From: Varad Gautam <varad.gautam@suse.com>
To: kvm@vger.kernel.org, pbonzini@redhat.com, drjones@redhat.com
Cc: marcorr@google.com, zxwang42@gmail.com, erdemaktas@google.com,
rientjes@google.com, seanjc@google.com, brijesh.singh@amd.com,
Thomas.Lendacky@amd.com, jroedel@suse.de, bp@suse.de,
varad.gautam@suse.com
Subject: [kvm-unit-tests 01/13] x86/efi: Allow specifying AMD SEV/SEV-ES guest launch policy
Date: Thu, 20 Jan 2022 13:51:10 +0100 [thread overview]
Message-ID: <20220120125122.4633-2-varad.gautam@suse.com> (raw)
In-Reply-To: <20220120125122.4633-1-varad.gautam@suse.com>
Make x86/efi/run check for AMDSEV envvar and set SEV/SEV-ES parameters
on the qemu cmdline.
AMDSEV can be set to `sev` or `sev-es`.
Signed-off-by: Varad Gautam <varad.gautam@suse.com>
---
x86/efi/README.md | 5 +++++
x86/efi/run | 16 ++++++++++++++++
2 files changed, 21 insertions(+)
diff --git a/x86/efi/README.md b/x86/efi/README.md
index a39f509..1222b30 100644
--- a/x86/efi/README.md
+++ b/x86/efi/README.md
@@ -30,6 +30,11 @@ the env variable `EFI_UEFI`:
EFI_UEFI=/path/to/OVMF.fd ./x86/efi/run ./x86/msr.efi
+To run the tests under AMD SEV/SEV-ES, set env variable `AMDSEV=sev` or
+`AMDSEV=sev-es`. This adds the desired guest policy to qemu command line.
+
+ AMDSEV=sev-es EFI_UEFI=/path/to/OVMF.fd ./x86/efi/run ./x86/amd_sev.efi
+
## Code structure
### Code from GNU-EFI
diff --git a/x86/efi/run b/x86/efi/run
index ac368a5..b48f626 100755
--- a/x86/efi/run
+++ b/x86/efi/run
@@ -43,6 +43,21 @@ fi
mkdir -p "$EFI_CASE_DIR"
cp "$EFI_SRC/$EFI_CASE.efi" "$EFI_CASE_BINARY"
+amdsev_opts=
+if [ -n "$AMDSEV" ]; then
+ policy=
+ if [ "$AMDSEV" = "sev" ]; then
+ policy="0x1"
+ elif [ "$AMDSEV" = "sev-es" ]; then
+ policy="0x5"
+ else
+ echo "Cannot set AMDSEV policy. AMDSEV must be one of 'sev', 'sev-es'."
+ exit 2
+ fi
+
+ amdsev_opts="-object sev-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,policy=$policy -machine memory-encryption=sev0"
+fi
+
# Run test case with 256MiB QEMU memory. QEMU default memory size is 128MiB.
# After UEFI boot up and we call `LibMemoryMap()`, the largest consecutive
# memory region is ~42MiB. Although this is sufficient for many test cases to
@@ -61,4 +76,5 @@ cp "$EFI_SRC/$EFI_CASE.efi" "$EFI_CASE_BINARY"
-nographic \
-m 256 \
"$@" \
+ $amdsev_opts \
-smp "$EFI_SMP"
--
2.32.0
next prev parent reply other threads:[~2022-01-20 12:52 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-20 12:51 [kvm-unit-tests 00/13] Add #VC exception handling for AMD SEV-ES Varad Gautam
2022-01-20 12:51 ` Varad Gautam [this message]
2022-01-20 16:18 ` [kvm-unit-tests 01/13] x86/efi: Allow specifying AMD SEV/SEV-ES guest launch policy Tom Lendacky
2022-01-30 20:04 ` Marc Orr
2022-01-20 12:51 ` [kvm-unit-tests 02/13] x86: AMD SEV-ES: Setup #VC exception handler for AMD SEV-ES Varad Gautam
2022-01-30 20:36 ` Marc Orr
2022-02-04 10:55 ` Joerg Roedel
2022-02-04 15:57 ` Marc Orr
2022-02-04 16:30 ` Sean Christopherson
2022-02-04 20:09 ` Marc Orr
2022-02-07 21:11 ` Sean Christopherson
2022-02-08 1:58 ` Marc Orr
2022-02-04 17:15 ` Joerg Roedel
2022-02-04 20:12 ` Marc Orr
2022-01-20 12:51 ` [kvm-unit-tests 03/13] x86: Move svm.h to lib/x86/ Varad Gautam
2022-01-20 12:51 ` [kvm-unit-tests 04/13] lib: x86: Import insn decoder from Linux Varad Gautam
2022-01-20 12:51 ` [kvm-unit-tests 05/13] x86: AMD SEV-ES: Pull related GHCB definitions and helpers " Varad Gautam
2022-01-20 12:51 ` [kvm-unit-tests 06/13] x86: AMD SEV-ES: Prepare for #VC processing Varad Gautam
2022-01-20 12:51 ` [kvm-unit-tests 07/13] x86: AMD SEV-ES: Handle WBINVD #VC Varad Gautam
2022-02-07 21:13 ` Sean Christopherson
2022-01-20 12:51 ` [kvm-unit-tests 08/13] lib/x86: Move xsave helpers to lib/ Varad Gautam
2022-01-20 12:51 ` [kvm-unit-tests 09/13] x86: AMD SEV-ES: Handle CPUID #VC Varad Gautam
2022-01-20 12:51 ` [kvm-unit-tests 10/13] x86: AMD SEV-ES: Handle RDTSC/RDTSCP #VC Varad Gautam
2022-02-07 21:17 ` Sean Christopherson
2022-01-20 12:51 ` [kvm-unit-tests 11/13] x86: AMD SEV-ES: Handle MSR #VC Varad Gautam
2022-01-20 12:51 ` [kvm-unit-tests 12/13] x86: AMD SEV-ES: Handle IOIO #VC Varad Gautam
2022-01-20 12:51 ` [kvm-unit-tests 13/13] x86: AMD SEV-ES: Handle string IO for " Varad Gautam
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220120125122.4633-2-varad.gautam@suse.com \
--to=varad.gautam@suse.com \
--cc=Thomas.Lendacky@amd.com \
--cc=bp@suse.de \
--cc=brijesh.singh@amd.com \
--cc=drjones@redhat.com \
--cc=erdemaktas@google.com \
--cc=jroedel@suse.de \
--cc=kvm@vger.kernel.org \
--cc=marcorr@google.com \
--cc=pbonzini@redhat.com \
--cc=rientjes@google.com \
--cc=seanjc@google.com \
--cc=zxwang42@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox