Skip to content

Commit

Permalink
deps: upgrade td-shim
Browse files Browse the repository at this point in the history 
Signed-off-by: Jiaqi Gao <[email protected]>
  • Loading branch information
@gaojiaqi7
gaojiaqi7 committed Dec 26, 2024
1 parent c14bcb3 commit 2efdd71
Show file tree
Hide file tree
Showing 15 changed files with 106 additions and 87 deletions.
39 changes: 4 additions & 35 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion deps/td-shim
Submodule td-shim updated 87 files
+10 −2 .github/workflows/deny.yml
+4 −14 .github/workflows/devtools.yml
+9 −17 .github/workflows/format.yml
+5 −18 .github/workflows/fuzz.yml
+4 −7 .github/workflows/integration-tdx.yml
+5 −10 .github/workflows/integration.yml
+9 −28 .github/workflows/library.yml
+7 −18 .github/workflows/main.yml
+2 −2 .github/workflows/oss-fuzz.yml
+5 −10 .github/workflows/release.yaml
+46 −0 .github/workflows/trivy.yml
+26 −29 Cargo.lock
+11 −25 Makefile
+7 −12 README.md
+6 −6 devtools/Makefile
+2 −4 devtools/dev_container/Dockerfile
+1 −1 devtools/td-layout-config/config_image.json
+4 −0 devtools/td-layout-config/src/image.rs
+4 −0 devtools/td-layout-config/src/memory.rs
+1 −1 devtools/test-runner-client/Cargo.toml
+2 −2 doc/secure_boot_guide.md
+2 −1 doc/test_with_td_payload.md
+1 −1 rust-toolchain
+2 −2 sh_script/build_final.sh
+6 −0 sh_script/fuzzing.sh
+28 −13 sh_script/integration_tdx.sh
+72 −8 sh_script/launch-rust-td.sh
+5 −0 sh_script/preparation.sh
+1 −1 td-exception/Cargo.toml
+63 −0 td-exception/src/asm/handler.asm
+7 −0 td-exception/src/asm/mod.rs
+8 −38 td-exception/src/idt.rs
+151 −185 td-exception/src/interrupt.rs
+6 −1 td-exception/src/lib.rs
+25 −25 td-layout/src/build_time.rs
+8 −8 td-layout/src/runtime/exec.rs
+12 −12 td-layout/src/runtime/linux.rs
+4 −0 td-layout/src/runtime/mod.rs
+1 −0 td-loader/fuzz/Cargo.toml
+1 −1 td-paging/Cargo.toml
+1 −1 td-payload/Cargo.toml
+4 −0 td-payload/src/arch/mod.rs
+3 −58 td-payload/src/arch/x86_64/apic.rs
+1 −0 td-payload/src/arch/x86_64/idt.rs
+14 −4 td-payload/src/arch/x86_64/init.rs
+0 −1 td-payload/src/bin/example/main.rs
+1 −2 td-payload/src/lib.rs
+5 −14 td-payload/src/mm/heap.rs
+20 −15 td-payload/src/mm/shared.rs
+1 −1 td-shim-interface/Cargo.toml
+6 −6 td-shim-interface/README.md
+1 −0 td-shim-interface/fuzz/Cargo.toml
+97 −22 td-shim-interface/src/td_uefi_pi/fv.rs
+36 −21 td-shim-interface/src/td_uefi_pi/pi/fv.rs
+4 −0 td-shim-interface/src/td_uefi_pi/pi/guid.rs
+40 −23 td-shim-tools/src/bin/td-payload-reference-calculator/main.rs
+1 −1 td-shim-tools/src/linker.rs
+8 −0 td-shim-tools/src/tee_info_hash.rs
+2 −3 td-shim/Cargo.toml
+1 −19 td-shim/ResetVector/Ia32/Flat32ToFlat64.asm
+2 −2 td-shim/build.rs
+1 −0 td-shim/fuzz/Cargo.toml
+16 −7 td-shim/src/bin/td-shim/acpi.rs
+56 −28 td-shim/src/bin/td-shim/e820.rs
+0 −9 td-shim/src/bin/td-shim/main.rs
+6 −0 td-shim/src/bin/td-shim/memory.rs
+4 −0 td-shim/src/bin/td-shim/payload_hob.rs
+4 −31 td-shim/src/bin/td-shim/td/tdx_mailbox.rs
+0 −3 td-shim/src/lib.rs
+28 −16 td-shim/src/secure_boot.rs
+25 −0 tdx-tdcall/CHANGELOG.md
+5 −2 tdx-tdcall/Cargo.toml
+16 −0 tdx-tdcall/README.md
+9 −4 tdx-tdcall/src/asm/tdcall.asm
+15 −6 tdx-tdcall/src/lib.rs
+10 −87 tdx-tdcall/src/tdreport.rs
+281 −13 tdx-tdcall/src/tdx.rs
+1 −1 tests/test-td-paging/Cargo.toml
+13 −4 tests/test-td-payload/config/test_config_1.json
+13 −4 tests/test-td-payload/config/test_config_2.json
+13 −4 tests/test-td-payload/config/test_config_3.json
+13 −4 tests/test-td-payload/config/test_config_4.json
+13 −4 tests/test-td-payload/config/test_config_5.json
+8 −2 tests/test-td-payload/src/main.rs
+100 −0 tests/test-td-payload/src/testmsrrw.rs
+15 −2 tests/test-td-payload/src/testtdinfo.rs
+2 −2 xtask/src/build.rs
17 changes: 12 additions & 5 deletions src/attestation/src/ghci.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@
use core::sync::atomic::{AtomicU8, Ordering};
use core::{ffi::c_void, slice::from_raw_parts_mut};
use td_payload::arch::apic::{disable, enable_and_hlt};
use td_payload::arch::idt::register;
use td_payload::{interrupt_handler_template, mm::shared::SharedMemory};
use td_payload::arch::idt::{register_interrupt_callback, InterruptCallback, InterruptStack};
use td_payload::mm::shared::SharedMemory;
use tdx_tdcall::tdx::tdvmcall_get_quote;

