search

canonical / tdx

Intel confidential computing - TDX
GNU General Public License v3.0
104 stars 41 forks source link

The setup-tdx-common does not configure the UBUNTU_VERSION required by create_td_image.sh #285

Open bprashan opened 20 hours ago

bprashan commented 20 hours ago

Describe the bug Our nightly automation runs are currently failing at the create_td_image.sh step. After a preliminary investigation, we found that the -v [UBUNTU_VERSION] argument has become mandatory for executing the create-td-image.sh script, which was not the case previously.

To Reproduce Steps to reproduce the behavior:

sdp@sdp:~/bprashan$ git clone -b noble-24.04 https://github.com/canonical/tdx.git
Cloning into 'tdx'...
remote: Enumerating objects: 1738, done.
remote: Counting objects: 100% (1006/1006), done.
remote: Compressing objects: 100% (503/503), done.
remote: Total 1738 (delta 688), reused 679 (delta 497), pack-reused 732 (from 1)
Receiving objects: 100% (1738/1738), 784.16 KiB | 10.18 MiB/s, done.
Resolving deltas: 100% (1008/1008), done.
sdp@sdp:~/bprashan/tdx$ sudo -E ./setup-tdx-host.sh
Hit:1 https://download.docker.com/linux/ubuntu noble InRelease
Hit:2 https://aquasecurity.github.io/trivy-repo/deb noble InRelease
Hit:3 http://archive.ubuntu.com/ubuntu noble InRelease
Get:4 http://archive.ubuntu.com/ubuntu noble-updates InRelease [126 kB]
Hit:5 http://security.ubuntu.com/ubuntu noble-security InRelease
Hit:6 https://apt.releases.hashicorp.com noble InRelease
Hit:7 http://archive.ubuntu.com/ubuntu noble-backports InRelease
Hit:8 https://ppa.launchpadcontent.net/kobuk-team/tdx-attestation-release/ubuntu noble InRelease
Hit:9 https://ppa.launchpadcontent.net/kobuk-team/tdx-release/ubuntu noble InRelease
Hit:10 https://ppa.launchpadcontent.net/kobuk-team/tdx-testing/ubuntu noble InRelease
Fetched 126 kB in 2s (81.4 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
28 packages can be upgraded. Run 'apt list --upgradable' to see them.
W: https://aquasecurity.github.io/trivy-repo/deb/dists/noble/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
PPA publishes dbgsym, you may need to include 'main/debug' component
Repository: 'Types: deb
URIs: https://ppa.launchpadcontent.net/kobuk-team/tdx-release/ubuntu/
Suites: noble
Components: main
'
Description:
This package archive contains required components to enable TDX for both host and guest VM.
TDX is a Intel hardware solution for Confidential Computing.
To get an introduction on TDX, you can visit the link: https://cdrdv2.intel.com/v1/dl/getContent/690419

The current supported Ubuntu series are:
  - Ubuntu 24.04 (Noble)

No longer supported:
  - Ubuntu 23.10 (Mantic)

