;
use spin::Once;
use x86::cpuid::{CpuId, FeatureInfo};
use crate::if_tdx_enabled;
cfg_if! {
if #[cfg(feature = "cvm_guest")] {
pub(crate) mod tdx_guest;
use ::tdx_guest::{init_tdx, tdcall::InitError};
}
}
#[cfg(feature = "cvm_guest")]
pub(crate) mod tdx_guest;
use core::{
arch::x86_64::{_rdrand64_step, _rdtsc},
@ -43,7 +35,7 @@ use log::{info, warn};
#[cfg(feature = "cvm_guest")]
pub(crate) fn init_cvm_guest() {
match init_tdx() {
match ::tdx_guest::init_tdx() {
Ok(td_info) => {
crate::early_println!(
"[kernel] Intel TDX initialized\n[kernel] td gpaw: {}, td attributes: {:?}",
@ -51,7 +43,7 @@ pub(crate) fn init_cvm_guest() {
td_info.attributes
);
}
Err(InitError::TdxGetVpInfoError(td_call_error)) => {
Err(::tdx_guest::tdcall::InitError::TdxGetVpInfoError(td_call_error)) => {
panic!(
"[kernel] Intel TDX not initialized, Failed to get TD info: {:?}",
td_call_error
@ -273,3 +265,5 @@ macro_rules! if_tdx_enabled {
}
}};
}
pub use if_tdx_enabled;

7
ostd/src/arch/x86/trap/mod.rs
View File

@ -27,9 +27,12 @@ use spin::Once;
use super::ex_table::ExTable;
use crate::{
arch::irq::{disable_local, enable_local},
arch::{
if_tdx_enabled,
irq::{disable_local, enable_local},
},
cpu::context::{CpuException, CpuExceptionInfo, PageFaultErrorCode},
cpu_local_cell, if_tdx_enabled,
cpu_local_cell,
mm::{
kspace::{KERNEL_PAGE_TABLE, LINEAR_MAPPING_BASE_VADDR, LINEAR_MAPPING_VADDR_RANGE},
page_prop::{CachePolicy, PageProperty},

37
ostd/src/bus/mmio/mod.rs
View File

@ -10,21 +10,13 @@ pub mod common_device;
use alloc::vec::Vec;
use core::ops::Range;
use cfg_if::cfg_if;
use log::debug;
use self::bus::MmioBus;
use crate::{
bus::mmio::common_device::MmioCommonDevice, if_tdx_enabled, mm::paddr_to_vaddr, sync::SpinLock,
trap::IrqLine,
bus::mmio::common_device::MmioCommonDevice, mm::paddr_to_vaddr, sync::SpinLock, trap::IrqLine,
};
cfg_if! {
if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] {
use crate::arch::tdx_guest;
}
}
const VIRTIO_MMIO_MAGIC: u32 = 0x74726976;
/// MMIO bus instance
@ -32,20 +24,21 @@ pub static MMIO_BUS: SpinLock<MmioBus> = SpinLock::new(MmioBus::new());
static IRQS: SpinLock<Vec<IrqLine>> = SpinLock::new(Vec::new());
pub(crate) fn init() {
if_tdx_enabled!({
#[cfg(target_arch = "x86_64")]
// SAFETY:
// This is safe because we are ensuring that the address range 0xFEB0_0000 to 0xFEB0_4000 is valid before this operation.
// The address range is page-aligned and falls within the MMIO range, which is a requirement for the `unprotect_gpa_range` function.
// We are also ensuring that we are only unprotecting four pages.
// Therefore, we are not causing any undefined behavior or violating any of the requirements of the `unprotect_gpa_range` function.
unsafe {
tdx_guest::unprotect_gpa_range(0xFEB0_0000, 4).unwrap();
}
});
// FIXME: The address 0xFEB0_0000 is obtained from an instance of microvm, and it may not work in other architecture.
#[cfg(target_arch = "x86_64")]
iter_range(0xFEB0_0000..0xFEB0_4000);
{
crate::arch::if_tdx_enabled!({
// SAFETY:
// This is safe because we are ensuring that the address range 0xFEB0_0000 to 0xFEB0_4000 is valid before this operation.
// The address range is page-aligned and falls within the MMIO range, which is a requirement for the `unprotect_gpa_range` function.
// We are also ensuring that we are only unprotecting four pages.
// Therefore, we are not causing any undefined behavior or violating any of the requirements of the `unprotect_gpa_range` function.
unsafe {
crate::arch::tdx_guest::unprotect_gpa_range(0xFEB0_0000, 4).unwrap();
}
});
// FIXME: The address 0xFEB0_0000 is obtained from an instance of microvm, and it may not work in other architecture.
iter_range(0xFEB0_0000..0xFEB0_4000);
}
}
#[cfg(target_arch = "x86_64")]

