Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Split tdx feature into tdcall and tdvmcall features as tdvmcall usage may be optional for some use cases #768

Closed
wants to merge 31 commits into from
Closed

Split tdx feature into tdcall and tdvmcall features as tdvmcall usage may be optional for some use cases #768

wants to merge 31 commits into from

Conversation

sgrams
Copy link
Contributor

@sgrams sgrams commented Mar 7, 2025
edited
Loading

No functional changes to existing build.
Now:

  • tdx-tdcall/src/tdx.rs is split into two files: tdx-tdcall/src/tdcall.rs and tdx-tdcall/src/tdvmcall.rs.
  • tdx-tdcall: tdx feature is split into tdcall and tdvmcall
  • all dependent libraries start using tdcall and tdvmcall features instead of tdx feature
  • td-shim/Cargo.toml and td-payload/Cargo.toml still provide tdx feature for backward compatibility, and it does include both tdcall and tdvmcall features.

sgrams added 29 commits March 3, 2025 17:44
@sgrams
tdx-tdcall: Add a feature and separate tdvmcall to a dedicated file
6d6116c 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: Split tdx.rs into tdcall.rs and tdvmcall.rs
c85adc3 
No functional changes

Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: move remaining tdcall functions into tdcall.rs
3f7069d 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: remove tdvmcall_ prefix
614c4ad 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: remove tdcall_ prefix
6cb7de4 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
Replace tdvmcall_ with tdvmcall::
5bf8e83 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
Replace tdcall_ with tdcall::
ebc17ee 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: Revert rename in CHANGELOG.md
383f9fa 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: add tdcall feature and add default features
4afbf1f 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
td-payload: adapt to new tdx-tdcall layout
1746f9b 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
td-logger: adapt to new tdx-tdcall layout
bc5bf16 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
td-exception: adapt to new tdx-tdcall layout
8485407 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
td-shim: adapt to new tdx-tdcall layout
93e3ca4 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tests: adapt to new tdx-tdcall layout
fe36056 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
xtask: adapt to new tdx-tdcall layout
6961b90 
Now tdx feature is removed and replaced by two separate features:
tdcall and tdvmcall. Only tdcall is enabled by default.

Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: move td-report under tdcall feature
013c6c0 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
td-payload: add non-tdvmcall version of enable_apic_interrupt
eb829c5 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
td-payload: add non-tdvmcall versions of decrypt and encrypt
50056a3 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: Bump version after changing the API
97db275 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
Cargo.lock: lock tdx-tdcall version after bump
0a39437 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
xtask: enable tdvmcall feature by default
e8faa4c 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: fix-up src/asm after tdcall rename
9ccd236 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
.github: update CI to use tdcall and tdvmcall instead of tdx feature
b4c44a3 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: fix-up clippy errors
5212396 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall,td-payload: fix-up cargo fmt errors
ddc36b7 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
sh_script: replace tdx feature with tdcall and tdvmcall
a7c03cb 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
tdx-tdcall: Update CHANGELOG.md
4b445f0 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
xtask,td-shim,sh_script: tdx feature now consists of tdcall and tdvmcall
e4d0c6f 
Signed-off-by: Stanislaw Grams <[email protected]>
@sgrams
td-payload: add td-exception/tdvmcall dependency to tdvmcall feature
36fc18a 
Signed-off-by: Stanislaw Grams <[email protected]>
sgrams
sgrams commented Mar 7, 2025
View reviewed changes
@sgrams sgrams force-pushed the user/sgrams/25ww10e-td_shim_separate_tdx_feature branch from 4c065d0 to 15c85e2 Compare March 7, 2025 10:18
@sgrams sgrams marked this pull request as ready for review March 7, 2025 10:37
@sgrams sgrams changed the title Split tdx feature originated from tdx-tdcall into two features: tdcall and tdvmcall as tdvmcall usage may be optional for some use cases Split tdx-tdcall/tdx into tdcall and tdvmcall as tdvmcall usage may be optional for some use cases Mar 7, 2025
@sgrams sgrams changed the title Split tdx-tdcall/tdx into tdcall and tdvmcall as tdvmcall usage may be optional for some use cases Split tdx feature into tdcall and tdvmcall as tdvmcall usage may be optional for some use cases Mar 7, 2025
@sgrams sgrams changed the title Split tdx feature into tdcall and tdvmcall as tdvmcall usage may be optional for some use cases Split tdx feature into tdcall and tdvmcall features as tdvmcall usage may be optional for some use cases Mar 7, 2025
@jyao1
Copy link
Member

jyao1 commented Mar 9, 2025
edited
Loading

I am worried on the compatibility, since there is code change. For example:

-        1 => tdx::tdvmcall_io_read_8(port) as u32,
-        2 => tdx::tdvmcall_io_read_16(port) as u32,
-        4 => tdx::tdvmcall_io_read_32(port),
+        1 => tdvmcall::io_read_8(port) as u32,
+        2 => tdvmcall::io_read_16(port) as u32,
+        4 => tdvmcall::io_read_32(port),

How do you guarantee the consumer is NOT impacted?

Also, please describe the purpose of this change, not just what the patch does.

@sgrams
Copy link
Contributor Author

sgrams commented Mar 10, 2025

This change is to allow consumers of TD-Shim to build it without support for TDVMCALLs.
We require this change in TEE-IO Provision Agent (TPA TD).

With this approach consumer must adapt, and a code change is required.
tdx::tdcall_* usage must be renamed to tdcall::*
tdx::tdvmcall_* usage must be renamed to tdvmcall::*
Imports are also affected.

@jyao1
Copy link
Member

jyao1 commented Mar 10, 2025

That introduces too many changes.

I think an easy way can be: just add [no-tdvmcall] to meet the need.

@sgrams
Copy link
Contributor Author

sgrams commented Mar 10, 2025

I'll prepare a change with no-tdvmcall feature.

@sgrams sgrams closed this Mar 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sgrams @jyao1