use crate::binding::AttestLibError;
Expand Down Expand Up @@ -46,13 +46,20 @@ pub extern "C" fn servtd_get_quote(tdquote_req_buf: *mut c_void, len: u64) -> i3
0
}

interrupt_handler_template!(vmm_notification, _stack, {
fn vmm_notification(_: &mut InterruptStack) {
NOTIFIER.store(NOTIFY_VALUE, Ordering::SeqCst);
});
}

pub fn set_vmm_notification() {
// Setup interrupt handler
register(NOTIFY_VECTOR, vmm_notification);
if register_interrupt_callback(
NOTIFY_VECTOR as usize,
InterruptCallback::new(vmm_notification),
)
.is_err()
{
panic!("Fail to setup interrupt callback for VMM notify\n");
}

// Setup event notifier
if tdx_tdcall::tdx::tdvmcall_setup_event_notify(NOTIFY_VECTOR as u64).is_err() {
Expand Down
15 changes: 9 additions & 6 deletions src/devices/virtio_serial/src/event.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,18 @@
//
// SPDX-License-Identifier: BSD-2-Clause-Patent

use core::sync::atomic::{AtomicBool, Ordering};
use core::{
result::Result,
sync::atomic::{AtomicBool, Ordering},
};
pub use td_payload::arch::apic::*;
use td_payload::arch::idt::register;
pub use td_payload::interrupt_handler_template;
use td_payload::arch::idt::{register_interrupt_callback, InterruptCallback, InterruptStack};

use crate::Timer;
use crate::{Timer, VirtioSerialError};

pub fn register_callback(vector: u8, cb: unsafe extern "C" fn()) {
register(vector, cb);
pub fn register_callback(vector: u8, cb: fn(&mut InterruptStack)) -> Result<(), VirtioSerialError> {
register_interrupt_callback(vector as usize, InterruptCallback::new(cb))
.map_err(|_| VirtioSerialError::Interrupt)
}

pub fn wait_for_event(event_flag: &AtomicBool, timer: &dyn Timer) -> bool {
Expand Down
10 changes: 7 additions & 3 deletions src/devices/virtio_serial/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ use core::slice::{from_raw_parts, from_raw_parts_mut};
use core::sync::atomic::{AtomicBool, Ordering};
use lazy_static::lazy_static;
use spin::{Mutex, Once};
use td_payload::arch::idt::InterruptStack;
use virtio::{consts::*, virtqueue::*, VirtioError, VirtioTransport};

use rust_std_stub::{error, io};
Expand Down Expand Up @@ -65,6 +66,8 @@ pub enum VirtioSerialError {
PortNotAvailable(u32),
// The port is already occupied
PortAlreadyUsed(u32),
/// Configure device interrupt
Interrupt,
}

impl Display for VirtioSerialError {
Expand All @@ -78,6 +81,7 @@ impl Display for VirtioSerialError {
VirtioSerialError::Timeout => write!(f, "Timeout"),
VirtioSerialError::PortNotAvailable(e) => write!(f, "PortNotAvailable: 0x{:x}", e),
VirtioSerialError::PortAlreadyUsed(e) => write!(f, "PortAlreadyUsed: 0x{:x}", e),
VirtioSerialError::Interrupt => write!(f, "Interrupt"),
}
}
}
Expand Down Expand Up @@ -393,7 +397,7 @@ impl VirtioSerial {
}

fn init_notification(&mut self) -> Result<()> {
register_callback(IRQ_VECTOR, serial_event_callback);
register_callback(IRQ_VECTOR, serial_event_callback)?;
let transport = self.virtio.as_mut();

let irq_index = transport.set_interrupt_vector(IRQ_VECTOR)?;
Expand Down Expand Up @@ -873,6 +877,6 @@ pub(crate) fn align_up(size: usize) -> usize {
(size & !(PAGE_SIZE - 1)) + if size % PAGE_SIZE != 0 { PAGE_SIZE } else { 0 }
}

interrupt_handler_template!(serial_event_callback, _stack, {
fn serial_event_callback(_: &mut InterruptStack) {
IRQ_FLAG.store(true, Ordering::SeqCst);
});
}
24 changes: 18 additions & 6 deletions src/devices/vsock/src/transport/event.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,19 +2,31 @@
//
// SPDX-License-Identifier: BSD-2-Clause-Patent

use super::VsockTransportError;

use core::result::Result;
use core::sync::atomic::{AtomicBool, Ordering};
pub use td_payload::arch::apic::*;
use td_payload::arch::idt::register;
pub use td_payload::interrupt_handler_template;
use td_payload::arch::apic::*;
use td_payload::arch::idt::{register_interrupt_callback, InterruptCallback, InterruptStack};

use crate::VsockTimeout;

#[cfg(not(feature = "fuzz"))]
pub fn register_callback(vector: u8, cb: unsafe extern "C" fn()) {
register(vector, cb);
pub fn register_callback(
vector: u8,
cb: fn(&mut InterruptStack),
) -> Result<(), VsockTransportError> {
register_interrupt_callback(vector as usize, InterruptCallback::new(cb))
.map_err(|_| VsockTransportError::Interrupt)
}

#[cfg(feature = "fuzz")]
pub fn register_callback(vector: u8, cb: unsafe extern "C" fn()) {}
pub fn register_callback(
vector: u8,
cb: fn(&mut InterruptStack),
) -> Result<(), VsockTransportError> {
Ok(())
}

pub fn wait_for_event(event_flag: &AtomicBool, timer: &dyn VsockTimeout) -> bool {
while !event_flag.load(Ordering::SeqCst) {
Expand Down
2 changes: 2 additions & 0 deletions src/devices/vsock/src/transport/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ pub enum VsockTransportError {
Timeout,
InvalidParameter,
InvalidVsockPacket,
Interrupt,
}

impl Display for VsockTransportError {
Expand All @@ -50,6 +51,7 @@ impl Display for VsockTransportError {
VsockTransportError::Virtio(e) => write!(f, "Virtio: {}", e),
#[cfg(feature = "vmcall-vsock")]
VsockTransportError::Vmcall(_) => write!(f, "Vmcall"),
VsockTransportError::Interrupt => write!(f, "Interrupt"),
}
}
}
Expand Down
19 changes: 10 additions & 9 deletions src/devices/vsock/src/transport/virtio_pci.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ use alloc::vec::Vec;
use core::cell::RefCell;
use core::ptr::{slice_from_raw_parts, slice_from_raw_parts_mut};
use core::sync::atomic::{AtomicBool, Ordering};
use td_payload::arch::idt::InterruptStack;
use virtio::virtqueue::{VirtQueue, VirtQueueLayout, VirtqueueBuf};
use virtio::{consts::*, VirtioError, VirtioTransport};

Expand Down Expand Up @@ -129,9 +130,9 @@ impl VirtioVsock {
let irq_index_tx = transport.set_interrupt_vector(TX_VECTOR)?;
Self::set_queue_notify(transport, QUEUE_TX, irq_index_tx)?;

register_callback(RX_VECTOR, rx_callback);
register_callback(TX_VECTOR, tx_callback);
register_callback(CONFIG_VECTOR, config_callback);
register_callback(RX_VECTOR, rx_callback)?;
register_callback(TX_VECTOR, tx_callback)?;
register_callback(CONFIG_VECTOR, config_callback)?;

Ok(Self {
virtio_transport,
Expand Down Expand Up @@ -444,14 +445,14 @@ impl Drop for VirtioVsock {
}
}

interrupt_handler_template!(rx_callback, _stack, {
fn rx_callback(_: &mut InterruptStack) {
RX_FLAG.store(true, Ordering::SeqCst);
});
}

interrupt_handler_template!(tx_callback, _stack, {
fn tx_callback(_: &mut InterruptStack) {
TX_FLAG.store(true, Ordering::SeqCst);
});
}

interrupt_handler_template!(config_callback, _stack, {
fn config_callback(_: &mut InterruptStack) {
CONFIG_FLAG.store(true, Ordering::SeqCst);
});
}
9 changes: 4 additions & 5 deletions src/devices/vsock/src/transport/vmcall.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,9 @@ use super::Result;
use alloc::boxed::Box;
use alloc::collections::BTreeMap;
use alloc::vec::Vec;
use core::arch::asm;
use core::convert::TryInto;
use core::sync::atomic::{AtomicBool, Ordering};
use td_payload::{eoi, interrupt_handler_template};
use td_payload::arch::idt::InterruptStack;
use td_shim_interface::td_uefi_pi::pi::guid;
use tdx_tdcall::tdx;

Expand Down Expand Up @@ -54,7 +53,7 @@ impl VmcallVsock {
dma_allocator: Box<dyn VsockDmaPageAllocator>,
timer: Box<dyn VsockTimeout>,
) -> Result<Self> {
register_callback(VMCALL_VECTOR, vmcall_notification);
register_callback(VMCALL_VECTOR, vmcall_notification)?;

Ok(Self {
mid,
Expand Down Expand Up @@ -406,9 +405,9 @@ impl<'a> Response<'a> {
}
}

interrupt_handler_template!(vmcall_notification, _stack, {
fn vmcall_notification(_: &mut InterruptStack) {
VMCALL_FLAG.store(true, Ordering::SeqCst);
});
}

fn speculation_barrier() {
unsafe { core::arch::x86_64::_mm_lfence() };
Expand Down
12 changes: 7 additions & 5 deletions src/migtd/src/driver/timer.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,7 @@

use core::sync::atomic::{AtomicBool, Ordering};
use td_payload::arch::apic::*;
use td_payload::arch::idt::register;
use td_payload::interrupt_handler_template;
use td_payload::arch::idt::{register_interrupt_callback, InterruptCallback, InterruptStack};

/// A simple apic timer notification handler used to handle the
/// time out events
Expand All @@ -15,9 +14,9 @@ static TIMEOUT_FLAG: AtomicBool = AtomicBool::new(false);
const TIMEOUT_VECTOR: u8 = 33;
const CPUID_TSC_DEADLINE_BIT: u32 = 1 << 24;

interrupt_handler_template!(timer, _stack, {
fn timer_handler(_stack: &mut InterruptStack) {
TIMEOUT_FLAG.store(true, Ordering::SeqCst);
});
}

pub fn init_timer() {
let cpuid = unsafe { core::arch::x86_64::__cpuid_count(0x1, 0) };
Expand Down Expand Up @@ -58,5 +57,8 @@ fn apic_timer_lvtt_setup(vector: u8) {

fn set_timer_notification(vector: u8) {
// Setup interrupt handler
register(vector, timer);
if register_interrupt_callback(vector as usize, InterruptCallback::new(timer_handler)).is_err()
{
panic!("Failed to set interrupt callback for timer");
}
}
2 changes: 1 addition & 1 deletion src/migtd/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ pub extern "C" fn _start(hob: u64, payload: u64) -> ! {
shadow_stack_size: DEFAULT_SHADOW_STACK_SIZE,
};

arch::init::pre_init(hob as u64, &layout);
arch::init::pre_init(hob as u64, &layout, true);

// Init internal heap
#[cfg(not(feature = "test_disable_ra_and_accept_all"))]
Expand Down
16 changes: 11 additions & 5 deletions src/migtd/src/migration/event.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,24 @@

use core::sync::atomic::{AtomicBool, Ordering};
use td_payload::arch::apic::*;
use td_payload::arch::idt::register;
use td_payload::interrupt_handler_template;
use td_payload::arch::idt::{register_interrupt_callback, InterruptCallback, InterruptStack};

pub const VMCALL_SERVICE_VECTOR: u8 = 0x50;
pub static VMCALL_SERVICE_FLAG: AtomicBool = AtomicBool::new(false);

interrupt_handler_template!(vmcall_service_callback, _stack, {
fn vmcall_service_callback(_stack: &mut InterruptStack) {
VMCALL_SERVICE_FLAG.store(true, Ordering::SeqCst);
});
}

pub fn register_callback() {
register(VMCALL_SERVICE_VECTOR, vmcall_service_callback);
if register_interrupt_callback(
VMCALL_SERVICE_VECTOR as usize,
InterruptCallback::new(vmcall_service_callback),
)
.is_err()
{
panic!("Failed to set interrupt callback for VMCALL_SERVICE");
}
}

pub fn wait_for_event(event_flag: &AtomicBool) {
Expand Down
Loading

0 comments on commit 2efdd71

Please sign in to comment.