igvm: Implement launch of OVMF firmware from IGVM file

When using an IGVM file the OVMF firmware will be populated into the guest using pages described by IGVM and not using firmware volumes and fw_cfg. This patch uses the current configuration (IGVM or fw_cfg) to determine the firmware range and validate the pages accordingly before launching the firmware. Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
coconut-svsm · Dec 13, 2023 · bc32428 · bc32428
1 parent 05d5131
commit bc32428
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 7 deletions.
diff --git a/src/config.rs b/src/config.rs
@@ -63,4 +63,13 @@ impl<'a> SvsmConfig<'a> {
             SvsmConfig::IgvmConfig(igvm_params) => igvm_params.should_launch_fw(),
         }
     }
+
+    pub fn get_fw_regions(&self) -> Result<Vec<MemoryRegion<PhysAddr>>, SvsmError> {
+        match self {
+            SvsmConfig::FirmwareConfig(fw_cfg) => {
+                Ok(fw_cfg.iter_flash_regions().collect::<Vec<_>>())
+            }
+            SvsmConfig::IgvmConfig(igvm_params) => igvm_params.get_fw_regions(),
+        }
+    }
 }
diff --git a/src/igvm_params.rs b/src/igvm_params.rs
@@ -12,6 +12,7 @@ use crate::error::SvsmError;
 use crate::error::SvsmError::Firmware;
 use crate::mm::PAGE_SIZE;
 use crate::utils::MemoryRegion;
+use alloc::vec;
 use alloc::vec::Vec;
 
 use core::mem::size_of;
@@ -134,4 +135,15 @@ impl IgvmParams<'_> {
     pub fn should_launch_fw(&self) -> bool {
         self.igvm_param_block.fw_size != 0
     }
+
+    pub fn get_fw_regions(&self) -> Result<Vec<MemoryRegion<PhysAddr>>, SvsmError> {
+        if !self.should_launch_fw() {
+            Err(Firmware)
+        } else {
+            Ok(vec![MemoryRegion::new(
+                PhysAddr::new(self.igvm_param_block.fw_start as usize),
+                self.igvm_param_block.fw_size as usize * PAGE_SIZE,
+            )])
+        }
+    }
 }
diff --git a/src/svsm.rs b/src/svsm.rs
@@ -9,7 +9,6 @@
 
 extern crate alloc;
 
-use alloc::vec::Vec;
 use svsm::fw_meta::{parse_fw_meta_data, print_fw_meta, validate_fw_memory, SevFWMetaData};
 
 use core::arch::global_asm;
@@ -220,10 +219,8 @@ fn launch_fw() -> Result<(), SvsmError> {
     Ok(())
 }
 
-fn validate_flash() -> Result<(), SvsmError> {
-    let fw_cfg = FwCfg::new(&CONSOLE_IO);
-
-    let flash_regions = fw_cfg.iter_flash_regions().collect::<Vec<_>>();
+fn validate_fw(config: &SvsmConfig) -> Result<(), SvsmError> {
+    let flash_regions = config.get_fw_regions()?;
     let kernel_region = LAUNCH_INFO.kernel_region();
     let flash_range = {
         let one_gib = 1024 * 1024 * 1024usize;
@@ -473,8 +470,7 @@ pub extern "C" fn svsm_main() {
         if let Err(e) = copy_tables_to_fw(fw_meta) {
             panic!("Failed to copy firmware tables: {:#?}", e);
         }
-
-        if let Err(e) = validate_flash() {
+        if let Err(e) = validate_fw(&config) {
             panic!("Failed to validate flash memory: {:#?}", e);
         }
     }