From 0c232a41bd83ea975b5bd1d03885f05a4387efd1 Mon Sep 17 00:00:00 2001 From: Wei Liu Date: Fri, 19 Jul 2024 14:32:18 +0800 Subject: [PATCH] Update script to support v8.0+ QEMU Signed-off-by: Wei Liu --- sh_script/integration_tdx.sh | 41 ++++++++++++------ sh_script/launch-rust-td.sh | 80 ++++++++++++++++++++++++++++++++---- 2 files changed, 100 insertions(+), 21 deletions(-) diff --git a/sh_script/integration_tdx.sh b/sh_script/integration_tdx.sh index 0c48391d..37e9855e 100644 --- a/sh_script/integration_tdx.sh +++ b/sh_script/integration_tdx.sh @@ -142,11 +142,10 @@ launch_td_test_payload() { local time_out=120 local key_str="0 failed" - nohup ${qemu_tdx_path} -accel kvm \ + QEMU_CMD="${qemu_tdx_path} -accel kvm \ -name process=rust-td,debug-threads=on \ -smp ${cpus},sockets=${cpus} \ -object tdx-guest,id=tdx,debug=on \ - -object memory-backend-memfd-private,id=ram1,size=${memory} \ -machine q35,memory-backend=ram1,kernel_irqchip=split,confidential-guest-support=tdx \ -no-hpet \ -cpu host,pmu=off,-kvm-steal-time \ @@ -155,17 +154,25 @@ launch_td_test_payload() { -chardev stdio,id=mux,mux=on,signal=off \ -device virtio-serial,romfile= \ -device virtconsole,chardev=mux -serial chardev:mux -monitor chardev:mux \ - -d int -no-reboot > ${nohup_logfile} 2>&1 & - + -d int -no-reboot" + + QEMU_VERSION=`${qemu_tdx_path} --version | grep -oP 'version \K[^\s]+'` + if [ "$(printf '%s\n' "8.0.0" "${QEMU_VERSION}" | sort -V | head -n1)" == "8.0.0" ]; then + QEMU_CMD+=" -object memory-backend-ram,id=ram1,size=${memory},private=on " + else + QEMU_CMD+=" -object memory-backend-memfd-private,id=ram1,size=${memory} " + fi + + eval "nohup ${QEMU_CMD} > ${nohup_logfile} 2>&1 &" check_result ${nohup_logfile} "${key_str}" ${time_out} if [[ $? -eq 0 ]] then - ps aux | grep ${qemu_tdx_path} | grep -v grep | awk -F ' ' '{print $2}' | xargs kill -9 cat ${nohup_logfile} && echo "-- launch td payload: Pass" - else ps aux | grep ${qemu_tdx_path} | grep -v grep | awk -F ' ' '{print $2}' | xargs kill -9 + else cat ${nohup_logfile} && echo "-- launch td payload: Fail" && exit 1 + ps aux | grep ${qemu_tdx_path} | grep -v grep | awk -F ' ' '{print $2}' | xargs kill -9 fi } @@ -174,11 +181,10 @@ test_secure_boot() { local time_out=120 local key_str="Starting td-payload hob" - nohup ${qemu_tdx_path} -accel kvm \ + QEMU_CMD="${qemu_tdx_path} -accel kvm \ -name process=rust-td,debug-threads=on \ -smp ${cpus},sockets=${cpus} \ -object tdx-guest,id=tdx,debug=on \ - -object memory-backend-memfd-private,id=ram1,size=${memory} \ -machine q35,memory-backend=ram1,kernel_irqchip=split,confidential-guest-support=tdx \ -no-hpet \ -cpu host,pmu=off,-kvm-steal-time \ @@ -187,19 +193,28 @@ test_secure_boot() { -chardev stdio,id=mux,mux=on,signal=off \ -device virtio-serial,romfile= \ -device virtconsole,chardev=mux -serial chardev:mux -monitor chardev:mux \ - -d int -no-reboot > ${nohup_logfile} 2>&1 & - + -d int -no-reboot" + + QEMU_VERSION=`${qemu_tdx_path} --version | grep -oP 'version \K[^\s]+'` + if [ "$(printf '%s\n' "8.0.0" "${QEMU_VERSION}" | sort -V | head -n1)" == "8.0.0" ]; then + QEMU_CMD+=" -object memory-backend-ram,id=ram1,size=${memory},private=on " + else + QEMU_CMD+=" -object memory-backend-memfd-private,id=ram1,size=${memory} " + fi + + eval "nohup ${QEMU_CMD} > ${nohup_logfile} 2>&1 &" check_result ${nohup_logfile} "${key_str}" ${time_out} if [[ $? -eq 0 && ${firmware} == *normal* ]] || [[ $? -ne 0 && ${firmware} == *mismatch-pubkey* ]] || [[ $? -ne 0 && ${firmware} == *unsigned* ]] then - ps aux | grep ${qemu_tdx_path} | grep -v grep | awk -F ' ' '{print $2}' | xargs kill -9 echo "-- secure boot test: Pass" - else ps aux | grep ${qemu_tdx_path} | grep -v grep | awk -F ' ' '{print $2}' | xargs kill -9 + + else cat ${nohup_logfile} && echo "-- secure boot test: Fail" && exit 1 + ps aux | grep ${qemu_tdx_path} | grep -v grep | awk -F ' ' '{print $2}' | xargs kill -9 fi } @@ -229,4 +244,4 @@ main() { } proccess_args $@ -main \ No newline at end of file +main diff --git a/sh_script/launch-rust-td.sh b/sh_script/launch-rust-td.sh index 6b7c7ada..5adc6e16 100644 --- a/sh_script/launch-rust-td.sh +++ b/sh_script/launch-rust-td.sh @@ -1,14 +1,78 @@ #!/bin/bash +# Default values +QEMU_PATH="/usr/libexec/qemu-kvm" +BIOS_IMAGE="final.bin" +CPUS=1 +MEM="1G" + +# Function to display usage +usage() { + echo "Usage: $0 [options]" + echo "Options:" + echo " -p Specify the QEMU executable path. Default is /usr/libexec/qemu-kvm." + echo " -c Number of CPUs. Default is 1." + echo " -m Memory size. Default is 1G." + echo " -b Path to the BIOS image file. Default is final.bin." + echo " -h Display this help message and exit." + exit 1 +} + +# Parse command line options +while getopts ":p:c:m:b:h" opt; do + case $opt in + p) + QEMU_PATH="$OPTARG" + ;; + c) + CPUS="$OPTARG" + ;; + m) + MEM="$OPTARG" + ;; + b) + BIOS_IMAGE="$OPTARG" + ;; + h) + usage + ;; + \?) + echo "Invalid option: -$OPTARG" >&2 + usage + ;; + :) + echo "Option -$OPTARG requires an argument." >&2 + usage + ;; + esac +done + +# Timestamp for logfile now=$(date +"%m%d_%H%M") LOGFILE=stdout.${now}.log -QEMU=/home/oem/tdvf-install/usr/libexec/qemu-kvm -BIOS=/home/oem/final.bin +# Check QEMU version for memory backend options +QEMU_VERSION=$(${QEMU_PATH} --version | grep -oP 'version \K[^\s]+') +if [ "$(printf '%s\n' "8.0.0" "${QEMU_VERSION}" | sort -V | head -n1)" == "8.0.0" ]; then + MEMORY_BACKEND="-object memory-backend-ram,id=ram1,size=${MEM},private=on" +else + MEMORY_BACKEND="-object memory-backend-memfd-private,id=ram1,size=${MEM}" +fi + +# Construct the QEMU command +QEMU_CMD="${QEMU_PATH} -accel kvm \ + -name process=rust-td,debug-threads=on \ + -smp ${CPUS} \ + -object tdx-guest,id=tdx,debug=on \ + -machine q35,memory-backend=ram1,kernel_irqchip=split,confidential-guest-support=tdx \ + -no-hpet \ + -cpu host,pmu=off,-kvm-steal-time \ + -bios ${BIOS_IMAGE} \ + -m ${MEM} -nographic -vga none \ + -chardev stdio,id=mux,mux=on,signal=off \ + -device virtio-serial,romfile= \ + -device virtconsole,chardev=mux -serial chardev:mux -monitor chardev:mux \ + -d int -no-reboot ${MEMORY_BACKEND}" -$QEMU \ - -no-reboot -name debug-threads=on -enable-kvm -smp 1,sockets=1 -object tdx-guest,id=tdx,debug=on \ - -machine q35,accel=kvm,kvm-type=tdx,kernel_irqchip=split,confidential-guest-support=tdx -no-hpet \ - -cpu host,host-phys-bits,+invtsc \ - -device loader,file=$BIOS,id=fd0 \ - -m 2G -nographic -vga none | tee -a ${LOGFILE} +# Execute the QEMU command and redirect output to logfile +$QEMU_CMD 2>&1 | tee "${LOGFILE}"