diff --git a/security-monitor/src/core/architecture/riscv/sbi/covh_extension.rs b/security-monitor/src/core/architecture/riscv/sbi/covh_extension.rs index 6ea690a..2c40fc3 100644 --- a/security-monitor/src/core/architecture/riscv/sbi/covh_extension.rs +++ b/security-monitor/src/core/architecture/riscv/sbi/covh_extension.rs @@ -47,21 +47,27 @@ impl CovhExtension { } } -/// State of the security monitor communicated to the hypervisor. This structure is defined in CoVE specification. -#[repr(u32)] -pub enum SecurityMonitorState { - NotLoaded = 0, - Loaded = 1, - Ready = 2, -} - /// Information written by the security monitor to the hypervisor memory, representing the state of the security monitor. This structure is /// defined in CoVE specification. #[repr(C)] -pub struct SecurityMonitorInfo { - pub security_monitor_state: SecurityMonitorState, - pub security_monitor_version: u32, +pub struct TsmInfo { + pub tsm_state: u32, + pub tsm_impl_id: u32, + pub tsm_version: u32, + pub tsm_capabilities: u64, pub state_pages: u64, pub max_vcpus: u64, pub vcpu_state_pages: u64, } + +impl TsmInfo { + pub const COVE_TSM_STATE_NOT_LOADED: u32 = 0; + pub const COVE_TSM_STATE_LOADED: u32 = 1; + pub const COVE_TSM_STATE_READY: u32 = 2; + pub const COVE_TSM_IMPL_ACE: u32 = 2; + pub const COVE_TSM_CAP_ATTESTATION_LOCAL_MASK: u64 = 1 << 1; + pub const COVE_TSM_CAP_ATTESTATION_REMOTE_MASK: u64 = 1 << 2; + pub const COVE_TSM_CAP_AIA_MASK: u64 = 1 << 3; + pub const COVE_TSM_CAP_MRIF_MASK: u64 = 1 << 4; + pub const COVE_TSM_CAP_MEMORY_ALLOCATION_MASK: u64 = 1 << 5; +} diff --git a/security-monitor/src/non_confidential_flow/handlers/cove_host_extension/get_security_monitor_info.rs b/security-monitor/src/non_confidential_flow/handlers/cove_host_extension/get_security_monitor_info.rs index 38ade5f..d057142 100644 --- a/security-monitor/src/non_confidential_flow/handlers/cove_host_extension/get_security_monitor_info.rs +++ b/security-monitor/src/non_confidential_flow/handlers/cove_host_extension/get_security_monitor_info.rs @@ -1,7 +1,7 @@ // SPDX-FileCopyrightText: 2023 IBM Corporation // SPDX-FileContributor: Wojciech Ozga , IBM Research - Zurich // SPDX-License-Identifier: Apache-2.0 -use crate::core::architecture::riscv::sbi::{SecurityMonitorInfo, SecurityMonitorState}; +use crate::core::architecture::riscv::sbi::TsmInfo; use crate::core::architecture::GeneralPurposeRegister; use crate::core::control_data::{ConfidentialVm, HypervisorHart}; use crate::core::memory_layout::NonConfidentialMemoryAddress; @@ -37,22 +37,24 @@ impl GetSecurityMonitorInfo { } fn fill_tsm_info_state(&self) -> Result { - let info = SecurityMonitorInfo { - security_monitor_state: SecurityMonitorState::Ready, - security_monitor_version: self.get_version(), + let info = TsmInfo { + tsm_state: TsmInfo::COVE_TSM_STATE_READY, + tsm_impl_id: TsmInfo::COVE_TSM_IMPL_ACE, + tsm_version: self.get_version(), + tsm_capabilities: TsmInfo::COVE_TSM_CAP_ATTESTATION_LOCAL_MASK, state_pages: 0, max_vcpus: u64::try_from(ConfidentialVm::MAX_NUMBER_OF_HARTS_PER_VM).unwrap_or(0), vcpu_state_pages: 0, }; // Check that the input arguments define a memory region in non-confidential memory that is large enough to store the - // `SecurityMonitorInfo` structure. + // `TsmInfo` structure. let ptr = NonConfidentialMemoryAddress::new(self.tsm_info_address as *mut usize)?; NonConfidentialMemoryAddress::new((self.tsm_info_address + self.tsm_info_len) as *mut usize)?; - ensure!(self.tsm_info_len >= core::mem::size_of::(), Error::InvalidParameter())?; + ensure!(self.tsm_info_len >= core::mem::size_of::(), Error::InvalidParameter())?; // below unsafe operation is ok because pointer is a valid address in non-confidential memory, and we have enough space to write the // reponse. - unsafe { (ptr.as_ptr() as *mut SecurityMonitorInfo).write(info) }; - Ok(core::mem::size_of::()) + unsafe { (ptr.as_ptr() as *mut TsmInfo).write(info) }; + Ok(core::mem::size_of::()) } fn get_version(&self) -> u32 {