vmgs_resources/
lib.rs

1// Copyright (c) Microsoft Corporation.
2// Licensed under the MIT License.
3
4//! Resources for VMGS files.
5
6#![forbid(unsafe_code)]
7
8use mesh::MeshPayload;
9use vm_resource::Resource;
10use vm_resource::ResourceId;
11use vm_resource::kind::DiskHandleKind;
12use vm_resource::kind::NonVolatileStoreKind;
13use vmgs_format::FileId;
14
15/// A handle to an individual file within a VMGS file.
16#[derive(MeshPayload)]
17pub struct VmgsFileHandle {
18    /// The file ID.
19    ///
20    /// FUTURE: figure out how to give this the nice type.
21    pub file_id: u32,
22    /// Whether the file is encrypted.
23    pub encrypted: bool,
24}
25
26impl VmgsFileHandle {
27    /// Returns a new handle to the given file.
28    pub fn new(file_id: FileId, encrypted: bool) -> Self {
29        Self {
30            file_id: file_id.0,
31            encrypted,
32        }
33    }
34}
35
36impl ResourceId<NonVolatileStoreKind> for VmgsFileHandle {
37    const ID: &'static str = "vmgs";
38}
39
40/// Virtual machine guest state resource
41#[derive(MeshPayload, Debug)]
42pub enum VmgsResource {
43    /// Use disk to store guest state
44    Disk(VmgsDisk),
45    /// Use disk to store guest state, reformatting if corrupted.
46    ReprovisionOnFailure(VmgsDisk),
47    /// Format and use disk to store guest state
48    Reprovision(VmgsDisk),
49    /// Store guest state in memory
50    Ephemeral,
51}
52
53impl VmgsResource {
54    /// get the encryption policy (returns None for ephemeral guest state)
55    pub fn encryption_policy(&self) -> GuestStateEncryptionPolicy {
56        match self {
57            VmgsResource::Disk(vmgs)
58            | VmgsResource::ReprovisionOnFailure(vmgs)
59            | VmgsResource::Reprovision(vmgs) => vmgs.encryption_policy,
60            VmgsResource::Ephemeral => GuestStateEncryptionPolicy::None(true),
61        }
62    }
63}
64
65/// VMGS disk resource
66#[derive(MeshPayload, Debug)]
67pub struct VmgsDisk {
68    /// Backing disk
69    pub disk: Resource<DiskHandleKind>,
70    /// Guest state encryption policy
71    pub encryption_policy: GuestStateEncryptionPolicy,
72}
73
74/// Guest state encryption policy
75///
76/// See detailed comments in `get_protocol`
77#[derive(MeshPayload, Debug, Clone, Copy)]
78pub enum GuestStateEncryptionPolicy {
79    /// Use the best encryption available, allowing fallback.
80    Auto,
81    /// Prefer (or require, if strict) no encryption.
82    None(bool),
83    /// Prefer (or require, if strict) GspById.
84    GspById(bool),
85    /// Prefer (or require, if strict) GspKey.
86    GspKey(bool),
87}
88
89impl GuestStateEncryptionPolicy {
90    /// whether to use strict encryption policy
91    pub fn is_strict(&self) -> bool {
92        match self {
93            GuestStateEncryptionPolicy::Auto => false,
94            GuestStateEncryptionPolicy::None(strict)
95            | GuestStateEncryptionPolicy::GspById(strict)
96            | GuestStateEncryptionPolicy::GspKey(strict) => *strict,
97        }
98    }
99}
vmgs_resources/lib.rs

vmgs_resources/
lib.rs
