platform/tdp: replace tdx-tdcall crate with local implementation #515
Conversation
msft-jlange
force-pushed
the
tdcall
branch
2 times, most recently
from
c044408
to
d368f71
Compare
|
@peterfang it would great to get your review on this |
msft-jlange
force-pushed
the
tdcall
branch
2 times, most recently
from
a76f39b
to
45591bc
Compare
The `tdx-tdcall` crate is built for different security and design assumptions than what is required for COCONUT-SVSM. The TDCALL/TDVMCALL functionality required can be implemented locally, providing better integration with the COCONUT-SVSM environment. Signed-off-by: Jon Lange <[email protected]>
Sure, I'll take a look |
| if addr.is_aligned(PAGE_SIZE_2M) && addr + PAGE_SIZE_2M <= end { | ||
| let ret = tdx_result(tdg_mem_page_accept(PageFrame::Size2M(addr))); | ||
| match ret { | ||
| Err(TdxError::PageAlreadyAccepted) => { |
There was a problem hiding this comment.
What is the usecase to allow such behavior, i.e. why we don't treat PageAlreadyAccepted as a bug condition?
There was a problem hiding this comment.
PageAlreadyAccepted does not necessarily indicate an error. Suppose a TD has a private page at GPA X, and calls GHCI.MapGPA to convert it to a shared page. The host may choose to insert a different HPA at GPA X+Shared without ever calling TDH.MEM.PAGE.REMOVE on GPA X. This is acceptable to the TD. Then, the TD may call GHCI.MapGPA to convert back to a pivate page. The host may choose simply to remove GPA X+Shared, still without ever calling TDH.MEM.PAGE.REMOVE on GPA X. There's nothing inappropriate about this flow. The TD is expecting to accept a page of zeroes, so if it sees that the page was already accepted in this case, it should just zero the page and move on.
Similarly, not observing PageAlreadyAccepted does not mean that acceptance is safe. A TD may call TDG.MEM.PAGE.ACCEPT on GPA X, and then may call TDG.MEM.PAGE.ACCEPT on GPA X a second time (perhaps intentionally, perhaps inadvertently). If the host calls TDH.MEM.PAGE.REMOVE/TDH.MEM.PAGE.AUG in between the two calls, the second TDG.MEM.PAGE.ACCEPT call will succeed and zero the page, even if the TD expected that the page had already been accepted.
Since PageAlreadyAccepted is not a reliable way to detect an error condition, it's better just to make page acceptance be consistent, and to say that every call will result in a zeroed page regardless of what was there before.
The
tdx-tdcallcrate is built for different security and design assumptions than what is required for COCONUT-SVSM. The TDCALL/TDVMCALL functionality required can be implemented locally, providing better integration with the COCONUT-SVSM environment.