feat(vmm): add vendor check of CPU template

Check whether the vendor is matched between the static CPU template
and the actual CPU.

Static CPU templates for x86-64 are specific to vendor (Intel or AMD).
`include_leaves_from()` method does this check now, but will be removed
in a successive commit. Instead of this method, we do this check in
`get_cpu_template()`.

Signed-off-by: Takahiro Itazuri <[email protected]>

Author: zulinx86

src/vmm/src/guest_config/templates/mod.rs

@@ -34,6 +34,13 @@ pub use common_types::*;
 /// Error for GetCpuTemplate trait.
 #[derive(Debug, thiserror::Error, PartialEq, Eq)]
 pub enum GetCpuTemplateError {
+    #[cfg(target_arch = "x86_64")]
+    /// Failed to get CPU vendor information.
+    #[error("Failed to get CPU vendor information: {0}")]
+    GetCpuVendor(crate::guest_config::cpuid::common::GetCpuidError),
+    /// CPU Vendor mismatched between the actual CPU and CPU template.
+    #[error("CPU vendor mismatched between actual CPU and CPU template.")]
+    CpuVendorMismatched,
     /// Invalid static CPU template.
     #[error("Invalid static CPU template: {0}")]
     InvalidStaticCpuTemplate(StaticCpuTemplate),

src/vmm/src/guest_config/templates/x86_64.rs

@@ -11,24 +11,56 @@ use serde::de::Error as SerdeError;
 use serde::{Deserialize, Deserializer, Serialize, Serializer};
 
 use super::{CpuTemplateType, GetCpuTemplate, GetCpuTemplateError, StaticCpuTemplate};
+use crate::guest_config::cpuid::common::get_vendor_id_from_host;
 use crate::guest_config::cpuid::cpuid_ffi::KvmCpuidFlags;
+use crate::guest_config::cpuid::{VENDOR_ID_AMD, VENDOR_ID_INTEL};
 use crate::guest_config::x86_64::static_cpu_templates_new::{c3, t2, t2a, t2cl, t2s};
 
 impl GetCpuTemplate for Option<CpuTemplateType> {
     fn get_cpu_template(&self) -> Result<Cow<CustomCpuTemplate>, GetCpuTemplateError> {
+        use GetCpuTemplateError::*;
+
         match self {
             Some(template_type) => match template_type {
                 CpuTemplateType::Custom(template) => Ok(Cow::Borrowed(template)),
-                CpuTemplateType::Static(template) => match template {
-                    StaticCpuTemplate::C3 => Ok(Cow::Owned(c3::c3())),
-                    StaticCpuTemplate::T2 => Ok(Cow::Owned(t2::t2())),
-                    StaticCpuTemplate::T2S => Ok(Cow::Owned(t2s::t2s())),
-                    StaticCpuTemplate::T2CL => Ok(Cow::Owned(t2cl::t2cl())),
-                    StaticCpuTemplate::T2A => Ok(Cow::Owned(t2a::t2a())),
-                    StaticCpuTemplate::None => Err(GetCpuTemplateError::InvalidStaticCpuTemplate(
-                        StaticCpuTemplate::None,
-                    )),
-                },
+                CpuTemplateType::Static(template) => {
+                    let vendor_id = get_vendor_id_from_host().map_err(GetCpuVendor)?;
+                    match template {
+                        StaticCpuTemplate::C3 => {
+                            if &vendor_id != VENDOR_ID_INTEL {
+                                return Err(CpuVendorMismatched);
+                            }
+                            Ok(Cow::Owned(c3::c3()))
+                        }
+                        StaticCpuTemplate::T2 => {
+                            if &vendor_id != VENDOR_ID_INTEL {
+                                return Err(CpuVendorMismatched);
+                            }
+                            Ok(Cow::Owned(t2::t2()))
+                        }
+                        StaticCpuTemplate::T2S => {
+                            if &vendor_id != VENDOR_ID_INTEL {
+                                return Err(CpuVendorMismatched);
+                            }
+                            Ok(Cow::Owned(t2s::t2s()))
+                        }
+                        StaticCpuTemplate::T2CL => {
+                            if &vendor_id != VENDOR_ID_INTEL {
+                                return Err(CpuVendorMismatched);
+                            }
+                            Ok(Cow::Owned(t2cl::t2cl()))
+                        }
+                        StaticCpuTemplate::T2A => {
+                            if &vendor_id != VENDOR_ID_AMD {
+                                return Err(CpuVendorMismatched);
+                            }
+                            Ok(Cow::Owned(t2a::t2a()))
+                        }
+                        StaticCpuTemplate::None => {
+                            Err(InvalidStaticCpuTemplate(StaticCpuTemplate::None))
+                        }
+                    }
+                }
             },
             None => Ok(Cow::Owned(CustomCpuTemplate::default())),
         }
@@ -478,56 +510,91 @@ mod tests {
     #[test]
     fn test_get_cpu_template_with_c3_static_template() {
         // Test `get_cpu_template()` when C3 static CPU template is specified. The owned
-        // `CustomCpuTemplate` should be returned.
+        // `CustomCpuTemplate` should be returned if CPU vendor is Intel. Otherwise, it should fail.
         let cpu_template = Some(CpuTemplateType::Static(StaticCpuTemplate::C3));
-        assert_eq!(
-            cpu_template.get_cpu_template().unwrap(),
-            Cow::Owned(c3::c3())
-        );
+        if &get_vendor_id_from_host().unwrap() == VENDOR_ID_INTEL {
+            assert_eq!(
+                cpu_template.get_cpu_template().unwrap(),
+                Cow::Owned(c3::c3())
+            );
+        } else {
+            assert_eq!(
+                cpu_template.get_cpu_template().unwrap_err(),
+                GetCpuTemplateError::CpuVendorMismatched,
+            );
+        }
     }
 