16
ostd/src/bus/pci/capability/msix.rs
View File

@ -7,8 +7,6 @@
use alloc::{sync::Arc, vec::Vec};
use cfg_if::cfg_if;
use crate::{
arch::iommu::has_interrupt_remapping,
bus::pci::{
@ -16,17 +14,10 @@ use crate::{
common_device::PciCommonDevice,
device_info::PciDeviceLocation,
},
if_tdx_enabled,
mm::VmIoOnce,
trap::IrqLine,
};
cfg_if! {
if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] {
use crate::arch::tdx_guest;
}
}
/// MSI-X capability. It will set the BAR space it uses to be hidden.
#[derive(Debug)]
#[repr(C)]
@ -108,8 +99,8 @@ impl CapabilityMsixData {
// Set message address 0xFEE0_0000
for i in 0..table_size {
if_tdx_enabled!({
#[cfg(target_arch = "x86_64")]
#[cfg(target_arch = "x86_64")]
crate::arch::if_tdx_enabled!({
// SAFETY:
// This is safe because we are ensuring that the physical address of the MSI-X table is valid before this operation.
// We are also ensuring that we are only unprotecting a single page.
@ -119,7 +110,8 @@ impl CapabilityMsixData {
// In addition, due to granularity, the minimum value that can be set here is only one page.
// Therefore, we are not causing any undefined behavior or violating any of the requirements of the `unprotect_gpa_range` function.
unsafe {
tdx_guest::unprotect_gpa_range(table_bar.io_mem().paddr(), 1).unwrap();
crate::arch::tdx_guest::unprotect_gpa_range(table_bar.io_mem().paddr(), 1)
.unwrap();
}
});
// Set message address and disable this msix entry

10
ostd/src/console.rs
View File

@ -4,10 +4,7 @@
use core::fmt::{self, Arguments, Write};
use crate::{
if_tdx_enabled,
sync::{LocalIrqDisabled, SpinLock},
};
use crate::sync::{LocalIrqDisabled, SpinLock};
struct Stdout;
@ -24,13 +21,16 @@ static STDOUT: SpinLock<Stdout, LocalIrqDisabled> = SpinLock::new(Stdout);
/// Prints formatted arguments to the console.
pub fn early_print(args: Arguments) {
if_tdx_enabled!({
#[cfg(target_arch = "x86_64")]
crate::arch::if_tdx_enabled!({
// Hold the lock to prevent the logs from interleaving.
let _guard = STDOUT.lock();
tdx_guest::print(args);
} else {
STDOUT.lock().write_fmt(args).unwrap();
});
#[cfg(not(target_arch = "x86_64"))]
crate::arch::serial::print(args);
}
/// Prints to the console.

16
ostd/src/io/io_mem/mod.rs
View File

@ -11,7 +11,6 @@ use align_ext::AlignExt;
pub(super) use self::allocator::init;
pub(crate) use self::allocator::IoMemAllocatorBuilder;
use crate::{
if_tdx_enabled,
mm::{
kspace::kvirt_area::{KVirtArea, Untracked},
page_prop::{CachePolicy, PageFlags, PageProperty, PrivilegedPageFlags},
@ -87,11 +86,18 @@ impl IoMem {
let first_page_start = range.start.align_down(PAGE_SIZE);
let last_page_end = range.end.align_up(PAGE_SIZE);
let priv_flags = if_tdx_enabled!({
PrivilegedPageFlags::SHARED
} else {
let priv_flags = {
#[cfg(target_arch = "x86_64")]
{
crate::arch::if_tdx_enabled!({
PrivilegedPageFlags::SHARED
} else {
PrivilegedPageFlags::empty()
})
}
#[cfg(not(target_arch = "x86_64"))]
PrivilegedPageFlags::empty()
});
};
let prop = PageProperty {
flags,

