Adding deprecation flags for SEV components and bumping to 5.1

As discussed, adding deprecation flags for SEV components, so that it
can be removed in the next 6.0 release. Bumping to 5.1 so that people
can still use 5.0.0 without compilation warnings if they are using SEV.

Signed-off-by: DGonzalezVillal <[email protected]>

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "sev"
-version = "5.0.0"
+version = "5.1.0"
 authors = [
     "Nathaniel McCallum <[email protected]>",
     "The VirTEE Project Developers",

src/certs/mod.rs

@@ -1,6 +1,10 @@
 // SPDX-License-Identifier: Apache-2.0
 
 /// Legacy SEV certificates.
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(feature = "sev")]
 pub mod sev;
 

src/certs/sev/builtin/mod.rs

@@ -4,8 +4,23 @@
 //!
 //! These are primarily offered as a convenience measure to avoid making
 //! HTTP requests to AMD's servers.
-
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 pub mod genoa;
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 pub mod milan;
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 pub mod naples;
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 pub mod rome;

src/certs/sev/ca/cert/mod.rs

@@ -10,7 +10,6 @@ use std::mem::size_of;
 
 use serde::{de, ser};
 use serde_bytes::{ByteBuf, Bytes};
-
 /// An OCA certificate.
 #[derive(Clone, Copy)]
 #[repr(C)]

src/certs/sev/ca/mod.rs

@@ -2,7 +2,15 @@
 
 //! For operating on OCA certificates.
 
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 mod cert;
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 mod chain;
 
 pub use cert::Certificate;

src/certs/sev/mod.rs

@@ -1,20 +1,40 @@
 // SPDX-License-Identifier: Apache-2.0
 
 //! Everything needed for working with AMD SEV certificate chains.
-
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 pub mod builtin;
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 pub mod ca;
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 mod chain;
-
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
+#[cfg(feature = "openssl")]
+mod crypto;
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[allow(clippy::module_inception)]
 pub mod sev;
-
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(feature = "openssl")]
 mod util;
 
-#[cfg(feature = "openssl")]
-mod crypto;
-
 pub use chain::Chain;
 
 use crate::util::*;

src/firmware/linux/host/types/mod.rs

@@ -1,11 +1,19 @@
 // SPDX-License-Identifier: Apache-2.0
 
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(feature = "sev")]
 mod sev;
 
 #[cfg(feature = "snp")]
 mod snp;
 
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(feature = "sev")]
 pub use self::sev::*;
 
@@ -48,6 +56,10 @@ impl<'a> GetId<'a> {
 /// Reset the platform's persistent state.
 ///
 /// (Chapter 5.5)
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(feature = "sev")]
 #[cfg(target_os = "linux")]
 pub struct PlatformReset;

src/launch/linux/mod.rs

@@ -3,6 +3,10 @@
 //! Operations and types for launching on Linux
 pub(crate) mod ioctl;
 
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(feature = "sev")]
 pub(crate) mod sev;
 

src/launch/mod.rs

@@ -10,6 +10,10 @@
 #[cfg(any(feature = "sev", feature = "snp"))]
 mod linux;
 
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(feature = "sev")]
 pub mod sev;
 

src/lib.rs

@@ -102,9 +102,19 @@ pub mod launch;
     target_os = "linux"
 ))]
 pub mod measurement;
+
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(target_os = "linux", feature = "openssl", feature = "sev"))]
 pub mod session;
 mod util;
+
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 pub mod vmsa;
 
 /// Error module.
@@ -255,10 +265,18 @@ impl codicon::Encoder<()> for Build {
 #[derive(Copy, Clone)]
 pub enum Generation {
     /// First generation EPYC (SEV).
+    #[deprecated(
+        since = "5.0.0",
+        note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+    )]
     #[cfg(feature = "sev")]
     Naples,
 
     /// Second generation EPYC (SEV, SEV-ES).
+    #[deprecated(
+        since = "5.0.0",
+        note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+    )]
     #[cfg(feature = "sev")]
     Rome,
 
@@ -388,7 +406,6 @@ impl Generation {
 }
 
 // The C FFI interface to the library.
-
 #[cfg(all(feature = "sev", target_os = "linux"))]
 lazy_static! {
     static ref INIT_MAP: Mutex<HashMap<RawFd, Launcher<New, RawFd, RawFd>>> =
@@ -401,6 +418,10 @@ lazy_static! {
         Mutex::new(HashMap::new());
 }
 