For installation instructions, please visit : https://github.com/canonical/tdx
More info: https://launchpad.net/~kobuk-team/+archive/ubuntu/tdx-release
Adding repository.
Found existing deb entry in /etc/apt/sources.list.d/kobuk-team-ubuntu-tdx-release-noble.sources
Hit:1 https://aquasecurity.github.io/trivy-repo/deb noble InRelease
Hit:2 https://download.docker.com/linux/ubuntu noble InRelease
Hit:3 http://security.ubuntu.com/ubuntu noble-security InRelease
Hit:4 http://archive.ubuntu.com/ubuntu noble InRelease
Hit:5 https://apt.releases.hashicorp.com noble InRelease
Hit:6 http://archive.ubuntu.com/ubuntu noble-updates InRelease
Hit:7 http://archive.ubuntu.com/ubuntu noble-backports InRelease
Hit:8 https://ppa.launchpadcontent.net/kobuk-team/tdx-attestation-release/ubuntu noble InRelease
Hit:9 https://ppa.launchpadcontent.net/kobuk-team/tdx-release/ubuntu noble InRelease
Hit:10 https://ppa.launchpadcontent.net/kobuk-team/tdx-testing/ubuntu noble InRelease
Reading package lists... Done
W: https://aquasecurity.github.io/trivy-repo/deb/dists/noble/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
Package: *
Pin: release o=LP-PPA-kobuk-team-tdx-release
Pin-Priority: 4000
Unattended-Upgrade::Allowed-Origins {
  "LP-PPA-kobuk-team-tdx-release:noble";
};
Unattended-Upgrade::Allow-downgrade "true";
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
linux-image-intel is already the newest version (6.8.0-1013.20).
qemu-system-x86 is already the newest version (2:8.2.2+ds-0ubuntu1.4+tdx1.0).
libvirt-daemon-system is already the newest version (10.0.0-2ubuntu8.3+tdx1.2).
libvirt-clients is already the newest version (10.0.0-2ubuntu8.3+tdx1.2).
ovmf is already the newest version (2024.02-3+tdx1.0).
0 upgraded, 0 newly installed, 0 to remove and 28 not upgraded.
Sourcing file `/etc/default/grub'
Sourcing file `/etc/default/grub.d/99-tdx-kernel.cfg'
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-6.8.0-1013-intel
Found initrd image: /boot/initrd.img-6.8.0-1013-intel
Found linux image: /boot/vmlinuz-6.8.0-49-generic
Found initrd image: /boot/initrd.img-6.8.0-49-generic
Warning: os-prober will not be executed to detect other bootable partitions.
Systems on them will not be added to the GRUB boot configuration.
Check GRUB_DISABLE_OS_PROBER documentation entry.
Adding boot menu entry for UEFI Firmware Settings ...
done
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
linux-modules-extra-6.8.0-1013-intel is already the newest version (6.8.0-1013.20).
0 upgraded, 0 newly installed, 0 to remove and 28 not upgraded.
Skip installing attestation components...
========================================================================
The host OS setup has been done successfully. Now, please enable Intel TDX in the BIOS.
========================================================================
sdp@sdp:~/bprashan/tdx$ sudo dmesg | grep -i tdx
[    1.423525] virt/tdx: BIOS enabled: private KeyID range [64, 128)
[    1.423529] virt/tdx: Disable ACPI S3. Turn off TDX in the BIOS to use ACPI S3.
[    1.496613] smpboot: CPU0: Intel(R) Xeon(R) Platinum 8480CTDX (family: 0x6, model: 0x8f, stepping: 0x8)
[    8.366483] virt/tdx: TDX module: attributes 0x0, vendor_id 0x8086, major_version 1, minor_version 5, build_date 20240129, build_num 698
[    8.366488] virt/tdx: CMR: [0x100000, 0x77800000)
[    8.366490] virt/tdx: CMR: [0x100000000, 0x206e000000)
[    8.366491] virt/tdx: CMR: [0x2080000000, 0x4070000000)
[    9.124357] virt/tdx: 1050636 KB allocated for PAMT
[    9.124363] virt/tdx: module initialized
[ 5784.400436] WARNING: CPU: 131 PID: 34217 at arch/x86/kvm/vmx/tdx.c:1494 tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[ 5784.400540] RIP: 0010:tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[ 5784.400591]  ? tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[ 5784.400627]  ? tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[ 5784.400637]  tdx_sept_set_private_spte+0x93/0x100 [kvm_intel]
[ 5784.401155]  tdx_handle_ept_violation+0xf3/0x240 [kvm_intel]
[ 5784.401169]  tdx_handle_exit+0x1f7/0x2d0 [kvm_intel]
[ 5784.401441]  ? tdx_vcpu_put+0x52/0x80 [kvm_intel]
[ 7200.845625] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[76907.945726] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[115908.777073] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[122230.392165] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[202297.413814] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[207330.698995] WARNING: CPU: 73 PID: 303573 at arch/x86/kvm/vmx/tdx.c:1494 tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[207330.699123] RIP: 0010:tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[207330.699160]  ? tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[207330.699191]  ? tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[207330.699201]  tdx_sept_set_private_spte+0x93/0x100 [kvm_intel]
[207330.699783]  tdx_handle_ept_violation+0xf3/0x240 [kvm_intel]
[207330.699796]  tdx_handle_exit+0x1f7/0x2d0 [kvm_intel]
[208583.380488] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[460181.905297] WARNING: CPU: 86 PID: 392717 at arch/x86/kvm/vmx/tdx.c:1494 tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[460181.905432] RIP: 0010:tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[460181.905468]  ? tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[460181.905496]  ? tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[460181.905505]  tdx_sept_set_private_spte+0x93/0x100 [kvm_intel]
[460181.906042]  tdx_handle_ept_violation+0xf3/0x240 [kvm_intel]
[460181.906055]  tdx_handle_exit+0x1f7/0x2d0 [kvm_intel]
[461668.711551] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
sdp@sdp:~/bprashan/tdx$ cd guest-tools/image/
sdp@sdp:~/bprashan/tdx/guest-tools/image$ sudo ./create-td-image.sh
INFO: Installation of required tools
ERROR: Please specify the ubuntu release by setting UBUNTU_VERSION or passing it via -v
INFO: Cleanup!
sdp@sdp:~/bprashan/tdx/guest-tools/image$ sudo -E ./create-td-image.sh
INFO: Installation of required tools
ERROR: Please specify the ubuntu release by setting UBUNTU_VERSION or passing it via -v
INFO: Cleanup!
sdp@sdp:~/bprashan/tdx/guest-tools/image$

