Added guest features to vmsa measurement

Signed-off-by: DGonzalezVillal <Diego.GonzalezVillalobos@amd.com>

src/measurement/sev.rs

@@ -5,7 +5,7 @@ use crate::measurement::{
     ovmf::OVMF,
     sev_hashes::SevHashes,
     vcpu_types::CpuType,
-    vmsa::{SevMode, VMMType, VMSA},
+    vmsa::{GuestFeatures, VMMType, VMSA},
 };
 
 use std::path::PathBuf;
@@ -67,11 +67,11 @@ pub fn seves_calc_launch_digest(
     };
 
     let vmsa = VMSA::new(
-        SevMode::SevEs,
         ovmf.sev_es_reset_eip()?.into(),
         CpuType::from_str(sev_es_measurement.vcpu_type.as_str())?,
         official_vmm_type,
         Some(sev_es_measurement.vcpus as u64),
+        GuestFeatures(0x0),
     );
 
     for vmsa_page in vmsa.pages(sev_es_measurement.vcpus as usize)?.iter() {

src/measurement/snp.rs

@@ -8,7 +8,7 @@ use crate::{
         ovmf::{OvmfSevMetadataSectionDesc, SectionType, OVMF},
         sev_hashes::SevHashes,
         vcpu_types::CpuType,
-        vmsa::{SevMode, VMMType, VMSA},
+        vmsa::{VMMType, VMSA},
     },
 };
 use hex::FromHex;
@@ -17,7 +17,7 @@ use std::str::FromStr;
 
 use crate::error::*;
 
-use super::gctx::LD_SIZE;
+use super::{gctx::LD_SIZE, vmsa::GuestFeatures};
 
 const _PAGE_MASK: u64 = 0xfff;
 
@@ -131,6 +131,8 @@ pub struct SnpMeasurementArgs<'a> {
     pub vcpu_type: String,
     /// Path to OVMF file
     pub ovmf_file: PathBuf,
+    /// Active kernel guest features
+    pub guest_features: GuestFeatures,
     /// Path to kernel file
     pub kernel_file: Option<PathBuf>,
     /// Path to initrd file
@@ -180,11 +182,11 @@ pub fn snp_calc_launch_digest(
     snp_update_metadata_pages(&mut gctx, &ovmf, sev_hashes.as_ref(), official_vmm_type)?;
 
     let vmsa = VMSA::new(
-        SevMode::SevSnp,
         ovmf.sev_es_reset_eip()?.into(),
         CpuType::from_str(snp_measurement.vcpu_type.as_str())?,
         official_vmm_type,
         Some(snp_measurement.vcpus as u64),
+        snp_measurement.guest_features,
     );
 
     for vmsa_page in vmsa.pages(snp_measurement.vcpus as usize)?.iter() {

src/measurement/vmsa.rs

@@ -3,6 +3,7 @@
 //! Operations to build and interact with an SEV-ES VMSA
 use crate::error::{LargeArrayError, MeasurementError};
 use crate::measurement::vcpu_types::CpuType;
+use bitfield::bitfield;
 use serde::{Deserialize, Serialize};
 use serde_big_array::BigArray;
 use std::{convert::TryFrom, fmt, str::FromStr};
@@ -178,6 +179,68 @@ where
     }
 }
 
+bitfield! {
+    /// Kernel features that when enabled could affect the VMSA.
+    ///
+    /// | Bit(s) | Name
+    /// |--------|------|
+    /// | 0 | SNPActive |
+    /// | 1 | vTOM |
+    /// | 2 | ReflectVC |
+    /// | 3 | RestrictedInjection |
+    /// | 4 | AlternateInjection |
+    /// | 5 | DebugSwap |
+    /// | 6 | PreventHostIBS |
+    /// | 7 | BTBIsolation |
+    /// | 8 | VmplSSS |
+    /// | 9 | SecureTSC |
+    /// | 10 | VmgexitParameter |
+    /// | 11 | Reserved, SBZ |
+    /// | 12 | IbsVirtualization |
+    /// | 13 | Reserved, SBZ |
+    /// | 14 | VmsaRegProt |
+    /// | 15 | SmtProtection |
+    /// | 63:16 | Reserved, SBZ |
+    #[repr(C)]
+    #[derive(Default, Copy, Clone, PartialEq, Eq, Serialize, Deserialize)]
+    pub struct GuestFeatures(u64);
+    impl Debug;
+    /// SNPActive
+    pub snp_active, _: 0, 0;
+    /// vTom
+    pub v_tom, _: 1, 1;
+    /// ReflectVC
+    pub reflect_vc, _: 2, 2;
+    /// RestrictedInjection
+    pub restricted_injection, _: 3,3;
+    /// AlternateInjection
+    pub alternate_injection, _: 4,4;
+    /// DebugSwap
+    pub debug_swap, _: 5,5;
+    /// PreventHostIbs
+    pub prevent_host_ibs, _: 6,6;
+    /// BTBIsolation
+    pub btb_isolation, _: 7,7;
+    /// VmplSSS
+    pub vmpl_sss, _: 8,8;
+    /// SecureTSC
+    pub secure_tsc, _: 9,9;
+    /// VmgExitParameter
+    pub vmg_exit_parameter, _: 10,10;
+    /// Reserved, SBZ
+    reserved_1, _: 11,11;
+    /// IbsVirtualization
+    pub ibs_virtualization, _: 12,12;
+    /// Reserved, SBZ
+    reserved_2, _: 13,13;
+    /// VmsaRegProt
+    pub vmsa_reg_prot, _: 14,14;
+    ///SmtProtection
+    pub smt_protection, _: 15,15;
+    /// Reserved, SBZ
+    reserved_3, sbz: 16, 63;
+}
+
 /// SEV-ES VMSA page
 /// The names of the fields are taken from struct sev_es_work_area in the linux kernel:
 /// https://github.com/AMDESE/linux/blob/sev-snp-v12/arch/x86/include/asm/svm.h#L318
@@ -306,24 +369,19 @@ impl VMSA {
     /// Generate a new SEV-ES VMSA
     /// One Bootstrap and an auxiliary save area if needed
     pub fn new(
-        sev_mode: SevMode,
         ap_eip: u64,
         vcpu_type: CpuType,
         vmm_type: VMMType,
         cpu_num: Option<u64>,
+        guest_features: GuestFeatures,
     ) -> Self {
-        let sev_features: u64 = match sev_mode {
-            SevMode::SevSnp => 0x1,
-            SevMode::Sev | SevMode::SevEs => 0x0,
-        };
-
         let bsp_save_area =
-            Self::build_save_area(BSP_EIP, sev_features, vcpu_type, vmm_type, cpu_num);
+            Self::build_save_area(BSP_EIP, guest_features, vcpu_type, vmm_type, cpu_num);
 
         let ap_save_area = if ap_eip > 0 {
             Some(Self::build_save_area(
                 ap_eip,
-                sev_features,
+                guest_features,
                 vcpu_type,
                 vmm_type,
                 cpu_num,
@@ -341,7 +399,7 @@ impl VMSA {
     /// Generate a save area
     fn build_save_area(
         eip: u64,
-        sev_features: u64,
+        guest_features: GuestFeatures,
         vcpu_type: CpuType,
         vmm_type: VMMType,
         cpu_num: Option<u64>,
@@ -403,7 +461,7 @@ impl VMSA {
         area.rip = eip & 0xffff;
         area.g_pat = 0x7040600070406;
         area.rdx = rdx;
-        area.sev_features = sev_features;
+        area.sev_features = guest_features.0;
         area.xcr0 = 0x1;
 
         area