Merge remote-tracking branch 'origin/main' into verify

Cargo.toml

@@ -46,7 +46,7 @@ log = "0.4.17"
 p384 = { version = "0.13.0" }
 uuid = "1.6.1"
 # Add the derive feature by default because all crates use it.
-zerocopy = { version = "0.7.32", features = ["derive"] }
+zerocopy = { version = "0.8.2", features = ["alloc", "derive"] }
 
 # other repos
 packit = { git = "https://github.com/coconut-svsm/packit", version = "0.1.1" }

Makefile

@@ -72,15 +72,15 @@ bin/coconut-qemu.igvm: $(IGVMBUILDER) $(IGVMMEASURE) bin/stage1-trampoline.bin b
 	$(IGVMMEASURE) --check-kvm $@ measure
 
 bin/coconut-hyperv.igvm: $(IGVMBUILDER) $(IGVMMEASURE) bin/stage1-trampoline.bin bin/svsm-kernel.elf bin/stage2.bin
-	$(IGVMBUILDER) --sort --output $@ --tdx-stage1 bin/stage1-trampoline.bin --stage2 bin/stage2.bin --kernel bin/svsm-kernel.elf --comport 3 hyper-v --native --snp --tdp
+	$(IGVMBUILDER) --sort --output $@ --tdx-stage1 bin/stage1-trampoline.bin --stage2 bin/stage2.bin --kernel bin/svsm-kernel.elf --comport 3 hyper-v --native --snp --tdp --vsm
 	$(IGVMMEASURE) $@ measure
 
 bin/coconut-test-qemu.igvm: $(IGVMBUILDER) $(IGVMMEASURE) bin/stage1-trampoline.bin bin/test-kernel.elf bin/stage2.bin
 	$(IGVMBUILDER) --sort --output $@ --tdx-stage1 bin/stage1-trampoline.bin --stage2 bin/stage2.bin --kernel bin/test-kernel.elf qemu --snp --tdp
 	$(IGVMMEASURE) $@ measure
 
 bin/coconut-test-hyperv.igvm: $(IGVMBUILDER) $(IGVMMEASURE) bin/stage1-trampoline.bin bin/test-kernel.elf bin/stage2.bin
-	$(IGVMBUILDER) --sort --output $@ --tdx-stage1 bin/stage1-trampoline.bin --stage2 bin/stage2.bin --kernel bin/test-kernel.elf --comport 3 hyper-v --snp --tdp
+	$(IGVMBUILDER) --sort --output $@ --tdx-stage1 bin/stage1-trampoline.bin --stage2 bin/stage2.bin --kernel bin/test-kernel.elf --comport 3 hyper-v --snp --tdp --vsm
 	$(IGVMMEASURE) $@ measure
 
 bin/coconut-vanadium.igvm: $(IGVMBUILDER) $(IGVMMEASURE) bin/stage1-trampoline.bin bin/svsm-kernel.elf bin/stage2.bin ${FS_BIN}

bootlib/src/igvm_params.rs

@@ -7,12 +7,12 @@
 //! This crate provides definitions of IGVM parameters to be parsed by
 //! COCONUT-SVSM to determine its configuration.
 
-use zerocopy::AsBytes;
+use zerocopy::{Immutable, IntoBytes};
 
 /// The IGVM parameter page is an unmeasured page containing individual
 /// parameters that are provided by the host loader.
 #[repr(C, packed)]
-#[derive(AsBytes, Clone, Copy, Debug, Default)]
+#[derive(IntoBytes, Clone, Copy, Debug, Default)]
 pub struct IgvmParamPage {
     /// The number of vCPUs that are configured for the guest VM.
     pub cpu_count: u32,
@@ -26,7 +26,7 @@ pub struct IgvmParamPage {
 /// An entry that represents an area of pre-validated memory defined by the
 /// firmware in the IGVM file.
 #[repr(C, packed)]
-#[derive(AsBytes, Clone, Copy, Debug, Default)]
+#[derive(IntoBytes, Immutable, Clone, Copy, Debug, Default)]
 pub struct IgvmParamBlockFwMem {
     /// The base physical address of the prevalidated memory region.
     pub base: u32,
@@ -38,7 +38,7 @@ pub struct IgvmParamBlockFwMem {
 /// The portion of the IGVM parameter block that describes metadata about
 /// the firmware image embedded in the IGVM file.
 #[repr(C, packed)]
-#[derive(AsBytes, Clone, Copy, Debug, Default)]
+#[derive(IntoBytes, Immutable, Clone, Copy, Debug, Default)]
 pub struct IgvmParamBlockFwInfo {
     /// The guest physical address of the start of the guest firmware. The
     /// permissions on the pages in the firmware range are adjusted to the guest
@@ -88,7 +88,7 @@ pub struct IgvmParamBlockFwInfo {
 /// builder which describes where the additional IGVM parameter information
 /// has been placed into the guest address space.
 #[repr(C, packed)]
-#[derive(AsBytes, Clone, Copy, Debug, Default)]
+#[derive(IntoBytes, Immutable, Clone, Copy, Debug, Default)]
 pub struct IgvmParamBlock {
     /// The total size of the parameter area, beginning with the parameter
     /// block itself and including any additional parameter pages which follow.
@@ -145,7 +145,7 @@ pub struct IgvmParamBlock {
 /// The IGVM context page is a measured page that is used to specify the start
 /// context for the guest VMPL.  If present, it overrides the processor state
 /// initialized at reset.
-#[derive(AsBytes, Copy, Debug, Clone, Default)]
+#[derive(IntoBytes, Immutable, Copy, Debug, Clone, Default)]
 #[repr(C, packed)]
 pub struct IgvmGuestContext {
     pub cr0: u64,

bootlib/src/kernel_launch.rs

@@ -6,7 +6,7 @@
 
 use crate::platform::SvsmPlatformType;
 
