[kvm-unit-tests RFC v2 08/18] x86 TDX: Extend EFI run script to support TDX

Qian Wen <qian.wen@xxxxxxxxx> · Mon, 18 Dec 2023 15:22:37 +0800

From: Zhenzhong Duan <zhenzhong.duan@xxxxxxxxx>

Currently TDX framework is based on EFI support and running test case in
TDX environment requires special QEMU command line parameters.

Add an environment variable EFI_TDX. When set, enable test case to run
in TDX protected environment with special QEMU parameters.

Force "-cpu host" to be the last parameter as qemu doesn't support to
customize CPU feature for TD guest currently.

Using "-bios" to load TDVF (OVMF with TDX support).

Signed-off-by: Zhenzhong Duan <zhenzhong.duan@xxxxxxxxx>
Reviewed-by: Yu Zhang <yu.c.zhang@xxxxxxxxx>
Link: https://lore.kernel.org/r/20220303071907.650203-8-zhenzhong.duan@xxxxxxxxx
Co-developed-by: Qian Wen <qian.wen@xxxxxxxxx>
Signed-off-by: Qian Wen <qian.wen@xxxxxxxxx>
---
 x86/efi/README.md |  6 ++++++
 x86/efi/run       | 19 +++++++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/x86/efi/README.md b/x86/efi/README.md
index aa1dbcdd..494f3888 100644
--- a/x86/efi/README.md
+++ b/x86/efi/README.md
@@ -30,6 +30,12 @@ the env variable `EFI_UEFI`:
 
     EFI_UEFI=/path/to/OVMF.fd ./x86/efi/run ./x86/msr.efi
 
+### Run test cases with UEFI in TDX environment
+
+To run a test case with UEFI and TDX enabled:
+
+    EFI_TDX=y ./x86/efi/run ./x86/msr.efi
+
 ## Code structure
 
 ### Code from GNU-EFI
diff --git a/x86/efi/run b/x86/efi/run
index 85aeb94f..08512b08 100755
--- a/x86/efi/run
+++ b/x86/efi/run
@@ -18,6 +18,7 @@ source config.mak
 : "${EFI_TEST:=efi-tests}"
 : "${EFI_SMP:=1}"
 : "${EFI_CASE:=$(basename $1 .efi)}"
+: "${EFI_TDX:=n}"
 
 if [ ! -f "$EFI_UEFI" ]; then
 	echo "UEFI firmware not found: $EFI_UEFI"
@@ -29,6 +30,24 @@ fi
 # Remove the TEST_CASE from $@
 shift 1
 
+# TDX support -kernel QEMU parameter, could utilize the original way of
+# verifying QEMU's configuration. CPU feature customization isn't supported
+# in TDX currently, so pass through all the features with `-cpu host`
+if [ "$EFI_TDX" == "y" ]; then
+	"$TEST_DIR/run" \
+	-bios "$EFI_UEFI" \
+	-object tdx-guest,id=tdx0 \
+	-machine q35,kernel_irqchip=split,confidential-guest-support=tdx0 \
+	-kernel "$EFI_SRC/$EFI_CASE.efi" \
+	-net none \
+	-nographic \
+	-m 256 \
+	"$@" \
+	-cpu host
+
+	exit $?
+fi
+
 if [ "$EFI_CASE" = "_NO_FILE_4Uhere_" ]; then
 	EFI_CASE=dummy
 fi
-- 
2.25.1








