Skip to content

Commit 291112d

Browse files
michael1vainermichael1vainer
committed
TDX 1.5.06
Signed-off-by: mvainer <[email protected]>
1 parent 062b3ba commit 291112d

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

69 files changed

+892
-480
lines changed

Diff for: BUILD.md

+8-8
Original file line numberDiff line numberDiff line change
@@ -53,24 +53,24 @@ NOTE: In order to run on Windows, replace the mount line with: -v "%CD%":$HOME/t
5353

5454
- Compiled on Linux* OS
5555

56-
- [IPP 2021.7.1](https://github.com/intel/ipp-crypto/releases/tag/ippcp_2021.7.1):
56+
- [IPP 2021.10.0](https://github.com/intel/ipp-crypto/releases/tag/ippcp_2021.10.0):
5757

5858
1) IPP can be automatically built by project's makefile.
5959

60-
- IPP sources need to be placed under ./libs/ipp/ipp-crypto-ippcp_2021.7.1 folder.
60+
- IPP sources need to be placed under ./libs/ipp/ipp-crypto-ipp-crypto_2021_10_0 folder.
6161

62-
- Tools that are required to build IPP crypto lib described in the following [link](https://github.com/intel/ipp-crypto/blob/ippcp_2021.7.1/BUILD.md)
62+
- Tools that are required to build IPP crypto lib described in the following [link](https://github.com/intel/ipp-crypto/blob/ippcp_2021.10.0/BUILD.md)
6363

6464
2) It could also be built separately with the following flags:
6565

6666
```bash
67-
cd <PROJ_DIR>/libs/ipp/ipp-crypto-ippcp_2021.7.1/
67+
cd <PROJ_DIR>/libs/ipp/ipp-crypto-ipp-crypto_2021_10_0/
6868

69-
CC=clang CXX=clang++ cmake CMakeLists.txt -B_build -DARCH=intel64 -DMERGED_BLD:BOOL=off -DPLATFORM_LIST="y8" -DIPPCP_CUSTOM_BUILD="IPPCP_AES_ON;IPPCP_CLMUL_ON;IPPCP_VAES_ON;IPPCP_VCLMUL_ON";
69+
CC=clang CXX=clang++ cmake CMakeLists.txt -B_build -DARCH=intel64 -DMERGED_BLD:BOOL=off -DNO_CRYPTO_MB:BOOL=TRUE -DPLATFORM_LIST="l9" -DIPPCP_CUSTOM_BUILD="IPPCP_AES_ON;IPPCP_CLMUL_ON;IPPCP_VAES_ON;IPPCP_VCLMUL_ON";
7070

7171
cd _build
7272

73-
make -j8 ippcp_s_y8
73+
make -j8 ippcp_s_l9
7474
```
7575

7676

@@ -79,12 +79,12 @@ Binary's generation includes the date it was compiled at, build number and modul
7979

8080
Build date, build number and update version could be extracted from the production binary, please use TDH.SYS.RD SEAMCALL (leaf #34) with MD_SYS_TDX_MODULE_VERSION_CLASS_CODE(8) as a class_code and MD_SYS_BUILD_DATE_FIELD_CODE(1)/MD_SYS_BUILD_NUM_FIELD_CODE(2)/MD_SYS_UPDATE_VERSION_FIELD_CODE(5) as field codes. The date format should be YYYYMMDD.
8181

82-
Current TDX version was built with: TDX_MODULE_BUILD_DATE=20240129 TDX_MODULE_BUILD_NUM=698 TDX_MODULE_UPDATE_VER=5
82+
Current TDX version was built with: TDX_MODULE_BUILD_DATE=20240407 TDX_MODULE_BUILD_NUM=744 TDX_MODULE_UPDATE_VER=6
8383

8484
1) In order to reproduce the exact binary, it is required to specify the original date, build number and update version:
8585

8686
```bash
87-
make RELEASE=1 TDX_MODULE_BUILD_DATE=20240129 TDX_MODULE_BUILD_NUM=698 TDX_MODULE_UPDATE_VER=5
87+
make RELEASE=1 TDX_MODULE_BUILD_DATE=20240407 TDX_MODULE_BUILD_NUM=744 TDX_MODULE_UPDATE_VER=6
8888
```
8989

9090
In case binary reproduction is not required, "make RELEASE=1" will suffice.

Diff for: Makefile

+8-5
Original file line numberDiff line numberDiff line change
@@ -47,16 +47,21 @@ CFLAGS += -D__FILENAME__=\"$(lastword $(subst /, ,$<))\"
4747

4848
CRYPTO_OBJECTS := $(CRYPTO_LIB_PATH)/$(CRYPTO_LIB_FILENAME)
4949

50-
default: $(TARGET) postBuildScripts
50+
default: preBuildScripts $(TARGET) postBuildScripts
5151
all: default
5252

5353
$(CRYPTO_OBJECTS): $(CRYPTO_LIB_SRC_DIR)
5454
cd $(CRYPTO_LIB_MAIN_DIR); \
5555
CC=$(CC_WITHOUT_CODE_COVERAGE) CXX=$(CXX_WITHOUT_CODE_COVERAGE) cmake CMakeLists.txt \
56-
-B_build -DARCH=intel64 -DMERGED_BLD:BOOL=off -DPLATFORM_LIST="y8" \
56+
-B_build -DARCH=intel64 -DMERGED_BLD:BOOL=off -DNO_CRYPTO_MB:BOOL=TRUE -DPLATFORM_LIST="l9" \
5757
-DIPPCP_CUSTOM_BUILD="IPPCP_AES_ON;IPPCP_CLMUL_ON;IPPCP_VAES_ON;IPPCP_VCLMUL_ON"; \
5858
cd _build; \
59-
make -j8 ippcp_s_y8
59+
make -j8 ippcp_s_l9
60+
61+
preBuildScripts:
62+
ifneq ($(shell expr $(CCVERSION) \>= 12), 1)
63+
$(error Bad clang version - clang version should be 12.0.0 or above)
64+
endif
6065

6166
$(C_OBJECTS): $(OBJS_DIR)/%.o: %.c
6267
@mkdir -p $(@D)
@@ -75,11 +80,9 @@ $(TARGET): $(CRYPTO_OBJECTS) $(OBJECTS)
7580
cp $(TARGET) $(ORIG_TARGET)
7681

7782
postBuildScripts: $(TARGET)
78-
ifndef DO_NOT_STRIP
7983
ifdef RELEASE
8084
strip -s $(RELEASE_DIR)/libtdx.so
8185
endif #RELEASE
82-
endif #DO_NOT_STRIP
8386

8487
#The padding operation must be the last change made to the binary
8588
$(MSG) "Padding Binary to page size granularity"

Diff for: compiler_defs.mk

+1-1
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ STD_FLAGS = -MD -MP -m64 -Wall -Wextra -fPIC -fno-builtin-memset -fvisibility=hi
3737
-mstack-alignment=16 -mstackrealign -std=c17 -mno-mmx -mno-sse -fno-jump-tables
3838

3939
# Optimization flags
40-
OPT_FLAGS = -O2
40+
OPT_FLAGS = -Os
4141

4242
# SecV mandatory flags
4343
SECV_FLAGS = -Wdouble-promotion -Wshadow -Wconversion -Wmissing-prototypes -Wpointer-arith -Wuninitialized -Wunreachable-code -Wunused-function -Werror -D_FORTIFY_SOURCE=2 -fno-zero-initialized-in-bss -fstack-protector-strong

Diff for: include/auto_gen/cpuid_configurations.c

+17-10
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@
2121
// SPDX-License-Identifier: MIT
2222
/**
2323
* This File is Automatically generated by the TDX xls extract tool
24-
* Spreadsheet Format Version - '7'
24+
* Spreadsheet Format Version - '8'
2525
**/
2626

2727
#include "auto_gen/cpuid_configurations.h"
@@ -47,6 +47,12 @@ const cpuid_lookup_t cpuid_lookup[MAX_NUM_CPUID_LOOKUP] = {
4747
.fixed0_or_dynamic = { .eax = 0xf000c000, .ebx = 0xff0000ff, .ecx = 0x8010060, .edx = 0x40120400 },
4848
.config_index = 0
4949
},
50+
[72] = { .leaf_subleaf = {.leaf = 0x2, .subleaf = 0xffffffff},
51+
.valid_entry = true,
52+
.fixed1 = { .eax = 0xfeff01, .ebx = 0x0, .ecx = 0x0, .edx = 0x0 },
53+
.fixed0_or_dynamic = { .eax = 0xff0100fe, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
54+
.config_index = CPUID_CONFIG_NULL_IDX
55+
},
5056
[11] = { .leaf_subleaf = {.leaf = 0x3, .subleaf = 0xffffffff},
5157
.valid_entry = true,
5258
.fixed0_or_dynamic = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
@@ -110,14 +116,14 @@ const cpuid_lookup_t cpuid_lookup[MAX_NUM_CPUID_LOOKUP] = {
110116
.valid_entry = true,
111117
.verify_mask = { .eax = 0xffffffff, .ebx = 0x219424c3, .ecx = 0x99000000, .edx = 0xfc082600 },
112118
.verify_value = { .eax = 0x2, .ebx = 0x219424c3, .ecx = 0x99000000, .edx = 0xfc080400 },
113-
.verify_same = { .eax = 0xffffffff, .ebx = 0xfffffffb, .ecx = 0xbfc1ff6f, .edx = 0xffebffff },
119+
.verify_same = { .eax = 0xffffffff, .ebx = 0xfffffffb, .ecx = 0xbfc17f6f, .edx = 0xffebffff },
114120
.fixed0_or_dynamic = { .ebx = 0x404006, .ecx = 0x643e8010, .edx = 0x2298c3 },
115121
.config_index = 5
116122
},
117123
[6] = { .leaf_subleaf = {.leaf = 0x7, .subleaf = 0x1},
118124
.valid_entry = true,
119125
.verify_same = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
120-
.fixed0_or_dynamic = { .eax = 0xfbffe28f, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xfffffbcf },
126+
.fixed0_or_dynamic = { .eax = 0xfb77e20f, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xfffdfbcf },
121127
.config_index = 6
122128
},
123129
[14] = { .leaf_subleaf = {.leaf = 0x7, .subleaf = 0x2},
@@ -155,8 +161,8 @@ const cpuid_lookup_t cpuid_lookup[MAX_NUM_CPUID_LOOKUP] = {
155161
},
156162
[66] = { .leaf_subleaf = {.leaf = 0xb, .subleaf = 0x2},
157163
.valid_entry = true,
158-
.fixed1 = { .eax = 0x0, .ebx = 0x0, .ecx = 0x0, .edx = 0x0 },
159-
.fixed0_or_dynamic = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
164+
.fixed1 = { .eax = 0x0, .ebx = 0x0, .ecx = 0x0 },
165+
.fixed0_or_dynamic = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffff00, .edx = 0xffffffff },
160166
.config_index = CPUID_CONFIG_NULL_IDX
161167
},
162168
[16] = { .leaf_subleaf = {.leaf = 0xd, .subleaf = 0x0},
@@ -321,7 +327,7 @@ const cpuid_lookup_t cpuid_lookup[MAX_NUM_CPUID_LOOKUP] = {
321327
[42] = { .leaf_subleaf = {.leaf = 0x19, .subleaf = 0xffffffff},
322328
.valid_entry = true,
323329
.verify_same = { .eax = 0xffffffff, .ebx = 0xfffffffe, .ecx = 0xffffffff, .edx = 0xffffffff },
324-
.fixed0_or_dynamic = { .eax = 0xfffffff8, .ebx = 0xffffffeb, .ecx = 0xfffffffd, .edx = 0xffffffff },
330+
.fixed0_or_dynamic = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
325331
.config_index = CPUID_CONFIG_NULL_IDX
326332
},
327333
[67] = { .leaf_subleaf = {.leaf = 0x1a, .subleaf = 0xffffffff},
@@ -469,8 +475,8 @@ const cpuid_lookup_t cpuid_lookup[MAX_NUM_CPUID_LOOKUP] = {
469475
},
470476
[9] = { .leaf_subleaf = {.leaf = 0x80000008, .subleaf = 0xffffffff},
471477
.valid_entry = true,
472-
.verify_mask = { .eax = 0xff, .ebx = 0x200 },
473-
.verify_value = { .eax = 0x34, .ebx = 0x200 },
478+
.verify_mask = { .ebx = 0x200 },
479+
.verify_value = { .ebx = 0x200 },
474480
.verify_same = { .eax = 0xffffffff, .ebx = 0xffffffff, .ecx = 0xffffffff, .edx = 0xffffffff },
475481
.fixed0_or_dynamic = { .eax = 0xffff0000, .ebx = 0xfffffdff, .ecx = 0xffffffff, .edx = 0xffffffff },
476482
.config_index = 9
@@ -511,7 +517,7 @@ const cpuid_configurable_t cpuid_configurable[MAX_NUM_CPUID_CONFIG] = {
511517
},
512518
[6] = { .leaf_subleaf = {.leaf = 0x7, .subleaf = 0x1},
513519
.valid_entry = true,
514-
.allow_direct = { .eax = 0x4001d30, .edx = 0x430 },
520+
.allow_direct = { .eax = 0x4881db0, .edx = 0x20430 },
515521
.lookup_index = 6
516522
},
517523
[10] = { .leaf_subleaf = {.leaf = 0x7, .subleaf = 0x2},
@@ -565,6 +571,7 @@ const cpuid_configurable_t cpuid_configurable[MAX_NUM_CPUID_CONFIG] = {
565571
},
566572
[9] = { .leaf_subleaf = {.leaf = 0x80000008, .subleaf = 0xffffffff},
567573
.valid_entry = true,
574+
.config_direct = { .eax = 0xff },
568575
.allow_direct = { .ebx = 0x200 },
569576
.lookup_index = 9
570577
}
@@ -595,7 +602,7 @@ const cpuid_config_return_values_t xfam_mask_0x7_0x0[XCR0_MAX_VALID_BIT + 1] = {
595602

596603
const cpuid_config_return_values_t xfam_mask_0x7_0x1[XCR0_MAX_VALID_BIT + 1] = {
597604

598-
[2]={ .eax = 0x10 , .edx = 0x430 } ,
605+
[2]={ .eax = 0x800010 , .edx = 0x430 } ,
599606
[5]={ .eax = 0x20 } ,
600607
[6]={ .eax = 0x20 } ,
601608
[7]={ .eax = 0x20 } ,

Diff for: include/auto_gen/cpuid_configurations.h

+2-2
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@
2121
// SPDX-License-Identifier: MIT
2222
/**
2323
* This File is Automatically generated by the TDX xls extract tool
24-
* based on architecture commit id "40ef60d2"
25-
* Spreadsheet Format Version - '7'
24+
* based on architecture commit id "a1b03ec5"
25+
* Spreadsheet Format Version - '8'
2626
**/
2727

2828
#ifndef _AUTO_GEN_CPUID_CONFIG_H_

Diff for: include/auto_gen/cpuid_configurations_defines.h

+3-3
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@
2121
// SPDX-License-Identifier: MIT
2222
/**
2323
* This File is Automatically generated by the TDX xls extract tool
24-
* based on architecture commit id "40ef60d2"
25-
* Spreadsheet Format Version - '7'
24+
* based on architecture commit id "a1b03ec5"
25+
* Spreadsheet Format Version - '8'
2626
**/
2727

2828
/*
@@ -35,7 +35,7 @@
3535
#ifndef _AUTO_GEN_CPUID_CONFIG_DEFINES_H_
3636
#define _AUTO_GEN_CPUID_CONFIG_DEFINES_H_
3737

38-
#define MAX_NUM_CPUID_LOOKUP 68
38+
#define MAX_NUM_CPUID_LOOKUP 73
3939
#define MAX_NUM_CPUID_CONFIG 18
4040

4141
#define CPUID_CONFIG_NULL_IDX 0xFFFFFFFF

0 commit comments

Comments
 (0)