Implement an IGVM builder in rust #235
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ation This adds a new IGVM builder and integrates it into the makefile. The output of the IGVM builder is functionally exactly the same as the C-based builder and can be used as a direct replacement. Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
The implementation suffered from being a direct converstion from the the C builder. This commit separates the code into different structs/crates and uses rust more effectively. Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
Hyper-V does not use OVMF firmware. Instead it uses a firmware binary that is described in IGVM format. This commit adds an IGVM parser that extracts the relevent directives from the firmware binary and adds them to the built IGVM file. Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
The order pages are defined in the IGVM file is generally not important. However, in order to verify the output of the builder it is useful to compare the output to the existing (working) C implementation of the builder. To simplify this, this commit adds a sort option that ensures all pages are described in ascending GPA order. In addition, there is a requirement that directives defining parameters are specified in the right order. After building the list of directives, this commit unconditionally moves all Page directives to the end of the list. Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
In order to allow an easy comparison between the output of this C IGVM builder and the rust IGVM builder, add an option to the C builder to sort all Page directives in order of ascending GPA. This allows an IGVM dump tool to be used to compare the outputs of the two different builders. Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
The C implementation has been replaced with a rust implementation with equivalent functionality. Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
|
Booting with real Hyper-V firmware works identically between the new and old versions of the file builder - no regressions here! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Coconut SVSM currently packages the and optionally the OVMF firmware inside an IGVM file using a builder tool that is invoked from the
Makefilefor both QEMU and Hyper-V. The current implementation of the builder tool is written in C. The intention was always to replace this with a rust implementation of a builder.This PR implements an IGVM builder in rust equivalent to the C implementation, and is intended to provide a drop-in replacement.
The commits in the PR are engineered to demonstrate the fact that both builders generate the same output, which generally follows this sequence:
This approach meant that I could generate a sorted output from both the C and rust builders simultaneously during a build, dump the output using the
dump_igvmtool implemented in this PR: microsoft/igvm#3 then perform adiffto ensure the outputs are consistent for the following configurations:Once I determined the outputs were identical, the final commit was added to remove the C builder.