Skip to content

Commit

Permalink
CI: update integration-tdx flow for latest tdx stack
Browse files Browse the repository at this point in the history 
Update the kernel, qemu and cloud hypervisor used by the CI and
the TD launch command.

Timeout is relaxed due to the known performance regression on
kernel 6.2.

Signed-off-by: Jiaqi Gao <jiaqi.gao@intel.com>
  • Loading branch information
@gaojiaqi7
gaojiaqi7 committed Sep 1, 2023
1 parent 4cb91e4 commit 7319472
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 237 deletions.
3 changes: 2 additions & 1 deletion .github/workflows/integration-tdx.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,8 @@ jobs:
bash sh_script/integration_tdx.sh -c 2 -m 4G -f target/release/final-boot-kernel.bin
bash sh_script/integration_tdx.sh -c 4 -m 8G -f target/release/final-boot-kernel.bin
bash sh_script/integration_tdx.sh -c 8 -m 16G -f target/release/final-boot-kernel.bin
bash sh_script/integration_tdx.sh -c 16 -m 32G -f target/release/final-boot-kernel.bin
bash sh_script/integration_tdx.sh -c 16 -m 16G -f target/release/final-boot-kernel.bin
# bash sh_script/integration_tdx.sh -c 16 -m 32G -f target/release/final-boot-kernel.bin
- name: Build ELF format payload with test TD payload
run: bash sh_script/build_final.sh elf_test
Expand Down
21 changes: 12 additions & 9 deletions sh_script/integration_tdx.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ nohup_logfile="${temp_dir}/nohup.log"
guest_image="/home/env/guest_img/td-guest.raw"
kernel="/home/env/kernel_img/vmlinuz"
cloud_hypervisor_tdx_path="/home/env/cloud-hypervisor/target/release/cloud-hypervisor"
qemu_tdx_path="/usr/libexec/qemu-kvm"
qemu_tdx_path="/usr/local/bin/qemu-system-x86_64"

firmware=""
type="pe"
Expand Down Expand Up @@ -112,12 +112,13 @@ check_result() {

launch_td_os() {
echo "-- launch td os"
local time_out=60
local time_out=90
local key_str1="login:"
local key_str2="Guest initialized"

nohup ${cloud_hypervisor_tdx_path} -v \
--tdx firmware=${firmware} \
--platform tdx=on \
--firmware ${firmware} \
--memory size=${memory} \
--cpus boot=${cpus} \
--kernel ${kernel} \
Expand All @@ -138,17 +139,18 @@ launch_td_os() {

launch_td_test_payload() {
echo "-- launch td test payload"
local time_out=10
local time_out=90
local key_str="0 failed"

nohup ${qemu_tdx_path} -accel kvm \
-name process=rust-td,debug-threads=on \
-smp ${cpus},sockets=${cpus} \
-object tdx-guest,id=tdx,debug=on \
-machine q35,kvm-type=tdx,pic=no,kernel_irqchip=split,confidential-guest-support=tdx \
-object memory-backend-memfd-private,id=ram1,size=${memory} \
-machine q35,memory-backend=ram1,kernel_irqchip=split,confidential-guest-support=tdx \
-no-hpet \
-cpu host,pmu=off,-kvm-steal-time \
-device loader,file=${firmware},id=fd0 \
-bios ${firmware} \
-m ${memory} -nographic -vga none \
-chardev stdio,id=mux,mux=on,signal=off \
-device virtio-serial,romfile= \
Expand All @@ -169,17 +171,18 @@ launch_td_test_payload() {

test_secure_boot() {
echo "-- secure boot test"
local time_out=10
local time_out=90
local key_str="Starting td-payload hob"

nohup ${qemu_tdx_path} -accel kvm \
-name process=rust-td,debug-threads=on \
-smp ${cpus},sockets=${cpus} \
-object tdx-guest,id=tdx,debug=on \
-machine q35,kvm-type=tdx,pic=no,kernel_irqchip=split,confidential-guest-support=tdx \
-object memory-backend-memfd-private,id=ram1,size=${memory} \
-machine q35,memory-backend=ram1,kernel_irqchip=split,confidential-guest-support=tdx \
-no-hpet \
-cpu host,pmu=off,-kvm-steal-time \
-device loader,file=${firmware},id=fd0 \
-bios ${firmware} \
-m ${memory} -nographic -vga none \
-chardev stdio,id=mux,mux=on,signal=off \
-device virtio-serial,romfile= \
Expand Down
227 changes: 0 additions & 227 deletions sh_script/integration_tdx_15.sh
View file

This file was deleted.

0 comments on commit 7319472

Please sign in to comment.