guest_emulation_transport/
api.rs

1// Copyright (c) Microsoft Corporation.
2// Licensed under the MIT License.
3
4//! Friendly Rust representations of the data sent over the GET.
5
6// These types are re-exported as-is, in order to avoid requiring consumers of
7// the GET and GED to also import get_protocol.
8pub use get_protocol::CreateRamGpaRangeFlags;
9pub use get_protocol::EventLogId;
10pub use get_protocol::GSP_CIPHERTEXT_MAX;
11pub use get_protocol::GspCiphertextContent;
12pub use get_protocol::GspCleartextContent;
13pub use get_protocol::GspExtendedStatusFlags;
14pub use get_protocol::IGVM_ATTEST_MSG_REQ_AGENT_DATA_MAX_SIZE;
15pub use get_protocol::MAX_TRANSFER_SIZE;
16pub use get_protocol::NUMBER_GSP;
17pub use get_protocol::ProtocolVersion;
18pub use get_protocol::SaveGuestVtl2StateFlags;
19pub use get_protocol::VmgsIoStatus;
20
21use guid::Guid;
22use mesh::MeshPayload;
23use std::time::Duration;
24use zerocopy::FromZeros;
25
26/// Device platform settings.
27#[expect(missing_docs)]
28pub mod platform_settings {
29    pub use get_protocol::dps_json::PcatBootDevice;
30
31    use get_protocol::dps_json::EfiDiagnosticsLogLevelType;
32    use get_protocol::dps_json::GuestStateEncryptionPolicy;
33    use get_protocol::dps_json::GuestStateLifetime;
34    use get_protocol::dps_json::ManagementVtlFeatures;
35    use guid::Guid;
36    use inspect::Inspect;
37
38    /// All available device platform settings.
39    #[derive(Debug, Inspect)]
40    pub struct DevicePlatformSettings {
41        pub smbios: Smbios,
42        pub general: General,
43        #[inspect(with = "inspect::iter_by_index")]
44        pub acpi_tables: Vec<Vec<u8>>,
45    }
46
47    /// All available SMBIOS related config.
48    #[derive(Debug, Inspect)]
49    pub struct Smbios {
50        pub serial_number: Vec<u8>,
51        pub base_board_serial_number: Vec<u8>,
52        pub chassis_serial_number: Vec<u8>,
53        pub chassis_asset_tag: Vec<u8>,
54
55        pub system_manufacturer: Vec<u8>,
56        pub system_product_name: Vec<u8>,
57        pub system_version: Vec<u8>,
58        pub system_sku_number: Vec<u8>,
59        pub system_family: Vec<u8>,
60        pub bios_lock_string: Vec<u8>,
61        pub memory_device_serial_number: Vec<u8>,
62
63        pub processor_manufacturer: Vec<u8>,
64        pub processor_version: Vec<u8>,
65        pub processor_id: u64,
66        pub external_clock: u16,
67        pub max_speed: u16,
68        pub current_speed: u16,
69        pub processor_characteristics: u16,
70        pub processor_family2: u16,
71        pub processor_type: u8,
72        pub voltage: u8,
73        pub status: u8,
74        pub processor_upgrade: u8,
75    }
76
77    /// All available general device platform configuration.
78    // DEVNOTE: "general" is code for "not well organized", so if you've got a
79    // better way to organize these settings, do consider cleaning this up a bit!
80    #[derive(Debug, Inspect)]
81    pub struct General {
82        pub secure_boot_enabled: bool,
83        pub secure_boot_template: SecureBootTemplateType,
84        pub bios_guid: Guid,
85        pub console_mode: UefiConsoleMode,
86        pub battery_enabled: bool,
87        pub processor_idle_enabled: bool,
88        pub tpm_enabled: bool,
89        pub com1_enabled: bool,
90        pub com1_debugger_mode: bool,
91        pub com1_vmbus_redirector: bool,
92        pub com2_enabled: bool,
93        pub com2_debugger_mode: bool,
94        pub com2_vmbus_redirector: bool,
95        pub firmware_debugging_enabled: bool,
96        pub hibernation_enabled: bool,
97
98        pub suppress_attestation: Option<bool>,
99        pub generation_id: Option<[u8; 16]>,
100
101        pub legacy_memory_map: bool,
102        pub pause_after_boot_failure: bool,
103        pub pxe_ip_v6: bool,
104        pub measure_additional_pcrs: bool,
105        pub disable_frontpage: bool,
106        pub disable_sha384_pcr: bool,
107        pub media_present_enabled_by_default: bool,
108        pub vpci_boot_enabled: bool,
109        pub memory_protection_mode: MemoryProtectionMode,
110        pub default_boot_always_attempt: bool,
111        pub num_lock_enabled: bool,
112        #[inspect(with = "|x| inspect::iter_by_index(x).map_value(inspect::AsDebug)")]
113        pub pcat_boot_device_order: [PcatBootDevice; 4],
114
115        pub vpci_instance_filter: Option<Guid>,
116        pub nvdimm_count: u16,
117        pub psp_enabled: bool,
118
119        pub vmbus_redirection_enabled: bool,
120        pub always_relay_host_mmio: bool,
121        pub vtl2_settings: Option<underhill_config::Vtl2Settings>,
122
123        pub is_servicing_scenario: bool,
124        pub watchdog_enabled: bool,
125        pub firmware_mode_is_pcat: bool,
126        pub imc_enabled: bool,
127        pub cxl_memory_enabled: bool,
128        #[inspect(debug)]
129        pub efi_diagnostics_log_level: EfiDiagnosticsLogLevelType,
130        #[inspect(debug)]
131        pub guest_state_lifetime: GuestStateLifetime,
132        #[inspect(debug)]
133        pub guest_state_encryption_policy: GuestStateEncryptionPolicy,
134        #[inspect(debug)]
135        pub management_vtl_features: ManagementVtlFeatures,
136    }
137
138    #[derive(Copy, Clone, Debug, Inspect)]
139    pub enum MemoryProtectionMode {
140        Disabled = 0,
141        Default = 1,
142        Strict = 2,
143        Relaxed = 3,
144    }
145
146    #[derive(Debug, Inspect)]
147    pub enum UefiConsoleMode {
148        /// video+kbd (having a head)
149        Default = 0,
150        /// headless with COM1 serial console
151        COM1 = 1,
152        /// headless with COM2 serial console
153        COM2 = 2,
154        /// headless
155        None = 3,
156    }
157
158    #[derive(Debug, Inspect)]
159    pub enum SecureBootTemplateType {
160        /// No template to apply.