-use zerocopy::AsBytes;
+use zerocopy::{Immutable, IntoBytes};
 
 #[derive(Copy, Clone, Debug)]
 #[repr(C)]
@@ -46,7 +46,7 @@ impl KernelLaunchInfo {
 // Stage 2 launch info from stage1
 // The layout has to match the order in which the parts are pushed to the stack
 // in stage1/stage1.S
-#[derive(AsBytes, Default, Debug, Clone, Copy)]
+#[derive(IntoBytes, Immutable, Default, Debug, Clone, Copy)]
 #[repr(C, packed)]
 pub struct Stage2LaunchInfo {
     // VTOM must be the first field.

cpuarch/Cargo.toml

@@ -5,6 +5,7 @@ edition = "2021"
 
 [dependencies]
 bitfield-struct.workspace = true
+zerocopy.workspace = true
 
 [lints]
 workspace = true

cpuarch/src/vmsa.rs

@@ -4,14 +4,18 @@
 //
 // Author: Joerg Roedel <[email protected]>
 
+#![allow(non_camel_case_types)]
+
 use bitfield_struct::bitfield;
+use zerocopy::FromZeros;
 
 // AE Exitcodes
 // Table 15-35, AMD64 Architecture Programmer’s Manual, Vol. 2
 #[repr(u64)]
-#[derive(Clone, Copy, Default, Debug)]
-#[allow(dead_code, non_camel_case_types)]
+#[derive(Clone, Copy, Default, Debug, FromZeros)]
+#[allow(dead_code)]
 pub enum GuestVMExit {
+    CR0_READ = 0,
     MC = 0x52,
     INTR = 0x60,
     NMI = 0x61,
@@ -46,6 +50,7 @@ pub enum GuestVMExit {
 }
 
 #[bitfield(u64)]
+#[derive(FromZeros)]
 pub struct VIntrCtrl {
     pub v_tpr: u8,
     pub v_irq: bool,
@@ -92,6 +97,7 @@ impl VmsaEventType {
 }
 
 #[bitfield(u64)]
+#[derive(FromZeros)]
 pub struct VmsaEventInject {
     pub vector: u8,
     #[bits(3)]
@@ -104,7 +110,7 @@ pub struct VmsaEventInject {
 }
 
 #[repr(C, packed)]
-#[derive(Debug, Default, Clone, Copy)]
+#[derive(Debug, Default, Clone, Copy, FromZeros)]
 pub struct VMSASegment {
     pub selector: u16,
     pub flags: u16,
@@ -113,7 +119,7 @@ pub struct VMSASegment {
 }
 
 #[repr(C, packed)]
-#[derive(Debug)]
+#[derive(Debug, FromZeros)]
 pub struct VMSA {
     pub es: VMSASegment,
     pub cs: VMSASegment,

igvmbuilder/Cargo.toml

@@ -13,6 +13,7 @@ igvm_defs.workspace = true
 igvm.workspace = true
 uuid.workspace = true
 zerocopy.workspace = true
+zerocopy07 = { package = "zerocopy", version = "0.7" }
 
 [lints]
 workspace = true

igvmbuilder/src/cmd_options.rs

@@ -64,6 +64,10 @@ pub struct CmdOptions {
     #[arg(long, default_value_t = false)]
     pub native: bool,
 
+    /// Include VSM isolation platform target.
+    #[arg(long, default_value_t = false)]
+    pub vsm: bool,
+
     /// Enable debug features (e.g. SNP debug_swap)
     #[arg(short, long, default_value_t = false)]
     pub debug: bool,

igvmbuilder/src/cpuid.rs

@@ -9,10 +9,10 @@ use std::mem::size_of;
 
 use igvm::IgvmDirectiveHeader;
 use igvm_defs::{IgvmPageDataFlags, IgvmPageDataType, PAGE_SIZE_4K};
-use zerocopy::AsBytes;
+use zerocopy::{Immutable, IntoBytes};
 
 #[repr(C, packed(1))]
-#[derive(AsBytes, Copy, Clone, Default)]
+#[derive(IntoBytes, Immutable, Copy, Clone, Default)]
 struct SnpCpuidLeaf {
     eax_in: u32,
     ecx_in: u32,
@@ -56,7 +56,7 @@ impl SnpCpuidLeaf {
 }
 
 #[repr(C, packed(1))]
-#[derive(AsBytes)]
+#[derive(IntoBytes, Immutable)]
 pub struct SnpCpuidPage {
     count: u32,
     reserved: [u32; 3],