Skip to content

Commit

Permalink
vmsa: implement build subcommand
Browse files Browse the repository at this point in the history
Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
  • Loading branch information
tylerfanelli committed May 18, 2022
1 parent 0ade197 commit 379230b
Show file tree
Hide file tree
Showing 5 changed files with 640 additions and 4 deletions.
62 changes: 58 additions & 4 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,11 @@ is-it-maintained-open-issues = { repository = "virtee/sevctl" }

[dependencies]
sev = { git = "https://github.com/virtee/sev.git", branch = "main", features = ["openssl"] }
serde = { version = "1.0", features = ["derive"] }
# serde_json is just for the example, not required in general
serde_json = "1.0"
serde-big-array = "0.4.1"
bincode = "1.3.3"
structopt = "0.3"
codicon = "3.0"
colorful = "0.2.1"
Expand All @@ -32,3 +37,4 @@ native-tls = "0.2"
url = "2.2"
base64 = "0.13.0"
openssl = "0.10"
uuid = "1.0.0"
9 changes: 9 additions & 0 deletions src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,7 @@ mod error;
mod http;
mod ok;
mod session;
mod vmsa;

use error::{Contextual, Result};

Expand All @@ -122,6 +123,8 @@ use std::path::PathBuf;
use std::process::exit;
use std::time::Duration;

use crate::vmsa::*;

const VERSION: &str = env!("CARGO_PKG_VERSION");
const AUTHORS: &str = env!("CARGO_PKG_AUTHORS");

Expand Down Expand Up @@ -216,6 +219,9 @@ enum SevctlCmd {
#[structopt(long, parse(from_os_str), help = "Read CA chain from specified file")]
ca: Option<PathBuf>,
},

#[structopt(about = "VMSA-related subcommands")]
Vmsa(VmsaCmd),
}

fn download(url: &str, usage: Usage) -> Result<sev::Certificate> {
Expand Down Expand Up @@ -321,6 +327,9 @@ fn main() {
SevctlCmd::Session { name, pdh, policy } => session::cmd(name, pdh, policy),
SevctlCmd::Show { cmd } => show::cmd(cmd),
SevctlCmd::Verify { sev, oca, ca } => verify::cmd(sevctl.quiet, sev, oca, ca),
SevctlCmd::Vmsa(option) => match option {
VmsaCmd::Build(args) => vmsa::build::cmd(args),
},
};

if let Err(err) = status {
Expand Down
49 changes: 49 additions & 0 deletions src/vmsa/build.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
// SPDX-License-Identifier: Apache-2.0

use std::fs;
use std::mem::size_of;
use std::slice::from_raw_parts_mut;

use crate::error::Contextual;
use crate::{BuildUpdateCmdArgs, Ovmf, UserspaceVmm, Vmsa};

pub fn cmd(args: BuildUpdateCmdArgs) -> super::Result<()> {
let mut vmsa = Vmsa::default();
vmsa.init_amd64();
vmsa.init_kvm();
match args.userspace {
UserspaceVmm::Qemu => vmsa.init_qemu(args.cpu),
UserspaceVmm::Krun => vmsa.init_krun(args.cpu),
};

let family: u64 = args.family.unwrap_or(0);
let model: u64 = args.model.unwrap_or(0);
let stepping: u64 = args.stepping.unwrap_or(0);

if family > 0 || model > 0 || stepping > 0 {
vmsa.cpu_sku(family, model, stepping);
}

if let Some(fw) = args.firmware {
let mut ovmf = Ovmf::default();
ovmf.load(fw)
.context("error loading firmware blob entries in OVMF")?;

if args.userspace == UserspaceVmm::Qemu && args.cpu != 0 {
let ovmf_reset_addr = ovmf
.reset_addr()
.context("error getting OVMF reset address")?;

vmsa.reset_addr(ovmf_reset_addr);
}
}

let vmsa: &mut [u8] =
unsafe { from_raw_parts_mut(&vmsa as *const Vmsa as *mut u8, size_of::<Vmsa>()) };
let buf: &mut [u8] = &mut [0; 4096];
buf[..size_of::<Vmsa>()].copy_from_slice(vmsa);

fs::write(args.filename, buf).context("could not write VMSA buffer")?;

Ok(())
}
Loading

0 comments on commit 379230b

Please sign in to comment.