Expected behavior If the user does not specify the -v command line option when calling create_td_image.sh, we can default to the UBUNTU_VERSION specified in the [setup-tdx-common] (https://github.com/canonical/tdx/blob/noble-24.04/setup-tdx-common#L20) The documentation needs to be updated to provide clearer instructions on how to run create_td_image.sh script.

System report Please run the system-report.sh script (located in the root directory of this repo) on your host system and copy the output below.

Git ref

e7c4dc6c4a1adbc24d07ac034f33df3c0fb90fae

Operating system details

Distributor ID: Ubuntu
Description:    Ubuntu 24.04.1 LTS
Release:        24.04
Codename:       noble

Kernel version

6.8.0-1013-intel #20-Ubuntu SMP PREEMPT_DYNAMIC Thu Oct  3 17:38:00 UTC 2024 x86_64 x86_64 GNU/Linux

TDX kernel logs

[    1.423525] virt/tdx: BIOS enabled: private KeyID range [64, 128)
[    1.423529] virt/tdx: Disable ACPI S3. Turn off TDX in the BIOS to use ACPI S3.
[    1.496613] smpboot: CPU0: Intel(R) Xeon(R) Platinum 8480CTDX (family: 0x6, model: 0x8f, stepping: 0x8)
[    8.366483] virt/tdx: TDX module: attributes 0x0, vendor_id 0x8086, major_version 1, minor_version 5, build_date 20240129, build_num 698
[    8.366488] virt/tdx: CMR: [0x100000, 0x77800000)
[    8.366490] virt/tdx: CMR: [0x100000000, 0x206e000000)
[    8.366491] virt/tdx: CMR: [0x2080000000, 0x4070000000)
[    9.124357] virt/tdx: 1050636 KB allocated for PAMT
[    9.124363] virt/tdx: module initialized
[ 5784.400436] WARNING: CPU: 131 PID: 34217 at arch/x86/kvm/vmx/tdx.c:1494 tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
...
[76907.945726] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[115908.777073] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[122230.392165] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[202297.413814] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[207330.698995] WARNING: CPU: 73 PID: 303573 at arch/x86/kvm/vmx/tdx.c:1494 tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[207330.699123] RIP: 0010:tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[207330.699160]  ? tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[207330.699191]  ? tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[207330.699201]  tdx_sept_set_private_spte+0x93/0x100 [kvm_intel]
[207330.699783]  tdx_handle_ept_violation+0xf3/0x240 [kvm_intel]
[207330.699796]  tdx_handle_exit+0x1f7/0x2d0 [kvm_intel]
[208583.380488] TDX requires TDP MMU.  Please enable TDP MMU for TDX.
[460181.905297] WARNING: CPU: 86 PID: 392717 at arch/x86/kvm/vmx/tdx.c:1494 tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[460181.905432] RIP: 0010:tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[460181.905468]  ? tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[460181.905496]  ? tdx_mem_page_aug+0x102/0x1d0 [kvm_intel]
[460181.905505]  tdx_sept_set_private_spte+0x93/0x100 [kvm_intel]
[460181.906042]  tdx_handle_ept_violation+0xf3/0x240 [kvm_intel]
[460181.906055]  tdx_handle_exit+0x1f7/0x2d0 [kvm_intel]
[461668.711551] TDX requires TDP MMU.  Please enable TDP MMU for TDX.

