diff --git a/guest-test/guest.test_executor.sh b/guest-test/guest.test_executor.sh index af685b9..3096105 100755 --- a/guest-test/guest.test_executor.sh +++ b/guest-test/guest.test_executor.sh @@ -143,6 +143,24 @@ case "$TESTCASE" in guest_attest_test "global.verify_quote" || \ die "Failed on $TESTCASE" ;; + TD_TSC_DEFAULT) + guest_test_prepare osv_sanity/tdx_guest_tsc_check.sh + source osv_sanity/tdx_host_tsc_check.sh + guest_test_entry tdx_guest_tsc_check.sh "-c $HOST_TSC" || \ + die "Failed on TD_TSC_DEFAULT tdx_guest_tsc_check.sh -c $HOST_TSC" + if [[ $GCOV == "off" ]]; then + guest_test_close + fi + ;; + TD_TSC_CONFIG) + guest_test_prepare osv_sanity/tdx_guest_tsc_check.sh + CONFIG_TSC=3000000000 + guest_test_entry tdx_guest_tsc_check.sh "-c $CONFIG_TSC" || \ + die "Failed on TD_TSC_CONFIG tdx_guest_tsc_check.sh -c $CONFIG_TSC" + if [[ $GCOV == "off" ]]; then + guest_test_close + fi + ;; :) test_print_err "Must specify the test scenario option by [-t]" usage && exit 1 diff --git a/guest-test/osv_sanity/qemu.config.default.json b/guest-test/osv_sanity/qemu.config.default.json new file mode 100644 index 0000000..786d085 --- /dev/null +++ b/guest-test/osv_sanity/qemu.config.default.json @@ -0,0 +1,50 @@ +{ + "common": { + "kernel_img": "/boot/vmlinuz-xxx-yyy", + "initrd_img": "/boot/initramfs-xxx-yyy", + "bios_img": "/path/to/EDKII/OVMF.fd or other virtual BIOS", + "qemu_img": "/path/to/qemu-kvm with proper capabilty of VM test", + "guest_img": "/path/to/prepared/guest_os_image, in qcow2 or raw image format", + "guest_img_format": "raw", + "boot_pattern": "*Kernel*on*an*x86_64*", + "guest_root_passwd": "123456", + "vm_type": "tdx", + "pmu": "off", + "cpus": "4", + "sockets": "1", + "mem": "16", + "cmdline": "accept_memory=lazy", + "debug": "on" + }, + + "vm": { + "cfg_1": "-accel kvm -no-reboot -nographic -vga none -device virtio-net-pci,netdev=mynet0,mac=DE:AD:BE:EF:AB:CD,romfile= ", + "cfg_2": "-chardev stdio,id=mux,mux=on,signal=off -device virtio-serial,romfile= -device virtconsole,chardev=mux ", + "cfg_3": "-serial chardev:mux -monitor chardev:mux -monitor pty -no-hpet -nodefaults ", + "cfg_var_1": "-name process=$VM_TYPEVM_$PORT,debug-threads=on ", + "cfg_var_2": "-cpu host,host-phys-bits,pmu=$PMU ", + "cfg_var_3": "-smp cpus=$VCPU,sockets=$SOCKETS ", + "cfg_var_4": "-m $MEMG ", + "cfg_var_5": "-kernel $KERNEL_IMG ", + "cfg_var_6": "-initrd $INITRD_IMG", + "cfg_var_7": "-netdev user,id=mynet0,hostfwd=tcp::$PORT-:22 ", + "cfg_var_8": "-drive file=$GUEST_IMG,if=virtio,format=$IMG_FORMAT ", + "cfg_var_9": "-append \"root=/dev/vda3 ro console=hvc0 earlyprintk=ttyS0 ignore_loglevel debug earlyprintk l1tf=off initcall_debug log_buf_len=200M nokaslr tsc=reliable efi=debug mce=off efi=debug $CMDLINE\" ", + "cfg_var_10": "-bios $BIOS_IMG ", + "cfg_var_11": "-monitor telnet:127.0.0.1:$PORT_TEL,server,nowait " + }, + + "tdx": { + "cfg_1": "-machine q35,kernel_irqchip=split,confidential-guest-support=tdx,memory-backend=ram1 ", + "cfg_var_1": "-object tdx-guest,id=tdx,debug=$DEBUG,sept-ve-disable=on,quote-generation-service=vsock:2:4050 ", + "cfg_var_2": "-object memory-backend-memfd-private,id=ram1,size=$MEMG " + }, + + "tdxio": { + "cfg_1": "-object iommufd,id=iommufd0 ", + "cfg_2": "-device vfio-pci,host=tee_bdf1,id=hostdev2,addr=0x3,x-secure-mode=on ", + "cfg_3": "-device