161        None,
162        /// Apply the Windows only CA.
163        MicrosoftWindows,
164        /// Apply the Microsoft UEFI CA.
165        MicrosoftUefiCertificateAuthority,
166    }
167}
168
169/// Response fields for Guest State Protection sent from the host
170pub struct GuestStateProtection {
171    /// Guest State Protection ciphertext content
172    pub encrypted_gsp: GspCiphertextContent,
173    /// Guest State Protection cleartext content
174    pub decrypted_gsp: [GspCleartextContent; NUMBER_GSP as usize],
175    /// Extended status flags
176    pub extended_status_flags: GspExtendedStatusFlags,
177    /// Randomized new_gsp sent in the GuestStateProtectionRequest message to
178    /// the host
179    pub new_gsp: GspCleartextContent,
180}
181
182/// Response fields for Guest State Protection by ID from the host
183#[derive(Copy, Clone)]
184pub struct GuestStateProtectionById {
185    /// Guest State Protection cleartext content
186    pub seed: GspCleartextContent,
187    /// Extended status flags
188    pub extended_status_flags: GspExtendedStatusFlags,
189}
190
191impl GuestStateProtectionById {
192    /// Construct a blank instance of `GuestStateProtectionById`
193    pub fn new_zeroed() -> GuestStateProtectionById {
194        GuestStateProtectionById {
195            seed: GspCleartextContent::new_zeroed(),
196            extended_status_flags: GspExtendedStatusFlags::new_zeroed(),
197        }
198    }
199}
200
201/// Response for IGVM Attest from the host
202#[derive(Clone)]
203pub struct IgvmAttest {
204    /// Response data
205    pub response: Vec<u8>,
206}
207
208/// Response fields for VMGS Get Device Info from the host
209pub struct VmgsGetDeviceInfo {
210    /// Status of the request
211    pub status: VmgsIoStatus,
212    /// Logical sectors
213    pub capacity: u64,
214    /// Bytes per logical sector
215    pub bytes_per_logical_sector: u16,
216    /// Bytes per physical sector
217    pub bytes_per_physical_sector: u16,
218    /// Maximum transfer size bytes
219    pub maximum_transfer_size_bytes: u32,
220}
221
222/// Response fields from Time from the host
223#[derive(Debug, Copy, Clone)]
224pub struct Time {
225    /// UTC, in 100ns units since Jan 1 1601.
226    ///
227    /// (corresponds to `RtlGetSystemTime()` on the Host)
228    pub utc: i64,
229    /// Time zone (as minutes from UTC)
230    pub time_zone: i16,
231}
232
233/// A handle returned by `CreateRamGpaRange`, which can be passed to
234/// `ResetRamGpaRange` in order to reset the associated range.
235#[derive(Debug)]
236pub struct RemoteRamGpaRangeHandle(u32);
237
238impl RemoteRamGpaRangeHandle {
239    /// Return a raw u32 that represents this handle
240    pub fn as_raw(&self) -> u32 {
241        self.0
242    }
243
244    /// Create a new [`RemoteRamGpaRangeHandle`] from a raw u32 previously
245    /// returned from `into_raw`.
246    pub fn from_raw(handle: u32) -> Self {
247        RemoteRamGpaRangeHandle(handle)
248    }
249}
250
251/// Request to save Guest state during servicing.
252#[derive(MeshPayload)]
253pub struct GuestSaveRequest {
254    /// GUID associated with the request.
255    pub correlation_id: Guid,
256    /// When to complete the request.
257    pub timeout_hint: Duration,
258    /// Flags bitfield.
259    #[mesh(encoding = "mesh::payload::encoding::ZeroCopyEncoding")]
260    pub capabilities_flags: SaveGuestVtl2StateFlags,
261}