guest_emulation_transport/
api.rs

1// Copyright (c) Microsoft Corporation.
2// Licensed under the MIT License.
3
4//! Friendly Rust representations of the data sent over the GET.
5
6// These types are re-exported as-is, in order to avoid requiring consumers of
7// the GET and GED to also import get_protocol.
8pub use get_protocol::CreateRamGpaRangeFlags;
9pub use get_protocol::EventLogId;
10pub use get_protocol::GSP_CIPHERTEXT_MAX;
11pub use get_protocol::GspCiphertextContent;
12pub use get_protocol::GspCleartextContent;
13pub use get_protocol::GspExtendedStatusFlags;
14pub use get_protocol::IGVM_ATTEST_MSG_REQ_AGENT_DATA_MAX_SIZE;
15pub use get_protocol::MAX_TRANSFER_SIZE;
16pub use get_protocol::NUMBER_GSP;
17pub use get_protocol::ProtocolVersion;
18pub use get_protocol::SaveGuestVtl2StateFlags;
19pub use get_protocol::VmgsIoStatus;
20use zerocopy::FromZeros;
21
22use guid::Guid;
23
24/// Device platform settings.
25#[expect(missing_docs)]
26pub mod platform_settings {
27    pub use get_protocol::dps_json::PcatBootDevice;
28
29    use get_protocol::dps_json::EfiDiagnosticsLogLevelType;
30    use get_protocol::dps_json::GuestStateEncryptionPolicy;
31    use get_protocol::dps_json::GuestStateLifetime;
32    use get_protocol::dps_json::ManagementVtlFeatures;
33    use guid::Guid;
34    use inspect::Inspect;
35
36    /// All available device platform settings.
37    #[derive(Debug, Inspect)]
38    pub struct DevicePlatformSettings {
39        pub smbios: Smbios,
40        pub general: General,
41        #[inspect(with = "inspect::iter_by_index")]
42        pub acpi_tables: Vec<Vec<u8>>,
43    }
44
45    /// All available SMBIOS related config.
46    #[derive(Debug, Inspect)]
47    pub struct Smbios {
48        pub serial_number: Vec<u8>,
49        pub base_board_serial_number: Vec<u8>,
50        pub chassis_serial_number: Vec<u8>,
51        pub chassis_asset_tag: Vec<u8>,
52
53        pub system_manufacturer: Vec<u8>,
54        pub system_product_name: Vec<u8>,
55        pub system_version: Vec<u8>,
56        pub system_sku_number: Vec<u8>,
57        pub system_family: Vec<u8>,
58        pub bios_lock_string: Vec<u8>,
59        pub memory_device_serial_number: Vec<u8>,
60
61        pub processor_manufacturer: Vec<u8>,
62        pub processor_version: Vec<u8>,
63        pub processor_id: u64,
64        pub external_clock: u16,
65        pub max_speed: u16,
66        pub current_speed: u16,
67        pub processor_characteristics: u16,
68        pub processor_family2: u16,
69        pub processor_type: u8,
70        pub voltage: u8,
71        pub status: u8,
72        pub processor_upgrade: u8,
73    }
74
75    /// All available general device platform configuration.
76    // DEVNOTE: "general" is code for "not well organized", so if you've got a
77    // better way to organize these settings, do consider cleaning this up a bit!
78    #[derive(Debug, Inspect)]
79    pub struct General {
80        pub secure_boot_enabled: bool,
81        pub secure_boot_template: SecureBootTemplateType,
82        pub bios_guid: Guid,
83        pub console_mode: UefiConsoleMode,
84        pub battery_enabled: bool,
85        pub processor_idle_enabled: bool,
86        pub tpm_enabled: bool,
87        pub com1_enabled: bool,
88        pub com1_debugger_mode: bool,
89        pub com1_vmbus_redirector: bool,
90        pub com2_enabled: bool,
91        pub com2_debugger_mode: bool,
92        pub com2_vmbus_redirector: bool,
93        pub firmware_debugging_enabled: bool,
94        pub hibernation_enabled: bool,
95
96        pub suppress_attestation: Option<bool>,
97        pub generation_id: Option<[u8; 16]>,
98
99        pub legacy_memory_map: bool,
100        pub pause_after_boot_failure: bool,
101        pub pxe_ip_v6: bool,
102        pub measure_additional_pcrs: bool,
103        pub disable_frontpage: bool,
104        pub disable_sha384_pcr: bool,
105        pub media_present_enabled_by_default: bool,
106        pub vpci_boot_enabled: bool,
107        pub memory_protection_mode: MemoryProtectionMode,
108        pub default_boot_always_attempt: bool,
109        pub num_lock_enabled: bool,
110        #[inspect(with = "|x| inspect::iter_by_index(x).map_value(inspect::AsDebug)")]
111        pub pcat_boot_device_order: [PcatBootDevice; 4],
112
113        pub vpci_instance_filter: Option<Guid>,
114        pub nvdimm_count: u16,
115        pub psp_enabled: bool,
116
117        pub vmbus_redirection_enabled: bool,
118        pub always_relay_host_mmio: bool,
119        pub vtl2_settings: Option<underhill_config::Vtl2Settings>,
120
121        pub is_servicing_scenario: bool,
122        pub watchdog_enabled: bool,
123        pub firmware_mode_is_pcat: bool,
124        pub imc_enabled: bool,
125        pub cxl_memory_enabled: bool,
126        #[inspect(debug)]
127        pub efi_diagnostics_log_level: EfiDiagnosticsLogLevelType,
128        #[inspect(debug)]
129        pub guest_state_lifetime: GuestStateLifetime,
130        #[inspect(debug)]
131        pub guest_state_encryption_policy: GuestStateEncryptionPolicy,
132        #[inspect(debug)]
133        pub management_vtl_features: ManagementVtlFeatures,
134    }
135
136    #[derive(Copy, Clone, Debug, Inspect)]
137    pub enum MemoryProtectionMode {
138        Disabled = 0,
139        Default = 1,
140        Strict = 2,
141        Relaxed = 3,
142    }
143
144    #[derive(Debug, Inspect)]
145    pub enum UefiConsoleMode {
146        /// video+kbd (having a head)
147        Default = 0,
148        /// headless with COM1 serial console
149        COM1 = 1,
150        /// headless with COM2 serial console
151        COM2 = 2,
152        /// headless
153        None = 3,
154    }
155
156    #[derive(Debug, Inspect)]
157    pub enum SecureBootTemplateType {
158        /// No template to apply.