vfio-pci,host=tee_bdf2,id=hostdev3,addr=0x4,x-secure-mode=on ", + "cfg_4": "-device vfio-pci,host=tee_bdf3,id=hostdev4,addr=0x5,x-secure-mode=on ", + "cfg_5": "-device vfio-pci,host=tee_bdf4,id=hostdev5,addr=0x6,x-secure-mode=on " + } +} \ No newline at end of file diff --git a/guest-test/osv_sanity/qemu.config.tsc.json b/guest-test/osv_sanity/qemu.config.tsc.json new file mode 100644 index 0000000..91ff82d --- /dev/null +++ b/guest-test/osv_sanity/qemu.config.tsc.json @@ -0,0 +1,50 @@ +{ + "common": { + "kernel_img": "/boot/vmlinuz-xxx-yyy", + "initrd_img": "/boot/initramfs-xxx-yyy", + "bios_img": "/path/to/EDKII/OVMF.fd or other virtual BIOS", + "qemu_img": "/path/to/qemu-kvm with proper capabilty of VM test", + "guest_img": "/path/to/prepared/guest_os_image, in qcow2 or raw image format", + "guest_img_format": "raw", + "boot_pattern": "*Kernel*on*an*x86_64*", + "guest_root_passwd": "123456", + "vm_type": "tdx", + "pmu": "off", + "cpus": "4", + "sockets": "1", + "mem": "16", + "cmdline": "accept_memory=lazy", + "debug": "on" + }, + + "vm": { + "cfg_1": "-accel kvm -no-reboot -nographic -vga none -device virtio-net-pci,netdev=mynet0,mac=DE:AD:BE:EF:AB:CD,romfile= ", + "cfg_2": "-chardev stdio,id=mux,mux=on,signal=off -device virtio-serial,romfile= -device virtconsole,chardev=mux ", + "cfg_3": "-serial chardev:mux -monitor chardev:mux -monitor pty -no-hpet -nodefaults ", + "cfg_var_1": "-name process=$VM_TYPEVM_$PORT,debug-threads=on ", + "cfg_var_2": "-cpu host,host-phys-bits,pmu=$PMU,tsc-freq=3000000000 ", + "cfg_var_3": "-smp cpus=$VCPU,sockets=$SOCKETS ", + "cfg_var_4": "-m $MEMG ", + "cfg_var_5": "-kernel $KERNEL_IMG ", + "cfg_var_6": "-initrd $INITRD_IMG", + "cfg_var_7": "-netdev user,id=mynet0,hostfwd=tcp::$PORT-:22 ", + "cfg_var_8": "-drive file=$GUEST_IMG,if=virtio,format=$IMG_FORMAT ", + "cfg_var_9": "-append \"root=/dev/vda3 ro console=hvc0 earlyprintk=ttyS0 ignore_loglevel debug earlyprintk l1tf=off initcall_debug log_buf_len=200M nokaslr tsc=reliable efi=debug mce=off efi=debug $CMDLINE\" ", + "cfg_var_10": "-bios $BIOS_IMG ", + "cfg_var_11": "-monitor telnet:127.0.0.1:$PORT_TEL,server,nowait " + }, + + "tdx": { + "cfg_1": "-machine q35,kernel_irqchip=split,confidential-guest-support=tdx,memory-backend=ram1 ", + "cfg_var_1": "-object tdx-guest,id=tdx,debug=$DEBUG,sept-ve-disable=on,quote-generation-service=vsock:2:4050 ", + "cfg_var_2": "-object memory-backend-memfd-private,id=ram1,size=$MEMG " + }, + + "tdxio": { + "cfg_1": "-object iommufd,id=iommufd0 ", + "cfg_2": "-device vfio-pci,host=tee_bdf1,id=hostdev2,addr=0x3,x-secure-mode=on ", + "cfg_3": "-device vfio-pci,host=tee_bdf2,id=hostdev3,addr=0x4,x-secure-mode=on ", + "cfg_4": "-device vfio-pci,host=tee_bdf3,id=hostdev4,addr=0x5,x-secure-mode=on ", + "cfg_5": "-device vfio-pci,host=tee_bdf4,id=hostdev5,addr=0x6,x-secure-mode=on " + } +} \ No newline at end of file diff --git a/guest-test/osv_sanity/tdx_guest_tsc_check.sh b/guest-test/osv_sanity/tdx_guest_tsc_check.sh new file mode 100755 index 0000000..71c4b07 --- /dev/null +++ b/guest-test/osv_sanity/tdx_guest_tsc_check.sh @@ -0,0 +1,56 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0-only +# Copyright (c) 2023 Intel Corporation + +# Author: Hongyu Ning +# +# History: 24, Aug., 2023 - Hongyu Ning - creation + + +# @desc This script do basic TD guest booting