From: Luigi Leonardi <leonardi@redhat.com>
To: Ani Sinha <anisinha@redhat.com>
Cc: qemu-devel <qemu-devel@nongnu.org>,
Gerd Hoffmann <kraxel@redhat.com>,
Stefano Garzarella <sgarzare@redhat.com>
Subject: Re: [PATCH] igvm: fix handling of optional variable header types
Date: Mon, 25 May 2026 16:16:44 +0200 [thread overview]
Message-ID: <ahRZH2bUbuQnirr_@leonardi-redhat> (raw)
In-Reply-To: <4ED1F4C8-B56E-4997-99CB-C509629F13C7@redhat.com>
On Mon, May 25, 2026 at 07:37:55PM +0530, Ani Sinha wrote:
>
>
>> On 25 May 2026, at 4:26 PM, Luigi Leonardi <leonardi@redhat.com> wrote:
>>
>> The IGVM spec defines bit 31 of the variable header type as an
>> optional flag: if set, a loader that does not recognize the header
>> type may safely skip it. If clear, the loader must reject the file.
>>
>> Currently, all the types with the optional bit set are not
>> recognized as valid headers.
>>
>> Implement optional header handling by masking bit 31 before matching
>> against the handler table, and skip with a warning any unrecognized
>> header that has the optional bit set.
>>
>> Fixes: c1d466d267cf ("backends/igvm: Add IGVM loader and configuration")
>> Signed-off-by: Luigi Leonardi <leonardi@redhat.com>
>> ---
>> backends/igvm.c | 24 +++++++++++++++++++++---
>> 1 file changed, 21 insertions(+), 3 deletions(-)
>>
>> diff --git a/backends/igvm.c b/backends/igvm.c
>> index c347d0c17e..408917f826 100644
>> --- a/backends/igvm.c
>> +++ b/backends/igvm.c
>> @@ -26,6 +26,7 @@
>> #include <igvm/igvm.h>
>> #include <igvm/igvm_defs.h>
>>
>> +#define IGVM_VHT_OPTIONAL_BIT (1U << 31)
>>
>> /*
>> * Some directives are specific to particular confidential computing platforms.
>> @@ -139,8 +140,16 @@ static int qigvm_handler(QIgvm *ctx, uint32_t type, Error **errp)
>> const uint8_t *header_data;
>> int result;
>>
>> + /*
>> + * Bit 31 of the variable header type indicates that the header is
>> + * optional and can be safely ignored by a loader that does not
>> + * support it. If the bit is clear, the file cannot be loaded.
>> + * https://docs.rs/igvm_defs/0.4.0/igvm_defs/struct.IgvmVariableHeaderType.html
>> + */
>> + IgvmVariableHeaderType base_type = type & ~IGVM_VHT_OPTIONAL_BIT;
>> +
>> for (handler = 0; handler < G_N_ELEMENTS(handlers); handler++) {
>> - if (handlers[handler].type != type) {
>> + if (handlers[handler].type != base_type) {
>> continue;
>> }
>> header_handle = igvm_get_header(ctx->file, handlers[handler].section,
>> @@ -166,6 +175,13 @@ static int qigvm_handler(QIgvm *ctx, uint32_t type, Error **errp)
>> igvm_free_buffer(ctx->file, header_handle);
>> return result;
>> }
>> +
>> + if (type & IGVM_VHT_OPTIONAL_BIT) {
>> + warn_report("IGVM: Skipping unsupported optional header type 0x%"
>> + PRIX32, type);
>> + return 0;
>> + }
>> +
>
>I think this check should be at the top of the loop. If the bit is set, simply return with that warning message. No further processing is needed.
IIUC, in this way we would always skip optional parameter, right? My idea is to
always process optional parameters if we support it.
>
>
>> error_setg(errp,
>> "IGVM: Unknown header type encountered when processing file: "
>> "(type 0x%X)",
>> @@ -787,7 +803,8 @@ static int qigvm_supported_platform_compat_mask(QIgvm *ctx, Error **errp)
>> header_index++) {
>> IgvmVariableHeaderType typ = igvm_get_header_type(
>> ctx->file, IGVM_HEADER_SECTION_PLATFORM, header_index);
>> - if (typ == IGVM_VHT_SUPPORTED_PLATFORM) {
>> + IgvmVariableHeaderType base_type = typ & ~IGVM_VHT_OPTIONAL_BIT;
>> + if (base_type == IGVM_VHT_SUPPORTED_PLATFORM) {
>> header_handle = igvm_get_header(
>> ctx->file, IGVM_HEADER_SECTION_PLATFORM, header_index);
>> if (header_handle < 0) {
>> @@ -947,7 +964,8 @@ int qigvm_process_file(IgvmCfg *cfg, MachineState *machine_state,
>> ctx.current_header_index++) {
>> IgvmVariableHeaderType type = igvm_get_header_type(
>> ctx.file, IGVM_HEADER_SECTION_DIRECTIVE, ctx.current_header_index);
>> - if (!onlyVpContext || (type == IGVM_VHT_VP_CONTEXT)) {
>> + IgvmVariableHeaderType base_type = type & ~IGVM_VHT_OPTIONAL_BIT;
>> + if (!onlyVpContext || base_type == IGVM_VHT_VP_CONTEXT) {
>> if (qigvm_handler(&ctx, type, errp) < 0) {
>> goto cleanup_parameters;
>> }
>>
>> ---
>> base-commit: cbf877d67a812be17a9ce404a589e1bdf722c1f6
>> change-id: 20260525-igvm_optional-ca1592b613be
>>
>> Best regards,
>> --
>> Luigi Leonardi <leonardi@redhat.com>
>>
>
next prev parent reply other threads:[~2026-05-25 14:17 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-25 10:56 [PATCH] igvm: fix handling of optional variable header types Luigi Leonardi
2026-05-25 14:07 ` Ani Sinha
2026-05-25 14:16 ` Luigi Leonardi [this message]
2026-05-26 4:15 ` Ani Sinha
2026-05-26 6:16 ` Gerd Hoffmann
2026-05-25 14:29 ` Stefano Garzarella
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ahRZH2bUbuQnirr_@leonardi-redhat \
--to=leonardi@redhat.com \
--cc=anisinha@redhat.com \
--cc=kraxel@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=sgarzare@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.