Commit 3f24c8a74c for qemu.org
commit 3f24c8a74ce89686143be2517b4c1e98651bb913
Author: Luigi Leonardi <leonardi@redhat.com>
Date: Tue Jun 9 14:29:04 2026 +0200
igvm: fix handling of optional variable header types
The IGVM spec defines bit 31 of the variable header type as an
optional flag: if set, a loader that does not recognize the header
type may safely skip it. If clear, the loader must reject the file.
Currently, the optional bit is not stripped before comparing header
types, so headers with the bit set fail to match any known type
and are rejected.
Mask bit 31 before comparing header types throughout the IGVM
loader, and skip with a warning any unrecognized header that has
the optional bit set.
Fixes: c1d466d267cf ("backends/igvm: Add IGVM loader and configuration")
Signed-off-by: Luigi Leonardi <leonardi@redhat.com>
Message-ID: <20260609-igvm_optional-v2-2-b1f1f08dc40e@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
diff --git a/backends/igvm.c b/backends/igvm.c
index 3ccbafe9b9..3f4b97a5d4 100644
--- a/backends/igvm.c
+++ b/backends/igvm.c
@@ -26,6 +26,25 @@
#include <igvm/igvm.h>
#include <igvm/igvm_defs.h>
+#ifndef IGVM_VHT_OPTIONAL_BIT
+#define IGVM_VHT_OPTIONAL_BIT (1U << 31)
+#endif
+
+/*
+ * Bit 31 of the variable header type indicates that the header is
+ * optional and can be safely ignored by a loader that does not
+ * support it. If the bit is clear, the file cannot be loaded.
+ * https://docs.rs/igvm_defs/0.4.0/igvm_defs/struct.IgvmVariableHeaderType.html
+ */
+static IgvmVariableHeaderType igvm_vht_type(IgvmVariableHeaderType type)
+{
+ return type & ~IGVM_VHT_OPTIONAL_BIT;
+}
+
+static bool igvm_vht_optional(IgvmVariableHeaderType type)
+{
+ return !!(type & IGVM_VHT_OPTIONAL_BIT);
+}
/*
* Some directives are specific to particular confidential computing platforms.
@@ -132,12 +151,14 @@ static struct QIGVMHandler handlers[] = {
qigvm_directive_madt },
};
-static int qigvm_handler(QIgvm *ctx, IgvmVariableHeaderType type, Error **errp)
+static int qigvm_handler(QIgvm *ctx, IgvmVariableHeaderType raw_type,
+ Error **errp)
{
size_t handler;
IgvmHandle header_handle;
const uint8_t *header_data;
int result;
+ IgvmVariableHeaderType type = igvm_vht_type(raw_type);
for (handler = 0; handler < G_N_ELEMENTS(handlers); handler++) {
if (handlers[handler].type != type) {
@@ -166,6 +187,13 @@ static int qigvm_handler(QIgvm *ctx, IgvmVariableHeaderType type, Error **errp)
igvm_free_buffer(ctx->file, header_handle);
return result;
}
+
+ if (igvm_vht_optional(raw_type)) {
+ warn_report("IGVM: Skipping unsupported optional header type 0x%"
+ PRIX32, type);
+ return 0;
+ }
+
error_setg(errp,
"IGVM: Unknown header type encountered when processing file: "
"(type 0x%X)",
@@ -787,6 +815,7 @@ static int qigvm_supported_platform_compat_mask(QIgvm *ctx, Error **errp)
header_index++) {
IgvmVariableHeaderType typ = igvm_get_header_type(
ctx->file, IGVM_HEADER_SECTION_PLATFORM, header_index);
+ typ = igvm_vht_type(typ);
if (typ == IGVM_VHT_SUPPORTED_PLATFORM) {
header_handle = igvm_get_header(
ctx->file, IGVM_HEADER_SECTION_PLATFORM, header_index);
@@ -945,10 +974,10 @@ int qigvm_process_file(IgvmCfg *cfg, MachineState *machine_state,
for (ctx.current_header_index = 0;
ctx.current_header_index < (unsigned)header_count;
ctx.current_header_index++) {
- IgvmVariableHeaderType type = igvm_get_header_type(
+ IgvmVariableHeaderType raw_type = igvm_get_header_type(
ctx.file, IGVM_HEADER_SECTION_DIRECTIVE, ctx.current_header_index);
- if (!onlyVpContext || (type == IGVM_VHT_VP_CONTEXT)) {
- if (qigvm_handler(&ctx, type, errp) < 0) {
+ if (!onlyVpContext || igvm_vht_type(raw_type) == IGVM_VHT_VP_CONTEXT) {
+ if (qigvm_handler(&ctx, raw_type, errp) < 0) {
goto cleanup_parameters;
}
}