ovmf

package

v0.3.1 Latest Latest Go to latest Published: Mar 1, 2025 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation ¶

Overview ¶

Package ovmf includes tools for parsing OVMF binaries for measurement-specific values.

Index ¶

func GetFwGUIDTable(firmware []byte) ([]byte, error)
func GetFwGUIDToBlockMap(firmware []byte) (map[string][]byte, error)
func GetRipAndCsBaseFromSevEsResetBlock(sevEsResetBlock *opb.SevEsResetBlock) (uint64, uint64, error)
func SevSectionTypeToString(kind uint32) string
type GuestPhysicalRegion
type MaterialGuestPhysicalRegion
type SevData

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GetFwGUIDTable ¶

func GetFwGUIDTable(firmware []byte) ([]byte, error)

GetFwGUIDTable returns OVMF's embedded GUID table. GUIDed table must end with a footer block. So it will search for the footer first, and if the footer is found, it will use the GUIDed table size written in the footer to calculate the beginning and end offset for the GUIDed table and return a string view containing the entire GUIDed table except for the GUID footer block. If the footer is not found, it will return an error.

func GetFwGUIDToBlockMap ¶

func GetFwGUIDToBlockMap(firmware []byte) (map[string][]byte, error)

GetFwGUIDToBlockMap returns a map of GUID to the slice of firmware it represents.

func GetRipAndCsBaseFromSevEsResetBlock ¶

func GetRipAndCsBaseFromSevEsResetBlock(sevEsResetBlock *opb.SevEsResetBlock) (uint64, uint64, error)

GetRipAndCsBaseFromSevEsResetBlock returns the value of RIP and CS base from the SEV-ES reset block `sevEsResetBlock`. Returns the pair <rip, cs base>.

func SevSectionTypeToString ¶

func SevSectionTypeToString(kind uint32) string

SevSectionTypeToString returns section type names for section type codes.

Types ¶

type GuestPhysicalRegion ¶

type GuestPhysicalRegion struct {
	Start  abi.EFIPhysicalAddress
	Length uint64
}

GuestPhysicalRegion represents a region of a guest VM's memory.

type MaterialGuestPhysicalRegion ¶

type MaterialGuestPhysicalRegion struct {
	GPR        GuestPhysicalRegion
	HostBuffer []byte
	// TDVFAttributes is a TDVF-only field for a bitset of directives for the VMM.
	TDVFAttributes uint32
}

MaterialGuestPhysicalRegion represents the memory contents for a region of a guest VM's memory.

func ExtractMaterialGuestPhysicalRegions ¶

func ExtractMaterialGuestPhysicalRegions(firmware []byte) ([]*MaterialGuestPhysicalRegion, error)

ExtractMaterialGuestPhysicalRegions extracts the TDX guest physical regions from the firmware binary with the direction that the firmware provide some unaccepted memory to the guest OS as *not* marked for acceptance by the firmware.

func ExtractMaterialGuestPhysicalRegionsNoUnacceptedMemory ¶

func ExtractMaterialGuestPhysicalRegionsNoUnacceptedMemory(firmware []byte, guestRAMbanks []GuestPhysicalRegion) ([]*MaterialGuestPhysicalRegion, error)

ExtractMaterialGuestPhysicalRegionsNoUnacceptedMemory extracts the TDX guest physical regions from the firmware binary with the direction that all memory will be accepted early in the firmware.

func ExtractMaterialGuestPhysicalRegionsTDHOBBug ¶ added in v0.3.1

func ExtractMaterialGuestPhysicalRegionsTDHOBBug(firmware []byte, guestRAMbanks []GuestPhysicalRegion) ([]*MaterialGuestPhysicalRegion, error)

ExtractMaterialGuestPhysicalRegionsTDHOBBug extracts the TDX guest physical regions from the firmware binary with the direction that the firmware provide some unaccepted memory to the guest OS as *not* marked for acceptance by the firmware. All TDVF Metadata sections are measured to account for a Google hypervisor bug.

type SevData ¶

type SevData struct {
	// Expecting to need SEV-ES data.
	SevEs bool

	// Expecting to need SEV-SNP data.
	SevSnp bool
	// contains filtered or unexported fields
}

SevData represents SEV-specific data that is extracted from an OVMF binary.

func (*SevData) ExtractFromFirmware ¶

func (d *SevData) ExtractFromFirmware(data []byte) error

ExtractFromFirmware parses OVMF binary for SEV-specific data. May only call once.

func (*SevData) SevEsResetBlock ¶

func (d *SevData) SevEsResetBlock() (*opb.SevEsResetBlock, error)

SevEsResetBlock returns the OVMF SEV-ES reset block if it was found, otherwise error.

func (*SevData) SnpMetadataSections ¶

func (d *SevData) SnpMetadataSections() ([]abi.SevMetadataSection, error)

SnpMetadataSections returns the OVMF SEV-SNP metadata sections if there were found, otherwise error.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
abi Package abi defines binary interface conversion functions for the OVMF binary format.	Package abi defines binary interface conversion functions for the OVMF binary format.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL