2021-07-19 13:21:07 +02:00
|
|
|
/*
|
|
|
|
|
* SGX EPC device
|
|
|
|
|
*
|
|
|
|
|
* Copyright (C) 2019 Intel Corporation
|
|
|
|
|
*
|
|
|
|
|
* Authors:
|
|
|
|
|
* Sean Christopherson <sean.j.christopherson@intel.com>
|
|
|
|
|
*
|
|
|
|
|
* This work is licensed under the terms of the GNU GPL, version 2 or later.
|
|
|
|
|
* See the COPYING file in the top-level directory.
|
|
|
|
|
*/
|
|
|
|
|
#ifndef QEMU_SGX_EPC_H
|
|
|
|
|
#define QEMU_SGX_EPC_H
|
|
|
|
|
|
|
|
|
|
#include "hw/i386/hostmem-epc.h"
|
|
|
|
|
|
|
|
|
|
#define TYPE_SGX_EPC "sgx-epc"
|
|
|
|
|
#define SGX_EPC(obj) \
|
|
|
|
|
OBJECT_CHECK(SGXEPCDevice, (obj), TYPE_SGX_EPC)
|
|
|
|
|
#define SGX_EPC_CLASS(oc) \
|
|
|
|
|
OBJECT_CLASS_CHECK(SGXEPCDeviceClass, (oc), TYPE_SGX_EPC)
|
|
|
|
|
#define SGX_EPC_GET_CLASS(obj) \
|
|
|
|
|
OBJECT_GET_CLASS(SGXEPCDeviceClass, (obj), TYPE_SGX_EPC)
|
|
|
|
|
|
|
|
|
|
#define SGX_EPC_ADDR_PROP "addr"
|
|
|
|
|
#define SGX_EPC_SIZE_PROP "size"
|
|
|
|
|
#define SGX_EPC_MEMDEV_PROP "memdev"
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* SGXEPCDevice:
|
|
|
|
|
* @addr: starting guest physical address, where @SGXEPCDevice is mapped.
|
|
|
|
|
* Default value: 0, means that address is auto-allocated.
|
|
|
|
|
* @hostmem: host memory backend providing memory for @SGXEPCDevice
|
|
|
|
|
*/
|
|
|
|
|
typedef struct SGXEPCDevice {
|
|
|
|
|
/* private */
|
|
|
|
|
DeviceState parent_obj;
|
|
|
|
|
|
|
|
|
|
/* public */
|
|
|
|
|
uint64_t addr;
|
|
|
|
|
HostMemoryBackendEpc *hostmem;
|
|
|
|
|
} SGXEPCDevice;
|
|
|
|
|
|
vl: Add sgx compound properties to expose SGX EPC sections to guest
Because SGX EPC is enumerated through CPUID, EPC "devices" need to be
realized prior to realizing the vCPUs themselves, i.e. long before
generic devices are parsed and realized. From a virtualization
perspective, the CPUID aspect also means that EPC sections cannot be
hotplugged without paravirtualizing the guest kernel (hardware does
not support hotplugging as EPC sections must be locked down during
pre-boot to provide EPC's security properties).
So even though EPC sections could be realized through the generic
-devices command, they need to be created much earlier for them to
actually be usable by the guest. Place all EPC sections in a
contiguous block, somewhat arbitrarily starting after RAM above 4g.
Ensuring EPC is in a contiguous region simplifies calculations, e.g.
device memory base, PCI hole, etc..., allows dynamic calculation of the
total EPC size, e.g. exposing EPC to guests does not require -maxmem,
and last but not least allows all of EPC to be enumerated in a single
ACPI entry, which is expected by some kernels, e.g. Windows 7 and 8.
The new compound properties command for sgx like below:
......
-object memory-backend-epc,id=mem1,size=28M,prealloc=on \
-object memory-backend-epc,id=mem2,size=10M \
-M sgx-epc.0.memdev=mem1,sgx-epc.1.memdev=mem2
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Yang Zhong <yang.zhong@intel.com>
Message-Id: <20210719112136.57018-6-yang.zhong@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-09-28 10:40:58 +02:00
|
|
|
/*
|
|
|
|
|
* @base: address in guest physical address space where EPC regions start
|
|
|
|
|
* @mr: address space container for memory devices
|
|
|
|
|
*/
|
|
|
|
|
typedef struct SGXEPCState {
|
|
|
|
|
uint64_t base;
|
|
|
|
|
uint64_t size;
|
|
|
|
|
|
|
|
|
|
MemoryRegion mr;
|
|
|
|
|
|
|
|
|
|
struct SGXEPCDevice **sections;
|
|
|
|
|
int nr_sections;
|
|
|
|
|
} SGXEPCState;
|
|
|
|
|
|
2021-07-19 13:21:15 +02:00
|
|
|
int sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size);
|
|
|
|
|
|
2021-07-19 13:21:20 +02:00
|
|
|
static inline uint64_t sgx_epc_above_4g_end(SGXEPCState *sgx_epc)
|
|
|
|
|
{
|
|
|
|
|
assert(sgx_epc != NULL && sgx_epc->base >= 0x100000000ULL);
|
|
|
|
|
|
|
|
|
|
return sgx_epc->base + sgx_epc->size;
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-19 13:21:07 +02:00
|
|
|
#endif
|