diff --git a/Cargo.toml b/Cargo.toml index a19d220e2..5ee660c15 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -73,6 +73,7 @@ guest_debug = ["vmm/guest_debug"] io_uring = ["vmm/io_uring"] kvm = ["vmm/kvm"] mshv = ["vmm/mshv"] +sev_snp = ["vmm/sev_snp", "mshv"] tdx = ["vmm/tdx"] tracing = ["vmm/tracing", "tracer/tracing"] diff --git a/arch/Cargo.toml b/arch/Cargo.toml index e233f227e..fb4aac58d 100644 --- a/arch/Cargo.toml +++ b/arch/Cargo.toml @@ -6,6 +6,7 @@ edition = "2021" [features] default = [] +sev_snp = [] tdx = [] [dependencies] diff --git a/hypervisor/Cargo.toml b/hypervisor/Cargo.toml index 222151c0f..7984eccbb 100644 --- a/hypervisor/Cargo.toml +++ b/hypervisor/Cargo.toml @@ -8,6 +8,7 @@ license = "Apache-2.0 OR BSD-3-Clause" [features] kvm = ["kvm-ioctls", "kvm-bindings", "vfio-ioctls/kvm"] mshv = ["mshv-ioctls", "mshv-bindings", "vfio-ioctls/mshv", "iced-x86"] +sev_snp = [] tdx = [] [dependencies] diff --git a/vmm/Cargo.toml b/vmm/Cargo.toml index a87232650..449994117 100644 --- a/vmm/Cargo.toml +++ b/vmm/Cargo.toml @@ -11,6 +11,7 @@ guest_debug = ["kvm", "gdbstub", "gdbstub_arch"] io_uring = ["block/io_uring"] kvm = ["hypervisor/kvm", "vfio-ioctls/kvm", "vm-device/kvm", "pci/kvm"] mshv = ["hypervisor/mshv", "vfio-ioctls/mshv", "vm-device/mshv", "pci/mshv"] +sev_snp = ["arch/sev_snp", "hypervisor/sev_snp"] tdx = ["arch/tdx", "hypervisor/tdx"] tracing = ["tracer/tracing"] diff --git a/vmm/src/config.rs b/vmm/src/config.rs index ecb8493af..60d1aef5d 100644 --- a/vmm/src/config.rs +++ b/vmm/src/config.rs @@ -78,6 +78,9 @@ pub enum Error { ParseNuma(OptionParserError), /// Failed validating configuration Validation(ValidationError), + #[cfg(feature = "sev_snp")] + /// Failed parsing SEV-SNP config + ParseSevSnp(OptionParserError), #[cfg(feature = "tdx")] /// Failed parsing TDX config ParseTdx(OptionParserError), @@ -327,6 +330,8 @@ impl fmt::Display for Error { } ParseUserDevice(o) => write!(f, "Error parsing --user-device: {o}"), Validation(v) => write!(f, "Error validating configuration: {v}"), + #[cfg(feature = "sev_snp")] + ParseSevSnp(o) => write!(f, "Error parsing --sev_snp: {o}"), #[cfg(feature = "tdx")] ParseTdx(o) => write!(f, "Error parsing --tdx: {o}"), #[cfg(feature = "tdx")] @@ -518,6 +523,8 @@ impl PlatformConfig { .add("oem_strings"); #[cfg(feature = "tdx")] parser.add("tdx"); + #[cfg(feature = "sev_snp")] + parser.add("sev_snp"); parser.parse(platform).map_err(Error::ParsePlatform)?; let num_pci_segments: u16 = parser @@ -542,6 +549,12 @@ impl PlatformConfig { .map_err(Error::ParsePlatform)? .unwrap_or(Toggle(false)) .0; + #[cfg(feature = "sev_snp")] + let sev_snp = parser + .convert::("sev_snp") + .map_err(Error::ParsePlatform)? + .unwrap_or(Toggle(false)) + .0; Ok(PlatformConfig { num_pci_segments, iommu_segments, @@ -550,6 +563,8 @@ impl PlatformConfig { oem_strings, #[cfg(feature = "tdx")] tdx, + #[cfg(feature = "sev_snp")] + sev_snp, }) } @@ -2183,6 +2198,11 @@ impl VmConfig { pub fn is_tdx_enabled(&self) -> bool { self.platform.as_ref().map(|p| p.tdx).unwrap_or(false) } + + #[cfg(feature = "sev_snp")] + pub fn is_sev_snp_enabled(&self) -> bool { + self.platform.as_ref().map(|p| p.sev_snp).unwrap_or(false) + } } impl Clone for VmConfig { diff --git a/vmm/src/vm_config.rs b/vmm/src/vm_config.rs index a51add7bd..fb9bf703c 100644 --- a/vmm/src/vm_config.rs +++ b/vmm/src/vm_config.rs @@ -89,6 +89,9 @@ pub struct PlatformConfig { #[cfg(feature = "tdx")] #[serde(default)] pub tdx: bool, + #[cfg(feature = "sev_snp")] + #[serde(default)] + pub sev_snp: bool, } impl Default for PlatformConfig { @@ -101,6 +104,8 @@ impl Default for PlatformConfig { oem_strings: None, #[cfg(feature = "tdx")] tdx: false, + #[cfg(feature = "sev_snp")] + sev_snp: false, } } }