check in TDX Guest VM + +###################### Variables ###################### +SCRIPT_DIR="$( cd "$( dirname "$0" )" && pwd )" +echo "$SCRIPT_DIR" +source common.sh + +while getopts :c: arg; do + case $arg in + c) + HOST_TSC=$OPTARG + ;; + *) + test_print_err "Must supply an argument to -$OPTARG." + exit 1 + ;; + esac +done + +###################### Functions ###################### +tdx_tsc_check(){ + GUEST_TSC_INFO=$(dmesg | grep -i "tsc" | grep -i "detected") + test_print_trc "TSC value info: $GUEST_TSC_INFO" + which cpuid || dnf install -y cpuid + cpuid -1 | grep -i "tsc" + TSC_RAW=$(cpuid -rl 0x15 -1) + TSC_EAX=${TSC_RAW#*eax=} + TSC_EAX=${TSC_EAX%% *} + TSC_EBX=${TSC_RAW#*ebx=} + TSC_EBX=${TSC_EBX%% *} + TSC_ECX=${TSC_RAW#*ecx=} + TSC_ECX=${TSC_ECX%% *} + TSC_EDX=${TSC_RAW#*edx=} + TSC_EDX=${TSC_EDX%% *} + GUEST_TSC=$((TSC_ECX * TSC_EBX / TSC_EAX)) +} + +###################### Do Works ###################### +# check TSC value on guest +tdx_tsc_check + +if [ $GUEST_TSC -ne $HOST_TSC ]; then + die "TD guest boot with TSC $GUEST_TSC, not equal to host TSC $HOST_TSC" +else + test_print_trc "TD Guest TSC value equal to Host TSC." + test_print_trc "TSC value check on TD guest complete." +fi \ No newline at end of file diff --git a/guest-test/osv_sanity/tdx_host_tsc_check.sh b/guest-test/osv_sanity/tdx_host_tsc_check.sh new file mode 100755 index 0000000..abeee63 --- /dev/null +++ b/guest-test/osv_sanity/tdx_host_tsc_check.sh @@ -0,0 +1,47 @@ +#!/usr/bin/bash +# SPDX-License-Identifier: GPL-2.0-only +# Copyright (c) 2023 Intel Corporation + +# Author: Hongyu Ning +# +# History: 30, Oct., 2023 - Hongyu Ning - creation + + +# @desc This script do basic can provide basic TDX host check + +###################### Variables ###################### +SCRIPT_DIR="$( cd "$( dirname "$0" )" && pwd )" +echo "$SCRIPT_DIR" + +# host machine tsc clock freq +HOST_TSC=0 + +###################### Functions ###################### +tdx_flag_check(){ + dmesg | grep -i "tdx" | grep -i "initialized" || \ + die "host machine TDX enabling failed, please check" +} + +tdx_tsc_check(){ + HOST_TSC_INFO=$(dmesg | grep -i "tsc" | grep -i "detected") + test_print_trc "TSC value info: $HOST_TSC_INFO" + TSC_RAW=$(cpuid -rl 0x15 -1) + TSC_EAX=${TSC_RAW#*eax=} + TSC_EAX=${TSC_EAX%% *} + TSC_EBX=${TSC_RAW#*ebx=} + TSC_EBX=${TSC_EBX%% *} + TSC_ECX=${TSC_RAW#*ecx=} + TSC_ECX=${TSC_ECX%% *} + TSC_EDX=${TSC_RAW#*edx=} + TSC_EDX=${TSC_EDX%% *} + HOST_TSC=$((TSC_ECX * TSC_EBX / TSC_EAX)) +} + +###################### Do Works ###################### +cd "$(dirname "$0")" 2>/dev/null || exit 1 +source ../.env + +# check TDX flag +tdx_flag_check +# check TSC value on host +tdx_tsc_check \ No newline at end of file diff --git a/guest-test/osv_sanity/test_2.1.1.4 b/guest-test/osv_sanity/test_2.1.1.4 new file mode 100755 index 0000000..e839ae8 --- /dev/null +++ b/guest-test/osv_sanity/test_2.1.1.4 @@ -0,0 +1,4 @@ +# Create TDX guest with default qemu config and check TSC value on guest +guest.test_launcher.sh -v 1 -s 1 -m 4 -d on -t tdx -x TD_TSC_DEFAULT -p off -j "osv_sanity/qemu.config.default.json" +# Create TDX guest with tsc-freq specified qemu config and check TSC value on guest +guest.test_launcher.sh -v 1 -s 1 -m 4 -d on -t tdx -x TD_TSC_CONFIG -p off -j "osv_sanity/qemu.config.tsc.json" \ No newline at end of file