Configure guest vTOM when configured by IGVM parameters

Signed-off-by: Jon Lange <jlange@microsoft.com>
coconut-svsm · Dec 25, 2023 · 363d29b · 363d29b
1 parent ad078ab
commit 363d29b
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 5 deletions.
diff --git a/bootlib/src/igvm_params.rs b/bootlib/src/igvm_params.rs
@@ -84,6 +84,9 @@ pub struct IgvmParamBlock {
 
     /// The guest physical address of the base of the kernel memory region.
     pub kernel_base: u64,
+
+    /// The value of vTOM used by the guest, or zero if not used.
+    pub vtom: u64,
 }
 
 /// The IGVM context page is a measured page that is used to specify the start

diff --git a/igvmbld/igvmbld.c b/igvmbld/igvmbld.c
@@ -37,6 +37,7 @@ typedef struct {
     uint32_t kernel_reserved_size;
     uint32_t kernel_size;
     uint64_t kernel_base;
+    uint64_t vtom;
 } IgvmParamBlock;
 
 typedef struct {
@@ -361,7 +362,7 @@ void generate_initial_vmsa(SEV_VMSA *vmsa)
     vmsa->sev_features = SevFeature_Snp;
 }
 
-void setup_igvm_platform_header(void)
+IGVM_VHS_SUPPORTED_PLATFORM *setup_igvm_platform_header(void)
 {
     IGVM_VHS *header;
     IGVM_VHS_SUPPORTED_PLATFORM *platform;
@@ -382,9 +383,7 @@ void setup_igvm_platform_header(void)
     platform->PlatformType = IgvmPlatformType_SevSnp;
     platform->PlatformVersion = 1;
 
-    // Set the GPA boundary at bit 46, below the lowest possible C-bit
-    // position.
-    platform->SharedGpaBoundary = 0x0000400000000000;
+    return platform;
 }
 
 void generate_required_memory_header(IgvmParamBlock *igvm_parameter_block)
@@ -829,6 +828,7 @@ int main(int argc, const char *argv[])
     IgvmParamBlock *igvm_parameter_block;
     DATA_OBJ *initial_stack;
     DATA_OBJ *kernel_data;
+    IGVM_VHS_SUPPORTED_PLATFORM *platform;
     DATA_OBJ *secrets_page;
     DATA_OBJ *stage2_data;
     Stage2Stack *stage2_stack;
@@ -847,7 +847,7 @@ int main(int argc, const char *argv[])
     var_hdr_offset = sizeof(IGVM_FIXED_HEADER);
 
     // Set up the platform compatibility header.
-    setup_igvm_platform_header();
+    platform = setup_igvm_platform_header();
 
     // Construct a set of ranges for the memory map:
     // 00000-0EFFF: zero-filled (must be pre-validated)
@@ -970,6 +970,11 @@ int main(int argc, const char *argv[])
         // as reserved.
         vmsa_address = igvm_parameter_block->kernel_base;
         igvm_parameter_block->kernel_reserved_size = 0x1000;
+
+        // Set the shared GPA boundary at bit 46, below the lowest possible
+        // C-bit position.
+        igvm_parameter_block->vtom = 0x0000400000000000;
+        platform->SharedGpaBoundary = igvm_parameter_block->vtom;
     }
     else
     {

diff --git a/src/igvm_params.rs b/src/igvm_params.rs
@@ -264,6 +264,12 @@ impl IgvmParams<'_> {
             vmsa.es = vmsa.ds;
             vmsa.fs = vmsa.ds;
             vmsa.gs = vmsa.ds;
+
+            // Configure vTOM if reqqested.
+            if self.igvm_param_block.vtom != 0 {
+                vmsa.vtom = self.igvm_param_block.vtom;
+                vmsa.sev_features |= 2; // VTOM feature
+            }
         }
     }
 }