Skip to content

Commit

Permalink
Add CCA feature
Browse files Browse the repository at this point in the history 
This is WIP

Signed-off-by: Matias Ezequiel Vara Larsen <[email protected]>
  • Loading branch information
@MatiasVara
MatiasVara committed Aug 9, 2024
1 parent 86f75cd commit b47ef94
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 4 deletions.
3 changes: 3 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,9 @@ ifeq ($(SEV),1)
INIT_SRC += $(SNP_INIT_SRC)
BUILD_INIT = 0
endif
ifeq ($(CCA), 1)
FEATURE_FLAGS := --features cca
endif
ifeq ($(GPU),1)
FEATURE_FLAGS += --features gpu
endif
Expand Down
28 changes: 26 additions & 2 deletions src/vmm/src/builder.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ use std::io;
use std::os::fd::AsRawFd;
use std::path::PathBuf;
use std::sync::{Arc, Mutex};
use std::cmp::max;

use super::{Error, Vmm};

Expand Down Expand Up @@ -68,7 +69,7 @@ use vm_memory::mmap::MmapRegion;
#[cfg(any(target_arch = "aarch64", feature = "tee"))]
use vm_memory::Bytes;
use vm_memory::GuestMemory;
use vm_memory::{GuestAddress, GuestMemoryMmap};
use vm_memory::{GuestAddress, GuestMemoryMmap, GuestMemoryRegion, Address};

#[cfg(feature = "efi")]
static EDK2_BINARY: &[u8] = include_bytes!("../../../edk2/KRUN_EFI.silent.fd");
Expand Down Expand Up @@ -809,7 +810,7 @@ fn load_cmdline(vmm: &Vmm) -> std::result::Result<(), StartMicrovmError> {
.map_err(StartMicrovmError::LoadCommandline)
}

#[cfg(all(target_os = "linux", not(feature = "tee")))]
#[cfg(all(target_os = "linux", not(feature = "tee"), not(feature = "cca")))]
pub(crate) fn setup_vm(
guest_memory: &GuestMemoryMmap,
) -> std::result::Result<Vm, StartMicrovmError> {
Expand All @@ -824,6 +825,29 @@ pub(crate) fn setup_vm(
.map_err(StartMicrovmError::Internal)?;
Ok(vm)
}
#[cfg(all(target_os = "linux", feature = "cca"))]
pub(crate) fn setup_vm(
guest_memory: &GuestMemoryMmap,
) -> std::result::Result<Vm, StartMicrovmError> {
let kvm = KvmContext::new()
.map_err(Error::KvmContext)
.map_err(StartMicrovmError::Internal)?;

// calculate max_addr for max_ipa
let mut max_addr = 0;
for (_index, region) in guest_memory.iter().enumerate() {
max_addr = max(max_addr, region.start_addr().raw_value() + region.len());
}

let mut vm = Vm::new(kvm.fd(), max_addr as usize)
.map_err(Error::Vm)
.map_err(StartMicrovmError::Internal)?;

vm.memory_init(guest_memory, kvm.max_memslots(), true)
.map_err(Error::Vm)
.map_err(StartMicrovmError::Internal)?;
Ok(vm)
}
#[cfg(all(target_os = "linux", feature = "tee"))]
pub(crate) fn setup_vm(
kvm: &KvmContext,
Expand Down
18 changes: 16 additions & 2 deletions src/vmm/src/linux/vstate.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ use std::cell::Cell;
use std::fmt::{Display, Formatter};
use std::io;
use std::os::fd::RawFd;
use std::cmp::max;

#[cfg(feature = "tee")]
use std::os::unix::io::RawFd;
Expand Down Expand Up @@ -49,7 +50,7 @@ use kvm_bindings::{
};
use kvm_bindings::{
kvm_create_guest_memfd, kvm_userspace_memory_region, kvm_userspace_memory_region2,
KVM_API_VERSION, KVM_MEM_GUEST_MEMFD,
KVM_API_VERSION, KVM_MEM_GUEST_MEMFD, KVM_VM_TYPE_ARM_REALM, KVM_VM_TYPE_ARM_IPA_SIZE_MASK
};
use kvm_ioctls::*;
use utils::eventfd::EventFd;
Expand Down Expand Up @@ -487,7 +488,7 @@ pub struct Vm {

impl Vm {
/// Constructs a new `Vm` using the given `Kvm` instance.
#[cfg(not(feature = "tee"))]
#[cfg(all(not(feature = "tee"), not(feature = "cca")))]
pub fn new(kvm: &Kvm) -> Result<Self> {
//create fd for interacting with kvm-vm specific functions
let vm_fd = kvm.create_vm().map_err(Error::VmFd)?;
Expand All @@ -511,6 +512,19 @@ impl Vm {
})
}

#[cfg(feature = "cca")]
pub fn new(kvm: &Kvm, max_ipa: usize) -> Result<Self> {
//create fd for interacting with kvm-vm specific functions
let ipa_bits = max(1 << max_ipa.trailing_zeros(), 32) + 1;
let vm_fd = kvm.create_vm_with_type((KVM_VM_TYPE_ARM_REALM | (ipa_bits & KVM_VM_TYPE_ARM_IPA_SIZE_MASK)).into()).map_err(Error::VmFd)?;

Ok(Vm {
fd: vm_fd,
#[cfg(target_arch = "aarch64")]
irqchip_handle: None,
})
}

#[cfg(feature = "amd-sev")]
pub fn new(kvm: &Kvm, tee_config: &TeeConfig) -> Result<Self> {
//create fd for interacting with kvm-vm specific functions
Expand Down

0 comments on commit b47ef94

Please sign in to comment.