hypervisor: Add API to import the isolated pages

Add hypervisor VM specific API to import the isolated pages. Hypervisor adds those pages for PSP measurement. Signed-off-by: Jinank Jain <jinankjain@microsoft.com> Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-12-22 13:45:20 +00:00 · 2023-10-13 12:49:42 -07:00 · 2023-10-13 12:49:42 -07:00 · dc3903012d
commit dc3903012d
parent 3a67537227
2 changed files with 43 additions and 0 deletions
--- a/hypervisor/src/mshv/mod.rs
+++ b/hypervisor/src/mshv/mod.rs
@ -1286,4 +1286,32 @@ impl vm::Vm for MshvVm {
            )
            .map_err(|e| vm::HypervisorVmError::InitializeSevSnp(e.into()))
    }
+
+    #[cfg(feature = "sev_snp")]
+    fn import_isolated_pages(
+        &self,
+        page_type: u32,
+        page_size: u32,
+        pages: &[u64],
+    ) -> vm::Result<()> {
+        if pages.is_empty() {
+            return Ok(());
+        }
+
+        let mut isolated_pages =
+            vec_with_array_field::<mshv_import_isolated_pages, u64>(pages.len());
+        isolated_pages[0].num_pages = pages.len() as u64;
+        isolated_pages[0].page_type = page_type;
+        isolated_pages[0].page_size = page_size;
+        // SAFETY: isolated_pages initialized with pages.len() and now it is being turned into
+        // pages_slice with pages.len() again. It is guaranteed to be large enough to hold
+        // everything from pages.
+        unsafe {
+            let pages_slice: &mut [u64] = isolated_pages[0].page_number.as_mut_slice(pages.len());
+            pages_slice.copy_from_slice(pages);
+        }
+        self.fd
+            .import_isolated_pages(&isolated_pages[0])
+            .map_err(|e| vm::HypervisorVmError::ImportIsolatedPages(e.into()))
+    }
 }
--- a/hypervisor/src/vm.rs
+++ b/hypervisor/src/vm.rs
@ -220,6 +220,11 @@ pub enum HypervisorVmError {
    ///
    #[error("Failed to create Vgic: {0}")]
    CreateVgic(#[source] anyhow::Error),
+    ///
+    /// Import isolated pages error
+    ///
+    #[error("Failed to import isolated pages: {0}")]
+    ImportIsolatedPages(#[source] anyhow::Error),
 }
 ///
 /// Result type for returning from a function
@ -359,6 +364,16 @@ pub trait Vm: Send + Sync + Any {
    }
    /// Downcast to the underlying hypervisor VM type
    fn as_any(&self) -> &dyn Any;
+    /// Import the isolated pages
+    #[cfg(feature = "sev_snp")]
+    fn import_isolated_pages(
+        &self,
+        _page_type: u32,
+        _page_size: u32,
+        _pages: &[u64],
+    ) -> Result<()> {
+        unimplemented!()
+    }
 }

 pub trait VmOps: Send + Sync {