[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v4 14/17] backends/igvm: Process initialization sections in IGVM
|
From: |
Roy Hopkins |
|
Subject: |
[PATCH v4 14/17] backends/igvm: Process initialization sections in IGVM file |
|
Date: |
Wed, 3 Jul 2024 12:05:52 +0100 |
The initialization sections in IGVM files contain configuration that
should be applied to the guest platform before it is started. This
includes guest policy and other information that can affect the security
level and the startup measurement of a guest.
This commit introduces handling of the initialization sections during
processing of the IGVM file.
Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
---
backends/igvm.c | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/backends/igvm.c b/backends/igvm.c
index 97af1a6cb3..fa074b9107 100644
--- a/backends/igvm.c
+++ b/backends/igvm.c
@@ -781,6 +781,27 @@ int igvm_process_file(IgvmCfgState *cfg,
ConfidentialGuestSupport *cgs,
}
}
+ header_count =
+ igvm_header_count(ctx.file, IGVM_HEADER_SECTION_INITIALIZATION);
+ if (header_count < 0) {
+ error_setg(
+ errp,
+ "Invalid initialization header count in IGVM file. Error code: %X",
+ header_count);
+ return -1;
+ }
+
+ for (ctx.current_header_index = 0;
+ ctx.current_header_index < (unsigned)header_count;
+ ctx.current_header_index++) {
+ IgvmVariableHeaderType type =
+ igvm_get_header_type(ctx.file, IGVM_HEADER_SECTION_INITIALIZATION,
+ ctx.current_header_index);
+ if (handler(&ctx, type, errp) < 0) {
+ goto cleanup;
+ }
+ }
+
/*
* Contiguous pages of data with compatible flags are grouped together in
* order to reduce the number of memory regions we create. Make sure the
--
2.43.0
- [PATCH v4 07/17] sev: Update launch_update_data functions to use Error handling, (continued)
- [PATCH v4 07/17] sev: Update launch_update_data functions to use Error handling, Roy Hopkins, 2024/07/03
- [PATCH v4 11/17] docs/system: Add documentation on support for IGVM, Roy Hopkins, 2024/07/03
- [PATCH v4 12/17] docs/interop/firmware.json: Add igvm to FirmwareDevice, Roy Hopkins, 2024/07/03
- [PATCH v4 08/17] target/i386: Allow setting of R_LDTR and R_TR with cpu_x86_load_seg_cache(), Roy Hopkins, 2024/07/03
- [PATCH v4 13/17] backends/confidential-guest-support: Add set_guest_policy() function, Roy Hopkins, 2024/07/03
- [PATCH v4 17/17] sev: Provide sev_features flags from IGVM VMSA to KVM_SEV_INIT2, Roy Hopkins, 2024/07/03
- [PATCH v4 14/17] backends/igvm: Process initialization sections in IGVM file,
Roy Hopkins <=
- [PATCH v4 09/17] i386/sev: Refactor setting of reset vector and initial CPU state, Roy Hopkins, 2024/07/03
- [PATCH v4 10/17] i386/sev: Implement ConfidentialGuestSupport functions for SEV, Roy Hopkins, 2024/07/03
- [PATCH v4 15/17] backends/igvm: Handle policy for SEV guests, Roy Hopkins, 2024/07/03
- [PATCH v4 16/17] i386/sev: Add implementation of CGS set_guest_policy(), Roy Hopkins, 2024/07/03
- Re: [PATCH v4 00/17] Introduce support for IGVM files, Michael S. Tsirkin, 2024/07/20
- Re: [PATCH v4 00/17] Introduce support for IGVM files, Daniel P . Berrangé, 2024/07/24