From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id 6BC5D1FF16F
	for <inbox@lore.proxmox.com>; Tue, 16 Sep 2025 12:22:29 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id A0733102B1;
	Tue, 16 Sep 2025 12:22:34 +0200 (CEST)
Message-ID: <fc430395-20e9-4fc4-8b25-6bad5ff4cb36@proxmox.com>
Date: Tue, 16 Sep 2025 12:22:00 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird Beta
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>,
 Anton Iacobaeus <anton.iacobaeus@canarybit.eu>
References: <20250916075406.33084-2-anton.iacobaeus@canarybit.eu>
 <20250916075406.33084-10-anton.iacobaeus@canarybit.eu>
Content-Language: en-US
From: Thomas Lamprecht <t.lamprecht@proxmox.com>
In-Reply-To: <20250916075406.33084-10-anton.iacobaeus@canarybit.eu>
X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2
X-Bm-Transport-Timestamp: 1758018113565
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.029 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [intel.com]
Subject: Re: [pve-devel] [PATCH qemu-server 2/3] Add check for TDX support
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Cc: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

Am 16.09.25 um 11:14 schrieb Anton Iacobaeus:
> From: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
> 
> Check whether TDX is enabled on this machine. Instead of using CPUID
> like AMD SEV, Intel TDX enablement can be verified by reading an MSR
> (https://cc-enabling.trustedservices.intel.com/intel-tdx-enabling-guide/05/host_os_setup/).
> 
> Signed-off-by: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
> Signed-off-by: Anton Iacobaeus <anton.iacobaeus@canarybit.eu>
> ---
>  .../query-machine-capabilities.c              | 56 ++++++++++++++++++-
>  src/usr/modules-load.conf                     |  1 +
>  2 files changed, 56 insertions(+), 1 deletion(-)
> 
> diff --git a/src/query-machine-capabilities/query-machine-capabilities.c b/src/query-machine-capabilities/query-machine-capabilities.c
> index 0c522afc..913d15c5 100644
> --- a/src/query-machine-capabilities/query-machine-capabilities.c
> +++ b/src/query-machine-capabilities/query-machine-capabilities.c
> @@ -4,6 +4,9 @@
>  #include <sys/stat.h>
>  #include <errno.h>
>  #include <string.h>
> +#include <stdlib.h>
> +#include <unistd.h>
> +#include <fcntl.h>
>  
>  #define eprintf(...) fprintf(stderr, __VA_ARGS__)
>  
> @@ -15,11 +18,49 @@ typedef struct {
>      bool sev_support;
>      bool sev_es_support;
>      bool sev_snp_support;
> +    bool tdx_support;
>  
>      uint8_t cbitpos;
>      uint8_t reduced_phys_bits;
>  } cpu_caps_t;
>  
> +int read_msr(uint32_t msr_index, unsigned int *value) {
> +    int64_t data;
> +    char* msr_file_name = "/dev/cpu/0/msr";
> +    int fd;
> +
> +    fd = open(msr_file_name, O_RDONLY);
> +    if (fd < 0) {
> +            if (errno == ENXIO) {
> +                fprintf(stderr, "rdmsr: No CPU 0\n");
> +                exit(2);

let's please not randomly exit in some helper function due to an error
specific to that function, but rather return with an error code from
the function and map that to "null" or not including the respective keys
in the JSON output (either is fine for me).

> +            } else if (errno == EIO) {
> +                    fprintf(stderr, "rdmsr: CPU oesn't support MSRs\n");
> +                    exit(3);

same here w.r.t exit.

> +	    } else {
> +                perror("rdmsr: open");
> +                exit(127);

same here w.r.t exit.

> +            }
> +    }
> +
> +    if (pread(fd, &data, sizeof data, msr_index) != sizeof data) {
> +        if (errno == EIO) {
> +            fprintf(stderr, "rdmsr: CPU cannot read MSR 0x%08x\n", msr_index);
> +            exit(4);

same here w.r.t exit.

> +        } else {
> +            perror("rdmsr: pread");
> +            exit(127);

same here w.r.t exit.

> +        }
> +    }
> +
> +
> +    *value = data;
> +
> +    close(fd);
> +    return 0;
> +}
> +
> +
>  void query_cpu_capabilities(cpu_caps_t *res) {
>      uint32_t eax, ebx, ecx, edx;
>  
> @@ -37,6 +78,15 @@ void query_cpu_capabilities(cpu_caps_t *res) {
>  
>      res->cbitpos = ebx & 0x3f;
>      res->reduced_phys_bits = (ebx >> 6) & 0x3f;
> +
> +    unsigned int value;
> +
> +    if (read_msr(0x1401, &value) == 0) {

> +        fprintf(stderr, "to read MSR: %08x \n", value);

We do not have any always-on debugging outputs here, either add a helper
for that which can be optionally enabled on build through defining a
constant or just omit it for now.

> +        res->tdx_support = (value & (1<<11));
> +    } else {

As of now this is a dead branch as read_msr either returns 0 or exits
the program.

> +        fprintf(stderr, "Failed to read MSR\n");

please re-use the `eprintf` helper we define here in the file and use
everywhere else.

> +    }
>  }
>  
>  int prepare_output_directory() {
> @@ -82,13 +132,17 @@ int main() {
>          " \"sev-support\": %s,"
>          " \"sev-support-es\": %s,"
>          " \"sev-support-snp\": %s"
> +        " },"
> +        " \"intel-tdx\": {"
> +        " \"tdx-support\": %s"
>          " }"
>          " }\n",
>          caps.cbitpos,
>          caps.reduced_phys_bits,
>          caps.sev_support ? "true" : "false",
>          caps.sev_es_support ? "true" : "false",
> -        caps.sev_snp_support ? "true" : "false"
> +        caps.sev_snp_support ? "true" : "false",
> +        caps.tdx_support ? "true" : "false"
>      );
>      if (ret < 0) {
>          eprintf("Error writing to file '" OUTPUT_PATH "': %s\n", strerror(errno));
> diff --git a/src/usr/modules-load.conf b/src/usr/modules-load.conf
> index aee7d42a..f45d256b 100644
> --- a/src/usr/modules-load.conf
> +++ b/src/usr/modules-load.conf
> @@ -1 +1,2 @@
>  vhost_net
> +msr



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel