From: Gerd Hoffmann <kraxel@redhat.com>
To: qemu-devel@nongnu.org
Cc: Stefano Garzarella <sgarzare@redhat.com>,
Ani Sinha <anisinha@redhat.com>,
Gerd Hoffmann <kraxel@redhat.com>,
Luigi Leonardi <leonardi@redhat.com>
Subject: [PULL 3/3] igvm: fix handling of optional variable header types
Date: Wed, 17 Jun 2026 12:09:22 +0200 [thread overview]
Message-ID: <20260617100922.1302000-4-kraxel@redhat.com> (raw)
In-Reply-To: <20260617100922.1302000-1-kraxel@redhat.com>
From: Luigi Leonardi <leonardi@redhat.com>
The IGVM spec defines bit 31 of the variable header type as an
optional flag: if set, a loader that does not recognize the header
type may safely skip it. If clear, the loader must reject the file.
Currently, the optional bit is not stripped before comparing header
types, so headers with the bit set fail to match any known type
and are rejected.
Mask bit 31 before comparing header types throughout the IGVM
loader, and skip with a warning any unrecognized header that has
the optional bit set.
Fixes: c1d466d267cf ("backends/igvm: Add IGVM loader and configuration")
Signed-off-by: Luigi Leonardi <leonardi@redhat.com>
Message-ID: <20260609-igvm_optional-v2-2-b1f1f08dc40e@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
backends/igvm.c | 37 +++++++++++++++++++++++++++++++++----
1 file changed, 33 insertions(+), 4 deletions(-)
diff --git a/backends/igvm.c b/backends/igvm.c
index 3ccbafe9b90c..3f4b97a5d417 100644
--- a/backends/igvm.c
+++ b/backends/igvm.c
@@ -26,6 +26,25 @@
#include <igvm/igvm.h>
#include <igvm/igvm_defs.h>
+#ifndef IGVM_VHT_OPTIONAL_BIT
+#define IGVM_VHT_OPTIONAL_BIT (1U << 31)
+#endif
+
+/*
+ * Bit 31 of the variable header type indicates that the header is
+ * optional and can be safely ignored by a loader that does not
+ * support it. If the bit is clear, the file cannot be loaded.
+ * https://docs.rs/igvm_defs/0.4.0/igvm_defs/struct.IgvmVariableHeaderType.html
+ */
+static IgvmVariableHeaderType igvm_vht_type(IgvmVariableHeaderType type)
+{
+ return type & ~IGVM_VHT_OPTIONAL_BIT;
+}
+
+static bool igvm_vht_optional(IgvmVariableHeaderType type)
+{
+ return !!(type & IGVM_VHT_OPTIONAL_BIT);
+}
/*
* Some directives are specific to particular confidential computing platforms.
@@ -132,12 +151,14 @@ static struct QIGVMHandler handlers[] = {
qigvm_directive_madt },
};
-static int qigvm_handler(QIgvm *ctx, IgvmVariableHeaderType type, Error **errp)
+static int qigvm_handler(QIgvm *ctx, IgvmVariableHeaderType raw_type,
+ Error **errp)
{
size_t handler;
IgvmHandle header_handle;
const uint8_t *header_data;
int result;
+ IgvmVariableHeaderType type = igvm_vht_type(raw_type);
for (handler = 0; handler < G_N_ELEMENTS(handlers); handler++) {
if (handlers[handler].type != type) {
@@ -166,6 +187,13 @@ static int qigvm_handler(QIgvm *ctx, IgvmVariableHeaderType type, Error **errp)
igvm_free_buffer(ctx->file, header_handle);
return result;
}
+
+ if (igvm_vht_optional(raw_type)) {
+ warn_report("IGVM: Skipping unsupported optional header type 0x%"
+ PRIX32, type);
+ return 0;
+ }
+
error_setg(errp,
"IGVM: Unknown header type encountered when processing file: "
"(type 0x%X)",
@@ -787,6 +815,7 @@ static int qigvm_supported_platform_compat_mask(QIgvm *ctx, Error **errp)
header_index++) {
IgvmVariableHeaderType typ = igvm_get_header_type(
ctx->file, IGVM_HEADER_SECTION_PLATFORM, header_index);
+ typ = igvm_vht_type(typ);
if (typ == IGVM_VHT_SUPPORTED_PLATFORM) {
header_handle = igvm_get_header(
ctx->file, IGVM_HEADER_SECTION_PLATFORM, header_index);
@@ -945,10 +974,10 @@ int qigvm_process_file(IgvmCfg *cfg, MachineState *machine_state,
for (ctx.current_header_index = 0;
ctx.current_header_index < (unsigned)header_count;
ctx.current_header_index++) {
- IgvmVariableHeaderType type = igvm_get_header_type(
+ IgvmVariableHeaderType raw_type = igvm_get_header_type(
ctx.file, IGVM_HEADER_SECTION_DIRECTIVE, ctx.current_header_index);
- if (!onlyVpContext || (type == IGVM_VHT_VP_CONTEXT)) {
- if (qigvm_handler(&ctx, type, errp) < 0) {
+ if (!onlyVpContext || igvm_vht_type(raw_type) == IGVM_VHT_VP_CONTEXT) {
+ if (qigvm_handler(&ctx, raw_type, errp) < 0) {
goto cleanup_parameters;
}
}
--
2.54.0
next prev parent reply other threads:[~2026-06-17 10:09 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-17 10:09 [PULL 0/3] Firmware 20260617 patches Gerd Hoffmann
2026-06-17 10:09 ` [PULL 1/3] hw/uefi: fix parse_hexstr Gerd Hoffmann
2026-06-17 10:09 ` [PULL 2/3] igvm: replace raw uint32_t with igvm library types Gerd Hoffmann
2026-06-17 10:09 ` Gerd Hoffmann [this message]
2026-06-17 19:30 ` [PULL 0/3] Firmware 20260617 patches Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260617100922.1302000-4-kraxel@redhat.com \
--to=kraxel@redhat.com \
--cc=anisinha@redhat.com \
--cc=leonardi@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=sgarzare@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.