TDX CPU instruction support

CPU supports TDX according to /proc/cpuinfo

Model specific registers (MSRs)

MK_TME_ENABLED bit: 1 (expected value: 1)
SEAM_RR bit: 1 (expected value: 1)
NUM_TDX_PRIV_KEYS: 40
SGX_AND_MCHECK_STATUS: 0 (expected value: 0)
Production platform: Production (expected value: Production)

CPU details

 Intel(R) Xeon(R) Platinum 8480CTDX

QEMU package details

Status: Installed
Package: qemu-system-x86
Version: 2:8.2.2+ds-0ubuntu1.4+tdx1.0
APT-Sources: https://ppa.launchpadcontent.net/kobuk-team/tdx-release/ubuntu noble/main amd64 Packages

Libvirt package details

Status: Installed
Package: libvirt-clients
Version: 10.0.0-2ubuntu8.3+tdx1.2
APT-Sources: https://ppa.launchpadcontent.net/kobuk-team/tdx-release/ubuntu noble/main amd64 Packages

OVMF package details

Status: Installed
Package: ovmf
Version: 2024.02-3+tdx1.0
APT-Sources: https://ppa.launchpadcontent.net/kobuk-team/tdx-release/ubuntu noble/main amd64 Packages

sgx-dcap-pccs package details

Status: Installed
Package: sgx-dcap-pccs
Version: 1.21-0ubuntu1
APT-Sources: https://ppa.launchpadcontent.net/kobuk-team/tdx-attestation-release/ubuntu noble/main amd64 Packages

tdx-qgs package details

Status: Installed
Package: tdx-qgs
Version: 1.21-0ubuntu2.2
APT-Sources: https://ppa.launchpadcontent.net/kobuk-team/tdx-attestation-release/ubuntu noble/main amd64 Packages

sgx-ra-service package details

Status: Installed
Package: sgx-ra-service
Version: 1.21-0ubuntu2.2
APT-Sources: https://ppa.launchpadcontent.net/kobuk-team/tdx-attestation-release/ubuntu noble/main amd64 Packages
Description: Intel(R) Software Guard Extensions Multi-Package Registration Agent Service

sgx-pck-id-retrieval-tool package details

Status: Installed
Package: sgx-pck-id-retrieval-tool
Version: 1.21-0ubuntu2.2
APT-Sources: https://ppa.launchpadcontent.net/kobuk-team/tdx-attestation-release/ubuntu noble/main amd64 Packages

QGSD service status

● qgsd.service - Intel(R) TD Quoting Generation Service
     Loaded: loaded (/usr/lib/systemd/system/qgsd.service; enabled; preset: enabled)
     Active: active (running) since Sun 2024-11-24 08:18:05 PST; 17h ago
    Process: 404854 ExecStartPre=/bin/chown -R qgsd:qgsd /var/opt/qgsd/ (code=exited, status=0/SUCCESS)
    Process: 404857 ExecStartPre=/bin/chmod 0750 /var/opt/qgsd/ (code=exited, status=0/SUCCESS)
    Process: 404860 ExecStartPre=/usr/share/qgs/linksgx.sh (code=exited, status=0/SUCCESS)
    Process: 404876 ExecStart=/usr/bin/qgs (code=exited, status=0/SUCCESS)
   Main PID: 404879 (qgs)
      Tasks: 5 (limit: 308202)
     Memory: 2.5M (peak: 4.3M)
        CPU: 860ms
     CGroup: /system.slice/qgsd.service
             └─404879 /usr/bin/qgs