159        None,
160        /// Apply the Windows only CA.
161        MicrosoftWindows,
162        /// Apply the Microsoft UEFI CA.
163        MicrosoftUefiCertificateAuthority,
164    }
165}
166
167/// Response fields for Guest State Protection sent from the host
168pub struct GuestStateProtection {
169    /// Guest State Protection ciphertext content
170    pub encrypted_gsp: GspCiphertextContent,
171    /// Guest State Protection cleartext content
172    pub decrypted_gsp: [GspCleartextContent; NUMBER_GSP as usize],
173    /// Extended status flags
174    pub extended_status_flags: GspExtendedStatusFlags,
175    /// Randomized new_gsp sent in the GuestStateProtectionRequest message to
176    /// the host
177    pub new_gsp: GspCleartextContent,
178}
179
180/// Response fields for Guest State Protection by ID from the host
181#[derive(Copy, Clone)]
182pub struct GuestStateProtectionById {
183    /// Guest State Protection cleartext content
184    pub seed: GspCleartextContent,
185    /// Extended status flags
186    pub extended_status_flags: GspExtendedStatusFlags,
187}
188
189impl GuestStateProtectionById {
190    /// Construct a blank instance of `GuestStateProtectionById`
191    pub fn new_zeroed() -> GuestStateProtectionById {
192        GuestStateProtectionById {
193            seed: GspCleartextContent::new_zeroed(),
194            extended_status_flags: GspExtendedStatusFlags::new_zeroed(),
195        }
196    }
197}
198
199/// Response for IGVM Attest from the host
200#[derive(Clone)]
201pub struct IgvmAttest {
202    /// Response data
203    pub response: Vec<u8>,
204}
205
206/// Response fields for VMGS Get Device Info from the host
207pub struct VmgsGetDeviceInfo {
208    /// Status of the request
209    pub status: VmgsIoStatus,
210    /// Logical sectors
211    pub capacity: u64,
212    /// Bytes per logical sector
213    pub bytes_per_logical_sector: u16,
214    /// Bytes per physical sector
215    pub bytes_per_physical_sector: u16,
216    /// Maximum transfer size bytes
217    pub maximum_transfer_size_bytes: u32,
218}
219
220/// Response fields from Time from the host
221#[derive(Debug, Copy, Clone)]
222pub struct Time {
223    /// UTC, in 100ns units since Jan 1 1601.
224    ///
225    /// (corresponds to `RtlGetSystemTime()` on the Host)
226    pub utc: i64,
227    /// Time zone (as minutes from UTC)
228    pub time_zone: i16,
229}
230
231/// A handle returned by `CreateRamGpaRange`, which can be passed to
232/// `ResetRamGpaRange` in order to reset the associated range.
233#[derive(Debug)]
234pub struct RemoteRamGpaRangeHandle(u32);
235
236impl RemoteRamGpaRangeHandle {
237    /// Return a raw u32 that represents this handle
238    pub fn as_raw(&self) -> u32 {
239        self.0
240    }
241
242    /// Create a new [`RemoteRamGpaRangeHandle`] from a raw u32 previously
243    /// returned from `into_raw`.
244    pub fn from_raw(handle: u32) -> Self {
245        RemoteRamGpaRangeHandle(handle)
246    }
247}
248
249/// Request to save Guest state during servicing.
250pub struct GuestSaveRequest {
251    /// GUID associated with the request.
252    pub correlation_id: Guid,
253    /// When to complete the request.
254    pub deadline: std::time::Instant,
255    /// Flags bitfield.
256    pub capabilities_flags: SaveGuestVtl2StateFlags,
257}