On Fri, 2025-06-27 at 16:58 +0530, Ani Sinha wrote: > On Fri, Jun 13, 2025 at 8:52 PM Roy Hopkins <[email protected]> > wrote: > > > > The initialization sections in IGVM files contain configuration that > > should be applied to the guest platform before it is started. This > > includes guest policy and other information that can affect the security > > level and the startup measurement of a guest. > > > > This commit introduces handling of the initialization sections during > > processing of the IGVM file. > > > > Signed-off-by: Roy Hopkins <[email protected]> > > Acked-by: Michael S. Tsirkin <[email protected]> > > Acked-by: Gerd Hoffman <[email protected]> > > Reviewed-by: Stefano Garzarella <[email protected]> > > --- > > backends/igvm.c | 21 +++++++++++++++++++++ > > 1 file changed, 21 insertions(+) > > > > diff --git a/backends/igvm.c b/backends/igvm.c > > index 2a31021d44..ebdb4594d1 100644 > > --- a/backends/igvm.c > > +++ b/backends/igvm.c > > @@ -786,6 +786,27 @@ int qigvm_process_file(IgvmCfg *cfg, > > ConfidentialGuestSupport *cgs, > > } > > } > > > > + header_count = > > + igvm_header_count(ctx.file, IGVM_HEADER_SECTION_INITIALIZATION); > > + if (header_count < 0) { > > + error_setg( > > + errp, > > + "Invalid initialization header count in IGVM file. Error code: > > %X", > > + header_count); > > + goto cleanup_parameters; > > + } > > + > > + for (ctx.current_header_index = 0; > > + ctx.current_header_index < (unsigned)header_count; > > + ctx.current_header_index++) { > > + IgvmVariableHeaderType type = > > + igvm_get_header_type(ctx.file, > > IGVM_HEADER_SECTION_INITIALIZATION, > > + ctx.current_header_index); > > + if (qigvm_handler(&ctx, type, errp) < 0) { > > So the next patch, patch #14 actually defines the handler. > > @@ -92,6 +135,10 @@ static struct QIGVMHandler handlers[] = { > qigvm_directive_environment_info }, > { IGVM_VHT_REQUIRED_MEMORY, IGVM_HEADER_SECTION_DIRECTIVE, > qigvm_directive_required_memory }, > + { IGVM_VHT_SNP_ID_BLOCK, IGVM_HEADER_SECTION_DIRECTIVE, > + qigvm_directive_snp_id_block }, > + { IGVM_VHT_GUEST_POLICY, IGVM_HEADER_SECTION_INITIALIZATION, > + qigvm_initialization_guest_policy }, > }; > > > So I think patch #14 should come before this patch in the series. >
This was deliberately placed before #14 as it introduces the mechanism for processing initialization sections, allowing future patches to then add sections as necessary. Patch #14 then uses this new capability to handle guest policy. This patch does compile successfully without patch #14 being applied. > > + goto cleanup_parameters; > > + } > > + } > > + > > /* > > * Contiguous pages of data with compatible flags are grouped together > > in > > * order to reduce the number of memory regions we create. Make sure > > the > > -- > > 2.43.0 > > >