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", target_os = "linux"))]
 fn set_fw_err(ptr: *mut c_int, err: FirmwareError) {
     unsafe { *ptr = err.into() };
@@ -412,6 +433,10 @@ fn set_fw_err(ptr: *mut c_int, err: FirmwareError) {
 ///
 /// The caller of this function is responsible for ensuring that the pointer arguments are
 /// valid.
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", target_os = "linux"))]
 #[no_mangle]
 pub unsafe extern "C" fn sev_init(vm_fd: c_int, sev_fd: c_int, fw_err: *mut c_int) -> c_int {
@@ -438,6 +463,10 @@ pub unsafe extern "C" fn sev_init(vm_fd: c_int, sev_fd: c_int, fw_err: *mut c_in
 ///
 /// The caller of this function is responsible for ensuring that the pointer arguments are
 /// valid.
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", target_os = "linux"))]
 #[no_mangle]
 pub unsafe extern "C" fn sev_es_init(vm_fd: c_int, sev_fd: c_int, fw_err: *mut c_int) -> c_int {
@@ -464,6 +493,10 @@ pub unsafe extern "C" fn sev_es_init(vm_fd: c_int, sev_fd: c_int, fw_err: *mut c
 ///
 /// The caller of this function is responsible for ensuring that the pointer arguments are
 /// valid.
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", target_os = "linux"))]
 #[no_mangle]
 pub unsafe extern "C" fn sev_launch_start(
@@ -510,6 +543,10 @@ pub unsafe extern "C" fn sev_launch_start(
 ///
 /// The caller of this function is responsible for ensuring that the pointer arguments are
 /// valid.
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", target_os = "linux"))]
 #[no_mangle]
 pub unsafe extern "C" fn sev_launch_update_data(
@@ -539,6 +576,10 @@ pub unsafe extern "C" fn sev_launch_update_data(
 ///
 /// The caller of this function is responsible for ensuring that the pointer arguments are
 /// valid.
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", target_os = "linux"))]
 #[no_mangle]
 pub unsafe extern "C" fn sev_launch_update_vmsa(vm_fd: c_int, fw_err: *mut c_int) -> c_int {
@@ -565,6 +606,10 @@ pub unsafe extern "C" fn sev_launch_update_vmsa(vm_fd: c_int, fw_err: *mut c_int
 ///
 /// The "measurement_data" argument should be a valid pointer able to hold the meausurement's
 /// bytes. The measurement is 48 bytes in size.
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", target_os = "linux"))]
 #[no_mangle]
 pub unsafe extern "C" fn sev_launch_measure(
@@ -612,6 +657,10 @@ pub unsafe extern "C" fn sev_launch_measure(
 ///
 /// The caller of this function is responsible for ensuring that the pointer arguments are
 /// valid.
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", target_os = "linux"))]
 #[no_mangle]
 pub unsafe extern "C" fn sev_inject_launch_secret(
@@ -658,6 +707,10 @@ pub unsafe extern "C" fn sev_inject_launch_secret(
 ///
 /// The caller of this function is responsible for ensuring that the pointer arguments are
 /// valid.
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", target_os = "linux"))]
 #[no_mangle]
 pub unsafe extern "C" fn sev_launch_finish(vm_fd: c_int, fw_err: *mut c_int) -> c_int {
@@ -687,6 +740,10 @@ pub unsafe extern "C" fn sev_launch_finish(vm_fd: c_int, fw_err: *mut c_int) ->
 ///
 /// The caller of this function is responsible for ensuring that the pointer arguments are
 /// valid.
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", target_os = "linux"))]
 #[allow(unused_assignments)]
 #[no_mangle]

src/measurement/mod.rs

@@ -21,6 +21,10 @@ pub mod vcpu_types;
 #[cfg(all(feature = "snp", feature = "openssl"))]
 pub mod snp;
 
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 #[cfg(all(feature = "sev", feature = "openssl"))]
 pub mod sev;
 

src/measurement/sev.rs

@@ -80,6 +80,10 @@ pub fn seves_calc_launch_digest(
     Ok(launch_hash.finish())
 }
 
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 /// Arguments required to calculate the SEV measurement
 pub struct SevMeasurementArgs<'a> {
     /// Path to OVMF file
@@ -92,6 +96,10 @@ pub struct SevMeasurementArgs<'a> {
     pub append: Option<&'a str>,
 }
 
+#[deprecated(
+    since = "5.0.0",
+    note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+)]
 /// Calculate an SEV launch digest
 pub fn sev_calc_launch_digest(
     sev_measurement: SevMeasurementArgs,

src/measurement/vmsa.rs

@@ -13,6 +13,10 @@ use std::{convert::TryFrom, fmt, str::FromStr};
 #[derive(Debug, Clone, Copy, PartialEq)]
 pub enum SevMode {
     /// SEV
+    #[deprecated(
+        since = "5.0.0",
+        note = "Legacy SEV features will no longer be included/supported in library versions past 5"
+    )]
     Sev,
     /// SEV-ES
     SevEs,