diff --git a/src/ok.rs b/src/ok.rs index eb82d9e..6bf2bf0 100644 --- a/src/ok.rs +++ b/src/ok.rs @@ -1,6 +1,8 @@ use super::*; use std::fmt; +use std::fs::File; +use std::io::{BufRead, BufReader}; use bitfield::bitfield; use colorful::*; @@ -10,6 +12,9 @@ use serde::{Deserialize, Serialize}; const SEV_MASK: usize = 1; const ES_MASK: usize = 1 << 1; const SNP_MASK: usize = 1 << 2; +const MSR_SEV_STATUS: u32 = 0xC0010131; +const SEV_STATUS_SYSFS_FILENAME: &str = "/sys/devices/system/cpu/sev/sev_status"; + type TestFn = dyn Fn() -> TestResult; struct Test { @@ -71,12 +76,12 @@ impl fmt::Display for TestState { } fn collect_tests() -> Vec { - // Grab your MSR value one time. - let temp_bitfield = match get_values(0xC0010131, 0) { + // Grab SEV_STATUS one time. + let temp_bitfield = match get_sev_status() { Ok(temp_bitfield) => temp_bitfield, Err(e) => { return vec![Test { - name: "Error reading MSR", + name: "Error reading SEV_STATUS", gen_mask: SEV_MASK, run: Box::new(move || TestResult { name: "Error reading MSR".to_string(), @@ -345,12 +350,25 @@ fn emit_skip(tests: &[Test], level: usize, quiet: bool) { } } -fn get_values(reg: u32, cpu: u16) -> Result { - let mut msr = Msr::new(reg, cpu).context("Error Reading MSR")?; +fn get_status_sysfs() -> Result { + let status_file = File::open(SEV_STATUS_SYSFS_FILENAME)?; + let mut reader = BufReader::new(status_file); + let mut buffer = String::new(); + + reader.read_line(&mut buffer)?; + Ok(SevStatus(u64::from_str_radix(buffer.trim(), 16)?)) +} + +fn get_status_msr() -> Result { + let mut msr = Msr::new(MSR_SEV_STATUS, 0).context("Error Reading MSR")?; let my_bitfield = SevStatus(msr.read()?); Ok(my_bitfield) } +fn get_sev_status() -> Result { + get_status_sysfs().or_else(|_| get_status_msr()) +} + fn run_msr_check(check_bit: u64, sev_feature: &str, optional_field: bool) -> TestResult { let mut status = TestState::Fail; let mut message = "DISABLED".to_string();