89 lines
2.8 KiB
Diff
89 lines
2.8 KiB
Diff
From b7e8674a1d3d577a3e88e95d2dab6aac626eca41 Mon Sep 17 00:00:00 2001
|
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
|
Date: Fri, 18 Jul 2025 18:03:48 +0200
|
|
Subject: [PATCH 083/115] i386/tdx: Validate phys_bits against host value
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
RH-Author: Paolo Bonzini <pbonzini@redhat.com>
|
|
RH-MergeRequest: 391: TDX support, including attestation and device assignment
|
|
RH-Jira: RHEL-15710 RHEL-20798 RHEL-49728
|
|
RH-Acked-by: Yash Mankad <None>
|
|
RH-Acked-by: Peter Xu <peterx@redhat.com>
|
|
RH-Acked-by: David Hildenbrand <david@redhat.com>
|
|
RH-Commit: [83/115] 42a17d80e8c176a2dc4e2d3da0ea74f7fdb85577 (bonzini/rhel-qemu-kvm)
|
|
|
|
For TDX guest, the phys_bits is not configurable and can only be
|
|
host/native value.
|
|
|
|
Validate phys_bits inside tdx_check_features().
|
|
|
|
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
|
|
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
|
|
Link: https://lore.kernel.org/r/20250508150002.689633-55-xiaoyao.li@intel.com
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
(cherry picked from commit 907ee7b67e50a7eea2768c66e3ad67c9aa4ffd3c)
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
---
|
|
target/i386/host-cpu.c | 2 +-
|
|
target/i386/host-cpu.h | 1 +
|
|
target/i386/kvm/tdx.c | 8 ++++++++
|
|
3 files changed, 10 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/target/i386/host-cpu.c b/target/i386/host-cpu.c
|
|
index 4a77ecc1fc..4ab536ab80 100644
|
|
--- a/target/i386/host-cpu.c
|
|
+++ b/target/i386/host-cpu.c
|
|
@@ -15,7 +15,7 @@
|
|
#include "sysemu/sysemu.h"
|
|
|
|
/* Note: Only safe for use on x86(-64) hosts */
|
|
-static uint32_t host_cpu_phys_bits(void)
|
|
+uint32_t host_cpu_phys_bits(void)
|
|
{
|
|
uint32_t eax;
|
|
uint32_t host_phys_bits;
|
|
diff --git a/target/i386/host-cpu.h b/target/i386/host-cpu.h
|
|
index 6a9bc918ba..b97ec01c9b 100644
|
|
--- a/target/i386/host-cpu.h
|
|
+++ b/target/i386/host-cpu.h
|
|
@@ -10,6 +10,7 @@
|
|
#ifndef HOST_CPU_H
|
|
#define HOST_CPU_H
|
|
|
|
+uint32_t host_cpu_phys_bits(void);
|
|
void host_cpu_instance_init(X86CPU *cpu);
|
|
void host_cpu_max_instance_init(X86CPU *cpu);
|
|
bool host_cpu_realizefn(CPUState *cs, Error **errp);
|
|
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
|
|
index 3ec31d4872..b9c3ba3725 100644
|
|
--- a/target/i386/kvm/tdx.c
|
|
+++ b/target/i386/kvm/tdx.c
|
|
@@ -25,6 +25,7 @@
|
|
|
|
#include "cpu.h"
|
|
#include "cpu-internal.h"
|
|
+#include "host-cpu.h"
|
|
#include "hw/i386/e820_memory_layout.h"
|
|
#include "hw/i386/tdvf.h"
|
|
#include "hw/i386/x86.h"
|
|
@@ -879,6 +880,13 @@ static int tdx_check_features(X86ConfidentialGuest *cg, CPUState *cs)
|
|
return -EINVAL;
|
|
}
|
|
|
|
+ if (cpu->phys_bits != host_cpu_phys_bits()) {
|
|
+ error_report("TDX requires guest CPU physical bits (%u) "
|
|
+ "to match host CPU physical bits (%u)",
|
|
+ cpu->phys_bits, host_cpu_phys_bits());
|
|
+ return -EINVAL;
|
|
+ }
|
|
+
|
|
return 0;
|
|
}
|
|
|
|
--
|
|
2.50.1
|
|
|