From 642058245b847bebc2b9c38d5560e4b74b894f84 Mon Sep 17 00:00:00 2001 From: Roy Hopkins Date: Fri, 19 Jul 2024 14:27:16 +0100 Subject: [PATCH 1/3] scripts: Update launch script for QEMU 9.0 QEMU 9.0 with IGVM support uses a different command line to previous QEMU versions. The IGVM file is now specified as a separate object. Also, init-flags has been removed and there have been some other changes to the arguments required to launch an SEV-SNP guest. This commit updates scripts/launch.sh to provide the correct arguments when QEMU 9 or greater is detected. Signed-off-by: Roy Hopkins --- scripts/launch_guest.sh | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/scripts/launch_guest.sh b/scripts/launch_guest.sh index e33b815ab..10ca52d03 100755 --- a/scripts/launch_guest.sh +++ b/scripts/launch_guest.sh @@ -62,12 +62,24 @@ QEMU_MINOR=${QEMU_MINOR%%.$QEMU_BUILD} # The QEMU machine and memory command line changed after QEMU 8.2.0 from # the coconut-svsm git repository. -if (( (QEMU_MAJOR > 8) || ((QEMU_MAJOR == 8) && (QEMU_MINOR >= 2)) )); then +if (( QEMU_MAJOR >= 9 )); then + MACHINE=q35,confidential-guest-support=sev0,memory-backend=mem0,igvm-cfg=igvm0 + IGVM_OBJECT= + MEMORY=memory-backend-memfd,size=8G,id=mem0,share=true,prealloc=false,reserve=false + IGVM_OBJECT="-object igvm-cfg,id=igvm0,file=$IGVM" + INIT_FLAGS= + IGVM_FILE= +elif (( (QEMU_MAJOR > 8) || ((QEMU_MAJOR == 8) && (QEMU_MINOR >= 2)) )); then MACHINE=q35,confidential-guest-support=sev0,memory-backend=mem0 MEMORY=memory-backend-memfd,size=8G,id=mem0,share=true,prealloc=false,reserve=false + IGVM_FILE=",igvm-file=$IGVM" + IGVM_OBJECT= + INIT_FLAGS=,init-flags=5 else MACHINE=q35,confidential-guest-support=sev0,memory-backend=mem0,kvm-type=protected MEMORY=memory-backend-memfd-private,size=8G,id=mem0,share=true + IGVM_OBJECT= + INIT_FLAGS=,init-flags=5 fi # Setup a disk if an image has been specified @@ -103,7 +115,8 @@ $SUDO_CMD \ -cpu EPYC-v4 \ -machine $MACHINE \ -object $MEMORY \ - -object sev-snp-guest,id=sev0,cbitpos=$C_BIT_POS,reduced-phys-bits=1,init-flags=5,igvm-file=$IGVM \ + -object sev-snp-guest,id=sev0,cbitpos=$C_BIT_POS,reduced-phys-bits=1$INIT_FLAGS$IGVM_FILE \ + $IGVM_OBJECT \ -smp 4 \ -no-reboot \ -netdev user,id=vmnic -device e1000,netdev=vmnic,romfile= \ From 05d384e2871cdb695a55bf552848c3517f77e313 Mon Sep 17 00:00:00 2001 From: Roy Hopkins Date: Fri, 19 Jul 2024 14:48:25 +0100 Subject: [PATCH 2/3] kernel/cpu/vc: Remove test_rdmsr_debug_ctl as not intercepted anymore The commit b7e4be0a224fe5 in the kernel introduces a change that means that sev-es and sev-snp guests do not now intercept the debug ctl MSR. This means for kernels that include this commit this test will always fail. This commit removes the test. The read_msr functionality is tested by the remaining test_rdmsr_apic() test case. Signed-off-by: Roy Hopkins --- kernel/src/cpu/vc.rs | 8 -------- 1 file changed, 8 deletions(-) diff --git a/kernel/src/cpu/vc.rs b/kernel/src/cpu/vc.rs index e5587a211..0ce538e95 100644 --- a/kernel/src/cpu/vc.rs +++ b/kernel/src/cpu/vc.rs @@ -510,14 +510,6 @@ mod tests { assert_eq!(apic_base & APIC_BASE_PHYS_ADDR_MASK, APIC_DEFAULT_PHYS_BASE); } - #[test] - #[cfg_attr(not(test_in_svsm), ignore = "Can only be run inside guest")] - fn test_rdmsr_debug_ctl() { - const MSR_DEBUG_CTL: u32 = 0x1d9; - let apic_base = verify_ghcb_gets_altered(|| read_msr(MSR_DEBUG_CTL)); - assert_eq!(apic_base, 0); - } - const MSR_TSC_AUX: u32 = 0xc0000103; #[test] From 05b46610e9ec18c0f442e1de5573d37561191dc3 Mon Sep 17 00:00:00 2001 From: Roy Hopkins Date: Fri, 19 Jul 2024 14:53:25 +0100 Subject: [PATCH 3/3] kernel/cpu/vc: Fix MSR_TSC_AUX tests for Genoa systems MSR_TSC_AUX is only intercepted on systems that do not support Virtual TSC_AUX, such as Milan based systems. Genoa systems do support Virtual TSC_AUX. Therefore the read_msr/write_msr tests fail on these systems. This commit replaces the read_msr/write_msr tests with MSR_APIC_BASE to test the write functionality and fixes the test for rdtscp by ignoring whether the MSR read was intercepted. Signed-off-by: Roy Hopkins --- kernel/src/cpu/vc.rs | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/kernel/src/cpu/vc.rs b/kernel/src/cpu/vc.rs index 0ce538e95..a91d841ba 100644 --- a/kernel/src/cpu/vc.rs +++ b/kernel/src/cpu/vc.rs @@ -510,14 +510,12 @@ mod tests { assert_eq!(apic_base & APIC_BASE_PHYS_ADDR_MASK, APIC_DEFAULT_PHYS_BASE); } - const MSR_TSC_AUX: u32 = 0xc0000103; - #[test] #[cfg_attr(not(test_in_svsm), ignore = "Can only be run inside guest")] - fn test_wrmsr_tsc_aux() { - let test_val = 0x1234; - verify_ghcb_gets_altered(|| write_msr(MSR_TSC_AUX, test_val)); - let readback = verify_ghcb_gets_altered(|| read_msr(MSR_TSC_AUX)); + fn test_wrmsr_apic_base() { + let test_val = read_msr(MSR_APIC_BASE); + verify_ghcb_gets_altered(|| write_msr(MSR_APIC_BASE, test_val)); + let readback = verify_ghcb_gets_altered(|| read_msr(MSR_APIC_BASE)); assert_eq!(test_val, readback); } @@ -569,8 +567,8 @@ mod tests { #[test] #[cfg_attr(not(test_in_svsm), ignore = "Can only be run inside guest")] fn test_rdtscp() { - let expected_pid = u32::try_from(verify_ghcb_gets_altered(|| read_msr(MSR_TSC_AUX))) - .expect("pid should be 32 bits"); + const MSR_TSC_AUX: u32 = 0xc0000103; + let expected_pid = u32::try_from(read_msr(MSR_TSC_AUX)).expect("pid should be 32 bits"); let RdtscpOut { timestamp: mut prev, pid,