Merge pull request #176 from msft-jlange/igvm

Obtain configuration parameters from IGVM when present

Cargo.toml

@@ -25,6 +25,8 @@ intrusive-collections = "0.9.6"
 log = { version = "0.4.17", features = ["max_level_info", "release_max_level_info"] }
 packit = { git = "https://github.com/coconut-svsm/packit", version = "0.1.0" }
 aes-gcm = { version = "0.10.3", default-features = false, features = ["aes", "alloc"] }
+igvm_params = { path = "igvm_params" }
+igvm_defs = { version = "0.1.0" }
 
 [target."x86_64-unknown-none".dev-dependencies]
 test = { version = "0.1.0", path = "test" }

igvm_params/Cargo.toml

@@ -0,0 +1,8 @@
+[package]
+name = "igvm_params"
+version = "0.1.0"
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]

igvm_params/src/lib.rs

@@ -0,0 +1,70 @@
+// SPDX-License-Identifier: MIT OR Apache-2.0
+//
+// Copyright (c) Microsoft Corporation
+//
+// Author: Jon Lange (jlange@microsoft.com)
+
+//! This crate provides definitions of IGVM parameters to be parsed by
+//! COCONUT-SVSM to determine its configuration.  It is provided as a separate
+//! crate since the same definitions must be known to the utility that
+//! constructs the IGVM file.
+
+#![no_std]
+
+/// The IGVM parameter page is an unmeasured page containing individual
+/// parameters that are provided by the host loader.
+#[repr(C, packed)]
+#[derive(Clone, Debug)]
+pub struct IgvmParamPage {
+    /// The number of vCPUs that are configured for the guest VM.
+    pub cpu_count: u32,
+
+    /// A flag indicating whether the default state of guest memory is shared
+    /// (not assigned to the guest) or private (assigned to the guest).
+    /// Shared pages must undergo a page state change to private before they
+    /// can be accepted for guest use.  A zero value here means that the
+    /// default state is private, and a non-zero value means that the default
+    /// state is shared.
+    pub default_shared_pages: u32,
+}
+
+/// The IGVM parameter block is a measured page constructed by the IGVM file
+/// builder which describes where the additional IGVM parameter information
+/// has been placed into the guest address space.
+#[repr(C, packed)]
+#[derive(Clone, Debug)]
+pub struct IgvmParamBlock {
+    /// The total size of the parameter area, beginning with the parameter
+    /// block itself and including any additional parameter pages which follow.
+    pub param_area_size: u32,
+
+    /// The offset, in bytes, from the base of the parameter block to the base
+    /// of the parameter page.
+    pub param_page_offset: u32,
+
+    /// The offset, in bytes, from the base of the parameter block to the base
+    /// of the memory map (which is in IGVM format).
+    pub memory_map_offset: u32,
+
+    /// The guest physical address of the CPUID page.
+    pub cpuid_page: u32,
+
+    /// The guest physical address of the secrets page.
+    pub secrets_page: u32,
+
+    /// A flag indicating whether the kernel should proceed with the flow
+    /// to launch guest firmware once kernel initialization is complete.
+    pub launch_fw: u8,
+
+    _reserved: [u8; 3],
+
+    /// The amount of space that must be reserved at the base of the kernel
+    /// memory region (e.g. for VMSA contents).
+    pub kernel_reserved_size: u32,
+
+    /// The number of bytes in the kernel memory region.
+    pub kernel_size: u32,
+
+    /// The guest physical address of the base of the kernel memory region.
+    pub kernel_base: u64,
+}

src/config.rs

@@ -10,46 +10,57 @@ use crate::acpi::tables::{load_acpi_cpu_info, ACPICPUInfo};
 use crate::address::PhysAddr;
 use crate::error::SvsmError;
 use crate::fw_cfg::FwCfg;
+use crate::igvm_params::IgvmParams;
 use crate::utils::MemoryRegion;
 use alloc::vec::Vec;
 
 #[derive(Debug)]
 pub enum SvsmConfig<'a> {
     FirmwareConfig(FwCfg<'a>),
+    IgvmConfig(IgvmParams<'a>),
 }
 
 impl<'a> SvsmConfig<'a> {
     pub fn find_kernel_region(&self) -> Result<MemoryRegion<PhysAddr>, SvsmError> {
         match self {
             SvsmConfig::FirmwareConfig(fw_cfg) => fw_cfg.find_kernel_region(),
+            SvsmConfig::IgvmConfig(igvm_params) => igvm_params.find_kernel_region(),
         }
     }
     pub fn get_cpuid_page_address(&self) -> u64 {
         match self {
             SvsmConfig::FirmwareConfig(_) => 0x9f000,
+            SvsmConfig::IgvmConfig(igvm_params) => igvm_params.get_cpuid_page_address(),
         }
     }
     pub fn get_secrets_page_address(&self) -> u64 {
         match self {
             SvsmConfig::FirmwareConfig(_) => 0x9e000,
+            SvsmConfig::IgvmConfig(igvm_params) => igvm_params.get_secrets_page_address(),
         }
     }
     pub fn page_state_change_required(&self) -> bool {
-        true
+        match self {
+            SvsmConfig::FirmwareConfig(_) => true,
+            SvsmConfig::IgvmConfig(igvm_params) => igvm_params.page_state_change_required(),
+        }
     }
     pub fn get_memory_regions(&self) -> Result<Vec<MemoryRegion<PhysAddr>>, SvsmError> {
         match self {
             SvsmConfig::FirmwareConfig(fw_cfg) => fw_cfg.get_memory_regions(),
+            SvsmConfig::IgvmConfig(igvm_params) => igvm_params.get_memory_regions(),
         }
     }
     pub fn load_cpu_info(&self) -> Result<Vec<ACPICPUInfo>, SvsmError> {
         match self {
             SvsmConfig::FirmwareConfig(fw_cfg) => load_acpi_cpu_info(fw_cfg),
+            SvsmConfig::IgvmConfig(igvm_params) => igvm_params.load_cpu_info(),
         }
     }
     pub fn should_launch_fw(&self) -> bool {
         match self {
             SvsmConfig::FirmwareConfig(_) => true,
+            SvsmConfig::IgvmConfig(igvm_params) => igvm_params.should_launch_fw(),
         }
     }
 }