Nov 24 09:09:28 sdp qgsd[404879]: Added a new connection, now [1]
Nov 24 09:09:28 sdp qgsd[404879]: handle_read: status [system:0]
Nov 24 09:09:28 sdp qgsd[404879]: handle_read:[system:0Received 1024 bytes.]
Nov 24 09:09:28 sdp qgsd[404879]: process raw request [1024] bytes!.
Nov 24 09:09:28 sdp qgsd[404879]: unpack message successfully in thread [7ec4182a3740]
Nov 24 09:09:28 sdp qgsd[404879]: tee_att_get_quote_size return Success
Nov 24 09:09:28 sdp qgsd[404879]: tee_att_get_quote return Success
Nov 24 09:09:28 sdp qgsd[404879]: About to write response in thread [7ec4166006c0]
Nov 24 09:09:28 sdp qgsd[404879]: About to shutdown and close socket
Nov 24 09:09:28 sdp qgsd[404879]: erased a connection, now [0]

PCCS service status

● pccs.service - Provisioning Certificate Caching Service (PCCS)
     Loaded: loaded (/usr/lib/systemd/system/pccs.service; enabled; preset: enabled)
     Active: active (running) since Sun 2024-11-24 07:40:17 PST; 17h ago
       Docs: https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteGeneration/pccs/README.md
   Main PID: 386422 (node)
      Tasks: 15 (limit: 308202)
     Memory: 47.6M (peak: 62.5M)
        CPU: 3.060s
     CGroup: /system.slice/pccs.service
             └─386422 /usr/bin/node /opt/intel/sgx-dcap-pccs/pccs_server.js

Nov 25 01:00:02 sdp node[386422]: 2024-11-25 01:00:02.279 [info]: Request-ID is : 2b8d520ba12a45fcafb3a004c0187e46
Nov 25 01:00:02 sdp node[386422]: 2024-11-25 01:00:02.624 [info]: Request-ID is : b98164d6e879439fabf1d5e27ef87669
Nov 25 01:00:02 sdp node[386422]: 2024-11-25 01:00:02.973 [info]: Request-ID is : 47cacbc795d3408d9a1eccd81aa73e10
Nov 25 01:00:03 sdp node[386422]: 2024-11-25 01:00:03.320 [info]: Request-ID is : 207079e60122493bbcac11f5a6f9493b
Nov 25 01:00:03 sdp node[386422]: 2024-11-25 01:00:03.660 [info]: Request-ID is : c79a2712e35d448584c78233f2fa664c
Nov 25 01:00:04 sdp node[386422]: 2024-11-25 01:00:04.005 [info]: Request-ID is : 43533162d8164e2ba1bffa8c085f838d
Nov 25 01:00:04 sdp node[386422]: 2024-11-25 01:00:04.356 [info]: Request-ID is : 8b90683314874e0d957b6aae196c4623
Nov 25 01:00:04 sdp node[386422]: 2024-11-25 01:00:04.725 [info]: Request-ID is : ef44cd4985494f52a4d297ed1a5784b7
Nov 25 01:00:05 sdp node[386422]: 2024-11-25 01:00:05.067 [info]: Request-ID is : 487efd7ed8f9406fbb5be4f114ad48da
Nov 25 01:00:05 sdp node[386422]: 2024-11-25 01:00:05.262 [info]: Scheduled cache refresh is completed successfully.

MPA registration logs (last 30 lines)

[24-11-2024 07:40:17] INFO: SGX Registration Agent version: 1.21.100.3
[24-11-2024 07:40:17] INFO: Starts Registration Agent Flow.
[24-11-2024 07:40:17] INFO: Registration Flow - Registration status indicates registration is completed successfully. MPA has nothing to do.
[24-11-2024 07:40:17] INFO: Finished Registration Agent Flow.
syncronize-issues-to-jira[bot] commented 20 hours ago

Thank you for reporting us your feedback!

The internal ticket has been created: https://warthogs.atlassian.net/browse/PEK-1491.

This message was autogenerated