Skip to content

Commit

Permalink
TDX 1.5.06
Browse files Browse the repository at this point in the history
Signed-off-by: mvainer <[email protected]>
  • Loading branch information
michael1vainer committed Nov 28, 2024
1 parent 062b3ba commit 291112d
Show file tree
Hide file tree
Showing 69 changed files with 892 additions and 480 deletions.
16 changes: 8 additions & 8 deletions BUILD.md
Original file line number Diff line number Diff line change
Expand Up @@ -53,24 +53,24 @@ NOTE: In order to run on Windows, replace the mount line with: -v "%CD%":$HOME/t

- Compiled on Linux* OS

- [IPP 2021.7.1](https://github.com/intel/ipp-crypto/releases/tag/ippcp_2021.7.1):
- [IPP 2021.10.0](https://github.com/intel/ipp-crypto/releases/tag/ippcp_2021.10.0):

1) IPP can be automatically built by project's makefile.

- IPP sources need to be placed under ./libs/ipp/ipp-crypto-ippcp_2021.7.1 folder.
- IPP sources need to be placed under ./libs/ipp/ipp-crypto-ipp-crypto_2021_10_0 folder.

- Tools that are required to build IPP crypto lib described in the following [link](https://github.com/intel/ipp-crypto/blob/ippcp_2021.7.1/BUILD.md)
- Tools that are required to build IPP crypto lib described in the following [link](https://github.com/intel/ipp-crypto/blob/ippcp_2021.10.0/BUILD.md)

2) It could also be built separately with the following flags:

```bash
cd <PROJ_DIR>/libs/ipp/ipp-crypto-ippcp_2021.7.1/
cd <PROJ_DIR>/libs/ipp/ipp-crypto-ipp-crypto_2021_10_0/

CC=clang CXX=clang++ cmake CMakeLists.txt -B_build -DARCH=intel64 -DMERGED_BLD:BOOL=off -DPLATFORM_LIST="y8" -DIPPCP_CUSTOM_BUILD="IPPCP_AES_ON;IPPCP_CLMUL_ON;IPPCP_VAES_ON;IPPCP_VCLMUL_ON";
CC=clang CXX=clang++ cmake CMakeLists.txt -B_build -DARCH=intel64 -DMERGED_BLD:BOOL=off -DNO_CRYPTO_MB:BOOL=TRUE -DPLATFORM_LIST="l9" -DIPPCP_CUSTOM_BUILD="IPPCP_AES_ON;IPPCP_CLMUL_ON;IPPCP_VAES_ON;IPPCP_VCLMUL_ON";

cd _build

make -j8 ippcp_s_y8
make -j8 ippcp_s_l9
```


Expand All @@ -79,12 +79,12 @@ Binary's generation includes the date it was compiled at, build number and modul

Build date, build number and update version could be extracted from the production binary, please use TDH.SYS.RD SEAMCALL (leaf #34) with MD_SYS_TDX_MODULE_VERSION_CLASS_CODE(8) as a class_code and MD_SYS_BUILD_DATE_FIELD_CODE(1)/MD_SYS_BUILD_NUM_FIELD_CODE(2)/MD_SYS_UPDATE_VERSION_FIELD_CODE(5) as field codes. The date format should be YYYYMMDD.

Current TDX version was built with: TDX_MODULE_BUILD_DATE=20240129 TDX_MODULE_BUILD_NUM=698 TDX_MODULE_UPDATE_VER=5
Current TDX version was built with: TDX_MODULE_BUILD_DATE=20240407 TDX_MODULE_BUILD_NUM=744 TDX_MODULE_UPDATE_VER=6

1) In order to reproduce the exact binary, it is required to specify the original date, build number and update version:

```bash
make RELEASE=1 TDX_MODULE_BUILD_DATE=20240129 TDX_MODULE_BUILD_NUM=698 TDX_MODULE_UPDATE_VER=5
make RELEASE=1 TDX_MODULE_BUILD_DATE=20240407 TDX_MODULE_BUILD_NUM=744 TDX_MODULE_UPDATE_VER=6
```

In case binary reproduction is not required, "make RELEASE=1" will suffice.
Expand Down
13 changes: 8 additions & 5 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -47,16 +47,21 @@ CFLAGS += -D__FILENAME__=\"$(lastword $(subst /, ,$<))\"

CRYPTO_OBJECTS := $(CRYPTO_LIB_PATH)/$(CRYPTO_LIB_FILENAME)

default: $(TARGET) postBuildScripts
default: preBuildScripts $(TARGET) postBuildScripts
all: default