9
ostd/src/lib.rs
View File

@ -76,11 +76,13 @@ unsafe fn init() {
unsafe {
mm::frame::allocator::init_early_allocator();
}
if_tdx_enabled!({
#[cfg(target_arch = "x86_64")]
arch::if_tdx_enabled!({
} else {
arch::serial::init();
});
#[cfg(not(target_arch = "x86_64"))]
arch::serial::init();
logger::init();
@ -107,7 +109,8 @@ unsafe fn init() {
unsafe { arch::late_init_on_bsp() };
if_tdx_enabled!({
#[cfg(target_arch = "x86_64")]
arch::if_tdx_enabled!({
arch::serial::init();
});

9
ostd/src/mm/dma/dma_coherent.rs
View File

@ -8,7 +8,6 @@ use cfg_if::cfg_if;
use super::{check_and_insert_dma_mapping, remove_dma_mapping, DmaError, HasDaddr};
use crate::{
arch::iommu,
if_tdx_enabled,
mm::{
dma::{dma_type, Daddr, DmaType},
io::VmIoOnce,
@ -75,8 +74,8 @@ impl DmaCoherent {
}
let start_daddr = match dma_type() {
DmaType::Direct => {
if_tdx_enabled!({
#[cfg(target_arch = "x86_64")]
#[cfg(target_arch = "x86_64")]
crate::arch::if_tdx_enabled!({
// SAFETY:
// This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations.
// The `check_and_insert_dma_mapping` function checks if the physical address range is already mapped.
@ -135,8 +134,8 @@ impl Drop for DmaCoherentInner {
start_paddr.checked_add(frame_count * PAGE_SIZE).unwrap();
match dma_type() {
DmaType::Direct => {
if_tdx_enabled!({
#[cfg(target_arch = "x86_64")]
#[cfg(target_arch = "x86_64")]
crate::arch::if_tdx_enabled!({
// SAFETY:
// This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations.
// The `start_paddr()` ensures the `start_paddr` is page-aligned.

23
ostd/src/mm/dma/dma_stream.rs
View File

@ -3,25 +3,16 @@
use alloc::sync::Arc;
use core::ops::Range;
use cfg_if::cfg_if;
use super::{check_and_insert_dma_mapping, remove_dma_mapping, DmaError, HasDaddr};
use crate::{
arch::iommu,
error::Error,
if_tdx_enabled,
mm::{
dma::{dma_type, Daddr, DmaType},
HasPaddr, Infallible, Paddr, USegment, UntypedMem, VmIo, VmReader, VmWriter, PAGE_SIZE,
},
};
cfg_if! {
if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] {
use crate::arch::tdx_guest;
}
}
/// A streaming DMA mapping. Users must synchronize data
/// before reading or after writing to ensure consistency.
///
@ -72,15 +63,16 @@ impl DmaStream {
start_paddr.checked_add(frame_count * PAGE_SIZE).unwrap();
let start_daddr = match dma_type() {
DmaType::Direct => {
if_tdx_enabled!({
#[cfg(target_arch = "x86_64")]
#[cfg(target_arch = "x86_64")]
crate::arch::if_tdx_enabled!({
// SAFETY:
// This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations.
// The `check_and_insert_dma_mapping` function checks if the physical address range is already mapped.
// We are also ensuring that we are only modifying the page table entries corresponding to the physical address range specified by `start_paddr` and `frame_count`.
// Therefore, we are not causing any undefined behavior or violating any of the requirements of the 'unprotect_gpa_range' function.
unsafe {
tdx_guest::unprotect_gpa_range(start_paddr, frame_count).unwrap();
crate::arch::tdx_guest::unprotect_gpa_range(start_paddr, frame_count)
.unwrap();
}
});
start_paddr as Daddr
@ -182,15 +174,16 @@ impl Drop for DmaStreamInner {
start_paddr.checked_add(frame_count * PAGE_SIZE).unwrap();
match dma_type() {
DmaType::Direct => {
if_tdx_enabled!({
#[cfg(target_arch = "x86_64")]
#[cfg(target_arch = "x86_64")]
crate::arch::if_tdx_enabled!({
// SAFETY:
// This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations.
// The `start_paddr()` ensures the `start_paddr` is page-aligned.
// We are also ensuring that we are only modifying the page table entries corresponding to the physical address range specified by `start_paddr` and `frame_count`.
// Therefore, we are not causing any undefined behavior or violating any of the requirements of the `protect_gpa_range` function.
unsafe {
tdx_guest::protect_gpa_range(start_paddr, frame_count).unwrap();
crate::arch::tdx_guest::protect_gpa_range(start_paddr, frame_count)
.unwrap();
}
});
}