get_protocol/
dps_json.rs

1// Copyright (c) Microsoft Corporation.
2// Licensed under the MIT License.
3
4//! The schema defined in this file must match the one defined in
5//! `onecore/vm/schema/mars/Config/Config.Devices.Chipset.mars`.
6
7use bitfield_struct::bitfield;
8use guid::Guid;
9use open_enum::open_enum;
10use serde::Deserialize;
11use serde::Serialize;
12
13/// A type-alias to mark fields as _temporarily_ optional to preserve
14/// build-to-compat compatibility during internal testing.
15///
16/// i.e: a newly added field should be marked as `DevLoopCompatOption` until
17/// we're sure that all hosts that we expect this new underhill version to run
18/// on are updated to send the new field.
19///
20/// It would be **very bad form** to ship a library/binary that includes
21/// `DevLoopCompatOption` fields!
22pub type DevLoopCompatOption<T> = Option<T>;
23
24#[derive(Debug, Default, Deserialize, Serialize)]
25#[serde(rename_all = "PascalCase")]
26pub struct DevicePlatformSettingsV2Json {
27    pub v1: HclDevicePlatformSettings,
28    pub v2: HclDevicePlatformSettingsV2,
29}
30
31// The legacy DPS response's mars schema specifies all fields as [OmitEmpty],
32// which we handle by setting `serde(default)` at the struct level.
33//
34// This is _not_ the case in the newer DPS packet, whereby all fields must be
35// present, specifying "empty values" if the data is not set.
36#[derive(Debug, Default, Deserialize, Serialize)]
37#[serde(default, rename_all = "PascalCase")]
38pub struct HclDevicePlatformSettings {
39    pub secure_boot_enabled: bool,
40    pub secure_boot_template_id: HclSecureBootTemplateId,
41    pub enable_battery: bool,
42    pub enable_processor_idle: bool,
43    pub enable_tpm: bool,
44    pub com1: HclUartSettings,
45    pub com2: HclUartSettings,
46    #[serde(with = "serde_helpers::as_string")]
47    pub bios_guid: Guid,
48    pub console_mode: u8,
49    pub enable_firmware_debugging: bool,
50    pub enable_hibernation: bool,
51    pub serial_number: String,
52    pub base_board_serial_number: String,
53    pub chassis_serial_number: String,
54    pub chassis_asset_tag: String,
55}
56
57// requires a `Default` derive, due to [OmitEmpty] used in parent struct
58#[derive(Debug, Default, Deserialize, Serialize)]
59#[serde(rename_all = "PascalCase")]
60pub enum HclSecureBootTemplateId {
61    #[serde(rename = "None")]
62    #[default]
63    None,
64    #[serde(rename = "MicrosoftWindows")]
65    MicrosoftWindows,
66    #[serde(rename = "MicrosoftUEFICertificateAuthority")]
67    MicrosoftUEFICertificateAuthority,
68}
69
70// requires a `Default` derive, due to [OmitEmpty] used in parent struct
71#[derive(Debug, Default, Deserialize, Serialize)]
72#[serde(default, rename_all = "PascalCase")]
73pub struct HclUartSettings {
74    pub enable_port: bool,
75    pub debugger_mode: bool,
76    pub enable_vmbus_redirector: bool,
77}
78
79#[derive(Debug, Default, Deserialize, Serialize)]
80#[serde(rename_all = "PascalCase")]
81pub struct HclDevicePlatformSettingsV2 {
82    pub r#static: HclDevicePlatformSettingsV2Static,
83    pub dynamic: HclDevicePlatformSettingsV2Dynamic,
84}
85
86/// Boot device order entry used by the PCAT Bios.
87#[derive(Debug, Copy, Clone, Deserialize, Serialize)]
88pub enum PcatBootDevice {
89    Floppy,
90    Optical,
91    HardDrive,
92    Network,
93}
94
95/// Guest state lifetime
96#[derive(Debug, Copy, Clone, Deserialize, Serialize, Default)]
97pub enum GuestStateLifetime {
98    #[default]
99    Default,
100    ReprovisionOnFailure,
101    Reprovision,
102    Ephemeral,
103}
104
105/// Guest state encryption policy
106#[derive(Debug, Copy, Clone, Deserialize, Serialize, Default)]
107pub enum GuestStateEncryptionPolicy {
108    /// Use the best encryption available, allowing fallback.
109    ///
110    /// VMs will be created using the best encryption available,
111    /// attempting GspKey, then GspById, and finally leaving the data
112    /// unencrypted if neither are available. VMs will not be migrated
113    /// to a different encryption method.
114    #[default]
115    Auto,
116    /// Prefer (or require, if strict) no encryption.
117    ///
118    /// Do not encrypt the guest state unless it is already encrypted and
119    /// strict encryption policy is disabled.
120    None,
121    /// Prefer (or require, if strict) GspById.
122    ///
123    /// This prevents a VM from being created as or migrated to GspKey even
124    /// if it is available. Exisiting GspKey encryption will be used unless
125    /// strict encryption policy is enabled. Fails if the data cannot be
126    /// encrypted.
127    GspById,
128    /// Prefer (or require, if strict) GspKey.
129    ///
130    /// VMs will be created as or migrated to GspKey. GspById encryption will
131    /// be used if GspKey is unavailable unless strict encryption policy is
132    /// enabled. Fails if the data cannot be encrypted.
133    GspKey,
134    /// Use hardware sealing
135    // TODO: update this doc comment once hardware sealing is implemented
136    HardwareSealing,
137}
138
139open_enum! {
140    /// EFI Diagnostics Log Level Filter
141    #[derive(Default, Deserialize, Serialize)]
142    pub enum EfiDiagnosticsLogLevelType: u32 {
143        /// Default log level
144        DEFAULT = 0,
145        /// Include INFO logs
146        INFO = 1,
147        /// All logs
148        FULL = 2,
149    }
150}
151
152/// Management VTL Feature Flags
153#[bitfield(u64)]
154#[derive(Deserialize, Serialize)]
155#[serde(transparent)]
156pub struct ManagementVtlFeatures {
157    pub strict_encryption_policy: bool,
158    pub _reserved1: bool,
159    pub control_ak_cert_provisioning: bool,
160    pub attempt_ak_cert_callback: bool,
161    #[bits(60)]
162    pub _reserved2: u64,
163}
164
165#[derive(Debug, Default, Deserialize, Serialize)]
166#[serde(rename_all = "PascalCase")]
167pub struct HclDevicePlatformSettingsV2Static {
168    //UEFI flags
169    pub legacy_memory_map: bool,
170    pub pause_after_boot_failure: bool,
171    pub pxe_ip_v6: bool,
172    pub measure_additional_pcrs: bool,
173    pub disable_frontpage: bool,
174    pub disable_sha384_pcr: bool,
175    pub media_present_enabled_by_default: bool,
176    pub memory_protection_mode: u8,
177    #[serde(default)]
178    pub default_boot_always_attempt: bool,
179
180    // UEFI info
181    pub vpci_boot_enabled: bool,
182    #[serde(default)]
183    #[serde(with = "serde_helpers::opt_guid_str")]
184    pub vpci_instance_filter: Option<Guid>,
185
186    // PCAT info
187    pub num_lock_enabled: bool,
188    pub pcat_boot_device_order: Option<[PcatBootDevice; 4]>,
189
190    pub smbios: HclDevicePlatformSettingsV2StaticSmbios,
191
192    // Per field serde(default) is required here because that
193    // we can't reply on serde's normal behavior for optional
194    // fields (put None if not present in json) because we're
195    // using custom serialize/deserialize methods
196    #[serde(default)]
197    #[serde(with = "serde_helpers::opt_base64_vec")]
198    pub vtl2_settings: Option<Vec<u8>>,
199
200    pub vmbus_redirection_enabled: bool,
201    pub no_persistent_secrets: bool,
202    pub watchdog_enabled: bool,
203    // this `#[serde(default)]` shouldn't have been necessary, but we let a
204    // `[OmitEmpty]` marker slip past in code review...
205    #[serde(default)]
206    pub firmware_mode_is_pcat: bool,
207    #[serde(default)]
208    pub always_relay_host_mmio: bool,
209    #[serde(default)]
210    pub imc_enabled: bool,
211    #[serde(default)]
212    pub cxl_memory_enabled: bool,
213    #[serde(default)]
214    pub guest_state_lifetime: GuestStateLifetime,
215    #[serde(default)]
216    pub guest_state_encryption_policy: GuestStateEncryptionPolicy,
217    #[serde(default)]
218    pub efi_diagnostics_log_level: EfiDiagnosticsLogLevelType,
219    #[serde(default)]
220    pub management_vtl_features: ManagementVtlFeatures,
221}
222
223#[derive(Debug, Default, Deserialize, Serialize)]
224#[serde(rename_all = "PascalCase")]
225pub struct HclDevicePlatformSettingsV2StaticSmbios {
226    pub system_manufacturer: String,
227    pub system_product_name: String,
228    pub system_version: String,
229    #[serde(rename = "SystemSKUNumber")]
230    pub system_sku_number: String,
231    pub system_family: String,
232    pub bios_lock_string: String,
233    pub memory_device_serial_number: String,
234}
235
236#[derive(Debug, Default, Deserialize, Serialize)]
237#[serde(rename_all = "PascalCase")]
238pub struct HclDevicePlatformSettingsV2Dynamic {
239    pub nvdimm_count: u16,
240    pub enable_psp: bool,
241    pub generation_id_low: u64,
242    pub generation_id_high: u64,
243    pub smbios: HclDevicePlatformSettingsV2DynamicSmbios,
244    pub is_servicing_scenario: bool,
245
246    #[serde(default)]
247    #[serde(with = "serde_helpers::vec_base64_vec")]
248    pub acpi_tables: Vec<Vec<u8>>,
249}
250
251#[derive(Debug, Default, Deserialize, Serialize)]
252#[serde(rename_all = "PascalCase")]
253pub struct HclDevicePlatformSettingsV2DynamicSmbios {
254    #[serde(with = "serde_helpers::base64_vec")]
255    pub processor_manufacturer: Vec<u8>,
256    #[serde(with = "serde_helpers::base64_vec")]
257    pub processor_version: Vec<u8>,
258
259    #[serde(rename = "ProcessorID")]
260    pub processor_id: u64,
261    pub external_clock: u16,
262    pub max_speed: u16,
263    pub current_speed: u16,
264    pub processor_characteristics: u16,
265    pub processor_family2: u16,
266    pub processor_type: u8,
267    pub voltage: u8,
268    pub status: u8,
269    pub processor_upgrade: u8,
270}
271
272#[cfg(test)]
273mod test {
274    use super::*;
275
276    #[test]
277    fn smoke_test_sample() {
278        serde_json::from_slice::<DevicePlatformSettingsV2Json>(include_bytes!(
279            "dps_test_json.json"
280        ))
281        .unwrap();
282    }
283
284    #[test]
285    fn smoke_test_sample_with_vtl2settings() {
286        serde_json::from_slice::<DevicePlatformSettingsV2Json>(include_bytes!(
287            "dps_test_json_with_vtl2settings.json"
288        ))
289        .unwrap();
290    }
291}
get_protocol/dps_json.rs

get_protocol/
dps_json.rs