$(CRYPTO_OBJECTS): $(CRYPTO_LIB_SRC_DIR)
cd $(CRYPTO_LIB_MAIN_DIR); \
CC=$(CC_WITHOUT_CODE_COVERAGE) CXX=$(CXX_WITHOUT_CODE_COVERAGE) cmake CMakeLists.txt \
-B_build -DARCH=intel64 -DMERGED_BLD:BOOL=off -DPLATFORM_LIST="y8" \
-B_build -DARCH=intel64 -DMERGED_BLD:BOOL=off -DNO_CRYPTO_MB:BOOL=TRUE -DPLATFORM_LIST="l9" \
-DIPPCP_CUSTOM_BUILD="IPPCP_AES_ON;IPPCP_CLMUL_ON;IPPCP_VAES_ON;IPPCP_VCLMUL_ON"; \
cd _build; \
make -j8 ippcp_s_y8
make -j8 ippcp_s_l9

preBuildScripts:
ifneq ($(shell expr $(CCVERSION) \>= 12), 1)
$(error Bad clang version - clang version should be 12.0.0 or above)
endif

$(C_OBJECTS): $(OBJS_DIR)/%.o: %.c
@mkdir -p $(@D)
Expand All @@ -75,11 +80,9 @@ $(TARGET): $(CRYPTO_OBJECTS) $(OBJECTS)
cp $(TARGET) $(ORIG_TARGET)

postBuildScripts: $(TARGET)
ifndef DO_NOT_STRIP
ifdef RELEASE
strip -s $(RELEASE_DIR)/libtdx.so
endif #RELEASE
endif #DO_NOT_STRIP

#The padding operation must be the last change made to the binary
$(MSG) "Padding Binary to page size granularity"
Expand Down
2 changes: 1 addition & 1 deletion compiler_defs.mk
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ STD_FLAGS = -MD -MP -m64 -Wall -Wextra -fPIC -fno-builtin-memset -fvisibility=hi
-mstack-alignment=16 -mstackrealign -std=c17 -mno-mmx -mno-sse -fno-jump-tables

# Optimization flags
OPT_FLAGS = -O2
OPT_FLAGS = -Os

# SecV mandatory flags
SECV_FLAGS = -Wdouble-promotion -Wshadow -Wconversion -Wmissing-prototypes -Wpointer-arith -Wuninitialized -Wunreachable-code -Wunused-function -Werror -D_FORTIFY_SOURCE=2 -fno-zero-initialized-in-bss -fstack-protector-strong
Expand Down
27 changes: 17 additions & 10 deletions include/auto_gen/cpuid_configurations.c
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
// SPDX-License-Identifier: MIT
/**
* This File is Automatically generated by the TDX xls extract tool
* Spreadsheet Format Version - '7'
* Spreadsheet Format Version - '8'
**/

#include "auto_gen/cpuid_configurations.h"
Expand All @@ -47,6 +47,12 @@ const cpuid_lookup_t cpuid_lookup[MAX_NUM_CPUID_LOOKUP] = {
.fixed0_or_dynamic = { .eax = 0xf000c000, .ebx = 0xff0000ff, .ecx = 0x8010060, .edx = 0x40120400 },
.config_index = 0
},
[72] = { .leaf_subleaf = {.leaf = 0x2, .subleaf = 0xffffffff},
.valid_entry = true,
.fixed1 = { .eax = 0xfeff01, .ebx = 0x0, .ecx = 0x0, .edx = 0x0 },
.fixed0_or_dynamic = { .eax = 0xff0100fe, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
.config_index = CPUID_CONFIG_NULL_IDX
},
[11] = { .leaf_subleaf = {.leaf = 0x3, .subleaf = 0xffffffff},
.valid_entry = true,
.fixed0_or_dynamic = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
Expand Down Expand Up @@ -110,14 +116,14 @@ const cpuid_lookup_t cpuid_lookup[MAX_NUM_CPUID_LOOKUP] = {
.valid_entry = true,
.verify_mask = { .eax = 0xffffffff, .ebx = 0x219424c3, .ecx = 0x99000000, .edx = 0xfc082600 },
.verify_value = { .eax = 0x2, .ebx = 0x219424c3, .ecx = 0x99000000, .edx = 0xfc080400 },
.verify_same = { .eax = 0xffffffff, .ebx = 0xfffffffb, .ecx = 0xbfc1ff6f, .edx = 0xffebffff },
.verify_same = { .eax = 0xffffffff, .ebx = 0xfffffffb, .ecx = 0xbfc17f6f, .edx = 0xffebffff },
.fixed0_or_dynamic = { .ebx = 0x404006, .ecx = 0x643e8010, .edx = 0x2298c3 },
.config_index = 5
},
[6] = { .leaf_subleaf = {.leaf = 0x7, .subleaf = 0x1},
.valid_entry = true,
.verify_same = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
.fixed0_or_dynamic = { .eax = 0xfbffe28f, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xfffffbcf },
.fixed0_or_dynamic = { .eax = 0xfb77e20f, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xfffdfbcf },
.config_index = 6
},
[14] = { .leaf_subleaf = {.leaf = 0x7, .subleaf = 0x2},
Expand Down Expand Up @@ -155,8 +161,8 @@ const cpuid_lookup_t cpuid_lookup[MAX_NUM_CPUID_LOOKUP] = {
},
[66] = { .leaf_subleaf = {.leaf = 0xb, .subleaf = 0x2},
.valid_entry = true,
.fixed1 = { .eax = 0x0, .ebx = 0x0, .ecx = 0x0, .edx = 0x0 },
.fixed0_or_dynamic = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
.fixed1 = { .eax = 0x0, .ebx = 0x0, .ecx = 0x0 },
.fixed0_or_dynamic = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffff00, .edx = 0xffffffff },
.config_index = CPUID_CONFIG_NULL_IDX
},
[16] = { .leaf_subleaf = {.leaf = 0xd, .subleaf = 0x0},
Expand Down Expand Up @@ -321,7 +327,7 @@ const cpuid_lookup_t cpuid_lookup[MAX_NUM_CPUID_LOOKUP] = {
[42] = { .leaf_subleaf = {.leaf = 0x19, .subleaf = 0xffffffff},
.valid_entry = true,
.verify_same = { .eax = 0xffffffff, .ebx = 0xfffffffe, .ecx = 0xffffffff, .edx = 0xffffffff },
.fixed0_or_dynamic = { .eax = 0xfffffff8, .ebx = 0xffffffeb, .ecx = 0xfffffffd, .edx = 0xffffffff },
.fixed0_or_dynamic = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
.config_index = CPUID_CONFIG_NULL_IDX
},
[67] = { .leaf_subleaf = {.leaf = 0x1a, .subleaf = 0xffffffff},
Expand Down Expand Up @@ -469,8 +475,8 @@ const cpuid_lookup_t cpuid_lookup[MAX_NUM_CPUID_LOOKUP] = {
},
[9] = { .leaf_subleaf = {.leaf = 0x80000008, .subleaf = 0xffffffff},
.valid_entry = true,
.verify_mask = { .eax = 0xff, .ebx = 0x200 },
.verify_value = { .eax = 0x34, .ebx = 0x200 },
.verify_mask = { .ebx = 0x200 },
.verify_value = { .ebx = 0x200 },
.verify_same = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
.fixed0_or_dynamic = { .eax = 0xffff0000, .ebx = 0xfffffdff, .ecx = 0xffffffff, .edx = 0xffffffff },
.config_index = 9
Expand Down Expand Up @@ -511,7 +517,7 @@ const cpuid_configurable_t cpuid_configurable[MAX_NUM_CPUID_CONFIG] = {
},
[6] = { .leaf_subleaf = {.leaf = 0x7, .subleaf = 0x1},
.valid_entry = true,
.allow_direct = { .eax = 0x4001d30, .edx = 0x430 },
.allow_direct = { .eax = 0x4881db0, .edx = 0x20430 },
.lookup_index = 6
},
[10] = { .leaf_subleaf = {.leaf = 0x7, .subleaf = 0x2},
Expand Down Expand Up @@ -565,6 +571,7 @@ const cpuid_configurable_t cpuid_configurable[MAX_NUM_CPUID_CONFIG] = {
},
[9] = { .leaf_subleaf = {.leaf = 0x80000008, .subleaf = 0xffffffff},
.valid_entry = true,
.config_direct = { .eax = 0xff },
.allow_direct = { .ebx = 0x200 },
.lookup_index = 9
}
Expand Down Expand Up @@ -595,7 +602,7 @@ const cpuid_config_return_values_t xfam_mask_0x7_0x0[XCR0_MAX_VALID_BIT + 1] = {

const cpuid_config_return_values_t xfam_mask_0x7_0x1[XCR0_MAX_VALID_BIT + 1] = {

[2]={ .eax = 0x10 , .edx = 0x430 } ,
[2]={ .eax = 0x800010 , .edx = 0x430 } ,
[5]={ .eax = 0x20 } ,
[6]={ .eax = 0x20 } ,
[7]={ .eax = 0x20 } ,
Expand Down
4 changes: 2 additions & 2 deletions include/auto_gen/cpuid_configurations.h
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@
// SPDX-License-Identifier: MIT
/**
* This File is Automatically generated by the TDX xls extract tool
* based on architecture commit id "40ef60d2"
* Spreadsheet Format Version - '7'
* based on architecture commit id "a1b03ec5"
* Spreadsheet Format Version - '8'
**/

#ifndef _AUTO_GEN_CPUID_CONFIG_H_
Expand Down
6 changes: 3 additions & 3 deletions include/auto_gen/cpuid_configurations_defines.h
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@
// SPDX-License-Identifier: MIT
/**
* This File is Automatically generated by the TDX xls extract tool
* based on architecture commit id "40ef60d2"
* Spreadsheet Format Version - '7'
* based on architecture commit id "a1b03ec5"
* Spreadsheet Format Version - '8'
**/

/*
Expand All @@ -35,7 +35,7 @@
#ifndef _AUTO_GEN_CPUID_CONFIG_DEFINES_H_
#define _AUTO_GEN_CPUID_CONFIG_DEFINES_H_

#define MAX_NUM_CPUID_LOOKUP 68
#define MAX_NUM_CPUID_LOOKUP 73
#define MAX_NUM_CPUID_CONFIG 18

#define CPUID_CONFIG_NULL_IDX 0xFFFFFFFF
Expand Down
Loading

0 comments on commit 291112d

Please sign in to comment.