Re: [PATCH v8 13/16] backends/igvm: Process initialization sections in IGVM file

Fri, 27 Jun 2025 04:29:32 -0700 

On Fri, Jun 13, 2025 at 8:52 PM Roy Hopkins <[email protected]> wrote:
>
> The initialization sections in IGVM files contain configuration that
> should be applied to the guest platform before it is started. This
> includes guest policy and other information that can affect the security
> level and the startup measurement of a guest.
>
> This commit introduces handling of the initialization sections during
> processing of the IGVM file.
>
> Signed-off-by: Roy Hopkins <[email protected]>
> Acked-by: Michael S. Tsirkin <[email protected]>
> Acked-by: Gerd Hoffman <[email protected]>
> Reviewed-by: Stefano Garzarella <[email protected]>
> ---
>  backends/igvm.c | 21 +++++++++++++++++++++
>  1 file changed, 21 insertions(+)
>
> diff --git a/backends/igvm.c b/backends/igvm.c
> index 2a31021d44..ebdb4594d1 100644
> --- a/backends/igvm.c
> +++ b/backends/igvm.c
> @@ -786,6 +786,27 @@ int qigvm_process_file(IgvmCfg *cfg, 
> ConfidentialGuestSupport *cgs,
>          }
>      }
>
> +    header_count =
> +        igvm_header_count(ctx.file, IGVM_HEADER_SECTION_INITIALIZATION);
> +    if (header_count < 0) {
> +        error_setg(
> +            errp,
> +            "Invalid initialization header count in IGVM file. Error code: 
> %X",
> +            header_count);
> +        goto cleanup_parameters;
> +    }
> +
> +    for (ctx.current_header_index = 0;
> +         ctx.current_header_index < (unsigned)header_count;
> +         ctx.current_header_index++) {
> +        IgvmVariableHeaderType type =
> +            igvm_get_header_type(ctx.file, 
> IGVM_HEADER_SECTION_INITIALIZATION,
> +                                 ctx.current_header_index);
> +        if (qigvm_handler(&ctx, type, errp) < 0) {

So the next patch, patch #14 actually defines the handler.

@@ -92,6 +135,10 @@ static struct QIGVMHandler handlers[] = {
       qigvm_directive_environment_info },
     { IGVM_VHT_REQUIRED_MEMORY, IGVM_HEADER_SECTION_DIRECTIVE,
       qigvm_directive_required_memory },
+    { IGVM_VHT_SNP_ID_BLOCK, IGVM_HEADER_SECTION_DIRECTIVE,
+      qigvm_directive_snp_id_block },
+    { IGVM_VHT_GUEST_POLICY, IGVM_HEADER_SECTION_INITIALIZATION,
+      qigvm_initialization_guest_policy },
 };


So I think patch #14 should come before this patch in the series.

> +            goto cleanup_parameters;
> +        }
> +    }
> +
>      /*
>       * Contiguous pages of data with compatible flags are grouped together in
>       * order to reduce the number of memory regions we create. Make sure the
> --
> 2.43.0
>

Reply via email to