     #[test]
     fn test_get_cpu_template_with_t2_static_template() {
         // Test `get_cpu_template()` when T2 static CPU template is specified. The owned
-        // `CustomCpuTemplate` should be returned.
+        // `CustomCpuTemplate` should be returned if CPU vendor is Intel. Otherwise, it should fail.
         let cpu_template = Some(CpuTemplateType::Static(StaticCpuTemplate::T2));
-        assert_eq!(
-            cpu_template.get_cpu_template().unwrap(),
-            Cow::Owned(t2::t2())
-        );
+        if &get_vendor_id_from_host().unwrap() == VENDOR_ID_INTEL {
+            assert_eq!(
+                cpu_template.get_cpu_template().unwrap(),
+                Cow::Owned(t2::t2())
+            );
+        } else {
+            assert_eq!(
+                cpu_template.get_cpu_template().unwrap_err(),
+                GetCpuTemplateError::CpuVendorMismatched,
+            );
+        }
     }
 
     #[test]
     fn test_get_cpu_template_with_t2s_static_template() {
         // Test `get_cpu_template()` when T2S static CPU template is specified. The owned
-        // `CustomCpuTemplate` should be returned.
+        // `CustomCpuTemplate` should be returned if CPU vendor is Intel. Otherwise, it should fail.
         let cpu_template = Some(CpuTemplateType::Static(StaticCpuTemplate::T2S));
-        assert_eq!(
-            cpu_template.get_cpu_template().unwrap(),
-            Cow::Owned(t2s::t2s())
-        );
+        if &get_vendor_id_from_host().unwrap() == VENDOR_ID_INTEL {
+            assert_eq!(
+                cpu_template.get_cpu_template().unwrap(),
+                Cow::Owned(t2s::t2s())
+            );
+        } else {
+            assert_eq!(
+                cpu_template.get_cpu_template().unwrap_err(),
+                GetCpuTemplateError::CpuVendorMismatched,
+            );
+        }
     }
 
     #[test]
     fn test_get_cpu_template_with_t2cl_static_template() {
         // Test `get_cpu_template()` when T2CL static CPU template is specified. The owned
-        // `CustomCpuTemplate` should be returned.
+        // `CustomCpuTemplate` should be returned if CPU vendor is Intel. Otherwise, it should fail.
         let cpu_template = Some(CpuTemplateType::Static(StaticCpuTemplate::T2CL));
-        assert_eq!(
-            cpu_template.get_cpu_template().unwrap(),
-            Cow::Owned(t2cl::t2cl())
-        );
+        if &get_vendor_id_from_host().unwrap() == VENDOR_ID_INTEL {
+            assert_eq!(
+                cpu_template.get_cpu_template().unwrap(),
+                Cow::Owned(t2cl::t2cl())
+            );
+        } else {
+            assert_eq!(
+                cpu_template.get_cpu_template().unwrap_err(),
+                GetCpuTemplateError::CpuVendorMismatched,
+            );
+        }
     }
 
     #[test]
     fn test_get_cpu_template_with_t2a_static_template() {
         // Test `get_cpu_template()` when T2A static CPU template is specified. The owned
-        // `CustomCpuTemplate` should be returned.
+        // `CustomCpuTemplate` should be returned if CPU vendor is AMD. Otherwise it should fail.
         let cpu_template = Some(CpuTemplateType::Static(StaticCpuTemplate::T2A));
-        assert_eq!(
-            cpu_template.get_cpu_template().unwrap(),
-            Cow::Owned(t2a::t2a())
-        );
+        if &get_vendor_id_from_host().unwrap() == VENDOR_ID_AMD {
+            assert_eq!(
+                cpu_template.get_cpu_template().unwrap(),
+                Cow::Owned(t2a::t2a())
+            );
+        } else {
+            assert_eq!(
+                cpu_template.get_cpu_template().unwrap_err(),
+                GetCpuTemplateError::CpuVendorMismatched,
+            );
+        }
     }
 
     #[test]

tests/integration_tests/functional/test_api.py

@@ -476,9 +476,7 @@ def test_api_machine_config(test_microvm_with_api):
     response = test_microvm.actions.put(action_type="InstanceStart")
     if utils.get_cpu_vendor() == utils.CpuVendor.AMD:
         # We shouldn't be able to apply Intel templates on AMD hosts
-        fail_msg = (
-            "Unable to successfully create cpu configuration usable for guest vCPUs:"
-        )
+        fail_msg = "CPU vendor mismatched between actual CPU and CPU template"
         assert test_microvm.api_session.is_status_bad_request(response.status_code)
         assert fail_msg in response.text
     else: